diff options
| author | Theodore Tso <tytso@mit.edu> | 1993-04-12 16:40:40 +0000 |
|---|---|---|
| committer | Theodore Tso <tytso@mit.edu> | 1993-04-12 16:40:40 +0000 |
| commit | a0bf498239bc650817aac6e33e058bc6b1449b8a (patch) | |
| tree | 37304fc4f046fe1d2a5e0d06e7affacca64913a6 /src | |
| parent | a66ee522071c2b44e38af575332aef598eb667bd (diff) | |
| download | krb5-a0bf498239bc650817aac6e33e058bc6b1449b8a.tar.gz krb5-a0bf498239bc650817aac6e33e058bc6b1449b8a.tar.xz krb5-a0bf498239bc650817aac6e33e058bc6b1449b8a.zip | |
With prasad's changes to implement forwarding accept and reject options,
sent 3/30/93.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2530 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/appl/telnet/libtelnet/kerberos5.c | 34 |
1 files changed, 29 insertions, 5 deletions
diff --git a/src/appl/telnet/libtelnet/kerberos5.c b/src/appl/telnet/libtelnet/kerberos5.c index b6efdf52b..4b227a575 100644 --- a/src/appl/telnet/libtelnet/kerberos5.c +++ b/src/appl/telnet/libtelnet/kerberos5.c @@ -103,11 +103,13 @@ static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, /*static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, TELQUAL_NAME, };*/ -#define KRB_AUTH 0 /* Authentication data follows */ -#define KRB_REJECT 1 /* Rejected (reason might follow) */ -#define KRB_ACCEPT 2 /* Accepted */ -#define KRB_RESPONSE 3 /* Response for mutual auth. */ -#define KRB_FORWARD 4 /* Forwarded credentials follow */ +#define KRB_AUTH 0 /* Authentication data follows */ +#define KRB_REJECT 1 /* Rejected (reason might follow) */ +#define KRB_ACCEPT 2 /* Accepted */ +#define KRB_RESPONSE 3 /* Response for mutual auth. */ +#define KRB_FORWARD 4 /* Forwarded credentials follow */ +#define KRB_FORWARD_ACCEPT 5 /* Forwarded credentials accepted */ +#define KRB_FORWARD_REJECT 6 /* Forwarded credentials rejected */ static krb5_data auth; /* telnetd gets session key from here */ @@ -463,10 +465,16 @@ kerberos5_is(ap, data, cnt) inbuf.length = cnt; if (r = rd_and_store_for_creds(&inbuf, authdat->ticket, UserNameRequested)) { + char errbuf[128]; + + (void) strcpy(errbuf, "Read forwarded creds failed: "); + (void) strcat(errbuf, error_message(r)); + Data(ap, KRB_FORWARD_REJECT, errbuf, -1); if (auth_debug_mode) printf("Could not read forwarded credentials\r\n"); } else + Data(ap, KRB_FORWARD_ACCEPT, 0, 0); if (auth_debug_mode) printf("Forwarded credentials obtained\r\n"); break; @@ -550,6 +558,13 @@ kerberos5_reply(ap, data, cnt) mutual_complete = 1; } return; + case KRB_FORWARD_ACCEPT: + printf("[ Kerberos V5 accepted forwarded credentials ]\n"); + return; + case KRB_FORWARD_REJECT: + printf("[ Kerberos V5 refuses forwarded credentials because %.*s ]\r\n", + cnt, data); + return; default: if (auth_debug_mode) printf("Unknown Kerberos option %d\r\n", data[-1]); @@ -620,6 +635,15 @@ kerberos5_printsub(data, cnt, buf, buflen) strncpy((char *)buf, " FORWARD", buflen); goto common2; + case KRB_FORWARD_ACCEPT: /* Forwarded credentials accepted */ + strncpy((char *)buf, " FORWARD_ACCEPT", buflen); + goto common2; + + case KRB_FORWARD_REJECT: /* Forwarded credentials rejected */ + /* (reason might follow) */ + strncpy((char *)buf, " FORWARD_REJECT", buflen); + goto common2; + default: sprintf(lbuf, " %d (unknown)", data[3]); strncpy((char *)buf, lbuf, buflen); |