[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PKINIT - kinit - "No usable pa data type", any ideas?
On Mon, May 09, 2005 at 08:06:39AM -0400, Eric Sylvain wrote:
> I have a problem getting "kinit" to work. It exits with
> the following error:
>
> kinit: krb5_get_init_creds: No usable pa data type
Try the patch enclosed,
Dan
--- heimdal-20050506/kdc/kerberos5.c.orig Mon May 9 15:04:14 2005
+++ heimdal-20050506/kdc/kerberos5.c Mon May 9 15:03:03 2005
@@ -743,7 +743,7 @@
i = 0;
e_text = "No PKINIT PA found";
- while((pa = find_padata(req, &i, KRB5_PADATA_PK_AS_REQ))){
+ while((pa = find_padata(req, &i, KRB5_PADATA_PK_AS_REQ_19))){
char *client_cert = NULL;
found_pa = 1;
--- heimdal-20050506/kdc/pkinit.c.orig Mon May 9 15:16:49 2005
+++ heimdal-20050506/kdc/pkinit.c Mon May 9 15:20:38 2005
@@ -401,7 +401,7 @@
}
memset(client_params, 0, sizeof(*client_params));
- if (pa->padata_type != KRB5_PADATA_PK_AS_REQ) {
+ if (pa->padata_type != KRB5_PADATA_PK_AS_REQ_19) {
krb5_clear_error_string(context);
ret = KRB5KDC_ERR_PADATA_TYPE_NOSUPP;
goto out;
@@ -946,7 +946,7 @@
if (len != size)
krb5_abortx(context, "Internal ASN.1 encoder error");
- ret = krb5_padata_add(context, md, KRB5_PADATA_PK_AS_REP, buf, len);
+ ret = krb5_padata_add(context, md, KRB5_PADATA_PK_AS_REP_19, buf, len);
if (ret) {
krb5_set_error_string(context, "failed adding "
"PA-PK-AS-REP-19 %d", ret);