updates to the pkinit code

[Nebergall, Christopher]

It's working on Linux now thanks!  Solaris is still failing with
ActivCard in the C_Decrypt operation but I may need to talk to ActivCard
about that problem because its most likely in their pkcs11 library.

mech = CKM_RSA_PKCS
found 1 private keys 0
sign 33 -> 128
pkinit_as_req_create retval=0
pkinit_client_process: returning 0 (Unknown code 0)
pkinit_client_process 25930 253c0 29908 ffbfe8c0
processing KRB5_PADATA_PK_AS_REP_OLD
as_rep: RSA key transport algorithm
found 1 private keys 0
data_len = 128
session 35c80 edata 35a98 edata_len 128 data 5f378 datalen @ffbfd150 128
fail C_Decrypt 6
unable to decrypt pkcs7 object
PKCS7 decryption failed
failed to verify pkcs7 enveloped data
pkinit_as_rep_parse returning -1765328360 (Preauthentication failed)
pkinit_as_rep_parse returned -1765328360 (Preauthentication failed)
pkinit_client_process: returning -1765328360 (Preauthentication failed)

-Christopher
-----Original Message-----
From: kwcoffman at gmail.com [mailto:kwcoffman at gmail.com] On Behalf Of
Kevin Coffman
Sent: Thursday, January 11, 2007 9:52 AM
To: Nebergall, Christopher
Cc: krbdev at mit.edu; pkinit at citi.umich.edu
Subject: Re: updates to the pkinit code

Thanks Christopher,
The missing files were pointed out to me earlier yesterday and added.
I've just committed changes that add missing prototypes, and move others
around.  I also removed some "#if 0" code that should have been removed
previously.

Let us know if you have more compile problems.

K.C.

On 1/10/07, Nebergall, Christopher <cneberg at sandia.gov> wrote:
> pkinit_crypto_openssl.c and pkinit_crypto_openssl.h are both missing
> from the svn branch.   I'm also having compile problems on redhat
> enterprise 4.
>
> pkinit_lib.c:220: error: conflicting types for 
> 'pkinit_fini_identity_opts'
> pkinit_lib.c:215: error: previous implicit declaration of 
> 'pkinit_fini_identity_opts' was here
> make: *** [pkinit_lib.so] Error 1
>
> -Christopher