svn rev #23901: branches/iakerb/src/lib/krb5/krb/

ghudson@MIT.EDU ghudson at MIT.EDU
Wed Apr 14 10:40:16 EDT 2010


http://src.mit.edu/fisheye/changelog/krb5/?cs=23901
Commit By: ghudson
Log Message:
Merge trunk changes from r23874 to r23900 to iakerb branch.



Changed Files:
U   branches/iakerb/src/lib/krb5/krb/int-proto.h
U   branches/iakerb/src/lib/krb5/krb/s4u_creds.c
U   branches/iakerb/src/lib/krb5/krb/send_tgs.c
Modified: branches/iakerb/src/lib/krb5/krb/int-proto.h
===================================================================
--- branches/iakerb/src/lib/krb5/krb/int-proto.h	2010-04-14 14:36:32 UTC (rev 23900)
+++ branches/iakerb/src/lib/krb5/krb/int-proto.h	2010-04-14 14:40:16 UTC (rev 23901)
@@ -137,19 +137,6 @@
                           krb5_pa_data ***out_enc_padata,
                           krb5_creds **out_cred);
 
-krb5_error_code krb5int_send_tgs(krb5_context, krb5_flags,
-                                 const krb5_ticket_times *,
-                                 const krb5_enctype *,
-                                 krb5_const_principal, krb5_address *const *,
-                                 krb5_authdata *const *,
-                                 krb5_pa_data *const *, const krb5_data *,
-                                 krb5_creds *,
-                                 krb5_error_code (*gcvt_fct)(krb5_context,
-                                                             krb5_keyblock *,
-                                                             krb5_kdc_req *,
-                                                             void *),
-                                 void *gcvt_data, krb5_response *,
-                                 krb5_keyblock **subkey);
 /* The subkey field is an output parameter; if a
  * tgs-rep is received then the subkey will be filled
  * in with the subkey needed to decrypt the TGS

Modified: branches/iakerb/src/lib/krb5/krb/s4u_creds.c
===================================================================
--- branches/iakerb/src/lib/krb5/krb/s4u_creds.c	2010-04-14 14:36:32 UTC (rev 23900)
+++ branches/iakerb/src/lib/krb5/krb/s4u_creds.c	2010-04-14 14:40:16 UTC (rev 23901)
@@ -244,9 +244,9 @@
 }
 
 /*
- * This function is invoked by krb5int_send_tgs() just before
- * the request is encoded; it gives us access to the nonce and
- * subkey without requiring them to be generated by the caller.
+ * This function is invoked by krb5int_make_tgs_request_ext() just before the
+ * request is encoded; it gives us access to the nonce and subkey without
+ * requiring them to be generated by the caller.
  */
 static krb5_error_code
 build_pa_s4u_x509_user(krb5_context context,

Modified: branches/iakerb/src/lib/krb5/krb/send_tgs.c
===================================================================
--- branches/iakerb/src/lib/krb5/krb/send_tgs.c	2010-04-14 14:36:32 UTC (rev 23900)
+++ branches/iakerb/src/lib/krb5/krb/send_tgs.c	2010-04-14 14:40:16 UTC (rev 23901)
@@ -345,77 +345,3 @@
     krb5_free_keyblock(context, local_subkey);
     return retval;
 }
-
-krb5_error_code
-krb5int_send_tgs(krb5_context context, krb5_flags kdcoptions,
-                 const krb5_ticket_times *timestruct,
-                 const krb5_enctype *ktypes,
-                 krb5_const_principal sname, krb5_address *const *addrs,
-                 krb5_authdata *const *authorization_data,
-                 krb5_pa_data *const *padata, const krb5_data *second_ticket,
-                 krb5_creds *in_cred,
-                 krb5_error_code (*pacb_fct)(krb5_context,
-                                             krb5_keyblock *,
-                                             krb5_kdc_req *,
-                                             void *),
-                 void *pacb_data,
-                 krb5_response *rep, krb5_keyblock **subkey_out)
-{
-    krb5_error_code retval;
-    krb5_data request;
-    int tcp_only = 0, use_master;
-    krb5_timestamp now;
-    krb5_int32 nonce;
-    krb5_keyblock *subkey;
-    krb5_error *err_reply = NULL;
-    krb5_ui_4 err;
-
-    *subkey_out = NULL;
-    rep->message_type = KRB5_ERROR;
-
-    retval = krb5int_make_tgs_request_ext(context, kdcoptions, timestruct,
-                                          ktypes, sname, addrs,
-                                          authorization_data, padata,
-                                          second_ticket, in_cred,
-                                          pacb_fct, pacb_data, &request, &now,
-                                          &nonce, &subkey);
-    if (retval != 0)
-        return retval;
-
-    rep->expected_nonce = nonce;
-    rep->request_time = now;
-
-    for (tcp_only = 0; tcp_only <= 1; tcp_only++) {
-        use_master = 0;
-        retval = krb5_sendto_kdc(context, &request,
-                                 krb5_princ_realm(context, sname),
-                                 &rep->response, &use_master, tcp_only);
-        if (retval != 0)
-            break;
-
-        if (krb5_is_tgs_rep(&rep->response)) {
-            /* Successful response; set the output subkey. */
-            rep->message_type = KRB5_TGS_REP;
-            *subkey_out = subkey;
-            subkey = NULL;
-            break;
-        } else if (krb5_is_krb_error(&rep->response) && !tcp_only) {
-            /* Decode the error response to extract the code. */
-            retval = decode_krb5_error(&rep->response, &err_reply);
-            err = (retval == 0) ? err_reply->error : 0;
-            krb5_free_error(context, err_reply);
-            if (err == KRB_ERR_RESPONSE_TOO_BIG) {
-                /* Try again with TCP. */
-                krb5_free_data_contents(context, &rep->response);
-                continue;
-            }
-        }
-        /* Unexpected message type, or an error other than RESPONSE_TOO_BIG. */
-        rep->message_type = KRB5_ERROR;
-        break;
-    }
-
-    krb5_free_data_contents(context, &request);
-    krb5_free_keyblock(context, subkey);
-    return retval;
-}




More information about the cvs-krb5 mailing list