diff options
author | Simo Sorce <idra@samba.org> | 2012-04-01 22:48:21 -0400 |
---|---|---|
committer | Andreas Schneider <asn@samba.org> | 2012-04-12 12:06:42 +0200 |
commit | d857e393ac870f71943fc6b099e494f45afb6b48 (patch) | |
tree | 3ad220149116e5849a6ee1be830b1e48a64ea736 /auth/kerberos | |
parent | 88d5d5c4b458761fd77acdb72f09253413ac03e5 (diff) | |
download | samba-d857e393ac870f71943fc6b099e494f45afb6b48.tar.gz samba-d857e393ac870f71943fc6b099e494f45afb6b48.tar.bz2 samba-d857e393ac870f71943fc6b099e494f45afb6b48.zip |
auth-krb: Use simpler method to extract keytype.
Signed-off-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'auth/kerberos')
-rw-r--r-- | auth/kerberos/gssapi_pac.c | 31 |
1 files changed, 12 insertions, 19 deletions
diff --git a/auth/kerberos/gssapi_pac.c b/auth/kerberos/gssapi_pac.c index 1a9d6aa26e..10e692bc74 100644 --- a/auth/kerberos/gssapi_pac.c +++ b/auth/kerberos/gssapi_pac.c @@ -220,9 +220,9 @@ NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx, } if (keytype) { - char *oid; - char *p, *q = NULL; - + int diflen, i; + const char *p; + if (set->count < 2) { #ifdef HAVE_GSSKRB5_GET_SUBKEY @@ -251,29 +251,22 @@ NTSTATUS gssapi_get_session_key(TALLOC_CTX *mem_ctx, gss_maj = gss_release_buffer_set(&gss_min, &set); return NT_STATUS_OK; } - if (!ber_read_OID_String(mem_ctx, - data_blob_const(set->elements[1].value, - set->elements[1].length), &oid)) { - TALLOC_FREE(oid); + p = set->elements[1].value + gse_sesskeytype_oid.length; + diflen = set->elements[1].length - gse_sesskeytype_oid.length; + if (diflen <= 0) { gss_maj = gss_release_buffer_set(&gss_min, &set); return NT_STATUS_INVALID_PARAMETER; } - p = strrchr(oid, '.'); - if (!p) { - TALLOC_FREE(oid); - gss_maj = gss_release_buffer_set(&gss_min, &set); - return NT_STATUS_INVALID_PARAMETER; - } else { - p++; - *keytype = strtoul(p, &q, 10); - if (q == NULL || *q != '\0') { - TALLOC_FREE(oid); + *keytype = 0; + for (i = 0; i < diflen; i++) { + *keytype = (*keytype << 7) | (p[i] & 0x7f); + if (i + 1 != diflen && (p[i] & 0x80) == 0) { + gss_maj = gss_release_buffer_set(&gss_min, &set); return NT_STATUS_INVALID_PARAMETER; } } - TALLOC_FREE(oid); } - + gss_maj = gss_release_buffer_set(&gss_min, &set); return NT_STATUS_OK; } |