Support DCE-style unwrap, tested with w2k3server-sp1.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18170 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-09-25 20:44:03 +00:00
parent 8cd665242d
commit 24c75bf8eb
1 changed files with 35 additions and 12 deletions
--- a/lib/gssapi/krb5/arcfour.c
+++ b/lib/gssapi/krb5/arcfour.c
@@ -57,6 +57,16 @@ RCSID("$Id$");
 *	Confounder[8]
 */
 /*
 * WRAP in DCE-style have a fixed size header and no padding, the oid
 * and length over the WRAP header is a total of
 * GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE byte (ie total of 43
 * bytes overhead).
 */
 #define GSS_ARCFOUR_WRAP_TOKEN_SIZE 32
 #define GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE 13
 static krb5_error_code
 arcfour_mic_key(krb5_context context, krb5_keyblock *key,
@@ -486,7 +496,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status,
    u_char *p, *p0;
    int cmp;
    int conf_flag;
-    size_t padlen;
+    size_t padlen, len;
    if (conf_state)
 	*conf_state = 0;
@@ -494,16 +504,27 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status,
 	*qop_state = 0;
    p0 = input_message_buffer->value;
    if ((context_handle->flags & GSS_C_DCE_STYLE) == 0) {
 	len = input_message_buffer->length;
    } else {
 	len = GSS_ARCFOUR_WRAP_TOKEN_SIZE + 
 	    GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE;
 	if (input_message_buffer->length < len)
 	    return GSS_S_BAD_MECH;
    }
    omret = _gssapi_verify_mech_header(&p0,
-				       input_message_buffer->length,
+				       len,
 				       GSS_KRB5_MECHANISM);
    if (omret)
 	return omret;
    p = p0;
-    datalen = input_message_buffer->length -
+    datalen = input_message_buffer->length 
-	(p - ((u_char *)input_message_buffer->value)) - 
+	- (p0 - (u_char *)input_message_buffer->value)
-	GSS_ARCFOUR_WRAP_TOKEN_SIZE;
+	- GSS_ARCFOUR_WRAP_TOKEN_SIZE;
    p = p0;
    if (memcmp(p, "\x02\x01", 2) != 0)
 	return GSS_S_BAD_SIG;
@@ -595,6 +616,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status,
    }
    memset(k6_data, 0, sizeof(k6_data));
    if ((context_handle->flags & GSS_C_DCE_STYLE) == 0) {
 	ret = _gssapi_verify_pad(output_message_buffer, datalen, &padlen);
 	if (ret) {
 	    _gsskrb5_release_buffer(minor_status, output_message_buffer);
@@ -602,6 +624,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status,
 	    return ret;
 	}
 	output_message_buffer->length -= padlen;
    }
    ret = arcfour_mic_cksum(key, KRB5_KU_USAGE_SEAL,
 			    cksum_data, sizeof(cksum_data),