From b1564c84c3a58086b16d0a43f77004607699b89e Mon Sep 17 00:00:00 2001
From: Assar Westerlund <assar@sics.se>
Date: Sun, 23 Jul 2000 21:32:42 +0000
Subject: [PATCH] (main): check that the ticket was for `hprop/' for paranoid
 reasons

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8790 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/hpropd.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/kdc/hpropd.c b/kdc/hpropd.c
index 0485c2ddd..739e45aea 100644
--- a/kdc/hpropd.c
+++ b/kdc/hpropd.c
@@ -252,6 +252,8 @@ main(int argc, char **argv)
 	struct sockaddr *sa = (struct sockaddr *)&ss;
 	int sin_len = sizeof(ss);
 	char addr_name[256];
+	krb5_ticket *ticket;
+	char *server;
 
 	fd = STDIN_FILENO;
 	if (inetd_flag == -1) {
@@ -292,10 +294,19 @@ main(int argc, char **argv)
 	}
 
 	ret = krb5_recvauth(context, &ac, &fd, HPROP_VERSION, NULL,
-			    0, keytab, NULL);
+			    0, keytab, &ticket);
 	if(ret)
 	    krb5_err(context, 1, ret, "krb5_recvauth");
 	
+	ret = krb5_unparse_name(context, ticket->server, &server);
+	if (ret)
+	    krb5_err(context, 1, ret, "krb5_unparse_name");
+	if (strncmp(server, "hprop/", 5) != 0)
+	    krb5_errx(context, 1, "ticket not for hprop (%s)", server);
+
+	free(server);
+	krb5_free_ticket (context, ticket);
+
 	ret = krb5_auth_getauthenticator(context, ac, &authent);
 	if(ret)
 	    krb5_err(context, 1, ret, "krb5_auth_getauthenticator");