From 9cdf5fca1ae30e7c6bf90a91cd61c9d3b63b3916 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Wed, 11 Sep 2002 01:12:53 +0000 Subject: [PATCH] Try a little harder to avoid returning e-text that says "Generic error (see e-text)" for out-of-range codes where we haven't explicitly decided to return a vague error message. * do_as_req.c (prepare_error_as): New argument, the error message text as determined *before* possibly replacing the error code with "generic error". (process_as_req): Fill it in based on 'status', or the error message corresponding to the error code to be returned. * do_tgs_req.c (prepare_error_tgs): New argument, the error message text as determined *before* possibly replacing the error code with "generic error". (process_tgs_req): Fill it in based on 'status', or the error message corresponding to the error code to be returned. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14835 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kdc/ChangeLog | 11 +++++++++++ src/kdc/do_as_req.c | 18 +++++++++--------- src/kdc/do_tgs_req.c | 27 +++++++++++---------------- 3 files changed, 31 insertions(+), 25 deletions(-) diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog index b3a6a1a66..dfc427a9f 100644 --- a/src/kdc/ChangeLog +++ b/src/kdc/ChangeLog @@ -1,5 +1,16 @@ 2002-09-10 Ken Raeburn + * do_as_req.c (prepare_error_as): New argument, the error message + text as determined *before* possibly replacing the error code with + "generic error". + (process_as_req): Fill it in based on 'status', or the error + message corresponding to the error code to be returned. + * do_tgs_req.c (prepare_error_tgs): New argument, the error + message text as determined *before* possibly replacing the error + code with "generic error". + (process_tgs_req): Fill it in based on 'status', or the error + message corresponding to the error code to be returned. + * network.c (process_packet): Call inet_ntop directly. * sock2p.c: Deleted. * Makefile.in (SRCS, OBJS): Drop it. diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index 07bcf1745..83805d458 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -47,7 +47,7 @@ #include "extern.h" static krb5_error_code prepare_error_as (krb5_kdc_req *, int, krb5_data *, - krb5_data **); + krb5_data **, const char *); /*ARGSUSED*/ krb5_error_code @@ -439,11 +439,14 @@ errout: errcode ? ", " : "", errcode ? error_message(errcode) : ""); if (errcode) { + if (status == 0) + status = error_message (errcode); errcode -= ERROR_TABLE_BASE_krb5; if (errcode < 0 || errcode > 128) errcode = KRB_ERR_GENERIC; - errcode = prepare_error_as(request, errcode, &e_data, response); + errcode = prepare_error_as(request, errcode, &e_data, response, + status); } krb5_free_keyblock_contents(kdc_context, &encrypting_key); @@ -486,11 +489,8 @@ errout: } static krb5_error_code -prepare_error_as (request, error, e_data, response) -register krb5_kdc_req *request; -int error; -krb5_data *e_data; -krb5_data **response; +prepare_error_as (krb5_kdc_req *request, int error, krb5_data *e_data, + krb5_data **response, const char *status) { krb5_error errpkt; krb5_error_code retval; @@ -505,10 +505,10 @@ krb5_data **response; errpkt.error = error; errpkt.server = request->server; errpkt.client = request->client; - errpkt.text.length = strlen(error_message(error+KRB5KDC_ERR_NONE))+1; + errpkt.text.length = strlen(status)+1; if (!(errpkt.text.data = malloc(errpkt.text.length))) return ENOMEM; - (void) strcpy(errpkt.text.data, error_message(error+KRB5KDC_ERR_NONE)); + (void) strcpy(errpkt.text.data, status); if (!(scratch = (krb5_data *)malloc(sizeof(*scratch)))) { free(errpkt.text.data); diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c index 2cf8d82ea..923f8b575 100644 --- a/src/kdc/do_tgs_req.c +++ b/src/kdc/do_tgs_req.c @@ -50,7 +50,8 @@ static void find_alternate_tgs (krb5_kdc_req *, krb5_db_entry *, krb5_boolean *, int *); static krb5_error_code prepare_error_tgs (krb5_kdc_req *, krb5_ticket *, - int, const char *, krb5_data **); + int, const char *, krb5_data **, + const char *); /*ARGSUSED*/ krb5_error_code @@ -661,12 +662,14 @@ cleanup: } if (errcode) { + if (status == 0) + status = error_message (errcode); errcode -= ERROR_TABLE_BASE_krb5; if (errcode < 0 || errcode > 128) errcode = KRB_ERR_GENERIC; retval = prepare_error_tgs(request, header_ticket, errcode, - fromstring, response); + fromstring, response, status); } if (header_ticket) @@ -688,12 +691,8 @@ cleanup: } static krb5_error_code -prepare_error_tgs (request, ticket, error, ident, response) -register krb5_kdc_req *request; -krb5_ticket *ticket; -int error; -const char *ident; -krb5_data **response; +prepare_error_tgs (krb5_kdc_req *request, krb5_ticket *ticket, int error, + const char *ident, krb5_data **response, const char *status) { krb5_error errpkt; krb5_error_code retval; @@ -711,10 +710,10 @@ krb5_data **response; errpkt.client = ticket->enc_part2->client; else errpkt.client = 0; - errpkt.text.length = strlen(error_message(error+KRB5KDC_ERR_NONE))+1; + errpkt.text.length = strlen(status) + 1; if (!(errpkt.text.data = malloc(errpkt.text.length))) return ENOMEM; - (void) strcpy(errpkt.text.data, error_message(error+KRB5KDC_ERR_NONE)); + (void) strcpy(errpkt.text.data, status); if (!(scratch = (krb5_data *)malloc(sizeof(*scratch)))) { free(errpkt.text.data); @@ -735,11 +734,8 @@ krb5_data **response; * some intermediate realm. */ static void -find_alternate_tgs(request, server, more, nprincs) -krb5_kdc_req *request; -krb5_db_entry *server; -krb5_boolean *more; -int *nprincs; +find_alternate_tgs(krb5_kdc_req *request, krb5_db_entry *server, + krb5_boolean *more, int *nprincs) { krb5_error_code retval; krb5_principal *plist, *pl2; @@ -817,4 +813,3 @@ int *nprincs; krb5_free_realm_tree(kdc_context, plist); return; } - -- 2.26.2