From ddddd59d94d18871043a4c49112df49e5f824a3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Tue, 13 Dec 2005 19:44:27 +0000 Subject: [PATCH] Finish up transition from hdb_entry to hdb_entry_ex. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16402 ec53bebd-3082-4978-b11e-865c3cabbd6b --- kdc/524.c | 10 ++++----- kdc/kaserver.c | 45 +++++++++++++++++++++-------------------- kdc/kerberos4.c | 54 ++++++++++++++++++++++++------------------------- 3 files changed, 55 insertions(+), 54 deletions(-) diff --git a/kdc/524.c b/kdc/524.c index 29615672a..f4ef013bd 100644 --- a/kdc/524.c +++ b/kdc/524.c @@ -47,7 +47,7 @@ fetch_server (krb5_context context, krb5_kdc_configuration *config, const Ticket *t, char **spn, - hdb_entry **server, + hdb_entry_ex **server, const char *from) { krb5_error_code ret; @@ -221,7 +221,7 @@ static krb5_error_code encode_524_response(krb5_context context, krb5_kdc_configuration *config, const char *spn, const EncTicketPart et, - const Ticket *t, hdb_entry *server, + const Ticket *t, hdb_entry_ex *server, EncryptedData *ticket, int *kvno) { krb5_error_code ret; @@ -274,7 +274,7 @@ encode_524_response(krb5_context context, "Failed to encrypt v4 ticket (%s)", spn); return ret; } - *kvno = server->kvno; + *kvno = server->entry.kvno; } return 0; @@ -293,7 +293,7 @@ _kdc_do_524(krb5_context context, { krb5_error_code ret = 0; krb5_crypto crypto; - hdb_entry *server = NULL; + hdb_entry_ex *server = NULL; Key *skey; krb5_data et_data; EncTicketPart et; @@ -316,7 +316,7 @@ _kdc_do_524(krb5_context context, goto out; } - ret = hdb_enctype2key(context, server, t->enc_part.etype, &skey); + ret = hdb_enctype2key(context, &server->entry, t->enc_part.etype, &skey); if(ret){ kdc_log(context, config, 0, "No suitable key found for server (%s) from %s", spn, from); diff --git a/kdc/kaserver.c b/kdc/kaserver.c index 7d98566fa..f258bd333 100644 --- a/kdc/kaserver.c +++ b/kdc/kaserver.c @@ -404,8 +404,8 @@ do_authenticate (krb5_context context, time_t end_time; krb5_data request; int32_t max_seq_len; - hdb_entry *client_entry = NULL; - hdb_entry *server_entry = NULL; + hdb_entry_ex *client_entry = NULL; + hdb_entry_ex *server_entry = NULL; Key *ckey = NULL; Key *skey = NULL; krb5_storage *reply_sp; @@ -451,8 +451,8 @@ do_authenticate (krb5_context context, } ret = _kdc_check_flags (context, config, - client_entry, client_name, - server_entry, server_name, + &client_entry->entry, client_name, + &server_entry->entry, server_name, TRUE); if (ret) { make_error_reply (hdr, KAPWEXPIRED, reply); @@ -514,17 +514,17 @@ do_authenticate (krb5_context context, time skew between client and server. Let's make sure it is postive */ if(max_life < 1) max_life = 1; - if (client_entry->max_life) - max_life = min(max_life, *client_entry->max_life); - if (server_entry->max_life) - max_life = min(max_life, *server_entry->max_life); + if (client_entry->entry.max_life) + max_life = min(max_life, *client_entry->entry.max_life); + if (server_entry->entry.max_life) + max_life = min(max_life, *server_entry->entry.max_life); life = krb_time_to_life(kdc_time, kdc_time + max_life); create_reply_ticket (context, hdr, skey, name, instance, config->v4_realm, - addr, life, server_entry->kvno, + addr, life, server_entry->entry.kvno, max_seq_len, "krbtgt", config->v4_realm, chal + 1, "tgsT", @@ -616,9 +616,9 @@ do_getticket (krb5_context context, char *instance = NULL; krb5_data times; int32_t max_seq_len; - hdb_entry *server_entry = NULL; - hdb_entry *client_entry = NULL; - hdb_entry *krbtgt_entry = NULL; + hdb_entry_ex *server_entry = NULL; + hdb_entry_ex *client_entry = NULL; + hdb_entry_ex *krbtgt_entry = NULL; Key *kkey = NULL; Key *skey = NULL; DES_cblock key; @@ -647,7 +647,8 @@ do_getticket (krb5_context context, snprintf (server_name, sizeof(server_name), "%s.%s@%s", name, instance, config->v4_realm); - ret = _kdc_db_fetch4 (context, config, name, instance, config->v4_realm, &server_entry); + ret = _kdc_db_fetch4 (context, config, name, instance, + config->v4_realm, &server_entry); if (ret) { kdc_log(context, config, 0, "Server not found in database: %s: %s", server_name, krb5_get_err_text(context, ret)); @@ -746,8 +747,8 @@ do_getticket (krb5_context context, } ret = _kdc_check_flags (context, config, - client_entry, client_name, - server_entry, server_name, + &client_entry->entry, client_name, + &server_entry->entry, server_name, FALSE); if (ret) { make_error_reply (hdr, KAPWEXPIRED, reply); @@ -783,21 +784,21 @@ do_getticket (krb5_context context, time skew between client and server. Let's make sure it is postive */ if(max_life < 1) max_life = 1; - if (krbtgt_entry->max_life) - max_life = min(max_life, *krbtgt_entry->max_life); - if (server_entry->max_life) - max_life = min(max_life, *server_entry->max_life); + if (krbtgt_entry->entry.max_life) + max_life = min(max_life, *krbtgt_entry->entry.max_life); + if (server_entry->entry.max_life) + max_life = min(max_life, *server_entry->entry.max_life); /* if this is a cross realm request, the client_entry will likely be NULL */ - if (client_entry && client_entry->max_life) - max_life = min(max_life, *client_entry->max_life); + if (client_entry && client_entry->entry.max_life) + max_life = min(max_life, *client_entry->entry.max_life); life = _krb5_krb_time_to_life(kdc_time, kdc_time + max_life); create_reply_ticket (context, hdr, skey, ad.pname, ad.pinst, ad.prealm, - addr, life, server_entry->kvno, + addr, life, server_entry->entry.kvno, max_seq_len, name, instance, 0, "gtkt", diff --git a/kdc/kerberos4.c b/kdc/kerberos4.c index 48e1a8b8c..04d1c0829 100644 --- a/kdc/kerberos4.c +++ b/kdc/kerberos4.c @@ -70,7 +70,7 @@ valid_princ(krb5_context context, krb5_kdc_configuration *config = funcctx; krb5_error_code ret; char *s; - hdb_entry *ent; + hdb_entry_ex *ent; ret = krb5_unparse_name(context, princ, &s); if (ret) @@ -125,7 +125,7 @@ _kdc_do_version4(krb5_context context, { krb5_storage *sp; krb5_error_code ret; - hdb_entry *client = NULL, *server = NULL; + hdb_entry_ex *client = NULL, *server = NULL; Key *ckey, *skey; int8_t pvno; int8_t msg_type; @@ -190,7 +190,7 @@ _kdc_do_version4(krb5_context context, goto out1; } ret = _kdc_db_fetch4(context, config, sname, sinst, - config->v4_realm, &server); + config->v4_realm, &server); if(ret){ kdc_log(context, config, 0, "Server not found in database: %s: %s", server_name, krb5_get_err_text(context, ret)); @@ -200,8 +200,8 @@ _kdc_do_version4(krb5_context context, } ret = _kdc_check_flags (context, config, - client, client_name, - server, server_name, + &client->entry, client_name, + &server->entry, server_name, TRUE); if (ret) { /* good error code? */ @@ -216,8 +216,8 @@ _kdc_do_version4(krb5_context context, */ if (config->require_preauth - || client->flags.require_preauth - || server->flags.require_preauth) { + || client->entry.flags.require_preauth + || server->entry.flags.require_preauth) { kdc_log(context, config, 0, "Pre-authentication required for v4-request: " "%s for %s", @@ -239,7 +239,7 @@ _kdc_do_version4(krb5_context context, /* this is not necessary with the new code in libkrb */ /* find a properly salted key */ while(ckey->salt == NULL || ckey->salt->salt.length != 0) - ret = hdb_next_keytype2key(context, client, KEYTYPE_DES, &ckey); + ret = hdb_next_keytype2key(context, &client->entry, KEYTYPE_DES, &ckey); if(ret){ kdc_log(context, config, 0, "No version-4 salted key in database -- %s.%s@%s", name, inst, realm); @@ -259,10 +259,10 @@ _kdc_do_version4(krb5_context context, } max_life = _krb5_krb_life_to_time(0, life); - if(client->max_life) - max_life = min(max_life, *client->max_life); - if(server->max_life) - max_life = min(max_life, *server->max_life); + if(client->entry.max_life) + max_life = min(max_life, *client->entry.max_life); + if(server->entry.max_life) + max_life = min(max_life, *server->entry.max_life); life = krb_time_to_life(kdc_time, kdc_time + max_life); @@ -301,7 +301,7 @@ _kdc_do_version4(krb5_context context, sinst, config->v4_realm, life, - server->kvno % 255, + server->entry.kvno % 255, &ticket, kdc_time, &ckey->key, @@ -320,8 +320,8 @@ _kdc_do_version4(krb5_context context, realm, req_time, 0, - client->pw_end ? *client->pw_end : 0, - client->kvno % 256, + client->entry.pw_end ? *client->entry.pw_end : 0, + client->entry.kvno % 256, &cipher, reply); krb5_data_free(&cipher); @@ -338,7 +338,7 @@ _kdc_do_version4(krb5_context context, int32_t address; size_t pos; krb5_principal tgt_princ = NULL; - hdb_entry *tgt = NULL; + hdb_entry_ex *tgt = NULL; Key *tkey; time_t max_end, actual_end, issue_time; @@ -372,10 +372,10 @@ _kdc_do_version4(krb5_context context, goto out2; } - if(tgt->kvno % 256 != kvno){ + if(tgt->entry.kvno % 256 != kvno){ kdc_log(context, config, 0, "tgs-req (krb4) with old kvno %d (current %d) for " - "krbtgt.%s@%s", kvno, tgt->kvno % 256, + "krbtgt.%s@%s", kvno, tgt->entry.kvno % 256, realm, config->v4_realm); make_err_reply(context, reply, KDC_AUTH_EXP, "old krbtgt kvno used"); @@ -487,8 +487,8 @@ _kdc_do_version4(krb5_context context, } ret = _kdc_check_flags (context, config, - client, client_name, - server, server_name, + &client->entry, client_name, + &server->entry, server_name, FALSE); if (ret) { /* good error code? */ @@ -509,10 +509,10 @@ _kdc_do_version4(krb5_context context, max_end = _krb5_krb_life_to_time(ad.time_sec, ad.life); max_end = min(max_end, _krb5_krb_life_to_time(kdc_time, life)); - if(server->max_life) - max_end = min(max_end, kdc_time + *server->max_life); - if(client && client->max_life) - max_end = min(max_end, kdc_time + *client->max_life); + if(server->entry.max_life) + max_end = min(max_end, kdc_time + *server->entry.max_life); + if(client && client->entry.max_life) + max_end = min(max_end, kdc_time + *client->entry.max_life); life = min(life, krb_time_to_life(kdc_time, max_end)); issue_time = kdc_time; @@ -569,7 +569,7 @@ _kdc_do_version4(krb5_context context, sinst, config->v4_realm, life, - server->kvno % 255, + server->entry.kvno % 255, &ticket, issue_time, &ad.session, @@ -719,7 +719,7 @@ _kdc_encode_v4_ticket(krb5_context context, krb5_error_code _kdc_get_des_key(krb5_context context, - hdb_entry *principal, krb5_boolean is_server, + hdb_entry_ex *principal, krb5_boolean is_server, krb5_boolean prefer_afs_key, Key **ret_key) { Key *v5_key = NULL, *v4_key = NULL, *afs_key = NULL, *server_key = NULL; @@ -734,7 +734,7 @@ _kdc_get_des_key(krb5_context context, afs_key == NULL || server_key == NULL); ++i) { Key *key = NULL; - while(hdb_next_enctype2key(context, principal, etypes[i], &key) == 0) { + while(hdb_next_enctype2key(context, &principal->entry, etypes[i], &key) == 0) { if(key->salt == NULL) { if(v5_key == NULL) v5_key = key;