diff options
| author | John Kohl <jtkohl@mit.edu> | 1990-10-10 17:26:36 +0000 |
|---|---|---|
| committer | John Kohl <jtkohl@mit.edu> | 1990-10-10 17:26:36 +0000 |
| commit | 10bbba4d11dcfe8b4750d839ce6a3982772efd6b (patch) | |
| tree | cc36844162a05c2e85fa1d94a1177c8a6ee7450a | |
| parent | 50e69e81f73742d6c7568c735372ca9c7198ae89 (diff) | |
changes for new data structures
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1231 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/kdc/policy.c | 36 | ||||
| -rw-r--r-- | src/kdc/policy.h | 5 |
2 files changed, 21 insertions, 20 deletions
diff --git a/src/kdc/policy.c b/src/kdc/policy.c index 6f25f7cfc..d9f5f5f0e 100644 --- a/src/kdc/policy.c +++ b/src/kdc/policy.c @@ -33,7 +33,7 @@ krb5_timestamp fromtime; krb5_boolean against_flag_policy_as(request) -register krb5_as_req *request; +const register krb5_kdc_req *request; { if (isflagset(request->kdc_options, KDC_OPT_FORWARDED) || isflagset(request->kdc_options, KDC_OPT_PROXY) || @@ -47,36 +47,36 @@ register krb5_as_req *request; } krb5_boolean -against_flag_policy_tgs(request) -register krb5_tgs_req *request; +against_flag_policy_tgs(request, ticket) +const register krb5_kdc_req *request; +const register krb5_ticket *ticket; { - register krb5_real_tgs_req *realreq = request->tgs_request2; - if (((isflagset(realreq->kdc_options, KDC_OPT_FORWARDED) || - isflagset(realreq->kdc_options, KDC_OPT_FORWARDABLE)) && - !isflagset(request->header2->ticket->enc_part2->flags, + if (((isflagset(request->kdc_options, KDC_OPT_FORWARDED) || + isflagset(request->kdc_options, KDC_OPT_FORWARDABLE)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_FORWARDABLE)) || /* TGS must be forwardable to get forwarded or forwardable ticket */ - ((isflagset(realreq->kdc_options, KDC_OPT_PROXY) || - isflagset(realreq->kdc_options, KDC_OPT_PROXIABLE)) && - !isflagset(request->header2->ticket->enc_part2->flags, + ((isflagset(request->kdc_options, KDC_OPT_PROXY) || + isflagset(request->kdc_options, KDC_OPT_PROXIABLE)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_PROXIABLE)) || /* TGS must be proxiable to get proxiable ticket */ - ((isflagset(realreq->kdc_options, KDC_OPT_ALLOW_POSTDATE) || - isflagset(realreq->kdc_options, KDC_OPT_POSTDATED)) && - !isflagset(request->header2->ticket->enc_part2->flags, + ((isflagset(request->kdc_options, KDC_OPT_ALLOW_POSTDATE) || + isflagset(request->kdc_options, KDC_OPT_POSTDATED)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_MAY_POSTDATE)) || /* TGS must allow postdating to get postdated ticket */ - (isflagset(realreq->kdc_options, KDC_OPT_VALIDATE) && - !isflagset(request->header2->ticket->enc_part2->flags, + (isflagset(request->kdc_options, KDC_OPT_VALIDATE) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_INVALID)) || /* can only validate invalid tix */ - ((isflagset(realreq->kdc_options, KDC_OPT_RENEW) || - isflagset(realreq->kdc_options, KDC_OPT_RENEWABLE)) && - !isflagset(request->header2->ticket->enc_part2->flags, + ((isflagset(request->kdc_options, KDC_OPT_RENEW) || + isflagset(request->kdc_options, KDC_OPT_RENEWABLE)) && + !isflagset(ticket->enc_part2->flags, TKT_FLG_RENEWABLE))) /* can only renew renewable tix */ return TRUE; /* against policy */ diff --git a/src/kdc/policy.h b/src/kdc/policy.h index ffd3653fb..ce6fed15f 100644 --- a/src/kdc/policy.h +++ b/src/kdc/policy.h @@ -17,7 +17,8 @@ #define __KRB5_KDC_POLICY__ extern krb5_boolean against_postdate_policy PROTOTYPE((krb5_timestamp)); -extern krb5_boolean against_flag_policy_as PROTOTYPE((krb5_as_req *)); -extern krb5_boolean against_flag_policy_tgs PROTOTYPE((krb5_tgs_req *)); +extern krb5_boolean against_flag_policy_as PROTOTYPE((const krb5_kdc_req *)); +extern krb5_boolean against_flag_policy_tgs PROTOTYPE((const krb5_kdc_req *, + const krb5_ticket *)); #endif /* __KRB5_KDC_POLICY__ */ |