* the value of rd_ap_req() applied to the ticket.
*/
int
-GetKerberosData(fd, haddr, kdata, service, srvtab)
- int fd; /* file descr. to read from */
- struct in_addr haddr; /* address of foreign host on fd */
- AUTH_DAT *kdata; /* kerberos data (returned) */
- char *service; /* service principal desired */
- char *srvtab; /* file to get keys from */
+GetKerberosData(int fd, /* file descr. to read from */
+ struct in_addr haddr, /* address of foreign host on fd */
+ AUTH_DAT *kdata, /* kerberos data (returned) */
+ char *service, /* service principal desired */
+ char *srvtab) /* file to get keys from */
{
char p[20];
KTEXT_ST ticket; /* will get Kerberos ticket from client */
#endif
Code_t
-SendKerberosData(fd, ticket, service, host)
- int fd; /* file descriptor to write onto */
- KTEXT ticket; /* where to put ticket (return) */
- char *service; /* service name, foreign host */
- char *host;
+SendKerberosData(int fd, /* file descriptor to write onto */
+ KTEXT ticket, /* where to put ticket (return) */
+ char *service, /* service name, foreign host */
+ char *host)
+
{
int rem;
char p[32];
#endif /* HAVE_KRB4 */
+#if defined(HAVE_KRB5) || defined(HAVE_KRB4)
+Code_t
+ReadKerberosData(int fd, int *size, char **data, int *proto) {
+ char p[20];
+ int i;
+ unsigned char *dst;
+ Code_t retval;
+ int len = 0;
+
+ for (i=0; i<20; i++) {
+ if (read(fd, &p[i], 1) != 1) {
+ p[i] = 0;
+ syslog(LOG_WARNING,"ReadKerberosData: bad read reply len @%d (got \"%s\"", i, p);
+ return(KFAILURE);
+ }
+ if (p[i] == ' ') {
+ p[i] = '\0';
+ break;
+ }
+ }
+
+ if (i == 20) {
+ syslog(LOG_WARNING, "ReadKerberosData: read reply len exceeds buffer");
+ return KFAILURE;
+ }
+
+ if (!strncmp(p, "V5-", 3) && (len = atoi(p+3)) > 0)
+ *proto = 5;
+ else if ((len = atoi(p)) > 0)
+ *proto = 4;
+
+ if (*proto < 4 | *proto > 5) {
+ syslog(LOG_WARNING, "ReadKerberosData: error parsing authenticator length (\"%s\")", p);
+ return KFAILURE;
+ }
+
+ if (len <= 0) {
+ syslog(LOG_WARNING, "ReadKerberosData: read reply len = %d", len);
+ return KFAILURE;
+ }
+
+ *data = malloc(len);
+ if (! *data) {
+ syslog(LOG_WARNING, "ReadKerberosData: failure allocating %d bytes: %m", len);
+ return errno;
+ }
+
+ dst=*data;
+ for (i=0; i < len; i++) {
+ if (read(fd, dst++, 1) != 1) {
+ free(*data);
+ *data = NULL;
+ *size = 0;
+ syslog(LOG_WARNING,"ReadKerberosData: bad read reply string");
+ return ZSRV_PKSHORT;
+ }
+ }
+ *size = len;
+ return 0;
+}
+#endif
+
#ifdef HAVE_KRB5
Code_t
GetKrb5Data(int fd, krb5_data *data) {
for (i=0; i<20; i++) {
if (read(fd, &p[i], 1) != 1) {
- syslog(LOG_WARNING,"bad read reply len");
+ p[i] = 0;
+ syslog(LOG_WARNING,"bad read reply len @%d (got \"%s\")", i, p);
return(KFAILURE);
}
if (p[i] == ' ') {
}
return 0;
}
+
Code_t
SendKrb5Data(int fd, krb5_data *data) {
char p[32];
#endif
Code_t
-ZCheckRealmAuthentication(notice, from, realm)
- ZNotice_t *notice;
- struct sockaddr_in *from;
- char *realm;
+ZCheckRealmAuthentication(ZNotice_t *notice,
+ struct sockaddr_in *from,
+ char *realm)
{
#ifdef HAVE_KRB5
char *authbuf;
}
Code_t
-ZCheckAuthentication(notice, from)
- ZNotice_t *notice;
- struct sockaddr_in *from;
+ZCheckAuthentication(ZNotice_t *notice,
+ struct sockaddr_in *from)
{
#ifdef HAVE_KRB5
char *authbuf;
#undef KRB5AUTHENT
Code_t
-ZCheckAuthentication4(notice, from)
- ZNotice_t *notice;
- struct sockaddr_in *from;
+ZCheckAuthentication4(ZNotice_t *notice,
+ struct sockaddr_in *from)
{
#ifdef HAVE_KRB4
int result;
#ifdef HAVE_KRB4
-static ZChecksum_t compute_checksum(notice, session_key)
- ZNotice_t *notice;
- C_Block session_key;
+static ZChecksum_t
+compute_checksum(ZNotice_t *notice,
+ C_Block session_key)
{
#ifdef NOENCRYPTION
return 0;
#endif
}
-static ZChecksum_t compute_rlm_checksum(notice, session_key)
- ZNotice_t *notice;
- C_Block session_key;
+static ZChecksum_t compute_rlm_checksum(ZNotice_t *notice,
+ C_Block session_key)
{
#ifdef NOENCRYPTION
return 0;