oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Make handling of replying e_data more generic, from metze.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20277 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-02-22 02:01:12 +00:00
parent 21ddb4aee9
commit 81a108b1d0
1 changed files with 12 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
kdc/kerberos5.c
View File

@@ -913,6 +913,7 @@ _kdc_as_rep(krb5_context context,
KDCOptions f = b->kdc_options; KDCOptions f = b->kdc_options;
hdb_entry_ex *client = NULL, *server = NULL; hdb_entry_ex *client = NULL, *server = NULL;
krb5_enctype cetype, setype, sessionetype; krb5_enctype cetype, setype, sessionetype;
krb5_data e_data;
EncTicketPart et; EncTicketPart et;
EncKDCRepPart ek; EncKDCRepPart ek;
krb5_principal client_princ = NULL, server_princ = NULL; krb5_principal client_princ = NULL, server_princ = NULL;
@@ -928,6 +929,7 @@ _kdc_as_rep(krb5_context context,
#endif #endif
memset(&rep, 0, sizeof(rep)); memset(&rep, 0, sizeof(rep));
krb5_data_zero(&e_data);
if (f.canonicalize) if (f.canonicalize)
flags |= HDB_F_CANON; flags |= HDB_F_CANON;
@@ -1234,7 +1236,6 @@ _kdc_as_rep(krb5_context context,
PA_DATA *pa; PA_DATA *pa;
unsigned char *buf; unsigned char *buf;
size_t len; size_t len;
krb5_data foo_data;
use_pa: use_pa:
method_data.len = 0; method_data.len = 0;
@@ -1274,25 +1275,17 @@ _kdc_as_rep(krb5_context context,
ASN1_MALLOC_ENCODE(METHOD_DATA, buf, len, &method_data, &len, ret); ASN1_MALLOC_ENCODE(METHOD_DATA, buf, len, &method_data, &len, ret);
free_METHOD_DATA(&method_data); free_METHOD_DATA(&method_data);
foo_data.data = buf;
foo_data.length = len; e_data.data = buf;
e_data.length = len;
e_text ="Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ",
ret = KRB5KDC_ERR_PREAUTH_REQUIRED; ret = KRB5KDC_ERR_PREAUTH_REQUIRED;
krb5_mk_error(context,
ret,
"Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ",
&foo_data,
client_princ,
server_princ,
NULL,
NULL,
reply);
free(buf);
kdc_log(context, config, 0, kdc_log(context, config, 0,
"No preauth found, returning PREAUTH-REQUIRED -- %s", "No preauth found, returning PREAUTH-REQUIRED -- %s",
client_name); client_name);
ret = 0; goto out;
goto out2;
} }
/* /*
@@ -1705,7 +1698,7 @@ out:
krb5_mk_error(context, krb5_mk_error(context,
ret, ret,
e_text, e_text,
NULL, (e_data.data ? &e_data : NULL),
client_princ, client_princ,
server_princ, server_princ,
NULL, NULL,
@@ -1713,11 +1706,12 @@ out:
reply); reply);
ret = 0; ret = 0;
} }
out2:
#ifdef PKINIT #ifdef PKINIT
if (pkp) if (pkp)
_kdc_pk_free_client_param(context, pkp); _kdc_pk_free_client_param(context, pkp);
#endif #endif
if (e_data.data)
free(e_data.data);
if (client_princ) if (client_princ)
krb5_free_principal(context, client_princ); krb5_free_principal(context, client_princ);
free(client_name); free(client_name);