From: Derrick Brashear Date: Tue, 10 Jun 2003 21:42:51 +0000 (+0000) Subject: rxkad-ticket-cleanup-20030610 X-Git-Tag: openafs-devel-1_3_50~184 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=ecfcebec10542834fe770d2f1c98baa77aaaf90e;p=packages%2Fo%2Fopenafs.git rxkad-ticket-cleanup-20030610 kill forward decls and dead code. --- diff --git a/src/rxkad/ticket.c b/src/rxkad/ticket.c index 69b9e3868..4d4bd428b 100644 --- a/src/rxkad/ticket.c +++ b/src/rxkad/ticket.c @@ -47,17 +47,6 @@ RCSID("$Header$"); #include "rxkad.h" #endif /* defined(UKERNEL) */ -/* static prototypes */ -static int decode_athena_ticket (char *ticket, int ticketLen, char *name, - char *inst, char *realm, afs_int32 *host, struct ktc_encryptionKey *sessionKey, - afs_uint32 *start, afs_uint32 *end); -static int assemble_athena_ticket (char *ticket, int *ticketLen, char *name, - char *inst, char *realm, afs_int32 host, struct ktc_encryptionKey *sessionKey, - afs_uint32 start, afs_uint32 end, char *sname, char *sinst); - -#define ANDREWFLAGSVALUE (0x80) -#define TICKET_LABEL "TicketEnd" - /* This union is used to insure we allocate enough space for a key * schedule even if we are linked against a library that uses OpenSSL's * larger representation. This is necessary so we don't lose if an @@ -74,6 +63,49 @@ union Key_schedule_safe { } openssl_schedule[16]; }; +#define getstr(name,min) \ + slen = strlen(ticket); \ + if ((slen < min) || (slen >= MAXKTCNAMELEN)) return -1; \ + strcpy (name, ticket); \ + ticket += slen+1 + +static int decode_athena_ticket (char *ticket, int ticketLen, char *name, + char *inst, char *realm, afs_int32 *host, struct ktc_encryptionKey *sessionKey, + afs_uint32 *start, afs_uint32 *end) +{ char *ticketBeg = ticket; + char flags; + int slen; + int tlen; + unsigned char lifetime; + char sname[MAXKTCNAMELEN]; /* these aren't used, */ + char sinst[MAXKTCNAMELEN]; /* but are in the ticket */ + + flags = *ticket++; + getstr (name, 1); + getstr (inst, 0); + getstr (realm, 0); + + memcpy(host, ticket, sizeof (*host)); + ticket += sizeof(*host); + *host = ktohl (flags, *host); + + memcpy(sessionKey, ticket, sizeof (struct ktc_encryptionKey)); + ticket += sizeof (struct ktc_encryptionKey); + + lifetime = *ticket++; + memcpy(start, ticket, sizeof (*start)); + ticket += sizeof(*start); + *start = ktohl (flags, *start); + *end = life_to_time (*start, lifetime); + + getstr (sname, 1); + getstr (sinst, 0); + + tlen = ticket - ticketBeg; + if ((round_up_to_ebs(tlen) != ticketLen) && (ticketLen != 56)) return -1; + return 0; +} + /* This is called to interpret a ticket. It is assumed that the necessary keys have been added so that the key version number in the ticket will indicate a valid key for decrypting the ticket. The various fields inside the ticket @@ -87,7 +119,6 @@ int tkt_DecodeTicket (char *asecret, afs_int32 ticketLen, { char clear_ticket[MAXKTCTICKETLEN]; char *ticket; union Key_schedule_safe schedule; - /* unsigned char flags; */ int code; if (ticketLen == 0) return RXKADBADTICKET; /* no ticket */ @@ -101,32 +132,9 @@ int tkt_DecodeTicket (char *asecret, afs_int32 ticketLen, ticket = clear_ticket; pcbc_encrypt (asecret, ticket, ticketLen, schedule.schedule, key, DECRYPT); - /* flags = *ticket; */ /* get the first byte: the flags */ -#if 0 - if (flags == ANDREWFLAGSVALUE) { - code = decode_andrew_ticket (ticket, ticketLen, name, inst, cell, - host, sessionKey, start, end); - if (code) { - code = decode_athena_ticket (ticket, ticketLen, name, inst, cell, - host, sessionKey, start, end); - flags = 0; - } - } - else { - code = decode_athena_ticket (ticket, ticketLen, name, inst, cell, - host, sessionKey, start, end); - if (code) { - code = decode_andrew_ticket (ticket, ticketLen, name, inst, cell, - host, sessionKey, start, end); - flags = ANDREWFLAGSVALUE; - } - } -#else code = decode_athena_ticket (ticket, ticketLen, name, inst, cell, host, sessionKey, start, end); - /* flags = 0; */ -#endif if (code) return RXKADBADTICKET; if (tkt_CheckTimes (*start, *end, time(0)) < -1) return RXKADBADTICKET; @@ -148,71 +156,6 @@ int tkt_DecodeTicket (char *asecret, afs_int32 ticketLen, char *sinst; */ -int tkt_MakeTicket (char *ticket, int *ticketLen, - struct ktc_encryptionKey *key, char *name, char *inst, char *cell, - afs_uint32 start, afs_uint32 end, struct ktc_encryptionKey *sessionKey, - afs_uint32 host, char *sname, char *sinst) -{ int code; - union Key_schedule_safe schedule; - - *ticketLen = 0; /* in case we return early */ - code = assemble_athena_ticket (ticket, ticketLen, name, inst, cell, - host, sessionKey, start, end, sname, sinst); - *ticketLen = round_up_to_ebs(*ticketLen); /* round up */ - if (code) return -1; - - /* encrypt ticket */ - if (code = key_sched (key, schedule.schedule)) { - printf ("In tkt_MakeTicket: key_sched returned %d\n", code); - return RXKADBADKEY; - } - pcbc_encrypt (ticket, ticket, *ticketLen, schedule.schedule, key, ENCRYPT); - return 0; -} - -#define getstr(name,min) \ - slen = strlen(ticket); \ - if ((slen < min) || (slen >= MAXKTCNAMELEN)) return -1; \ - strcpy (name, ticket); \ - ticket += slen+1 - -static int decode_athena_ticket (char *ticket, int ticketLen, char *name, - char *inst, char *realm, afs_int32 *host, struct ktc_encryptionKey *sessionKey, - afs_uint32 *start, afs_uint32 *end) -{ char *ticketBeg = ticket; - char flags; - int slen; - int tlen; - unsigned char lifetime; - char sname[MAXKTCNAMELEN]; /* these aren't used, */ - char sinst[MAXKTCNAMELEN]; /* but are in the ticket */ - - flags = *ticket++; - getstr (name, 1); - getstr (inst, 0); - getstr (realm, 0); - - memcpy(host, ticket, sizeof (*host)); - ticket += sizeof(*host); - *host = ktohl (flags, *host); - - memcpy(sessionKey, ticket, sizeof (struct ktc_encryptionKey)); - ticket += sizeof (struct ktc_encryptionKey); - - lifetime = *ticket++; - memcpy(start, ticket, sizeof (*start)); - ticket += sizeof(*start); - *start = ktohl (flags, *start); - *end = life_to_time (*start, lifetime); - - getstr (sname, 1); - getstr (sinst, 0); - - tlen = ticket - ticketBeg; - if ((round_up_to_ebs(tlen) != ticketLen) && (ticketLen != 56)) return -1; - return 0; -} - #define putstr(name,min) \ slen = strlen(name); \ if ((slen < min) || (slen >= MAXKTCNAMELEN)) return -1; \ @@ -250,6 +193,28 @@ static int assemble_athena_ticket (char *ticket, int *ticketLen, char *name, return 0; } +int tkt_MakeTicket (char *ticket, int *ticketLen, + struct ktc_encryptionKey *key, char *name, char *inst, char *cell, + afs_uint32 start, afs_uint32 end, struct ktc_encryptionKey *sessionKey, + afs_uint32 host, char *sname, char *sinst) +{ int code; + union Key_schedule_safe schedule; + + *ticketLen = 0; /* in case we return early */ + code = assemble_athena_ticket (ticket, ticketLen, name, inst, cell, + host, sessionKey, start, end, sname, sinst); + *ticketLen = round_up_to_ebs(*ticketLen); /* round up */ + if (code) return -1; + + /* encrypt ticket */ + if (code = key_sched (key, schedule.schedule)) { + printf ("In tkt_MakeTicket: key_sched returned %d\n", code); + return RXKADBADKEY; + } + pcbc_encrypt (ticket, ticket, *ticketLen, schedule.schedule, key, ENCRYPT); + return 0; +} + /* This is just a routine that checks the consistency of ticket lifetimes. It returns three values: */ /* -2 means the times are inconsistent or ticket has expired