diff options
author | Stefan Metzmacher <metze@samba.org> | 2007-02-19 13:38:11 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:48:37 -0500 |
commit | 544e17896eb52efea904be2bcd821185c6d1b4c9 (patch) | |
tree | c83360d8fc9288547963d5693ede7065a9cd63c9 /source4/heimdal | |
parent | eaaf246d4fa42df5e590ee5bfe54e672abd26b02 (diff) | |
download | samba-544e17896eb52efea904be2bcd821185c6d1b4c9.tar.gz samba-544e17896eb52efea904be2bcd821185c6d1b4c9.tar.bz2 samba-544e17896eb52efea904be2bcd821185c6d1b4c9.zip |
r21447: make handling of replying e_data more generic
love: please merge this
metze
(This used to be commit 3e4ff2de9c57170d275adf54ffa00ac81253a714)
Diffstat (limited to 'source4/heimdal')
-rw-r--r-- | source4/heimdal/kdc/kerberos5.c | 30 |
1 files changed, 12 insertions, 18 deletions
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index dbea7e3268..3d45c1099c 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -915,6 +915,7 @@ _kdc_as_rep(krb5_context context, char *client_name = NULL, *server_name = NULL; krb5_error_code ret = 0; const char *e_text = NULL; + krb5_data e_data; krb5_crypto crypto; Key *ckey, *skey; EncryptionKey *reply_key; @@ -923,6 +924,7 @@ _kdc_as_rep(krb5_context context, #endif memset(&rep, 0, sizeof(rep)); + memset(&e_data, 0, sizeof(e_data)); if(b->sname == NULL){ ret = KRB5KRB_ERR_GENERIC; @@ -1208,7 +1210,6 @@ _kdc_as_rep(krb5_context context, PA_DATA *pa; unsigned char *buf; size_t len; - krb5_data foo_data; use_pa: method_data.len = 0; @@ -1248,25 +1249,17 @@ _kdc_as_rep(krb5_context context, ASN1_MALLOC_ENCODE(METHOD_DATA, buf, len, &method_data, &len, ret); free_METHOD_DATA(&method_data); - foo_data.data = buf; - foo_data.length = len; - + + e_data.data = buf; + e_data.length = len; + e_text ="Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ", ret = KRB5KDC_ERR_PREAUTH_REQUIRED; - krb5_mk_error(context, - ret, - "Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ", - &foo_data, - client_princ, - server_princ, - NULL, - NULL, - reply); - free(buf); + kdc_log(context, config, 0, "No preauth found, returning PREAUTH-REQUIRED -- %s", client_name); - ret = 0; - goto out2; + + goto out; } /* @@ -1615,7 +1608,7 @@ out: krb5_mk_error(context, ret, e_text, - NULL, + (e_data.data ? &e_data : NULL), client_princ, server_princ, NULL, @@ -1623,11 +1616,12 @@ out: reply); ret = 0; } -out2: #ifdef PKINIT if (pkp) _kdc_pk_free_client_param(context, pkp); #endif + if (e_data.data) + free(e_data.data); if (client_princ) krb5_free_principal(context, client_princ); free(client_name); |