Modifications so that whether something came in on the secondary or
authorTheodore Tso <tytso@mit.edu>
Tue, 1 Sep 1992 14:49:03 +0000 (14:49 +0000)
committerTheodore Tso <tytso@mit.edu>
Tue, 1 Sep 1992 14:49:03 +0000 (14:49 +0000)
primary port is logged.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2377 dc483132-0cff-0310-8789-dd5450dbe970

src/kdc/dispatch.c
src/kdc/do_as_req.c
src/kdc/do_tgs_req.c

index 9ed95c114958c44fb14ee975833708761a16a272..037443e3c2e6634c1fa3c03cef5b1aebaa889f8f 100644 (file)
@@ -37,10 +37,11 @@ static char rcsid_dispatch_c[] =
 #include "kdc_util.h"
 
 krb5_error_code
-dispatch(pkt, from, response)
-krb5_data *pkt;
-const krb5_fulladdr *from;
-krb5_data **response;
+dispatch(pkt, from, is_secondary, response)
+    krb5_data *pkt;
+    const krb5_fulladdr *from;
+    int                is_secondary;
+    krb5_data **response;
 {
 
     krb5_error_code retval;
@@ -59,18 +60,18 @@ krb5_data **response;
 
     if (krb5_is_tgs_req(pkt)) {
        if (!(retval = decode_krb5_tgs_req(pkt, &tgs_req))) {
-           retval = process_tgs_req(tgs_req, from, response);
+           retval = process_tgs_req(tgs_req, from, is_secondary, response);
            krb5_free_kdc_req(tgs_req);
        }
     } else if (krb5_is_as_req(pkt)) {
        if (!(retval = decode_krb5_as_req(pkt, &as_req))) {
-           retval = process_as_req(as_req, from, response);
+           retval = process_as_req(as_req, from, is_secondary, response);
            krb5_free_kdc_req(as_req);
        }
     }
 #ifdef KRB4
     else if (pkt->data[0] == 4)                /* old version */
-       retval = process_v4(pkt, from, response);
+       retval = process_v4(pkt, from, is_secondary, response);
 #endif
     else
        retval = KRB5KRB_AP_ERR_MSG_TYPE;
index a9c7996fcaa82baed757b2716b359e30223ff32a..57fc8c17fee5bc40bba5b87ce3717fbf7640b74b 100644 (file)
@@ -62,9 +62,10 @@ static krb5_error_code prepare_error_as PROTOTYPE((krb5_kdc_req *,
 
 /*ARGSUSED*/
 krb5_error_code
-process_as_req(request, from, response)
+process_as_req(request, from, is_secondary, response)
 register krb5_kdc_req *request;
 const krb5_fulladdr *from;             /* who sent it ? */
+int    is_secondary;
 krb5_data **response;                  /* filled in with a response packet */
 {
 
@@ -110,7 +111,12 @@ krb5_data **response;                      /* filled in with a response packet */
     if (!fromstring)
        fromstring = "<unknown>";
 
-    syslog(LOG_INFO, "AS_REQ: host %s, %s for %s", fromstring, cname, sname);
+    if (is_secondary)
+       syslog(LOG_INFO, "AS_REQ; host %s, %s for %s", fromstring, cname,
+              sname);
+    else
+       syslog(LOG_INFO, "AS_REQ: host %s, %s for %s", fromstring, cname,
+              sname);
     free(cname);
     free(sname);
 
@@ -142,6 +148,11 @@ krb5_data **response;                      /* filled in with a response packet */
 
 #define cleanup() {krb5_db_free_principal(&client, 1); krb5_db_free_principal(&server, 1); }
 
+    if (retval = check_kdb_flags_as(request, client, server)) {
+       cleanup();
+       return(prepare_error_as(request, retval, response));
+    }
+      
     if (retval = krb5_timeofday(&kdc_time)) {
        cleanup();
        return(retval);
index eac018b506a22cf0325861be0556d7c59548f631..8baef7927a8e5c94c6e0afa6a1fc26e297ff4a3e 100644 (file)
@@ -62,9 +62,10 @@ static krb5_error_code prepare_error_tgs PROTOTYPE((krb5_kdc_req *,
                                                    krb5_data **));
 /*ARGSUSED*/
 krb5_error_code
-process_tgs_req(request, from, response)
+process_tgs_req(request, from, is_secondary, response)
 krb5_kdc_req *request;
 const krb5_fulladdr *from;             /* who sent it ? */
+int    is_secondary;
 krb5_data **response;                  /* filled in with a response packet */
 {
 
@@ -135,7 +136,12 @@ krb5_data **response;                      /* filled in with a response packet */
        return(retval);
     }
 
-    syslog(LOG_INFO, "TGS_REQ: host %s, %s for %s", fromstring, cname, sname);
+    if (is_secondary)
+       syslog(LOG_INFO, "TGS_REQ; host %s, %s for %s", fromstring, cname,
+              sname);
+    else
+       syslog(LOG_INFO, "TGS_REQ: host %s, %s for %s", fromstring, cname,
+              sname);
     free(cname);
     free(sname);
 
@@ -185,6 +191,15 @@ tgt_again:
 #define tkt_cleanup() {krb5_free_tkt_authent(req_authdat); }
 #define cleanup() { krb5_db_free_principal(&server, 1);}
 
+    if (retval = check_kdb_flags_tgs(request, server)) {
+       cleanup();
+       return(prepare_error_tgs(request,
+                                header_ticket,
+                                retval,
+                                fromstring,
+                                response));
+    }
+
     if (retval = krb5_timeofday(&kdc_time)) {
        tkt_cleanup();
        cleanup();
@@ -679,7 +694,6 @@ int *nprincs;
        return;
 
     /* move to the end */
-    /* SUPPRESS 530 */
     for (pl2 = plist; *pl2; pl2++);
 
     /* the first entry in this array is for krbtgt/local@local, so we