(do_version4): call check_flags.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8032 ec53bebd-3082-4978-b11e-865c3cabbd6b
2000-03-11 03:29:02 +00:00
parent 86e828c208
commit fdcc108b67
1 changed files with 39 additions and 13 deletions
--- a/kdc/kerberos4.c
+++ b/kdc/kerberos4.c
@@ -150,6 +150,8 @@ do_version4(unsigned char *buf,
    int32_t req_time;
    time_t max_life;
    u_int8_t life;
    char client_name[256];
    char server_name[256];
    sp = krb5_storage_from_mem(buf, len);
    RCHECK(krb5_ret_int8(sp, &pvno), out);
@@ -172,24 +174,36 @@ do_version4(unsigned char *buf,
 	RCHECK(krb5_ret_int8(sp, &life), out1);
 	RCHECK(krb5_ret_stringz(sp, &sname), out1);
 	RCHECK(krb5_ret_stringz(sp, &sinst), out1);
-	kdc_log(0, "AS-REQ %s.%s@%s from %s for %s.%s", 
+	snprintf (client_name, sizeof(client_name),
-		name, inst, realm, from, sname, sinst);
+		  "%s.%s@%s", name, inst, realm);
 	snprintf (server_name, sizeof(server_name),
 		  "%s.%s@%s", sname, sinst, v4_realm);
 	kdc_log(0, "AS-REQ %s from %s for %s",
 		client_name, from, server_name);
 	client = db_fetch4(name, inst, realm);
 	if(client == NULL){
-	    kdc_log(0, "Client not found in database: %s.%s@%s", 
+	    kdc_log(0, "Client not found in database: %s", client_name);
 		    name, inst, realm);
 	    make_err_reply(reply, KERB_ERR_PRINCIPAL_UNKNOWN, NULL);
 	    goto out1;
 	}
 	server = db_fetch4(sname, sinst, v4_realm);
 	if(server == NULL){
-	    kdc_log(0, "Server not found in database: %s.%s@%s", 
+	    kdc_log(0, "Server not found in database: %s", server_name);
 		    sname, sinst, v4_realm);
 	    make_err_reply(reply, KERB_ERR_PRINCIPAL_UNKNOWN, NULL);
 	    goto out1;
 	}
 	ret = check_flags (client, client_name,
 			   server, server_name,
 			   TRUE);
 	if (ret) {
 	    /* good error code? */
 	    make_err_reply(reply, KERB_ERR_NAME_EXP, NULL);
 	    goto out1;
 	}
 	/*
 	 * There's no way to do pre-authentication in v4 and thus no
 	 * good error code to return if preauthentication is required.
@@ -200,9 +214,8 @@ do_version4(unsigned char *buf,
 	    || server->flags.require_preauth) {
 	    kdc_log(0,
 		    "Pre-authentication required for v4-request: "
-		    "%s.%s@%s for %s.%s@%s", 
+		    "%s for %s",
-		    name, inst, realm,
+		    client_name, server_name);
 		    sname, sinst, v4_realm);
 	    make_err_reply(reply, KERB_ERR_NULL_KEY, NULL);
 	    goto out1;
 	}
@@ -349,8 +362,12 @@ do_version4(unsigned char *buf,
 	RCHECK(krb5_ret_int8(sp, &life), out2);
 	RCHECK(krb5_ret_stringz(sp, &sname), out2);
 	RCHECK(krb5_ret_stringz(sp, &sinst), out2);
-	kdc_log(0, "TGS-REQ %s.%s@%s from %s for %s.%s", 
+	snprintf (server_name, sizeof(server_name),
-		ad.pname, ad.pinst, ad.prealm, from, sname, sinst);
+		  "%s.%s@%s",
 		  sname, sinst, v4_realm);
 	kdc_log(0, "TGS-REQ %s.%s@%s from %s for %s",
 		ad.pname, ad.pinst, ad.prealm, from, server_name);
 	if(strcmp(ad.prealm, realm)){
 	    kdc_log(0, "Can't hop realms %s -> %s", realm, ad.prealm);
@@ -381,13 +398,22 @@ do_version4(unsigned char *buf,
 	server = db_fetch4(sname, sinst, v4_realm);
 	if(server == NULL){
 	    char *s;
-	    s = kdc_log_msg(0, "Server not found in database: %s.%s@%s", 
+	    s = kdc_log_msg(0, "Server not found in database: %s",
-			    sname, sinst, v4_realm);
+			    server_name);
 	    make_err_reply(reply, KERB_ERR_PRINCIPAL_UNKNOWN, s);
 	    free(s);
 	    goto out2;
 	}
 	ret = check_flags (NULL, NULL,
 			   server, server_name,
 			   FALSE);
 	if (ret) {
 	    /* good error code? */
 	    make_err_reply(reply, KERB_ERR_NAME_EXP, NULL);
 	    goto out2;
 	}
 	ret = get_des_key(server, &skey);
 	if(ret){
 	    kdc_log(0, "%s", krb5_get_err_text(context, ret));