2 * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 RCSID("$Id: create_auth_reply.c,v 1.15 1999/12/02 16:58:41 joda Exp $");
39 * This routine is called by the Kerberos authentication server
40 * to create a reply to an authentication request. The routine
41 * takes the user's name, instance, and realm, the client's
42 * timestamp, the number of tickets, the user's key version
43 * number and the ciphertext containing the tickets themselves.
44 * It constructs a packet and returns a pointer to it.
46 * Notes: The packet returned by this routine is static. Thus, if you
47 * intend to keep the result beyond the next call to this routine, you
48 * must copy it elsewhere.
50 * The packet is built in the following format:
53 * type or constant data
54 * ---- ----------- ----
56 * unsigned char KRB_PROT_VERSION protocol version number
58 * unsigned char AUTH_MSG_KDC_REPLY protocol message type
60 * [least significant HOST_BYTE_ORDER sender's (server's) byte
61 * bit of above field] order
63 * string pname principal's name
65 * string pinst principal's instance
67 * string prealm principal's realm
69 * unsigned long time_ws client's timestamp
71 * unsigned char n number of tickets
73 * unsigned long x_date expiration date
75 * unsigned char kvno master key version
77 * short w_1 cipher length
79 * --- cipher->dat cipher data
83 create_auth_reply(char *pname, /* Principal's name */
84 char *pinst, /* Principal's instance */
85 char *prealm, /* Principal's authentication domain */
86 int32_t time_ws, /* Workstation time */
87 int n, /* Number of tickets */
88 u_int32_t x_date, /* Principal's expiration date */
89 int kvno, /* Principal's key version number */
90 KTEXT cipher) /* Cipher text with tickets and session keys */
92 static KTEXT_ST pkt_st;
95 unsigned char *p = pkt->dat;
97 size_t rem = sizeof(pkt->dat);
102 tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1);
108 tmp = krb_put_int(AUTH_MSG_KDC_REPLY, p, rem, 1);
114 tmp = krb_put_nir(pname, pinst, prealm, p, rem);
120 tmp = krb_put_int(time_ws, p, rem, 4);
126 tmp = krb_put_int(n, p, rem, 1);
132 tmp = krb_put_int(x_date, p, rem, 4);
138 tmp = krb_put_int(kvno, p, rem, 1);
144 tmp = krb_put_int(cipher->length, p, rem, 2);
150 if (rem < cipher->length)
152 memcpy(p, cipher->dat, cipher->length);
154 rem -= cipher->length;
156 pkt->length = p - pkt->dat;