int main()
{
krb5_context context;
krb5_authdata **results;
krb5_authdata *container[2];
krb5_authdata **container_out;
assert(krb5_init_context(&context) == 0);
assert(krb5_merge_authdata(context, adseq1, adseq2, &results) == 0);
compare_authdata(results[0], &ad1);
compare_authdata( results[1], &ad2);
compare_authdata(results[2], &ad4);
compare_authdata( results[3], &ad3);
assert(results[4] == NULL);
krb5_free_authdata(context, results);
container[0] = &ad3;
container[1] = NULL;
assert(krb5_encode_authdata_container( context, KRB5_AUTHDATA_IF_RELEVANT, container, &container_out) == 0);
assert(krb5int_find_authdata(context,
adseq1, container_out, 22, &results) == 0);
compare_authdata(&ad1, results[0]);
compare_authdata( results[1], &ad4);
compare_authdata( results[2], &ad3);
assert( results[3] == NULL);
krb5_free_authdata(context, results);
krb5_free_authdata(context, container_out);
return 0;
}
static krb5_error_code
generate_authenticator(krb5_context context, krb5_authenticator *authent,
krb5_principal client, krb5_checksum *cksum,
krb5_key key, krb5_ui_4 seq_number,
krb5_authdata **authorization,
krb5_authdata_context ad_context,
krb5_enctype *desired_etypes,
krb5_enctype tkt_enctype)
{
krb5_error_code retval;
krb5_authdata **ext_authdata = NULL;
authent->client = client;
authent->checksum = cksum;
if (key) {
retval = krb5_k_key_keyblock(context, key, &authent->subkey);
if (retval)
return retval;
} else
authent->subkey = 0;
authent->seq_number = seq_number;
authent->authorization_data = NULL;
if (ad_context != NULL) {
retval = krb5_authdata_export_authdata(context,
ad_context,
AD_USAGE_AP_REQ,
&ext_authdata);
if (retval)
return retval;
}
if (authorization != NULL || ext_authdata != NULL) {
retval = krb5_merge_authdata(context,
authorization,
ext_authdata,
&authent->authorization_data);
if (retval) {
krb5_free_authdata(context, ext_authdata);
return retval;
}
krb5_free_authdata(context, ext_authdata);
}
/* Only send EtypeList if we prefer another enctype to tkt_enctype */
if (desired_etypes != NULL && desired_etypes[0] != tkt_enctype) {
TRACE_MK_REQ_ETYPES(context, desired_etypes);
retval = make_etype_list(context, desired_etypes, tkt_enctype,
&authent->authorization_data);
if (retval)
return retval;
}
return(krb5_us_timeofday(context, &authent->ctime, &authent->cusec));
}
static krb5_error_code
greet_kdc_sign(krb5_context context,
krb5_enc_tkt_part *enc_tkt_reply,
krb5_const_principal tgs,
krb5_data *greeting)
{
krb5_error_code code;
krb5_authdata ad_datum, *ad_data[2], **kdc_issued = NULL;
krb5_authdata **if_relevant = NULL;
krb5_authdata **tkt_authdata;
ad_datum.ad_type = -42;
ad_datum.contents = (krb5_octet *)greeting->data;
ad_datum.length = greeting->length;
ad_data[0] = &ad_datum;
ad_data[1] = NULL;
code = krb5_make_authdata_kdc_issued(context,
enc_tkt_reply->session,
tgs,
ad_data,
&kdc_issued);
if (code != 0)
return code;
code = krb5_encode_authdata_container(context,
KRB5_AUTHDATA_IF_RELEVANT,
kdc_issued,
&if_relevant);
if (code != 0) {
krb5_free_authdata(context, kdc_issued);
return code;
}
code = krb5_merge_authdata(context,
if_relevant,
enc_tkt_reply->authorization_data,
&tkt_authdata);
if (code == 0) {
krb5_free_authdata(context, enc_tkt_reply->authorization_data);
enc_tkt_reply->authorization_data = tkt_authdata;
}
krb5_free_authdata(context, if_relevant);
krb5_free_authdata(context, kdc_issued);
return code;
}
int
main()
{
krb5_context context;
krb5_authdata **results;
krb5_authdata *container[2];
krb5_authdata **container_out;
krb5_authdata **kdci;
assert(krb5_init_context(&context) == 0);
assert(krb5_merge_authdata(context, adseq1, adseq2, &results) == 0);
compare_authdata(results[0], &ad1);
compare_authdata( results[1], &ad2);
compare_authdata(results[2], &ad4);
compare_authdata( results[3], &ad3);
assert(results[4] == NULL);
krb5_free_authdata(context, results);
container[0] = &ad3;
container[1] = NULL;
assert(krb5_encode_authdata_container( context, KRB5_AUTHDATA_IF_RELEVANT, container, &container_out) == 0);
assert(krb5_find_authdata(context, adseq1, container_out, 22,
&results) == 0);
compare_authdata(&ad1, results[0]);
compare_authdata( results[1], &ad4);
compare_authdata( results[2], &ad3);
assert( results[3] == NULL);
krb5_free_authdata(context, container_out);
assert(krb5_make_authdata_kdc_issued(context, &key, NULL, results, &kdci) == 0);
assert(krb5_verify_authdata_kdc_issued(context, &key, kdci[0], NULL, &container_out) == 0);
compare_authdata(container_out[0], results[0]);
compare_authdata(container_out[1], results[1]);
compare_authdata(container_out[2], results[2]);
krb5_free_authdata(context, kdci);
krb5_free_authdata(context, results);
krb5_free_authdata(context, container_out);
krb5_free_context(context);
return 0;
}
krb5_error_code KRB5_CALLCONV
krb5_copy_authdata(krb5_context context,
krb5_authdata *const *in_authdat, krb5_authdata ***out)
{
return krb5_merge_authdata(context, in_authdat, NULL, out);
}
