diff options
| author | Nathaniel McCallum <npmccallum@redhat.com> | 2013-09-09 14:23:56 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2014-06-02 17:58:26 -0400 |
| commit | bb89afd7c59deea855d2818fe36ef7472b4abf2e (patch) | |
| tree | d5e010a26e547c0fdd45ae3608ac3066bfb15f7f /src/include | |
| parent | d0be57ac45ea639baa3cff0dd2108c34e834bfa7 (diff) | |
| download | krb5-bb89afd7c59deea855d2818fe36ef7472b4abf2e.zip krb5-bb89afd7c59deea855d2818fe36ef7472b4abf2e.tar.gz krb5-bb89afd7c59deea855d2818fe36ef7472b4abf2e.tar.bz2 | |
Add ASN.1 codec for KKDCP's KDC-PROXY-MESSAGE
Handle encoding and decoding [MS-KKDCP] proxy messages, including
handling of the additional length bytes. Early versions of [MS-KKDCP]
incorrectly omit that the size of the proxied message is prepended to
the proxied message, as it is when we're using plain TCP, before
encoding the proxy-message structure. This is fixed at least as of
version 2.1 of the spec.
[nalin@redhat.com: add tests]
ticket: 7929
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/k5-int.h | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 096cd14..8f039ee 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -518,6 +518,12 @@ typedef struct _krb5_pa_otp_req { krb5_data vendor; } krb5_pa_otp_req; +typedef struct _krb5_kkdcp_message { + krb5_data kerb_message; + krb5_data target_domain; + krb5_int32 dclocator_hint; +} krb5_kkdcp_message; + #include <stdlib.h> #include <string.h> @@ -898,6 +904,7 @@ void k5_free_otp_tokeninfo(krb5_context context, krb5_otp_tokeninfo *val); void k5_free_pa_otp_challenge(krb5_context context, krb5_pa_otp_challenge *val); void k5_free_pa_otp_req(krb5_context context, krb5_pa_otp_req *val); +void k5_free_kkdcp_message(krb5_context context, krb5_kkdcp_message *val); /* #include "krb5/wordsize.h" -- comes in through base-defs.h. */ #include "com_err.h" @@ -1438,6 +1445,9 @@ encode_krb5_pa_otp_req(const krb5_pa_otp_req *, krb5_data **); krb5_error_code encode_krb5_pa_otp_enc_req(const krb5_data *, krb5_data **); +krb5_error_code +encode_krb5_kkdcp_message(const krb5_kkdcp_message *, krb5_data **); + /************************************************************************* * End of prototypes for krb5_encode.c *************************************************************************/ @@ -1608,6 +1618,9 @@ decode_krb5_pa_otp_req(const krb5_data *, krb5_pa_otp_req **); krb5_error_code decode_krb5_pa_otp_enc_req(const krb5_data *, krb5_data **); +krb5_error_code +decode_krb5_kkdcp_message(const krb5_data *, krb5_kkdcp_message **); + struct _krb5_key_data; /* kdb.h */ struct ldap_seqof_key_data { |