diff options
author | Greg Hudson <ghudson@mit.edu> | 2010-07-12 18:33:05 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2010-07-12 18:33:05 +0000 |
commit | 62880787886fadd5dfb8f350779369795319fa21 (patch) | |
tree | 95929508bb2658fbdd806b1520207bda04e6cd32 /src/kdc/kdc_authdata.c | |
parent | e282eb6f8f054dab3b1749687dbbb037b0a97257 (diff) | |
download | krb5-62880787886fadd5dfb8f350779369795319fa21.zip krb5-62880787886fadd5dfb8f350779369795319fa21.tar.gz krb5-62880787886fadd5dfb8f350779369795319fa21.tar.bz2 |
Add sign_authdata to the DAL table with a corresponding libkdb5 API,
replacing the SIGN_AUTH_DATA method of db_invoke.
ticket: 6749
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24182 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc/kdc_authdata.c')
-rw-r--r-- | src/kdc/kdc_authdata.c | 21 |
1 files changed, 7 insertions, 14 deletions
diff --git a/src/kdc/kdc_authdata.c b/src/kdc/kdc_authdata.c index 90deae5..f46fa15 100644 --- a/src/kdc/kdc_authdata.c +++ b/src/kdc/kdc_authdata.c @@ -680,7 +680,7 @@ handle_kdb_authdata (krb5_context context, krb5_enc_tkt_part *enc_tkt_reply) { krb5_error_code code; - krb5_authdata **db_authdata = NULL; + krb5_authdata **tgt_authdata, **db_authdata = NULL; krb5_boolean tgs_req = (request->msg_type == KRB5_TGS_REQ); krb5_const_principal actual_client; @@ -720,19 +720,12 @@ handle_kdb_authdata (krb5_context context, else actual_client = enc_tkt_reply->client; - code = sign_db_authdata(context, - flags, - actual_client, - client, - server, - krbtgt, - client_key, - server_key, /* U2U or server key */ - krbtgt_key, - enc_tkt_reply->times.authtime, - tgs_req ? enc_tkt_request->authorization_data : NULL, - enc_tkt_reply->session, - &db_authdata); + tgt_authdata = tgs_req ? enc_tkt_request->authorization_data : NULL; + code = krb5_db_sign_authdata(context, flags, actual_client, client, + server, krbtgt, client_key, server_key, + krbtgt_key, enc_tkt_reply->session, + enc_tkt_reply->times.authtime, tgt_authdata, + &db_authdata); if (code == 0) { code = merge_authdata(context, db_authdata, |