diff options
| author | John Kohl <jtkohl@mit.edu> | 1991-02-27 11:48:26 +0000 |
|---|---|---|
| committer | John Kohl <jtkohl@mit.edu> | 1991-02-27 11:48:26 +0000 |
| commit | 103265630c5c8991088d6116cdee821a27ca4ca9 (patch) | |
| tree | db38dd08c3b73b3f67767f1373a6c5f76c712bbd /src/lib/krb5/krb | |
| parent | 109028a836b96af03926d0d04fadbaf797ed5a33 (diff) | |
| download | krb5-103265630c5c8991088d6116cdee821a27ca4ca9.tar.gz krb5-103265630c5c8991088d6116cdee821a27ca4ca9.tar.xz krb5-103265630c5c8991088d6116cdee821a27ca4ca9.zip | |
add rcache handling
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1797 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/krb')
| -rw-r--r-- | src/lib/krb5/krb/mk_priv.c | 32 | ||||
| -rw-r--r-- | src/lib/krb5/krb/mk_safe.c | 25 |
2 files changed, 54 insertions, 3 deletions
diff --git a/src/lib/krb5/krb/mk_priv.c b/src/lib/krb5/krb/mk_priv.c index d4c1e0b333..003cb71f3d 100644 --- a/src/lib/krb5/krb/mk_priv.c +++ b/src/lib/krb5/krb/mk_priv.c @@ -46,6 +46,7 @@ krb5_mk_priv(DECLARG(const krb5_data *, userdata), DECLARG(const krb5_address *, recv_addr), DECLARG(krb5_int32, seq_number), DECLARG(krb5_int32, priv_flags), + DECLARG(krb5_rcache, rcache), DECLARG(krb5_pointer, i_vector), DECLARG(krb5_data *, outbuf)) OLDDECLARG(const krb5_data *, userdata) @@ -55,6 +56,7 @@ OLDDECLARG(const krb5_address *, sender_addr) OLDDECLARG(const krb5_address *, recv_addr) OLDDECLARG(krb5_int32, seq_number) OLDDECLARG(krb5_int32, priv_flags) +OLDDECLARG(krb5_rcache, rcache) OLDDECLARG(krb5_pointer, i_vector) OLDDECLARG(krb5_data *, outbuf) { @@ -77,6 +79,9 @@ OLDDECLARG(krb5_data *, outbuf) privmsg_enc_part.r_address = 0; if (!(priv_flags & KRB5_PRIV_NOTIME)) { + if (!rcache) + /* gotta provide an rcache in this case... */ + return KRB5_RC_REQUIRED; if (retval = krb5_us_timeofday(&privmsg_enc_part.timestamp, &privmsg_enc_part.usec)) return retval; @@ -114,10 +119,11 @@ OLDDECLARG(krb5_data *, outbuf) } #define cleanup_encpart() {\ -(void) memset(privmsg.enc_part.ciphertext.data, 0, \ + (void) memset(privmsg.enc_part.ciphertext.data, 0, \ privmsg.enc_part.ciphertext.length); \ -free(privmsg.enc_part.ciphertext.data); \ -privmsg.enc_part.ciphertext.length = 0; privmsg.enc_part.ciphertext.data = 0;} + free(privmsg.enc_part.ciphertext.data); \ + privmsg.enc_part.ciphertext.length = 0; \ + privmsg.enc_part.ciphertext.data = 0;} /* do any necessary key pre-processing */ if (retval = krb5_process_key(&eblock, key)) { @@ -157,6 +163,26 @@ privmsg.enc_part.ciphertext.length = 0; privmsg.enc_part.ciphertext.data = 0;} } cleanup_encpart(); + if (!(priv_flags & KRB5_PRIV_NOTIME)) { + krb5_donot_replay replay; + + if (retval = krb5_gen_replay_name(sender_addr, "_priv", + &replay.client)) { + cleanup_scratch(); + return retval; + } + + replay.server = ""; /* XXX */ + replay.cusec = privmsg_enc_part.usec; + replay.ctime = privmsg_enc_part.timestamp; + if (retval = krb5_rc_store(rcache, &replay)) { + /* should we really error out here? XXX */ + cleanup_scratch(); + xfree(replay.client); + return retval; + } + xfree(replay.client); + } *outbuf = *scratch; xfree(scratch); return 0; diff --git a/src/lib/krb5/krb/mk_safe.c b/src/lib/krb5/krb/mk_safe.c index 5fe61d6106..c5b32a462f 100644 --- a/src/lib/krb5/krb/mk_safe.c +++ b/src/lib/krb5/krb/mk_safe.c @@ -44,6 +44,7 @@ krb5_mk_safe(DECLARG(const krb5_data *, userdata), DECLARG(const krb5_address *, recv_addr), DECLARG(krb5_int32, seq_number), DECLARG(krb5_int32, safe_flags), + DECLARG(krb5_rcache, rcache), DECLARG(krb5_data *, outbuf)) OLDDECLARG(const krb5_data *, userdata) OLDDECLARG(const krb5_cksumtype, sumtype) @@ -52,6 +53,7 @@ OLDDECLARG(const krb5_address *, sender_addr) OLDDECLARG(const krb5_address *, recv_addr) OLDDECLARG(krb5_int32, seq_number) OLDDECLARG(krb5_int32, safe_flags) +OLDDECLARG(krb5_rcache, rcache) OLDDECLARG(krb5_data *, outbuf) { krb5_error_code retval; @@ -73,6 +75,9 @@ OLDDECLARG(krb5_data *, outbuf) safemsg.r_address = 0; if (!(safe_flags & KRB5_SAFE_NOTIME)) { + if (!rcache) + /* gotta provide an rcache in this case... */ + return KRB5_RC_REQUIRED; if (retval = krb5_us_timeofday(&safemsg.timestamp, &safemsg.usec)) return retval; } @@ -120,6 +125,26 @@ OLDDECLARG(krb5_data *, outbuf) return retval; } xfree(safe_checksum.contents); + if (!(safe_flags & KRB5_SAFE_NOTIME)) { + krb5_donot_replay replay; + + if (retval = krb5_gen_replay_name(sender_addr, "_safe", + &replay.client)) { + clean_scratch(); + return retval; + } + + replay.server = ""; /* XXX */ + replay.cusec = safemsg.usec; + replay.ctime = safemsg.timestamp; + if (retval = krb5_rc_store(rcache, &replay)) { + /* should we really error out here? XXX */ + clean_scratch(); + xfree(replay.client); + return retval; + } + xfree(replay.client); + } *outbuf = *scratch; xfree(scratch); |