oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Use EXTRACT_TICKET_* flags, support canonicalize.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20228 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-02-16 03:33:25 +00:00
parent 581074386c
commit fbfd45f8e4
1 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
lib/krb5/init_creds_pw.c
View File

@@ -330,6 +330,8 @@ get_init_creds_common(krb5_context context,
ctx->addrs = &no_addrs; ctx->addrs = &no_addrs;
break; break;
} }
if (options->opt_private->canonicalize)
ctx->flags.canonicalize = 1;
} }
if (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) { if (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) {
etypes = malloc((options->etype_list_length + 1) etypes = malloc((options->etype_list_length + 1)
@@ -1347,6 +1349,15 @@ init_cred_loop(krb5_context context,
{ {
krb5_keyblock *key = NULL; krb5_keyblock *key = NULL;
unsigned flags = 0;
if (ctx->flags.request_anonymous)
flags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH;
if (ctx->flags.canonicalize) {
flags |= EXTRACT_TICKET_ALLOW_CNAME_MISMATCH;
flags |= EXTRACT_TICKET_ALLOW_SERVER_MISMATCH;
flags |= EXTRACT_TICKET_MATCH_REALM;
}
ret = process_pa_data_to_key(context, ctx, creds, ret = process_pa_data_to_key(context, ctx, creds,
&ctx->as_req, &rep, hi, &key); &ctx->as_req, &rep, hi, &key);
@@ -1361,8 +1372,7 @@ init_cred_loop(krb5_context context,
KRB5_KU_AS_REP_ENC_PART, KRB5_KU_AS_REP_ENC_PART,
NULL, NULL,
ctx->nonce, ctx->nonce,
FALSE, flags,
ctx->flags.request_anonymous,
NULL, NULL,
NULL); NULL);
krb5_free_keyblock(context, key); krb5_free_keyblock(context, key);