pass down HDB_F_GET_ flags as appropriate
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17316 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
@@ -66,7 +66,7 @@ fetch_server (krb5_context context,
|
||||
krb5_get_err_text(context, ret));
|
||||
return ret;
|
||||
}
|
||||
ret = _kdc_db_fetch(context, config, sprinc, server);
|
||||
ret = _kdc_db_fetch(context, config, sprinc, HDB_F_GET_SERVER, server);
|
||||
krb5_free_principal(context, sprinc);
|
||||
if (ret) {
|
||||
kdc_log(context, config, 0,
|
||||
|
||||
@@ -433,7 +433,7 @@ do_authenticate (krb5_context context,
|
||||
client_name, from, server_name);
|
||||
|
||||
ret = _kdc_db_fetch4 (context, config, name, instance,
|
||||
config->v4_realm, &client_entry);
|
||||
config->v4_realm, HDB_F_GET_CLIENT, &client_entry);
|
||||
if (ret) {
|
||||
kdc_log(context, config, 0, "Client not found in database: %s: %s",
|
||||
client_name, krb5_get_err_text(context, ret));
|
||||
@@ -442,7 +442,8 @@ do_authenticate (krb5_context context,
|
||||
}
|
||||
|
||||
ret = _kdc_db_fetch4 (context, config, "krbtgt",
|
||||
config->v4_realm, config->v4_realm, &server_entry);
|
||||
config->v4_realm, config->v4_realm,
|
||||
HDB_F_GET_KRBTGT, &server_entry);
|
||||
if (ret) {
|
||||
kdc_log(context, config, 0, "Server not found in database: %s: %s",
|
||||
server_name, krb5_get_err_text(context, ret));
|
||||
@@ -648,7 +649,7 @@ do_getticket (krb5_context context,
|
||||
"%s.%s@%s", name, instance, config->v4_realm);
|
||||
|
||||
ret = _kdc_db_fetch4 (context, config, name, instance,
|
||||
config->v4_realm, &server_entry);
|
||||
config->v4_realm, HDB_F_GET_SERVER, &server_entry);
|
||||
if (ret) {
|
||||
kdc_log(context, config, 0, "Server not found in database: %s: %s",
|
||||
server_name, krb5_get_err_text(context, ret));
|
||||
@@ -657,7 +658,7 @@ do_getticket (krb5_context context,
|
||||
}
|
||||
|
||||
ret = _kdc_db_fetch4 (context, config, "krbtgt",
|
||||
config->v4_realm, config->v4_realm, &krbtgt_entry);
|
||||
config->v4_realm, config->v4_realm, HDB_F_GET_KRBTGT, &krbtgt_entry);
|
||||
if (ret) {
|
||||
kdc_log(context, config, 0,
|
||||
"Server not found in database: %s.%s@%s: %s",
|
||||
@@ -730,7 +731,8 @@ do_getticket (krb5_context context,
|
||||
client_name, from, server_name);
|
||||
|
||||
ret = _kdc_db_fetch4 (context, config,
|
||||
ad.pname, ad.pinst, ad.prealm, &client_entry);
|
||||
ad.pname, ad.pinst, ad.prealm, HDB_F_GET_CLIENT,
|
||||
&client_entry);
|
||||
if(ret && ret != HDB_ERR_NOENTRY) {
|
||||
kdc_log(context, config, 0,
|
||||
"Client not found in database: (krb4) %s: %s",
|
||||
|
||||
@@ -894,7 +894,8 @@ _kdc_as_rep(krb5_context context,
|
||||
kdc_log(context, config, 0, "AS-REQ %s from %s for %s",
|
||||
client_name, from, server_name);
|
||||
|
||||
ret = _kdc_db_fetch(context, config, client_princ, &client);
|
||||
ret = _kdc_db_fetch(context, config, client_princ,
|
||||
HDB_F_GET_CLIENT, &client);
|
||||
if(ret){
|
||||
kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name,
|
||||
krb5_get_err_text(context, ret));
|
||||
@@ -902,7 +903,8 @@ _kdc_as_rep(krb5_context context,
|
||||
goto out;
|
||||
}
|
||||
|
||||
ret = _kdc_db_fetch(context, config, server_princ, &server);
|
||||
ret = _kdc_db_fetch(context, config, server_princ,
|
||||
HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, &server);
|
||||
if(ret){
|
||||
kdc_log(context, config, 0, "UNKNOWN -- %s: %s", server_name,
|
||||
krb5_get_err_text(context, ret));
|
||||
@@ -2094,7 +2096,7 @@ tgs_rep2(krb5_context context,
|
||||
ap_req.ticket.sname,
|
||||
ap_req.ticket.realm);
|
||||
|
||||
ret = _kdc_db_fetch(context, config, princ, &krbtgt);
|
||||
ret = _kdc_db_fetch(context, config, princ, HDB_F_GET_KRBTGT, &krbtgt);
|
||||
|
||||
if(ret) {
|
||||
char *p;
|
||||
@@ -2294,7 +2296,8 @@ tgs_rep2(krb5_context context,
|
||||
goto out2;
|
||||
}
|
||||
_krb5_principalname2krb5_principal(&p, t->sname, t->realm);
|
||||
ret = _kdc_db_fetch(context, config, p, &uu);
|
||||
ret = _kdc_db_fetch(context, config, p,
|
||||
HDB_F_GET_CLIENT|HDB_F_GET_SERVER, &uu);
|
||||
krb5_free_principal(context, p);
|
||||
if(ret){
|
||||
if (ret == HDB_ERR_NOENTRY)
|
||||
@@ -2335,7 +2338,7 @@ tgs_rep2(krb5_context context,
|
||||
kdc_log(context, config, 0,
|
||||
"TGS-REQ %s from %s for %s", cpn, from, spn);
|
||||
server_lookup:
|
||||
ret = _kdc_db_fetch(context, config, sp, &server);
|
||||
ret = _kdc_db_fetch(context, config, sp, HDB_F_GET_SERVER, &server);
|
||||
|
||||
if(ret){
|
||||
const char *new_rlm;
|
||||
@@ -2384,7 +2387,7 @@ tgs_rep2(krb5_context context,
|
||||
goto out;
|
||||
}
|
||||
|
||||
ret = _kdc_db_fetch(context, config, cp, &client);
|
||||
ret = _kdc_db_fetch(context, config, cp, HDB_F_GET_CLIENT, &client);
|
||||
if(ret)
|
||||
kdc_log(context, config, 1, "Client not found in database: %s: %s",
|
||||
cpn, krb5_get_err_text(context, ret));
|
||||
|
||||
@@ -41,6 +41,7 @@ krb5_error_code
|
||||
_kdc_db_fetch(krb5_context context,
|
||||
krb5_kdc_configuration *config,
|
||||
krb5_const_principal principal,
|
||||
unsigned flags,
|
||||
hdb_entry_ex **h)
|
||||
{
|
||||
hdb_entry_ex *ent;
|
||||
@@ -61,7 +62,7 @@ _kdc_db_fetch(krb5_context context,
|
||||
ret = config->db[i]->hdb_fetch(context,
|
||||
config->db[i],
|
||||
principal,
|
||||
HDB_F_DECRYPT,
|
||||
flags | HDB_F_DECRYPT,
|
||||
ent);
|
||||
config->db[i]->hdb_close(context, config->db[i]);
|
||||
if(ret == 0) {
|
||||
|
||||
Reference in New Issue
Block a user