From: John Kohl Date: Wed, 10 Oct 1990 17:28:20 +0000 (+0000) Subject: changes for new kdc request structure X-Git-Tag: krb5-1.0-alpha2~178 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=a7f32e8361d3af3aed583057a3b76c3dbe3f6180;p=krb5.git changes for new kdc request structure git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1233 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index 065011ecc..b4925775f 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -37,9 +37,9 @@ static char rcsid_do_as_req_c[] = #include "policy.h" #include "extern.h" -static krb5_error_code prepare_error_as PROTOTYPE((krb5_as_req *, - int, - krb5_data **)); +static krb5_error_code prepare_error_as PROTOTYPE((krb5_kdc_req *, + int, + krb5_data **)); /* * Do all the processing required for a AS_REQ @@ -50,7 +50,7 @@ static krb5_error_code prepare_error_as PROTOTYPE((krb5_as_req *, /*ARGSUSED*/ krb5_error_code process_as_req(request, from, response) -register krb5_as_req *request; +register krb5_kdc_req *request; const krb5_fulladdr *from; /* who sent it ? */ krb5_data **response; /* filled in with a response packet */ { @@ -70,10 +70,21 @@ krb5_data **response; /* filled in with a response packet */ krb5_timestamp until, rtime; char *cname = 0, *sname = 0, *fromstring = 0; - if (retval = krb5_unparse_name(request->client, &cname)) - return(retval); + if (!request->client) + return(prepare_error_as(request, KDC_ERR_C_PRINCIPAL_UNKNOWN, + response)); + if (retval = krb5_unparse_name(request->client, &cname)) { + syslog(LOG_INFO, "AS_REQ: %s while unparsing client name", + error_message(retval)); + return(prepare_error_as(request, KDC_ERR_C_PRINCIPAL_UNKNOWN, + response)); + } if (retval = krb5_unparse_name(request->server, &sname)) { free(cname); + syslog(LOG_INFO, "AS_REQ: %s while unparsing server name", + error_message(retval)); + return(prepare_error_as(request, KDC_ERR_S_PRINCIPAL_UNKNOWN, + response)); return(retval); } #ifdef KRB5_USE_INET @@ -142,8 +153,8 @@ krb5_data **response; /* filled in with a response packet */ ticket_reply.server = request->server; - ticket_reply.etype = request->etype; - ticket_reply.skvno = server.kvno; + ticket_reply.enc_part.etype = request->etype; + ticket_reply.enc_part.kvno = server.kvno; enc_tkt_reply.flags = 0; @@ -219,8 +230,6 @@ krb5_data **response; /* filled in with a response packet */ enc_tkt_reply.caddrs = request->addresses; enc_tkt_reply.authorization_data = 0; /* XXX? */ - /* XXX need separate etypes for ticket encryption and kdc_rep encryption */ - ticket_reply.enc_part2 = &enc_tkt_reply; /* convert server.key into a real key (it may be encrypted @@ -230,7 +239,6 @@ krb5_data **response; /* filled in with a response packet */ cleanup(); return retval; } - enc_tkt_reply.confounder = krb5_random_confounder(); retval = krb5_encrypt_tkt_part(&encrypting_key, &ticket_reply); bzero((char *)encrypting_key.contents, encrypting_key.length); free((char *)encrypting_key.contents); @@ -246,14 +254,15 @@ krb5_data **response; /* filled in with a response packet */ bzero((char *)session_key->contents, session_key->length); \ free((char *)session_key->contents); \ session_key->contents = 0; \ - bzero(ticket_reply.enc_part.data, \ - ticket_reply.enc_part.length); \ - free(ticket_reply.enc_part.data);} + bzero(ticket_reply.enc_part.ciphertext.data, \ + ticket_reply.enc_part.ciphertext.length); \ + free(ticket_reply.enc_part.ciphertext.data);} /* Start assembling the response */ reply.client = request->client; - reply.etype = request->etype; - reply.ckvno = client.kvno; + /* XXX need separate etypes for ticket encryption and kdc_rep encryption */ + reply.enc_part.etype = request->etype; + reply.enc_part.kvno = client.kvno; reply.ticket = &ticket_reply; reply_encpart.session = session_key; @@ -262,7 +271,7 @@ krb5_data **response; /* filled in with a response packet */ return retval; } - reply_encpart.ctime = request->ctime; + reply_encpart.nonce = request->nonce; reply_encpart.key_exp = client.expiration; reply_encpart.flags = enc_tkt_reply.flags; reply_encpart.server = ticket_reply.server; @@ -274,8 +283,6 @@ krb5_data **response; /* filled in with a response packet */ reply_encpart.caddrs = enc_tkt_reply.caddrs; - reply_encpart.confounder = krb5_random_confounder(); - /* now encode/encrypt the response */ /* convert client.key into a real key (it may be encrypted @@ -295,7 +302,7 @@ krb5_data **response; /* filled in with a response packet */ static krb5_error_code prepare_error_as (request, error, response) -register krb5_as_req *request; +register krb5_kdc_req *request; int error; krb5_data **response; { @@ -320,6 +327,9 @@ krb5_data **response; free(errpkt.text.data); return ENOMEM; } + errpkt.e_data.length = 0; + errpkt.e_data.data = 0; + retval = krb5_mk_error(&errpkt, scratch); free(errpkt.text.data); *response = scratch;