diff options
author | Theodore Tso <tytso@mit.edu> | 1999-04-10 02:57:33 +0000 |
---|---|---|
committer | Theodore Tso <tytso@mit.edu> | 1999-04-10 02:57:33 +0000 |
commit | 4bb50a0a01a30beb6d4cd5bdb1bc5bc7a41c67a2 (patch) | |
tree | 6c24348bc9e230d4fcbb3e235cb8bd7432f21f54 /src/lib/krb5/krb/preauth2.c | |
parent | 8293cd3b60d9acc46a3213bbc1c6cc856abbff0c (diff) | |
download | krb5-4bb50a0a01a30beb6d4cd5bdb1bc5bc7a41c67a2.tar.gz krb5-4bb50a0a01a30beb6d4cd5bdb1bc5bc7a41c67a2.tar.xz krb5-4bb50a0a01a30beb6d4cd5bdb1bc5bc7a41c67a2.zip |
kfree.c (krb5_free_sam_challenge, krb5_free_sam_challenge_contents,
krb5_free_sam_response, krb5_free_sam_response_contents,
krb5_free_predicted_sam_response,
krb5_free_predicted_sam_response_contents,
krb5_free_enc_sam_response_enc,
krb5_free_enc_sam_response_enc_contents, krb5_free_pa_enc_ts): Added
new functions. Part of patches from [krb5-kdc/662]
gic_pwd.c (krb5_get_init_creds_password): Add new argument to calls to
the prompter function. Part of patches from [krb5-kdc/662].
preauth2.c (pa_enc_timestamp, pa_sam): Update calls to new prompter
function. [krb5-kdc/662].
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11349 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/krb/preauth2.c')
-rw-r--r-- | src/lib/krb5/krb/preauth2.c | 32 |
1 files changed, 22 insertions, 10 deletions
diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index 86d325d7b..9ede43128 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -102,12 +102,17 @@ krb5_error_code pa_enc_timestamp(krb5_context context, krb5_enc_data enc_data; krb5_pa_data *pa; - /* if we haven't yet gotten a key, get it now. */ - - if (ret = ((*gak_fct)(context, request->client, - request->ktype[0], prompter, prompter_data, - salt, as_key, gak_data))) - return(ret); + /* + * We need to use the password as part or all of the key. + * If as_key contains info, it should be the users pass phrase. + * If not, get the password before issuing the challenge. + */ + if (as_key->length == 0) { + if (ret = ((*gak_fct)(context, request->client, + request->ktype[0], prompter, prompter_data, + salt, as_key, gak_data))) + return(ret); + } /* now get the time of day, and encrypt it accordingly */ @@ -194,9 +199,10 @@ char *sam_challenge_banner(sam_type) #define SAMDATA(kdata, str, maxsize) \ (kdata.length)? \ - ((((kdata.length)<=(maxsize))?(kdata.length):(maxsize))): \ + ((((kdata.length)<=(maxsize))?(kdata.length):(strlen(str)))): \ strlen(str), \ - (kdata.length)?(kdata.data):(str) + (kdata.length)? \ + ((((kdata.length)<=(maxsize))?(kdata.data):(str))):(str) /* XXX Danger! This code is not in sync with the kerberos-password-02 draft. This draft cannot be implemented as written. This code is @@ -216,7 +222,8 @@ krb5_error_code pa_sam(krb5_context context, { krb5_error_code ret; krb5_data tmpsam; - char banner[100], prompt[100], response[100]; + char name[100], banner[100]; + char prompt[100], response[100]; krb5_data response_data; krb5_prompt kprompt; krb5_data defsalt; @@ -238,6 +245,10 @@ krb5_error_code pa_sam(krb5_context context, return(KRB5_SAM_UNSUPPORTED); } + sprintf(name, "%.*s", + SAMDATA(sam_challenge->sam_type_name, "SAM Authentication", + sizeof(name) - 1)); + sprintf(banner, "%.*s", SAMDATA(sam_challenge->sam_challenge_label, sam_challenge_banner(sam_challenge->sam_type), @@ -257,7 +268,8 @@ krb5_error_code pa_sam(krb5_context context, kprompt.hidden = sam_challenge->sam_challenge.length?0:1; kprompt.reply = &response_data; - if (ret = ((*prompter)(context, prompter_data, banner, 1, &kprompt))) { + if (ret = ((*prompter)(context, prompter_data, name, + banner, 1, &kprompt))) { krb5_xfree(sam_challenge); return(ret); } |