Frank Cusack's patches, first two sets. Should be no incompatible changes,

except perhaps for a client talking to both a new and old KDC?  Several
improvements to guard against replay attacks when hardware preauth is in use,
though they require re-enabling the USE_RCACHE code, which I haven't done yet.

Several changes of mine for silencing a few compiler warnings, and adding some
debugging log messages while I track what's going on with the preauth code.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12010 dc483132-0cff-0310-8789-dd5450dbe970

1 files changed, 1 insertions, 0 deletions

diff --git a/src/kdc/extern.c b/src/kdc/extern.c
index 1c636e03e..fa3e0af43 100644
--- a/src/kdc/extern.c
+++ b/src/kdc/extern.c
@@ -36,6 +36,7 @@ kdc_realm_t	*kdc_active_realm = (kdc_realm_t *) NULL;
 krb5_data empty_string = {0, 0, ""};
 krb5_timestamp kdc_infinity = KRB5_INT32_MAX; /* XXX */
 krb5_rcache	kdc_rcache = (krb5_rcache) NULL;
+krb5_keyblock	psr_key;
 
 volatile int signal_requests_exit = 0;	/* gets set when signal hits */
 volatile int signal_requests_hup = 0;   /* ditto */