oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Refactor code to flatten the call-tree.

Browse Source 
Make the ticket request in the TGS-REQ inherit the address-ness of the
krbtgt if the address is not specified in the function call.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22717 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-03-24 12:06:00 +00:00
parent cd06f67cdb
commit 92e7251a36
1 changed files with 44 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
lib/krb5/get_cred.c
View File

@@ -572,24 +572,47 @@ out:
} }
/* same as above, just get local addresses first */ /*
* same as above, just get local addresses first if the krbtgt have
* them and the realm is not addressless
*/
static krb5_error_code static krb5_error_code
get_cred_kdc_la(krb5_context context, krb5_ccache id, krb5_kdc_flags flags, get_cred_kdc_address(krb5_context context,
krb5_creds *in_creds, krb5_creds *krbtgt, krb5_ccache id,
krb5_principal impersonate_principal, Ticket *second_ticket, krb5_kdc_flags flags,
krb5_creds *out_creds) krb5_addresses *addrs,
krb5_creds *in_creds,
krb5_creds *krbtgt,
krb5_principal impersonate_principal,
Ticket *second_ticket,
krb5_creds *out_creds)
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_addresses addresses, *addrs = &addresses; krb5_addresses addresses = { 0, NULL };
krb5_get_all_client_addrs(context, &addresses); /*
/* XXX this sucks. */ * Inherit the address-ness of the krbtgt if the address is not
if(addresses.len == 0) * specified.
addrs = NULL; */
ret = get_cred_kdc(context, id, flags, addrs,
in_creds, krbtgt, impersonate_principal, second_ticket, if (addrs == NULL && krbtgt->addresses.len != 0) {
out_creds); krb5_boolean noaddr;
krb5_appdefault_boolean(context, NULL, krbtgt->server->realm,
"no-addresses", FALSE, &noaddr);
if (!noaddr) {
krb5_get_all_client_addrs(context, &addresses);
/* XXX this sucks. */
addrs = &addresses;
if(addresses.len == 0)
addrs = NULL;
}
}
ret = get_cred_kdc(context, id, flags, addrs, in_creds,
krbtgt, impersonate_principal,
second_ticket, out_creds);
krb5_free_addresses(context, &addresses); krb5_free_addresses(context, &addresses);
return ret; return ret;
} }
@@ -754,23 +777,11 @@ get_cred_from_kdc_flags(krb5_context context,
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM; ret = ENOMEM;
} else { } else {
krb5_boolean noaddr; ret = get_cred_kdc_address(context, ccache, flags, NULL,
in_creds, &tgts,
krb5_appdefault_boolean(context, NULL, tgts.server->realm, impersonate_principal,
"no-addresses", FALSE, &noaddr); second_ticket,
*out_creds);
if (noaddr)
ret = get_cred_kdc(context, ccache, flags, NULL,
in_creds, &tgts,
impersonate_principal,
second_ticket,
*out_creds);
else
ret = get_cred_kdc_la(context, ccache, flags,
in_creds, &tgts,
impersonate_principal,
second_ticket,
*out_creds);
if (ret) { if (ret) {
free (*out_creds); free (*out_creds);
*out_creds = NULL; *out_creds = NULL;
@@ -829,19 +840,9 @@ get_cred_from_kdc_flags(krb5_context context,
krb5_set_error_string(context, "malloc: out of memory"); krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM; ret = ENOMEM;
} else { } else {
krb5_boolean noaddr; ret = get_cred_kdc_address (context, ccache, flags, NULL,
in_creds, tgt, NULL, NULL,
krb5_appdefault_boolean(context, NULL, tgt->server->realm, *out_creds);
"no-addresses", KRB5_ADDRESSLESS_DEFAULT,
&noaddr);
if (noaddr)
ret = get_cred_kdc (context, ccache, flags, NULL,
in_creds, tgt, NULL, NULL,
*out_creds);
else
ret = get_cred_kdc_la(context, ccache, flags,
in_creds, tgt, NULL, NULL,
*out_creds);
if (ret) { if (ret) {
free (*out_creds); free (*out_creds);
*out_creds = NULL; *out_creds = NULL;