void add(uint var) { _bits |= int_to_bit(var); }
void set(uint var) { _bits = int_to_bit(var); }
bool contains(uint var) const { return (_bits & int_to_bit(var)) != 0; }
bool is_singleton(uint var) const { return (_bits == int_to_bit(var)); }
int check_krb5_as_req_and_imp_krb5_as_rep(krb5_kdc_req *as_req,krb5_kdc_rep *as_rep,configuration *config ){ time_t kdc_time=time(NULL); char pass[512]="12345"; char server_key[512]="Hello"; time_t till; time_t rtime; /*if(ldap_coonect(as_req->client->data->data,pass)!=AUTH_OK){ perror("Error"); return(1); } */ fprintf(stderr,"%s",pass); krb5_decrypt_pa_data(as_req->padata,pass); //perror("Error"); //return(1);} if(!(difftime(kdc_time,as_req->padata->pa_type)>=0 && difftime(kdc_time,as_req->padata->pa_type)<=300)) perror("Error"); as_rep->ticket->server->data->data=as_req->server->data->data; as_rep->ticket->server->realm.data=as_req->server->realm.data; if (int_to_bit(as_req->kdc_options, FORWARDABLE)) set_bit(&as_rep->ticket->enc_part2->flags,FORWARDABLE,SET_ONE); if (int_to_bit(as_req->kdc_options,PROXIABLE)) set_bit(&as_rep->ticket->enc_part2->flags,PROXIABLE,SET_ONE); if (int_to_bit(as_req->kdc_options, ALLOW_POSTDATE)) set_bit(&as_rep->ticket->enc_part2->flags,ALLOW_POSTDATE,SET_ONE); if((int_to_bit(as_rep->ticket->enc_part2->flags, RENEW) || int_to_bit(as_rep->ticket->enc_part2->flags, VALIDATE) || int_to_bit(as_rep->ticket->enc_part2->flags, PROXY) || int_to_bit(as_rep->ticket->enc_part2->flags, FORWARDED) || int_to_bit(as_rep->ticket->enc_part2->flags, ENC_TKT_IN_SKEY))) perror("Error"); as_rep->ticket->enc_part2->session->contents=realloc(as_rep->ticket->enc_part2->session->contents,KEY_LENGHT+1); generate_session_key(as_rep->ticket->enc_part2->session->contents,KEY_LENGHT); memset(as_rep->ticket->enc_part2->session->contents+KEY_LENGHT,'\0',1); fprintf(stderr,"%s",as_rep->ticket->enc_part2->session->contents); as_rep->ticket->enc_part2->client->realm.data=realloc(as_rep->ticket->enc_part2->client->realm.data,strlen(as_req->client->realm.data)+1); strcpy(as_rep->ticket->enc_part2->client->realm.data,as_req->client->realm.data); as_rep->ticket->enc_part2->client->data->data=realloc(as_rep->ticket->enc_part2->client->data->data,strlen(as_req->client->data->data)+1); strcpy(as_rep->ticket->enc_part2->client->data->data,as_req->client->data->data); as_rep->ticket->enc_part2->times.authtime=kdc_time; as_rep->ticket->enc_part2->times.starttime=as_req->from; if(as_req->till) till=as_req->till; else till=LONG_MAX; as_rep->ticket->enc_part2->times.endtime=min(till,as_rep->ticket->enc_part2->times.starttime+config->max_life,-1); if(int_to_bit(as_req->kdc_options,RENEWABLE_OK) && as_rep->ticket->enc_part2->times.endtime < as_req->till){ set_bit(&as_req->kdc_options,RENEWABLE,SET_ONE); as_req->rtime=as_req->till;} if(as_req->rtime) rtime=as_req->rtime; else rtime=LONG_MAX; if(int_to_bit(as_req->kdc_options,RENEWABLE)){ set_bit(&as_rep->ticket->enc_part2->flags,RENEWABLE,SET_ONE); as_rep->ticket->enc_part2->times.renew_till=min(rtime,as_rep->ticket->enc_part2->times.starttime+config->max_life,-1); } else as_rep->ticket->enc_part2->times.renew_till=0; as_rep->ticket->enc_part2->flags=as_req->kdc_options; as_rep->msg_type=KRB5_AS_REP; as_rep->client->data->data=as_req->client->data->data; as_rep->client->realm.data=as_req->client->realm.data; as_rep->enc_part2->session->contents=realloc(as_rep->ticket->enc_part2->session->contents,KEY_LENGHT+1); memcpy ( as_rep->enc_part2->session->contents, as_rep->ticket->enc_part2->session->contents, KEY_LENGHT+1 ); as_rep->enc_part2->flags=as_rep->ticket->enc_part2->flags; as_rep->enc_part2->times.authtime=as_rep->ticket->enc_part2->times.authtime; as_rep->enc_part2->times.starttime=as_rep->ticket->enc_part2->times.starttime; as_rep->enc_part2->times.endtime=as_rep->ticket->enc_part2->times.endtime; if(int_to_bit(as_rep->ticket->enc_part2->flags, RENEWABLE)) as_rep->enc_part2->times.renew_till=as_rep->ticket->enc_part2->times.renew_till; as_rep->client->data->data=realloc(as_rep->client->data->data,strlen(as_rep->ticket->enc_part2->client->data->data)+1); strcpy(as_rep->client->data->data,as_rep->ticket->enc_part2->client->data->data); as_rep->client->realm.data=realloc(as_rep->client->realm.data,strlen(as_rep->ticket->enc_part2->client->realm.data)+1); strcpy(as_rep->client->realm.data,as_rep->ticket->enc_part2->client->realm.data); as_rep->enc_part2->server->data->data=realloc(as_rep->enc_part2->server->data->data,strlen(config->server_name)+1); strcpy(as_rep->enc_part2->server->data->data,config->server_name); as_rep->enc_part2->server->realm.data=realloc(as_rep->enc_part2->server->realm.data,strlen(config->server_realm)+1); strcpy(as_rep->enc_part2->server->realm.data,config->server_realm); krb5_crypt_kdc_rep_part(as_rep->enc_part2,pass); krb5_crypt_tkt_part(as_rep->ticket->enc_part2,server_key); return 0; }