oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Removed unsed code. Changed semantics for out_creds (to better match

Browse Source 
MIT). Add some error checking.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1111 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1996-12-15 23:05:39 +00:00
parent 68ba594f44
commit a5edfa8fd2
1 changed files with 18 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

151
lib/krb5/get_cred.c
View File

@@ -2,6 +2,8 @@
#include <krb5_error.h> #include <krb5_error.h>
#include <md4.h> #include <md4.h>
RCSID("$Id$");
/* /*
* *
*/ */
@@ -28,7 +30,7 @@ key_proc (krb5_context context,
int int
extract_ticket(krb5_context context, extract_ticket(krb5_context context,
krb5_kdc_rep *rep, krb5_kdc_rep *rep,
krb5_creds **creds, krb5_creds *creds,
krb5_key_proc key_proc, krb5_key_proc key_proc,
krb5_const_pointer keyseed, krb5_const_pointer keyseed,
krb5_decrypt_proc decrypt_proc, krb5_decrypt_proc decrypt_proc,
@@ -120,123 +122,6 @@ krb5_get_credentials (krb5_context context,
&c, NULL, &authenticator); &c, NULL, &authenticator);
} }
#if 0
{
struct timeval tv;
auth.authenticator_vno = 5;
krb5_cc_get_principal(context, ccache, &out_creds->client);
auth.crealm = malloc(out_creds->client->realm.length + 1);
strncpy (auth.crealm, out_creds->client->realm.data,
out_creds->client->realm.length);
auth.crealm[out_creds->client->realm.length] = 0;
krb5_principal2principalname(&auth.cname, out_creds->client);
gettimeofday(&tv, NULL);
{
char buf[1024];
int len;
struct md4 m;
len = encode_KDC_REQ_BODY(buf + sizeof(buf) - 1, sizeof(buf),
&a.req_body);
md4_init(&m);
md4_update(&m, buf + sizeof(buf) - len, len);
c.cksumtype = rsa_md4;
c.checksum.length = 16;
c.checksum.data = malloc(16);
md4_finito(&m, c.checksum.data);
auth.cksum = &c;
}
auth.cusec = tv.tv_usec;
auth.ctime = tv.tv_sec;
auth.subkey = NULL;
auth.seq_number = NULL;
auth.authorization_data = NULL;
}
#endif
#if 0
/*
AP-REQ ::= [APPLICATION 14] SEQUENCE {
pvno[0] INTEGER,
msg-type[1] INTEGER,
ap-options[2] APOptions,
ticket[3] Ticket,
authenticator[4] EncryptedData
}
*/
{
krb5_creds cred, mcred;
ap.pvno = 5;
ap.msg_type = krb_ap_req;
memset(&ap.ap_options, 0, sizeof(ap.ap_options));
/* ap.ap_options.use_session_key = 1;*/
krb5_build_principal(context, &mcred.server,
out_creds->client.realm.length,
out_creds->client.realm.data,
"krbtgt", a.req_body.realm, NULL);
krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred);
/*
tkt-vno[0] INTEGER,
realm[1] Realm,
sname[2] PrincipalName,
enc-part[3] EncryptedData
*/
ap.ticket.tkt_vno = 5;
ap.ticket.realm = (char*)malloc(cred.server->realm.length + 1);
strncpy(ap.ticket.realm, cred.server->realm.data,
cred.server->realm.length);
ap.ticket.realm[cred.server->realm.length] = 0;
krb5_principal2principalname(&ap.ticket.sname, cred.server);
{
Ticket t;
decode_Ticket(cred.ticket.data,
cred.ticket.length,
&t);
ap.ticket.enc_part.etype = t.enc_part.etype;
ap.ticket.enc_part.kvno = NULL;
ap.ticket.enc_part.cipher = t.enc_part.cipher;
}
memcpy(&key, cred.session.contents.data, sizeof(key));
des_set_key(cred.session.contents.data, schedule);
}
#endif
#if 0
{
u_int32_t crc;
unsigned char *p;
memset(data, 0, sizeof(data));
len = encode_Authenticator(data + sizeof(data) - 9,
sizeof(data) - 8 - 12, &auth);
p = data + sizeof(data) - 8 - len;
p -= 12;
len += 12;
len = (len + 7) & ~7;
crc_init_table();
crc = crc_update(p, len, 0);
/* crc = htonl(crc); */
memcpy(p + 8, &crc, 4);
#if 0
des_cbc_encrypt((void*)p, (void*)p, len, schedule, &key, DES_ENCRYPT);
#endif
#if 0
ap.authenticator.etype = ap.ticket.enc_part.etype;
ap.authenticator.kvno = NULL;
ap.authenticator.cipher.data = p; /* p */
ap.authenticator.cipher.length = len; /* len */
#endif
authenticator.data = p;
authenticator.length = len;
}
#endif
{ {
krb5_creds cred, mcred; krb5_creds cred, mcred;
@@ -260,16 +145,6 @@ AP-REQ ::= [APPLICATION 14] SEQUENCE {
a.padata->len = 1; a.padata->len = 1;
a.padata->val = &foo; a.padata->val = &foo;
#if 0
foo.padata_value.length = encode_AP_REQ(buf2 + sizeof(buf2) - 1,
sizeof(buf2), &ap);
foo.padata_value.data = buf2 + sizeof(buf2) - foo.padata_value.length;
a.padata = malloc(sizeof(*a.padata));
a.padata->len = 1;
a.padata->val = &foo;
#endif
/* /*
* Encode * Encode
*/ */
@@ -296,21 +171,31 @@ AP-REQ ::= [APPLICATION 14] SEQUENCE {
return err; return err;
} }
switch(((unsigned char*)resp.data)[0] & 0x1f){ switch(((unsigned char*)resp.data)[0] & 0x1f){
case krb_error: case krb_error:{
len = decode_TGS_REP(resp.data, resp.length, &error); krb5_principal princ;
char *name;
len = decode_KRB_ERROR(resp.data, resp.length, &error);
if(len < 0) if(len < 0)
return ASN1_PARSE_ERROR; return ASN1_PARSE_ERROR;
principalname2krb5_principal(&princ, error.sname, error.realm);
krb5_unparse_name(context, princ, &name);
fprintf(stderr, "Error: %s", name);
if(error.e_text)
fprintf(stderr, " \"%s\"", *error.e_text);
fprintf(stderr, " (code %d)\n", error.error_code);
abort();
break; break;
}
case krb_tgs_rep: case krb_tgs_rep:
len = decode_TGS_REP(resp.data, resp.length, &rep.part1); len = decode_TGS_REP(resp.data, resp.length, &rep.part1);
if(len < 0) if(len < 0)
return ASN1_PARSE_ERROR; return ASN1_PARSE_ERROR;
out_creds = malloc(sizeof(*out_creds)); *out_creds = malloc(sizeof(**out_creds));
*out_creds = NULL; memset(*out_creds, 0, sizeof(**out_creds));
err = extract_ticket(context, &rep, *out_creds, key_proc, key, NULL, NULL); err = extract_ticket(context, &rep, *out_creds, key_proc, key, NULL, NULL);
if(err) if(err)
return err; return err;
return krb5_cc_store_cred (context, ccache, out_creds); return krb5_cc_store_cred (context, ccache, *out_creds);
break; break;
} }
} }