Verify who tries to transmit a database. Context to

krb5_getportbyname.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3313 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1997-08-31 17:52:05 +00:00
parent db041ac3d3
commit e9f6d0e17c

View File

@@ -58,7 +58,7 @@ int open_socket(krb5_context context)
setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = krb5_getportbyname ("hprop", "tcp", htons(HPROP_PORT));
sin.sin_port = krb5_getportbyname (context, "hprop", "tcp", HPROP_PORT);
if(bind(s, (struct sockaddr*)&sin, sizeof(sin)) < 0){
krb5_warn(context, errno, "bind");
close(s);
@@ -107,6 +107,8 @@ int main(int argc, char **argv)
krb5_context context;
krb5_auth_context ac = NULL;
krb5_principal server;
krb5_principal c1, c2;
krb5_authenticator authent;
krb5_keytab keytab;
int fd;
HDB *db;
@@ -156,6 +158,20 @@ int main(int argc, char **argv)
ret = krb5_recvauth(context, &ac, &fd, HPROP_VERSION, server, 0, keytab, NULL);
if(ret) krb5_err(context, 1, ret, "krb5_recvauth");
ret = krb5_auth_getauthenticator(context, ac, &authent);
if(ret) krb5_err(context, 1, ret, "krb5_auth_getauthenticator");
ret = krb5_make_principal(context, &c1, NULL, "kadmin", "hprop", NULL);
if(ret) krb5_err(context, 1, ret, "krb5_make_principal");
principalname2krb5_principal(&c2, authent->cname, authent->crealm);
if(!krb5_principal_compare(context, c1, c2)){
char *s;
krb5_unparse_name(context, c2, &s);
krb5_errx(context, 1, "Unauthorized connection from %s", s);
}
krb5_free_principal(context, c1);
krb5_free_principal(context, c2);
ret = krb5_kt_close(context, keytab);
if(ret) krb5_err(context, 1, ret, "krb5_kt_close");