iakerb_initiator_step() must pass through most KRB-ERROR messages in
order to properly handle recoverable AS and TGS errors such as
KDC_ERR_PREAUTH_REQUIRED. Only stop on IAKERB errors.
[ghudson@mit.edu: changed code to check for com_err codes instead of
protocol codes; changed iakerb_acceptor_realm() to respond with an
IAKERB error when realm determination fails and modified test case
accordingly; added a test case by requiring preauth on the user
principal when testing IAKERB; rewrote commit message]
projects / thirdparty / krb5.git / commit
