diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-10-04 20:16:07 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-10-04 20:16:07 +0000 |
| commit | cbb4ede6d5a939f39f3325ad040406ac05c99713 (patch) | |
| tree | 70eb9e23b1ac63b45b0596ec70609d742fde45d2 /src/include/kdb.h | |
| parent | a046e6135690f97adfa6bb4065d7367cf6142c40 (diff) | |
| download | krb5-cbb4ede6d5a939f39f3325ad040406ac05c99713.tar.gz krb5-cbb4ede6d5a939f39f3325ad040406ac05c99713.tar.xz krb5-cbb4ede6d5a939f39f3325ad040406ac05c99713.zip | |
Create e_data as pa_data in KDC interfaces
All current known uses of e_data are encoded as pa-data or typed-data.
FAST requires that e_data be expressed as pa-data. Change the DAL and
kdcpreauth interfaces so that e_data is returned as a sequence of
pa-data elements. Add a preauth module flag to indicate that the
sequence should be encoded as typed-data in non-FAST errors.
ticket: 6969
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25298 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/include/kdb.h')
| -rw-r--r-- | src/include/kdb.h | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/include/kdb.h b/src/include/kdb.h index 809722eda3..78f786f3b9 100644 --- a/src/include/kdb.h +++ b/src/include/kdb.h @@ -69,7 +69,7 @@ /* This version will be incremented when incompatible changes are made to the * KDB API, and will be kept in sync with the libkdb major version. */ -#define KRB5_KDB_API_VERSION 5 +#define KRB5_KDB_API_VERSION 6 /* Salt types */ #define KRB5_KDB_SALTTYPE_NORMAL 0 @@ -640,14 +640,14 @@ krb5_error_code krb5_db_check_policy_as(krb5_context kcontext, krb5_db_entry *server, krb5_timestamp kdc_time, const char **status, - krb5_data *e_data); + krb5_pa_data ***e_data); krb5_error_code krb5_db_check_policy_tgs(krb5_context kcontext, krb5_kdc_req *request, krb5_db_entry *server, krb5_ticket *ticket, const char **status, - krb5_data *e_data); + krb5_pa_data ***e_data); void krb5_db_audit_as_req(krb5_context kcontext, krb5_kdc_req *request, krb5_db_entry *client, krb5_db_entry *server, @@ -796,7 +796,7 @@ krb5_dbe_free_string(krb5_context, char *); * This number indicates the date of the last incompatible change to the DAL. * The maj_ver field of the module's vtable structure must match this version. */ -#define KRB5_KDB_DAL_MAJOR_VERSION 2 +#define KRB5_KDB_DAL_MAJOR_VERSION 3 /* * A krb5_context can hold one database object. Modules should use @@ -1269,7 +1269,7 @@ typedef struct _kdb_vftabl { krb5_db_entry *server, krb5_timestamp kdc_time, const char **status, - krb5_data *e_data); + krb5_pa_data ***e_data); /* * Optional: Perform a policy check on a TGS request, in addition to the @@ -1286,7 +1286,7 @@ typedef struct _kdb_vftabl { krb5_db_entry *server, krb5_ticket *ticket, const char **status, - krb5_data *e_data); + krb5_pa_data ***e_data); /* * Optional: This method informs the module of a successful or unsuccessful |