diff options
| author | Tom Yu <tlyu@mit.edu> | 2000-03-01 10:42:16 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2000-03-01 10:42:16 +0000 |
| commit | b1b547a0b8d9bdb8bbde647e20b0bbab7efc274e (patch) | |
| tree | 54b04d7af0d60f0168a1ffbb826af58136594736 /src/kdc/kdc_util.c | |
| parent | 33ff3607385e2886dfe02b5be6b041bc06069a60 (diff) | |
| download | krb5-b1b547a0b8d9bdb8bbde647e20b0bbab7efc274e.tar.gz krb5-b1b547a0b8d9bdb8bbde647e20b0bbab7efc274e.tar.xz krb5-b1b547a0b8d9bdb8bbde647e20b0bbab7efc274e.zip | |
* main.c: Move kdc_initialize_rcache() to kdc_util.c
* kdc_util.c (kdc_initialize_rcache): Move kdc_initialize_rcache()
back here since it's needed for rtest to work. process_tgs_req()
which is called from rtest needs to call kdc_intiialize_rcache()
and we can't very well link rtest with main.o
* kdc_preauth.c (verify_sam_response): Ooops. Get rc_lifetime
from kdc_util, since it's actually declared there.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12093 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc/kdc_util.c')
| -rw-r--r-- | src/kdc/kdc_util.c | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index a988b28cc..f5a0016b7 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -35,6 +35,54 @@ #include "adm.h" #include "adm_proto.h" +#ifdef USE_RCACHE +static char *kdc_current_rcname = (char *) NULL; +krb5_deltat rc_lifetime; /* See kdc_initialize_rcache() */ +#endif + +#ifdef USE_RCACHE +/* + * initialize the replay cache. + */ +krb5_error_code +kdc_initialize_rcache(kcontext, rcache_name) + krb5_context kcontext; + char *rcache_name; +{ + krb5_error_code retval; + char *rcname; + char *sname; + + rcname = (rcache_name) ? rcache_name : kdc_current_rcname; + + /* rc_lifetime used elsewhere to verify we're not */ + /* replaying really old data */ + rc_lifetime = kcontext->clockskew; + + if (!rcname) + rcname = KDCRCACHE; + if (!(retval = krb5_rc_resolve_full(kcontext, &kdc_rcache, rcname))) { + /* Recover or initialize the replay cache */ + if (!(retval = krb5_rc_recover(kcontext, kdc_rcache)) || + !(retval = krb5_rc_initialize(kcontext, + kdc_rcache, + kcontext->clockskew)) + ) { + /* Expunge the replay cache */ + if (!(retval = krb5_rc_expunge(kcontext, kdc_rcache))) { + sname = kdc_current_rcname; + kdc_current_rcname = strdup(rcname); + if (sname) + free(sname); + } + } + if (retval) + krb5_rc_close(kcontext, kdc_rcache); + } + return(retval); +} +#endif + /* * concatenate first two authdata arrays, returning an allocated replacement. * The replacement should be freed with krb5_free_authdata(). |