Modifications supplied by Ari Medvinsky to include the authorization
authorTheodore Tso <tytso@mit.edu>
Wed, 1 Sep 1993 19:03:28 +0000 (19:03 +0000)
committerTheodore Tso <tytso@mit.edu>
Wed, 1 Sep 1993 19:03:28 +0000 (19:03 +0000)
data field in the authenticator.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2639 dc483132-0cff-0310-8789-dd5450dbe970

src/include/krb5/func-proto.h
src/include/krb5/krb5.h
src/lib/krb5/asn.1/auth2kauth.c
src/lib/krb5/asn.1/kauth2auth.c
src/lib/krb5/free/f_authent.c
src/lib/krb5/krb/copy_athctr.c
src/lib/krb5/krb/mk_req_ext.c

index 468e83e20fd8689157f2d199af5f3c231f4f17aa..a1f3bc211859ca6e870d2d65146374efbdec65b6 100644 (file)
@@ -442,6 +442,12 @@ krb5_error_code krb5_recvauth PROTOTYPE((krb5_pointer,
                                         krb5_authenticator **));
 
 
+krb5_error_code  
+krb5_generate_authenticator PROTOTYPE(( krb5_authenticator *,
+                                      const krb5_creds *,
+                                      const krb5_checksum *, krb5_keyblock *,
+                                      krb5_int32, krb5_authdata ** ));
+
 #ifdef NARROW_PROTOTYPES
 krb5_error_code krb5_walk_realm_tree
     PROTOTYPE((const krb5_data *,
index 86eda61a2cd533ae0aa409fee9b5117db0eadad6..c7c082cc969bd85042f2322f56cb9ad74c45c501 100644 (file)
@@ -95,6 +95,7 @@ typedef struct _krb5_authenticator {
     krb5_timestamp ctime;              /* client sec portion */
     krb5_keyblock *subkey;             /* true session key, optional */
     krb5_int32 seq_number;             /* sequence #, optional */
+    krb5_authdata **authorization_data; /* New add by Ari, auth data */
 } krb5_authenticator;
 
 typedef struct _krb5_tkt_authent {
index 50cf1662a83413461c111bc3f5cec2916390ab8a..5b44441a6034949c1371fc117855f2e06e7d35ea 100644 (file)
@@ -86,5 +86,14 @@ register int *error;
     if (val->optionals & opt_KRB5_Authenticator_seq__number) {
        retval->seq_number = val->seq__number;
     }
+    if (val->authorization__data) {
+       retval->authorization_data =
+           KRB5_AuthorizationData2krb5_authdata(val->authorization__data,
+                                                error);
+       if (!retval->authorization_data) {
+           krb5_free_authenticator(retval);
+           return(0);
+       }
+    }
     return(retval);
 }
index a6f0d0da746063e2cc790a91c7eaf517734f1712..c3e94dc2f3ab93b2cb135666d7f99425eb7a88e8 100644 (file)
@@ -87,5 +87,12 @@ register int *error;
        retval->seq__number = val->seq_number;
        retval->optionals |= opt_KRB5_Authenticator_seq__number;
     }
+    if (val->authorization_data && *val->authorization_data) {
+       retval->authorization__data =
+           krb5_authdata2KRB5_AuthorizationData(val->authorization_data, error);
+       if (!retval->authorization__data) {
+           goto errout;
+       }
+    }
     return(retval);
 }
index 90f3dad5824052f31072f98598ef145dde8dd6fe..4e399b567c68cc30e8a48bd2b1316a51b9cbd7a1 100644 (file)
@@ -44,6 +44,8 @@ krb5_authenticator *val;
        krb5_free_principal(val->client);
     if (val->subkey)
        krb5_free_keyblock(val->subkey);
+    if (val->authorization_data)        
+       krb5_free_authdata(val->authorization_data);
     xfree(val);
     return;
 }
index f2fa627d06c4c9abfa3a1224e62f94c1fb6d5451..28a51387394743bfe9f522a9c33ee546b87b50c2 100644 (file)
@@ -70,6 +70,19 @@ krb5_authenticator **authto;
            }
     }
     
+    if (authfrom->authorization_data) {
+               retval = krb5_copy_authdata(authfrom->authorization_data,
+                                   &tempto->authorization_data);
+               if (retval) {
+                   xfree(tempto->subkey);
+                   krb5_free_checksum(tempto->checksum);
+                   krb5_free_principal(tempto->client);    
+                   krb5_free_authdata(tempto->authorization_data);
+                   xfree(tempto);
+                   return retval;
+               }
+    }
+
     *authto = tempto;
     return 0;
 }
index a9fe8a2d48e5a1f732ddff643e28216aaa2b5a93..eed4df7d7c9cc6b5294dc56bada6b2f66b981dba 100644 (file)
@@ -70,11 +70,6 @@ static char rcsid_mk_req_ext_c[] =
 
  returns system errors
 */
-static krb5_error_code generate_authenticator PROTOTYPE((krb5_authenticator *,
-                                                        const krb5_creds *,
-                                                        const krb5_checksum *,
-                                                        krb5_keyblock *,
-                                                        krb5_int32 ));
 
 krb5_error_code
 krb5_mk_req_extended(ap_req_options, checksum, kdc_options,
@@ -130,9 +125,9 @@ krb5_data *outbuf;
        }
     }
 #define cleanup_key() {if (newkey) krb5_free_keyblock(*newkey);}
-    if (retval = generate_authenticator(&authent, creds, checksum,
-                                       newkey ? *newkey : 0,
-                                       sequence)) {
+    if (retval = krb5_generate_authenticator(&authent, creds, checksum,
+                                            newkey ? *newkey : 0,
+                                            sequence, creds->authdata)) {
        cleanup_key();
        cleanup_ticket();
        return retval;
@@ -231,17 +226,19 @@ request.authenticator.ciphertext.data = 0;}
 }
 
 static krb5_error_code
-generate_authenticator(authent, creds, cksum, key, seq_number)
+krb5_generate_authenticator(authent, creds, cksum, key, seq_number, authorization)
 krb5_authenticator *authent;
 const krb5_creds *creds;
 const krb5_checksum *cksum;
 krb5_keyblock *key;
 krb5_int32 seq_number;
+krb5_authdata **authorization;
 {
     authent->client = creds->client;
     authent->checksum = (krb5_checksum *)cksum;
     authent->subkey = key;
     authent->seq_number = seq_number;
+    authent->authorization_data = authorization;
 
     return(krb5_us_timeofday(&authent->ctime, &authent->cusec));
 }