Add PA-REDHAT-PASSKEY padata type

Recognize the Red Hat passkey preauth mechanism in trace messages, and
add a declaration for it in krb5.h.

[ghudson@mit.edu: edited comment and commit message]

ticket: 9093 (new)

diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst
index db9891838ea580bd1f0fd742fa14dc229567e249..45fe160d7fb1e6980260eff31da2db2032f266b3 100644 (file)
--- a/doc/appdev/refs/macros/index.rst
+++ b/doc/appdev/refs/macros/index.rst
@@ -287,6 +287,7 @@ Public
    KRB5_PADATA_SESAME.rst
    KRB5_PADATA_SPAKE.rst
    KRB5_PADATA_REDHAT_IDP_OAUTH2.rst
+   KRB5_PADATA_REDHAT_PASSKEY.rst
    KRB5_PADATA_SVR_REFERRAL_INFO.rst
    KRB5_PADATA_TGS_REQ.rst
    KRB5_PADATA_USE_SPECIFIED_KVNO.rst

diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index c89b7405bc392594dcaba25efd5f0f274607a5e3..9c76780181e161584cabd17129e0d91f26736aab 100644 (file)
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -1848,6 +1848,7 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype,
 #define KRB5_PADATA_AS_FRESHNESS        150 /**< RFC 8070 */
 #define KRB5_PADATA_SPAKE               151
 #define KRB5_PADATA_REDHAT_IDP_OAUTH2   152 /**< Red Hat IdP mechanism */
+#define KRB5_PADATA_REDHAT_PASSKEY      153 /**< Red Hat Passkey mechanism */
 #define KRB5_PADATA_PAC_OPTIONS         167 /**< MS-KILE and MS-SFU */
 
 #define KRB5_SAM_USE_SAD_AS_KEY         0x80000000

diff --git a/src/lib/krb5/os/trace.c b/src/lib/krb5/os/trace.c
index 5f64ca8d6dfdd267a06403226595c8e13e95d5bc..4cbbbb270ae48623b27adf4258ec350a668ff60b 100644 (file)
--- a/src/lib/krb5/os/trace.c
+++ b/src/lib/krb5/os/trace.c
@@ -165,6 +165,7 @@ padata_type_string(krb5_preauthtype type)
     case KRB5_PADATA_AS_FRESHNESS: return "PA_AS_FRESHNESS";
     case KRB5_PADATA_SPAKE: return "PA-SPAKE";
     case KRB5_PADATA_REDHAT_IDP_OAUTH2: return "PA-REDHAT-IDP-OAUTH2";
+    case KRB5_PADATA_REDHAT_PASSKEY: return "PA-REDHAT-PASSKEY";
     default: return NULL;
     }
 }