} else {
enc_tkt_reply.times.renew_till = 0;
}
-
+ if (isflagset(header_enc_tkt->flags, TKT_FLG_ANONYMOUS))
+ setflag(enc_tkt_reply.flags, TKT_FLG_ANONYMOUS);
/*
* Set authtime to be the same as header or evidence ticket's
*/
int type;
#define AUTHDATA_FLAG_CRITICAL 0x1
#define AUTHDATA_FLAG_PRE_PLUGIN 0x2
+#define AUTHDATA_FLAG_ANONYMOUS 0x4 /*Use this plugin even for anonymous tickets*/
int flags;
void *plugin_context;
init_proc init;
/* Propagate client-submitted authdata */
"tgs_req",
AUTHDATA_SYSTEM_V2,
- AUTHDATA_FLAG_CRITICAL | AUTHDATA_FLAG_PRE_PLUGIN,
+ AUTHDATA_FLAG_CRITICAL | AUTHDATA_FLAG_PRE_PLUGIN|AUTHDATA_FLAG_ANONYMOUS,
NULL,
NULL,
NULL,
/* Propagate TGT authdata */
"tgt",
AUTHDATA_SYSTEM_V2,
- AUTHDATA_FLAG_CRITICAL,
+ AUTHDATA_FLAG_CRITICAL|AUTHDATA_FLAG_ANONYMOUS,
NULL,
NULL,
NULL,
for (i = 0; i < n_authdata_systems; i++) {
const krb5_authdata_systems *asys = &authdata_systems[i];
+ if (isflagset(enc_tkt_reply->flags, TKT_FLG_ANONYMOUS) &&
+ !isflagset(asys->flags, AUTHDATA_FLAG_ANONYMOUS))
+ continue;
switch (asys->type) {
case AUTHDATA_SYSTEM_V0:
projects / thirdparty / krb5.git / commitdiff
