root/source4/heimdal/lib/krb5/send_to_kdc.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. recv_loop
  2. send_and_recv_udp
  3. send_and_recv_tcp
  4. _krb5_send_and_recv_tcp
  5. send_and_recv_http
  6. init_port
  7. send_via_proxy
  8. send_via_plugin
  9. krb5_sendto
  10. krb5_sendto_kdc
  11. krb5_sendto_kdc_flags
  12. krb5_set_send_to_kdc_func
  13. _krb5_copy_send_to_kdc_func
  14. krb5_sendto_ctx_alloc
  15. krb5_sendto_ctx_add_flags
  16. krb5_sendto_ctx_get_flags
  17. krb5_sendto_ctx_set_type
  18. krb5_sendto_ctx_set_func
  19. krb5_sendto_ctx_free
  20. krb5_sendto_context
  21. _krb5_kdc_retry

   1 /*
   2  * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33 
  34 #include "krb5_locl.h"
  35 #include "send_to_kdc_plugin.h"
  36 
  37 RCSID("$Id$");
  38 
  39 struct send_to_kdc {
  40     krb5_send_to_kdc_func func;
  41     void *data;
  42 };
  43 
  44 /*
  45  * send the data in `req' on the socket `fd' (which is datagram iff udp)
  46  * waiting `tmout' for a reply and returning the reply in `rep'.
  47  * iff limit read up to this many bytes
  48  * returns 0 and data in `rep' if succesful, otherwise -1
  49  */
  50 
  51 static int
  52 recv_loop (int fd,
     /* [<][>][^][v][top][bottom][index][help] */
  53            time_t tmout,
  54            int udp,
  55            size_t limit,
  56            krb5_data *rep)
  57 {
  58      fd_set fdset;
  59      struct timeval timeout;
  60      int ret;
  61      int nbytes;
  62 
  63      if (fd >= FD_SETSIZE) {
  64          return -1;
  65      }
  66 
  67      krb5_data_zero(rep);
  68      do {
  69          FD_ZERO(&fdset);
  70          FD_SET(fd, &fdset);
  71          timeout.tv_sec  = tmout;
  72          timeout.tv_usec = 0;
  73          ret = select (fd + 1, &fdset, NULL, NULL, &timeout);
  74          if (ret < 0) {
  75              if (errno == EINTR)
  76                  continue;
  77              return -1;
  78          } else if (ret == 0) {
  79              return 0;
  80          } else {
  81              void *tmp;
  82 
  83              if (ioctl (fd, FIONREAD, &nbytes) < 0) {
  84                  krb5_data_free (rep);
  85                  return -1;
  86              }
  87              if(nbytes <= 0)
  88                  return 0;
  89 
  90              if (limit)
  91                  nbytes = min(nbytes, limit - rep->length);
  92 
  93              tmp = realloc (rep->data, rep->length + nbytes);
  94              if (tmp == NULL) {
  95                  krb5_data_free (rep);
  96                  return -1;
  97              }
  98              rep->data = tmp;
  99              ret = recv (fd, (char*)tmp + rep->length, nbytes, 0);
 100              if (ret < 0) {
 101                  krb5_data_free (rep);
 102                  return -1;
 103              }
 104              rep->length += ret;
 105          }
 106      } while(!udp && (limit == 0 || rep->length < limit));
 107      return 0;
 108 }
 109 
 110 /*
 111  * Send kerberos requests and receive a reply on a udp or any other kind
 112  * of a datagram socket.  See `recv_loop'.
 113  */
 114 
 115 static int
 116 send_and_recv_udp(int fd,
     /* [<][>][^][v][top][bottom][index][help] */
 117                   time_t tmout,
 118                   const krb5_data *req,
 119                   krb5_data *rep)
 120 {
 121     if (send (fd, req->data, req->length, 0) < 0)
 122         return -1;
 123 
 124     return recv_loop(fd, tmout, 1, 0, rep);
 125 }
 126 
 127 /*
 128  * `send_and_recv' for a TCP (or any other stream) socket.
 129  * Since there are no record limits on a stream socket the protocol here
 130  * is to prepend the request with 4 bytes of its length and the reply
 131  * is similarly encoded.
 132  */
 133 
 134 static int
 135 send_and_recv_tcp(int fd,
     /* [<][>][^][v][top][bottom][index][help] */
 136                   time_t tmout,
 137                   const krb5_data *req,
 138                   krb5_data *rep)
 139 {
 140     unsigned char len[4];
 141     unsigned long rep_len;
 142     krb5_data len_data;
 143 
 144     _krb5_put_int(len, req->length, 4);
 145     if(net_write(fd, len, sizeof(len)) < 0)
 146         return -1;
 147     if(net_write(fd, req->data, req->length) < 0)
 148         return -1;
 149     if (recv_loop (fd, tmout, 0, 4, &len_data) < 0)
 150         return -1;
 151     if (len_data.length != 4) {
 152         krb5_data_free (&len_data);
 153         return -1;
 154     }
 155     _krb5_get_int(len_data.data, &rep_len, 4);
 156     krb5_data_free (&len_data);
 157     if (recv_loop (fd, tmout, 0, rep_len, rep) < 0)
 158         return -1;
 159     if(rep->length != rep_len) {
 160         krb5_data_free (rep);
 161         return -1;
 162     }
 163     return 0;
 164 }
 165 
 166 int
 167 _krb5_send_and_recv_tcp(int fd,
     /* [<][>][^][v][top][bottom][index][help] */
 168                         time_t tmout,
 169                         const krb5_data *req,
 170                         krb5_data *rep)
 171 {
 172     return send_and_recv_tcp(fd, tmout, req, rep);
 173 }
 174 
 175 /*
 176  * `send_and_recv' tailored for the HTTP protocol.
 177  */
 178 
 179 static int
 180 send_and_recv_http(int fd,
     /* [<][>][^][v][top][bottom][index][help] */
 181                    time_t tmout,
 182                    const char *prefix,
 183                    const krb5_data *req,
 184                    krb5_data *rep)
 185 {
 186     char *request;
 187     char *str;
 188     int ret;
 189     int len = base64_encode(req->data, req->length, &str);
 190 
 191     if(len < 0)
 192         return -1;
 193     asprintf(&request, "GET %s%s HTTP/1.0\r\n\r\n", prefix, str);
 194     free(str);
 195     if (request == NULL)
 196         return -1;
 197     ret = net_write (fd, request, strlen(request));
 198     free (request);
 199     if (ret < 0)
 200         return ret;
 201     ret = recv_loop(fd, tmout, 0, 0, rep);
 202     if(ret)
 203         return ret;
 204     {
 205         unsigned long rep_len;
 206         char *s, *p;
 207 
 208         s = realloc(rep->data, rep->length + 1);
 209         if (s == NULL) {
 210             krb5_data_free (rep);
 211             return -1;
 212         }
 213         s[rep->length] = 0;
 214         p = strstr(s, "\r\n\r\n");
 215         if(p == NULL) {
 216             krb5_data_zero(rep);
 217             free(s);
 218             return -1;
 219         }
 220         p += 4;
 221         rep->data = s;
 222         rep->length -= p - s;
 223         if(rep->length < 4) { /* remove length */
 224             krb5_data_zero(rep);
 225             free(s);
 226             return -1;
 227         }
 228         rep->length -= 4;
 229         _krb5_get_int(p, &rep_len, 4);
 230         if (rep_len != rep->length) {
 231             krb5_data_zero(rep);
 232             free(s);
 233             return -1;
 234         }
 235         memmove(rep->data, p + 4, rep->length);
 236     }
 237     return 0;
 238 }
 239 
 240 static int
 241 init_port(const char *s, int fallback)
     /* [<][>][^][v][top][bottom][index][help] */
 242 {
 243     if (s) {
 244         int tmp;
 245 
 246         sscanf (s, "%d", &tmp);
 247         return htons(tmp);
 248     } else
 249         return fallback;
 250 }
 251 
 252 /*
 253  * Return 0 if succesful, otherwise 1
 254  */
 255 
 256 static int
 257 send_via_proxy (krb5_context context,
     /* [<][>][^][v][top][bottom][index][help] */
 258                 const krb5_krbhst_info *hi,
 259                 const krb5_data *send_data,
 260                 krb5_data *receive)
 261 {
 262     char *proxy2 = strdup(context->http_proxy);
 263     char *proxy  = proxy2;
 264     char *prefix;
 265     char *colon;
 266     struct addrinfo hints;
 267     struct addrinfo *ai, *a;
 268     int ret;
 269     int s = -1;
 270     char portstr[NI_MAXSERV];
 271                 
 272     if (proxy == NULL)
 273         return ENOMEM;
 274     if (strncmp (proxy, "http://", 7) == 0)
 275         proxy += 7;
 276 
 277     colon = strchr(proxy, ':');
 278     if(colon != NULL)
 279         *colon++ = '\0';
 280     memset (&hints, 0, sizeof(hints));
 281     hints.ai_family   = PF_UNSPEC;
 282     hints.ai_socktype = SOCK_STREAM;
 283     snprintf (portstr, sizeof(portstr), "%d",
 284               ntohs(init_port (colon, htons(80))));
 285     ret = getaddrinfo (proxy, portstr, &hints, &ai);
 286     free (proxy2);
 287     if (ret)
 288         return krb5_eai_to_heim_errno(ret, errno);
 289 
 290     for (a = ai; a != NULL; a = a->ai_next) {
 291         s = socket (a->ai_family, a->ai_socktype, a->ai_protocol | SOCK_CLOEXEC);
 292         if (s < 0)
 293             continue;
 294         rk_cloexec(s);
 295         if (connect (s, a->ai_addr, a->ai_addrlen) < 0) {
 296             close (s);
 297             continue;
 298         }
 299         break;
 300     }
 301     if (a == NULL) {
 302         freeaddrinfo (ai);
 303         return 1;
 304     }
 305     freeaddrinfo (ai);
 306 
 307     asprintf(&prefix, "http://%s/", hi->hostname);
 308     if(prefix == NULL) {
 309         close(s);
 310         return 1;
 311     }
 312     ret = send_and_recv_http(s, context->kdc_timeout,
 313                              prefix, send_data, receive);
 314     close (s);
 315     free(prefix);
 316     if(ret == 0 && receive->length != 0)
 317         return 0;
 318     return 1;
 319 }
 320 
 321 static krb5_error_code
 322 send_via_plugin(krb5_context context,
     /* [<][>][^][v][top][bottom][index][help] */
 323                 krb5_krbhst_info *hi,
 324                 time_t timeout,
 325                 const krb5_data *send_data,
 326                 krb5_data *receive)
 327 {
 328     struct krb5_plugin *list = NULL, *e;
 329     krb5_error_code ret;
 330 
 331     ret = _krb5_plugin_find(context, PLUGIN_TYPE_DATA, KRB5_PLUGIN_SEND_TO_KDC, &list);
 332     if(ret != 0 || list == NULL)
 333         return KRB5_PLUGIN_NO_HANDLE;
 334 
 335     for (e = list; e != NULL; e = _krb5_plugin_get_next(e)) {
 336         krb5plugin_send_to_kdc_ftable *service;
 337         void *ctx;
 338 
 339         service = _krb5_plugin_get_symbol(e);
 340         if (service->minor_version != 0)
 341             continue;
 342         
 343         (*service->init)(context, &ctx);
 344         ret = (*service->send_to_kdc)(context, ctx, hi,
 345                                       timeout, send_data, receive);
 346         (*service->fini)(ctx);
 347         if (ret == 0)
 348             break;
 349         if (ret != KRB5_PLUGIN_NO_HANDLE) {
 350             krb5_set_error_message(context, ret,
 351                                    N_("Plugin send_to_kdc failed to "
 352                                       "lookup with error: %d", ""), ret);
 353             break;
 354         }
 355     }
 356     _krb5_plugin_free(list);
 357     return KRB5_PLUGIN_NO_HANDLE;
 358 }
 359 
 360 
 361 /*
 362  * Send the data `send' to one host from `handle` and get back the reply
 363  * in `receive'.
 364  */
 365 
 366 krb5_error_code KRB5_LIB_FUNCTION
 367 krb5_sendto (krb5_context context,
     /* [<][>][^][v][top][bottom][index][help] */
 368              const krb5_data *send_data,
 369              krb5_krbhst_handle handle, 
 370              krb5_data *receive)
 371 {
 372      krb5_error_code ret;
 373      int fd;
 374      int i;
 375 
 376      krb5_data_zero(receive);
 377 
 378      for (i = 0; i < context->max_retries; ++i) {
 379          krb5_krbhst_info *hi;
 380 
 381          while (krb5_krbhst_next(context, handle, &hi) == 0) {
 382              struct addrinfo *ai, *a;
 383 
 384              if (context->send_to_kdc) {
 385                  struct send_to_kdc *s = context->send_to_kdc;
 386 
 387                  ret = (*s->func)(context, s->data,
 388                                   hi, context->kdc_timeout, send_data, receive);
 389                  if (ret == 0 && receive->length != 0)
 390                      goto out;
 391                  continue;
 392              }
 393 
 394              ret = send_via_plugin(context, hi, context->kdc_timeout,
 395                                    send_data, receive);
 396              if (ret == 0 && receive->length != 0)
 397                  goto out;
 398              else if (ret != KRB5_PLUGIN_NO_HANDLE)
 399                  continue;
 400 
 401              if(hi->proto == KRB5_KRBHST_HTTP && context->http_proxy) {
 402                  if (send_via_proxy (context, hi, send_data, receive) == 0) {
 403                      ret = 0;
 404                      goto out;
 405                  }
 406                  continue;
 407              }
 408 
 409              ret = krb5_krbhst_get_addrinfo(context, hi, &ai);
 410              if (ret)
 411                  continue;
 412 
 413              for (a = ai; a != NULL; a = a->ai_next) {
 414                  fd = socket (a->ai_family, a->ai_socktype | SOCK_CLOEXEC, a->ai_protocol);
 415                  if (fd < 0)
 416                      continue;
 417                  rk_cloexec(fd);
 418                  if (connect (fd, a->ai_addr, a->ai_addrlen) < 0) {
 419                      close (fd);
 420                      continue;
 421                  }
 422                  switch (hi->proto) {
 423                  case KRB5_KRBHST_HTTP :
 424                      ret = send_and_recv_http(fd, context->kdc_timeout,
 425                                               "", send_data, receive);
 426                      break;
 427                  case KRB5_KRBHST_TCP :
 428                      ret = send_and_recv_tcp (fd, context->kdc_timeout,
 429                                               send_data, receive);
 430                      break;
 431                  case KRB5_KRBHST_UDP :
 432                      ret = send_and_recv_udp (fd, context->kdc_timeout,
 433                                               send_data, receive);
 434                      break;
 435                  }
 436                  close (fd);
 437                  if(ret == 0 && receive->length != 0)
 438                      goto out;
 439              }
 440          }
 441          krb5_krbhst_reset(context, handle);
 442      }
 443      krb5_clear_error_message (context);
 444      ret = KRB5_KDC_UNREACH;
 445 out:
 446      return ret;
 447 }
 448 
 449 krb5_error_code KRB5_LIB_FUNCTION
 450 krb5_sendto_kdc(krb5_context context,
     /* [<][>][^][v][top][bottom][index][help] */
 451                 const krb5_data *send_data,
 452                 const krb5_realm *realm,
 453                 krb5_data *receive)
 454 {
 455     return krb5_sendto_kdc_flags(context, send_data, realm, receive, 0);
 456 }
 457 
 458 krb5_error_code KRB5_LIB_FUNCTION
 459 krb5_sendto_kdc_flags(krb5_context context,
     /* [<][>][^][v][top][bottom][index][help] */
 460                       const krb5_data *send_data,
 461                       const krb5_realm *realm,
 462                       krb5_data *receive,
 463                       int flags)
 464 {
 465     krb5_error_code ret;
 466     krb5_sendto_ctx ctx;
 467 
 468     ret = krb5_sendto_ctx_alloc(context, &ctx);
 469     if (ret)
 470         return ret;
 471     krb5_sendto_ctx_add_flags(ctx, flags);
 472     krb5_sendto_ctx_set_func(ctx, _krb5_kdc_retry, NULL);
 473 
 474     ret = krb5_sendto_context(context, ctx, send_data, *realm, receive);
 475     krb5_sendto_ctx_free(context, ctx);
 476     return ret;
 477 }
 478 
 479 krb5_error_code KRB5_LIB_FUNCTION
 480 krb5_set_send_to_kdc_func(krb5_context context,
     /* [<][>][^][v][top][bottom][index][help] */
 481                           krb5_send_to_kdc_func func,
 482                           void *data)
 483 {
 484     free(context->send_to_kdc);
 485     if (func == NULL) {
 486         context->send_to_kdc = NULL;
 487         return 0;
 488     }
 489 
 490     context->send_to_kdc = malloc(sizeof(*context->send_to_kdc));
 491     if (context->send_to_kdc == NULL) {
 492         krb5_set_error_message(context, ENOMEM,
 493                                N_("malloc: out of memory", ""));
 494         return ENOMEM;
 495     }
 496 
 497     context->send_to_kdc->func = func;
 498     context->send_to_kdc->data = data;
 499     return 0;
 500 }
 501 
 502 krb5_error_code KRB5_LIB_FUNCTION
 503 _krb5_copy_send_to_kdc_func(krb5_context context, krb5_context to)
     /* [<][>][^][v][top][bottom][index][help] */
 504 {
 505     if (context->send_to_kdc)
 506         return krb5_set_send_to_kdc_func(to,
 507                                          context->send_to_kdc->func, 
 508                                          context->send_to_kdc->data);
 509     else
 510         return krb5_set_send_to_kdc_func(to, NULL, NULL);
 511 }
 512 
 513 
 514 
 515 struct krb5_sendto_ctx_data {
 516     int flags;
 517     int type;
 518     krb5_sendto_ctx_func func;
 519     void *data;
 520 };
 521 
 522 krb5_error_code KRB5_LIB_FUNCTION
 523 krb5_sendto_ctx_alloc(krb5_context context, krb5_sendto_ctx *ctx)
     /* [<][>][^][v][top][bottom][index][help] */
 524 {
 525     *ctx = calloc(1, sizeof(**ctx));
 526     if (*ctx == NULL) {
 527         krb5_set_error_message(context, ENOMEM,
 528                                N_("malloc: out of memory", ""));
 529         return ENOMEM;
 530     }
 531     return 0;
 532 }
 533 
 534 void KRB5_LIB_FUNCTION
 535 krb5_sendto_ctx_add_flags(krb5_sendto_ctx ctx, int flags)
     /* [<][>][^][v][top][bottom][index][help] */
 536 {
 537     ctx->flags |= flags;
 538 }
 539 
 540 int KRB5_LIB_FUNCTION
 541 krb5_sendto_ctx_get_flags(krb5_sendto_ctx ctx)
     /* [<][>][^][v][top][bottom][index][help] */
 542 {
 543     return ctx->flags;
 544 }
 545 
 546 void KRB5_LIB_FUNCTION
 547 krb5_sendto_ctx_set_type(krb5_sendto_ctx ctx, int type)
     /* [<][>][^][v][top][bottom][index][help] */
 548 {
 549     ctx->type = type;
 550 }
 551 
 552 
 553 void KRB5_LIB_FUNCTION
 554 krb5_sendto_ctx_set_func(krb5_sendto_ctx ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 555                          krb5_sendto_ctx_func func,
 556                          void *data)
 557 {
 558     ctx->func = func;
 559     ctx->data = data;
 560 }
 561 
 562 void KRB5_LIB_FUNCTION
 563 krb5_sendto_ctx_free(krb5_context context, krb5_sendto_ctx ctx)
     /* [<][>][^][v][top][bottom][index][help] */
 564 {
 565     memset(ctx, 0, sizeof(*ctx));
 566     free(ctx);
 567 }
 568 
 569 krb5_error_code KRB5_LIB_FUNCTION
 570 krb5_sendto_context(krb5_context context,
     /* [<][>][^][v][top][bottom][index][help] */
 571                     krb5_sendto_ctx ctx,
 572                     const krb5_data *send_data,
 573                     const krb5_realm realm,
 574                     krb5_data *receive)
 575 {
 576     krb5_error_code ret;
 577     krb5_krbhst_handle handle = NULL;
 578     int type, freectx = 0;
 579     int action;
 580 
 581     krb5_data_zero(receive);
 582 
 583     if (ctx == NULL) {
 584         freectx = 1;
 585         ret = krb5_sendto_ctx_alloc(context, &ctx);
 586         if (ret)
 587             return ret;
 588     }
 589 
 590     type = ctx->type;
 591     if (type == 0) {
 592         if ((ctx->flags & KRB5_KRBHST_FLAGS_MASTER) || context->use_admin_kdc)
 593             type = KRB5_KRBHST_ADMIN;
 594         else
 595             type = KRB5_KRBHST_KDC;
 596     }
 597 
 598     if (send_data->length > context->large_msg_size)
 599         ctx->flags |= KRB5_KRBHST_FLAGS_LARGE_MSG;
 600 
 601     /* loop until we get back a appropriate response */
 602 
 603     do {
 604         action = KRB5_SENDTO_DONE;
 605 
 606         krb5_data_free(receive);
 607 
 608         if (handle == NULL) {
 609             ret = krb5_krbhst_init_flags(context, realm, type,
 610                                          ctx->flags, &handle);
 611             if (ret) {
 612                 if (freectx)
 613                     krb5_sendto_ctx_free(context, ctx);
 614                 return ret;
 615             }
 616         }
 617 
 618         ret = krb5_sendto(context, send_data, handle, receive);
 619         if (ret)
 620             break;
 621         if (ctx->func) {
 622             ret = (*ctx->func)(context, ctx, ctx->data, receive, &action);
 623             if (ret)
 624                 break;
 625         }
 626         if (action != KRB5_SENDTO_CONTINUE) {
 627             krb5_krbhst_free(context, handle);
 628             handle = NULL;
 629         }
 630     } while (action != KRB5_SENDTO_DONE);
 631     if (handle)
 632         krb5_krbhst_free(context, handle);
 633     if (ret == KRB5_KDC_UNREACH)
 634         krb5_set_error_message(context, ret,
 635                                N_("unable to reach any KDC in realm %s", ""),
 636                                realm);
 637     if (ret)
 638         krb5_data_free(receive);
 639     if (freectx)
 640         krb5_sendto_ctx_free(context, ctx);
 641     return ret;
 642 }
 643 
 644 krb5_error_code
 645 _krb5_kdc_retry(krb5_context context, krb5_sendto_ctx ctx, void *data,
     /* [<][>][^][v][top][bottom][index][help] */
 646                 const krb5_data *reply, int *action)
 647 {
 648     krb5_error_code ret;
 649     KRB_ERROR error;
 650 
 651     if(krb5_rd_error(context, reply, &error))
 652         return 0;
 653 
 654     ret = krb5_error_from_rd_error(context, &error, NULL);
 655     krb5_free_error_contents(context, &error);
 656 
 657     switch(ret) {
 658     case KRB5KRB_ERR_RESPONSE_TOO_BIG: {
 659         if (krb5_sendto_ctx_get_flags(ctx) & KRB5_KRBHST_FLAGS_LARGE_MSG)
 660             break;
 661         krb5_sendto_ctx_add_flags(ctx, KRB5_KRBHST_FLAGS_LARGE_MSG);
 662         *action = KRB5_SENDTO_RESTART;
 663         break;
 664     }
 665     case KRB5KDC_ERR_SVC_UNAVAILABLE:
 666         *action = KRB5_SENDTO_CONTINUE;
 667         break;
 668     }
 669     return 0;
 670 }

/* [<][>][^][v][top][bottom][index][help] */