From 81a108b1d0d79fef7d25f9dd70d40120e6bad06e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Thu, 22 Feb 2007 02:01:12 +0000
Subject: [PATCH] Make handling of replying e_data more generic, from metze.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20277 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/kerberos5.c | 30 ++++++++++++------------------
 1 file changed, 12 insertions(+), 18 deletions(-)

diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index 65d62080d..f91d69f73 100644
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -913,6 +913,7 @@ _kdc_as_rep(krb5_context context,
     KDCOptions f = b->kdc_options;
     hdb_entry_ex *client = NULL, *server = NULL;
     krb5_enctype cetype, setype, sessionetype;
+    krb5_data e_data;
     EncTicketPart et;
     EncKDCRepPart ek;
     krb5_principal client_princ = NULL, server_princ = NULL;
@@ -928,6 +929,7 @@ _kdc_as_rep(krb5_context context,
 #endif
 
     memset(&rep, 0, sizeof(rep));
+    krb5_data_zero(&e_data);
 
     if (f.canonicalize)
 	flags |= HDB_F_CANON;
@@ -1234,7 +1236,6 @@ _kdc_as_rep(krb5_context context,
 	PA_DATA *pa;
 	unsigned char *buf;
 	size_t len;
-	krb5_data foo_data;
 
     use_pa: 
 	method_data.len = 0;
@@ -1274,25 +1275,17 @@ _kdc_as_rep(krb5_context context,
 	
 	ASN1_MALLOC_ENCODE(METHOD_DATA, buf, len, &method_data, &len, ret);
 	free_METHOD_DATA(&method_data);
-	foo_data.data   = buf;
-	foo_data.length = len;
-	
+
+	e_data.data   = buf;
+	e_data.length = len;
+	e_text ="Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ",
+
 	ret = KRB5KDC_ERR_PREAUTH_REQUIRED;
-	krb5_mk_error(context,
-		      ret,
-		      "Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ",
-		      &foo_data,
-		      client_princ,
-		      server_princ,
-		      NULL,
-		      NULL,
-		      reply);
-	free(buf);
+
 	kdc_log(context, config, 0,
 		"No preauth found, returning PREAUTH-REQUIRED -- %s",
 		client_name);
-	ret = 0;
-	goto out2;
+	goto out;
     }
     
     /*
@@ -1705,7 +1698,7 @@ out:
 	krb5_mk_error(context,
 		      ret,
 		      e_text,
-		      NULL,
+		      (e_data.data ? &e_data : NULL),
 		      client_princ,
 		      server_princ,
 		      NULL,
@@ -1713,11 +1706,12 @@ out:
 		      reply);
 	ret = 0;
     }
-out2:
 #ifdef PKINIT
     if (pkp)
 	_kdc_pk_free_client_param(context, pkp);
 #endif
+    if (e_data.data)
+        free(e_data.data);
     if (client_princ)
 	krb5_free_principal(context, client_princ);
     free(client_name);