From: | ghudson@mit.edu |
Subject: | git commit |
Use protocol error for PKINIT cert expiry
If we fail to create a cert chain in cms_signeddata_create(), return
KRB5KDC_ERR_PREAUTH_FAILED, which corresponds to a protocol code,
rather than KRB5_PREAUTH_FAILED, which doesn't. This is also more
consistent with other error clauses in the same function.
https://github.com/krb5/krb5/commit/cd59782cb32b79e4001a86b0fe47af8b6275ef0c
Author: Greg Hudson <ghudson@mit.edu>
Commit: cd59782cb32b79e4001a86b0fe47af8b6275ef0c
Branch: master
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)