if 524 is not enabled, just generate error reply and exit

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8343 ec53bebd-3082-4978-b11e-865c3cabbd6b
2000-06-07 09:54:21 +00:00
parent d8309e5ff2
commit 98164d1259
1 changed files with 6 additions and 0 deletions
--- a/kdc/524.c
+++ b/kdc/524.c
@@ -53,6 +53,12 @@ do_524(Ticket *t, krb5_data *reply, const char *from, struct sockaddr *addr)
    unsigned char buf[MAX_KTXT_LEN + 4 * 4];
    size_t len;
    
+    if(!enable_524) {
+	ret = KRB5KDC_ERR_POLICY;
+	kdc_log(0, "Rejected ticket conversion request from %s", from);
+	goto out;
+    }
+
    principalname2krb5_principal(&sprinc, t->sname, t->realm);
    krb5_unparse_name(context, sprinc, &spn);
    server = db_fetch(sprinc);