From 5c9982831b7dfaf74e018e2560ead2c5a946c9df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Thu, 27 Apr 2006 11:33:21 +0000 Subject: [PATCH] pass down HDB_F_GET_ flags as appropriate git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17316 ec53bebd-3082-4978-b11e-865c3cabbd6b --- kdc/524.c | 2 +- kdc/kaserver.c | 12 +++++++----- kdc/kerberos5.c | 15 +++++++++------ kdc/misc.c | 3 ++- 4 files changed, 19 insertions(+), 13 deletions(-) diff --git a/kdc/524.c b/kdc/524.c index cde356017..f4a43d7ae 100644 --- a/kdc/524.c +++ b/kdc/524.c @@ -66,7 +66,7 @@ fetch_server (krb5_context context, krb5_get_err_text(context, ret)); return ret; } - ret = _kdc_db_fetch(context, config, sprinc, server); + ret = _kdc_db_fetch(context, config, sprinc, HDB_F_GET_SERVER, server); krb5_free_principal(context, sprinc); if (ret) { kdc_log(context, config, 0, diff --git a/kdc/kaserver.c b/kdc/kaserver.c index 0cf810e7f..ed3669f0e 100644 --- a/kdc/kaserver.c +++ b/kdc/kaserver.c @@ -433,7 +433,7 @@ do_authenticate (krb5_context context, client_name, from, server_name); ret = _kdc_db_fetch4 (context, config, name, instance, - config->v4_realm, &client_entry); + config->v4_realm, HDB_F_GET_CLIENT, &client_entry); if (ret) { kdc_log(context, config, 0, "Client not found in database: %s: %s", client_name, krb5_get_err_text(context, ret)); @@ -442,7 +442,8 @@ do_authenticate (krb5_context context, } ret = _kdc_db_fetch4 (context, config, "krbtgt", - config->v4_realm, config->v4_realm, &server_entry); + config->v4_realm, config->v4_realm, + HDB_F_GET_KRBTGT, &server_entry); if (ret) { kdc_log(context, config, 0, "Server not found in database: %s: %s", server_name, krb5_get_err_text(context, ret)); @@ -648,7 +649,7 @@ do_getticket (krb5_context context, "%s.%s@%s", name, instance, config->v4_realm); ret = _kdc_db_fetch4 (context, config, name, instance, - config->v4_realm, &server_entry); + config->v4_realm, HDB_F_GET_SERVER, &server_entry); if (ret) { kdc_log(context, config, 0, "Server not found in database: %s: %s", server_name, krb5_get_err_text(context, ret)); @@ -657,7 +658,7 @@ do_getticket (krb5_context context, } ret = _kdc_db_fetch4 (context, config, "krbtgt", - config->v4_realm, config->v4_realm, &krbtgt_entry); + config->v4_realm, config->v4_realm, HDB_F_GET_KRBTGT, &krbtgt_entry); if (ret) { kdc_log(context, config, 0, "Server not found in database: %s.%s@%s: %s", @@ -730,7 +731,8 @@ do_getticket (krb5_context context, client_name, from, server_name); ret = _kdc_db_fetch4 (context, config, - ad.pname, ad.pinst, ad.prealm, &client_entry); + ad.pname, ad.pinst, ad.prealm, HDB_F_GET_CLIENT, + &client_entry); if(ret && ret != HDB_ERR_NOENTRY) { kdc_log(context, config, 0, "Client not found in database: (krb4) %s: %s", diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c index ca84e0047..e32330fc8 100644 --- a/kdc/kerberos5.c +++ b/kdc/kerberos5.c @@ -894,7 +894,8 @@ _kdc_as_rep(krb5_context context, kdc_log(context, config, 0, "AS-REQ %s from %s for %s", client_name, from, server_name); - ret = _kdc_db_fetch(context, config, client_princ, &client); + ret = _kdc_db_fetch(context, config, client_princ, + HDB_F_GET_CLIENT, &client); if(ret){ kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name, krb5_get_err_text(context, ret)); @@ -902,7 +903,8 @@ _kdc_as_rep(krb5_context context, goto out; } - ret = _kdc_db_fetch(context, config, server_princ, &server); + ret = _kdc_db_fetch(context, config, server_princ, + HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, &server); if(ret){ kdc_log(context, config, 0, "UNKNOWN -- %s: %s", server_name, krb5_get_err_text(context, ret)); @@ -2094,7 +2096,7 @@ tgs_rep2(krb5_context context, ap_req.ticket.sname, ap_req.ticket.realm); - ret = _kdc_db_fetch(context, config, princ, &krbtgt); + ret = _kdc_db_fetch(context, config, princ, HDB_F_GET_KRBTGT, &krbtgt); if(ret) { char *p; @@ -2294,7 +2296,8 @@ tgs_rep2(krb5_context context, goto out2; } _krb5_principalname2krb5_principal(&p, t->sname, t->realm); - ret = _kdc_db_fetch(context, config, p, &uu); + ret = _kdc_db_fetch(context, config, p, + HDB_F_GET_CLIENT|HDB_F_GET_SERVER, &uu); krb5_free_principal(context, p); if(ret){ if (ret == HDB_ERR_NOENTRY) @@ -2335,7 +2338,7 @@ tgs_rep2(krb5_context context, kdc_log(context, config, 0, "TGS-REQ %s from %s for %s", cpn, from, spn); server_lookup: - ret = _kdc_db_fetch(context, config, sp, &server); + ret = _kdc_db_fetch(context, config, sp, HDB_F_GET_SERVER, &server); if(ret){ const char *new_rlm; @@ -2384,7 +2387,7 @@ tgs_rep2(krb5_context context, goto out; } - ret = _kdc_db_fetch(context, config, cp, &client); + ret = _kdc_db_fetch(context, config, cp, HDB_F_GET_CLIENT, &client); if(ret) kdc_log(context, config, 1, "Client not found in database: %s: %s", cpn, krb5_get_err_text(context, ret)); diff --git a/kdc/misc.c b/kdc/misc.c index e4b2b272f..746e70b2b 100644 --- a/kdc/misc.c +++ b/kdc/misc.c @@ -41,6 +41,7 @@ krb5_error_code _kdc_db_fetch(krb5_context context, krb5_kdc_configuration *config, krb5_const_principal principal, + unsigned flags, hdb_entry_ex **h) { hdb_entry_ex *ent; @@ -61,7 +62,7 @@ _kdc_db_fetch(krb5_context context, ret = config->db[i]->hdb_fetch(context, config->db[i], principal, - HDB_F_DECRYPT, + flags | HDB_F_DECRYPT, ent); config->db[i]->hdb_close(context, config->db[i]); if(ret == 0) {