diff options
Diffstat (limited to 'source4/heimdal/kdc/524.c')
-rw-r--r-- | source4/heimdal/kdc/524.c | 94 |
1 files changed, 47 insertions, 47 deletions
diff --git a/source4/heimdal/kdc/524.c b/source4/heimdal/kdc/524.c index a46c9175b0..d15310384a 100644 --- a/source4/heimdal/kdc/524.c +++ b/source4/heimdal/kdc/524.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kdc_locl.h" @@ -43,7 +43,7 @@ RCSID("$Id$"); */ static krb5_error_code -fetch_server (krb5_context context, +fetch_server (krb5_context context, krb5_kdc_configuration *config, const Ticket *t, char **spn, @@ -67,7 +67,7 @@ fetch_server (krb5_context context, krb5_get_err_text(context, ret)); return ret; } - ret = _kdc_db_fetch(context, config, sprinc, HDB_F_GET_SERVER, + ret = _kdc_db_fetch(context, config, sprinc, HDB_F_GET_SERVER, NULL, server); krb5_free_principal(context, sprinc); if (ret) { @@ -82,7 +82,7 @@ fetch_server (krb5_context context, } static krb5_error_code -log_524 (krb5_context context, +log_524 (krb5_context context, krb5_kdc_configuration *config, const EncTicketPart *et, const char *from, @@ -92,7 +92,7 @@ log_524 (krb5_context context, char *cpn; krb5_error_code ret; - ret = _krb5_principalname2krb5_principal(context, &client, + ret = _krb5_principalname2krb5_principal(context, &client, et->cname, et->crealm); if (ret) { kdc_log(context, config, 0, "_krb5_principalname2krb5_principal: %s", @@ -113,7 +113,7 @@ log_524 (krb5_context context, } static krb5_error_code -verify_flags (krb5_context context, +verify_flags (krb5_context context, krb5_kdc_configuration *config, const EncTicketPart *et, const char *spn) @@ -135,7 +135,7 @@ verify_flags (krb5_context context, */ static krb5_error_code -set_address (krb5_context context, +set_address (krb5_context context, krb5_kdc_configuration *config, EncTicketPart *et, struct sockaddr *addr, @@ -154,7 +154,7 @@ set_address (krb5_context context, kdc_log(context, config, 0, "Failed to convert address (%s)", from); return ret; } - + if (et->caddr && !krb5_address_search (context, v4_addr, et->caddr)) { kdc_log(context, config, 0, "Incorrect network address (%s)", from); krb5_free_address(context, v4_addr); @@ -187,11 +187,11 @@ set_address (krb5_context context, static krb5_error_code -encrypt_v4_ticket(krb5_context context, +encrypt_v4_ticket(krb5_context context, krb5_kdc_configuration *config, - void *buf, - size_t len, - krb5_keyblock *skey, + void *buf, + size_t len, + krb5_keyblock *skey, EncryptedData *reply) { krb5_crypto crypto; @@ -204,7 +204,7 @@ encrypt_v4_ticket(krb5_context context, return ret; } - ret = krb5_encrypt_EncryptedData(context, + ret = krb5_encrypt_EncryptedData(context, crypto, KRB5_KU_TICKET, buf, @@ -221,10 +221,10 @@ encrypt_v4_ticket(krb5_context context, } static krb5_error_code -encode_524_response(krb5_context context, +encode_524_response(krb5_context context, krb5_kdc_configuration *config, const char *spn, const EncTicketPart et, - const Ticket *t, hdb_entry_ex *server, + const Ticket *t, hdb_entry_ex *server, EncryptedData *ticket, int *kvno) { krb5_error_code ret; @@ -233,12 +233,12 @@ encode_524_response(krb5_context context, use_2b = krb5_config_get_bool(context, NULL, "kdc", "use_2b", spn, NULL); if(use_2b) { - ASN1_MALLOC_ENCODE(EncryptedData, - ticket->cipher.data, ticket->cipher.length, + ASN1_MALLOC_ENCODE(EncryptedData, + ticket->cipher.data, ticket->cipher.length, &t->enc_part, &len, ret); if (ret) { - kdc_log(context, config, 0, + kdc_log(context, config, 0, "Failed to encode v4 (2b) ticket (%s)", spn); return ret; } @@ -256,7 +256,7 @@ encode_524_response(krb5_context context, return KRB5KDC_ERR_POLICY; } - ret = _kdc_encode_v4_ticket(context, config, + ret = _kdc_encode_v4_ticket(context, config, buf + sizeof(buf) - 1, sizeof(buf), &et, &t->sname, &len); if(ret){ @@ -270,7 +270,7 @@ encode_524_response(krb5_context context, "no suitable DES key for server (%s)", spn); return ret; } - ret = encrypt_v4_ticket(context, config, buf + sizeof(buf) - len, len, + ret = encrypt_v4_ticket(context, config, buf + sizeof(buf) - len, len, &skey->key, ticket); if(ret){ kdc_log(context, config, 0, @@ -289,7 +289,7 @@ encode_524_response(krb5_context context, */ krb5_error_code -_kdc_do_524(krb5_context context, +_kdc_do_524(krb5_context context, krb5_kdc_configuration *config, const Ticket *t, krb5_data *reply, const char *from, struct sockaddr *addr) @@ -306,7 +306,7 @@ _kdc_do_524(krb5_context context, unsigned char buf[MAX_KTXT_LEN + 4 * 4]; size_t len; int kvno = 0; - + if(!config->enable_524) { ret = KRB5KDC_ERR_POLICY; kdc_log(context, config, 0, @@ -342,7 +342,7 @@ _kdc_do_524(krb5_context context, "Failed to decrypt ticket from %s for %s", from, spn); goto out; } - ret = krb5_decode_EncTicketPart(context, et_data.data, et_data.length, + ret = krb5_decode_EncTicketPart(context, et_data.data, et_data.length, &et, &len); krb5_data_free(&et_data); if(ret){ |