limit_string() to make sure the length of cname and sname
are reasonable.
* kdc_util.c (limit_string): New function which limits the strings
that will end up in log files to "reasonable" lengths.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10091
dc483132-0cff-0310-8789-
dd5450dbe970
+Thu May 29 21:08:24 1997 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * do_as_req.c (process_as_req), do_tgs_req (process_tgs_req): Use
+ limit_string() to make sure the length of cname and sname
+ are reasonable.
+
+ * kdc_util.c (limit_string): New function which limits the strings
+ that will end up in log files to "reasonable" lengths.
+
Tue Feb 18 09:56:16 1997 Ezra Peisach <epeisach@mit.edu>
* kerberos_v4.c: Remove include of krb4-proto.h
status = "UNPARSING_CLIENT";
goto errout;
}
+ limit_string(cname);
if (!request->server) {
status = "NULL_SERVER";
errcode = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
status = "UNPARSING_SERVER";
goto errout;
}
+ limit_string(sname);
c_nprincs = 1;
if ((errcode = krb5_db_get_principal(kdc_context, request->client,
status = "UNPARSING SERVER";
goto cleanup;
}
+ limit_string(sname);
/* errcode = kdc_process_tgs_req(request, from, pkt, &req_authdat); */
errcode = kdc_process_tgs_req(request, from, pkt, &header_ticket, &subkey);
errcode = errcode2;
goto cleanup;
}
-
+ limit_string(cname);
+
if (errcode) {
status = "PROCESS_TGS";
goto cleanup;
{
unsigned char *estream; /* end of stream */
int classes; /* # classes seen so far this level */
- int levels = 0; /* levels seen so far */
+ unsigned int levels = 0; /* levels seen so far */
int lastlevel = 1000; /* last level seen */
int length; /* various lengths */
int tag; /* tag number */
return 0;
}
+/*
+ * Limit strings to a "reasonable" length to prevent crowding out of
+ * other useful information in the log entry
+ */
+#define NAME_LENGTH_LIMIT 128
-
-
-
-
+void limit_string(char *name)
+{
+ int i;
+
+ if (strlen(name) < NAME_LENGTH_LIMIT)
+ return;
+
+ i = NAME_LENGTH_LIMIT-4;
+ name[i++] = '.';
+ name[i++] = '.';
+ name[i++] = '.';
+ name[i] = '\0';
+ return;
+}
get_salt_from_key PROTOTYPE((krb5_context, krb5_principal,
krb5_key_data *, krb5_data *));
+void limit_string PROTOTYPE((char *name));
+
/* do_as_req.c */
krb5_error_code process_as_req PROTOTYPE((krb5_kdc_req *,
const krb5_fulladdr *,
projects / krb5.git / commitdiff