diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2006-03-11 04:03:12 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:56:58 -0500 |
| commit | b7afac2b834674e20f303c3a03b4ac7bb283695e (patch) | |
| tree | 4828afb0cf5bc89f0063d3225d0f15cc01cd2012 /source4/heimdal/kdc | |
| parent | 64b619cefe99c833297f2a635db06bd186843481 (diff) | |
| download | samba-b7afac2b834674e20f303c3a03b4ac7bb283695e.tar.gz samba-b7afac2b834674e20f303c3a03b4ac7bb283695e.tar.bz2 samba-b7afac2b834674e20f303c3a03b4ac7bb283695e.zip | |
r14198: Update Samba4 to current lorikeet-heimdal.
Andrew Bartlett
(This used to be commit 97a0a0e2fa6784e5fc5278f7a15b385ddcb6a3b3)
Diffstat (limited to 'source4/heimdal/kdc')
| -rw-r--r-- | source4/heimdal/kdc/kdc-private.h | 6 | ||||
| -rw-r--r-- | source4/heimdal/kdc/kdc_locl.h | 95 | ||||
| -rw-r--r-- | source4/heimdal/kdc/kerberos5.c | 3 | ||||
| -rw-r--r-- | source4/heimdal/kdc/misc.c | 4 | ||||
| -rwxr-xr-x | source4/heimdal/kdc/pkinit.c | 18 |
5 files changed, 19 insertions, 107 deletions
diff --git a/source4/heimdal/kdc/kdc-private.h b/source4/heimdal/kdc/kdc-private.h index cfb76fd7b0..729778a69e 100644 --- a/source4/heimdal/kdc/kdc-private.h +++ b/source4/heimdal/kdc/kdc-private.h @@ -29,7 +29,7 @@ _kdc_db_fetch ( krb5_context /*context*/, krb5_kdc_configuration */*config*/, krb5_principal /*principal*/, - enum hdb_ent_type, + enum hdb_ent_type /*ent_type*/, hdb_entry_ex **/*h*/); krb5_error_code @@ -104,7 +104,7 @@ _kdc_pk_check_client ( krb5_context /*context*/, krb5_kdc_configuration */*config*/, krb5_principal /*client_princ*/, - const hdb_entry */*client*/, + const hdb_entry_ex */*client*/, pk_client_params */*client_params*/, char **/*subject_name*/); @@ -125,7 +125,7 @@ _kdc_pk_mk_pa_reply ( krb5_context /*context*/, krb5_kdc_configuration */*config*/, pk_client_params */*client_params*/, - const hdb_entry */*client*/, + const hdb_entry_ex */*client*/, const KDC_REQ */*req*/, const krb5_data */*req_buffer*/, krb5_keyblock **/*reply_key*/, diff --git a/source4/heimdal/kdc/kdc_locl.h b/source4/heimdal/kdc/kdc_locl.h index 58cf1f4173..ca8672c062 100644 --- a/source4/heimdal/kdc/kdc_locl.h +++ b/source4/heimdal/kdc/kdc_locl.h @@ -61,101 +61,10 @@ extern int detach_from_console; extern struct timeval _kdc_now; #define kdc_time (_kdc_now.tv_sec) -krb5_error_code -_kdc_as_rep(krb5_context context, - krb5_kdc_configuration *config, - KDC_REQ*, const krb5_data*, krb5_data*, - const char*, struct sockaddr*); - -krb5_kdc_configuration * -configure(krb5_context context, int argc, char **argv); - -krb5_error_code -_kdc_db_fetch(krb5_context context, - krb5_kdc_configuration *config, - krb5_principal principal, enum hdb_ent_type ent_type, - hdb_entry_ex **h); - -void -_kdc_free_ent(krb5_context context, hdb_entry_ex *ent); - void loop(krb5_context context, krb5_kdc_configuration *config); -krb5_error_code -_kdc_tgs_rep (krb5_context context, - krb5_kdc_configuration *config, - KDC_REQ*, krb5_data*, const char*, struct sockaddr *); - -krb5_error_code -_kdc_check_flags(krb5_context context, - krb5_kdc_configuration *config, - hdb_entry *client, const char *client_name, - hdb_entry *server, const char *server_name, - krb5_boolean is_as_req); - -krb5_error_code -_kdc_get_des_key(krb5_context context, hdb_entry_ex*, - krb5_boolean, krb5_boolean, Key**); - -krb5_error_code -_kdc_encode_v4_ticket(krb5_context context, - krb5_kdc_configuration *config, - void *buf, size_t len, const EncTicketPart *et, - const PrincipalName *service, size_t *size); -krb5_error_code -_kdc_do_524(krb5_context context, - krb5_kdc_configuration *config, - const Ticket *t, krb5_data *reply, - const char *from, struct sockaddr *addr); - - -#ifdef PKINIT -typedef struct pk_client_params pk_client_params; -krb5_error_code _kdc_pk_initialize(krb5_context, - krb5_kdc_configuration *, - const char *, - const char *); -krb5_error_code _kdc_pk_rd_padata(krb5_context, krb5_kdc_configuration *, - KDC_REQ *, PA_DATA *, pk_client_params **); -krb5_error_code _kdc_pk_mk_pa_reply(krb5_context, - krb5_kdc_configuration *, - pk_client_params *, - const hdb_entry *, - const KDC_REQ *, - const krb5_data *, - krb5_keyblock **, - METHOD_DATA *); -krb5_error_code _kdc_pk_check_client(krb5_context, - krb5_kdc_configuration *, - krb5_principal, - const hdb_entry *, - pk_client_params *, char **); -void _kdc_pk_free_client_param(krb5_context, pk_client_params *); -#endif - -/* - * Kerberos 4 - */ - -krb5_error_code -_kdc_db_fetch4 (krb5_context context, - krb5_kdc_configuration *config, - const char*, const char*, const char*, enum hdb_ent_type, hdb_entry_ex**); - -krb5_error_code -_kdc_do_version4 (krb5_context context, - krb5_kdc_configuration *config, - unsigned char*, size_t, krb5_data*, const char*, - struct sockaddr_in*); -int -_kdc_maybe_version4(unsigned char*, int); - -krb5_error_code -_kdc_do_kaserver (krb5_context context, - krb5_kdc_configuration *config, - unsigned char*, size_t, krb5_data*, - const char*, struct sockaddr_in*); - +krb5_kdc_configuration * +configure(krb5_context context, int argc, char **argv); #endif /* __KDC_LOCL_H__ */ diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index a0136ba425..392bc0acbe 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -804,8 +804,7 @@ _kdc_as_rep(krb5_context context, KDC_REQ_BODY *b = &req->req_body; AS_REP rep; KDCOptions f = b->kdc_options; - hdb_entry_ex *client = NULL; - hdb_entry_ex *server = NULL; + hdb_entry_ex *client = NULL, *server = NULL; krb5_enctype cetype, setype; EncTicketPart et; EncKDCRepPart ek; diff --git a/source4/heimdal/kdc/misc.c b/source4/heimdal/kdc/misc.c index 3027d32cfc..4d38e1f12d 100644 --- a/source4/heimdal/kdc/misc.c +++ b/source4/heimdal/kdc/misc.c @@ -33,7 +33,7 @@ #include "kdc_locl.h" -RCSID("$Id: misc.c,v 1.26 2005/12/12 12:37:31 lha Exp $"); +RCSID("$Id: misc.c,v 1.27 2006/01/01 23:17:16 lha Exp $"); struct timeval _kdc_now; @@ -47,7 +47,7 @@ _kdc_db_fetch(krb5_context context, krb5_error_code ret = HDB_ERR_NOENTRY; int i; - ent = malloc (sizeof (*ent)); + ent = calloc (1, sizeof (*ent)); if (ent == NULL) return ENOMEM; diff --git a/source4/heimdal/kdc/pkinit.c b/source4/heimdal/kdc/pkinit.c index 83c379825c..67934c0745 100755 --- a/source4/heimdal/kdc/pkinit.c +++ b/source4/heimdal/kdc/pkinit.c @@ -33,7 +33,7 @@ #include "kdc_locl.h" -RCSID("$Id: pkinit.c,v 1.49 2005/10/21 17:14:19 lha Exp $"); +RCSID("$Id: pkinit.c,v 1.50 2006/02/13 11:48:21 lha Exp $"); #ifdef PKINIT @@ -175,13 +175,17 @@ pk_check_pkauthenticator(krb5_context context, return ret; } - if (a->paChecksum.length != checksum.checksum.length || - memcmp(a->paChecksum.data, checksum.checksum.data, - checksum.checksum.length) != 0) - { + if (a->paChecksum == NULL) { + krb5_clear_error_string(context); + ret = KRB5_KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED; + goto out; + } + + if (heim_octet_string_cmp(a->paChecksum, &checksum.checksum) != 0) { krb5_clear_error_string(context); ret = KRB5KRB_ERR_GENERIC; } +out: free_Checksum(&checksum); return ret; @@ -1122,7 +1126,7 @@ krb5_error_code _kdc_pk_mk_pa_reply(krb5_context context, krb5_kdc_configuration *config, pk_client_params *client_params, - const hdb_entry *client, + const hdb_entry_ex *client, const KDC_REQ *req, const krb5_data *req_buffer, krb5_keyblock **reply_key, @@ -1379,7 +1383,7 @@ krb5_error_code _kdc_pk_check_client(krb5_context context, krb5_kdc_configuration *config, krb5_principal client_princ, - const hdb_entry *client, + const hdb_entry_ex *client, pk_client_params *client_params, char **subject_name) { |