diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-03-11 04:03:12 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:56:58 -0500 |
commit | b7afac2b834674e20f303c3a03b4ac7bb283695e (patch) | |
tree | 4828afb0cf5bc89f0063d3225d0f15cc01cd2012 /source4/heimdal/kdc/pkinit.c | |
parent | 64b619cefe99c833297f2a635db06bd186843481 (diff) | |
download | samba-b7afac2b834674e20f303c3a03b4ac7bb283695e.tar.gz samba-b7afac2b834674e20f303c3a03b4ac7bb283695e.tar.bz2 samba-b7afac2b834674e20f303c3a03b4ac7bb283695e.zip |
r14198: Update Samba4 to current lorikeet-heimdal.
Andrew Bartlett
(This used to be commit 97a0a0e2fa6784e5fc5278f7a15b385ddcb6a3b3)
Diffstat (limited to 'source4/heimdal/kdc/pkinit.c')
-rwxr-xr-x | source4/heimdal/kdc/pkinit.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/source4/heimdal/kdc/pkinit.c b/source4/heimdal/kdc/pkinit.c index 83c379825c..67934c0745 100755 --- a/source4/heimdal/kdc/pkinit.c +++ b/source4/heimdal/kdc/pkinit.c @@ -33,7 +33,7 @@ #include "kdc_locl.h" -RCSID("$Id: pkinit.c,v 1.49 2005/10/21 17:14:19 lha Exp $"); +RCSID("$Id: pkinit.c,v 1.50 2006/02/13 11:48:21 lha Exp $"); #ifdef PKINIT @@ -175,13 +175,17 @@ pk_check_pkauthenticator(krb5_context context, return ret; } - if (a->paChecksum.length != checksum.checksum.length || - memcmp(a->paChecksum.data, checksum.checksum.data, - checksum.checksum.length) != 0) - { + if (a->paChecksum == NULL) { + krb5_clear_error_string(context); + ret = KRB5_KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED; + goto out; + } + + if (heim_octet_string_cmp(a->paChecksum, &checksum.checksum) != 0) { krb5_clear_error_string(context); ret = KRB5KRB_ERR_GENERIC; } +out: free_Checksum(&checksum); return ret; @@ -1122,7 +1126,7 @@ krb5_error_code _kdc_pk_mk_pa_reply(krb5_context context, krb5_kdc_configuration *config, pk_client_params *client_params, - const hdb_entry *client, + const hdb_entry_ex *client, const KDC_REQ *req, const krb5_data *req_buffer, krb5_keyblock **reply_key, @@ -1379,7 +1383,7 @@ krb5_error_code _kdc_pk_check_client(krb5_context context, krb5_kdc_configuration *config, krb5_principal client_princ, - const hdb_entry *client, + const hdb_entry_ex *client, pk_client_params *client_params, char **subject_name) { |