/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
*/
#include "k5-int.h"
#include "int-proto.h"
/* Return true if configuration demands that a keytab be present. (By default
* verification will be skipped if no keytab exists.) */
/*
* Solaris Kerberos: We differ in that verification will not be skipped if
* there is no keytab unless verify_ap_req_nofail is explicitly set to false.
*/
static krb5_boolean
{
int val;
if (options &&
return (options->ap_req_nofail != 0);
&val) == 0)
return (val != 0);
/* Solaris Kerberos: we default to TRUE unlike MIT */
return TRUE;
}
static krb5_error_code
{
flags = 0; /* turns off OPENCLOSE mode */
return(code);
return(code);
goto cleanup;
continue;
if (code)
goto cleanup;
}
if (code != KRB5_CC_END)
goto cleanup;
code = 0;
if (code)
else
if (code)
else
return(code);
}
static krb5_error_code
{
/* If the creds are for the server principal, we're set, just do a mk_req.
* Otherwise, do a get_credentials first.
*/
/* make an ap_req */
&ap_req)))
goto cleanup;
} else {
/*
* Solaris Kerberos: being careful not to allow an attack where the
* default realm is coming from DNS. If this is the case then the
* client princ realm must be the same as the server princ's realm used
* to verify the client's TGT. Note that this attack can be thwarted
* when the default realm is explictly configured.
*/
&temp_realm);
if (ret)
goto cleanup;
if (temp_realm == NULL) {
/*
* If here then the default realm is not explicitly configured on
* the system. Need to verify the client's realm is the same as
* the server's.
*/
/* Indicate a default realm needs to be configured */
goto cleanup;
}
} else {
}
/* this is unclean, but it's the easiest way without ripping the
library into very small pieces. store the client's initial cred
in a memory ccache, then call the library. Later, we'll copy
everything except the initial cred into the ccache we return to
the user. A clean implementation would involve library
internals with a coherent idea of "in" and "out". */
/* insert the initial cred into the ccache */
goto cleanup;
}
goto cleanup;
goto cleanup;
/* set up for get_creds */
goto cleanup;
&out_creds)))
goto cleanup;
/* make an ap_req */
&ap_req)))
goto cleanup;
}
/* wipe the auth context for mk_req */
if (authcon) {
}
/* verify the ap_req */
goto cleanup;
/* if we get this far, then the verification succeeded. We can
still fail if the library stuff here fails, but that's it */
if (ccache_arg && ccache) {
if (*ccache_arg == NULL) {
if (retcc)
} else {
*ccache_arg = retcc;
}
} else {
server);
}
}
/* if any of the above paths returned an errors, then ret is set accordingly.
* Either that, or it's zero, which is fine, too
*/
if (ccache)
if (out_creds)
if (authcon)
return(ret);
}
/* Free the principals in plist and plist itself. */
static void
{
size_t i;
return;
}
/* Add princ to plist if it isn't already there. */
static krb5_error_code
{
size_t i;
/* Check if princ is already in plist, and count the elements. */
return 0;
}
return ENOMEM;
}
/* Return a list of all unique host service princs in keytab. */
static krb5_error_code
{
*princ_list_out = NULL;
if (ret)
goto cleanup;
if (ret)
break;
}
if (ret == KRB5_KT_END)
ret = 0;
if (ret)
goto cleanup;
*princ_list_out = plist;
return ret;
}
{
size_t i;
if (ret)
goto cleanup;
}
/* Check if server exists in keytab first. */
if (ret)
goto cleanup;
} else {
/* Try using the host service principals from the keytab. */
goto cleanup;
}
if (ret)
goto cleanup;
if (host_princs == NULL) {
goto cleanup;
}
/* Try all host principals until one succeeds or they all fail. */
for (i = 0; host_princs[i] != NULL; i++) {
if (ret == 0)
break;
}
}
/* If we have no key to verify with, pretend to succeed unless
* configuration directs otherwise. */
ret = 0;
return ret;
}