/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/krb5/krb/recvauth.c
*
* Copyright 1991 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
/*
*/
/*
*/
#include "k5-int.h"
#include "auth_con.h"
#include "com_err.h"
#include <errno.h>
#include <stdio.h>
#include <string.h>
static krb5_error_code
/* IN */
char *appl_version,
/* OUT */
krb5_ticket ** ticket,
{
int need_error_free = 0;
/*
* Zero out problem variable. If problem is set at the end of
* the intial version negotiation section, it means that we
* need to send an error code back to the client application
* and exit.
*/
problem = 0;
response = 0;
if (!(flags & KRB5_RECVAUTH_SKIP_VERSION)) {
/*
* First read the sendauth version string and check it.
*/
return(retval);
response = 1;
}
}
if (flags & KRB5_RECVAUTH_BADAUTHVERS) {
response = 1;
}
/*
* Do the same thing for the application version string.
*/
return(retval);
if (!problem) {
response = 2;
}
}
else
/*
* Now we actually write the response. If the response is non-zero,
* exit with a return value of problem
*/
return(problem); /* We'll return the top-level problem */
}
if (problem)
return(problem);
/* We are clear of errors here */
/*
* Now, let's read the AP_REQ message and decode it
*/
return retval;
if (*auth_context == NULL) {
local_authcon = 1;
}
/*
* Setup the replay cache.
*/
if (server) {
} else {
}
if (!problem)
local_rcache = 1;
}
if (!problem) {
}
/*
* If there was a problem, send back a krb5_error message,
* preceeded by the length of the krb5_error message. If
* everything's ok, send back 0 for the length.
*/
if (problem) {
const char *message;
if(server)
else {
/* If this fails - ie. ENOMEM we are hosed
we cannot even send the error if we wanted to... */
need_error_free = 1;
}
goto cleanup;
}
goto cleanup;
}
if(need_error_free)
} else {
}
/* We sent back an error, we need cleanup then return */
goto cleanup;
}
if (retval)
goto cleanup;
/* Here lies the mutual authentication stuff... */
if ((ap_option & AP_OPTS_MUTUAL_REQUIRED)) {
return(retval);
}
}
cleanup:;
if (retval) {
if (local_authcon) {
/* Solaris Kerberos */
*auth_context = NULL;
}
}
return retval;
}
krb5_recvauth(krb5_context context, krb5_auth_context *auth_context, krb5_pointer fd, char *appl_version, krb5_principal server, krb5_int32 flags, krb5_keytab keytab, krb5_ticket **ticket)
{
}
/* IN */
/* OUT */
{
}