diff options
author | John Kohl <jtkohl@mit.edu> | 1990-10-10 17:26:36 +0000 |
---|---|---|
committer | John Kohl <jtkohl@mit.edu> | 1990-10-10 17:26:36 +0000 |
commit | 10bbba4d11dcfe8b4750d839ce6a3982772efd6b (patch) | |
tree | cc36844162a05c2e85fa1d94a1177c8a6ee7450a /src/kdc/policy.c | |
parent | 50e69e81f73742d6c7568c735372ca9c7198ae89 (diff) | |
download | krb5-10bbba4d11dcfe8b4750d839ce6a3982772efd6b.tar.gz krb5-10bbba4d11dcfe8b4750d839ce6a3982772efd6b.tar.xz krb5-10bbba4d11dcfe8b4750d839ce6a3982772efd6b.zip |
changes for new data structures
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1231 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc/policy.c')
-rw-r--r-- | src/kdc/policy.c | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/src/kdc/policy.c b/src/kdc/policy.c index 6f25f7cfcd..d9f5f5f0e4 100644 --- a/src/kdc/policy.c +++ b/src/kdc/policy.c @@ -33,7 +33,7 @@ krb5_timestamp fromtime; krb5_boolean against_flag_policy_as(request) -register krb5_as_req *request; +const register krb5_kdc_req *request; { if (isflagset(request->kdc_options, KDC_OPT_FORWARDED) || isflagset(request->kdc_options, KDC_OPT_PROXY) || @@ -47,36 +47,36 @@ register krb5_as_req *request; } krb5_boolean -against_flag_policy_tgs(request) -register krb5_tgs_req *request; +against_flag_policy_tgs(request, ticket) +const register krb5_kdc_req *request; +const register krb5_ticket *ticket; { - register krb5_real_tgs_req *realreq = request->tgs_request2; - if (((isflagset(realreq->kdc_options, KDC_OPT_FORWARDED) || - isflagset(realreq->kdc_options, KDC_OPT_FORWARDABLE)) && - !isflagset(request->header2->ticket->enc_part2->flags, + if (((isflagset(request->kdc_options, KDC_OPT_FORWARDED) || + isflagset(request->kdc_options, KDC_OPT_FORWARDABLE)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_FORWARDABLE)) || /* TGS must be forwardable to get forwarded or forwardable ticket */ - ((isflagset(realreq->kdc_options, KDC_OPT_PROXY) || - isflagset(realreq->kdc_options, KDC_OPT_PROXIABLE)) && - !isflagset(request->header2->ticket->enc_part2->flags, + ((isflagset(request->kdc_options, KDC_OPT_PROXY) || + isflagset(request->kdc_options, KDC_OPT_PROXIABLE)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_PROXIABLE)) || /* TGS must be proxiable to get proxiable ticket */ - ((isflagset(realreq->kdc_options, KDC_OPT_ALLOW_POSTDATE) || - isflagset(realreq->kdc_options, KDC_OPT_POSTDATED)) && - !isflagset(request->header2->ticket->enc_part2->flags, + ((isflagset(request->kdc_options, KDC_OPT_ALLOW_POSTDATE) || + isflagset(request->kdc_options, KDC_OPT_POSTDATED)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_MAY_POSTDATE)) || /* TGS must allow postdating to get postdated ticket */ - (isflagset(realreq->kdc_options, KDC_OPT_VALIDATE) && - !isflagset(request->header2->ticket->enc_part2->flags, + (isflagset(request->kdc_options, KDC_OPT_VALIDATE) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_INVALID)) || /* can only validate invalid tix */ - ((isflagset(realreq->kdc_options, KDC_OPT_RENEW) || - isflagset(realreq->kdc_options, KDC_OPT_RENEWABLE)) && - !isflagset(request->header2->ticket->enc_part2->flags, + ((isflagset(request->kdc_options, KDC_OPT_RENEW) || + isflagset(request->kdc_options, KDC_OPT_RENEWABLE)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_RENEWABLE))) /* can only renew renewable tix */ return TRUE; /* against policy */ |