diff options
-rw-r--r-- | src/lib/gssapi/generic/gssapiP_generic.h | 32 | ||||
-rw-r--r-- | src/lib/gssapi/krb5/accept_sec_context.c | 6 | ||||
-rw-r--r-- | src/lib/gssapi/krb5/init_sec_context.c | 65 | ||||
-rw-r--r-- | src/lib/gssapi/krb5/util_cksum.c | 46 |
4 files changed, 43 insertions, 106 deletions
diff --git a/src/lib/gssapi/generic/gssapiP_generic.h b/src/lib/gssapi/generic/gssapiP_generic.h index 5d01fb4..3c6bfa5 100644 --- a/src/lib/gssapi/generic/gssapiP_generic.h +++ b/src/lib/gssapi/generic/gssapiP_generic.h @@ -54,38 +54,6 @@ (((o1)->length == (o2)->length) && \ (memcmp((o1)->elements, (o2)->elements, (o1)->length) == 0)) -/* this code knows that an int on the wire is 32 bits. The type of - num should be at least this big, or the extra shifts may do weird - things */ - -#define TWRITE_INT(ptr, num, bigend) \ - if (bigend) store_32_be(num, ptr); else store_32_le(num, ptr); \ - (ptr) += 4; - -#define TWRITE_INT16(ptr, num, bigend) \ - if (bigend) store_16_be((num)>>16, ptr); else store_16_le(num, ptr); \ - (ptr) += 2; - -#define TREAD_INT(ptr, num, bigend) \ - (num) = ((bigend) ? load_32_be(ptr) : load_32_le(ptr)); \ - (ptr) += 4; - -#define TREAD_INT16(ptr, num, bigend) \ - (num) = ((bigend) ? (load_16_be(ptr) << 16) : load_16_le(ptr)); \ - (ptr) += 2; - -#define TWRITE_STR(ptr, str, len) \ - memcpy((ptr), (str), (len)); \ - (ptr) += (len); - -#define TREAD_STR(ptr, str, len) \ - (str) = (ptr); \ - (ptr) += (len); - -#define TWRITE_BUF(ptr, buf, bigend) \ - TWRITE_INT((ptr), (buf).length, (bigend)); \ - TWRITE_STR((ptr), (buf).value, (buf).length); - /** malloc wrappers; these may actually do something later */ #define xmalloc(n) malloc(n) diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index dd4caf3..b35e11b 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -657,7 +657,6 @@ kg_accept_krb5(minor_status, context_handle, { krb5_context context; unsigned char *ptr; - char *sptr; krb5_gss_cred_id_t cred = 0; krb5_data ap_rep, ap_req; krb5_error_code code; @@ -788,16 +787,13 @@ kg_accept_krb5(minor_status, context_handle, } else if (code == G_BAD_TOK_HEADER) { /* DCE style not encapsulated */ ap_req.length = input_token->length; - ap_req.data = input_token->value; mech_used = gss_mech_krb5; no_encap = 1; } else { major_status = GSS_S_DEFECTIVE_TOKEN; goto fail; } - - sptr = (char *) ptr; - TREAD_STR(sptr, ap_req.data, ap_req.length); + ap_req.data = (char *)ptr; /* construct the sender_addr */ diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index 83fd514..5748b84 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -246,14 +246,14 @@ make_gss_checksum (krb5_context context, krb5_auth_context auth_context, { krb5_error_code code; krb5_int32 con_flags; - unsigned char *ptr; struct gss_checksum_data *data = cksum_data; krb5_data credmsg; unsigned int junk; krb5_data *finished = NULL; krb5_key send_subkey; + struct k5buf buf; - data->checksum_data.data = 0; + data->checksum_data = empty_data(); credmsg.data = 0; /* build the checksum field */ @@ -291,18 +291,12 @@ make_gss_checksum (krb5_context context, krb5_auth_context auth_context, request */ data->ctx->gss_flags &= ~(GSS_C_DELEG_FLAG | GSS_C_DELEG_POLICY_FLAG); - - data->checksum_data.length = 24; } else { if (credmsg.length+28 > KRB5_INT16_MAX) { code = KRB5KRB_ERR_FIELD_TOOLONG; goto cleanup; } - - data->checksum_data.length = 28+credmsg.length; } - } else { - data->checksum_data.length = 24; } #ifdef CFX_EXERCISE if (data->ctx->auth_context->keyblock != NULL @@ -335,40 +329,35 @@ make_gss_checksum (krb5_context context, krb5_auth_context auth_context, } krb5_k_free_key(context, key); - data->checksum_data.length += 8 + finished->length; } - data->checksum_data.length += junk; - /* now allocate a buffer to hold the checksum data and (maybe) KRB_CRED msg */ - - if ((data->checksum_data.data = - (char *) xmalloc(data->checksum_data.length)) == NULL) { - code = ENOMEM; - goto cleanup; + k5_buf_init_dynamic(&buf); + k5_buf_add_uint32_le(&buf, data->md5.length); + k5_buf_add_len(&buf, data->md5.contents, data->md5.length); + k5_buf_add_uint32_le(&buf, data->ctx->gss_flags); + if (credmsg.data != NULL) { + k5_buf_add_uint16_le(&buf, KRB5_GSS_FOR_CREDS_OPTION); + k5_buf_add_uint16_le(&buf, credmsg.length); + k5_buf_add_len(&buf, credmsg.data, credmsg.length); } + if (data->exts->iakerb.conv != NULL) { + k5_buf_add_uint32_be(&buf, KRB5_GSS_EXTS_IAKERB_FINISHED); + k5_buf_add_uint32_be(&buf, finished->length); + k5_buf_add_len(&buf, finished->data, finished->length); + } + while (junk--) + k5_buf_add_byte(&buf, 'i'); - ptr = (unsigned char *)data->checksum_data.data; - - TWRITE_INT(ptr, data->md5.length, 0); - TWRITE_STR(ptr, data->md5.contents, data->md5.length); - TWRITE_INT(ptr, data->ctx->gss_flags, 0); + code = k5_buf_status(&buf); + if (code) + goto cleanup; - if (credmsg.data) { - TWRITE_INT16(ptr, KRB5_GSS_FOR_CREDS_OPTION, 0); - TWRITE_INT16(ptr, credmsg.length, 0); - TWRITE_STR(ptr, credmsg.data, credmsg.length); - } - if (data->exts->iakerb.conv) { - TWRITE_INT(ptr, KRB5_GSS_EXTS_IAKERB_FINISHED, 1); - TWRITE_INT(ptr, finished->length, 1); - TWRITE_STR(ptr, finished->data, finished->length); - } - if (junk) - memset(ptr, 'i', junk); + data->checksum_data = make_data(buf.data, buf.len); *out = &data->checksum_data; code = 0; + cleanup: krb5_free_data_contents(context, &credmsg); krb5_free_data(context, finished); @@ -726,7 +715,6 @@ mutual_auth( { OM_uint32 major_status; unsigned char *ptr; - char *sptr; krb5_data ap_rep; krb5_ap_rep_enc_part *ap_rep_data; krb5_timestamp now; @@ -775,7 +763,6 @@ mutual_auth( if (ctx->gss_flags & GSS_C_DCE_STYLE) { /* Raw AP-REP */ ap_rep.length = input_token->length; - ap_rep.data = (char *)input_token->value; } else if (g_verify_token_header(ctx->mech_used, &(ap_rep.length), &ptr, KG_TOK_CTX_AP_REP, @@ -787,9 +774,7 @@ mutual_auth( /* Handle a KRB_ERROR message from the server */ - sptr = (char *) ptr; /* PC compiler bug */ - TREAD_STR(sptr, ap_rep.data, ap_rep.length); - + ap_rep.data = (char *)ptr; code = krb5_rd_error(context, &ap_rep, &krb_error); if (code) goto fail; @@ -804,9 +789,7 @@ mutual_auth( return(GSS_S_DEFECTIVE_TOKEN); } } - - sptr = (char *) ptr; /* PC compiler bug */ - TREAD_STR(sptr, ap_rep.data, ap_rep.length); + ap_rep.data = (char *)ptr; /* decode the ap_rep */ if ((code = krb5_rd_rep(context, ctx->auth_context, &ap_rep, diff --git a/src/lib/gssapi/krb5/util_cksum.c b/src/lib/gssapi/krb5/util_cksum.c index 2d6b50b..5b87956 100644 --- a/src/lib/gssapi/krb5/util_cksum.c +++ b/src/lib/gssapi/krb5/util_cksum.c @@ -33,9 +33,7 @@ kg_checksum_channel_bindings(context, cb, cksum) gss_channel_bindings_t cb; krb5_checksum *cksum; { - size_t len; - char *buf = 0; - char *ptr; + struct k5buf buf; size_t sumlen; krb5_data plaind; krb5_error_code code; @@ -59,36 +57,28 @@ kg_checksum_channel_bindings(context, cb, cksum) return(0); } - /* create the buffer to checksum into */ - - len = (sizeof(krb5_int32)*5+ - cb->initiator_address.length+ - cb->acceptor_address.length+ - cb->application_data.length); - - if ((buf = (char *) xmalloc(len)) == NULL) - return(ENOMEM); - - /* helper macros. This code currently depends on a long being 32 - bits, and htonl dtrt. */ - - ptr = buf; - - TWRITE_INT(ptr, cb->initiator_addrtype, 0); - TWRITE_BUF(ptr, cb->initiator_address, 0); - TWRITE_INT(ptr, cb->acceptor_addrtype, 0); - TWRITE_BUF(ptr, cb->acceptor_address, 0); - TWRITE_BUF(ptr, cb->application_data, 0); + k5_buf_init_dynamic(&buf); + k5_buf_add_uint32_le(&buf, cb->initiator_addrtype); + k5_buf_add_uint32_le(&buf, cb->initiator_address.length); + k5_buf_add_len(&buf, cb->initiator_address.value, + cb->initiator_address.length); + k5_buf_add_uint32_le(&buf, cb->acceptor_addrtype); + k5_buf_add_uint32_le(&buf, cb->acceptor_address.length); + k5_buf_add_len(&buf, cb->acceptor_address.value, + cb->acceptor_address.length); + k5_buf_add_uint32_le(&buf, cb->application_data.length); + k5_buf_add_len(&buf, cb->application_data.value, + cb->application_data.length); + code = k5_buf_status(&buf); + if (code) + return code; /* checksum the data */ - plaind.length = len; - plaind.data = buf; - + plaind = make_data(buf.data, buf.len); code = krb5_c_make_checksum(context, CKSUMTYPE_RSA_MD5, 0, 0, &plaind, cksum); - if (buf) - xfree(buf); + k5_buf_free(&buf); return code; } |