From 0c7bd195917d6cc8e3cd880955bd2ea177da9945 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Mon, 26 Jan 2009 01:07:52 +0000 Subject: [PATCH] split into probe functions git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24489 ec53bebd-3082-4978-b11e-865c3cabbd6b --- kdc/process.c | 277 +++++++++++++++++++++++++++++++++++++------------- 1 file changed, 205 insertions(+), 72 deletions(-) diff --git a/kdc/process.c b/kdc/process.c index 1ca1dcc63..428c307ac 100644 --- a/kdc/process.c +++ b/kdc/process.c @@ -34,8 +34,6 @@ #include "kdc_locl.h" -RCSID("$Id$"); - /* * */ @@ -49,6 +47,185 @@ krb5_kdc_update_time(struct timeval *tv) _kdc_now = *tv; } +static krb5_error_code +kdc_as_req(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply) +{ + krb5_error_code ret; + KDC_REQ req; + size_t len; + + ret = decode_AS_REQ(req_buffer->data, req_buffer->length, &req, &len); + if (ret) + return ret; + ret = _kdc_as_rep(context, config, &req, req_buffer, + reply, from, addr, datagram_reply); + free_AS_REQ(&req); + return ret; +} + + +static krb5_error_code +kdc_tgs_req(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply) +{ + krb5_error_code ret; + KDC_REQ req; + size_t len; + + ret = decode_TGS_REQ(req_buffer->data, req_buffer->length, &req, &len); + if (ret) + return ret; + + ret = _kdc_tgs_rep(context, config, &req, reply, + from, addr, datagram_reply); + free_TGS_REQ(&req); + return ret; +} + +#ifdef DIGEST + +static krb5_error_code +kdc_digest(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply) +{ + DigestREQ digestreq; + krb5_error_code ret; + size_t len; + + ret = decode_DigestREQ(req_buffer->data, req_buffer->length, + &digestreq, &len); + if (ret) + return ret; + ret = _kdc_do_digest(context, config, &digestreq, reply, from, addr); + free_DigestREQ(&digestreq); + return ret; +} + +#endif + +#ifdef KX509 + +static krb5_error_code +kdc_kx509(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply) +{ + Kx509Request kx509req; + krb5_error_code ret; + size_t len; + + ret = _kdc_try_kx509_request(req_buffer->data, req_buffer->length, + &kx509req, &len); + if (ret) + return ret; + ret = _kdc_do_kx509(context, config, &kx509req, reply, from, addr); + free_Kx509Request(&kx509req); + return ret; +} + +#endif + + +#ifdef KRB4 + +static krb5_error_code +kdc_524(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply) +{ + krb5_error_code ret; + Ticket ticket; + size_t len; + + ret = decode_Ticket(req_buffer->data, req_buffer->length, &ticket, &len); + if (ret) + return ret; + + ret = _kdc_do_524(context, config, &ticket, reply, from, addr); + free_Ticket(&ticket); + return ret; +} + +static krb5_error_code +kdc_krb4(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply) +{ + if (_kdc_maybe_version4(req_buffer->data, req_buffer->length) == 0) + return -1; + + return _kdc_do_version4(context, config, + req_buffer->data, req_buffer->length, + reply, from, + (struct sockaddr_in*)addr); +} + +static krb5_error_code +kdc_kaserver(krb5_context context, + krb5_kdc_configuration *config, + krb5_data *req_buffer, + krb5_data *reply, + const char *from, + struct sockaddr *addr, + int datagram_reply) +{ + if (config->enable_kaserver == 0) + return -1; + + return _kdc_do_kaserver(context, config, + req_buffer->data, req_buffer->length, + reply, from, + (struct sockaddr_in*)addr); +} + +#endif /* KRB4 */ + + +static struct krb5_kdc_service services[] = { + { "Kerberos 5 as", KS_PREPENDLENGTH|KS_KRB5, kdc_as_req }, + { "Kerberos 5 tgs", KS_PREPENDLENGTH|KS_KRB5, kdc_tgs_req }, +#ifdef DIGEST + { "Kerberos digest", KS_PREPENDLENGTH, kdc_digest }, +#endif +#ifdef KX509 + { "kx509", KS_PREPENDLENGTH, kdc_kx509 }, +#endif +#ifdef KRB4 + { "Kerberos 542", KS_PREPENDLENGTH, kdc_524 }, + { "Kerberos 4", 0, kdc_krb4 }, + { "kaserver", KS_PREPENDLENGTH, kdc_kaserver }, +#endif + { NULL } +}; + /* * handle the request in `buf, len', from `addr' (or `from' as a string), * sending a reply in `reply'. @@ -65,63 +242,22 @@ krb5_kdc_process_request(krb5_context context, struct sockaddr *addr, int datagram_reply) { - KDC_REQ req; -#ifdef KRB4 - Ticket ticket; -#endif -#ifdef DIGEST - DigestREQ digestreq; -#endif -#ifdef KX509 - Kx509Request kx509req; -#endif krb5_error_code ret; - size_t i; + unsigned int i; + krb5_data req_buffer; + + req_buffer.data = buf; + req_buffer.length = len; - if(decode_AS_REQ(buf, len, &req, &i) == 0){ - krb5_data req_buffer; - - req_buffer.data = buf; - req_buffer.length = len; - - ret = _kdc_as_rep(context, config, &req, &req_buffer, - reply, from, addr, datagram_reply); - free_AS_REQ(&req); - return ret; - }else if(decode_TGS_REQ(buf, len, &req, &i) == 0){ - ret = _kdc_tgs_rep(context, config, &req, reply, from, addr, datagram_reply); - free_TGS_REQ(&req); - return ret; -#ifdef DIGEST - }else if(decode_DigestREQ(buf, len, &digestreq, &i) == 0){ - ret = _kdc_do_digest(context, config, &digestreq, reply, from, addr); - free_DigestREQ(&digestreq); - return ret; -#endif -#ifdef KX509 - } else if (_kdc_try_kx509_request(buf, len, &kx509req, &i) == 0) { - ret = _kdc_do_kx509(context, config, &kx509req, reply, from, addr); - free_Kx509Request(&kx509req); - return ret; -#endif -#ifdef KRB4 - }else if(decode_Ticket(buf, len, &ticket, &i) == 0){ - ret = _kdc_do_524(context, config, &ticket, reply, from, addr); - free_Ticket(&ticket); - return ret; - } else if(_kdc_maybe_version4(buf, len)){ - *prependlength = FALSE; /* elbitapmoc sdrawkcab XXX */ - ret = _kdc_do_version4(context, config, buf, len, reply, from, - (struct sockaddr_in*)addr); - return ret; - - } else if (config->enable_kaserver) { - ret = _kdc_do_kaserver(context, config, buf, len, reply, from, - (struct sockaddr_in*)addr); - return ret; -#endif + for (i = 0; services[i].name != NULL; i++) { + ret = (*services[i].process)(context, config, &req_buffer, + reply, from, addr, datagram_reply); + if (ret == 0) { + *prependlength = (services[i].flags & KS_PREPENDLENGTH); + break; + } } - + return -1; } @@ -142,25 +278,22 @@ krb5_kdc_process_krb5_request(krb5_context context, struct sockaddr *addr, int datagram_reply) { - KDC_REQ req; krb5_error_code ret; - size_t i; + unsigned int i; + krb5_data req_buffer; + + req_buffer.data = buf; + req_buffer.length = len; - if(decode_AS_REQ(buf, len, &req, &i) == 0){ - krb5_data req_buffer; - - req_buffer.data = buf; - req_buffer.length = len; - - ret = _kdc_as_rep(context, config, &req, &req_buffer, - reply, from, addr, datagram_reply); - free_AS_REQ(&req); - return ret; - }else if(decode_TGS_REQ(buf, len, &req, &i) == 0){ - ret = _kdc_tgs_rep(context, config, &req, reply, from, addr, datagram_reply); - free_TGS_REQ(&req); - return ret; + for (i = 0; services[i].name != NULL; i++) { + if ((services[i].flags & KS_KRB5) == 0) + continue; + ret = (*services[i].process)(context, config, &req_buffer, + reply, from, addr, datagram_reply); + if (ret == 0) + break; } + return -1; }