summaryrefslogtreecommitdiff
path: root/source4/heimdal/kdc
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-03-27 11:55:22 +1100
committerAndrew Bartlett <abartlet@samba.org>2010-03-27 11:55:22 +1100
commit533024be44861c8d2c8ba3232738c7d2dbbe2e4f (patch)
tree048c8bd52b50604e950d7976115ebaf42a0802ed /source4/heimdal/kdc
parent679854384252e698b8f8c09d31eb15ed043c919b (diff)
downloadsamba-533024be44861c8d2c8ba3232738c7d2dbbe2e4f.tar.gz
samba-533024be44861c8d2c8ba3232738c7d2dbbe2e4f.tar.bz2
samba-533024be44861c8d2c8ba3232738c7d2dbbe2e4f.zip
s4:heimdal: import lorikeet-heimdal-201003262338 (commit f4e0dc17709829235f057e0e100d34802d3929ff)
Diffstat (limited to 'source4/heimdal/kdc')
-rw-r--r--source4/heimdal/kdc/default_config.c2
-rw-r--r--source4/heimdal/kdc/headers.h2
-rw-r--r--source4/heimdal/kdc/kaserver.c6
-rw-r--r--source4/heimdal/kdc/kerberos5.c8
-rw-r--r--source4/heimdal/kdc/krb5tgs.c2
-rw-r--r--source4/heimdal/kdc/log.c1
-rw-r--r--source4/heimdal/kdc/misc.c2
-rw-r--r--source4/heimdal/kdc/pkinit.c2
-rw-r--r--source4/heimdal/kdc/windc.c2
9 files changed, 11 insertions, 16 deletions
diff --git a/source4/heimdal/kdc/default_config.c b/source4/heimdal/kdc/default_config.c
index b568522fa4..f5df4e0298 100644
--- a/source4/heimdal/kdc/default_config.c
+++ b/source4/heimdal/kdc/default_config.c
@@ -37,8 +37,6 @@
#include <getarg.h>
#include <parse_bytes.h>
-RCSID("$Id$");
-
krb5_error_code
krb5_kdc_get_config(krb5_context context, krb5_kdc_configuration **config)
{
diff --git a/source4/heimdal/kdc/headers.h b/source4/heimdal/kdc/headers.h
index 1eb3ddedcd..aced5ce617 100644
--- a/source4/heimdal/kdc/headers.h
+++ b/source4/heimdal/kdc/headers.h
@@ -107,7 +107,7 @@
#include <windc_plugin.h>
#undef ALLOC
-#define ALLOC(X) ((X) = malloc(sizeof(*(X))))
+#define ALLOC(X) ((X) = calloc(1, sizeof(*(X))))
#undef ALLOC_SEQ
#define ALLOC_SEQ(X, N) do { (X)->len = (N); \
(X)->val = calloc((X)->len, sizeof(*(X)->val)); } while(0)
diff --git a/source4/heimdal/kdc/kaserver.c b/source4/heimdal/kdc/kaserver.c
index 69b5bb1d6e..827205a805 100644
--- a/source4/heimdal/kdc/kaserver.c
+++ b/source4/heimdal/kdc/kaserver.c
@@ -738,9 +738,11 @@ do_getticket (krb5_context context,
config->v4_realm, &sname,
&sinstance, &ad);
if (ret) {
+ const char *msg = krb5_get_error_message(context, ret);
kdc_log(context, config, 0,
- "kaserver: decomp failed for %s.%s with %d",
- sname, sinstance, ret);
+ "kaserver: decomp failed for %s.%s with %s %d",
+ msg, sname, sinstance, ret);
+ krb5_free_error_message(context, msg);
make_error_reply (hdr, KABADTICKET, reply);
goto out;
}
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c
index 87162d5f98..c3e94757e3 100644
--- a/source4/heimdal/kdc/kerberos5.c
+++ b/source4/heimdal/kdc/kerberos5.c
@@ -33,8 +33,6 @@
#include "kdc_locl.h"
-RCSID("$Id$");
-
#define MAX_TIME ((time_t)((1U << 31) - 1))
void
@@ -1425,6 +1423,7 @@ _kdc_as_rep(krb5_context context,
if(f.renew || f.validate || f.proxy || f.forwarded || f.enc_tkt_in_skey
|| (f.request_anonymous && !config->allow_anonymous)) {
ret = KRB5KDC_ERR_BADOPTION;
+ e_text = "Bad KDC options";
kdc_log(context, config, 0, "Bad KDC options -- %s", client_name);
goto out;
}
@@ -1454,6 +1453,7 @@ _kdc_as_rep(krb5_context context,
if(client->entry.flags.forwardable && server->entry.flags.forwardable)
et.flags.forwardable = f.forwardable;
else if (f.forwardable) {
+ e_text = "Ticket may not be forwardable";
ret = KRB5KDC_ERR_POLICY;
kdc_log(context, config, 0,
"Ticket may not be forwardable -- %s", client_name);
@@ -1462,6 +1462,7 @@ _kdc_as_rep(krb5_context context,
if(client->entry.flags.proxiable && server->entry.flags.proxiable)
et.flags.proxiable = f.proxiable;
else if (f.proxiable) {
+ e_text = "Ticket may not be proxiable";
ret = KRB5KDC_ERR_POLICY;
kdc_log(context, config, 0,
"Ticket may not be proxiable -- %s", client_name);
@@ -1470,6 +1471,7 @@ _kdc_as_rep(krb5_context context,
if(client->entry.flags.postdate && server->entry.flags.postdate)
et.flags.may_postdate = f.allow_postdate;
else if (f.allow_postdate){
+ e_text = "Ticket may not be postdate";
ret = KRB5KDC_ERR_POLICY;
kdc_log(context, config, 0,
"Ticket may not be postdatable -- %s", client_name);
@@ -1478,6 +1480,7 @@ _kdc_as_rep(krb5_context context,
/* check for valid set of addresses */
if(!_kdc_check_addresses(context, config, b->addresses, from_addr)) {
+ e_text = "Bad address list in requested";
ret = KRB5KRB_AP_ERR_BADADDR;
kdc_log(context, config, 0,
"Bad address list requested -- %s", client_name);
@@ -1630,6 +1633,7 @@ _kdc_as_rep(krb5_context context,
&et);
if (ret)
goto out;
+
} else
#endif
{
diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c
index b6f9c865bb..53c0a589ba 100644
--- a/source4/heimdal/kdc/krb5tgs.c
+++ b/source4/heimdal/kdc/krb5tgs.c
@@ -33,8 +33,6 @@
#include "kdc_locl.h"
-RCSID("$Id$");
-
/*
* return the realm of a krbtgt-ticket or NULL
*/
diff --git a/source4/heimdal/kdc/log.c b/source4/heimdal/kdc/log.c
index 06e64df840..6657aca5cb 100644
--- a/source4/heimdal/kdc/log.c
+++ b/source4/heimdal/kdc/log.c
@@ -34,7 +34,6 @@
*/
#include "kdc_locl.h"
-RCSID("$Id$");
void
kdc_openlog(krb5_context context,
diff --git a/source4/heimdal/kdc/misc.c b/source4/heimdal/kdc/misc.c
index 9a3f254640..39f91dcf10 100644
--- a/source4/heimdal/kdc/misc.c
+++ b/source4/heimdal/kdc/misc.c
@@ -33,8 +33,6 @@
#include "kdc_locl.h"
-RCSID("$Id$");
-
struct timeval _kdc_now;
krb5_error_code
diff --git a/source4/heimdal/kdc/pkinit.c b/source4/heimdal/kdc/pkinit.c
index 099d3ebe7d..4405bf4f19 100644
--- a/source4/heimdal/kdc/pkinit.c
+++ b/source4/heimdal/kdc/pkinit.c
@@ -35,8 +35,6 @@
#include "kdc_locl.h"
-RCSID("$Id$");
-
#ifdef PKINIT
#include <heim_asn1.h>
diff --git a/source4/heimdal/kdc/windc.c b/source4/heimdal/kdc/windc.c
index 0ef9cdb7ab..524bc90d90 100644
--- a/source4/heimdal/kdc/windc.c
+++ b/source4/heimdal/kdc/windc.c
@@ -33,8 +33,6 @@
#include "kdc_locl.h"
-RCSID("$Id$");
-
static krb5plugin_windc_ftable *windcft;
static void *windcctx;