From: John Kohl Date: Wed, 10 Oct 1990 17:26:36 +0000 (+0000) Subject: changes for new data structures X-Git-Tag: krb5-1.0-alpha2~180 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=10bbba4d11dcfe8b4750d839ce6a3982772efd6b;p=krb5.git changes for new data structures git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1231 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/kdc/policy.c b/src/kdc/policy.c index 6f25f7cfc..d9f5f5f0e 100644 --- a/src/kdc/policy.c +++ b/src/kdc/policy.c @@ -33,7 +33,7 @@ krb5_timestamp fromtime; krb5_boolean against_flag_policy_as(request) -register krb5_as_req *request; +const register krb5_kdc_req *request; { if (isflagset(request->kdc_options, KDC_OPT_FORWARDED) || isflagset(request->kdc_options, KDC_OPT_PROXY) || @@ -47,36 +47,36 @@ register krb5_as_req *request; } krb5_boolean -against_flag_policy_tgs(request) -register krb5_tgs_req *request; +against_flag_policy_tgs(request, ticket) +const register krb5_kdc_req *request; +const register krb5_ticket *ticket; { - register krb5_real_tgs_req *realreq = request->tgs_request2; - if (((isflagset(realreq->kdc_options, KDC_OPT_FORWARDED) || - isflagset(realreq->kdc_options, KDC_OPT_FORWARDABLE)) && - !isflagset(request->header2->ticket->enc_part2->flags, + if (((isflagset(request->kdc_options, KDC_OPT_FORWARDED) || + isflagset(request->kdc_options, KDC_OPT_FORWARDABLE)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_FORWARDABLE)) || /* TGS must be forwardable to get forwarded or forwardable ticket */ - ((isflagset(realreq->kdc_options, KDC_OPT_PROXY) || - isflagset(realreq->kdc_options, KDC_OPT_PROXIABLE)) && - !isflagset(request->header2->ticket->enc_part2->flags, + ((isflagset(request->kdc_options, KDC_OPT_PROXY) || + isflagset(request->kdc_options, KDC_OPT_PROXIABLE)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_PROXIABLE)) || /* TGS must be proxiable to get proxiable ticket */ - ((isflagset(realreq->kdc_options, KDC_OPT_ALLOW_POSTDATE) || - isflagset(realreq->kdc_options, KDC_OPT_POSTDATED)) && - !isflagset(request->header2->ticket->enc_part2->flags, + ((isflagset(request->kdc_options, KDC_OPT_ALLOW_POSTDATE) || + isflagset(request->kdc_options, KDC_OPT_POSTDATED)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_MAY_POSTDATE)) || /* TGS must allow postdating to get postdated ticket */ - (isflagset(realreq->kdc_options, KDC_OPT_VALIDATE) && - !isflagset(request->header2->ticket->enc_part2->flags, + (isflagset(request->kdc_options, KDC_OPT_VALIDATE) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_INVALID)) || /* can only validate invalid tix */ - ((isflagset(realreq->kdc_options, KDC_OPT_RENEW) || - isflagset(realreq->kdc_options, KDC_OPT_RENEWABLE)) && - !isflagset(request->header2->ticket->enc_part2->flags, + ((isflagset(request->kdc_options, KDC_OPT_RENEW) || + isflagset(request->kdc_options, KDC_OPT_RENEWABLE)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_RENEWABLE))) /* can only renew renewable tix */ return TRUE; /* against policy */ diff --git a/src/kdc/policy.h b/src/kdc/policy.h index ffd3653fb..ce6fed15f 100644 --- a/src/kdc/policy.h +++ b/src/kdc/policy.h @@ -17,7 +17,8 @@ #define __KRB5_KDC_POLICY__ extern krb5_boolean against_postdate_policy PROTOTYPE((krb5_timestamp)); -extern krb5_boolean against_flag_policy_as PROTOTYPE((krb5_as_req *)); -extern krb5_boolean against_flag_policy_tgs PROTOTYPE((krb5_tgs_req *)); +extern krb5_boolean against_flag_policy_as PROTOTYPE((const krb5_kdc_req *)); +extern krb5_boolean against_flag_policy_tgs PROTOTYPE((const krb5_kdc_req *, + const krb5_ticket *)); #endif /* __KRB5_KDC_POLICY__ */