diff options
author | Sam Hartman <hartmans@mit.edu> | 2009-12-02 16:16:19 +0000 |
---|---|---|
committer | Sam Hartman <hartmans@mit.edu> | 2009-12-02 16:16:19 +0000 |
commit | 6770c3eadf86f06e1b9c0f4e6e9f19da581508d5 (patch) | |
tree | 624d81c03c372033eeb1d404abe70a4165d8530c /src/kdc/kdc_preauth.c | |
parent | dff020edc6d720068c69b4d4f720fc8e1c0f7cf6 (diff) | |
download | krb5-6770c3eadf86f06e1b9c0f4e6e9f19da581508d5.zip krb5-6770c3eadf86f06e1b9c0f4e6e9f19da581508d5.tar.gz krb5-6770c3eadf86f06e1b9c0f4e6e9f19da581508d5.tar.bz2 |
Implement KDC side of protected negotiation:
* Move return_enc_padata so reply key is available
* Include checksum of reply if requested
* export encode_krb5_checksum so we can call it from the KDC
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/fast-negotiate@23412 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc/kdc_preauth.c')
-rw-r--r-- | src/kdc/kdc_preauth.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c index 5266012..83d92b0 100644 --- a/src/kdc/kdc_preauth.c +++ b/src/kdc/kdc_preauth.c @@ -3066,6 +3066,7 @@ include_pac_p(krb5_context context, krb5_kdc_req *request) krb5_error_code return_enc_padata(krb5_context context, krb5_data *req_pkt, krb5_kdc_req *request, + krb5_keyblock *reply_key, krb5_db_entry *server, krb5_enc_kdc_rep_part *reply_encpart) { @@ -3081,13 +3082,10 @@ return_enc_padata(krb5_context context, if (reply_encpart->enc_padata == NULL) { return ENOMEM; } - - tl_data.tl_data_type = KRB5_TL_SVR_REFERRAL_DATA; - code = krb5_dbe_lookup_tl_data(context, server, &tl_data); if (code || tl_data.tl_data_length == 0) - return 0; /* no server referrals to return */ + goto negotiate; /* no server referrals to return */ pa_data = (krb5_pa_data *)malloc(sizeof(*pa_data)); if (pa_data == NULL) @@ -3105,8 +3103,9 @@ return_enc_padata(krb5_context context, reply_encpart->enc_padata[idx++] = pa_data; reply_encpart->enc_padata[1] = NULL; - - return 0; +negotiate: + return kdc_handle_protected_negotiation(req_pkt, request, reply_key, + reply_encpart->enc_padata, &idx); } #if 0 |