pass down HDB_F_GET_ flags as appropriate
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17316 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
@@ -66,7 +66,7 @@ fetch_server (krb5_context context,
|
|||||||
krb5_get_err_text(context, ret));
|
krb5_get_err_text(context, ret));
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
ret = _kdc_db_fetch(context, config, sprinc, server);
|
ret = _kdc_db_fetch(context, config, sprinc, HDB_F_GET_SERVER, server);
|
||||||
krb5_free_principal(context, sprinc);
|
krb5_free_principal(context, sprinc);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
kdc_log(context, config, 0,
|
kdc_log(context, config, 0,
|
||||||
|
|||||||
@@ -433,7 +433,7 @@ do_authenticate (krb5_context context,
|
|||||||
client_name, from, server_name);
|
client_name, from, server_name);
|
||||||
|
|
||||||
ret = _kdc_db_fetch4 (context, config, name, instance,
|
ret = _kdc_db_fetch4 (context, config, name, instance,
|
||||||
config->v4_realm, &client_entry);
|
config->v4_realm, HDB_F_GET_CLIENT, &client_entry);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
kdc_log(context, config, 0, "Client not found in database: %s: %s",
|
kdc_log(context, config, 0, "Client not found in database: %s: %s",
|
||||||
client_name, krb5_get_err_text(context, ret));
|
client_name, krb5_get_err_text(context, ret));
|
||||||
@@ -442,7 +442,8 @@ do_authenticate (krb5_context context,
|
|||||||
}
|
}
|
||||||
|
|
||||||
ret = _kdc_db_fetch4 (context, config, "krbtgt",
|
ret = _kdc_db_fetch4 (context, config, "krbtgt",
|
||||||
config->v4_realm, config->v4_realm, &server_entry);
|
config->v4_realm, config->v4_realm,
|
||||||
|
HDB_F_GET_KRBTGT, &server_entry);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
kdc_log(context, config, 0, "Server not found in database: %s: %s",
|
kdc_log(context, config, 0, "Server not found in database: %s: %s",
|
||||||
server_name, krb5_get_err_text(context, ret));
|
server_name, krb5_get_err_text(context, ret));
|
||||||
@@ -648,7 +649,7 @@ do_getticket (krb5_context context,
|
|||||||
"%s.%s@%s", name, instance, config->v4_realm);
|
"%s.%s@%s", name, instance, config->v4_realm);
|
||||||
|
|
||||||
ret = _kdc_db_fetch4 (context, config, name, instance,
|
ret = _kdc_db_fetch4 (context, config, name, instance,
|
||||||
config->v4_realm, &server_entry);
|
config->v4_realm, HDB_F_GET_SERVER, &server_entry);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
kdc_log(context, config, 0, "Server not found in database: %s: %s",
|
kdc_log(context, config, 0, "Server not found in database: %s: %s",
|
||||||
server_name, krb5_get_err_text(context, ret));
|
server_name, krb5_get_err_text(context, ret));
|
||||||
@@ -657,7 +658,7 @@ do_getticket (krb5_context context,
|
|||||||
}
|
}
|
||||||
|
|
||||||
ret = _kdc_db_fetch4 (context, config, "krbtgt",
|
ret = _kdc_db_fetch4 (context, config, "krbtgt",
|
||||||
config->v4_realm, config->v4_realm, &krbtgt_entry);
|
config->v4_realm, config->v4_realm, HDB_F_GET_KRBTGT, &krbtgt_entry);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
kdc_log(context, config, 0,
|
kdc_log(context, config, 0,
|
||||||
"Server not found in database: %s.%s@%s: %s",
|
"Server not found in database: %s.%s@%s: %s",
|
||||||
@@ -730,7 +731,8 @@ do_getticket (krb5_context context,
|
|||||||
client_name, from, server_name);
|
client_name, from, server_name);
|
||||||
|
|
||||||
ret = _kdc_db_fetch4 (context, config,
|
ret = _kdc_db_fetch4 (context, config,
|
||||||
ad.pname, ad.pinst, ad.prealm, &client_entry);
|
ad.pname, ad.pinst, ad.prealm, HDB_F_GET_CLIENT,
|
||||||
|
&client_entry);
|
||||||
if(ret && ret != HDB_ERR_NOENTRY) {
|
if(ret && ret != HDB_ERR_NOENTRY) {
|
||||||
kdc_log(context, config, 0,
|
kdc_log(context, config, 0,
|
||||||
"Client not found in database: (krb4) %s: %s",
|
"Client not found in database: (krb4) %s: %s",
|
||||||
|
|||||||
@@ -894,7 +894,8 @@ _kdc_as_rep(krb5_context context,
|
|||||||
kdc_log(context, config, 0, "AS-REQ %s from %s for %s",
|
kdc_log(context, config, 0, "AS-REQ %s from %s for %s",
|
||||||
client_name, from, server_name);
|
client_name, from, server_name);
|
||||||
|
|
||||||
ret = _kdc_db_fetch(context, config, client_princ, &client);
|
ret = _kdc_db_fetch(context, config, client_princ,
|
||||||
|
HDB_F_GET_CLIENT, &client);
|
||||||
if(ret){
|
if(ret){
|
||||||
kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name,
|
kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name,
|
||||||
krb5_get_err_text(context, ret));
|
krb5_get_err_text(context, ret));
|
||||||
@@ -902,7 +903,8 @@ _kdc_as_rep(krb5_context context,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = _kdc_db_fetch(context, config, server_princ, &server);
|
ret = _kdc_db_fetch(context, config, server_princ,
|
||||||
|
HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, &server);
|
||||||
if(ret){
|
if(ret){
|
||||||
kdc_log(context, config, 0, "UNKNOWN -- %s: %s", server_name,
|
kdc_log(context, config, 0, "UNKNOWN -- %s: %s", server_name,
|
||||||
krb5_get_err_text(context, ret));
|
krb5_get_err_text(context, ret));
|
||||||
@@ -2094,7 +2096,7 @@ tgs_rep2(krb5_context context,
|
|||||||
ap_req.ticket.sname,
|
ap_req.ticket.sname,
|
||||||
ap_req.ticket.realm);
|
ap_req.ticket.realm);
|
||||||
|
|
||||||
ret = _kdc_db_fetch(context, config, princ, &krbtgt);
|
ret = _kdc_db_fetch(context, config, princ, HDB_F_GET_KRBTGT, &krbtgt);
|
||||||
|
|
||||||
if(ret) {
|
if(ret) {
|
||||||
char *p;
|
char *p;
|
||||||
@@ -2294,7 +2296,8 @@ tgs_rep2(krb5_context context,
|
|||||||
goto out2;
|
goto out2;
|
||||||
}
|
}
|
||||||
_krb5_principalname2krb5_principal(&p, t->sname, t->realm);
|
_krb5_principalname2krb5_principal(&p, t->sname, t->realm);
|
||||||
ret = _kdc_db_fetch(context, config, p, &uu);
|
ret = _kdc_db_fetch(context, config, p,
|
||||||
|
HDB_F_GET_CLIENT|HDB_F_GET_SERVER, &uu);
|
||||||
krb5_free_principal(context, p);
|
krb5_free_principal(context, p);
|
||||||
if(ret){
|
if(ret){
|
||||||
if (ret == HDB_ERR_NOENTRY)
|
if (ret == HDB_ERR_NOENTRY)
|
||||||
@@ -2335,7 +2338,7 @@ tgs_rep2(krb5_context context,
|
|||||||
kdc_log(context, config, 0,
|
kdc_log(context, config, 0,
|
||||||
"TGS-REQ %s from %s for %s", cpn, from, spn);
|
"TGS-REQ %s from %s for %s", cpn, from, spn);
|
||||||
server_lookup:
|
server_lookup:
|
||||||
ret = _kdc_db_fetch(context, config, sp, &server);
|
ret = _kdc_db_fetch(context, config, sp, HDB_F_GET_SERVER, &server);
|
||||||
|
|
||||||
if(ret){
|
if(ret){
|
||||||
const char *new_rlm;
|
const char *new_rlm;
|
||||||
@@ -2384,7 +2387,7 @@ tgs_rep2(krb5_context context,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = _kdc_db_fetch(context, config, cp, &client);
|
ret = _kdc_db_fetch(context, config, cp, HDB_F_GET_CLIENT, &client);
|
||||||
if(ret)
|
if(ret)
|
||||||
kdc_log(context, config, 1, "Client not found in database: %s: %s",
|
kdc_log(context, config, 1, "Client not found in database: %s: %s",
|
||||||
cpn, krb5_get_err_text(context, ret));
|
cpn, krb5_get_err_text(context, ret));
|
||||||
|
|||||||
@@ -41,6 +41,7 @@ krb5_error_code
|
|||||||
_kdc_db_fetch(krb5_context context,
|
_kdc_db_fetch(krb5_context context,
|
||||||
krb5_kdc_configuration *config,
|
krb5_kdc_configuration *config,
|
||||||
krb5_const_principal principal,
|
krb5_const_principal principal,
|
||||||
|
unsigned flags,
|
||||||
hdb_entry_ex **h)
|
hdb_entry_ex **h)
|
||||||
{
|
{
|
||||||
hdb_entry_ex *ent;
|
hdb_entry_ex *ent;
|
||||||
@@ -61,7 +62,7 @@ _kdc_db_fetch(krb5_context context,
|
|||||||
ret = config->db[i]->hdb_fetch(context,
|
ret = config->db[i]->hdb_fetch(context,
|
||||||
config->db[i],
|
config->db[i],
|
||||||
principal,
|
principal,
|
||||||
HDB_F_DECRYPT,
|
flags | HDB_F_DECRYPT,
|
||||||
ent);
|
ent);
|
||||||
config->db[i]->hdb_close(context, config->db[i]);
|
config->db[i]->hdb_close(context, config->db[i]);
|
||||||
if(ret == 0) {
|
if(ret == 0) {
|
||||||
|
|||||||
Reference in New Issue
Block a user