svn commit: samba r21447 - in branches/SAMBA_4_0/source/heimdal/kdc: .

metze at samba.org metze at samba.org
Mon Feb 19 13:38:11 GMT 2007 

Author: metze
Date: 2007-02-19 13:38:11 +0000 (Mon, 19 Feb 2007)
New Revision: 21447

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21447

Log:
make handling of replying e_data more generic

love: please merge this

metze
Modified:
   branches/SAMBA_4_0/source/heimdal/kdc/kerberos5.c


Changeset:
Modified: branches/SAMBA_4_0/source/heimdal/kdc/kerberos5.c
===================================================================
--- branches/SAMBA_4_0/source/heimdal/kdc/kerberos5.c	2007-02-19 13:30:07 UTC (rev 21446)
+++ branches/SAMBA_4_0/source/heimdal/kdc/kerberos5.c	2007-02-19 13:38:11 UTC (rev 21447)
@@ -915,6 +915,7 @@
     char *client_name = NULL, *server_name = NULL;
     krb5_error_code ret = 0;
     const char *e_text = NULL;
+    krb5_data e_data;
     krb5_crypto crypto;
     Key *ckey, *skey;
     EncryptionKey *reply_key;
@@ -923,6 +924,7 @@
 #endif
 
     memset(&rep, 0, sizeof(rep));
+    memset(&e_data, 0, sizeof(e_data));
 
     if(b->sname == NULL){
 	ret = KRB5KRB_ERR_GENERIC;
@@ -1208,7 +1210,6 @@
 	PA_DATA *pa;
 	unsigned char *buf;
 	size_t len;
-	krb5_data foo_data;
 
     use_pa: 
 	method_data.len = 0;
@@ -1248,25 +1249,17 @@
 	
 	ASN1_MALLOC_ENCODE(METHOD_DATA, buf, len, &method_data, &len, ret);
 	free_METHOD_DATA(&method_data);
-	foo_data.data   = buf;
-	foo_data.length = len;
-	
+
+	e_data.data   = buf;
+	e_data.length = len;
+	e_text ="Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ",
 	ret = KRB5KDC_ERR_PREAUTH_REQUIRED;
-	krb5_mk_error(context,
-		      ret,
-		      "Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ",
-		      &foo_data,
-		      client_princ,
-		      server_princ,
-		      NULL,
-		      NULL,
-		      reply);
-	free(buf);
+
 	kdc_log(context, config, 0,
 		"No preauth found, returning PREAUTH-REQUIRED -- %s",
 		client_name);
-	ret = 0;
-	goto out2;
+
+	goto out;
     }
     
     /*
@@ -1615,7 +1608,7 @@
 	krb5_mk_error(context,
 		      ret,
 		      e_text,
-		      NULL,
+		      (e_data.data ? &e_data : NULL),
 		      client_princ,
 		      server_princ,
 		      NULL,
@@ -1623,11 +1616,12 @@
 		      reply);
 	ret = 0;
     }
-out2:
 #ifdef PKINIT
     if (pkp)
 	_kdc_pk_free_client_param(context, pkp);
 #endif
+    if (e_data.data)
+        free(e_data.data);
     if (client_princ)
 	krb5_free_principal(context, client_princ);
     free(client_name);

More information about the samba-cvs mailing list