![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to decomp_ticket.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb|
Return to decomp_ticket.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / krb |
1.1 root 1: /*
2: * $Source: /mit/kerberos/src/lib/krb/RCS/decomp_ticket.c,v $
3: * $Author: jtkohl $
4: *
5: * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
6: * of Technology.
7: *
8: * For copying and distribution information, please see the file
9: * <mit-copyright.h>.
10: */
11:
12: #ifndef lint
13: static char *rcsid_decomp_ticket_c =
14: "$Header: decomp_ticket.c,v 4.12 89/05/16 18:44:46 jtkohl Exp $";
15: #endif /* lint */
16:
17: #include <mit-copyright.h>
18: #include <stdio.h>
19: #include <des.h>
20: #include <krb.h>
21: #include <prot.h>
22: #include <strings.h>
23:
24: /*
25: * This routine takes a ticket and pointers to the variables that
26: * should be filled in based on the information in the ticket. It
27: #ifndef NOENCRYPTION
28: * decrypts the ticket using the given key, and
29: #endif
30: * fills in values for its arguments.
31: *
32: * Note: if the client realm field in the ticket is the null string,
33: * then the "prealm" variable is filled in with the local realm (as
34: * defined by KRB_REALM).
35: *
36: * If the ticket byte order is different than the host's byte order
37: * (as indicated by the byte order bit of the "flags" field), then
38: * the KDC timestamp "time_sec" is byte-swapped. The other fields
39: * potentially affected by byte order, "paddress" and "session" are
40: * not byte-swapped.
41: *
42: * The routine returns KFAILURE if any of the "pname", "pinstance",
43: * or "prealm" fields is too big, otherwise it returns KSUCCESS.
44: *
45: * The corresponding routine to generate tickets is create_ticket.
46: * When changes are made to this routine, the corresponding changes
47: * should also be made to that file.
48: *
49: * See create_ticket.c for the format of the ticket packet.
50: */
51:
52: decomp_ticket(tkt, flags, pname, pinstance, prealm, paddress, session,
53: life, time_sec, sname, sinstance, key, key_s)
54: KTEXT tkt; /* The ticket to be decoded */
55: unsigned char *flags; /* Kerberos ticket flags */
56: char *pname; /* Authentication name */
57: char *pinstance; /* Principal's instance */
58: char *prealm; /* Principal's authentication domain */
59: unsigned long *paddress; /* Net address of entity
60: * requesting ticket */
61: C_Block session; /* Session key inserted in ticket */
62: int *life; /* Lifetime of the ticket */
63: unsigned long *time_sec; /* Issue time and date */
64: char *sname; /* Service name */
65: char *sinstance; /* Service instance */
66: C_Block key; /* Service's secret key
67: * (to decrypt the ticket) */
68: Key_schedule key_s; /* The precomputed key schedule */
69: {
70: static int tkt_swap_bytes;
71: unsigned char *uptr;
72: char *ptr = (char *)tkt->dat;
73:
74: #ifndef NOENCRYPTION
75: /* Do the decryption */
76: pcbc_encrypt((C_Block *)tkt->dat,(C_Block *)tkt->dat,
77: (long) tkt->length,key_s,key,0);
78: #endif /* ! NOENCRYPTION */
79:
80: *flags = *ptr; /* get flags byte */
81: ptr += sizeof(*flags);
82: tkt_swap_bytes = 0;
83: if (HOST_BYTE_ORDER != ((*flags >> K_FLAG_ORDER)& 1))
84: tkt_swap_bytes++;
85:
86: if (strlen(ptr) > ANAME_SZ)
87: return(KFAILURE);
88: (void) strcpy(pname,ptr); /* pname */
89: ptr += strlen(pname) + 1;
90:
91: if (strlen(ptr) > INST_SZ)
92: return(KFAILURE);
93: (void) strcpy(pinstance,ptr); /* instance */
94: ptr += strlen(pinstance) + 1;
95:
96: if (strlen(ptr) > REALM_SZ)
97: return(KFAILURE);
98: (void) strcpy(prealm,ptr); /* realm */
99: ptr += strlen(prealm) + 1;
100: /* temporary hack until realms are dealt with properly */
101: if (*prealm == 0)
102: (void) strcpy(prealm,KRB_REALM);
103:
104: bcopy(ptr,(char *)paddress,4); /* net address */
105: ptr += 4;
106:
107: bcopy(ptr,(char *)session,8); /* session key */
108: ptr+= 8;
109: #ifdef notdef /* DONT SWAP SESSION KEY spm 10/22/86 */
110: if (tkt_swap_bytes)
111: swap_C_Block(session);
112: #endif
113:
114: /* get lifetime, being certain we don't get negative lifetimes */
115: uptr = (unsigned char *) ptr++;
116: *life = (int) *uptr;
117:
118: bcopy(ptr,(char *) time_sec,4); /* issue time */
119: ptr += 4;
120: if (tkt_swap_bytes)
121: swap_u_long(*time_sec);
122:
123: (void) strcpy(sname,ptr); /* service name */
124: ptr += 1 + strlen(sname);
125:
126: (void) strcpy(sinstance,ptr); /* instance */
127: ptr += 1 + strlen(sinstance);
128: return(KSUCCESS);
129: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.