oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

*** empty log message ***

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1919 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1997-06-16 03:46:36 +00:00
parent d41212baa9
commit 7193a60cda
6 changed files with 179 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
ChangeLog
View File

@@ -1,3 +1,20 @@
Mon Jun 16 05:41:43 1997 Assar Westerlund <assar@sics.se>
* lib/gssapi/wrap.c, unwrap.c: do encrypt and add sequence number
* lib/gssapi/get_mic.c, verify_mic.c: Add sequence number.
* lib/gssapi/accept_sec_context.c (gss_accept_sec_context): Set
KRB5_AUTH_CONTEXT_DO_SEQUENCE. Verify 8003 checksum.
* lib/gssapi/8003.c: New file.
* lib/krb/krb5.h: Define a `krb_authenticator' as an ASN.1
Authenticator.
* lib/krb5/auth_context.c: New functions
`krb5_auth_setlocalseqnumber' and `krb5_auth_setremoteseqnumber'
Tue Jun 10 00:35:54 1997 Johan Danielsson <joda@blubb.pdc.kth.se> Tue Jun 10 00:35:54 1997 Johan Danielsson <joda@blubb.pdc.kth.se>
* lib/krb5: Preapre for use of some asn1-types. * lib/krb5: Preapre for use of some asn1-types.

79
lib/gssapi/8003.c Normal file
View File

@@ -0,0 +1,79 @@
#include "gssapi_locl.h"
RCSID("$Id$");
static krb5_error_code
encode_om_uint32(OM_uint32 n, u_char *p)
{
p[0] = (n >> 0) & 0xFF;
p[1] = (n >> 8) & 0xFF;
p[2] = (n >> 16) & 0xFF;
p[3] = (n >> 24) & 0xFF;
return 0;
}
static krb5_error_code
hash_input_chan_bindings (const gss_channel_bindings_t b,
u_char *p)
{
u_char num[4];
struct md5 md5;
md5_init(&md5);
encode_om_uint32 (b->initiator_addrtype, num);
md5_update (&md5, num, sizeof(num));
encode_om_uint32 (b->initiator_address.length, num);
md5_update (&md5, num, sizeof(num));
if (b->initiator_address.length)
md5_update (&md5,
b->initiator_address.value,
b->initiator_address.length);
encode_om_uint32 (b->acceptor_addrtype, num);
md5_update (&md5, num, sizeof(num));
encode_om_uint32 (b->acceptor_address.length, num);
md5_update (&md5, num, sizeof(num));
if (b->acceptor_address.length)
md5_update (&md5,
b->acceptor_address.value,
b->acceptor_address.length);
encode_om_uint32 (b->application_data.length, num);
md5_update (&md5, num, sizeof(num));
if (b->application_data.length)
md5_update (&md5,
b->application_data.value,
b->application_data.length);
md5_finito (&md5, p);
return 0;
}
krb5_error_code
gssapi_krb5_create_8003_checksum (
const gss_channel_bindings_t input_chan_bindings,
OM_uint32 flags,
Checksum *result)
{
u_char *p;
u_int32_t val;
result->cksumtype = 0x8003;
result->checksum.length = 24;
result->checksum.data = malloc (result->checksum.length);
if (result->checksum.data == NULL)
return ENOMEM;
p = result->checksum.data;
encode_om_uint32 (16, p);
p += 4;
if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS) {
memset (p, 0, 16);
} else {
hash_input_chan_bindings (input_chan_bindings, p);
}
p += 16;
encode_om_uint32 (flags, p);
p += 4;
if (p - (u_char *)result->checksum.data != result->checksum.length)
abort ();
return 0;
}

2
lib/gssapi/Makefile.am
View File

@@ -7,7 +7,7 @@ INCLUDES = -I$(top_builddir)/include -I$(srcdir)/../krb5
lib_LIBRARIES = libgssapi.a lib_LIBRARIES = libgssapi.a
libgssapi_a_SOURCES = \ libgssapi_a_SOURCES = \
accept_sec_context.c add_oid_set_member.c \ 8003.c accept_sec_context.c add_oid_set_member.c \
create_emtpy_oid_set.c decapsulate.c \ create_emtpy_oid_set.c decapsulate.c \
delete_sec_context.c display_name.c \ delete_sec_context.c display_name.c \
duplicate_name.c encapsulate.c external.c \ duplicate_name.c encapsulate.c external.c \

79
lib/gssapi/krb5/8003.c Normal file
View File

@@ -0,0 +1,79 @@
#include "gssapi_locl.h"
RCSID("$Id$");
static krb5_error_code
encode_om_uint32(OM_uint32 n, u_char *p)
{
p[0] = (n >> 0) & 0xFF;
p[1] = (n >> 8) & 0xFF;
p[2] = (n >> 16) & 0xFF;
p[3] = (n >> 24) & 0xFF;
return 0;
}
static krb5_error_code
hash_input_chan_bindings (const gss_channel_bindings_t b,
u_char *p)
{
u_char num[4];
struct md5 md5;
md5_init(&md5);
encode_om_uint32 (b->initiator_addrtype, num);
md5_update (&md5, num, sizeof(num));
encode_om_uint32 (b->initiator_address.length, num);
md5_update (&md5, num, sizeof(num));
if (b->initiator_address.length)
md5_update (&md5,
b->initiator_address.value,
b->initiator_address.length);
encode_om_uint32 (b->acceptor_addrtype, num);
md5_update (&md5, num, sizeof(num));
encode_om_uint32 (b->acceptor_address.length, num);
md5_update (&md5, num, sizeof(num));
if (b->acceptor_address.length)
md5_update (&md5,
b->acceptor_address.value,
b->acceptor_address.length);
encode_om_uint32 (b->application_data.length, num);
md5_update (&md5, num, sizeof(num));
if (b->application_data.length)
md5_update (&md5,
b->application_data.value,
b->application_data.length);
md5_finito (&md5, p);
return 0;
}
krb5_error_code
gssapi_krb5_create_8003_checksum (
const gss_channel_bindings_t input_chan_bindings,
OM_uint32 flags,
Checksum *result)
{
u_char *p;
u_int32_t val;
result->cksumtype = 0x8003;
result->checksum.length = 24;
result->checksum.data = malloc (result->checksum.length);
if (result->checksum.data == NULL)
return ENOMEM;
p = result->checksum.data;
encode_om_uint32 (16, p);
p += 4;
if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS) {
memset (p, 0, 16);
} else {
hash_input_chan_bindings (input_chan_bindings, p);
}
p += 16;
encode_om_uint32 (flags, p);
p += 4;
if (p - (u_char *)result->checksum.data != result->checksum.length)
abort ();
return 0;
}

2
lib/gssapi/krb5/Makefile.am
View File

@@ -7,7 +7,7 @@ INCLUDES = -I$(top_builddir)/include -I$(srcdir)/../krb5
lib_LIBRARIES = libgssapi.a lib_LIBRARIES = libgssapi.a
libgssapi_a_SOURCES = \ libgssapi_a_SOURCES = \
accept_sec_context.c add_oid_set_member.c \ 8003.c accept_sec_context.c add_oid_set_member.c \
create_emtpy_oid_set.c decapsulate.c \ create_emtpy_oid_set.c decapsulate.c \
delete_sec_context.c display_name.c \ delete_sec_context.c display_name.c \
duplicate_name.c encapsulate.c external.c \ duplicate_name.c encapsulate.c external.c \

3
lib/krb5/build_auth.c
View File

@@ -53,7 +53,8 @@ krb5_build_authenticator (krb5_context context,
memset (buf, 0, sizeof(buf)); memset (buf, 0, sizeof(buf));
len = encode_Authenticator (buf + sizeof(buf) - 1, sizeof(buf), auth); len = encode_Authenticator (buf + sizeof(buf) - 1, sizeof(buf), auth);
ret = krb5_encrypt (context, buf + sizeof(buf) - len, len, &cred->session, result); ret = krb5_encrypt (context, buf + sizeof(buf) - len, len, &cred->session,
result);
if (auth_result) if (auth_result)
*auth_result = auth; *auth_result = auth;