oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Provide auth_status to backend.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25307 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2009-07-03 04:33:06 +00:00
parent d3de015b79
commit 7829e74641
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
kdc/kerberos5.c
View File

@@ -894,6 +894,7 @@ _kdc_as_rep(krb5_context context,
AS_REP rep; AS_REP rep;
KDCOptions f = b->kdc_options; KDCOptions f = b->kdc_options;
hdb_entry_ex *client = NULL, *server = NULL; hdb_entry_ex *client = NULL, *server = NULL;
HDB *clientdb;
krb5_enctype cetype, setype, sessionetype; krb5_enctype cetype, setype, sessionetype;
krb5_data e_data; krb5_data e_data;
EncTicketPart et; EncTicketPart et;
@@ -977,7 +978,7 @@ _kdc_as_rep(krb5_context context,
*/ */
ret = _kdc_db_fetch(context, config, client_princ, ret = _kdc_db_fetch(context, config, client_princ,
HDB_F_GET_CLIENT | flags, NULL, &client); HDB_F_GET_CLIENT | flags, &clientdb, &client);
if(ret){ if(ret){
kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name, kdc_log(context, config, 0, "UNKNOWN -- %s: %s", client_name,
krb5_get_err_text(context, ret)); krb5_get_err_text(context, ret));
@@ -1125,8 +1126,8 @@ _kdc_as_rep(krb5_context context,
"No client key matching pa-data (%s) -- %s", "No client key matching pa-data (%s) -- %s",
estr, client_name); estr, client_name);
free(estr); free(estr);
free_EncryptedData(&enc_data); free_EncryptedData(&enc_data);
continue; continue;
} }
@@ -1170,6 +1171,10 @@ _kdc_as_rep(krb5_context context,
e_text = "Failed to decrypt PA-DATA"; e_text = "Failed to decrypt PA-DATA";
free_EncryptedData(&enc_data); free_EncryptedData(&enc_data);
if (clientdb->hdb_auth_status)
(clientdb->hdb_auth_status)(context, clientdb, client, HDB_AUTH_WRONG_PASSWORD);
ret = KRB5KDC_ERR_PREAUTH_FAILED; ret = KRB5KDC_ERR_PREAUTH_FAILED;
continue; continue;
} }
@@ -1223,6 +1228,9 @@ _kdc_as_rep(krb5_context context,
if (ret) if (ret)
str = NULL; str = NULL;
if (clientdb->hdb_auth_status)
(clientdb->hdb_auth_status)(context, clientdb, client, HDB_AUTH_SUCCESS);
kdc_log(context, config, 2, kdc_log(context, config, 2,
"ENC-TS Pre-authentication succeeded -- %s using %s", "ENC-TS Pre-authentication succeeded -- %s using %s",
client_name, str ? str : "unknown enctype"); client_name, str ? str : "unknown enctype");