From fc06bbb74b8bbefbd58ecc46b0f1b35f87b7f6c9 Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Tue, 1 Sep 1992 14:49:03 +0000 Subject: [PATCH] Modifications so that whether something came in on the secondary or primary port is logged. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2377 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kdc/dispatch.c | 15 ++++++++------- src/kdc/do_as_req.c | 15 +++++++++++++-- src/kdc/do_tgs_req.c | 20 +++++++++++++++++--- 3 files changed, 38 insertions(+), 12 deletions(-) diff --git a/src/kdc/dispatch.c b/src/kdc/dispatch.c index 9ed95c114..037443e3c 100644 --- a/src/kdc/dispatch.c +++ b/src/kdc/dispatch.c @@ -37,10 +37,11 @@ static char rcsid_dispatch_c[] = #include "kdc_util.h" krb5_error_code -dispatch(pkt, from, response) -krb5_data *pkt; -const krb5_fulladdr *from; -krb5_data **response; +dispatch(pkt, from, is_secondary, response) + krb5_data *pkt; + const krb5_fulladdr *from; + int is_secondary; + krb5_data **response; { krb5_error_code retval; @@ -59,18 +60,18 @@ krb5_data **response; if (krb5_is_tgs_req(pkt)) { if (!(retval = decode_krb5_tgs_req(pkt, &tgs_req))) { - retval = process_tgs_req(tgs_req, from, response); + retval = process_tgs_req(tgs_req, from, is_secondary, response); krb5_free_kdc_req(tgs_req); } } else if (krb5_is_as_req(pkt)) { if (!(retval = decode_krb5_as_req(pkt, &as_req))) { - retval = process_as_req(as_req, from, response); + retval = process_as_req(as_req, from, is_secondary, response); krb5_free_kdc_req(as_req); } } #ifdef KRB4 else if (pkt->data[0] == 4) /* old version */ - retval = process_v4(pkt, from, response); + retval = process_v4(pkt, from, is_secondary, response); #endif else retval = KRB5KRB_AP_ERR_MSG_TYPE; diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index a9c7996fc..57fc8c17f 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -62,9 +62,10 @@ static krb5_error_code prepare_error_as PROTOTYPE((krb5_kdc_req *, /*ARGSUSED*/ krb5_error_code -process_as_req(request, from, response) +process_as_req(request, from, is_secondary, response) register krb5_kdc_req *request; const krb5_fulladdr *from; /* who sent it ? */ +int is_secondary; krb5_data **response; /* filled in with a response packet */ { @@ -110,7 +111,12 @@ krb5_data **response; /* filled in with a response packet */ if (!fromstring) fromstring = ""; - syslog(LOG_INFO, "AS_REQ: host %s, %s for %s", fromstring, cname, sname); + if (is_secondary) + syslog(LOG_INFO, "AS_REQ; host %s, %s for %s", fromstring, cname, + sname); + else + syslog(LOG_INFO, "AS_REQ: host %s, %s for %s", fromstring, cname, + sname); free(cname); free(sname); @@ -142,6 +148,11 @@ krb5_data **response; /* filled in with a response packet */ #define cleanup() {krb5_db_free_principal(&client, 1); krb5_db_free_principal(&server, 1); } + if (retval = check_kdb_flags_as(request, client, server)) { + cleanup(); + return(prepare_error_as(request, retval, response)); + } + if (retval = krb5_timeofday(&kdc_time)) { cleanup(); return(retval); diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c index eac018b50..8baef7927 100644 --- a/src/kdc/do_tgs_req.c +++ b/src/kdc/do_tgs_req.c @@ -62,9 +62,10 @@ static krb5_error_code prepare_error_tgs PROTOTYPE((krb5_kdc_req *, krb5_data **)); /*ARGSUSED*/ krb5_error_code -process_tgs_req(request, from, response) +process_tgs_req(request, from, is_secondary, response) krb5_kdc_req *request; const krb5_fulladdr *from; /* who sent it ? */ +int is_secondary; krb5_data **response; /* filled in with a response packet */ { @@ -135,7 +136,12 @@ krb5_data **response; /* filled in with a response packet */ return(retval); } - syslog(LOG_INFO, "TGS_REQ: host %s, %s for %s", fromstring, cname, sname); + if (is_secondary) + syslog(LOG_INFO, "TGS_REQ; host %s, %s for %s", fromstring, cname, + sname); + else + syslog(LOG_INFO, "TGS_REQ: host %s, %s for %s", fromstring, cname, + sname); free(cname); free(sname); @@ -185,6 +191,15 @@ tgt_again: #define tkt_cleanup() {krb5_free_tkt_authent(req_authdat); } #define cleanup() { krb5_db_free_principal(&server, 1);} + if (retval = check_kdb_flags_tgs(request, server)) { + cleanup(); + return(prepare_error_tgs(request, + header_ticket, + retval, + fromstring, + response)); + } + if (retval = krb5_timeofday(&kdc_time)) { tkt_cleanup(); cleanup(); @@ -679,7 +694,6 @@ int *nprincs; return; /* move to the end */ - /* SUPPRESS 530 */ for (pl2 = plist; *pl2; pl2++); /* the first entry in this array is for krbtgt/local@local, so we -- 2.26.2