diff options
author | Greg Hudson <ghudson@mit.edu> | 2011-10-04 20:16:07 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2011-10-04 20:16:07 +0000 |
commit | cbb4ede6d5a939f39f3325ad040406ac05c99713 (patch) | |
tree | 70eb9e23b1ac63b45b0596ec70609d742fde45d2 /src/kdc/kdc_util.h | |
parent | a046e6135690f97adfa6bb4065d7367cf6142c40 (diff) | |
download | krb5-cbb4ede6d5a939f39f3325ad040406ac05c99713.tar.gz krb5-cbb4ede6d5a939f39f3325ad040406ac05c99713.tar.xz krb5-cbb4ede6d5a939f39f3325ad040406ac05c99713.zip |
Create e_data as pa_data in KDC interfaces
All current known uses of e_data are encoded as pa-data or typed-data.
FAST requires that e_data be expressed as pa-data. Change the DAL and
kdcpreauth interfaces so that e_data is returned as a sequence of
pa-data elements. Add a preauth module flag to indicate that the
sequence should be encoded as typed-data in non-FAST errors.
ticket: 6969
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25298 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc/kdc_util.h')
-rw-r--r-- | src/kdc/kdc_util.h | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h index 296d3e9fa..e0be83fe6 100644 --- a/src/kdc/kdc_util.h +++ b/src/kdc/kdc_util.h @@ -74,7 +74,7 @@ kdc_get_server_key (krb5_ticket *, unsigned int, int validate_as_request (krb5_kdc_req *, krb5_db_entry, krb5_db_entry, krb5_timestamp, - const char **, krb5_data *); + const char **, krb5_pa_data ***); int validate_forwardable(krb5_kdc_req *, krb5_db_entry, @@ -84,7 +84,7 @@ validate_forwardable(krb5_kdc_req *, krb5_db_entry, int validate_tgs_request (krb5_kdc_req *, krb5_db_entry, krb5_ticket *, krb5_timestamp, - const char **, krb5_data *); + const char **, krb5_pa_data ***); int fetch_asn1_field (unsigned char *, unsigned int, unsigned int, krb5_data *); @@ -151,12 +151,12 @@ kdc_err(krb5_context call_context, errcode_t code, const char *fmt, ...) int against_local_policy_as (krb5_kdc_req *, krb5_db_entry, krb5_db_entry, krb5_timestamp, - const char **, krb5_data *); + const char **, krb5_pa_data ***); int against_local_policy_tgs (krb5_kdc_req *, krb5_db_entry, krb5_ticket *, const char **, - krb5_data *); + krb5_pa_data ***); /* kdc_preauth.c */ krb5_boolean @@ -170,7 +170,7 @@ void get_preauth_hint_list (krb5_kdc_req * request, krb5_db_entry *client, krb5_db_entry *server, - krb5_data *e_data); + krb5_pa_data ***e_data_out); void load_preauth_plugins(krb5_context context); void @@ -179,12 +179,11 @@ unload_preauth_plugins(krb5_context context); typedef void (*kdc_preauth_respond_fn)(void *arg, krb5_error_code code); void -check_padata (krb5_context context, - krb5_db_entry *client, krb5_data *req_pkt, - krb5_kdc_req *request, - krb5_enc_tkt_part *enc_tkt_reply, - void **padata_context, krb5_data *e_data, - kdc_preauth_respond_fn respond, void *state); +check_padata (krb5_context context, krb5_db_entry *client, krb5_data *req_pkt, + krb5_kdc_req *request, krb5_enc_tkt_part *enc_tkt_reply, + void **padata_context, krb5_pa_data ***e_data, + krb5_boolean *typed_e_data, kdc_preauth_respond_fn respond, + void *state); krb5_error_code return_padata (krb5_context context, krb5_db_entry *client, |