(krb5_sendauth): correct the protocol documentation and process

KRB-ERROR's git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3064 ec53bebd-3082-4978-b11e-865c3cabbd6b
1997-08-20 15:40:22 +00:00
parent d1229385c3
commit 92f39c5b52
1 changed files with 22 additions and 7 deletions
--- a/lib/krb5/sendauth.c
+++ b/lib/krb5/sendauth.c
@@ -50,16 +50,21 @@ RCSID("$Id$");
 * protocol string (with terminating zero)
 *
 * server -> client
- * 4 bytes - length (0 = OK, else length of error)
- * (error)
+ * 1 byte - (0 = OK, else some kind of error)
 *
 * client -> server
 * 4 bytes - length
 * AP-REQ
 *
 * server -> client
+ * 4 bytes - length (0 = OK, else length of error)
+ * (error)
+ *
+ * if(mutual) {
+ * server -> client
 * 4 bytes - length
 * AP-REP
+ * }
 */

 krb5_error_code
@@ -82,7 +87,7 @@ krb5_sendauth(krb5_context context,
  u_int32_t len, net_len;
  const char *version = KRB5_SENDAUTH_VERSION;
  u_char repl;
-  krb5_data ap_req;
+  krb5_data ap_req, error_data;
  krb5_creds this_cred;
  krb5_creds *creds;

@@ -144,11 +149,21 @@ krb5_sendauth(krb5_context context,

  krb5_data_free (&ap_req);

-  if (krb5_net_read (context, fd, &len, 4) != 4)
-    return errno;
+  ret = krb5_read_message (context, p_fd, &error_data);
+  if (ret)
+      return ret;

-  if (len != 0)
-    return KRB5_SENDAUTH_REJECTED;
+  if (error_data.length != 0) {
+      KRB_ERROR error;
+
+      ret = krb5_rd_error (context, &error_data, &error);
+      krb5_data_free (&error_data);
+      if (ret == 0) {
+	  free_KRB_ERROR(&error);
+	  return error.error_code;
+      } else
+	  return ret;
+  }

  if (ap_req_options & AP_OPTS_MUTUAL_REQUIRED) {
    krb5_data ap_rep;