diff options
| author | Luke Howard <lukeh@padl.com> | 2009-08-18 22:39:38 +0000 |
|---|---|---|
| committer | Luke Howard <lukeh@padl.com> | 2009-08-18 22:39:38 +0000 |
| commit | 09d04bb89d5a2b469b587f0a577c44588e0e01e3 (patch) | |
| tree | 4450a875923f8cfbae58c332dad9739d11fad4f4 | |
| parent | c4a1f838be55bafb9b72cb500dfc06c692d6433f (diff) | |
| download | krb5-09d04bb89d5a2b469b587f0a577c44588e0e01e3.zip krb5-09d04bb89d5a2b469b587f0a577c44588e0e01e3.tar.gz krb5-09d04bb89d5a2b469b587f0a577c44588e0e01e3.tar.bz2 | |
Use fetch_asn1_field() to avoid re-encoding S4U2Self request
during checksum verification
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/s4u@22547 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/kdc/kdc_util.c | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 7deceb1..f512600 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -1850,11 +1850,12 @@ verify_for_user_checksum(krb5_context context, static krb5_error_code verify_s4u_x509_user_checksum(krb5_context context, krb5_keyblock *key, + krb5_data *req_data, krb5_int32 kdc_req_nonce, krb5_pa_s4u_x509_user *req) { krb5_error_code code; - krb5_data *data; + krb5_data scratch; krb5_boolean valid = FALSE; if (enctype_requires_etype_info_2(key->enctype) && @@ -1864,23 +1865,39 @@ verify_s4u_x509_user_checksum(krb5_context context, if (req->user_id.nonce != kdc_req_nonce) return KRB5KRB_AP_ERR_MODIFIED; - code = encode_krb5_s4u_userid(&req->user_id, &data); - if (code != 0) - return code; + if (fetch_asn1_field((unsigned char *)req_data->data, 1, 0, &scratch) < 0) + return ASN1_PARSE_ERROR; code = krb5_c_verify_checksum(context, key, KRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST, - data, + &scratch, &req->cksum, &valid); + if (code != 0) + return code; - if (code == 0 && valid == FALSE) - code = KRB5KRB_AP_ERR_MODIFIED; + if (valid == FALSE) { + krb5_data *data; - krb5_free_data(context, data); + code = encode_krb5_s4u_userid(&req->user_id, &data); + if (code != 0) + return code; - return code; + code = krb5_c_verify_checksum(context, + key, + KRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST, + data, + &req->cksum, + &valid); + + krb5_free_data(context, data); + + if (code != 0) + return code; + } + + return valid ? 0 : KRB5KRB_AP_ERR_MODIFIED; } krb5_error_code @@ -2017,6 +2034,7 @@ kdc_process_s4u2self_req(krb5_context context, code = verify_s4u_x509_user_checksum(context, tgs_subkey ? tgs_subkey : tgs_session, + &req_data, request->nonce, *s4u_x509_user); if (code) { *status = "INVALID_S4U2SELF_CHECKSUM"; |