summaryrefslogtreecommitdiffstats
path: root/eBones/krb/add_ticket.c
blob: 14ef47c46a0bd0dc7efc7bd6d3bb98c18c782597 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
/*
 * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
 * of Technology.
 * For copying and distribution information, please see the file
 * <Copyright.MIT>.
 *
 *	from: add_ticket.c,v 4.7 88/10/07 06:06:26 shanzer Exp $
 *	$Id: add_ticket.c,v 1.3 1995/07/18 16:38:04 mark Exp $
 */

#if 0
#ifndef lint
static char rcsid[] =
"$Id: add_ticket.c,v 1.3 1995/07/18 16:38:04 mark Exp $";
#endif /* lint */
#endif

#include <krb.h>
#include <prot.h>
#include <strings.h>

/*
 * This routine is now obsolete.  It used to be possible to request
 * more than one ticket at a time from the authentication server, and
 * it looks like this routine was used by the server to package the
 * tickets to be returned to the client.
 */

/*
 * This routine adds a new ticket to the ciphertext to be returned to
 * the client.  The routine takes the ciphertext (which doesn't get
 * encrypted till later), the number of the ticket (i.e. 1st, 2nd,
 * etc) the session key which goes in the ticket and is sent back to
 * the user, the lifetime for the ticket, the service name, the
 * instance, the realm, the key version number, and the ticket itself.
 *
 * This routine returns 0 (KSUCCESS) on success, and 1 (KFAILURE) on
 * failure.  On failure, which occurs when there isn't enough room
 * for the ticket, a 0 length ticket is added.
 *
 * Notes: This routine must be called with successive values of n.
 * i.e. the ticket must be added in order.  The corresponding routine
 * on the client side is extract ticket.
 */

/* XXX they aren't all used; to avoid incompatible changes we will
 * fool lint for the moment */
/*ARGSUSED */
int
add_ticket(cipher,n,session,lifetime,sname,instance,realm,kvno,ticket)
    KTEXT cipher;		/* Ciphertext info for ticket */
    char *sname;		/* Service name */
    char *instance;		/* Instance */
    int n;			/* Relative position of this ticket */
    char *session;		/* Session key for this tkt */
    int lifetime;		/* Lifetime of this ticket */
    char *realm;		/* Realm in which ticket is valid */
    int kvno;			/* Key version number of service key */
    KTEXT ticket;		/* The ticket itself */
{

    /* Note, the 42 is a temporary hack; it will have to be changed. */

    /* Begin check of ticket length */
    if ((cipher->length + ticket->length + 4 + 42 +
	(*(cipher->dat)+1-n)*(11+strlen(realm))) >
       MAX_KTXT_LEN) {
	bcopy(session,(char *)(cipher->dat+cipher->length),8);
	*(cipher->dat+cipher->length+8) = (char) lifetime;
	*(cipher->dat+cipher->length+9) = (char) kvno;
	(void) strcpy((char *)(cipher->dat+cipher->length+10),realm);
	cipher->length += 11 + strlen(realm);
	*(cipher->dat+n) = 0;
	return(KFAILURE);
    }
    /* End check of ticket length */

    /* Add the session key, lifetime, kvno, ticket to the ciphertext */
    bcopy(session,(char *)(cipher->dat+cipher->length),8);
    *(cipher->dat+cipher->length+8) = (char) lifetime;
    *(cipher->dat+cipher->length+9) = (char) kvno;
    (void) strcpy((char *)(cipher->dat+cipher->length+10),realm);
    cipher->length += 11 + strlen(realm);
    bcopy((char *)(ticket->dat),(char *)(cipher->dat+cipher->length),
	  ticket->length);
    cipher->length += ticket->length;

    /* Set the ticket length at beginning of ciphertext */
    *(cipher->dat+n) = ticket->length;
    return(KSUCCESS);
}
OpenPOWER on IntegriCloud