diff options
author | Andrew Bartlett <abartlet@samba.org> | 2009-08-05 11:25:50 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2009-08-05 12:18:17 +1000 |
commit | cd1d7f4be7d31388ab79c797acaf6d7730113112 (patch) | |
tree | 3d25e28089d1cffa5d7dadca529e29b936681607 /source4/heimdal/kdc/pkinit.c | |
parent | 8bba340e65e84ee09a7da4d97bc7838d3eefbb15 (diff) | |
download | samba-cd1d7f4be7d31388ab79c797acaf6d7730113112.tar.gz samba-cd1d7f4be7d31388ab79c797acaf6d7730113112.tar.bz2 samba-cd1d7f4be7d31388ab79c797acaf6d7730113112.zip |
s4:heimdal: import lorikeet-heimdal-200908050050 (commit 8714779fa7376fd9f7761587639e68b48afc8c9c)
This also adds a new hdb-glue.c file, to cope with Heimdal's
uncondtional enabling of SQLITE.
(Very reasonable, but not required for Samba4's use).
Andrew Bartlett
Diffstat (limited to 'source4/heimdal/kdc/pkinit.c')
-rw-r--r-- | source4/heimdal/kdc/pkinit.c | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/source4/heimdal/kdc/pkinit.c b/source4/heimdal/kdc/pkinit.c index 644eae0fe4..0d00ef2173 100644 --- a/source4/heimdal/kdc/pkinit.c +++ b/source4/heimdal/kdc/pkinit.c @@ -284,7 +284,7 @@ generate_dh_keyblock(krb5_context context, dh_gen_keylen = ECDH_compute_key(dh_gen_key, size, EC_KEY_get0_public_key(client_params->u.ecdh.public_key), client_params->u.ecdh.key, NULL); - ret = 0; + #endif /* HAVE_OPENSSL */ } else { ret = KRB5KRB_ERR_GENERIC; @@ -1450,8 +1450,10 @@ _kdc_pk_mk_pa_reply(krb5_context context, ret = krb5_generate_random_keyblock(context, sessionetype, sessionkey); - if (ret) + if (ret) { + free(buf); goto out; + } } else krb5_abortx(context, "PK-INIT internal error"); @@ -1981,12 +1983,14 @@ _kdc_pk_initialize(krb5_context context, hx509_name name; char *str; ret = hx509_cert_get_subject(cert, &name); - hx509_name_to_string(name, &str); - krb5_warnx(context, "WARNING Found KDC certificate (%s)" - "is missing the PK-INIT KDC EKU, this is bad for " - "interoperability.", str); - hx509_name_free(&name); - free(str); + if (ret == 0) { + hx509_name_to_string(name, &str); + krb5_warnx(context, "WARNING Found KDC certificate (%s)" + "is missing the PK-INIT KDC EKU, this is bad for " + "interoperability.", str); + hx509_name_free(&name); + free(str); + } } hx509_cert_free(cert); } else |