krb5_keytab keytab;
krb5_keyblock *keyblock;
krb5_boolean check_pac;
+ krb5_flags verify_ap_req_flags;
};
struct krb5_rd_req_out_ctx_data {
return 0;
}
+KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
+krb5_rd_req_in_set_verify_ap_req_flags(krb5_context context,
+ krb5_rd_req_in_ctx in,
+ krb5_flags flags)
+{
+ in->verify_ap_req_flags = flags;
+ return 0;
+}
+
/**
* Set if krb5_rq_red() is going to check the Windows PAC or not
*
krb5_rd_req_out_ctx o = NULL;
krb5_keytab id = NULL, keytab = NULL;
krb5_principal service = NULL;
+ krb5_flags verify_ap_req_flags = 0;
if (outctx)
*outctx = NULL;
if (inctx && inctx->keytab)
id = inctx->keytab;
+ if (inctx)
+ verify_ap_req_flags = inctx->verify_ap_req_flags;
+
if((*auth_context)->keyblock){
ret = krb5_copy_keyblock(context,
(*auth_context)->keyblock,
&ap_req,
server,
o->keyblock,
- 0,
+ verify_ap_req_flags,
&o->ap_req_options,
&o->ticket,
KRB5_KU_AP_REQ_AUTH);
&ap_req,
server,
&entry.keyblock,
- 0,
+ verify_ap_req_flags,
&o->ap_req_options,
&o->ticket,
KRB5_KU_AP_REQ_AUTH);
krb5_rd_req_in_set_keyblock;
krb5_rd_req_in_set_keytab;
krb5_rd_req_in_set_pac_check;
+ krb5_rd_req_in_set_verify_ap_req_flags;
krb5_rd_req_out_ctx_free;
krb5_rd_req_out_get_ap_req_options;
krb5_rd_req_out_get_keyblock;