oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

gss: use _gss_ntlm_set_keys() in gss_init_sec_context()

Browse Source 
DRY: use the _gss_ntlm_set_keys() helper function to initialize the key state
for both initiator and acceptor.
This commit is contained in:
Luke Howard
2019-12-27 23:11:00 +11:00
parent c510e6d474
commit 920cfc5584
3 changed files with 10 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/gssapi/ntlm/crypto.c
View File

@@ -122,24 +122,30 @@ _gss_ntlm_set_key(struct ntlmv2_key *key, int acceptor, int sealsign,
void
_gss_ntlm_set_keys(ntlm_ctx ctx)
{
int acceptor;
if (ctx->sessionkey.length == 0)
return;
acceptor = !(ctx->status & STATUS_CLIENT);
ctx->status |= STATUS_SESSIONKEY;
if (ctx->flags & NTLM_NEG_NTLM2_SESSION) {
_gss_ntlm_set_key(&ctx->u.v2.send, 1,
_gss_ntlm_set_key(&ctx->u.v2.send, acceptor,
(ctx->flags & NTLM_NEG_KEYEX),
ctx->sessionkey.data,
ctx->sessionkey.length);
_gss_ntlm_set_key(&ctx->u.v2.recv, 0,
_gss_ntlm_set_key(&ctx->u.v2.recv, !acceptor,
(ctx->flags & NTLM_NEG_KEYEX),
ctx->sessionkey.data,
ctx->sessionkey.length);
} else {
ctx->u.v1.crypto_send.seq = 0;
RC4_set_key(&ctx->u.v1.crypto_send.key,
ctx->sessionkey.length,
ctx->sessionkey.data);
ctx->u.v1.crypto_recv.seq = 0;
RC4_set_key(&ctx->u.v1.crypto_recv.key,
ctx->sessionkey.length,
ctx->sessionkey.data);

19
lib/gssapi/ntlm/init_sec_context.c
View File

@@ -286,6 +286,7 @@ _gss_ntlm_init_sec_context
*minor_status = EINVAL;
return GSS_S_FAILURE;
}
ctx->status = STATUS_CLIENT;
*context_handle = (gss_ctx_id_t)ctx;
if (initiator_cred_handle != GSS_C_NO_CREDENTIAL) {
@@ -485,24 +486,8 @@ _gss_ntlm_init_sec_context
}
}
if (ctx->flags & NTLM_NEG_NTLM2_SESSION) {
ctx->status |= STATUS_SESSIONKEY;
_gss_ntlm_set_key(&ctx->u.v2.send, 0, (ctx->flags & NTLM_NEG_KEYEX),
ctx->sessionkey.data,
ctx->sessionkey.length);
_gss_ntlm_set_key(&ctx->u.v2.recv, 1, (ctx->flags & NTLM_NEG_KEYEX),
ctx->sessionkey.data,
ctx->sessionkey.length);
} else {
ctx->status |= STATUS_SESSIONKEY;
RC4_set_key(&ctx->u.v1.crypto_recv.key,
ctx->sessionkey.length,
ctx->sessionkey.data);
RC4_set_key(&ctx->u.v1.crypto_send.key,
ctx->sessionkey.length,
ctx->sessionkey.data);
}
_gss_ntlm_set_keys(ctx);
ret = heim_ntlm_encode_type3(&type3, &data, NULL);

1
lib/gssapi/ntlm/set_sec_context_option.c
View File

@@ -53,7 +53,6 @@ _gss_ntlm_set_sec_context_option(OM_uint32 *minor_status,
return GSS_S_NO_CONTEXT;
if (gss_oid_equal(object, GSS_C_NTLM_RESET_CRYPTO)) {
/* OM_uint32 verify = *((OM_uint32 *)value->value); */
_gss_ntlm_set_keys(ctx);
return GSS_S_COMPLETE;
} else