![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to create_ticket.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb|
Return to create_ticket.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb |
1.1 root 1: /*
2: * $Source: /mit/kerberos/src/lib/krb/RCS/create_ticket.c,v $
3: * $Author: jtkohl $
4: *
5: * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
6: * of Technology.
7: *
8: * For copying and distribution information, please see the file
9: * <mit-copyright.h>.
10: */
11:
12: #ifndef lint
13: static char rcsid_create_ticket_c[] =
14: "$Header: create_ticket.c,v 4.11 89/03/22 14:43:23 jtkohl Exp $";
15: #endif /* lint */
16:
17: #include <mit-copyright.h>
18: #include <stdio.h>
19: #include <des.h>
20: #include <krb.h>
21: #include <prot.h>
22: #include <strings.h>
23:
24: /*
25: * Create ticket takes as arguments information that should be in a
26: * ticket, and the KTEXT object in which the ticket should be
27: * constructed. It then constructs a ticket and returns, leaving the
28: * newly created ticket in tkt.
29: #ifndef NOENCRYPTION
30: * The data in tkt->dat is encrypted in the server's key.
31: #endif
32: * The length of the ticket is a multiple of
33: * eight bytes and is in tkt->length.
34: *
35: * If the ticket is too long, the ticket will contain nulls.
36: * The return value of the routine is undefined.
37: *
38: * The corresponding routine to extract information from a ticket it
39: * decomp_ticket. When changes are made to this routine, the
40: * corresponding changes should also be made to that file.
41: *
42: * The packet is built in the following format:
43: *
44: * variable
45: * type or constant data
46: * ---- ----------- ----
47: *
48: * tkt->length length of ticket (multiple of 8 bytes)
49: *
50: #ifdef NOENCRYPTION
51: * tkt->dat:
52: #else
53: * tkt->dat: (encrypted in server's key)
54: #endif
55: *
56: * unsigned char flags namely, HOST_BYTE_ORDER
57: *
58: * string pname client's name
59: *
60: * string pinstance client's instance
61: *
62: * string prealm client's realm
63: *
64: * 4 bytes paddress client's address
65: *
66: * 8 bytes session session key
67: *
68: * 1 byte life ticket lifetime
69: *
70: * 4 bytes time_sec KDC timestamp
71: *
72: * string sname service's name
73: *
74: * string sinstance service's instance
75: *
76: * <=7 bytes null null pad to 8 byte multiple
77: *
78: */
79:
80: int krb_create_ticket(tkt, flags, pname, pinstance, prealm, paddress,
81: session, life, time_sec, sname, sinstance, key)
82: KTEXT tkt; /* Gets filled in by the ticket */
83: unsigned char flags; /* Various Kerberos flags */
84: char *pname; /* Principal's name */
85: char *pinstance; /* Principal's instance */
86: char *prealm; /* Principal's authentication domain */
87: long paddress; /* Net address of requesting entity */
88: char *session; /* Session key inserted in ticket */
89: short life; /* Lifetime of the ticket */
90: long time_sec; /* Issue time and date */
91: char *sname; /* Service Name */
92: char *sinstance; /* Instance Name */
93: C_Block key; /* Service's secret key */
94: {
95: Key_schedule key_s;
96: register char *data; /* running index into ticket */
97:
98: tkt->length = 0; /* Clear previous data */
99: flags |= HOST_BYTE_ORDER; /* ticket byte order */
100: bcopy((char *) &flags,(char *) (tkt->dat),sizeof(flags));
101: data = ((char *)tkt->dat) + sizeof(flags);
102: (void) strcpy(data, pname);
103: data += 1 + strlen(pname);
104: (void) strcpy(data, pinstance);
105: data += 1 + strlen(pinstance);
106: (void) strcpy(data, prealm);
107: data += 1 + strlen(prealm);
108: bcopy((char *) &paddress, data, 4);
109: data += 4;
110:
111: bcopy((char *) session, data, 8);
112: data += 8;
113: *(data++) = (char) life;
114: /* issue time */
115: bcopy((char *) &time_sec, data, 4);
116: data += 4;
117: (void) strcpy(data, sname);
118: data += 1 + strlen(sname);
119: (void) strcpy(data, sinstance);
120: data += 1 + strlen(sinstance);
121:
122: /* guarantee null padded ticket to multiple of 8 bytes */
123: bzero(data, 7);
124: tkt->length = ((data - ((char *)tkt->dat) + 7)/8)*8;
125:
126: /* Check length of ticket */
127: if (tkt->length > (sizeof(KTEXT_ST) - 7)) {
128: bzero(tkt->dat, tkt->length);
129: tkt->length = 0;
130: return KFAILURE /* XXX */;
131: }
132:
133: #ifndef NOENCRYPTION
134: /* Encrypt the ticket in the services key */
135: key_sched(key,key_s);
136: pcbc_encrypt((C_Block *)tkt->dat,(C_Block *)tkt->dat,
137: (long) tkt->length,key_s,key,1);
138: #endif /* !NOENCRYPTION */
139: return 0;
140: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.