diff options
| author | John Kohl <jtkohl@mit.edu> | 1990-05-11 16:02:57 +0000 |
|---|---|---|
| committer | John Kohl <jtkohl@mit.edu> | 1990-05-11 16:02:57 +0000 |
| commit | b99c6276f4d25adce5585647a37aee4de8afeea4 (patch) | |
| tree | 0db4d7de647d4b9c7e8ed376b9fa5ad0bc425381 /src | |
| parent | 52e8ab4c28815f9c6675e74f24ecdebb8401fa1f (diff) | |
| download | krb5-b99c6276f4d25adce5585647a37aee4de8afeea4.zip krb5-b99c6276f4d25adce5585647a37aee4de8afeea4.tar.gz krb5-b99c6276f4d25adce5585647a37aee4de8afeea4.tar.bz2 | |
some work on cross-realm case (not completely done)
(er, not completely tested)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@845 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/krb5/krb/gc_frm_kdc.c | 32 |
1 files changed, 22 insertions, 10 deletions
diff --git a/src/lib/krb5/krb/gc_frm_kdc.c b/src/lib/krb5/krb/gc_frm_kdc.c index 71b3066..070c2e1 100644 --- a/src/lib/krb5/krb/gc_frm_kdc.c +++ b/src/lib/krb5/krb/gc_frm_kdc.c @@ -62,7 +62,7 @@ krb5_get_cred_from_kdc (ccache, cred, tgts) { krb5_creds tgt, tgtq; krb5_creds **ret_tgts = 0; - krb5_principal *tgs_list, next_server; + krb5_principal *tgs_list, *next_server; krb5_error_code retval; int nservers; krb5_enctype etype; @@ -113,13 +113,13 @@ krb5_get_cred_from_kdc (ccache, cred, tgts) /* walk the list BACKWARDS until we find a cached TGT, then move forward obtaining TGTs until we get the last TGT needed */ - for (next_server = tgs_list[0]; next_server; next_server++); - nservers = next_server - tgs_list[0]; + for (next_server = tgs_list; *next_server; next_server++); + nservers = next_server - tgs_list; next_server--; /* next_server now points to the last TGT */ - for (; next_server >= tgs_list[0]; next_server--) { - tgtq.server = next_server; + for (; next_server >= tgs_list; next_server--) { + tgtq.server = *next_server; retval = krb5_cc_retrieve_cred (ccache, 0, /* default is client & server */ &tgtq, @@ -134,24 +134,31 @@ krb5_get_cred_from_kdc (ccache, cred, tgts) next_server++; break; /* found one! */ } - krb5_free_realm_tree(tgs_list); + if (next_server < tgs_list) { + /* didn't find any */ + retval = KRB5_NO_TKT_IN_RLM; + krb5_free_realm_tree(tgs_list); + goto out; + } /* allocate storage for TGT pointers. */ ret_tgts = (krb5_creds **)calloc(nservers+1, sizeof(krb5_creds)); if (!ret_tgts) { retval = ENOMEM; + krb5_free_realm_tree(tgs_list); goto out; } *tgts = ret_tgts; - for (nservers = 0; next_server; next_server++, nservers++) { + for (nservers = 0; *next_server; next_server++, nservers++) { if (!valid_keytype(tgt.keyblock.keytype)) { retval = KRB5_PROG_KEYTYPE_NOSUPP; + krb5_free_realm_tree(tgs_list); goto out; } /* now get the TGTs */ tgtq.times = tgt.times; tgtq.client = tgt.client; - tgtq.server = next_server; + tgtq.server = *next_server; tgtq.is_skey = FALSE; tgtq.ticket_flags = tgt.ticket_flags; @@ -160,14 +167,19 @@ krb5_get_cred_from_kdc (ccache, cred, tgts) flags2options(tgtq.ticket_flags), etype, krb5_kdc_req_sumtype, - &tgtq)) + &tgtq)) { + krb5_free_realm_tree(tgs_list); goto out; + } /* save tgt in return array */ - if (retval = krb5_copy_creds(&tgtq, &ret_tgts[nservers])) + if (retval = krb5_copy_creds(&tgtq, &ret_tgts[nservers])) { + krb5_free_realm_tree(tgs_list); goto out; + } /* XXX need to clean up stuff pointed to by tgtq? */ tgt = tgtq; } + krb5_free_realm_tree(tgs_list); } /* got/finally have tgt! */ if (!valid_keytype(tgt.keyblock.keytype)) { |