diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-03-27 11:55:22 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-03-27 11:55:22 +1100 |
commit | 533024be44861c8d2c8ba3232738c7d2dbbe2e4f (patch) | |
tree | 048c8bd52b50604e950d7976115ebaf42a0802ed /source4/heimdal/kdc/kerberos5.c | |
parent | 679854384252e698b8f8c09d31eb15ed043c919b (diff) | |
download | samba-533024be44861c8d2c8ba3232738c7d2dbbe2e4f.tar.gz samba-533024be44861c8d2c8ba3232738c7d2dbbe2e4f.tar.bz2 samba-533024be44861c8d2c8ba3232738c7d2dbbe2e4f.zip |
s4:heimdal: import lorikeet-heimdal-201003262338 (commit f4e0dc17709829235f057e0e100d34802d3929ff)
Diffstat (limited to 'source4/heimdal/kdc/kerberos5.c')
-rw-r--r-- | source4/heimdal/kdc/kerberos5.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index 87162d5f98..c3e94757e3 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -33,8 +33,6 @@ #include "kdc_locl.h" -RCSID("$Id$"); - #define MAX_TIME ((time_t)((1U << 31) - 1)) void @@ -1425,6 +1423,7 @@ _kdc_as_rep(krb5_context context, if(f.renew || f.validate || f.proxy || f.forwarded || f.enc_tkt_in_skey || (f.request_anonymous && !config->allow_anonymous)) { ret = KRB5KDC_ERR_BADOPTION; + e_text = "Bad KDC options"; kdc_log(context, config, 0, "Bad KDC options -- %s", client_name); goto out; } @@ -1454,6 +1453,7 @@ _kdc_as_rep(krb5_context context, if(client->entry.flags.forwardable && server->entry.flags.forwardable) et.flags.forwardable = f.forwardable; else if (f.forwardable) { + e_text = "Ticket may not be forwardable"; ret = KRB5KDC_ERR_POLICY; kdc_log(context, config, 0, "Ticket may not be forwardable -- %s", client_name); @@ -1462,6 +1462,7 @@ _kdc_as_rep(krb5_context context, if(client->entry.flags.proxiable && server->entry.flags.proxiable) et.flags.proxiable = f.proxiable; else if (f.proxiable) { + e_text = "Ticket may not be proxiable"; ret = KRB5KDC_ERR_POLICY; kdc_log(context, config, 0, "Ticket may not be proxiable -- %s", client_name); @@ -1470,6 +1471,7 @@ _kdc_as_rep(krb5_context context, if(client->entry.flags.postdate && server->entry.flags.postdate) et.flags.may_postdate = f.allow_postdate; else if (f.allow_postdate){ + e_text = "Ticket may not be postdate"; ret = KRB5KDC_ERR_POLICY; kdc_log(context, config, 0, "Ticket may not be postdatable -- %s", client_name); @@ -1478,6 +1480,7 @@ _kdc_as_rep(krb5_context context, /* check for valid set of addresses */ if(!_kdc_check_addresses(context, config, b->addresses, from_addr)) { + e_text = "Bad address list in requested"; ret = KRB5KRB_AP_ERR_BADADDR; kdc_log(context, config, 0, "Bad address list requested -- %s", client_name); @@ -1630,6 +1633,7 @@ _kdc_as_rep(krb5_context context, &et); if (ret) goto out; + } else #endif { |