From 1a0e03eb19998ab496a6ea845ff2c42d9a02df0b Mon Sep 17 00:00:00 2001 From: Karl Ramm Date: Tue, 25 Dec 2007 00:56:08 +0000 Subject: applied athena-update-branch patch --- server/subscr.c | 88 +++++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 60 insertions(+), 28 deletions(-) (limited to 'server/subscr.c') diff --git a/server/subscr.c b/server/subscr.c index b5da880..49d3211 100644 --- a/server/subscr.c +++ b/server/subscr.c @@ -95,10 +95,10 @@ static char **subscr_marshal_subs __P((ZNotice_t *notice, int auth, int *found)); static Destlist *subscr_copy_def_subs __P((char *person)); static Code_t subscr_realm_sendit __P((Client *who, Destlist *subs, - ZNotice_t *notice, Realm *realm)); + ZNotice_t *notice, ZRealm *realm)); static void subscr_unsub_realms __P((Destlist *newsubs)); static void subscr_unsub_sendit __P((Client *who, Destlist *subs, - Realm *realm)); + ZRealm *realm)); static int cl_match __P((Destlist*, Client *)); static int defaults_read = 0; /* set to 1 if the default subs @@ -140,7 +140,7 @@ add_subscriptions(who, subs, notice, server) Code_t retval; Acl *acl; String *sender; - Realm *realm = NULL; + ZRealm *realm = NULL; if (!subs) return ZERR_NONE; /* no subscr -> no error */ @@ -187,18 +187,14 @@ add_subscriptions(who, subs, notice, server) } } if (realm && !bdumping) { - if (server && server == me_server) { retval = subscr_realm_sendit(who, subs, notice, realm); if (retval != ZERR_NONE) { - free_subscriptions(subs); - free_string(sender); - return(retval); - } else { - /* free this one, will get from ADD */ free_subscription(subs); - } + continue; /* the for loop */ } else { /* Indicates we leaked traffic back to our realm */ + free_subscription(subs); /* free this one, wil get from + ADD */ } } else { retval = triplet_register(who, &subs->dest, NULL); @@ -333,7 +329,7 @@ subscr_cancel(sin, notice) struct sockaddr_in *sin; ZNotice_t *notice; { - Realm *realm; + ZRealm *realm; Client *who; Destlist *cancel_subs, *subs, *cancel_next, *client_subs, *client_next; Code_t retval; @@ -396,7 +392,7 @@ Code_t subscr_realm_cancel(sin, notice, realm) struct sockaddr_in *sin; ZNotice_t *notice; - Realm *realm; + ZRealm *realm; { Client *who; Destlist *cancel_subs, *subs, *client_subs, *next, *next2; @@ -452,7 +448,7 @@ subscr_cancel_client(client) { Destlist *subs, *next; Code_t retval; - Realm *realm; + ZRealm *realm; #if 0 zdbug((LOG_DEBUG,"subscr_cancel_client %s", @@ -557,7 +553,7 @@ subscr_marshal_subs(notice, auth, who, found) zdbug((LOG_DEBUG, "subscr_marshal")); #endif *found = 0; - + /* Note that the following code is an incredible crock! */ /* We cannot send multiple packets as acknowledgements to the client, @@ -842,10 +838,15 @@ subscr_send_subs(client) { int i = 0; Destlist *subs; +#ifdef HAVE_KRB5 + char buf[512]; + char *bufp; +#else #ifdef HAVE_KRB4 char buf[512]; C_Block cblock; #endif /* HAVE_KRB4 */ +#endif char buf2[512]; char *list[7 * NUM_FIELDS]; int num = 0; @@ -858,14 +859,45 @@ subscr_send_subs(client) list[num++] = buf2; +#ifdef HAVE_KRB5 +#ifdef HAVE_KRB4 /* XXX make this optional for server transition time */ + if (client->session_keyblock->enctype == ENCTYPE_DES_CBC_CRC) { + bufp = malloc(client->session_keyblock->length); + if (bufp == NULL) { + syslog(LOG_WARNING, "subscr_send_subs: cannot allocate memory for DES keyblock: %m"); + return errno; + } + des_ecb_encrypt(client->session_keyblock->contents, bufp, serv_ksched.s, DES_ENCRYPT); + retval = ZMakeAscii(buf, sizeof(buf), bufp, client->session_keyblock->length); + } else { +#endif + bufp = malloc(client->session_keyblock->length + 8); /* + enctype + + length */ + if (bufp == NULL) { + syslog(LOG_WARNING, "subscr_send_subs: cannot allocate memory for keyblock: %m"); + return errno; + } + *(krb5_enctype *)&bufp[0] = htonl(client->session_keyblock->enctype); + *(krb5_ui_4 *)&bufp[4] = htonl(client->session_keyblock->length); + memcpy(&bufp[8], client->session_keyblock->contents, client->session_keyblock->length); + + retval = ZMakeZcode(buf, sizeof(buf), bufp, client->session_keyblock->length + 8); +#ifdef HAVE_KRB4 + } +#endif /* HAVE_KRB4 */ +#else /* HAVE_KRB5 */ #ifdef HAVE_KRB4 #ifdef NOENCRYPTION memcpy(cblock, client->session_key, sizeof(C_Block)); -#else +#else /* NOENCRYPTION */ des_ecb_encrypt(client->session_key, cblock, serv_ksched.s, DES_ENCRYPT); -#endif +#endif /* NOENCRYPTION */ retval = ZMakeAscii(buf, sizeof(buf), cblock, sizeof(C_Block)); +#endif /* HAVE_KRB4 */ +#endif /* HAVE_KRB5 */ + +#if defined(HAVE_KRB4) || defined(HAVE_KRB5) if (retval != ZERR_NONE) { #if 0 zdbug((LOG_DEBUG,"zmakeascii failed: %s", error_message(retval))); @@ -876,7 +908,7 @@ subscr_send_subs(client) zdbug((LOG_DEBUG, "cblock %s", buf)); #endif } -#endif /* HAVE_KRB4 */ +#endif /* HAVE_KRB4 || HAVE_KRB5*/ retval = bdump_send_list_tcp(SERVACK, &client->addr, ZEPHYR_ADMIN_CLASS, num > 1 ? "CBLOCK" : "", ADMIN_NEWCLT, client->principal->string, "", list, num); @@ -1047,7 +1079,7 @@ subscr_realm_sendit(who, subs, notice, realm) Client *who; Destlist *subs; ZNotice_t *notice; - Realm *realm; + ZRealm *realm; { ZNotice_t snotice; char *pack; @@ -1132,7 +1164,7 @@ subscr_realm_sendit(who, subs, notice, realm) static Code_t subscr_add_raw(client, realm, newsubs) Client *client; - Realm *realm; + ZRealm *realm; Destlist *newsubs; { Destlist *subs, *subs2, *subs3, **head; @@ -1162,7 +1194,7 @@ subscr_add_raw(client, realm, newsubs) } } else { if (!realm) { - Realm *remrealm = + ZRealm *remrealm = realm_get_realm_by_name(subs->dest.recip->string + 1); if (remrealm) { Destlist *sub = (Destlist *) malloc(sizeof(Destlist)); @@ -1190,7 +1222,7 @@ subscr_add_raw(client, realm, newsubs) /* Called from bdump_recv_loop to decapsulate realm subs */ Code_t subscr_realm(realm, notice) - Realm *realm; + ZRealm *realm; ZNotice_t *notice; { Destlist *newsubs; @@ -1210,7 +1242,7 @@ static void subscr_unsub_sendit(who, subs, realm) Client *who; Destlist *subs; - Realm *realm; + ZRealm *realm; { ZNotice_t unotice; Code_t retval; @@ -1275,7 +1307,7 @@ subscr_unsub_sendit(who, subs, realm) /* Called from bump_send_loop by way of realm_send_realms */ Code_t subscr_send_realm_subs(realm) - Realm *realm; + ZRealm *realm; { int i = 0; Destlist *subs, *next; @@ -1342,7 +1374,7 @@ subscr_send_realm_subs(realm) Code_t subscr_realm_subs(realm) - Realm *realm; + ZRealm *realm; { int i = 0; Destlist *subs, *next; @@ -1431,7 +1463,7 @@ subscr_check_foreign_subs(notice, who, server, realm, newsubs) ZNotice_t *notice; struct sockaddr_in *who; Server *server; - Realm *realm; + ZRealm *realm; Destlist *newsubs; { Destlist *subs, *subs2, *next; @@ -1470,7 +1502,7 @@ subscr_check_foreign_subs(notice, who, server, realm, newsubs) found = 0; for (subs = newsubs; subs; subs = next) { - Realm *rlm; + ZRealm *rlm; next=subs->next; if (subs->dest.recip->string[0] != '\0') { rlm = realm_which_realm(who); @@ -1566,7 +1598,7 @@ Code_t subscr_foreign_user(notice, who, server, realm) ZNotice_t *notice; struct sockaddr_in *who; Server *server; - Realm *realm; + ZRealm *realm; { Destlist *newsubs, *temp; Acl *acl; @@ -1640,7 +1672,7 @@ Code_t subscr_foreign_user(notice, who, server, realm) temp->dest.recip = make_string(rlm_recipient, 0); } - status = subscr_add_raw(client, (Realm *)0, newsubs); + status = subscr_add_raw(client, (ZRealm *)0, newsubs); } else if (!strcmp(snotice.z_opcode, REALM_REQ_SUBSCRIBE)) { zdbug((LOG_DEBUG, "subscr_foreign_user REQ %s/%s", tp0, tp1)); status = subscr_check_foreign_subs(notice, who, server, realm, newsubs); -- cgit v1.2.3