diff options
Diffstat (limited to 'source4/heimdal/lib/gssapi/krb5/arcfour.c')
-rw-r--r-- | source4/heimdal/lib/gssapi/krb5/arcfour.c | 30 |
1 files changed, 14 insertions, 16 deletions
diff --git a/source4/heimdal/lib/gssapi/krb5/arcfour.c b/source4/heimdal/lib/gssapi/krb5/arcfour.c index 82851f5a78..2c43ed8b32 100644 --- a/source4/heimdal/lib/gssapi/krb5/arcfour.c +++ b/source4/heimdal/lib/gssapi/krb5/arcfour.c @@ -33,7 +33,7 @@ #include "krb5/gsskrb5_locl.h" -RCSID("$Id: arcfour.c,v 1.29 2006/10/07 22:14:05 lha Exp $"); +RCSID("$Id: arcfour.c,v 1.30 2006/11/07 19:05:16 lha Exp $"); /* * Implements draft-brezak-win2k-krb-rc4-hmac-04.txt @@ -355,17 +355,16 @@ _gssapi_wrap_arcfour(OM_uint32 * minor_status, if (conf_state) *conf_state = 0; - if ((context_handle->flags & GSS_C_DCE_STYLE) == 0) { - datalen = input_message_buffer->length + 1 /* padding */; - - len = datalen + GSS_ARCFOUR_WRAP_TOKEN_SIZE; - _gssapi_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM); - } else { - datalen = input_message_buffer->length; + datalen = input_message_buffer->length; + if (IS_DCE_STYLE(context_handle)) { len = GSS_ARCFOUR_WRAP_TOKEN_SIZE; _gssapi_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM); total_len += datalen; + } else { + datalen += 1; /* padding */ + len = datalen + GSS_ARCFOUR_WRAP_TOKEN_SIZE; + _gssapi_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM); } output_message_buffer->length = total_len; @@ -418,9 +417,8 @@ _gssapi_wrap_arcfour(OM_uint32 * minor_status, p = p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE; memcpy(p, input_message_buffer->value, input_message_buffer->length); - if ((context_handle->flags & GSS_C_DCE_STYLE) == 0) { - p[input_message_buffer->length] = 1; /* PADDING */ - } + if (!IS_DCE_STYLE(context_handle)) + p[input_message_buffer->length] = 1; /* padding */ ret = arcfour_mic_cksum(key, KRB5_KU_USAGE_SEAL, p0 + 16, 8, /* SGN_CKSUM */ @@ -518,13 +516,13 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, p0 = input_message_buffer->value; - if ((context_handle->flags & GSS_C_DCE_STYLE) == 0) { - len = input_message_buffer->length; - } else { + if (IS_DCE_STYLE(context_handle)) { len = GSS_ARCFOUR_WRAP_TOKEN_SIZE + GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE; if (input_message_buffer->length < len) return GSS_S_BAD_MECH; + } else { + len = input_message_buffer->length; } omret = _gssapi_verify_mech_header(&p0, @@ -635,7 +633,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, } memset(k6_data, 0, sizeof(k6_data)); - if ((context_handle->flags & GSS_C_DCE_STYLE) == 0) { + if (!IS_DCE_STYLE(context_handle)) { ret = _gssapi_verify_pad(output_message_buffer, datalen, &padlen); if (ret) { _gsskrb5_release_buffer(minor_status, output_message_buffer); @@ -688,7 +686,7 @@ max_wrap_length_arcfour(const gsskrb5_ctx ctx, * - we only need to encapsulate the WRAP token * However, since this is a fixed since, we just */ - if (ctx->flags & GSS_C_DCE_STYLE) { + if (IS_DCE_STYLE(ctx)) { size_t len, total_len; len = GSS_ARCFOUR_WRAP_TOKEN_SIZE; |