Call `gssapi_krb5_verify_header'
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2282 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
@@ -21,23 +21,19 @@ OM_uint32 gss_unwrap
|
|||||||
int i;
|
int i;
|
||||||
int32_t seq_number;
|
int32_t seq_number;
|
||||||
size_t padlength;
|
size_t padlength;
|
||||||
|
OM_uint32 ret;
|
||||||
|
|
||||||
p = input_message_buffer->value;
|
p = input_message_buffer->value;
|
||||||
len = GSS_KRB5_MECHANISM->length + 28;
|
ret = gssapi_krb5_verify_header (&p,
|
||||||
|
input_message_buffer->length,
|
||||||
|
"\x02\x01");
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
|
||||||
if (
|
|
||||||
input_message_buffer->length < len
|
|
||||||
|| memcmp (p, "\x60\x07\x06\x05", 4) != 0
|
|
||||||
|| memcmp (p + 4, GSS_KRB5_MECHANISM->elements,
|
|
||||||
GSS_KRB5_MECHANISM->length) != 0)
|
|
||||||
return GSS_S_BAD_MECH;
|
|
||||||
if (memcmp (p + 4 + GSS_KRB5_MECHANISM->length, "\x02\x01", 2) != 0)
|
|
||||||
return GSS_S_DEFECTIVE_TOKEN;
|
|
||||||
p += 6 + GSS_KRB5_MECHANISM->length;
|
|
||||||
if (memcmp (p, "\x00\x00", 2) != 0)
|
if (memcmp (p, "\x00\x00", 2) != 0)
|
||||||
return GSS_S_BAD_SIG;
|
return GSS_S_BAD_SIG;
|
||||||
p += 2;
|
p += 2;
|
||||||
if (memcmp (p, "\x0\x00", 2) != 0)
|
if (memcmp (p, "\x00\x00", 2) != 0)
|
||||||
return GSS_S_BAD_MIC;
|
return GSS_S_BAD_MIC;
|
||||||
p += 2;
|
p += 2;
|
||||||
if (memcmp (p, "\xff\xff", 2) != 0)
|
if (memcmp (p, "\xff\xff", 2) != 0)
|
||||||
@@ -45,56 +41,17 @@ OM_uint32 gss_unwrap
|
|||||||
p += 2;
|
p += 2;
|
||||||
p += 16;
|
p += 16;
|
||||||
|
|
||||||
md5_init (&md5);
|
len = p - (u_char *)input_message_buffer->value;
|
||||||
md5_update (&md5, p - 24, 8);
|
|
||||||
md5_update (&md5, p, input_message_buffer->length - len);
|
|
||||||
md5_finito (&md5, hash);
|
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
|
||||||
sizeof(key));
|
|
||||||
des_set_key (&key, schedule);
|
|
||||||
des_cbc_cksum ((des_cblock *)hash,
|
|
||||||
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
|
||||||
if (memcmp (p - 8, hash, 8) != 0)
|
|
||||||
return GSS_S_BAD_MIC;
|
|
||||||
|
|
||||||
/* verify sequence number */
|
|
||||||
|
|
||||||
krb5_auth_getremoteseqnumber (gssapi_krb5_context,
|
|
||||||
context_handle->auth_context,
|
|
||||||
&seq_number);
|
|
||||||
seq_data[0] = (seq_number >> 0) & 0xFF;
|
|
||||||
seq_data[1] = (seq_number >> 8) & 0xFF;
|
|
||||||
seq_data[2] = (seq_number >> 16) & 0xFF;
|
|
||||||
seq_data[3] = (seq_number >> 24) & 0xFF;
|
|
||||||
memset (seq_data + 4,
|
|
||||||
(context_handle->more_flags & LOCAL) ? 0 : 0xFF,
|
|
||||||
4);
|
|
||||||
|
|
||||||
p -= 16;
|
|
||||||
des_set_key (&key, schedule);
|
|
||||||
des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8,
|
|
||||||
schedule, (des_cblock *)hash, DES_DECRYPT);
|
|
||||||
|
|
||||||
memset (key, 0, sizeof(key));
|
|
||||||
memset (schedule, 0, sizeof(schedule));
|
|
||||||
|
|
||||||
if (memcmp (p, seq_data, 8) != 0) {
|
|
||||||
return GSS_S_BAD_MIC;
|
|
||||||
}
|
|
||||||
|
|
||||||
krb5_auth_setremoteseqnumber (gssapi_krb5_context,
|
|
||||||
context_handle->auth_context,
|
|
||||||
++seq_number);
|
|
||||||
|
|
||||||
/* decrypt data */
|
/* decrypt data */
|
||||||
|
|
||||||
p += 16;
|
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
memset (&zero, 0, sizeof(zero));
|
||||||
|
#if 0
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
||||||
sizeof(key));
|
sizeof(key));
|
||||||
|
#endif
|
||||||
|
memcpy (&key, context_handle->auth_context->remote_subkey.keyvalue.data,
|
||||||
|
sizeof(key));
|
||||||
for (i = 0; i < sizeof(key); ++i)
|
for (i = 0; i < sizeof(key); ++i)
|
||||||
key[i] ^= 0xf0;
|
key[i] ^= 0xf0;
|
||||||
des_set_key (&key, schedule);
|
des_set_key (&key, schedule);
|
||||||
@@ -118,6 +75,53 @@ OM_uint32 gss_unwrap
|
|||||||
if (i != 0)
|
if (i != 0)
|
||||||
return GSS_S_BAD_MIC;
|
return GSS_S_BAD_MIC;
|
||||||
|
|
||||||
|
md5_init (&md5);
|
||||||
|
md5_update (&md5, p - 24, 8);
|
||||||
|
md5_update (&md5, p, input_message_buffer->length - len);
|
||||||
|
md5_finito (&md5, hash);
|
||||||
|
|
||||||
|
memset (&zero, 0, sizeof(zero));
|
||||||
|
#if 0
|
||||||
|
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
||||||
|
sizeof(key));
|
||||||
|
#endif
|
||||||
|
memcpy (&key, context_handle->auth_context->remote_subkey.keyvalue.data,
|
||||||
|
sizeof(key));
|
||||||
|
des_set_key (&key, schedule);
|
||||||
|
des_cbc_cksum ((des_cblock *)hash,
|
||||||
|
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
||||||
|
if (memcmp (p - 8, hash, 8) != 0)
|
||||||
|
return GSS_S_BAD_MIC;
|
||||||
|
|
||||||
|
/* verify sequence number */
|
||||||
|
|
||||||
|
krb5_auth_getremoteseqnumber (gssapi_krb5_context,
|
||||||
|
context_handle->auth_context,
|
||||||
|
&seq_number);
|
||||||
|
seq_data[0] = (seq_number >> 0) & 0xFF;
|
||||||
|
seq_data[1] = (seq_number >> 8) & 0xFF;
|
||||||
|
seq_data[2] = (seq_number >> 16) & 0xFF;
|
||||||
|
seq_data[3] = (seq_number >> 24) & 0xFF;
|
||||||
|
memset (seq_data + 4,
|
||||||
|
(context_handle->more_flags & LOCAL) ? 0xFF : 0,
|
||||||
|
4);
|
||||||
|
|
||||||
|
p -= 16;
|
||||||
|
des_set_key (&key, schedule);
|
||||||
|
des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8,
|
||||||
|
schedule, (des_cblock *)hash, DES_DECRYPT);
|
||||||
|
|
||||||
|
memset (key, 0, sizeof(key));
|
||||||
|
memset (schedule, 0, sizeof(schedule));
|
||||||
|
|
||||||
|
if (memcmp (p, seq_data, 8) != 0) {
|
||||||
|
return GSS_S_BAD_MIC;
|
||||||
|
}
|
||||||
|
|
||||||
|
krb5_auth_setremoteseqnumber (gssapi_krb5_context,
|
||||||
|
context_handle->auth_context,
|
||||||
|
++seq_number);
|
||||||
|
|
||||||
/* copy out data */
|
/* copy out data */
|
||||||
|
|
||||||
output_message_buffer->length = input_message_buffer->length
|
output_message_buffer->length = input_message_buffer->length
|
||||||
@@ -126,7 +130,7 @@ OM_uint32 gss_unwrap
|
|||||||
if(output_message_buffer->value == NULL)
|
if(output_message_buffer->value == NULL)
|
||||||
return GSS_S_FAILURE;
|
return GSS_S_FAILURE;
|
||||||
memcpy (output_message_buffer->value,
|
memcpy (output_message_buffer->value,
|
||||||
p + 8,
|
p + 24,
|
||||||
output_message_buffer->length);
|
output_message_buffer->length);
|
||||||
return GSS_S_COMPLETE;
|
return GSS_S_COMPLETE;
|
||||||
}
|
}
|
||||||
|
@@ -11,28 +11,23 @@ OM_uint32 gss_verify_mic
|
|||||||
)
|
)
|
||||||
{
|
{
|
||||||
u_char *p;
|
u_char *p;
|
||||||
size_t len;
|
|
||||||
struct md5 md5;
|
struct md5 md5;
|
||||||
u_char hash[16], seq_data[8];
|
u_char hash[16], seq_data[8];
|
||||||
des_key_schedule schedule;
|
des_key_schedule schedule;
|
||||||
des_cblock key;
|
des_cblock key;
|
||||||
des_cblock zero;
|
des_cblock zero;
|
||||||
int32_t seq_number;
|
int32_t seq_number;
|
||||||
|
OM_uint32 ret;
|
||||||
|
|
||||||
p = token_buffer->value;
|
p = token_buffer->value;
|
||||||
len = GSS_KRB5_MECHANISM->length + 28;
|
ret = gssapi_krb5_verify_header (&p,
|
||||||
|
token_buffer->length,
|
||||||
|
"\x01\x01");
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
|
||||||
if (
|
if (memcmp(p, "\x00\x00", 2) != 0)
|
||||||
token_buffer->length < len
|
return GSS_S_BAD_SIG;
|
||||||
|| memcmp (p, "\x60\x07\x06\x05", 4) != 0
|
|
||||||
|| memcmp (p + 4, GSS_KRB5_MECHANISM->elements,
|
|
||||||
GSS_KRB5_MECHANISM->length) != 0)
|
|
||||||
return GSS_S_BAD_MECH;
|
|
||||||
if (memcmp (p + 4 + GSS_KRB5_MECHANISM->length, "\x01\x01", 2) != 0)
|
|
||||||
return GSS_S_DEFECTIVE_TOKEN;
|
|
||||||
p += 6 + GSS_KRB5_MECHANISM->length;
|
|
||||||
if (memcmp (p, "\x00\x00", 2) != 0)
|
|
||||||
return GSS_S_BAD_SIG;
|
|
||||||
p += 2;
|
p += 2;
|
||||||
if (memcmp (p, "\xff\xff\xff\xff", 4) != 0)
|
if (memcmp (p, "\xff\xff\xff\xff", 4) != 0)
|
||||||
return GSS_S_BAD_MIC;
|
return GSS_S_BAD_MIC;
|
||||||
@@ -47,8 +42,13 @@ OM_uint32 gss_verify_mic
|
|||||||
md5_finito (&md5, hash);
|
md5_finito (&md5, hash);
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
memset (&zero, 0, sizeof(zero));
|
||||||
|
#if 0
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
||||||
sizeof(key));
|
sizeof(key));
|
||||||
|
#endif
|
||||||
|
memcpy (&key, context_handle->auth_context->remote_subkey.keyvalue.data,
|
||||||
|
sizeof(key));
|
||||||
|
|
||||||
des_set_key (&key, schedule);
|
des_set_key (&key, schedule);
|
||||||
des_cbc_cksum ((des_cblock *)hash,
|
des_cbc_cksum ((des_cblock *)hash,
|
||||||
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
||||||
@@ -68,7 +68,7 @@ OM_uint32 gss_verify_mic
|
|||||||
seq_data[2] = (seq_number >> 16) & 0xFF;
|
seq_data[2] = (seq_number >> 16) & 0xFF;
|
||||||
seq_data[3] = (seq_number >> 24) & 0xFF;
|
seq_data[3] = (seq_number >> 24) & 0xFF;
|
||||||
memset (seq_data + 4,
|
memset (seq_data + 4,
|
||||||
(context_handle->more_flags & LOCAL) ? 0 : 0xFF,
|
(context_handle->more_flags & LOCAL) ? 0xFF : 0,
|
||||||
4);
|
4);
|
||||||
|
|
||||||
p -= 16;
|
p -= 16;
|
||||||
|
@@ -21,23 +21,19 @@ OM_uint32 gss_unwrap
|
|||||||
int i;
|
int i;
|
||||||
int32_t seq_number;
|
int32_t seq_number;
|
||||||
size_t padlength;
|
size_t padlength;
|
||||||
|
OM_uint32 ret;
|
||||||
|
|
||||||
p = input_message_buffer->value;
|
p = input_message_buffer->value;
|
||||||
len = GSS_KRB5_MECHANISM->length + 28;
|
ret = gssapi_krb5_verify_header (&p,
|
||||||
|
input_message_buffer->length,
|
||||||
|
"\x02\x01");
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
|
||||||
if (
|
|
||||||
input_message_buffer->length < len
|
|
||||||
|| memcmp (p, "\x60\x07\x06\x05", 4) != 0
|
|
||||||
|| memcmp (p + 4, GSS_KRB5_MECHANISM->elements,
|
|
||||||
GSS_KRB5_MECHANISM->length) != 0)
|
|
||||||
return GSS_S_BAD_MECH;
|
|
||||||
if (memcmp (p + 4 + GSS_KRB5_MECHANISM->length, "\x02\x01", 2) != 0)
|
|
||||||
return GSS_S_DEFECTIVE_TOKEN;
|
|
||||||
p += 6 + GSS_KRB5_MECHANISM->length;
|
|
||||||
if (memcmp (p, "\x00\x00", 2) != 0)
|
if (memcmp (p, "\x00\x00", 2) != 0)
|
||||||
return GSS_S_BAD_SIG;
|
return GSS_S_BAD_SIG;
|
||||||
p += 2;
|
p += 2;
|
||||||
if (memcmp (p, "\x0\x00", 2) != 0)
|
if (memcmp (p, "\x00\x00", 2) != 0)
|
||||||
return GSS_S_BAD_MIC;
|
return GSS_S_BAD_MIC;
|
||||||
p += 2;
|
p += 2;
|
||||||
if (memcmp (p, "\xff\xff", 2) != 0)
|
if (memcmp (p, "\xff\xff", 2) != 0)
|
||||||
@@ -45,56 +41,17 @@ OM_uint32 gss_unwrap
|
|||||||
p += 2;
|
p += 2;
|
||||||
p += 16;
|
p += 16;
|
||||||
|
|
||||||
md5_init (&md5);
|
len = p - (u_char *)input_message_buffer->value;
|
||||||
md5_update (&md5, p - 24, 8);
|
|
||||||
md5_update (&md5, p, input_message_buffer->length - len);
|
|
||||||
md5_finito (&md5, hash);
|
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
|
||||||
sizeof(key));
|
|
||||||
des_set_key (&key, schedule);
|
|
||||||
des_cbc_cksum ((des_cblock *)hash,
|
|
||||||
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
|
||||||
if (memcmp (p - 8, hash, 8) != 0)
|
|
||||||
return GSS_S_BAD_MIC;
|
|
||||||
|
|
||||||
/* verify sequence number */
|
|
||||||
|
|
||||||
krb5_auth_getremoteseqnumber (gssapi_krb5_context,
|
|
||||||
context_handle->auth_context,
|
|
||||||
&seq_number);
|
|
||||||
seq_data[0] = (seq_number >> 0) & 0xFF;
|
|
||||||
seq_data[1] = (seq_number >> 8) & 0xFF;
|
|
||||||
seq_data[2] = (seq_number >> 16) & 0xFF;
|
|
||||||
seq_data[3] = (seq_number >> 24) & 0xFF;
|
|
||||||
memset (seq_data + 4,
|
|
||||||
(context_handle->more_flags & LOCAL) ? 0 : 0xFF,
|
|
||||||
4);
|
|
||||||
|
|
||||||
p -= 16;
|
|
||||||
des_set_key (&key, schedule);
|
|
||||||
des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8,
|
|
||||||
schedule, (des_cblock *)hash, DES_DECRYPT);
|
|
||||||
|
|
||||||
memset (key, 0, sizeof(key));
|
|
||||||
memset (schedule, 0, sizeof(schedule));
|
|
||||||
|
|
||||||
if (memcmp (p, seq_data, 8) != 0) {
|
|
||||||
return GSS_S_BAD_MIC;
|
|
||||||
}
|
|
||||||
|
|
||||||
krb5_auth_setremoteseqnumber (gssapi_krb5_context,
|
|
||||||
context_handle->auth_context,
|
|
||||||
++seq_number);
|
|
||||||
|
|
||||||
/* decrypt data */
|
/* decrypt data */
|
||||||
|
|
||||||
p += 16;
|
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
memset (&zero, 0, sizeof(zero));
|
||||||
|
#if 0
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
||||||
sizeof(key));
|
sizeof(key));
|
||||||
|
#endif
|
||||||
|
memcpy (&key, context_handle->auth_context->remote_subkey.keyvalue.data,
|
||||||
|
sizeof(key));
|
||||||
for (i = 0; i < sizeof(key); ++i)
|
for (i = 0; i < sizeof(key); ++i)
|
||||||
key[i] ^= 0xf0;
|
key[i] ^= 0xf0;
|
||||||
des_set_key (&key, schedule);
|
des_set_key (&key, schedule);
|
||||||
@@ -118,6 +75,53 @@ OM_uint32 gss_unwrap
|
|||||||
if (i != 0)
|
if (i != 0)
|
||||||
return GSS_S_BAD_MIC;
|
return GSS_S_BAD_MIC;
|
||||||
|
|
||||||
|
md5_init (&md5);
|
||||||
|
md5_update (&md5, p - 24, 8);
|
||||||
|
md5_update (&md5, p, input_message_buffer->length - len);
|
||||||
|
md5_finito (&md5, hash);
|
||||||
|
|
||||||
|
memset (&zero, 0, sizeof(zero));
|
||||||
|
#if 0
|
||||||
|
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
||||||
|
sizeof(key));
|
||||||
|
#endif
|
||||||
|
memcpy (&key, context_handle->auth_context->remote_subkey.keyvalue.data,
|
||||||
|
sizeof(key));
|
||||||
|
des_set_key (&key, schedule);
|
||||||
|
des_cbc_cksum ((des_cblock *)hash,
|
||||||
|
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
||||||
|
if (memcmp (p - 8, hash, 8) != 0)
|
||||||
|
return GSS_S_BAD_MIC;
|
||||||
|
|
||||||
|
/* verify sequence number */
|
||||||
|
|
||||||
|
krb5_auth_getremoteseqnumber (gssapi_krb5_context,
|
||||||
|
context_handle->auth_context,
|
||||||
|
&seq_number);
|
||||||
|
seq_data[0] = (seq_number >> 0) & 0xFF;
|
||||||
|
seq_data[1] = (seq_number >> 8) & 0xFF;
|
||||||
|
seq_data[2] = (seq_number >> 16) & 0xFF;
|
||||||
|
seq_data[3] = (seq_number >> 24) & 0xFF;
|
||||||
|
memset (seq_data + 4,
|
||||||
|
(context_handle->more_flags & LOCAL) ? 0xFF : 0,
|
||||||
|
4);
|
||||||
|
|
||||||
|
p -= 16;
|
||||||
|
des_set_key (&key, schedule);
|
||||||
|
des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8,
|
||||||
|
schedule, (des_cblock *)hash, DES_DECRYPT);
|
||||||
|
|
||||||
|
memset (key, 0, sizeof(key));
|
||||||
|
memset (schedule, 0, sizeof(schedule));
|
||||||
|
|
||||||
|
if (memcmp (p, seq_data, 8) != 0) {
|
||||||
|
return GSS_S_BAD_MIC;
|
||||||
|
}
|
||||||
|
|
||||||
|
krb5_auth_setremoteseqnumber (gssapi_krb5_context,
|
||||||
|
context_handle->auth_context,
|
||||||
|
++seq_number);
|
||||||
|
|
||||||
/* copy out data */
|
/* copy out data */
|
||||||
|
|
||||||
output_message_buffer->length = input_message_buffer->length
|
output_message_buffer->length = input_message_buffer->length
|
||||||
@@ -126,7 +130,7 @@ OM_uint32 gss_unwrap
|
|||||||
if(output_message_buffer->value == NULL)
|
if(output_message_buffer->value == NULL)
|
||||||
return GSS_S_FAILURE;
|
return GSS_S_FAILURE;
|
||||||
memcpy (output_message_buffer->value,
|
memcpy (output_message_buffer->value,
|
||||||
p + 8,
|
p + 24,
|
||||||
output_message_buffer->length);
|
output_message_buffer->length);
|
||||||
return GSS_S_COMPLETE;
|
return GSS_S_COMPLETE;
|
||||||
}
|
}
|
||||||
|
@@ -11,28 +11,23 @@ OM_uint32 gss_verify_mic
|
|||||||
)
|
)
|
||||||
{
|
{
|
||||||
u_char *p;
|
u_char *p;
|
||||||
size_t len;
|
|
||||||
struct md5 md5;
|
struct md5 md5;
|
||||||
u_char hash[16], seq_data[8];
|
u_char hash[16], seq_data[8];
|
||||||
des_key_schedule schedule;
|
des_key_schedule schedule;
|
||||||
des_cblock key;
|
des_cblock key;
|
||||||
des_cblock zero;
|
des_cblock zero;
|
||||||
int32_t seq_number;
|
int32_t seq_number;
|
||||||
|
OM_uint32 ret;
|
||||||
|
|
||||||
p = token_buffer->value;
|
p = token_buffer->value;
|
||||||
len = GSS_KRB5_MECHANISM->length + 28;
|
ret = gssapi_krb5_verify_header (&p,
|
||||||
|
token_buffer->length,
|
||||||
|
"\x01\x01");
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
|
||||||
if (
|
if (memcmp(p, "\x00\x00", 2) != 0)
|
||||||
token_buffer->length < len
|
return GSS_S_BAD_SIG;
|
||||||
|| memcmp (p, "\x60\x07\x06\x05", 4) != 0
|
|
||||||
|| memcmp (p + 4, GSS_KRB5_MECHANISM->elements,
|
|
||||||
GSS_KRB5_MECHANISM->length) != 0)
|
|
||||||
return GSS_S_BAD_MECH;
|
|
||||||
if (memcmp (p + 4 + GSS_KRB5_MECHANISM->length, "\x01\x01", 2) != 0)
|
|
||||||
return GSS_S_DEFECTIVE_TOKEN;
|
|
||||||
p += 6 + GSS_KRB5_MECHANISM->length;
|
|
||||||
if (memcmp (p, "\x00\x00", 2) != 0)
|
|
||||||
return GSS_S_BAD_SIG;
|
|
||||||
p += 2;
|
p += 2;
|
||||||
if (memcmp (p, "\xff\xff\xff\xff", 4) != 0)
|
if (memcmp (p, "\xff\xff\xff\xff", 4) != 0)
|
||||||
return GSS_S_BAD_MIC;
|
return GSS_S_BAD_MIC;
|
||||||
@@ -47,8 +42,13 @@ OM_uint32 gss_verify_mic
|
|||||||
md5_finito (&md5, hash);
|
md5_finito (&md5, hash);
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
memset (&zero, 0, sizeof(zero));
|
||||||
|
#if 0
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
||||||
sizeof(key));
|
sizeof(key));
|
||||||
|
#endif
|
||||||
|
memcpy (&key, context_handle->auth_context->remote_subkey.keyvalue.data,
|
||||||
|
sizeof(key));
|
||||||
|
|
||||||
des_set_key (&key, schedule);
|
des_set_key (&key, schedule);
|
||||||
des_cbc_cksum ((des_cblock *)hash,
|
des_cbc_cksum ((des_cblock *)hash,
|
||||||
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
||||||
@@ -68,7 +68,7 @@ OM_uint32 gss_verify_mic
|
|||||||
seq_data[2] = (seq_number >> 16) & 0xFF;
|
seq_data[2] = (seq_number >> 16) & 0xFF;
|
||||||
seq_data[3] = (seq_number >> 24) & 0xFF;
|
seq_data[3] = (seq_number >> 24) & 0xFF;
|
||||||
memset (seq_data + 4,
|
memset (seq_data + 4,
|
||||||
(context_handle->more_flags & LOCAL) ? 0 : 0xFF,
|
(context_handle->more_flags & LOCAL) ? 0xFF : 0,
|
||||||
4);
|
4);
|
||||||
|
|
||||||
p -= 16;
|
p -= 16;
|
||||||
|
Reference in New Issue
Block a user