2N/A/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ 2N/A * Copyright (C) 2009 by the Massachusetts Institute of Technology. 2N/A * All rights reserved. 2N/A * Export of this software from the United States of America may 2N/A * require a specific license from the United States Government. 2N/A * It is the responsibility of any person or organization contemplating 2N/A * export to obtain such a license before exporting. 2N/A * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 2N/A * distribute this software and its documentation for any purpose and 2N/A * without fee is hereby granted, provided that the above copyright 2N/A * notice appear in all copies and that both that copyright notice and 2N/A * this permission notice appear in supporting documentation, and that 2N/A * the name of M.I.T. not be used in advertising or publicity pertaining 2N/A * to distribution of the software without specific, written prior 2N/A * permission. Furthermore if you modify this software you must label 2N/A * your software as modified software and not distribute it in such a 2N/A * fashion that it might be confused with the original M.I.T. software. 2N/A * M.I.T. makes no representations about the suitability of 2N/A * this software for any purpose. It is provided "as is" without express 2N/A * or implied warranty. 2N/A * Implement Encrypted Challenge fast factor from 2N/A * draft-ietf-krb-wg-preauth-framework 2N/A/* Solaris Kerberos */ 2N/A/* Solaris Kerberos */ 2N/A * Per draft 11 of the preauth framework, the client MAY but is not 2N/A * required to actually check the timestamp from the KDC other than to 2N/A * confirm it decrypts. This code does not perform that check. 2N/A }
else {
/*No padata; we send*/ 2N/A /* Solaris Kerberos */ 2N/A /*We failed to decrypt. Try next key*/ 2N/A /* Solaris Kerberos */ 2N/A }
else {
/*not run out of keys*/ 2N/A * If this fails, we won't generate a reply to the client. That 2N/A * may cause the client to fail, but at this point the KDC has 2N/A * considered this a success, so the return value is ignored. 2N/A "Encrypted challenge",
2N/A "Encrypted Challenge",
/* name */ 2N/A NULL /* get init creds opt function */