krb5_authenticator **));
+krb5_error_code
+krb5_generate_authenticator PROTOTYPE(( krb5_authenticator *,
+ const krb5_creds *,
+ const krb5_checksum *, krb5_keyblock *,
+ krb5_int32, krb5_authdata ** ));
+
#ifdef NARROW_PROTOTYPES
krb5_error_code krb5_walk_realm_tree
PROTOTYPE((const krb5_data *,
krb5_timestamp ctime; /* client sec portion */
krb5_keyblock *subkey; /* true session key, optional */
krb5_int32 seq_number; /* sequence #, optional */
+ krb5_authdata **authorization_data; /* New add by Ari, auth data */
} krb5_authenticator;
typedef struct _krb5_tkt_authent {
if (val->optionals & opt_KRB5_Authenticator_seq__number) {
retval->seq_number = val->seq__number;
}
+ if (val->authorization__data) {
+ retval->authorization_data =
+ KRB5_AuthorizationData2krb5_authdata(val->authorization__data,
+ error);
+ if (!retval->authorization_data) {
+ krb5_free_authenticator(retval);
+ return(0);
+ }
+ }
return(retval);
}
retval->seq__number = val->seq_number;
retval->optionals |= opt_KRB5_Authenticator_seq__number;
}
+ if (val->authorization_data && *val->authorization_data) {
+ retval->authorization__data =
+ krb5_authdata2KRB5_AuthorizationData(val->authorization_data, error);
+ if (!retval->authorization__data) {
+ goto errout;
+ }
+ }
return(retval);
}
krb5_free_principal(val->client);
if (val->subkey)
krb5_free_keyblock(val->subkey);
+ if (val->authorization_data)
+ krb5_free_authdata(val->authorization_data);
xfree(val);
return;
}
}
}
+ if (authfrom->authorization_data) {
+ retval = krb5_copy_authdata(authfrom->authorization_data,
+ &tempto->authorization_data);
+ if (retval) {
+ xfree(tempto->subkey);
+ krb5_free_checksum(tempto->checksum);
+ krb5_free_principal(tempto->client);
+ krb5_free_authdata(tempto->authorization_data);
+ xfree(tempto);
+ return retval;
+ }
+ }
+
*authto = tempto;
return 0;
}
returns system errors
*/
-static krb5_error_code generate_authenticator PROTOTYPE((krb5_authenticator *,
- const krb5_creds *,
- const krb5_checksum *,
- krb5_keyblock *,
- krb5_int32 ));
krb5_error_code
krb5_mk_req_extended(ap_req_options, checksum, kdc_options,
}
}
#define cleanup_key() {if (newkey) krb5_free_keyblock(*newkey);}
- if (retval = generate_authenticator(&authent, creds, checksum,
- newkey ? *newkey : 0,
- sequence)) {
+ if (retval = krb5_generate_authenticator(&authent, creds, checksum,
+ newkey ? *newkey : 0,
+ sequence, creds->authdata)) {
cleanup_key();
cleanup_ticket();
return retval;
}
static krb5_error_code
-generate_authenticator(authent, creds, cksum, key, seq_number)
+krb5_generate_authenticator(authent, creds, cksum, key, seq_number, authorization)
krb5_authenticator *authent;
const krb5_creds *creds;
const krb5_checksum *cksum;
krb5_keyblock *key;
krb5_int32 seq_number;
+krb5_authdata **authorization;
{
authent->client = creds->client;
authent->checksum = (krb5_checksum *)cksum;
authent->subkey = key;
authent->seq_number = seq_number;
+ authent->authorization_data = authorization;
return(krb5_us_timeofday(&authent->ctime, &authent->cusec));
}