always compile in support for 524
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11573 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
@@ -35,7 +35,9 @@
|
|||||||
|
|
||||||
RCSID("$Id$");
|
RCSID("$Id$");
|
||||||
|
|
||||||
#ifdef KRB4
|
#ifndef KRB4
|
||||||
|
#include <krb5-v4compat.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* fetch the server from `t', returning the name in malloced memory in
|
* fetch the server from `t', returning the name in malloced memory in
|
||||||
@@ -361,5 +363,3 @@ out:
|
|||||||
free_ent (server);
|
free_ent (server);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* KRB4 */
|
|
||||||
|
|||||||
13
kdc/config.c
13
kdc/config.c
@@ -71,10 +71,11 @@ krb5_addresses explicit_addresses;
|
|||||||
#ifdef KRB4
|
#ifdef KRB4
|
||||||
char *v4_realm;
|
char *v4_realm;
|
||||||
int enable_v4 = -1;
|
int enable_v4 = -1;
|
||||||
int enable_524 = -1;
|
|
||||||
int enable_kaserver = -1;
|
int enable_kaserver = -1;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
int enable_524 = -1;
|
||||||
|
|
||||||
static int help_flag;
|
static int help_flag;
|
||||||
static int version_flag;
|
static int version_flag;
|
||||||
|
|
||||||
@@ -98,13 +99,13 @@ static struct getargs args[] = {
|
|||||||
},
|
},
|
||||||
#endif
|
#endif
|
||||||
{ "enable-http", 'H', arg_flag, &enable_http, "turn on HTTP support" },
|
{ "enable-http", 'H', arg_flag, &enable_http, "turn on HTTP support" },
|
||||||
|
{ "524", 0, arg_negative_flag, &enable_524,
|
||||||
|
"don't respond to 524 requests"
|
||||||
|
},
|
||||||
#ifdef KRB4
|
#ifdef KRB4
|
||||||
{ "kerberos4", 0, arg_negative_flag, &enable_v4,
|
{ "kerberos4", 0, arg_negative_flag, &enable_v4,
|
||||||
"don't respond to kerberos 4 requests"
|
"don't respond to kerberos 4 requests"
|
||||||
},
|
},
|
||||||
{ "524", 0, arg_negative_flag, &enable_524,
|
|
||||||
"don't respond to 524 requests"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"v4-realm", 'r', arg_string, &v4_realm,
|
"v4-realm", 'r', arg_string, &v4_realm,
|
||||||
"realm to serve v4-requests for"
|
"realm to serve v4-requests for"
|
||||||
@@ -334,10 +335,12 @@ configure(int argc, char **argv)
|
|||||||
if(enable_v4 == -1)
|
if(enable_v4 == -1)
|
||||||
enable_v4 = krb5_config_get_bool_default(context, NULL, TRUE, "kdc",
|
enable_v4 = krb5_config_get_bool_default(context, NULL, TRUE, "kdc",
|
||||||
"enable-kerberos4", NULL);
|
"enable-kerberos4", NULL);
|
||||||
|
#else
|
||||||
|
#define enable_v4 0
|
||||||
|
#endif
|
||||||
if(enable_524 == -1)
|
if(enable_524 == -1)
|
||||||
enable_524 = krb5_config_get_bool_default(context, NULL, enable_v4,
|
enable_524 = krb5_config_get_bool_default(context, NULL, enable_v4,
|
||||||
"kdc", "enable-524", NULL);
|
"kdc", "enable-524", NULL);
|
||||||
#endif
|
|
||||||
|
|
||||||
if(enable_http == -1)
|
if(enable_http == -1)
|
||||||
enable_http = krb5_config_get_bool(context, NULL, "kdc",
|
enable_http = krb5_config_get_bool(context, NULL, "kdc",
|
||||||
|
|||||||
@@ -131,15 +131,15 @@ add_standard_ports (int family)
|
|||||||
add_port_service(family, "kerberos-sec", 88, "tcp");
|
add_port_service(family, "kerberos-sec", 88, "tcp");
|
||||||
if(enable_http)
|
if(enable_http)
|
||||||
add_port_service(family, "http", 80, "tcp");
|
add_port_service(family, "http", 80, "tcp");
|
||||||
|
if(enable_524) {
|
||||||
|
add_port_service(family, "krb524", 4444, "udp");
|
||||||
|
add_port_service(family, "krb524", 4444, "tcp");
|
||||||
|
}
|
||||||
#ifdef KRB4
|
#ifdef KRB4
|
||||||
if(enable_v4) {
|
if(enable_v4) {
|
||||||
add_port_service(family, "kerberos-iv", 750, "udp");
|
add_port_service(family, "kerberos-iv", 750, "udp");
|
||||||
add_port_service(family, "kerberos-iv", 750, "tcp");
|
add_port_service(family, "kerberos-iv", 750, "tcp");
|
||||||
}
|
}
|
||||||
if(enable_524) {
|
|
||||||
add_port_service(family, "krb524", 4444, "udp");
|
|
||||||
add_port_service(family, "krb524", 4444, "tcp");
|
|
||||||
}
|
|
||||||
if (enable_kaserver)
|
if (enable_kaserver)
|
||||||
add_port_service(family, "afs3-kaserver", 7004, "udp");
|
add_port_service(family, "afs3-kaserver", 7004, "udp");
|
||||||
#endif
|
#endif
|
||||||
@@ -358,9 +358,7 @@ process_request(unsigned char *buf,
|
|||||||
struct sockaddr *addr)
|
struct sockaddr *addr)
|
||||||
{
|
{
|
||||||
KDC_REQ req;
|
KDC_REQ req;
|
||||||
#ifdef KRB4
|
|
||||||
Ticket ticket;
|
Ticket ticket;
|
||||||
#endif
|
|
||||||
krb5_error_code ret;
|
krb5_error_code ret;
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
@@ -373,21 +371,20 @@ process_request(unsigned char *buf,
|
|||||||
ret = tgs_rep(&req, reply, from, addr);
|
ret = tgs_rep(&req, reply, from, addr);
|
||||||
free_TGS_REQ(&req);
|
free_TGS_REQ(&req);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
|
||||||
#ifdef KRB4
|
|
||||||
else if(maybe_version4(buf, len)){
|
|
||||||
*sendlength = 0; /* elbitapmoc sdrawkcab XXX */
|
|
||||||
do_version4(buf, len, reply, from, (struct sockaddr_in*)addr);
|
|
||||||
return 0;
|
|
||||||
}else if(decode_Ticket(buf, len, &ticket, &i) == 0){
|
}else if(decode_Ticket(buf, len, &ticket, &i) == 0){
|
||||||
ret = do_524(&ticket, reply, from, addr);
|
ret = do_524(&ticket, reply, from, addr);
|
||||||
free_Ticket(&ticket);
|
free_Ticket(&ticket);
|
||||||
return ret;
|
return ret;
|
||||||
|
#ifdef KRB4
|
||||||
|
} else if(maybe_version4(buf, len)){
|
||||||
|
*sendlength = 0; /* elbitapmoc sdrawkcab XXX */
|
||||||
|
do_version4(buf, len, reply, from, (struct sockaddr_in*)addr);
|
||||||
|
return 0;
|
||||||
} else if (enable_kaserver) {
|
} else if (enable_kaserver) {
|
||||||
ret = do_kaserver (buf, len, reply, from, (struct sockaddr_in*)addr);
|
ret = do_kaserver (buf, len, reply, from, (struct sockaddr_in*)addr);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
|
||||||
#endif
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user