oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

adapt to heim_integer changes

Browse Source 
merge certificate/private_key to a user_id


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13721 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2004-04-15 23:44:02 +00:00
parent abc38c3ab4
commit eac2949b39
1 changed files with 38 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
kdc/pkinit.c
View File

@@ -587,6 +587,20 @@ pk_rd_padata(krb5_context context,
* *
*/ */
static krb5_error_code
BN_to_integer(krb5_context context, BIGNUM *bn, heim_integer *integer)
{
integer->length = BN_num_bytes(bn);
integer->data = malloc(integer->length);
if (integer->data == NULL) {
krb5_clear_error_string(context);
return ENOMEM;
}
BN_bn2bin(bn, integer->data);
integer->negative = bn->neg;
return 0;
}
static krb5_error_code static krb5_error_code
pk_mk_pa_reply_enckey(krb5_context context, pk_mk_pa_reply_enckey(krb5_context context,
pk_client_params *client_params, pk_client_params *client_params,
@@ -698,14 +712,23 @@ pk_mk_pa_reply_enckey(krb5_context context,
ri->rid.u.issuerAndSerialNumber.issuer.length = buf.length; ri->rid.u.issuerAndSerialNumber.issuer.length = buf.length;
serial = &ri->rid.u.issuerAndSerialNumber.serialNumber; serial = &ri->rid.u.issuerAndSerialNumber.serialNumber;
OPENSSL_ASN1_MALLOC_ENCODE(ASN1_INTEGER, {
serial->data, ASN1_INTEGER *isn;
serial->length, BIGNUM *bn;
X509_get_serialNumber(client_params->certificate->cert),
ret); isn = X509_get_serialNumber(client_params->certificate->cert);
if (ret) { bn = ASN1_INTEGER_to_BN(isn, NULL);
krb5_clear_error_string(context); if (bn == NULL) {
goto out; ret = ENOMEM;
krb5_clear_error_string(context);
goto out;
}
ret = BN_to_integer(context, bn, serial);
BN_free(bn);
if (ret) {
krb5_clear_error_string(context);
goto out;
}
} }
{ {
@@ -1031,9 +1054,7 @@ add_principal_mapping(const char *principal_name, const char * subject)
krb5_error_code krb5_error_code
pk_initialize(const char *cert_file, pk_initialize(const char *user_id, const char *x509_anchors)
const char *key_file,
const char *ca_dir)
{ {
const krb5_config_binding *binding; const krb5_config_binding *binding;
krb5_error_code ret; krb5_error_code ret;
@@ -1043,9 +1064,8 @@ pk_initialize(const char *cert_file,
ret = _krb5_pk_load_openssl_id(context, ret = _krb5_pk_load_openssl_id(context,
&kdc_identity, &kdc_identity,
cert_file, user_id,
key_file, x509_anchors,
ca_dir,
NULL, NULL,
NULL); NULL);
if (ret) { if (ret) {
@@ -1055,10 +1075,10 @@ pk_initialize(const char *cert_file,
} }
binding = krb5_config_get_list(context, binding = krb5_config_get_list(context,
NULL, NULL,
"kdc", "kdc",
"pki-allowed-principals", "pki-allowed-principals",
NULL); NULL);
while (binding) { while (binding) {
if (binding->type != krb5_config_string) if (binding->type != krb5_config_string)
continue; continue;