oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(do_authenticate, do_getticket): call check_flags

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8033 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
2000-03-11 03:29:37 +00:00
parent fdcc108b67
commit d52e863cc2
1 changed files with 32 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
kdc/kaserver.c
View File

@@ -398,28 +398,43 @@ do_authenticate (struct rx_header *hdr,
time_t max_life; time_t max_life;
u_int8_t life; u_int8_t life;
int32_t chal; int32_t chal;
char client_name[256];
char server_name[256];
krb5_data_zero (&request); krb5_data_zero (&request);
unparse_auth_args (sp, &name, &instance, &start_time, &end_time, unparse_auth_args (sp, &name, &instance, &start_time, &end_time,
&request, &max_seq_len); &request, &max_seq_len);
snprintf (client_name, sizeof(client_name), "%s.%s@%s",
name, instance, v4_realm);
client_entry = db_fetch4 (name, instance, v4_realm); client_entry = db_fetch4 (name, instance, v4_realm);
if (client_entry == NULL) { if (client_entry == NULL) {
kdc_log(0, "Client not found in database: %s.%s@%s", kdc_log(0, "Client not found in database: %s",
name, instance, v4_realm); client_name);
make_error_reply (hdr, KANOENT, reply); make_error_reply (hdr, KANOENT, reply);
goto out; goto out;
} }
snprintf (server_name, sizeof(server_name), "%s.%s@%s",
"krbtgt", v4_realm, v4_realm);
server_entry = db_fetch4 ("krbtgt", v4_realm, v4_realm); server_entry = db_fetch4 ("krbtgt", v4_realm, v4_realm);
if (server_entry == NULL) { if (server_entry == NULL) {
kdc_log(0, "Server not found in database: %s.%s@%s", kdc_log(0, "Server not found in database: %s", server_name);
"krbtgt", v4_realm, v4_realm);
make_error_reply (hdr, KANOENT, reply); make_error_reply (hdr, KANOENT, reply);
goto out; goto out;
} }
ret = check_flags (client_entry, client_name,
server_entry, server_name,
TRUE);
if (ret) {
make_error_reply (hdr, KAPWEXPIRED, reply);
goto out;
}
/* find a DES key */ /* find a DES key */
ret = get_des_key(client_entry, &ckey); ret = get_des_key(client_entry, &ckey);
if(ret){ if(ret){
@@ -575,6 +590,7 @@ do_getticket (struct rx_header *hdr,
char pname[ANAME_SZ]; char pname[ANAME_SZ];
char pinst[INST_SZ]; char pinst[INST_SZ];
char prealm[REALM_SZ]; char prealm[REALM_SZ];
char server_name[256];
krb5_data_zero (&aticket); krb5_data_zero (&aticket);
krb5_data_zero (&times); krb5_data_zero (&times);
@@ -582,14 +598,24 @@ do_getticket (struct rx_header *hdr,
unparse_getticket_args (sp, &kvno, &auth_domain, &aticket, unparse_getticket_args (sp, &kvno, &auth_domain, &aticket,
&name, &instance, &times, &max_seq_len); &name, &instance, &times, &max_seq_len);
snprintf (server_name, sizeof(server_name),
"%s.%s@%s", name, instance, v4_realm);
server_entry = db_fetch4 (name, instance, v4_realm); server_entry = db_fetch4 (name, instance, v4_realm);
if (server_entry == NULL) { if (server_entry == NULL) {
kdc_log(0, "Server not found in database: %s.%s@%s", kdc_log(0, "Server not found in database: %s", server_name);
name, instance, v4_realm);
make_error_reply (hdr, KANOENT, reply); make_error_reply (hdr, KANOENT, reply);
goto out; goto out;
} }
ret = check_flags (NULL, NULL,
server_entry, server_name,
FALSE);
if (ret) {
make_error_reply (hdr, KAPWEXPIRED, reply);
goto out;
}
krbtgt_entry = db_fetch4 ("krbtgt", v4_realm, v4_realm); krbtgt_entry = db_fetch4 ("krbtgt", v4_realm, v4_realm);
if (krbtgt_entry == NULL) { if (krbtgt_entry == NULL) {
kdc_log(0, "Server not found in database: %s.%s@%s", kdc_log(0, "Server not found in database: %s.%s@%s",