diff options
author | Luke Howard <lukeh@padl.com> | 2009-08-07 21:13:03 +0000 |
---|---|---|
committer | Luke Howard <lukeh@padl.com> | 2009-08-07 21:13:03 +0000 |
commit | 97b548d8714ade512f566e633b449c1a5d8b04c6 (patch) | |
tree | aadb1c28496ece97a1de1cda9a94b67597b3a765 | |
parent | 6a53cd6163fe45dba8176dcf3ef10b950b293639 (diff) | |
download | krb5-97b548d8714ade512f566e633b449c1a5d8b04c6.zip krb5-97b548d8714ade512f566e633b449c1a5d8b04c6.tar.gz krb5-97b548d8714ade512f566e633b449c1a5d8b04c6.tar.bz2 |
cleanup
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/s4u@22503 dc483132-0cff-0310-8789-dd5450dbe970
-rw-r--r-- | src/kdc/kdc_util.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 33286d1..88196ad 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -1915,19 +1915,14 @@ kdc_process_s4u2self_rep(krb5_context context, memset(&rep_s4u_user, 0, sizeof(rep_s4u_user)); rep_s4u_user.user_id.nonce = reply_encpart->nonce; - rep_s4u_user.user_id.user = req_s4u_user->user_id.user; /* XXX canon? */ + rep_s4u_user.user_id.user = req_s4u_user->user_id.user; rep_s4u_user.user_id.options = req_s4u_user->user_id.options & - ( KRB5_S4U_OPTS_CHECK_LOGON_HOURS | KRB5_S4U_OPTS_USE_REPLY_KEY_USAGE); + (KRB5_S4U_OPTS_CHECK_LOGON_HOURS | KRB5_S4U_OPTS_USE_REPLY_KEY_USAGE); code = encode_krb5_s4u_userid(&rep_s4u_user.user_id, &data); if (code != 0) goto cleanup; - if (tgs_subkey != NULL) - enctype = tgs_subkey->enctype; - else - enctype = tgs_session->enctype; - if (req_s4u_user->user_id.options & KRB5_S4U_OPTS_USE_REPLY_KEY_USAGE) usage = KRB5_KEYUSAGE_PA_S4U_X509_USER_REPLY; else @@ -1959,6 +1954,11 @@ kdc_process_s4u2self_rep(krb5_context context, free(data); data = NULL; + if (tgs_subkey != NULL) + enctype = tgs_subkey->enctype; + else + enctype = tgs_session->enctype; + if (!enctype_requires_etype_info_2(enctype)) { padata.length = req_s4u_user->cksum.length + rep_s4u_user.cksum.length; padata.contents = (krb5_octet *)malloc(padata.length); @@ -2086,7 +2086,7 @@ kdc_process_s4u2self_req(krb5_context context, return code; } - if ((*s4u_x509_user)->user_id.user == NULL || + if (krb5_princ_size(context, (*s4u_x509_user)->user_id.user) == 0 || (*s4u_x509_user)->user_id.subject_cert.length != 0) { *status = "INVALID_S4U2SELF_REQUEST"; krb5_free_pa_s4u_x509_user(context, *s4u_x509_user); |