svn rev #25624: trunk/src/ include/ lib/krb5/asn.1/ plugins/preauth/pkinit/ tests/asn.1/
ghudson@MIT.EDU
ghudson at MIT.EDU
Sun Jan 8 16:54:29 EST 2012
http://src.mit.edu/fisheye/changelog/krb5/?cs=25624
Commit By: ghudson
Log Message:
Remove unneeded kdcRealm field in PKINIT structure
krb5_pk_authenticator_draft9 had a kdcRealm field which was set by the
client code but never encoded or decoded. Remove it. Eliminating this
field exposed a bug in auth_pack_draft9_optional; fix that.
Changed Files:
U trunk/src/include/k5-int-pkinit.h
U trunk/src/lib/krb5/asn.1/asn1_k_decode.c
U trunk/src/lib/krb5/asn.1/asn1_k_encode.c
U trunk/src/plugins/preauth/pkinit/pkinit_clnt.c
U trunk/src/tests/asn.1/ktest.c
Modified: trunk/src/include/k5-int-pkinit.h
===================================================================
--- trunk/src/include/k5-int-pkinit.h 2012-01-08 21:27:59 UTC (rev 25623)
+++ trunk/src/include/k5-int-pkinit.h 2012-01-08 21:54:29 UTC (rev 25624)
@@ -47,7 +47,6 @@
/* PKAuthenticator draft9 */
typedef struct _krb5_pk_authenticator_draft9 {
krb5_principal kdcName;
- krb5_data kdcRealm;
krb5_int32 cusec; /* (0..999999) */
krb5_timestamp ctime;
krb5_int32 nonce; /* (0..4294967295) */
Modified: trunk/src/lib/krb5/asn.1/asn1_k_decode.c
===================================================================
--- trunk/src/lib/krb5/asn.1/asn1_k_decode.c 2012-01-08 21:27:59 UTC (rev 25623)
+++ trunk/src/lib/krb5/asn.1/asn1_k_decode.c 2012-01-08 21:54:29 UTC (rev 25624)
@@ -1370,7 +1370,6 @@
{
setup();
val->kdcName = NULL;
- val->kdcRealm.data = NULL;
{ begin_structure();
alloc_principal(val->kdcName);
get_field(val->kdcName, 0, asn1_decode_principal_name);
Modified: trunk/src/lib/krb5/asn.1/asn1_k_encode.c
===================================================================
--- trunk/src/lib/krb5/asn.1/asn1_k_encode.c 2012-01-08 21:27:59 UTC (rev 25623)
+++ trunk/src/lib/krb5/asn.1/asn1_k_encode.c 2012-01-08 21:54:29 UTC (rev 25624)
@@ -1428,7 +1428,7 @@
auth_pack_draft9_optional(const void *p)
{
unsigned int optional = 0;
- const krb5_auth_pack *val = p;
+ const krb5_auth_pack_draft9 *val = p;
if (val->clientPublicValue != NULL)
optional |= (1u << 1);
return optional;
Modified: trunk/src/plugins/preauth/pkinit/pkinit_clnt.c
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit_clnt.c 2012-01-08 21:27:59 UTC (rev 25623)
+++ trunk/src/plugins/preauth/pkinit/pkinit_clnt.c 2012-01-08 21:54:29 UTC (rev 25624)
@@ -260,9 +260,6 @@
auth_pack9->pkAuthenticator.cusec = cusec;
auth_pack9->pkAuthenticator.nonce = nonce;
auth_pack9->pkAuthenticator.kdcName = server;
- auth_pack9->pkAuthenticator.kdcRealm.magic = 0;
- auth_pack9->pkAuthenticator.kdcRealm.data = server->realm.data;
- auth_pack9->pkAuthenticator.kdcRealm.length = server->realm.length;
free(cksum->contents);
break;
case KRB5_PADATA_PK_AS_REQ:
Modified: trunk/src/tests/asn.1/ktest.c
===================================================================
--- trunk/src/tests/asn.1/ktest.c 2012-01-08 21:27:59 UTC (rev 25623)
+++ trunk/src/tests/asn.1/ktest.c 2012-01-08 21:54:29 UTC (rev 25624)
@@ -630,7 +630,6 @@
ktest_make_sample_pk_authenticator_draft9(krb5_pk_authenticator_draft9 *p)
{
ktest_make_sample_principal(&p->kdcName);
- ktest_make_sample_data(&p->kdcRealm);
p->cusec = SAMPLE_USEC;
p->ctime = SAMPLE_TIME;
p->nonce = SAMPLE_NONCE;
@@ -1443,7 +1442,6 @@
ktest_empty_pk_authenticator_draft9(krb5_pk_authenticator_draft9 *p)
{
ktest_destroy_principal(&p->kdcName);
- ktest_empty_data(&p->kdcRealm);
}
static void
More information about the cvs-krb5
mailing list