gssapi/krb5/{export,import}_sec_context: make smaller tokens.

2021-08-02 22:55:40 +01:00
parent a2cfd2a25c
commit 80f3194a76
2 changed files with 10 additions and 56 deletions
--- a/lib/gssapi/krb5/export_sec_context.c
+++ b/lib/gssapi/krb5/export_sec_context.c
@@ -46,7 +46,6 @@ _gsskrb5_export_sec_context(
    krb5_auth_context ac;
    OM_uint32 ret = GSS_S_COMPLETE;
    krb5_data data;
-    gss_buffer_desc buffer;
    int flags;
    OM_uint32 minor;
    krb5_error_code kret;
@@ -69,6 +68,9 @@ _gsskrb5_export_sec_context(
    }
    ac = ctx->auth_context;

+    krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_PACKED);
+    krb5_storage_set_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE);
+
    /* flagging included fields */

    flags = 0;
@@ -185,16 +187,7 @@ _gsskrb5_export_sec_context(

    /* names */
    if (ctx->source) {
-	ret = _gsskrb5_export_name (minor_status,
-				    (gss_name_t)ctx->source, &buffer);
-	if (ret)
-	    goto failure;
-	data.data   = buffer.value;
-	data.length = buffer.length;
-	kret = krb5_store_data (sp, data);
-	_gsskrb5_release_buffer (&minor, &buffer);
-
-	ret = GSS_S_FAILURE;
+        kret = krb5_store_principal(sp, ctx->source);
 	if (kret) {
 	    *minor_status = kret;
 	    goto failure;
@@ -202,16 +195,7 @@ _gsskrb5_export_sec_context(
    }

    if (ctx->target) {
-	ret = _gsskrb5_export_name (minor_status,
-				    (gss_name_t)ctx->target, &buffer);
-	if (ret)
-	    goto failure;
-	data.data   = buffer.value;
-	data.length = buffer.length;
-	kret = krb5_store_data (sp, data);
-	_gsskrb5_release_buffer (&minor, &buffer);
-
-	ret = GSS_S_FAILURE;
+        kret = krb5_store_principal(sp, ctx->source);
 	if (kret) {
 	    *minor_status = kret;
 	    goto failure;
--- a/lib/gssapi/krb5/import_sec_context.c
+++ b/lib/gssapi/krb5/import_sec_context.c
@@ -47,13 +47,10 @@ _gsskrb5_import_sec_context (
    krb5_auth_context ac;
    krb5_address local, remote;
    krb5_address *localp, *remotep;
-    krb5_data data;
-    gss_buffer_desc buffer;
    krb5_keyblock keyblock;
    int32_t flags, tmp;
    int64_t tmp64;
    gsskrb5_ctx ctx;
-    gss_name_t name;

    GSSAPI_KRB5_INIT (&context);

@@ -68,6 +65,9 @@ _gsskrb5_import_sec_context (
 	return GSS_S_FAILURE;
    }

+    krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_PACKED);
+    krb5_storage_set_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE);
+
    ctx = calloc(1, sizeof(*ctx));
    if (ctx == NULL) {
 	*minor_status = ENOMEM;
@@ -160,43 +160,13 @@ _gsskrb5_import_sec_context (

    /* names */
    if (flags & SC_SOURCE_NAME) {
-	if (krb5_ret_data (sp, &data))
+        if (krb5_ret_principal(sp, &ctx->source))
 	    goto failure;
-	buffer.value  = data.data;
-	buffer.length = data.length;
-
-	ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME,
-				    &name);
-	if (ret) {
-	    ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NO_OID,
-					&name);
-	    if (ret) {
-		krb5_data_free (&data);
-		goto failure;
-	    }
-	}
-	ctx->source = (krb5_principal)name;
-	krb5_data_free (&data);
    }

    if (flags & SC_TARGET_NAME) {
-	if (krb5_ret_data (sp, &data) != 0)
+        if (krb5_ret_principal(sp, &ctx->target))
 	    goto failure;
-	buffer.value  = data.data;
-	buffer.length = data.length;
-
-	ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME,
-				    &name);
-	if (ret) {
-	    ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NO_OID,
-					&name);
-	    if (ret) {
-		krb5_data_free (&data);
-		goto failure;
-	    }
-	}
-	ctx->target = (krb5_principal)name;
-	krb5_data_free (&data);
    }

    if (krb5_ret_int32 (sp, &tmp))