diff options
author | Greg Hudson <ghudson@mit.edu> | 2019-08-07 17:51:17 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2019-08-26 20:18:40 -0400 |
commit | 7196c03f18f14695abeb5ae4923004469b172f0f (patch) | |
tree | 13d1eb6163015b8ad140edbebee0252c1b7979b6 /src/lib/kdb | |
parent | 570967e11bd5ea60a82fc8157ad7d07602402ebb (diff) | |
download | krb5-7196c03f18f14695abeb5ae4923004469b172f0f.zip krb5-7196c03f18f14695abeb5ae4923004469b172f0f.tar.gz krb5-7196c03f18f14695abeb5ae4923004469b172f0f.tar.bz2 |
Allow the KDB to see and modify auth indicators
Amend the sign_authdata method signature to include a modifiable
auth_indicators array. Bump the DAL major version and the libkdb5
soname. Add a test case using the test KDB module.
ticket: 8823 (new)
Diffstat (limited to 'src/lib/kdb')
-rw-r--r-- | src/lib/kdb/Makefile.in | 2 | ||||
-rw-r--r-- | src/lib/kdb/kdb5.c | 10 |
2 files changed, 4 insertions, 8 deletions
diff --git a/src/lib/kdb/Makefile.in b/src/lib/kdb/Makefile.in index b77bf49..25da081 100644 --- a/src/lib/kdb/Makefile.in +++ b/src/lib/kdb/Makefile.in @@ -5,7 +5,7 @@ LOCALINCLUDES= -I. # Keep LIBMAJOR in sync with KRB5_KDB_API_VERSION in include/kdb.h. LIBBASE=kdb5 -LIBMAJOR=9 +LIBMAJOR=10 LIBMINOR=0 LIBINITFUNC=kdb_init_lock_list LIBFINIFUNC=kdb_fini_lock_list diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index b910bd3..3058b47 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -323,12 +323,7 @@ copy_vtable(const kdb_vftabl *in, kdb_vftabl *out) out->refresh_config = in->refresh_config; out->check_allowed_to_delegate = in->check_allowed_to_delegate; out->free_principal_e_data = in->free_principal_e_data; - - /* Copy fields for minor version 1 (major version 7). */ - assert(KRB5_KDB_DAL_MAJOR_VERSION == 7); - out->get_s4u_x509_principal = NULL; - if (in->min_ver >= 1) - out->get_s4u_x509_principal = in->get_s4u_x509_principal; + out->get_s4u_x509_principal = in->get_s4u_x509_principal; /* Set defaults for optional fields. */ if (out->fetch_master_key == NULL) @@ -2599,6 +2594,7 @@ krb5_db_sign_authdata(krb5_context kcontext, unsigned int flags, krb5_keyblock *client_key, krb5_keyblock *server_key, krb5_keyblock *krbtgt_key, krb5_keyblock *session_key, krb5_timestamp authtime, krb5_authdata **tgt_auth_data, + krb5_data ***auth_indicators, krb5_authdata ***signed_auth_data) { krb5_error_code status = 0; @@ -2613,7 +2609,7 @@ krb5_db_sign_authdata(krb5_context kcontext, unsigned int flags, return v->sign_authdata(kcontext, flags, client_princ, client, server, krbtgt, client_key, server_key, krbtgt_key, session_key, authtime, tgt_auth_data, - signed_auth_data); + auth_indicators, signed_auth_data); } krb5_error_code |