From 451814cb328d2c8f135aba7214d93d9a1c3d5acc Mon Sep 17 00:00:00 2001 From: Sam Hartman Date: Fri, 1 Oct 2010 17:12:41 +0000 Subject: Add an error to be returned by a preauth mechanism indicating that the KDC should not respond to a packet * Do not generate an error response in this case * Drop a TCP connection if we are not going to respond to it. kdc: add KRB5KDC_ERR_DISCARD git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24406 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/apputils/net-server.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/lib/apputils') diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c index 9d3daea40e..c63ab8e36b 100644 --- a/src/lib/apputils/net-server.c +++ b/src/lib/apputils/net-server.c @@ -1759,6 +1759,8 @@ process_tcp_connection(void *handle, struct connection *conn, const char *prog, com_err(prog, err, "while dispatching (tcp)"); goto kill_tcp_connection; } + if (conn->u.tcp.response == NULL) + goto kill_tcp_connection; have_response: queue_tcp_outgoing_response(conn); FD_CLR(conn->fd, &sstate.rfds); -- cgit