summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/gssapi
diff options
context:
space:
mode:
Diffstat (limited to 'source4/heimdal/lib/gssapi')
-rw-r--r--source4/heimdal/lib/gssapi/accept_sec_context.c1
-rw-r--r--source4/heimdal/lib/gssapi/get_mic.c12
-rw-r--r--source4/heimdal/lib/gssapi/gssapi_locl.h10
-rw-r--r--source4/heimdal/lib/gssapi/init_sec_context.c2
-rwxr-xr-xsource4/heimdal/lib/gssapi/sequence.c131
-rw-r--r--source4/heimdal/lib/gssapi/wrap.c16
6 files changed, 154 insertions, 18 deletions
diff --git a/source4/heimdal/lib/gssapi/accept_sec_context.c b/source4/heimdal/lib/gssapi/accept_sec_context.c
index ebb8ee2304..9ca60a6cdd 100644
--- a/source4/heimdal/lib/gssapi/accept_sec_context.c
+++ b/source4/heimdal/lib/gssapi/accept_sec_context.c
@@ -77,7 +77,6 @@ gsskrb5_is_cfx(gss_ctx_id_t context_handle, int *is_cfx)
{
krb5_keyblock *key;
int acceptor = (context_handle->more_flags & LOCAL) == 0;
- *is_cfx = 0;
if (acceptor) {
if (context_handle->auth_context->local_subkey)
diff --git a/source4/heimdal/lib/gssapi/get_mic.c b/source4/heimdal/lib/gssapi/get_mic.c
index 1c950e95d9..fc9e9aa1a9 100644
--- a/source4/heimdal/lib/gssapi/get_mic.c
+++ b/source4/heimdal/lib/gssapi/get_mic.c
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: get_mic.c,v 1.29 2005/01/05 02:52:12 lukeh Exp $");
+RCSID("$Id: get_mic.c,v 1.30 2006/04/02 02:12:52 lha Exp $");
static OM_uint32
mic_des
@@ -59,6 +59,7 @@ mic_des
message_token->length = total_len;
message_token->value = malloc (total_len);
if (message_token->value == NULL) {
+ message_token->length = 0;
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
@@ -150,6 +151,7 @@ mic_des3
message_token->length = total_len;
message_token->value = malloc (total_len);
if (message_token->value == NULL) {
+ message_token->length = 0;
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
@@ -179,6 +181,8 @@ mic_des3
kret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto);
if (kret) {
free (message_token->value);
+ message_token->value = NULL;
+ message_token->length = 0;
free (tmp);
gssapi_krb5_set_error_string ();
*minor_status = kret;
@@ -196,6 +200,8 @@ mic_des3
krb5_crypto_destroy (gssapi_krb5_context, crypto);
if (kret) {
free (message_token->value);
+ message_token->value = NULL;
+ message_token->length = 0;
gssapi_krb5_set_error_string ();
*minor_status = kret;
return GSS_S_FAILURE;
@@ -221,6 +227,8 @@ mic_des3
ETYPE_DES3_CBC_NONE, &crypto);
if (kret) {
free (message_token->value);
+ message_token->value = NULL;
+ message_token->length = 0;
gssapi_krb5_set_error_string ();
*minor_status = kret;
return GSS_S_FAILURE;
@@ -238,6 +246,8 @@ mic_des3
krb5_crypto_destroy (gssapi_krb5_context, crypto);
if (kret) {
free (message_token->value);
+ message_token->value = NULL;
+ message_token->length = 0;
gssapi_krb5_set_error_string ();
*minor_status = kret;
return GSS_S_FAILURE;
diff --git a/source4/heimdal/lib/gssapi/gssapi_locl.h b/source4/heimdal/lib/gssapi/gssapi_locl.h
index bd5d0db2b5..be2277b96f 100644
--- a/source4/heimdal/lib/gssapi/gssapi_locl.h
+++ b/source4/heimdal/lib/gssapi/gssapi_locl.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: gssapi_locl.h,v 1.43 2005/11/02 08:51:17 lha Exp $ */
+/* $Id: gssapi_locl.h,v 1.44 2006/04/12 17:44:05 lha Exp $ */
#ifndef GSSAPI_LOCL_H
#define GSSAPI_LOCL_H
@@ -290,6 +290,14 @@ _gssapi_msg_order_check(struct gss_msg_order *, OM_uint32);
OM_uint32
_gssapi_msg_order_f(OM_uint32);
+OM_uint32
+_gssapi_msg_order_import(OM_uint32 *, krb5_storage *,
+ struct gss_msg_order **);
+
+krb5_error_code
+_gssapi_msg_order_export(krb5_storage *, struct gss_msg_order *);
+
+
/* 8003 */
krb5_error_code
diff --git a/source4/heimdal/lib/gssapi/init_sec_context.c b/source4/heimdal/lib/gssapi/init_sec_context.c
index be34d8b560..e363ee22f7 100644
--- a/source4/heimdal/lib/gssapi/init_sec_context.c
+++ b/source4/heimdal/lib/gssapi/init_sec_context.c
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: init_sec_context.c,v 1.61 2005/11/02 11:52:49 lha Exp $");
+RCSID("$Id: init_sec_context.c,v 1.62 2006/04/09 18:45:18 lha Exp $");
/*
* copy the addresses from `input_chan_bindings' (if any) to
diff --git a/source4/heimdal/lib/gssapi/sequence.c b/source4/heimdal/lib/gssapi/sequence.c
index 973fc6ad05..2851b0a6c8 100755
--- a/source4/heimdal/lib/gssapi/sequence.c
+++ b/source4/heimdal/lib/gssapi/sequence.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003 Kungliga Tekniska Högskolan
+ * Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: sequence.c,v 1.5 2005/04/27 17:49:43 lha Exp $");
+RCSID("$Id: sequence.c,v 1.6 2006/04/12 17:43:39 lha Exp $");
#define DEFAULT_JITTER_WINDOW 20
@@ -46,6 +46,32 @@ struct gss_msg_order {
OM_uint32 elem[1];
};
+
+/*
+ *
+ */
+
+static OM_uint32
+msg_order_alloc(OM_uint32 *minor_status,
+ struct gss_msg_order **o,
+ OM_uint32 jitter_window)
+{
+ size_t len;
+
+ len = jitter_window * sizeof((*o)->elem[0]);
+ len += sizeof(**o);
+ len -= sizeof((*o)->elem[0]);
+
+ *o = calloc(1, len);
+ if (*o == NULL) {
+ *minor_status = ENOMEM;
+ return GSS_S_FAILURE;
+ }
+
+ *minor_status = 0;
+ return GSS_S_COMPLETE;
+}
+
/*
*
*/
@@ -58,21 +84,15 @@ _gssapi_msg_order_create(OM_uint32 *minor_status,
OM_uint32 jitter_window,
int use_64)
{
- size_t len;
+ OM_uint32 ret;
if (jitter_window == 0)
jitter_window = DEFAULT_JITTER_WINDOW;
- len = jitter_window * sizeof((*o)->elem[0]);
- len += sizeof(**o);
- len -= sizeof((*o)->elem[0]);
-
- *o = malloc(len);
- if (*o == NULL) {
- *minor_status = ENOMEM;
- return GSS_S_FAILURE;
- }
- memset(*o, 0, len);
+ ret = msg_order_alloc(minor_status, o, jitter_window);
+ if(ret != GSS_S_COMPLETE)
+ return ret;
+
(*o)->flags = flags;
(*o)->length = 0;
(*o)->first_seq = seq_num;
@@ -187,3 +207,88 @@ _gssapi_msg_order_f(OM_uint32 flags)
{
return flags & (GSS_C_SEQUENCE_FLAG|GSS_C_REPLAY_FLAG);
}
+
+/*
+ * Translate `o` into inter-process format and export in to `sp'.
+ */
+
+krb5_error_code
+_gssapi_msg_order_export(krb5_storage *sp, struct gss_msg_order *o)
+{
+ krb5_error_code kret;
+ OM_uint32 i;
+
+ kret = krb5_store_int32(sp, o->flags);
+ if (kret)
+ return kret;
+ kret = krb5_store_int32(sp, o->start);
+ if (kret)
+ return kret;
+ kret = krb5_store_int32(sp, o->length);
+ if (kret)
+ return kret;
+ kret = krb5_store_int32(sp, o->jitter_window);
+ if (kret)
+ return kret;
+ kret = krb5_store_int32(sp, o->first_seq);
+ if (kret)
+ return kret;
+
+ for (i = 0; i < o->jitter_window; i++) {
+ kret = krb5_store_int32(sp, o->elem[i]);
+ if (kret)
+ return kret;
+ }
+
+ return 0;
+}
+
+OM_uint32
+_gssapi_msg_order_import(OM_uint32 *minor_status,
+ krb5_storage *sp,
+ struct gss_msg_order **o)
+{
+ OM_uint32 ret;
+ krb5_error_code kret;
+ int32_t i, flags, start, length, jitter_window, first_seq;
+
+ kret = krb5_ret_int32(sp, &flags);
+ if (kret)
+ goto failed;
+ ret = krb5_ret_int32(sp, &start);
+ if (kret)
+ goto failed;
+ ret = krb5_ret_int32(sp, &length);
+ if (kret)
+ goto failed;
+ ret = krb5_ret_int32(sp, &jitter_window);
+ if (kret)
+ goto failed;
+ ret = krb5_ret_int32(sp, &first_seq);
+ if (kret)
+ goto failed;
+
+ ret = msg_order_alloc(minor_status, o, jitter_window);
+ if (ret != GSS_S_COMPLETE)
+ return ret;
+
+ (*o)->flags = flags;
+ (*o)->start = start;
+ (*o)->length = length;
+ (*o)->jitter_window = jitter_window;
+ (*o)->first_seq = first_seq;
+
+ for( i = 0; i < jitter_window; i++ ) {
+ kret = krb5_ret_int32(sp, (int32_t*)&((*o)->elem[i]));
+ if (kret)
+ goto failed;
+ }
+
+ *minor_status = 0;
+ return GSS_S_COMPLETE;
+
+failed:
+ _gssapi_msg_order_destroy(o);
+ *minor_status = kret;
+ return GSS_S_FAILURE;
+}
diff --git a/source4/heimdal/lib/gssapi/wrap.c b/source4/heimdal/lib/gssapi/wrap.c
index e5be6cf149..0c089067b6 100644
--- a/source4/heimdal/lib/gssapi/wrap.c
+++ b/source4/heimdal/lib/gssapi/wrap.c
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: wrap.c,v 1.31 2005/01/05 02:52:12 lukeh Exp $");
+RCSID("$Id: wrap.c,v 1.32 2006/04/02 02:10:03 lha Exp $");
OM_uint32
gsskrb5_get_initiator_subkey(OM_uint32 *minor_status,
@@ -316,6 +316,7 @@ wrap_des
output_message_buffer->length = total_len;
output_message_buffer->value = malloc (total_len);
if (output_message_buffer->value == NULL) {
+ output_message_buffer->length = 0;
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
@@ -440,6 +441,7 @@ wrap_des3
output_message_buffer->length = total_len;
output_message_buffer->value = malloc (total_len);
if (output_message_buffer->value == NULL) {
+ output_message_buffer->length = 0;
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
@@ -474,6 +476,8 @@ wrap_des3
if (ret) {
gssapi_krb5_set_error_string ();
free (output_message_buffer->value);
+ output_message_buffer->length = 0;
+ output_message_buffer->value = NULL;
*minor_status = ret;
return GSS_S_FAILURE;
}
@@ -489,6 +493,8 @@ wrap_des3
if (ret) {
gssapi_krb5_set_error_string ();
free (output_message_buffer->value);
+ output_message_buffer->length = 0;
+ output_message_buffer->value = NULL;
*minor_status = ret;
return GSS_S_FAILURE;
}
@@ -518,6 +524,8 @@ wrap_des3
&crypto);
if (ret) {
free (output_message_buffer->value);
+ output_message_buffer->length = 0;
+ output_message_buffer->value = NULL;
*minor_status = ret;
return GSS_S_FAILURE;
}
@@ -536,6 +544,8 @@ wrap_des3
if (ret) {
gssapi_krb5_set_error_string ();
free (output_message_buffer->value);
+ output_message_buffer->length = 0;
+ output_message_buffer->value = NULL;
*minor_status = ret;
return GSS_S_FAILURE;
}
@@ -561,6 +571,8 @@ wrap_des3
if (ret) {
gssapi_krb5_set_error_string ();
free (output_message_buffer->value);
+ output_message_buffer->length = 0;
+ output_message_buffer->value = NULL;
*minor_status = ret;
return GSS_S_FAILURE;
}
@@ -570,6 +582,8 @@ wrap_des3
if (ret) {
gssapi_krb5_set_error_string ();
free (output_message_buffer->value);
+ output_message_buffer->length = 0;
+ output_message_buffer->value = NULL;
*minor_status = ret;
return GSS_S_FAILURE;
}
generated by cgit (git 2.34.1) at 2025-01-06 21:29:41 +0000