kdc: Provide extended error information in AS-REP error replies.

This change utilizes the addition of the e_data parameter to the
   windc_plugin in the heimdal code to pass extended information back
   to the client.  The extended information is provided in an e-data
   block as part of the kerberos error message, and allows the client
   to determine which specific error condition occurred.

From Andrew Kroeger and Andrew Bartlet


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22693 ec53bebd-3082-4978-b11e-865c3cabbd6b

kdc/kerberos5.c

@@ -1050,7 +1050,7 @@ _kdc_as_rep(krb5_context context,
 	goto out;
     }
 
-    ret = _kdc_windc_client_access(context, client, req);
+    ret = _kdc_windc_client_access(context, client, req, &e_data);
     if(ret)
 	goto out;
 

kdc/windc.c

@@ -101,9 +101,10 @@ _kdc_pac_verify(krb5_context context,
 krb5_error_code
 _kdc_windc_client_access(krb5_context context,
 			 struct hdb_entry_ex *client,
-			 KDC_REQ *req)
+			 KDC_REQ *req,
+			 krb5_data *e_data)
 {
     if (windcft == NULL)
 	return 0;
-    return (windcft->client_access)(windcctx, context, client, req);
+    return (windcft->client_access)(windcctx, context, client, req, e_data);
 }

kdc/windc_plugin.h

@@ -64,10 +64,10 @@ typedef krb5_error_code
 
 typedef krb5_error_code 
 (*krb5plugin_windc_client_access)(
-    void *, krb5_context, struct hdb_entry_ex *, KDC_REQ *);
+    void *, krb5_context, struct hdb_entry_ex *, KDC_REQ *, krb5_data *);
 
 
-#define KRB5_WINDC_PLUGING_MINOR		2
+#define KRB5_WINDC_PLUGING_MINOR		3
 
 typedef struct krb5plugin_windc_ftable {
     int			minor_version;