diff options
author | Zhanna Tsitkov <tsitkova@mit.edu> | 2013-04-18 14:56:39 -0400 |
---|---|---|
committer | Zhanna Tsitkov <tsitkova@mit.edu> | 2013-04-18 15:03:12 -0400 |
commit | d7d74867952fdd7335f22981c66a67a61dc6e434 (patch) | |
tree | f304214d5b6d276deef95ddc5b0d4957251a6199 | |
parent | 3a447c5a8c95758501cf5a20c161a2d735a02f6d (diff) | |
download | krb5-d7d74867952fdd7335f22981c66a67a61dc6e434.tar.gz krb5-d7d74867952fdd7335f22981c66a67a61dc6e434.tar.xz krb5-d7d74867952fdd7335f22981c66a67a61dc6e434.zip |
Use macro for IANA assigned PA-AS-CHECKSUM number
Replace numeric value '132' by the macro KRB5_PADATA_AS_CHECKSUM
in preauth plugin.
-rw-r--r-- | src/include/krb5/krb5.hin | 1 | ||||
-rw-r--r-- | src/plugins/preauth/pkinit/pkinit_clnt.c | 2 | ||||
-rw-r--r-- | src/plugins/preauth/pkinit/pkinit_srv.c | 7 |
3 files changed, 6 insertions, 4 deletions
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin index 97810b5c8f..757b621ae9 100644 --- a/src/include/krb5/krb5.hin +++ b/src/include/krb5/krb5.hin @@ -1812,6 +1812,7 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, #define KRB5_PADATA_PAC_REQUEST 128 /**< include Windows PAC */ #define KRB5_PADATA_FOR_USER 129 /**< username protocol transition request */ #define KRB5_PADATA_S4U_X509_USER 130 /**< certificate protocol transition request */ +#define KRB5_PADATA_AS_CHECKSUM 132 /**< AS checksum */ #define KRB5_PADATA_FX_COOKIE 133 #define KRB5_PADATA_FX_FAST 136 #define KRB5_PADATA_FX_ERROR 137 diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c index 75b97c6a80..ff564ff86b 100644 --- a/src/plugins/preauth/pkinit/pkinit_clnt.c +++ b/src/plugins/preauth/pkinit/pkinit_clnt.c @@ -198,7 +198,7 @@ pa_pkinit_gen_req(krb5_context context, */ if ((return_pa_data[0]->pa_type == KRB5_PADATA_PK_AS_REP_OLD && reqctx->opts->win2k_require_cksum) || (longhorn == 1)) { - return_pa_data[1]->pa_type = 132; + return_pa_data[1]->pa_type = KRB5_PADATA_AS_CHECKSUM; return_pa_data[1]->length = 0; return_pa_data[1]->contents = NULL; } else { diff --git a/src/plugins/preauth/pkinit/pkinit_srv.c b/src/plugins/preauth/pkinit/pkinit_srv.c index 0f5ab32c59..40ac8f97fb 100644 --- a/src/plugins/preauth/pkinit/pkinit_srv.c +++ b/src/plugins/preauth/pkinit/pkinit_srv.c @@ -863,13 +863,14 @@ pkinit_server_return_padata(krb5_context context, goto cleanup; } - /* check if PA_TYPE of 132 is present which means the client is - * requesting that a checksum is send back instead of the nonce + /* check if PA_TYPE of KRB5_PADATA_AS_CHECKSUM (132) is present which + * means the client is requesting that a checksum is send back instead + * of the nonce. */ for (i = 0; request->padata[i] != NULL; i++) { pkiDebug("%s: Checking pa_type 0x%08x\n", __FUNCTION__, request->padata[i]->pa_type); - if (request->padata[i]->pa_type == 132) + if (request->padata[i]->pa_type == KRB5_PADATA_AS_CHECKSUM) fixed_keypack = 1; } pkiDebug("%s: return checksum instead of nonce = %d\n", |