diff options
| author | John Kohl <jtkohl@mit.edu> | 1990-10-18 16:01:29 +0000 |
|---|---|---|
| committer | John Kohl <jtkohl@mit.edu> | 1990-10-18 16:01:29 +0000 |
| commit | fc3c79115c9275df584a44a0c449ab6156a39eb7 (patch) | |
| tree | 52671788cffcf9f7ba5a1c1e2a8cba1c09a91000 /src/lib | |
| parent | d1b05886705a93a2d636e02ecc64b96adda1ed87 (diff) | |
fix some cleanup code to eradicate the keys
add some (not yet enabled) sanity-check code
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1273 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/krb5/krb/gc_via_tgt.c | 68 |
1 files changed, 59 insertions, 9 deletions
diff --git a/src/lib/krb5/krb/gc_via_tgt.c b/src/lib/krb5/krb/gc_via_tgt.c index e848ed8b0..cbbe8b76a 100644 --- a/src/lib/krb5/krb/gc_via_tgt.c +++ b/src/lib/krb5/krb/gc_via_tgt.c @@ -86,9 +86,18 @@ OLDDECLARG(krb5_creds *, cred) cleanup(); return retval; /* neither proper reply nor error! */ } - /* XXX check to make sure the timestamps match, etc. */ - retval = err_reply->error + ERROR_TABLE_BASE_krb5; +#if 0 + /* XXX need access to the actual assembled request... + need a change to send_tgs */ + if ((err_reply->ctime != request.ctime) || + !krb5_principal_compare(err_reply->server, request.server) || + !krb5_principal_compare(err_reply->client, request.client)) + retval = KRB5_KDCREP_MODIFIED; + else +#endif + retval = err_reply->error + ERROR_TABLE_BASE_krb5; + krb5_free_error(err_reply); cleanup(); return retval; @@ -102,7 +111,10 @@ OLDDECLARG(krb5_creds *, cred) if (retval) return retval; #undef cleanup -#define cleanup() krb5_free_kdc_rep(dec_rep) +#define cleanup() {\ + bzero((char *)dec_rep->enc_part2->session.contents,\ + dec_rep->enc_part2->session.length);\ + krb5_free_kdc_rep(dec_rep); } /* now it's decrypted and ready for prime time */ @@ -116,8 +128,44 @@ OLDDECLARG(krb5_creds *, cred) cleanup(); return retval; } + bzero((char *)dec_rep->enc_part2->session.contents, + dec_rep->enc_part2->session.length); + +#undef cleanup +#define cleanup() {\ + bzero((char *)cred->keyblock.contents, cred->keyblock.length);\ + krb5_free_kdc_rep(dec_rep); } + cred->times = dec_rep->enc_part2->times; - /* check compatibility here first ? XXX */ + +#if 0 + /* XXX probably need access to the request */ + /* check the contents for sanity: */ + if (!krb5_principal_compare(dec_rep->client, request.client) + || !krb5_principal_compare(dec_rep->enc_part2->server, request.server) + || !krb5_principal_compare(dec_rep->ticket->server, request.server) + || (request.nonce != dec_rep->enc_part2->nonce) + /* XXX check for extraneous flags */ + /* XXX || (!krb5_addresses_compare(addrs, dec_rep->enc_part2->caddrs)) */ + || ((request.from == 0) && + !in_clock_skew(dec_rep->enc_part2->times.starttime)) + || ((request.from != 0) && + (request.from != dec_rep->enc_part2->times.starttime)) + || ((request.till != 0) && + (dec_rep->enc_part2->times.endtime > request.till)) + || ((request.kdc_options & KDC_OPT_RENEWABLE) && + (request.rtime != 0) && + (dec_rep->enc_part2->times.renew_till > request.rtime)) + || ((request.kdc_options & KDC_OPT_RENEWABLE_OK) && + (dec_rep->enc_part2->flags & KDC_OPT_RENEWABLE) && + (request.till != 0) && + (dec_rep->enc_part2->times.renew_till > request.till)) + ) { + cleanup(); + return KRB5_KDCREP_MODIFIED; + } +#endif + cred->ticket_flags = dec_rep->enc_part2->flags; cred->is_skey = FALSE; if (retval = krb5_copy_addresses(dec_rep->enc_part2->caddrs, @@ -126,13 +174,15 @@ OLDDECLARG(krb5_creds *, cred) return retval; } - if (retval = encode_krb5_ticket(dec_rep->ticket, &scratch)) + if (retval = encode_krb5_ticket(dec_rep->ticket, &scratch)) { + cleanup(); krb5_free_address(cred->addresses); - else { - cred->ticket = *scratch; - free((char *)scratch); + return retval; } - cleanup(); + cred->ticket = *scratch; + free((char *)scratch); + + krb5_free_kdc_rep(dec_rep); return retval; } |