Lines Matching full:et
376 KDC_REQ_BODY *b, const EncTicketPart *tgt, EncTicketPart *et) in check_tgs_flags() argument
392 et->flags.invalid = 0; in check_tgs_flags()
405 et->flags.forwardable = 1; in check_tgs_flags()
413 et->flags.forwarded = 1; in check_tgs_flags()
414 et->caddr = b->addresses; in check_tgs_flags()
417 et->flags.forwarded = 1; in check_tgs_flags()
425 et->flags.proxiable = 1; in check_tgs_flags()
433 et->flags.proxy = 1; in check_tgs_flags()
434 et->caddr = b->addresses; in check_tgs_flags()
437 et->flags.proxy = 1; in check_tgs_flags()
445 et->flags.may_postdate = 1; in check_tgs_flags()
454 *et->starttime = *b->from; in check_tgs_flags()
455 et->flags.postdated = 1; in check_tgs_flags()
456 et->flags.invalid = 1; in check_tgs_flags()
468 et->flags.renewable = 1; in check_tgs_flags()
469 ALLOC(et->renew_till); in check_tgs_flags()
471 *et->renew_till = *b->rtime; in check_tgs_flags()
485 et->endtime = *et->starttime + old_life; in check_tgs_flags()
486 if (et->renew_till != NULL) in check_tgs_flags()
487 et->endtime = min(*et->renew_till, et->endtime); in check_tgs_flags()
595 const EncTicketPart *et, in verify_flags() argument
598 if(et->endtime < kdc_time){ in verify_flags()
602 if(et->flags.invalid){ in verify_flags()
618 EncTicketPart *et, in fix_transited_encoding() argument
713 et->flags.transited_policy_checked = 1; in fix_transited_encoding()
715 et->transited.tr_type = DOMAIN_X500_COMPRESS; in fix_transited_encoding()
716 ret = krb5_domain_x500_encode(realms, num_realms, &et->transited.contents); in fix_transited_encoding()
755 EncTicketPart et; in tgs_make_reply() local
761 memset(&et, 0, sizeof(et)); in tgs_make_reply()
767 et.authtime = tgt->authtime; in tgs_make_reply()
769 et.endtime = min(tgt->endtime, *b->till); in tgs_make_reply()
770 ALLOC(et.starttime); in tgs_make_reply()
771 *et.starttime = kdc_time; in tgs_make_reply()
773 ret = check_tgs_flags(context, config, b, tgt, &et); in tgs_make_reply()
803 &tgt->transited, &et, in tgs_make_reply()
821 ek.caddr = et.caddr; in tgs_make_reply()
822 if(et.caddr == NULL) in tgs_make_reply()
823 et.caddr = tgt->caddr; in tgs_make_reply()
827 life = et.endtime - *et.starttime; in tgs_make_reply()
832 et.endtime = *et.starttime + life; in tgs_make_reply()
835 et.renew_till == NULL && et.endtime < *b->till && in tgs_make_reply()
838 et.flags.renewable = 1; in tgs_make_reply()
839 ALLOC(et.renew_till); in tgs_make_reply()
840 *et.renew_till = *b->till; in tgs_make_reply()
842 if(et.renew_till){ in tgs_make_reply()
844 renew = *et.renew_till - et.authtime; in tgs_make_reply()
849 *et.renew_till = et.authtime + renew; in tgs_make_reply()
852 if(et.renew_till){ in tgs_make_reply()
853 *et.renew_till = min(*et.renew_till, *tgt->renew_till); in tgs_make_reply()
854 *et.starttime = min(*et.starttime, *et.renew_till); in tgs_make_reply()
855 et.endtime = min(et.endtime, *et.renew_till); in tgs_make_reply()
858 *et.starttime = min(*et.starttime, et.endtime); in tgs_make_reply()
860 if(*et.starttime == et.endtime){ in tgs_make_reply()
864 if(et.renew_till && et.endtime == *et.renew_till){ in tgs_make_reply()
865 free(et.renew_till); in tgs_make_reply()
866 et.renew_till = NULL; in tgs_make_reply()
867 et.flags.renewable = 0; in tgs_make_reply()
870 et.flags.pre_authent = tgt->flags.pre_authent; in tgs_make_reply()
871 et.flags.hw_authent = tgt->flags.hw_authent; in tgs_make_reply()
872 et.flags.anonymous = tgt->flags.anonymous; in tgs_make_reply()
873 et.flags.ok_as_delegate = server->entry.flags.ok_as_delegate; in tgs_make_reply()
880 ret = _kdc_tkt_add_if_relevant_ad(context, &et, in tgs_make_reply()
891 if (et.authorization_data == NULL) { in tgs_make_reply()
892 et.authorization_data = calloc(1, sizeof(*et.authorization_data)); in tgs_make_reply()
893 if (et.authorization_data == NULL) { in tgs_make_reply()
900 ret = add_AuthorizationData(et.authorization_data, &auth_data->val[i]); in tgs_make_reply()
908 ret = find_KRB5SignedPath(context, et.authorization_data, NULL); in tgs_make_reply()
910 if (et.authorization_data->len == 1) { in tgs_make_reply()
911 free_AuthorizationData(et.authorization_data); in tgs_make_reply()
912 free(et.authorization_data); in tgs_make_reply()
913 et.authorization_data = NULL; in tgs_make_reply()
915 AuthorizationData *ad = et.authorization_data; in tgs_make_reply()
922 ret = krb5_copy_keyblock_contents(context, sessionkey, &et.key); in tgs_make_reply()
925 et.crealm = tgt_name->realm; in tgs_make_reply()
926 et.cname = tgt_name->name; in tgs_make_reply()
928 ek.key = et.key; in tgs_make_reply()
937 ek.flags = et.flags; in tgs_make_reply()
938 ek.authtime = et.authtime; in tgs_make_reply()
939 ek.starttime = et.starttime; in tgs_make_reply()
940 ek.endtime = et.endtime; in tgs_make_reply()
941 ek.renew_till = et.renew_till; in tgs_make_reply()
945 _kdc_log_timestamp(context, config, "TGS-REQ", et.authtime, et.starttime, in tgs_make_reply()
946 et.endtime, et.renew_till); in tgs_make_reply()
960 &et); in tgs_make_reply()
977 if (krb5_enctype_valid(context, et.key.keytype) != 0 in tgs_make_reply()
978 && _kdc_is_weak_exception(server->entry.principal, et.key.keytype)) in tgs_make_reply()
980 krb5_enctype_enable(context, et.key.keytype); in tgs_make_reply()
996 &rep, &et, &ek, et.key.keytype, in tgs_make_reply()
1001 krb5_enctype_disable(context, et.key.keytype); in tgs_make_reply()
1005 free_TransitedEncoding(&et.transited); in tgs_make_reply()
1006 if(et.starttime) in tgs_make_reply()
1007 free(et.starttime); in tgs_make_reply()
1008 if(et.renew_till) in tgs_make_reply()
1009 free(et.renew_till); in tgs_make_reply()
1010 if(et.authorization_data) { in tgs_make_reply()
1011 free_AuthorizationData(et.authorization_data); in tgs_make_reply()
1012 free(et.authorization_data); in tgs_make_reply()
1015 memset(et.key.keyvalue.data, 0, et.key.keyvalue.length); in tgs_make_reply()
1016 free_EncryptionKey(&et.key); in tgs_make_reply()