oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

check return value from krb5_crypto_init

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8975 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
2000-08-18 06:50:26 +00:00
parent 7cfcd42a15
commit accdd87f82
15 changed files with 103 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
kdc/524.c
View File

@@ -74,7 +74,12 @@ do_524(Ticket *t, krb5_data *reply, const char *from, struct sockaddr *addr)
"when converting ticket from ", spn, from);
goto out;
}
krb5_crypto_init(context, &skey->key, 0, &crypto);
ret = krb5_crypto_init(context, &skey->key, 0, &crypto);
if (ret) {
kdc_log(0, "krb5_crypto_init failed: %s",
krb5_get_err_text(context, ret));
goto out;
}
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_TICKET,

37
kdc/kerberos5.c
View File

@@ -173,7 +173,12 @@ encode_reply(KDC_REP *rep, EncTicketPart *et, EncKDCRepPart *ek,
}
krb5_crypto_init(context, skey, etype, &crypto);
ret = krb5_crypto_init(context, skey, etype, &crypto);
if (ret) {
kdc_log(0, "krb5_crypto_init failed: %s",
krb5_get_err_text(context, ret));
return ret;
}
krb5_encrypt_EncryptedData(context,
crypto,
@@ -196,7 +201,12 @@ encode_reply(KDC_REP *rep, EncTicketPart *et, EncKDCRepPart *ek,
krb5_get_err_text(context, ret));
return ret;
}
krb5_crypto_init(context, ckey, 0, &crypto);
ret = krb5_crypto_init(context, ckey, 0, &crypto);
if (ret) {
kdc_log(0, "krb5_crypto_init failed: %s",
krb5_get_err_text(context, ret));
return ret;
}
if(rep->msg_type == krb_as_rep) {
krb5_encrypt_EncryptedData(context,
crypto,
@@ -528,7 +538,14 @@ as_rep(KDC_REQ *req,
continue;
}
krb5_crypto_init(context, &pa_key->key, 0, &crypto);
ret = krb5_crypto_init(context, &pa_key->key, 0, &crypto);
if (ret) {
kdc_log(0, "krb5_crypto_init failed: %s",
krb5_get_err_text(context, ret));
free_EncryptedData(&enc_data);
continue;
}
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_PA_ENC_TIMESTAMP,
@@ -1245,7 +1262,12 @@ tgs_check_authenticator(krb5_auth_context ac,
krb5_get_err_text(context, ret));
goto out;
}
krb5_crypto_init(context, key, 0, &crypto);
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) {
kdc_log(0, "krb5_crypto_init failed: %s",
krb5_get_err_text(context, ret));
goto out;
}
ret = krb5_verify_checksum(context,
crypto,
KRB5_KU_TGS_REQ_AUTH_CKSUM,
@@ -1415,7 +1437,12 @@ tgs_rep2(KDC_REQ_BODY *b,
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */
goto out2;
}
krb5_crypto_init(context, subkey, 0, &crypto);
ret = krb5_crypto_init(context, subkey, 0, &crypto);
if (ret) {
kdc_log(0, "krb5_crypto_init failed: %s",
krb5_get_err_text(context, ret));
goto out2;
}
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY,

6
kuser/kdecode_ticket.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 1999 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -61,7 +61,9 @@ print_and_decode_tkt (krb5_context context,
if (ret)
krb5_err (context, 1, ret, "krb5_string_to_key");
krb5_crypto_init(context, &key, 0, &crypto);
ret = krb5_crypto_init(context, &key, 0, &crypto);
if (ret)
krb5_err (context, 1, ret, "krb5_crypto_init");
ret = krb5_decrypt_EncryptedData (context, crypto, KRB5_KU_TICKET,
&tkt.enc_part, &dec_data);

4
lib/krb5/build_auth.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1998 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -126,6 +126,8 @@ krb5_build_authenticator (krb5_context context,
} while(ret == ASN1_OVERFLOW);
ret = krb5_crypto_init(context, &cred->session, enctype, &crypto);
if (ret)
goto fail;
ret = krb5_encrypt (context,
crypto,
KRB5_KU_AP_REQ_AUTH,

8
lib/krb5/get_cred.c
View File

@@ -325,7 +325,9 @@ decrypt_tkt_with_subkey (krb5_context context,
size_t size;
krb5_crypto crypto;
krb5_crypto_init(context, key, 0, &crypto);
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret)
return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
usage,
@@ -334,7 +336,9 @@ decrypt_tkt_with_subkey (krb5_context context,
krb5_crypto_destroy(context, crypto);
if(ret && subkey){
/* DCE compat -- try to decrypt with subkey */
krb5_crypto_init(context, (krb5_keyblock*)subkey, 0, &crypto);
ret = krb5_crypto_init(context, (krb5_keyblock*)subkey, 0, &crypto);
if (ret)
return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_TGS_REP_ENC_PART_SUB_KEY,

8
lib/krb5/get_in_tkt.c
View File

@@ -85,7 +85,9 @@ decrypt_tkt (krb5_context context,
size_t size;
krb5_crypto crypto;
krb5_crypto_init(context, key, 0, &crypto);
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret)
return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
@@ -321,7 +323,9 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
if (ret)
return ret;
krb5_crypto_init(context, key, 0, &crypto);
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret)
return ret;
ret = krb5_encrypt_EncryptedData(context,
crypto,
KRB5_KU_PA_ENC_TIMESTAMP,

6
lib/krb5/mk_priv.c
View File

@@ -117,7 +117,11 @@ krb5_mk_priv(krb5_context context,
s.enc_part.etype = key->keytype;
s.enc_part.kvno = NULL;
krb5_crypto_init(context, key, 0, &crypto);
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) {
free (buf);
return ret;
}
ret = krb5_encrypt (context,
crypto,
KRB5_KU_KRB_PRIV,

10
lib/krb5/mk_rep.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997-1999 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -84,8 +84,12 @@ krb5_mk_rep(krb5_context context,
&len);
free_EncAPRepPart (&body);
krb5_crypto_init(context, (*auth_context)->keyblock,
0 /* ap.enc_part.etype */, &crypto);
ret = krb5_crypto_init(context, (*auth_context)->keyblock,
0 /* ap.enc_part.etype */, &crypto);
if (ret) {
free (buf);
return ret;
}
ret = krb5_encrypt (context,
crypto,
KRB5_KU_AP_REQ_ENC_PART,

5
lib/krb5/mk_req_ext.c
View File

@@ -104,7 +104,10 @@ krb5_mk_req_internal(krb5_context context,
&c);
} else {
krb5_crypto crypto;
krb5_crypto_init(context, ac->keyblock, 0, &crypto);
ret = krb5_crypto_init(context, ac->keyblock, 0, &crypto);
if (ret)
return ret;
ret = krb5_create_checksum(context,
crypto,
usage,

9
lib/krb5/mk_safe.c
View File

@@ -76,13 +76,20 @@ krb5_mk_safe(krb5_context context,
s.cksum.checksum.data = NULL;
s.cksum.checksum.length = 0;
buf_size = length_KRB_SAFE(&s);
buf = malloc(buf_size + 128); /* add some for checksum */
if(buf == NULL)
return ENOMEM;
ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
if (ret) {
free (buf);
return ret;
}
ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
if (ret) {
free (buf);
return ret;
}
ret = krb5_create_checksum(context,
crypto,
KRB5_KU_KRB_SAFE_CKSUM,

9
lib/krb5/rd_cred.c
View File

@@ -70,10 +70,15 @@ krb5_rd_cred (krb5_context context,
enc_krb_cred_part_data.data = cred.enc_part.cipher.data;
} else {
if (auth_context->remote_subkey)
krb5_crypto_init(context, auth_context->remote_subkey, 0, &crypto);
ret = krb5_crypto_init(context, auth_context->remote_subkey,
0, &crypto);
else
krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
ret = krb5_crypto_init(context, auth_context->keyblock,
0, &crypto);
/* DK: MIT rsh */
if (ret)
goto out;
ret = krb5_decrypt_EncryptedData(context,
crypto,

4
lib/krb5/rd_priv.c
View File

@@ -72,7 +72,9 @@ krb5_rd_priv(krb5_context context,
else
key = auth_context->keyblock;
krb5_crypto_init(context, key, 0, &crypto);
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret)
goto failure;
ret = krb5_decrypt_EncryptedData(context,
crypto,
KRB5_KU_KRB_PRIV,

4
lib/krb5/rd_rep.c
View File

@@ -62,7 +62,9 @@ krb5_rd_rep(krb5_context context,
goto out;
}
krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
if (ret)
goto out;
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_AP_REQ_ENC_PART,

8
lib/krb5/rd_req.c
View File

@@ -46,7 +46,9 @@ decrypt_tkt_enc_part (krb5_context context,
size_t len;
krb5_crypto crypto;
krb5_crypto_init(context, key, 0, &crypto);
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret)
return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_TICKET,
@@ -73,7 +75,9 @@ decrypt_authenticator (krb5_context context,
size_t len;
krb5_crypto crypto;
krb5_crypto_init(context, key, 0, &crypto);
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret)
return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_AP_REQ_AUTH,

4
lib/krb5/rd_safe.c
View File

@@ -65,7 +65,9 @@ verify_checksum(krb5_context context,
buf_size,
safe,
&len);
krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
if (ret)
goto out;
ret = krb5_verify_checksum (context,
crypto,
KRB5_KU_KRB_SAFE_CKSUM,