From 2b29b7186459d945ec448694164bfe4239b30d72 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 27 Oct 2008 11:35:07 +0100 Subject: s4: import lorikeet-heimdal-200810271034 metze --- source4/heimdal/lib/krb5/ticket.c | 121 +++++++++++++++++++++++--------------- 1 file changed, 75 insertions(+), 46 deletions(-) (limited to 'source4/heimdal/lib/krb5/ticket.c') diff --git a/source4/heimdal/lib/krb5/ticket.c b/source4/heimdal/lib/krb5/ticket.c index 77ce8cb221..db78626570 100644 --- a/source4/heimdal/lib/krb5/ticket.c +++ b/source4/heimdal/lib/krb5/ticket.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "krb5_locl.h" @@ -57,7 +57,8 @@ krb5_copy_ticket(krb5_context context, *to = NULL; tmp = malloc(sizeof(*tmp)); if(tmp == NULL) { - krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); + krb5_set_error_message(context, ENOMEM, + N_("malloc: out of memory", "")); return ENOMEM; } if((ret = copy_EncTicketPart(&from->ticket, &tmp->ticket))){ @@ -104,9 +105,26 @@ krb5_ticket_get_endtime(krb5_context context, return ticket->ticket.endtime; } +/** + * Get the flags from the Kerberos ticket + * + * @param context Kerberos context + * @param ticket Kerberos ticket + * + * @return ticket flags + * + * @ingroup krb5_ticket + */ +unsigned long +krb5_ticket_get_flags(krb5_context context, + const krb5_ticket *ticket) +{ + return TicketFlags2int(ticket->ticket.flags); +} + static int find_type_in_ad(krb5_context context, - int type, + int type, krb5_data *data, krb5_boolean *found, krb5_boolean failp, @@ -119,9 +137,10 @@ find_type_in_ad(krb5_context context, if (level > 9) { ret = ENOENT; /* XXX */ - krb5_set_error_message(context, ret, - "Authorization data nested deeper " - "then %d levels, stop searching", level); + krb5_set_error_message(context, ret, + N_("Authorization data nested deeper " + "then %d levels, stop searching", ""), + level); goto out; } @@ -134,7 +153,8 @@ find_type_in_ad(krb5_context context, if (!*found && ad->val[i].ad_type == type) { ret = der_copy_octet_string(&ad->val[i].ad_data, data); if (ret) { - krb5_set_error_message(context, ret, "malloc: out of memory"); + krb5_set_error_message(context, ret, + N_("malloc: out of memory", "")); goto out; } *found = TRUE; @@ -148,8 +168,10 @@ find_type_in_ad(krb5_context context, &child, NULL); if (ret) { - krb5_set_error_message(context, ret, "Failed to decode " - "IF_RELEVANT with %d", (int)ret); + krb5_set_error_message(context, ret, + N_("Failed to decode " + "IF_RELEVANT with %d", ""), + (int)ret); goto out; } ret = find_type_in_ad(context, type, data, found, FALSE, @@ -168,8 +190,10 @@ find_type_in_ad(krb5_context context, &child, NULL); if (ret) { - krb5_set_error_message(context, ret, "Failed to decode " - "AD_KDCIssued with %d", ret); + krb5_set_error_message(context, ret, + N_("Failed to decode " + "AD_KDCIssued with %d", ""), + ret); goto out; } if (failp) { @@ -177,11 +201,11 @@ find_type_in_ad(krb5_context context, krb5_data buf; size_t len; - ASN1_MALLOC_ENCODE(AuthorizationData, buf.data, buf.length, + ASN1_MALLOC_ENCODE(AuthorizationData, buf.data, buf.length, &child.elements, &len, ret); if (ret) { free_AD_KDCIssued(&child); - krb5_clear_error_string(context); + krb5_clear_error_message(context); goto out; } if(buf.length != len) @@ -195,7 +219,7 @@ find_type_in_ad(krb5_context context, goto out; } if (!valid) { - krb5_clear_error_string(context); + krb5_clear_error_message(context); ret = ENOENT; free_AD_KDCIssued(&child); goto out; @@ -213,16 +237,19 @@ find_type_in_ad(krb5_context context, if (!failp) break; ret = ENOENT; /* XXX */ - krb5_set_error_message(context, ret, "Authorization data contains " - "AND-OR element that is unknown to the " - "application"); + krb5_set_error_message(context, ret, + N_("Authorization data contains " + "AND-OR element that is unknown to the " + "application", "")); goto out; default: if (!failp) break; ret = ENOENT; /* XXX */ - krb5_set_error_message(context, ret, "Authorization data contains " - "unknown type (%d) ", ad->val[i].ad_type); + krb5_set_error_message(context, ret, + N_("Authorization data contains " + "unknown type (%d) ", ""), + ad->val[i].ad_type); goto out; } } @@ -257,7 +284,7 @@ krb5_ticket_get_authorization_data_type(krb5_context context, ad = ticket->ticket.authorization_data; if (ticket->ticket.authorization_data == NULL) { krb5_set_error_message(context, ENOENT, - "Ticket have not authorization data"); + N_("Ticket have not authorization data", "")); return ENOENT; /* XXX */ } @@ -266,8 +293,10 @@ krb5_ticket_get_authorization_data_type(krb5_context context, if (ret) return ret; if (!found) { - krb5_set_error_message(context, ENOENT, "Ticket have not " - "authorization data of type %d", type); + krb5_set_error_message(context, ENOENT, + N_("Ticket have not " + "authorization data of type %d", ""), + type); return ENOENT; /* XXX */ } return 0; -- cgit