krb5 commit [krb5-1.11]: Only record real selected preauth type
Tom Yu
tlyu at MIT.EDU
Tue Oct 30 14:02:09 EDT 2012
https://github.com/krb5/krb5/commit/b57b43b4658a4c497fb5f4848051645c157c466c
commit b57b43b4658a4c497fb5f4848051645c157c466c
Author: Greg Hudson <ghudson at mit.edu>
Date: Tue Oct 23 21:25:38 2012 -0400
Only record real selected preauth type
Move where we record the selected preauth type so that we never record
an informational preauth type, only a real one.
(cherry picked from commit e9d6e7ef606cf5ea70e2cc2f35dd91861ab00092)
ticket: 7422
version_fixed: 1.11
status: resolved
src/lib/krb5/krb/preauth2.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c
index b900ce4..23f00f3 100644
--- a/src/lib/krb5/krb/preauth2.c
+++ b/src/lib/krb5/krb/preauth2.c
@@ -618,9 +618,6 @@ run_preauth_plugins(krb5_context kcontext,
if (ret != 0)
return ret;
}
- /* Record which pa_type we answered a call for. */
- if (preauth_rock->selected_preauth_type != NULL)
- *preauth_rock->selected_preauth_type = in_padata->pa_type;
break;
}
if (i >= kcontext->preauth_context->n_modules) {
@@ -1027,6 +1024,9 @@ krb5_do_preauth(krb5_context context, krb5_kdc_req *request,
&out_pa_list, &out_pa_list_size,
&module_ret, opte);
if (ret == 0 && module_ret == 0 && paorder[h] == PA_REAL) {
+ /* Record which real padata type we answered. */
+ if (rock->selected_preauth_type != NULL)
+ *rock->selected_preauth_type = in_padata[i]->pa_type;
*got_real_out = TRUE;
break;
}
More information about the cvs-krb5
mailing list