diff options
| author | Chris Provenzano <proven@mit.edu> | 1995-03-10 17:26:04 +0000 |
|---|---|---|
| committer | Chris Provenzano <proven@mit.edu> | 1995-03-10 17:26:04 +0000 |
| commit | b2f49b74f53d6deafc39fc0069de3e249a383b13 (patch) | |
| tree | 339c5c75b96c433c666183d92478c11ccc42d669 /src/lib/krb5/krb/mk_req.c | |
| parent | 84ea6e41500ad94dd417841b307d142d7055e056 (diff) | |
| download | krb5-b2f49b74f53d6deafc39fc0069de3e249a383b13.tar.gz krb5-b2f49b74f53d6deafc39fc0069de3e249a383b13.tar.xz krb5-b2f49b74f53d6deafc39fc0069de3e249a383b13.zip | |
* auth_con.h auth_con.c Added for krb5_auth_con definition and
support routines.
* mk_req.c (krb5_mk_req())
* mk_req_ext.c (krb5_mk_req_extended())
* rd_rep.c (krb5_rd_rep())
* sendauth.c (krb5_sendauth())
* mk_priv.c (krb5_mk_priv())
* mk_safe.c (krb5_mk_safe())
* rd_priv.c (krb5_rd_priv())
* rd_safe.c (krb5_rd_safe())
Added a krb5_auth_context argument and eliminated many of
the other arguments because they are included in the
krb5_auth_context structure.
* send_tgs.c (krb5_send_tgs()) Eliminate call to krb5_mk_req_extended(),
which does far more than krb5_send_tgs() needs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5099 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/krb/mk_req.c')
| -rw-r--r-- | src/lib/krb5/krb/mk_req.c | 67 |
1 files changed, 40 insertions, 27 deletions
diff --git a/src/lib/krb5/krb/mk_req.c b/src/lib/krb5/krb/mk_req.c index 91a769e931..3d86741fc1 100644 --- a/src/lib/krb5/krb/mk_req.c +++ b/src/lib/krb5/krb/mk_req.c @@ -25,6 +25,7 @@ */ #include "k5-int.h" +#include "auth_con.h" /* Formats a KRB_AP_REQ message into outbuf. @@ -48,44 +49,56 @@ extern krb5_flags krb5_kdc_default_options; krb5_error_code INTERFACE -krb5_mk_req(context, server, ap_req_options, checksum, ccache, outbuf) - krb5_context context; - krb5_const_principal server; - const krb5_flags ap_req_options; - const krb5_checksum *checksum; - krb5_ccache ccache; - krb5_data *outbuf; +krb5_mk_req(context, auth_context, ap_req_options, service, hostname, in_data, + ccache, outbuf) + krb5_context context; + krb5_auth_context ** auth_context; + const krb5_flags ap_req_options; + char * service; + char * hostname; + krb5_data * in_data; + krb5_ccache ccache; + krb5_data * outbuf; { - krb5_error_code retval; - krb5_creds * credsp; - krb5_creds creds; + krb5_error_code retval; + krb5_principal server; + krb5_creds * credsp; + krb5_creds creds; + char ** realm; - /* obtain ticket & session key */ + /* get realm */ + if (retval = krb5_get_host_realm(context, hostname, &realm)) + return retval; + /* build principal */ + if (retval = krb5_build_principal(context, &server, strlen(realm[0]), + realm[0], service, hostname, NULL)) + goto cleanup_realm; + + /* obtain ticket & session key */ memset((char *)&creds, 0, sizeof(creds)); if (retval = krb5_copy_principal(context, server, &creds.server)) - goto errout; + goto cleanup_princ; + if (retval = krb5_cc_get_principal(context, ccache, &creds.client)) - goto errout; - /* creds.times.endtime = 0; -- memset 0 takes care of this - zero means "as long as possible" */ - /* creds.keyblock.keytype = 0; -- as well as this. - zero means no session keytype - preference */ + goto cleanup_creds; if (retval = krb5_get_credentials(context, krb5_kdc_default_options, ccache, &creds, &credsp)) - goto errout; + goto cleanup_creds; - retval = krb5_mk_req_extended(context, ap_req_options, checksum, - 0, /* no sequence number */ - 0, /* no sub-key */ - credsp, - 0, /* We don't need the authenticator */ - outbuf); + retval = krb5_mk_req_extended(context, auth_context, ap_req_options, + in_data, credsp, outbuf); -errout: - krb5_free_cred_contents(context, &creds); krb5_free_creds(context, credsp); + +cleanup_creds: + krb5_free_cred_contents(context, &creds); + +cleanup_princ: + krb5_free_principal(context, server); + +cleanup_realm: + krb5_free_host_realm(context, realm); return retval; } |