Logo Search packages:      
Sourcecode: heimdal version File versions

kaserver.c

/*
 * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
 * (Royal Institute of Technology, Stockholm, Sweden). 
 * All rights reserved. 
 *
 * Redistribution and use in source and binary forms, with or without 
 * modification, are permitted provided that the following conditions 
 * are met: 
 *
 * 1. Redistributions of source code must retain the above copyright 
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright 
 *    notice, this list of conditions and the following disclaimer in the 
 *    documentation and/or other materials provided with the distribution. 
 *
 * 3. Neither the name of the Institute nor the names of its contributors 
 *    may be used to endorse or promote products derived from this software 
 *    without specific prior written permission. 
 *
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
 * SUCH DAMAGE. 
 */

#include "kdc_locl.h"

RCSID("$Id: kaserver.c,v 1.21.2.1 2003/10/06 21:02:35 lha Exp $");


#include <rx.h>

#define KA_AUTHENTICATION_SERVICE 731
#define KA_TICKET_GRANTING_SERVICE 732
#define KA_MAINTENANCE_SERVICE 733

#define AUTHENTICATE_OLD       1
#define CHANGEPASSWORD         2
#define GETTICKET_OLD          3
#define SETPASSWORD            4
#define SETFIELDS        5
#define CREATEUSER             6
#define DELETEUSER             7
#define GETENTRY         8
#define LISTENTRY        9
#define GETSTATS        10
#define DEBUG                 11
#define GETPASSWORD           12
#define GETRANDOMKEY          13
#define AUTHENTICATE          21
#define AUTHENTICATE_V2       22
#define GETTICKET       23

/* XXX - Where do we get these? */

#define RXGEN_OPCODE (-455)

#define KADATABASEINCONSISTENT                   (180480L)
#define KAEXIST                                  (180481L)
#define KAIO                                     (180482L)
#define KACREATEFAIL                             (180483L)
#define KANOENT                                  (180484L)
#define KAEMPTY                                  (180485L)
#define KABADNAME                                (180486L)
#define KABADINDEX                               (180487L)
#define KANOAUTH                                 (180488L)
#define KAANSWERTOOLONG                          (180489L)
#define KABADREQUEST                             (180490L)
#define KAOLDINTERFACE                           (180491L)
#define KABADARGUMENT                            (180492L)
#define KABADCMD                                 (180493L)
#define KANOKEYS                                 (180494L)
#define KAREADPW                                 (180495L)
#define KABADKEY                                 (180496L)
#define KAUBIKINIT                               (180497L)
#define KAUBIKCALL                               (180498L)
#define KABADPROTOCOL                            (180499L)
#define KANOCELLS                                (180500L)
#define KANOCELL                                 (180501L)
#define KATOOMANYUBIKS                           (180502L)
#define KATOOMANYKEYS                            (180503L)
#define KABADTICKET                              (180504L)
#define KAUNKNOWNKEY                             (180505L)
#define KAKEYCACHEINVALID                        (180506L)
#define KABADSERVER                              (180507L)
#define KABADUSER                                (180508L)
#define KABADCPW                                 (180509L)
#define KABADCREATE                              (180510L)
#define KANOTICKET                               (180511L)
#define KAASSOCUSER                              (180512L)
#define KANOTSPECIAL                             (180513L)
#define KACLOCKSKEW                              (180514L)
#define KANORECURSE                              (180515L)
#define KARXFAIL                                 (180516L)
#define KANULLPASSWORD                           (180517L)
#define KAINTERNALERROR                          (180518L)
#define KAPWEXPIRED                              (180519L)
#define KAREUSED                                 (180520L)
#define KATOOSOON                                (180521L)
#define KALOCKED                                 (180522L)

static void
decode_rx_header (krb5_storage *sp,
              struct rx_header *h)
{
    krb5_ret_int32(sp, &h->epoch);
    krb5_ret_int32(sp, &h->connid);
    krb5_ret_int32(sp, &h->callid);
    krb5_ret_int32(sp, &h->seqno);
    krb5_ret_int32(sp, &h->serialno);
    krb5_ret_int8(sp,  &h->type);
    krb5_ret_int8(sp,  &h->flags);
    krb5_ret_int8(sp,  &h->status);
    krb5_ret_int8(sp,  &h->secindex);
    krb5_ret_int16(sp, &h->reserved);
    krb5_ret_int16(sp, &h->serviceid);
}

static void
encode_rx_header (struct rx_header *h,
              krb5_storage *sp)
{
    krb5_store_int32(sp, h->epoch);
    krb5_store_int32(sp, h->connid);
    krb5_store_int32(sp, h->callid);
    krb5_store_int32(sp, h->seqno);
    krb5_store_int32(sp, h->serialno);
    krb5_store_int8(sp,  h->type);
    krb5_store_int8(sp,  h->flags);
    krb5_store_int8(sp,  h->status);
    krb5_store_int8(sp,  h->secindex);
    krb5_store_int16(sp, h->reserved);
    krb5_store_int16(sp, h->serviceid);
}

static void
init_reply_header (struct rx_header *hdr,
               struct rx_header *reply_hdr,
               u_char type,
               u_char flags)
{
    reply_hdr->epoch     = hdr->epoch;
    reply_hdr->connid    = hdr->connid;
    reply_hdr->callid    = hdr->callid;
    reply_hdr->seqno     = 1;
    reply_hdr->serialno  = 1;
    reply_hdr->type      = type;
    reply_hdr->flags     = flags;
    reply_hdr->status    = 0;
    reply_hdr->secindex  = 0;
    reply_hdr->reserved  = 0;
    reply_hdr->serviceid = hdr->serviceid;
}

static void
make_error_reply (struct rx_header *hdr,
              u_int32_t ret,
              krb5_data *reply)

{
    krb5_storage *sp;
    struct rx_header reply_hdr;

    init_reply_header (hdr, &reply_hdr, HT_ABORT, HF_LAST);
    sp = krb5_storage_emem();
    encode_rx_header (&reply_hdr, sp);
    krb5_store_int32(sp, ret);
    krb5_storage_to_data (sp, reply);
    krb5_storage_free (sp);
}

static krb5_error_code
krb5_ret_xdr_data(krb5_storage *sp,
              krb5_data *data)
{
    int ret;
    int size;
    ret = krb5_ret_int32(sp, &size);
    if(ret)
      return ret;
    if(size < 0)
      return ERANGE;
    data->length = size;
    if (size) {
      u_char foo[4];
      size_t pad = (4 - size % 4) % 4;

      data->data = malloc(size);
      if (data->data == NULL)
          return ENOMEM;
      ret = krb5_storage_read(sp, data->data, size);
      if(ret != size)
          return (ret < 0)? errno : KRB5_CC_END;
      if (pad) {
          ret = krb5_storage_read(sp, foo, pad);
          if (ret != pad)
            return (ret < 0)? errno : KRB5_CC_END;
      }
    } else
      data->data = NULL;
    return 0;
}

static krb5_error_code
krb5_store_xdr_data(krb5_storage *sp,
                krb5_data data)
{
    u_char zero[4] = {0, 0, 0, 0};
    int ret;
    size_t pad;

    ret = krb5_store_int32(sp, data.length);
    if(ret < 0)
      return ret;
    ret = krb5_storage_write(sp, data.data, data.length);
    if(ret != data.length){
      if(ret < 0)
          return errno;
      return KRB5_CC_END;
    }
    pad = (4 - data.length % 4) % 4;
    if (pad) {
      ret = krb5_storage_write(sp, zero, pad);
      if (ret != pad) {
          if (ret < 0)
            return errno;
          return KRB5_CC_END;
      }
    }
    return 0;
}


static krb5_error_code
create_reply_ticket (struct rx_header *hdr,
                 Key *skey,
                 char *name, char *instance, char *realm,
                 struct sockaddr_in *addr,
                 int life,
                 int kvno,
                 int32_t max_seq_len,
                 const char *sname, const char *sinstance,
                 u_int32_t challenge,
                 const char *label,
                 des_cblock *key,
                 krb5_data *reply)
{
    KTEXT_ST ticket;
    des_cblock session;
    krb5_storage *sp;
    krb5_data enc_data;
    des_key_schedule schedule;
    struct rx_header reply_hdr;
    des_cblock zero;
    size_t pad;
    unsigned fyrtiosjuelva;

    /* create the ticket */

    des_new_random_key(&session);

    krb_create_ticket (&ticket, 0, name, instance, realm,
                   addr->sin_addr.s_addr,
                   &session, life, kdc_time,
                   sname, sinstance, skey->key.keyvalue.data);

    /* create the encrypted part of the reply */
    sp = krb5_storage_emem ();
    krb5_generate_random_block(&fyrtiosjuelva, sizeof(fyrtiosjuelva));
    fyrtiosjuelva &= 0xffffffff;
    krb5_store_int32 (sp, fyrtiosjuelva);
    krb5_store_int32 (sp, challenge);
    krb5_storage_write  (sp, session, 8);
    memset (&session, 0, sizeof(session));
    krb5_store_int32 (sp, kdc_time);
    krb5_store_int32 (sp, kdc_time + krb_life_to_time (0, life));
    krb5_store_int32 (sp, kvno);
    krb5_store_int32 (sp, ticket.length);
    krb5_store_stringz (sp, name);
    krb5_store_stringz (sp, instance);
#if 1 /* XXX - Why shouldn't the realm go here? */
    krb5_store_stringz (sp, "");
#else
    krb5_store_stringz (sp, realm);
#endif
    krb5_store_stringz (sp, sname);
    krb5_store_stringz (sp, sinstance);
    krb5_storage_write (sp, ticket.dat, ticket.length);
    krb5_storage_write (sp, label, strlen(label));

    /* pad to DES block */
    memset (zero, 0, sizeof(zero));
    pad = (8 - krb5_storage_seek (sp, 0, SEEK_CUR) % 8) % 8;
    krb5_storage_write (sp, zero, pad);

    krb5_storage_to_data (sp, &enc_data);
    krb5_storage_free (sp);

    if (enc_data.length > max_seq_len) {
      krb5_data_free (&enc_data);
      make_error_reply (hdr, KAANSWERTOOLONG, reply);
      return 0;
    }

    /* encrypt it */
    des_set_key (key, schedule);
    des_pcbc_encrypt (enc_data.data,
                  enc_data.data,
                  enc_data.length,
                  schedule,
                  key,
                  DES_ENCRYPT);
    memset (&schedule, 0, sizeof(schedule));

    /* create the reply packet */
    init_reply_header (hdr, &reply_hdr, HT_DATA, HF_LAST);
    sp = krb5_storage_emem ();
    encode_rx_header (&reply_hdr, sp);
    krb5_store_int32 (sp, max_seq_len);
    krb5_store_xdr_data (sp, enc_data);
    krb5_data_free (&enc_data);
    krb5_storage_to_data (sp, reply);
    krb5_storage_free (sp);
    return 0;
}

static krb5_error_code
unparse_auth_args (krb5_storage *sp,
               char **name,
               char **instance,
               time_t *start_time,
               time_t *end_time,
               krb5_data *request,
               int32_t *max_seq_len)
{
    krb5_data data;
    int32_t tmp;

    krb5_ret_xdr_data (sp, &data);
    *name = malloc(data.length + 1);
    if (*name == NULL)
      return ENOMEM;
    memcpy (*name, data.data, data.length);
    (*name)[data.length] = '\0';
    krb5_data_free (&data);

    krb5_ret_xdr_data (sp, &data);
    *instance = malloc(data.length + 1);
    if (*instance == NULL) {
      free (*name);
      return ENOMEM;
    }
    memcpy (*instance, data.data, data.length);
    (*instance)[data.length] = '\0';
    krb5_data_free (&data);

    krb5_ret_int32 (sp, &tmp);
    *start_time = tmp;
    krb5_ret_int32 (sp, &tmp);
    *end_time = tmp;
    krb5_ret_xdr_data (sp, request);
    krb5_ret_int32 (sp, max_seq_len);
    /* ignore the rest */
    return 0;
}

static void
do_authenticate (struct rx_header *hdr,
             krb5_storage *sp,
             struct sockaddr_in *addr,
             krb5_data *reply)
{
    krb5_error_code ret;
    char *name = NULL;
    char *instance = NULL;
    time_t start_time;
    time_t end_time;
    krb5_data request;
    int32_t max_seq_len;
    hdb_entry *client_entry = NULL;
    hdb_entry *server_entry = NULL;
    Key *ckey = NULL;
    Key *skey = NULL;
    des_cblock key;
    des_key_schedule schedule;
    krb5_storage *reply_sp;
    time_t max_life;
    u_int8_t life;
    int32_t chal;
    char client_name[256];
    char server_name[256];
      
    krb5_data_zero (&request);

    unparse_auth_args (sp, &name, &instance, &start_time, &end_time,
                   &request, &max_seq_len);
    if (request.length < 8) {
      make_error_reply (hdr, KABADREQUEST, reply);
      goto out;
    }

    snprintf (client_name, sizeof(client_name), "%s.%s@%s",
            name, instance, v4_realm);

    ret = db_fetch4 (name, instance, v4_realm, &client_entry);
    if (ret) {
      kdc_log(0, "Client not found in database: %s: %s",
            client_name, krb5_get_err_text(context, ret));
      make_error_reply (hdr, KANOENT, reply);
      goto out;
    }

    snprintf (server_name, sizeof(server_name), "%s.%s@%s",
            "krbtgt", v4_realm, v4_realm);

    ret = db_fetch4 ("krbtgt", v4_realm, v4_realm, &server_entry);
    if (ret) {
      kdc_log(0, "Server not found in database: %s: %s",
            server_name, krb5_get_err_text(context, ret));
      make_error_reply (hdr, KANOENT, reply);
      goto out;
    }

    ret = check_flags (client_entry, client_name,
                   server_entry, server_name,
                   TRUE);
    if (ret) {
      make_error_reply (hdr, KAPWEXPIRED, reply);
      goto out;
    }

    /* find a DES key */
    ret = get_des_key(client_entry, FALSE, TRUE, &ckey);
    if(ret){
      kdc_log(0, "no suitable DES key for client");
      make_error_reply (hdr, KANOKEYS, reply);
      goto out;
    }

    /* find a DES key */
    ret = get_des_key(server_entry, TRUE, TRUE, &skey);
    if(ret){
      kdc_log(0, "no suitable DES key for server");
      make_error_reply (hdr, KANOKEYS, reply);
      goto out;
    }

    /* try to decode the `request' */
    memcpy (&key, ckey->key.keyvalue.data, sizeof(key));
    des_set_key (&key, schedule);
    des_pcbc_encrypt (request.data,
                  request.data,
                  request.length,
                  schedule,
                  &key,
                  DES_DECRYPT);
    memset (&schedule, 0, sizeof(schedule));

    /* check for the magic label */
    if (memcmp ((char *)request.data + 4, "gTGS", 4) != 0) {
      make_error_reply (hdr, KABADREQUEST, reply);
      goto out;
    }

    reply_sp = krb5_storage_from_mem (request.data, 4);
    krb5_ret_int32 (reply_sp, &chal);
    krb5_storage_free (reply_sp);

    if (abs(chal - kdc_time) > context->max_skew) {
      make_error_reply (hdr, KACLOCKSKEW, reply);
      goto out;
    }

    /* life */
    max_life = end_time - kdc_time;
    /* end_time - kdc_time can sometimes be non-positive due to slight
       time skew between client and server. Let's make sure it is postive */
    if(max_life < 1)
      max_life = 1;
    if (client_entry->max_life)
      max_life = min(max_life, *client_entry->max_life);
    if (server_entry->max_life)
      max_life = min(max_life, *server_entry->max_life);

    life = krb_time_to_life(kdc_time, kdc_time + max_life);

    create_reply_ticket (hdr, skey,
                   name, instance, v4_realm,
                   addr, life, server_entry->kvno,
                   max_seq_len,
                   "krbtgt", v4_realm,
                   chal + 1, "tgsT",
                   &key, reply);
    memset (&key, 0, sizeof(key));

out:
    if (request.length) {
      memset (request.data, 0, request.length);
      krb5_data_free (&request);
    }
    if (name)
      free (name);
    if (instance)
      free (instance);
    if (client_entry)
      free_ent (client_entry);
    if (server_entry)
      free_ent (server_entry);
}

static krb5_error_code
unparse_getticket_args (krb5_storage *sp,
                  int *kvno,
                  char **auth_domain,
                  krb5_data *ticket,
                  char **name,
                  char **instance,
                  krb5_data *times,
                  int32_t *max_seq_len)
{
    krb5_data data;
    int32_t tmp;

    krb5_ret_int32 (sp, &tmp);
    *kvno = tmp;

    krb5_ret_xdr_data (sp, &data);
    *auth_domain = malloc(data.length + 1);
    if (*auth_domain == NULL)
      return ENOMEM;
    memcpy (*auth_domain, data.data, data.length);
    (*auth_domain)[data.length] = '\0';
    krb5_data_free (&data);

    krb5_ret_xdr_data (sp, ticket);

    krb5_ret_xdr_data (sp, &data);
    *name = malloc(data.length + 1);
    if (*name == NULL) {
      free (*auth_domain);
      return ENOMEM;
    }
    memcpy (*name, data.data, data.length);
    (*name)[data.length] = '\0';
    krb5_data_free (&data);

    krb5_ret_xdr_data (sp, &data);
    *instance = malloc(data.length + 1);
    if (*instance == NULL) {
      free (*auth_domain);
      free (*name);
      return ENOMEM;
    }
    memcpy (*instance, data.data, data.length);
    (*instance)[data.length] = '\0';
    krb5_data_free (&data);

    krb5_ret_xdr_data (sp, times);

    krb5_ret_int32 (sp, max_seq_len);
    /* ignore the rest */
    return 0;
}

static void
do_getticket (struct rx_header *hdr,
            krb5_storage *sp,
            struct sockaddr_in *addr,
            krb5_data *reply)
{
    krb5_error_code ret;
    int kvno;
    char *auth_domain = NULL;
    krb5_data aticket;
    char *name = NULL;
    char *instance = NULL;
    krb5_data times;
    int32_t max_seq_len;
    hdb_entry *server_entry = NULL;
    hdb_entry *krbtgt_entry = NULL;
    Key *kkey = NULL;
    Key *skey = NULL;
    des_cblock key;
    des_key_schedule schedule;
    des_cblock session;
    time_t max_life;
    int8_t life;
    time_t start_time, end_time;
    char pname[ANAME_SZ];
    char pinst[INST_SZ];
    char prealm[REALM_SZ];
    char server_name[256];

    krb5_data_zero (&aticket);
    krb5_data_zero (&times);

    unparse_getticket_args (sp, &kvno, &auth_domain, &aticket,
                      &name, &instance, &times, &max_seq_len);
    if (times.length < 8) {
      make_error_reply (hdr, KABADREQUEST, reply);
      goto out;
      
    }

    snprintf (server_name, sizeof(server_name),
            "%s.%s@%s", name, instance, v4_realm);

    ret = db_fetch4 (name, instance, v4_realm, &server_entry);
    if (ret) {
      kdc_log(0, "Server not found in database: %s: %s",
            server_name, krb5_get_err_text(context, ret));
      make_error_reply (hdr, KANOENT, reply);
      goto out;
    }

    ret = check_flags (NULL, NULL,
                   server_entry, server_name,
                   FALSE);
    if (ret) {
      make_error_reply (hdr, KAPWEXPIRED, reply);
      goto out;
    }

    ret = db_fetch4 ("krbtgt", v4_realm, v4_realm, &krbtgt_entry);
    if (ret) {
      kdc_log(0, "Server not found in database: %s.%s@%s: %s",
            "krbtgt", v4_realm, v4_realm, krb5_get_err_text(context, ret));
      make_error_reply (hdr, KANOENT, reply);
      goto out;
    }

    /* find a DES key */
    ret = get_des_key(krbtgt_entry, TRUE, TRUE, &kkey);
    if(ret){
      kdc_log(0, "no suitable DES key for krbtgt");
      make_error_reply (hdr, KANOKEYS, reply);
      goto out;
    }

    /* find a DES key */
    ret = get_des_key(server_entry, TRUE, TRUE, &skey);
    if(ret){
      kdc_log(0, "no suitable DES key for server");
      make_error_reply (hdr, KANOKEYS, reply);
      goto out;
    }

    /* decrypt the incoming ticket */
    memcpy (&key, kkey->key.keyvalue.data, sizeof(key));

    /* unpack the ticket */
    {
      KTEXT_ST ticket;
      u_char flags;
      int life;
      u_int32_t time_sec;
      char sname[ANAME_SZ];
      char sinstance[SNAME_SZ];
      u_int32_t paddress;

      if (aticket.length > sizeof(ticket.dat)) {
          kdc_log(0, "ticket too long (%u > %u)",
                (unsigned)aticket.length,
                (unsigned)sizeof(ticket.dat));
          make_error_reply (hdr, KABADTICKET, reply);
          goto out;
      }

      ticket.length = aticket.length;
      memcpy (ticket.dat, aticket.data, ticket.length);

      des_set_key (&key, schedule);
      decomp_ticket (&ticket, &flags, pname, pinst, prealm,
                   &paddress, session, &life, &time_sec,
                   sname, sinstance, 
                   &key, schedule);

      if (strcmp (sname, "krbtgt") != 0
          || strcmp (sinstance, v4_realm) != 0) {
          kdc_log(0, "no TGT: %s.%s for %s.%s@%s",
                sname, sinstance,
                pname, pinst, prealm);
          make_error_reply (hdr, KABADTICKET, reply);
          goto out;
      }

      if (kdc_time > krb_life_to_time(time_sec, life)) {
          kdc_log(0, "TGT expired: %s.%s@%s",
                pname, pinst, prealm);
          make_error_reply (hdr, KABADTICKET, reply);
          goto out;
      }
    }

    /* decrypt the times */
    des_set_key (&session, schedule);
    des_ecb_encrypt (times.data,
                 times.data,
                 schedule,
                 DES_DECRYPT);
    memset (&schedule, 0, sizeof(schedule));

    /* and extract them */
    {
      krb5_storage *sp;
      int32_t tmp;

      sp = krb5_storage_from_mem (times.data, times.length);
      krb5_ret_int32 (sp, &tmp);
      start_time = tmp;
      krb5_ret_int32 (sp, &tmp);
      end_time = tmp;
      krb5_storage_free (sp);
    }

    /* life */
    max_life = end_time - kdc_time;
    /* end_time - kdc_time can sometimes be non-positive due to slight
       time skew between client and server. Let's make sure it is postive */
    if(max_life < 1)
      max_life = 1;
    if (krbtgt_entry->max_life)
      max_life = min(max_life, *krbtgt_entry->max_life);
    if (server_entry->max_life)
      max_life = min(max_life, *server_entry->max_life);

    life = krb_time_to_life(kdc_time, kdc_time + max_life);

    create_reply_ticket (hdr, skey,
                   pname, pinst, prealm,
                   addr, life, server_entry->kvno,
                   max_seq_len,
                   name, instance,
                   0, "gtkt",
                   &session, reply);
    memset (&session, 0, sizeof(session));
    
out:
    if (aticket.length) {
      memset (aticket.data, 0, aticket.length);
      krb5_data_free (&aticket);
    }
    if (times.length) {
      memset (times.data, 0, times.length);
      krb5_data_free (&times);
    }
    if (auth_domain)
      free (auth_domain);
    if (name)
      free (name);
    if (instance)
      free (instance);
    if (krbtgt_entry)
      free_ent (krbtgt_entry);
    if (server_entry)
      free_ent (server_entry);
}

krb5_error_code
do_kaserver(unsigned char *buf,
          size_t len,
          krb5_data *reply,
          const char *from,
          struct sockaddr_in *addr)
{
    krb5_error_code ret = 0;
    struct rx_header hdr;
    u_int32_t op;
    krb5_storage *sp;

    if (len < RX_HEADER_SIZE)
      return -1;
    sp = krb5_storage_from_mem (buf, len);

    decode_rx_header (sp, &hdr);
    buf += RX_HEADER_SIZE;
    len -= RX_HEADER_SIZE;

    switch (hdr.type) {
    case HT_DATA :
      break;
    case HT_ACK :
    case HT_BUSY :
    case HT_ABORT :
    case HT_ACKALL :
    case HT_CHAL :
    case HT_RESP :
    case HT_DEBUG :
    default:
      /* drop */
      goto out;
    }


    if (hdr.serviceid != KA_AUTHENTICATION_SERVICE
      && hdr.serviceid != KA_TICKET_GRANTING_SERVICE) {
      ret = -1;
      goto out;
    }

    krb5_ret_int32(sp, &op);
    switch (op) {
    case AUTHENTICATE :
      do_authenticate (&hdr, sp, addr, reply);
      break;
    case GETTICKET :
      do_getticket (&hdr, sp, addr, reply);
      break;
    case AUTHENTICATE_OLD :
    case CHANGEPASSWORD :
    case GETTICKET_OLD :
    case SETPASSWORD :
    case SETFIELDS :
    case CREATEUSER :
    case DELETEUSER :
    case GETENTRY :
    case LISTENTRY :
    case GETSTATS :
    case DEBUG :
    case GETPASSWORD :
    case GETRANDOMKEY :
    case AUTHENTICATE_V2 :
    default :
      make_error_reply (&hdr, RXGEN_OPCODE, reply);
      break;
    }

out:
    krb5_storage_free (sp);
    return ret;
}

Generated by  Doxygen 1.6.0   Back to index