diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/krb5/asn.1/KRB5-asn.py | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/lib/krb5/asn.1/KRB5-asn.py b/src/lib/krb5/asn.1/KRB5-asn.py index 37fad99f9..d3b760734 100644 --- a/src/lib/krb5/asn.1/KRB5-asn.py +++ b/src/lib/krb5/asn.1/KRB5-asn.py @@ -238,8 +238,19 @@ EncAPRepPart ::= SEQUENCE { cmsec[1] INTEGER } +-- Ick... due to the bogus stuff generated by this ASN.1 compiler, we +-- need to assemble the TGS request in a mutant fashion. The checksum +-- in the authenticator in the header in the TGS-REQ must be computed +-- over the encoding of the rest of the message. +-- RealTGS-REQ is encoded and then put as an octet string into the TGS-REQ. +-- Likewise with the AP-REQ header. + TGS-REQ ::= [APPLICATION 5] SEQUENCE { - header[0] AP-REQ, + header[0] OCTET STRING, -- encoded AP-REQ + tgs-request[1] OCTET STRING -- encoded RealTGS-REQ +} + +RealTGS-REQ ::= SEQUENCE { pvno[1] INTEGER, msg-type[2] INTEGER, kdc-options[3] KDCOptions, |