diff options
| -rw-r--r-- | source4/heimdal/kdc/kerberos5.c | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index bab4b8ca542..cb97390d3e3 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -1706,58 +1706,6 @@ _kdc_as_rep(krb5_context context, if (ret) goto out; - /* Add signing of alias referral */ - if (f.canonicalize) { - PA_ClientCanonicalized canon; - krb5_data data; - PA_DATA pa; - krb5_crypto cryptox; - size_t len = 0; - - memset(&canon, 0, sizeof(canon)); - - canon.names.requested_name = *b->cname; - canon.names.mapped_name = client->entry.principal->name; - - ASN1_MALLOC_ENCODE(PA_ClientCanonicalizedNames, data.data, data.length, - &canon.names, &len, ret); - if (ret) - goto out; - if (data.length != len) - krb5_abortx(context, "internal asn.1 error"); - - /* sign using "returned session key" */ - ret = krb5_crypto_init(context, &et.key, 0, &cryptox); - if (ret) { - free(data.data); - goto out; - } - - ret = krb5_create_checksum(context, cryptox, - KRB5_KU_CANONICALIZED_NAMES, 0, - data.data, data.length, - &canon.canon_checksum); - free(data.data); - krb5_crypto_destroy(context, cryptox); - if (ret) - goto out; - - ASN1_MALLOC_ENCODE(PA_ClientCanonicalized, data.data, data.length, - &canon, &len, ret); - free_Checksum(&canon.canon_checksum); - if (ret) - goto out; - if (data.length != len) - krb5_abortx(context, "internal asn.1 error"); - - pa.padata_type = KRB5_PADATA_CLIENT_CANONICALIZED; - pa.padata_value = data; - ret = add_METHOD_DATA(rep.padata, &pa); - free(data.data); - if (ret) - goto out; - } - if (rep.padata->len == 0) { free(rep.padata); rep.padata = NULL; |