diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2009-08-21 18:32:50 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2009-08-21 18:32:50 +0000 |
| commit | b66f070b39cce4c9c5900da645c22e762d275f8a (patch) | |
| tree | 9e68b89767e1a480dfa6fdceeb701c618728b73d /src/kdc | |
| parent | dedee8ac61156516439d3cb2430bf717be2628ce (diff) | |
| download | krb5-b66f070b39cce4c9c5900da645c22e762d275f8a.zip krb5-b66f070b39cce4c9c5900da645c22e762d275f8a.tar.gz krb5-b66f070b39cce4c9c5900da645c22e762d275f8a.tar.bz2 | |
Change "vague-errors" compile-time conditionals into run-time
conditionals, based on a variable initialized based on the
compile-time conditional (but probably eventually set from the config
file or command line).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22569 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kdc')
| -rw-r--r-- | src/kdc/do_as_req.c | 14 | ||||
| -rw-r--r-- | src/kdc/extern.h | 2 | ||||
| -rw-r--r-- | src/kdc/kdc_util.c | 24 |
3 files changed, 22 insertions, 18 deletions
diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index 52fbda5..304b76b 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -208,11 +208,10 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt, goto errout; } else if (c_nprincs != 1) { status = "CLIENT_NOT_FOUND"; -#ifdef KRBCONF_VAGUE_ERRORS - errcode = KRB5KRB_ERR_GENERIC; -#else - errcode = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; -#endif + if (vague_errors) + errcode = KRB5KRB_ERR_GENERIC; + else + errcode = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; goto errout; } @@ -409,9 +408,8 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt, } update_client = 1; status = "PREAUTH_FAILED"; -#ifdef KRBCONF_VAGUE_ERRORS - errcode = KRB5KRB_ERR_GENERIC; -#endif + if (vague_errors) + errcode = KRB5KRB_ERR_GENERIC; goto errout; } } diff --git a/src/kdc/extern.h b/src/kdc/extern.h index 87cc1bf..079f0e4 100644 --- a/src/kdc/extern.h +++ b/src/kdc/extern.h @@ -105,6 +105,8 @@ extern const int kdc_modifies_kdb; extern char **db_args; extern krb5_int32 max_dgram_reply_size; /* maximum datagram size */ +extern const int vague_errors; + extern volatile int signal_requests_exit; extern volatile int signal_requests_hup; #endif /* __KRB5_KDC_EXTERN__ */ diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 53adfbb..88ef110 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -69,6 +69,12 @@ static char *kdc_current_rcname = (char *) NULL; krb5_deltat rc_lifetime; /* See kdc_initialize_rcache() */ #endif +#ifdef KRBCONF_VAGUE_ERRORS +const int vague_errors = 1; +#else +const int vague_errors = 0; +#endif + #ifdef USE_RCACHE /* * initialize the replay cache. @@ -939,11 +945,10 @@ validate_as_request(register krb5_kdc_req *request, krb5_db_entry client, /* The client must not be expired */ if (client.expiration && client.expiration < kdc_time) { *status = "CLIENT EXPIRED"; -#ifdef KRBCONF_VAGUE_ERRORS - return(KRB_ERR_GENERIC); -#else - return(KDC_ERR_NAME_EXP); -#endif + if (vague_errors) + return(KRB_ERR_GENERIC); + else + return(KDC_ERR_NAME_EXP); } /* The client's password must not be expired, unless the server is @@ -951,11 +956,10 @@ validate_as_request(register krb5_kdc_req *request, krb5_db_entry client, if (client.pw_expiration && client.pw_expiration < kdc_time && !isflagset(server.attributes, KRB5_KDB_PWCHANGE_SERVICE)) { *status = "CLIENT KEY EXPIRED"; -#ifdef KRBCONF_VAGUE_ERRORS - return(KRB_ERR_GENERIC); -#else - return(KDC_ERR_KEY_EXP); -#endif + if (vague_errors) + return(KRB_ERR_GENERIC); + else + return(KDC_ERR_KEY_EXP); } /* The server must not be expired */ |