oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Simply the disabled-service case.

Browse Source 
Check the allow-digest flag in the HDB entry for the client.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17930 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-08-24 11:05:55 +00:00
parent 5ba79d7ced
commit 38bccc6e79
1 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
kdc/digest.c
View File

@@ -61,10 +61,8 @@ _kdc_do_digest(krb5_context context,
krb5_data serverNonce; krb5_data serverNonce;
if(!config->enable_digest) { if(!config->enable_digest) {
ret = KRB5KDC_ERR_POLICY; kdc_log(context, config, 0, "Rejected digest request from %s", from);
kdc_log(context, config, 0, return KRB5KDC_ERR_POLICY;
"Rejected digest request from %s", from);
return ret;
} }
krb5_data_zero(&buf); krb5_data_zero(&buf);
@@ -152,8 +150,13 @@ _kdc_do_digest(krb5_context context,
if (ret) if (ret)
goto out; goto out;
/* XXX add acl check here */ if (client->entry.flags.allow_digest == 0) {
krb5_set_error_string(context,
"server is not permitted to use digest");
ret = KRB5KDC_ERR_POLICY;
_kdc_free_ent (context, client);
goto out;
}
_kdc_free_ent (context, client); _kdc_free_ent (context, client);
} }