Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Remove unneeded kdcRealm field in PKINIT structure

krb5_pk_authenticator_draft9 had a kdcRealm field which was set by the
client code but never encoded or decoded.  Remove it.  Eliminating this
field exposed a bug in auth_pack_draft9_optional; fix that.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25624 dc483132-0cff-0310-8789-dd5450dbe970
  • Loading branch information...
commit 0f7a8a3fc8d8188c3d2ff4d77e25b2d1cfa8f072 1 parent ec90db5
ghudson authored
View
1  src/include/k5-int-pkinit.h
@@ -47,7 +47,6 @@ typedef struct _krb5_pk_authenticator {
/* PKAuthenticator draft9 */
typedef struct _krb5_pk_authenticator_draft9 {
krb5_principal kdcName;
- krb5_data kdcRealm;
krb5_int32 cusec; /* (0..999999) */
krb5_timestamp ctime;
krb5_int32 nonce; /* (0..4294967295) */
View
1  src/lib/krb5/asn.1/asn1_k_decode.c
@@ -1370,7 +1370,6 @@ asn1_decode_pk_authenticator_draft9(asn1buf *buf,
{
setup();
val->kdcName = NULL;
- val->kdcRealm.data = NULL;
{ begin_structure();
alloc_principal(val->kdcName);
get_field(val->kdcName, 0, asn1_decode_principal_name);
View
2  src/lib/krb5/asn.1/asn1_k_encode.c
@@ -1428,7 +1428,7 @@ static unsigned int
auth_pack_draft9_optional(const void *p)
{
unsigned int optional = 0;
- const krb5_auth_pack *val = p;
+ const krb5_auth_pack_draft9 *val = p;
if (val->clientPublicValue != NULL)
optional |= (1u << 1);
return optional;
View
3  src/plugins/preauth/pkinit/pkinit_clnt.c
@@ -260,9 +260,6 @@ pkinit_as_req_create(krb5_context context,
auth_pack9->pkAuthenticator.cusec = cusec;
auth_pack9->pkAuthenticator.nonce = nonce;
auth_pack9->pkAuthenticator.kdcName = server;
- auth_pack9->pkAuthenticator.kdcRealm.magic = 0;
- auth_pack9->pkAuthenticator.kdcRealm.data = server->realm.data;
- auth_pack9->pkAuthenticator.kdcRealm.length = server->realm.length;
free(cksum->contents);
break;
case KRB5_PADATA_PK_AS_REQ:
View
2  src/tests/asn.1/ktest.c
@@ -630,7 +630,6 @@ static void
ktest_make_sample_pk_authenticator_draft9(krb5_pk_authenticator_draft9 *p)
{
ktest_make_sample_principal(&p->kdcName);
- ktest_make_sample_data(&p->kdcRealm);
p->cusec = SAMPLE_USEC;
p->ctime = SAMPLE_TIME;
p->nonce = SAMPLE_NONCE;
@@ -1443,7 +1442,6 @@ static void
ktest_empty_pk_authenticator_draft9(krb5_pk_authenticator_draft9 *p)
{
ktest_destroy_principal(&p->kdcName);
- ktest_empty_data(&p->kdcRealm);
}
static void
Please sign in to comment.
Something went wrong with that request. Please try again.