From 0abf33ba7d183b3ee04f889f2ad54dbbf3a07ca0 Mon Sep 17 00:00:00 2001
From: Theodore Tso <tytso@mit.edu>
Date: Wed, 19 Oct 1994 15:45:23 +0000
Subject: [PATCH] asn1_decode_k.c (asn1_decode_kdc_req_body): If the
 authorization field 	is not present, fill in the authorization data fields
 with all zeros. 	Don't set kvno (that's *key* version number, not
 *Kerberos* version 	number) to 5.

err2kerr.c (KRB5_KRB__ERROR2krb5_error): The e_data field wasn't being
	decoded when it should have been.

qbuf2data.c (qbuf2krb5_data): Set magic number field to zero.

tgrq2ktgrq.c (KRB5_KDC__REQ__BODY2krb5_kdc_req): Allow the service
	principal to be optional.

ktgrq2tgrq.c (krb5_kdc_req2KRB5_KDC__REQ__BODY): ditto

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4536 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/krb5/asn.1/ChangeLog       | 20 ++++++++++++++++++
 src/lib/krb5/asn.1/KRB5-asn.py     |  2 +-
 src/lib/krb5/asn.1/asn1_decode_k.c |  3 ++-
 src/lib/krb5/asn.1/err2kerr.c      |  4 ++--
 src/lib/krb5/asn.1/ktgrq2tgrq.c    | 33 +++++++++++++++++++++++-------
 src/lib/krb5/asn.1/qbuf2data.c     |  1 +
 src/lib/krb5/asn.1/tgrq2ktgrq.c    | 20 ++++++++++++------
 7 files changed, 66 insertions(+), 17 deletions(-)

diff --git a/src/lib/krb5/asn.1/ChangeLog b/src/lib/krb5/asn.1/ChangeLog
index 276c37912..6b7e5ba25 100644
--- a/src/lib/krb5/asn.1/ChangeLog
+++ b/src/lib/krb5/asn.1/ChangeLog
@@ -1,3 +1,23 @@
+Wed Oct 19 10:51:16 1994  Theodore Y. Ts'o  (tytso@maytag)
+
+	* err2kerr.c (KRB5_KRB__ERROR2krb5_error): The e_data field
+		wasn't being decoded when it should have been.
+
+	* qbuf2data.c (qbuf2krb5_data): Set magic number field to zero.
+
+	* asn1_decode_k.c (asn1_decode_kdc_req_body): If the authorization
+		field is not present, fill in the authorization data
+		fields with all zeros.  Don't set kvno (that's *key*
+		version number, not *Kerberos* version number) to 5.
+
+Tue Oct 18 23:07:20 1994  Theodore Y. Ts'o  (tytso@maytag)
+
+	* tgrq2ktgrq.c (KRB5_KDC__REQ__BODY2krb5_kdc_req): Allow the
+		service principal to be optional.
+
+	* ktgrq2tgrq.c (krb5_kdc_req2KRB5_KDC__REQ__BODY): Allow the
+		server principal to be optional.
+
 Fri Oct  7 15:05:35 1994  Theodore Y. Ts'o  (tytso@dcl)
 
 	* Makefile.isode.in: Add -DKRB5_USE_ISODE so that include files
diff --git a/src/lib/krb5/asn.1/KRB5-asn.py b/src/lib/krb5/asn.1/KRB5-asn.py
index 60a66f6f9..07e967a22 100644
--- a/src/lib/krb5/asn.1/KRB5-asn.py
+++ b/src/lib/krb5/asn.1/KRB5-asn.py
@@ -155,7 +155,7 @@ KDC-REQ-BODY ::=	SEQUENCE {
 	 kdc-options[0]	KDCOptions,
 	 cname[1]	PrincipalName OPTIONAL, -- Used only in AS-REQ
 	 realm[2]	Realm, -- Server's realm  Also client's in AS-REQ
-	 sname[3]	PrincipalName,
+	 sname[3]	PrincipalName OPTIONAL,
 	 from[4]	KerberosTime OPTIONAL,
 	 till[5]	KerberosTime,
 	 rtime[6]	KerberosTime OPTIONAL,
diff --git a/src/lib/krb5/asn.1/asn1_decode_k.c b/src/lib/krb5/asn.1/asn1_decode_k.c
index b4a928a5a..7526b864a 100644
--- a/src/lib/krb5/asn.1/asn1_decode_k.c
+++ b/src/lib/krb5/asn.1/asn1_decode_k.c
@@ -415,8 +415,9 @@ asn1_error_code asn1_decode_kdc_req_body(DECLARG(asn1buf *, buf),
     if(tagnum == 10){
       get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
     else{
+      val->authorization_data.magic = 0;
       val->authorization_data.etype = 0;
-      val->authorization_data.kvno = KVNO;
+      val->authorization_data.kvno = 0;
       val->authorization_data.ciphertext.data = NULL;
       val->authorization_data.ciphertext.length = 0;
     }
diff --git a/src/lib/krb5/asn.1/err2kerr.c b/src/lib/krb5/asn.1/err2kerr.c
index 4380eac9e..8d6fa557b 100644
--- a/src/lib/krb5/asn.1/err2kerr.c
+++ b/src/lib/krb5/asn.1/err2kerr.c
@@ -97,9 +97,9 @@ register int *error;
 	}
     }
     if (val->e__data) {
-	temp = qbuf2krb5_data(val->e__text, error);
+	temp = qbuf2krb5_data(val->e__data, error);
 	if (temp) {
-	    retval->text = *temp;
+	    retval->e_data = *temp;
 	    krb5_xfree(temp);
 	} else {
 	    goto errout;
diff --git a/src/lib/krb5/asn.1/ktgrq2tgrq.c b/src/lib/krb5/asn.1/ktgrq2tgrq.c
index a92d6df46..b0213fd52 100644
--- a/src/lib/krb5/asn.1/ktgrq2tgrq.c
+++ b/src/lib/krb5/asn.1/ktgrq2tgrq.c
@@ -65,16 +65,35 @@ register int *error;
 	if (!retval->cname) {
 	    goto errout;
 	}
-    }    
-    retval->realm = krb5_data2qbuf(krb5_princ_realm(val->server));
-    if (!retval->realm) {
-	*error = ENOMEM;
-	goto errout;
     }
-    retval->sname = krb5_principal2KRB5_PrincipalName(val->server, error);
-    if (!retval->sname) {
+    if (val->server) {
+	retval->realm = krb5_data2qbuf(krb5_princ_realm(val->server));
+	if (!retval->realm) {
+	    *error = ENOMEM;
+	    goto errout;
+	}
+	retval->sname = krb5_principal2KRB5_PrincipalName(val->server, error);
+	if (!retval->sname) {
+	    goto errout;
+	}
+    } else if (val->client) {
+	retval->realm = krb5_data2qbuf(krb5_princ_realm(val->client));
+	if (!retval->realm) {
+	    *error = ENOMEM;
+	    goto errout;
+	}
+    } else if (val->second_ticket && val->second_ticket[0] &&
+	       val->second_ticket[0]->server) {
+	retval->realm = krb5_data2qbuf(krb5_princ_realm(val->second_ticket[0]->server));
+	if (!retval->realm) {
+	    *error = ENOMEM;
+	    goto errout;
+	}
+    } else {
+	*error = EINVAL;
 	goto errout;
     }
+    
     if (val->from) {
 	retval->from = unix2gentime(val->from, error);
 	if (!retval->from) {
diff --git a/src/lib/krb5/asn.1/qbuf2data.c b/src/lib/krb5/asn.1/qbuf2data.c
index 8865fe5c2..c4f400312 100644
--- a/src/lib/krb5/asn.1/qbuf2data.c
+++ b/src/lib/krb5/asn.1/qbuf2data.c
@@ -58,6 +58,7 @@ register int *error;
 	retval->data = 0;
 	return retval;
     }
+    retval->magic = 0;
     retval->data = (char *)xmalloc(val->qb_forw->qb_len);
     if (!retval->data) {
 	krb5_xfree(retval);
diff --git a/src/lib/krb5/asn.1/tgrq2ktgrq.c b/src/lib/krb5/asn.1/tgrq2ktgrq.c
index fdf5293cc..381b06751 100644
--- a/src/lib/krb5/asn.1/tgrq2ktgrq.c
+++ b/src/lib/krb5/asn.1/tgrq2ktgrq.c
@@ -62,17 +62,25 @@ register int *error;
 	krb5_free_kdc_req(retval);
 	return(0);
     }
-    if (val->cname)
+    if (val->cname) {
 	retval->client =
 	    KRB5_PrincipalName2krb5_principal(val->cname,
 					      val->realm,
 					      error);
-    retval->server = KRB5_PrincipalName2krb5_principal(val->sname,
-						       val->realm,
-						       error);
-    if (!retval->server) {
-	goto errout;
+	if (*error) {
+	    goto errout;
+	}
+    }
+	    
+    if (val->sname) {
+	retval->server = KRB5_PrincipalName2krb5_principal(val->sname,
+							   val->realm,
+							   error);
+	if (*error) {
+	    goto errout;
+	}
     }
+
     if (val->from) {
 	retval->from = gentime2unix(val->from, error);
 	if (*error) {
-- 
2.26.2