krb5_error_code _kdc_tkt_add_if_relevant_ad(krb5_context context, EncTicketPart *tkt, int type, const krb5_data *data) { krb5_error_code ret; size_t size = 0; if (tkt->authorization_data == NULL) { tkt->authorization_data = calloc(1, sizeof(*tkt->authorization_data)); if (tkt->authorization_data == NULL) { krb5_set_error_message(context, ENOMEM, "out of memory"); return ENOMEM; } } /* add the entry to the last element */ { AuthorizationData ad = { 0, NULL }; AuthorizationDataElement ade; ade.ad_type = type; ade.ad_data = *data; ret = add_AuthorizationData(&ad, &ade); if (ret) { krb5_set_error_message(context, ret, "add AuthorizationData failed"); return ret; } ade.ad_type = KRB5_AUTHDATA_IF_RELEVANT; ASN1_MALLOC_ENCODE(AuthorizationData, ade.ad_data.data, ade.ad_data.length, &ad, &size, ret); free_AuthorizationData(&ad); if (ret) { krb5_set_error_message(context, ret, "ASN.1 encode of " "AuthorizationData failed"); return ret; } if (ade.ad_data.length != size) krb5_abortx(context, "internal asn.1 encoder error"); ret = add_AuthorizationData(tkt->authorization_data, &ade); der_free_octet_string(&ade.ad_data); if (ret) { krb5_set_error_message(context, ret, "add AuthorizationData failed"); return ret; } } return 0; }
static krb5_error_code make_etypelist(krb5_context context, krb5_authdata **auth_data) { AuthorizationDataElement el; AuthorizationData ad; EtypeList etypes; krb5_error_code ret; u_char *buf; size_t len = 0; size_t buf_size; ret = _krb5_init_etype(context, KRB5_PDU_NONE, &etypes.len, &etypes.val, NULL); if (ret) return ret; ASN1_MALLOC_ENCODE(EtypeList, buf, buf_size, &etypes, &len, ret); if (ret) { free_EtypeList(&etypes); return ret; } if(buf_size != len) krb5_abortx(context, "internal error in ASN.1 encoder"); free_EtypeList(&etypes); ALLOC_SEQ(&ad, 1); if (ad.val == NULL) { free(buf); krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } el.ad_type = KRB5_AUTHDATA_GSS_API_ETYPE_NEGOTIATION; el.ad_data.length = len; el.ad_data.data = buf; ret = add_AuthorizationData(&ad, &el); free(buf); if (ret) return ret; ASN1_MALLOC_ENCODE(AD_IF_RELEVANT, buf, buf_size, &ad, &len, ret); free_AuthorizationData(&ad); if (ret) return ret; if(buf_size != len) krb5_abortx(context, "internal error in ASN.1 encoder"); if (*auth_data == NULL) { ALLOC(*auth_data, 1); if (*auth_data == NULL) { free(buf); krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } } el.ad_type = KRB5_AUTHDATA_IF_RELEVANT; el.ad_data.length = len; el.ad_data.data = buf; ret = add_AuthorizationData(*auth_data, &el); free(buf); return ret; }