From a8e1e4e12bbcff931257a70e11c75fc37ff1ee75 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Fri, 25 Apr 2003 17:12:16 +0000 Subject: [PATCH] (gss_krb5_compat_des3_mic): enable turning on/off des3 mic compat (_gss_DES3_get_mic_compat): handle [gssapi]correct_des3_mic too git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12138 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/gssapi/compat.c | 37 +++++++++++++++++++++++++++++-------- lib/gssapi/krb5/compat.c | 37 +++++++++++++++++++++++++++++-------- 2 files changed, 58 insertions(+), 16 deletions(-) diff --git a/lib/gssapi/compat.c b/lib/gssapi/compat.c index c1a39de93..4cc16e59a 100644 --- a/lib/gssapi/compat.c +++ b/lib/gssapi/compat.c @@ -38,7 +38,8 @@ RCSID("$Id$"); static krb5_error_code check_compat(OM_uint32 *minor_status, gss_name_t name, - const char *option, krb5_boolean *compat) + const char *option, krb5_boolean *compat, + krb5_boolean match_val) { krb5_error_code ret = 0; char **p, **q; @@ -57,7 +58,7 @@ check_compat(OM_uint32 *minor_status, gss_name_t name, break; if (krb5_principal_match(gssapi_krb5_context, name, match)) { - *compat = TRUE; + *compat = match_val; break; } @@ -79,12 +80,32 @@ _gss_DES3_get_mic_compat(OM_uint32 *minor_status, gss_ctx_id_t ctx) krb5_boolean use_compat = FALSE; OM_uint32 ret; - ret = check_compat(minor_status, ctx->target, - "broken_3des_mic", &use_compat); - if (ret) - return ret; - if (use_compat) - ctx->more_flags |= COMPAT_OLD_DES3; + if ((ctx->more_flags & COMPAT_OLD_DES3_SELECTED) == 0) { + ret = check_compat(minor_status, ctx->target, + "broken_des3_mic", &use_compat, TRUE); + if (ret) + return ret; + ret = check_compat(minor_status, ctx->target, + "correct_des3_mic", &use_compat, FALSE); + if (ret) + return ret; + if (use_compat) + ctx->more_flags |= COMPAT_OLD_DES3; + ctx->more_flags |= COMPAT_OLD_DES3_SELECTED; + } return 0; } + +OM_uint32 +gss_krb5_compat_des3_mic(OM_uint32 *minor_status, gss_ctx_id_t ctx, int on) +{ + *minor_status = 0; + + if (on) { + ctx->more_flags |= COMPAT_OLD_DES3; + } else { + ctx->more_flags &= ~COMPAT_OLD_DES3; + } + ctx->more_flags |= COMPAT_OLD_DES3_SELECTED; +} diff --git a/lib/gssapi/krb5/compat.c b/lib/gssapi/krb5/compat.c index c1a39de93..4cc16e59a 100644 --- a/lib/gssapi/krb5/compat.c +++ b/lib/gssapi/krb5/compat.c @@ -38,7 +38,8 @@ RCSID("$Id$"); static krb5_error_code check_compat(OM_uint32 *minor_status, gss_name_t name, - const char *option, krb5_boolean *compat) + const char *option, krb5_boolean *compat, + krb5_boolean match_val) { krb5_error_code ret = 0; char **p, **q; @@ -57,7 +58,7 @@ check_compat(OM_uint32 *minor_status, gss_name_t name, break; if (krb5_principal_match(gssapi_krb5_context, name, match)) { - *compat = TRUE; + *compat = match_val; break; } @@ -79,12 +80,32 @@ _gss_DES3_get_mic_compat(OM_uint32 *minor_status, gss_ctx_id_t ctx) krb5_boolean use_compat = FALSE; OM_uint32 ret; - ret = check_compat(minor_status, ctx->target, - "broken_3des_mic", &use_compat); - if (ret) - return ret; - if (use_compat) - ctx->more_flags |= COMPAT_OLD_DES3; + if ((ctx->more_flags & COMPAT_OLD_DES3_SELECTED) == 0) { + ret = check_compat(minor_status, ctx->target, + "broken_des3_mic", &use_compat, TRUE); + if (ret) + return ret; + ret = check_compat(minor_status, ctx->target, + "correct_des3_mic", &use_compat, FALSE); + if (ret) + return ret; + if (use_compat) + ctx->more_flags |= COMPAT_OLD_DES3; + ctx->more_flags |= COMPAT_OLD_DES3_SELECTED; + } return 0; } + +OM_uint32 +gss_krb5_compat_des3_mic(OM_uint32 *minor_status, gss_ctx_id_t ctx, int on) +{ + *minor_status = 0; + + if (on) { + ctx->more_flags |= COMPAT_OLD_DES3; + } else { + ctx->more_flags &= ~COMPAT_OLD_DES3; + } + ctx->more_flags |= COMPAT_OLD_DES3_SELECTED; +}