svn rev #22122: branches/fast/src/ include/krb5/ lib/krb5/asn.1/ lib/krb5/krb/

hartmans@MIT.EDU hartmans at MIT.EDU
Thu Mar 26 01:36:31 EDT 2009 

http://src.mit.edu/fisheye/changelog/krb5/?cs=22122
Commit By: hartmans
Log Message:
Add kdc_state field to krb5_kdc_req

Add a kdc_state field to track internal state in handling a request.
The current usage is to pass FAST information to pre-authentication
plugins.


Changed Files:
U   branches/fast/src/include/krb5/krb5.hin
U   branches/fast/src/lib/krb5/asn.1/krb5_decode.c
U   branches/fast/src/lib/krb5/krb/kfree.c
Modified: branches/fast/src/include/krb5/krb5.hin
===================================================================
--- branches/fast/src/include/krb5/krb5.hin	2009-03-26 05:36:28 UTC (rev 22121)
+++ branches/fast/src/include/krb5/krb5.hin	2009-03-26 05:36:31 UTC (rev 22122)
@@ -1142,6 +1142,13 @@
     krb5_authdata **unenc_authdata; /* unencrypted auth data,
 					   if available */
     krb5_ticket **second_ticket;/* second ticket array; OPTIONAL */
+    /* the following field is added in March 2009; it is a hack so
+     * that FAST state can be carried to pre-authentication plugins.
+     * A new plugin interface may be a better long-term approach.  It
+     * is believed to be safe to extend this structure because it is
+     * not found in any public APIs.
+     */
+    void * kdc_state;
 } krb5_kdc_req;
 
 typedef struct _krb5_enc_kdc_rep_part {

Modified: branches/fast/src/lib/krb5/asn.1/krb5_decode.c
===================================================================
--- branches/fast/src/lib/krb5/asn.1/krb5_decode.c	2009-03-26 05:36:28 UTC (rev 22121)
+++ branches/fast/src/lib/krb5/asn.1/krb5_decode.c	2009-03-26 05:36:31 UTC (rev 22122)
@@ -520,6 +520,7 @@
     clear_field(rep,authorization_data.ciphertext.data);
     clear_field(rep,unenc_authdata);
     clear_field(rep,second_ticket);
+    clear_field(rep, kdc_state);
 
     check_apptag(10);
     retval = asn1_decode_kdc_req(&buf,rep);
@@ -547,6 +548,7 @@
     clear_field(rep,authorization_data.ciphertext.data);
     clear_field(rep,unenc_authdata);
     clear_field(rep,second_ticket);
+    clear_field(rep, kdc_state);
 
     check_apptag(12);
     retval = asn1_decode_kdc_req(&buf,rep);

Modified: branches/fast/src/lib/krb5/krb/kfree.c
===================================================================
--- branches/fast/src/lib/krb5/krb/kfree.c	2009-03-26 05:36:28 UTC (rev 22121)
+++ branches/fast/src/lib/krb5/krb/kfree.c	2009-03-26 05:36:31 UTC (rev 22122)
@@ -54,6 +54,7 @@
  */
 
 #include "k5-int.h"
+#include <assert.h>
 
 void KRB5_CALLCONV
 krb5_free_address(krb5_context context, krb5_address *val)
@@ -344,6 +345,7 @@
 {
     if (val == NULL)
 	return;
+    assert( val->kdc_state == NULL);
     krb5_free_pa_data(context, val->padata);
     krb5_free_principal(context, val->client);
     krb5_free_principal(context, val->server);

More information about the cvs-krb5 mailing list