diff --git a/kdc/524.c b/kdc/524.c index 2c0c70204..84b17d288 100644 --- a/kdc/524.c +++ b/kdc/524.c @@ -35,7 +35,9 @@ RCSID("$Id$"); -#ifdef KRB4 +#ifndef KRB4 +#include +#endif /* * fetch the server from `t', returning the name in malloced memory in @@ -361,5 +363,3 @@ out: free_ent (server); return ret; } - -#endif /* KRB4 */ diff --git a/kdc/config.c b/kdc/config.c index 987801aa3..f14730ef1 100644 --- a/kdc/config.c +++ b/kdc/config.c @@ -71,10 +71,11 @@ krb5_addresses explicit_addresses; #ifdef KRB4 char *v4_realm; int enable_v4 = -1; -int enable_524 = -1; int enable_kaserver = -1; #endif +int enable_524 = -1; + static int help_flag; static int version_flag; @@ -98,13 +99,13 @@ static struct getargs args[] = { }, #endif { "enable-http", 'H', arg_flag, &enable_http, "turn on HTTP support" }, + { "524", 0, arg_negative_flag, &enable_524, + "don't respond to 524 requests" + }, #ifdef KRB4 { "kerberos4", 0, arg_negative_flag, &enable_v4, "don't respond to kerberos 4 requests" }, - { "524", 0, arg_negative_flag, &enable_524, - "don't respond to 524 requests" - }, { "v4-realm", 'r', arg_string, &v4_realm, "realm to serve v4-requests for" @@ -334,10 +335,12 @@ configure(int argc, char **argv) if(enable_v4 == -1) enable_v4 = krb5_config_get_bool_default(context, NULL, TRUE, "kdc", "enable-kerberos4", NULL); +#else +#define enable_v4 0 +#endif if(enable_524 == -1) enable_524 = krb5_config_get_bool_default(context, NULL, enable_v4, "kdc", "enable-524", NULL); -#endif if(enable_http == -1) enable_http = krb5_config_get_bool(context, NULL, "kdc", diff --git a/kdc/connect.c b/kdc/connect.c index 1f3ebaa9e..82006777f 100644 --- a/kdc/connect.c +++ b/kdc/connect.c @@ -131,15 +131,15 @@ add_standard_ports (int family) add_port_service(family, "kerberos-sec", 88, "tcp"); if(enable_http) add_port_service(family, "http", 80, "tcp"); + if(enable_524) { + add_port_service(family, "krb524", 4444, "udp"); + add_port_service(family, "krb524", 4444, "tcp"); + } #ifdef KRB4 if(enable_v4) { add_port_service(family, "kerberos-iv", 750, "udp"); add_port_service(family, "kerberos-iv", 750, "tcp"); } - if(enable_524) { - add_port_service(family, "krb524", 4444, "udp"); - add_port_service(family, "krb524", 4444, "tcp"); - } if (enable_kaserver) add_port_service(family, "afs3-kaserver", 7004, "udp"); #endif @@ -358,9 +358,7 @@ process_request(unsigned char *buf, struct sockaddr *addr) { KDC_REQ req; -#ifdef KRB4 Ticket ticket; -#endif krb5_error_code ret; size_t i; @@ -373,21 +371,20 @@ process_request(unsigned char *buf, ret = tgs_rep(&req, reply, from, addr); free_TGS_REQ(&req); return ret; - } -#ifdef KRB4 - else if(maybe_version4(buf, len)){ - *sendlength = 0; /* elbitapmoc sdrawkcab XXX */ - do_version4(buf, len, reply, from, (struct sockaddr_in*)addr); - return 0; }else if(decode_Ticket(buf, len, &ticket, &i) == 0){ ret = do_524(&ticket, reply, from, addr); free_Ticket(&ticket); return ret; +#ifdef KRB4 + } else if(maybe_version4(buf, len)){ + *sendlength = 0; /* elbitapmoc sdrawkcab XXX */ + do_version4(buf, len, reply, from, (struct sockaddr_in*)addr); + return 0; } else if (enable_kaserver) { ret = do_kaserver (buf, len, reply, from, (struct sockaddr_in*)addr); return ret; - } #endif + } return -1; }