From: Sam Hartman Date: Sat, 3 Jan 2009 23:20:35 +0000 (+0000) Subject: Remove support for setting a client flag indicating pkinit is used on the db entry. X-Git-Tag: krb5-1.7-alpha1~114 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=02351224e88fa4fa560a8a6073664cbcdfd73b62;p=krb5.git Remove support for setting a client flag indicating pkinit is used on the db entry. I'm reasonably sure that this would belong in a pkinit plugin not in do_as_req.c. Also, the flag should be documented to indicate what it means--client attempted pkinit? Client succeeded in using pkinit? I also wonder whether you want a mechanism for a db plugin to figure out all the padata or fast factors that a request is using. Note that this flag will need to be added back by at least one vendor. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21694 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index 36b550250..12d645980 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -508,9 +508,6 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt, goto errout; } - if (find_pa_data(reply.padata, KRB5_PADATA_PK_AS_REP)) - c_flags |= KRB5_KDB_FLAG_PKINIT; - errcode = handle_authdata(kdc_context, c_flags, &client,