oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(verify_and_remove_cookies): give back a meaningful error message if

Browse Source 
we're using the wrong cookie


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5277 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1999-01-22 17:49:12 +00:00
parent 28fb7f91cf
commit 816c30fe89
1 changed files with 45 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
appl/kx/common.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska H<>gskolan * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -500,6 +500,30 @@ create_and_write_cookie (char *xauthfile,
* cookie and copy the rest of it to `sock'. * cookie and copy the rest of it to `sock'.
* Expect cookies iff cookiesp. * Expect cookies iff cookiesp.
* Return 0 iff ok. * Return 0 iff ok.
*
* The protocol is as follows:
*
* C->S: [Bl] 1
* unused 1
* protocol major version 2
* protocol minor version 2
* length of auth protocol name(n) 2
* length of auth protocol data 2
* unused 2
* authorization protocol name n
* pad pad(n)
* authorization protocol data d
* pad pad(d)
*
* S->C: Failed
* 0 1
* length of reason 1
* protocol major version 2
* protocol minor version 2
* length in 4 bytes unit of
* additional data (n+p)/4 2
* reason n
* unused p = pad(n)
*/ */
int int
@@ -510,6 +534,12 @@ verify_and_remove_cookies (int fd, int sock, int cookiesp)
unsigned n, d, npad, dpad; unsigned n, d, npad, dpad;
char *protocol_name, *protocol_data; char *protocol_name, *protocol_data;
u_char zeros[6] = {0, 0, 0, 0, 0, 0}; u_char zeros[6] = {0, 0, 0, 0, 0, 0};
u_char refused[20] = {0, 10,
0, 0, /* protocol major version */
0, 0, /* protocol minor version */
0, 0, /* length of additional data / 4 */
'b', 'a', 'd', ' ', 'c', 'o', 'o', 'k', 'i', 'e',
0, 0};
if (krb_net_read (fd, beg, sizeof(beg)) != sizeof(beg)) if (krb_net_read (fd, beg, sizeof(beg)) != sizeof(beg))
return 1; return 1;
@@ -531,7 +561,7 @@ verify_and_remove_cookies (int fd, int sock, int cookiesp)
protocol_data = malloc(d + dpad); protocol_data = malloc(d + dpad);
if (d + dpad != 0 && protocol_data == NULL) { if (d + dpad != 0 && protocol_data == NULL) {
free (protocol_name); free (protocol_name);
goto fail; return 1;
} }
if (krb_net_read (fd, protocol_name, n + npad) != n + npad) if (krb_net_read (fd, protocol_name, n + npad) != n + npad)
goto fail; goto fail;
@@ -539,16 +569,27 @@ verify_and_remove_cookies (int fd, int sock, int cookiesp)
goto fail; goto fail;
if (cookiesp) { if (cookiesp) {
if (strncmp (protocol_name, COOKIE_TYPE, strlen(COOKIE_TYPE)) != 0) if (strncmp (protocol_name, COOKIE_TYPE, strlen(COOKIE_TYPE)) != 0)
goto fail; goto refused;
if (d != cookie_len || if (d != cookie_len ||
memcmp (protocol_data, cookie, cookie_len) != 0) memcmp (protocol_data, cookie, cookie_len) != 0)
goto fail; goto refused;
} }
free (protocol_name); free (protocol_name);
free (protocol_data); free (protocol_data);
if (krb_net_write (sock, zeros, 6) != 6) if (krb_net_write (sock, zeros, 6) != 6)
return 1; return 1;
return 0; return 0;
refused:
refused[2] = beg[2];
refused[3] = beg[3];
refused[4] = beg[4];
refused[5] = beg[5];
if (bigendianp)
refused[7] = 3;
else
refused[6] = 3;
krb_net_write (fd, refused, sizeof(refused));
fail: fail:
free (protocol_name); free (protocol_name);
free (protocol_data); free (protocol_data);