oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

I hope these modifications are better.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1236 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1997-02-13 23:23:15 +00:00
parent bccc590217
commit 96fba87959
1 changed files with 47 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
appl/telnet/libtelnet/kerberos5.c
View File

@@ -129,7 +129,7 @@ static krb5_authenticator authenticator;
static k5_Authenticator authenticator; static k5_Authenticator authenticator;
static krb5_context context; static krb5_context context;
static krb5_auth_context *auth_context; static krb5_auth_context auth_context;
/* some compilers can't hack void *, so we use the Kerberos krb5_pointer, /* some compilers can't hack void *, so we use the Kerberos krb5_pointer,
which is either void * or char *, depending on the compiler. */ which is either void * or char *, depending on the compiler. */
@@ -178,13 +178,14 @@ kerberos5_init(Authenticator *ap, int server)
return(1); return(1);
} }
int static int
kerberos5_send(Authenticator *ap) kerberos5_send(char *name, Authenticator *ap)
{ {
krb5_error_code r; krb5_error_code r;
krb5_ccache ccache; krb5_ccache ccache;
int ap_opts; int ap_opts;
printf("[ Trying %s ... ]\r\n", name);
if (!UserNameRequested) { if (!UserNameRequested) {
if (auth_debug_mode) { if (auth_debug_mode) {
printf("Kerberos V5: no user name supplied\r\n"); printf("Kerberos V5: no user name supplied\r\n");
@@ -213,7 +214,7 @@ kerberos5_send(Authenticator *ap)
if (r) { if (r) {
if (auth_debug_mode) { if (auth_debug_mode) {
printf("Kerberos V5: mk_req failed (%s)\r\n", printf("Kerberos V5: mk_req failed (%s)\r\n",
krb5_get_err_text(r)); krb5_get_err_text(context, r));
} }
return(0); return(0);
} }
@@ -234,14 +235,26 @@ kerberos5_send(Authenticator *ap)
return(1); return(1);
} }
int
kerberos5_send_mutual(Authenticator *ap)
{
return kerberos5_send("mutual KERBEROS5", ap);
}
int
kerberos5_send_oneway(Authenticator *ap)
{
return kerberos5_send("KERBEROS5", ap);
}
void void
kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
{ {
int r; int r;
krb5_data outbuf; krb5_data outbuf;
krb5_ticket *ticket; krb5_ticket *ticket;
krb5_keyblock *key_block; krb5_keyblock *key_block;
char *name;
if (cnt-- < 1) if (cnt-- < 1)
return; return;
@@ -267,40 +280,41 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
printf("%s\r\n", errbuf); printf("%s\r\n", errbuf);
return; return;
} }
#if 0
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
r = krb5_mk_rep(context, auth_context, &outbuf); r = krb5_mk_rep(context, &auth_context, &outbuf);
if(r){ if(r){
abort ();
} }
Data(ap, KRB_RESPONSE, outbuf.data, outbuf.length); Data(ap, KRB_RESPONSE, outbuf.data, outbuf.length);
} }
if (krb5_unparse_name(context, ticket->enc_part2->client, &name)) if (krb5_unparse_name(context, ticket->enc_part2.client, &name))
name = 0; name = 0;
#endif
#if 0
Data(ap, KRB_ACCEPT, name, name ? -1 : 0); Data(ap, KRB_ACCEPT, name, name ? -1 : 0);
if (auth_debug_mode) { if (auth_debug_mode) {
printf("Kerberos5 identifies him as ``%s''\r\n", printf("Kerberos5 identifies him as ``%s''\r\n",
name ? name : ""); name ? name : "");
} }
#endif
auth_finished(ap, AUTH_USER); auth_finished(ap, AUTH_USER);
#if 0
r = krb5_auth_con_getkey(context, auth_context, &key_block); r = krb5_auth_con_getkey(context, auth_context, &key_block);
if(r){ if(r){
abort ();
} }
#endif
if(key_block->keytype == KEYTYPE_DES){ if(key_block->keytype == KEYTYPE_DES){
Session_Key skey;
skey.type = SK_DES;
skey.length = 8;
skey.data = key_block->contents.data;
encrypt_session_key(&skey, 0);
#if 0
memcpy(&session_key, key_block->contents.data, memcpy(&session_key, key_block->contents.data,
sizeof(session_key)); sizeof(session_key));
#endif
} }
#if 0
krb5_free_keyblock(context, key_block); krb5_free_keyblock(context, key_block);
#endif
break; break;
#ifdef FORWARD #ifdef FORWARD
@@ -393,6 +407,22 @@ kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt)
} }
#endif #endif
krb5_free_ap_rep_enc_part(context, reply); krb5_free_ap_rep_enc_part(context, reply);
{
Session_Key skey;
krb5_keyblock *keyblock;
if (r = krb5_auth_con_getkey (context,
auth_context,
&keyblock)) {
abort ();
}
skey.type = SK_DES;
skey.length = 8;
skey.data = keyblock->contents.data;
encrypt_session_key(&skey, 0);
krb5_free_keyblock (context, keyblock);
}
mutual_complete = 1; mutual_complete = 1;
} }
return; return;
@@ -418,15 +448,13 @@ kerberos5_status(Authenticator *ap, char *name, int level)
if (level < AUTH_USER) if (level < AUTH_USER)
return(level); return(level);
#if 0
if (UserNameRequested && if (UserNameRequested &&
krb5_kuserok(context, authdat->ticket->enc_part2->client, UserNameRequested)) /*krb5_kuserok(context, authdat->ticket->enc_part2->client, UserNameRequested)*/ 1)
{ {
strcpy(name, UserNameRequested); strcpy(name, UserNameRequested);
return(AUTH_VALID); return(AUTH_VALID);
} else } else
return(AUTH_USER); return(AUTH_USER);
#endif
} }
#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} #define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}