#endif
#endif /* APPLE_PKINIT */
-static krb5_error_code prepare_error_as (krb5_kdc_req *, int, krb5_data *,
+static krb5_error_code prepare_error_as (struct kdc_request_state *, krb5_kdc_req *, int, krb5_data *,
krb5_principal, krb5_data **,
const char *);
if (errcode < 0 || errcode > 128)
errcode = KRB_ERR_GENERIC;
- errcode = prepare_error_as(request, errcode, &e_data,
+ errcode = prepare_error_as(state, request, errcode, &e_data,
c_nprincs ? client.princ : NULL,
response, status);
status = 0;
}
static krb5_error_code
-prepare_error_as (krb5_kdc_req *request, int error, krb5_data *e_data,
+prepare_error_as (struct kdc_request_state *rstate, krb5_kdc_req *request, int error, krb5_data *e_data,
krb5_principal canon_client, krb5_data **response,
const char *status)
{
krb5_error errpkt;
krb5_error_code retval;
krb5_data *scratch;
+ krb5_pa_data **pa = NULL;
+ krb5_typed_data **td = NULL;
+ size_t size;
errpkt.ctime = request->nonce;
errpkt.cusec = 0;
errpkt.e_data.length = 0;
errpkt.e_data.data = NULL;
}
-
+ /*We need to try and produce a padata sequence for FAST*/
+ retval = decode_krb5_padata_sequence(e_data, &pa);
+ if (retval != 0) {
+ retval = decode_krb5_typed_data(e_data, &td);
+ if (retval == 0) {
+ for (size =0; td[size]; size++);
+ pa = calloc(size+1, sizeof(*pa));
+ if (pa == NULL)
+ retval = ENOMEM;
+ else for (size = 0; td[size]; size++) {
+ krb5_pa_data *pad = malloc(sizeof(krb5_pa_data *));
+ if (pad == NULL) {
+ retval = ENOMEM;
+ break;
+ }
+ pad->pa_type = td[size]->type;
+ pad->contents = td[size]->data;
+ pad->length = td[size]->length;
+ pa[size] = pad;
+ }
+ krb5_free_typed_data(kdc_context, td);
+ }
+ }
+ retval = kdc_fast_handle_error(kdc_context, rstate,
+ pa, &errpkt);
+ if (retval == 0)
retval = krb5_mk_error(kdc_context, &errpkt, scratch);
free(errpkt.text.data);
if (retval)
free(scratch);
else
*response = scratch;
-
+ krb5_free_pa_data(kdc_context, pa);
return retval;
}
projects / thirdparty / krb5.git / commitdiff
