diff options
| author | Stefan Metzmacher <metze@samba.org> | 2015-03-10 12:38:55 +0100 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2015-03-12 17:13:42 +0100 |
| commit | 9ebd10b3432c271625db9fbc1987759c02b23f83 (patch) | |
| tree | ce47e6b4bb376cff9e2f298d46ca162965043e62 /source4/heimdal | |
| parent | 76f66332a1be0a26760e82c39edb2cfdd892b367 (diff) | |
| download | samba-9ebd10b3432c271625db9fbc1987759c02b23f83.tar.gz | |
heimdal:kdc: remove KRB5_PADATA_CLIENT_CANONICALIZED handling
This got removed between draft-ietf-krb-wg-kerberos-referrals-11.txt
and the final rfc6806.txt.
The number 133 was reassigned to PA-FX-COOKIE in rfc6113.txt.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Diffstat (limited to 'source4/heimdal')
| -rw-r--r-- | source4/heimdal/kdc/kerberos5.c | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index bab4b8ca542..cb97390d3e3 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -1706,58 +1706,6 @@ _kdc_as_rep(krb5_context context, if (ret) goto out; - /* Add signing of alias referral */ - if (f.canonicalize) { - PA_ClientCanonicalized canon; - krb5_data data; - PA_DATA pa; - krb5_crypto cryptox; - size_t len = 0; - - memset(&canon, 0, sizeof(canon)); - - canon.names.requested_name = *b->cname; - canon.names.mapped_name = client->entry.principal->name; - - ASN1_MALLOC_ENCODE(PA_ClientCanonicalizedNames, data.data, data.length, - &canon.names, &len, ret); - if (ret) - goto out; - if (data.length != len) - krb5_abortx(context, "internal asn.1 error"); - - /* sign using "returned session key" */ - ret = krb5_crypto_init(context, &et.key, 0, &cryptox); - if (ret) { - free(data.data); - goto out; - } - - ret = krb5_create_checksum(context, cryptox, - KRB5_KU_CANONICALIZED_NAMES, 0, - data.data, data.length, - &canon.canon_checksum); - free(data.data); - krb5_crypto_destroy(context, cryptox); - if (ret) - goto out; - - ASN1_MALLOC_ENCODE(PA_ClientCanonicalized, data.data, data.length, - &canon, &len, ret); - free_Checksum(&canon.canon_checksum); - if (ret) - goto out; - if (data.length != len) - krb5_abortx(context, "internal asn.1 error"); - - pa.padata_type = KRB5_PADATA_CLIENT_CANONICALIZED; - pa.padata_value = data; - ret = add_METHOD_DATA(rep.padata, &pa); - free(data.data); - if (ret) - goto out; - } - if (rep.padata->len == 0) { free(rep.padata); rep.padata = NULL; |