gssapi/krb5: make PADDING buffer optional in GSS IOV API

RFC 4121/4757 don't require padding as they operate as stream ciphers. Make the
PADDING buffer optional when using these encryption types with gss_wrap_iov()
and gss_unwrap_iov().

lib/gssapi/krb5/arcfour.c

@@ -880,7 +880,8 @@ _gssapi_wrap_iov_length_arcfour(OM_uint32 *minor_status,
 	}
     }
 
-    major_status = _gk_verify_buffers(minor_status, ctx, header, padding, trailer);
+    major_status = _gk_verify_buffers(minor_status, ctx, header,
+				      padding, trailer, FALSE);
     if (major_status != GSS_S_COMPLETE) {
 	    return major_status;
     }
@@ -937,7 +938,8 @@ _gssapi_wrap_iov_arcfour(OM_uint32 *minor_status,
     padding = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
     trailer = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
 
-    major_status = _gk_verify_buffers(minor_status, ctx, header, padding, trailer);
+    major_status = _gk_verify_buffers(minor_status, ctx, header,
+				      padding, trailer, FALSE);
     if (major_status != GSS_S_COMPLETE) {
 	return major_status;
     }
@@ -1181,10 +1183,11 @@ _gssapi_unwrap_iov_arcfour(OM_uint32 *minor_status,
 
     /* Check if the packet is correct */
     major_status = _gk_verify_buffers(minor_status,
-				  ctx,
+				      ctx,
-				  header,
+				      header,
-				  padding,
+				      padding,
-				  trailer);
+				      trailer,
+				      FALSE); /* behaves as stream cipher */
     if (major_status != GSS_S_COMPLETE) {
 	return major_status;
     }

lib/gssapi/krb5/cfx.c

@@ -239,7 +239,8 @@ _gk_verify_buffers(OM_uint32 *minor_status,
 		   const gsskrb5_ctx ctx,
 		   const gss_iov_buffer_desc *header,
 		   const gss_iov_buffer_desc *padding,
-		   const gss_iov_buffer_desc *trailer)
+		   const gss_iov_buffer_desc *trailer,
+		   int block_cipher)
 {
     if (header == NULL) {
 	*minor_status = EINVAL;
@@ -260,9 +261,12 @@ _gk_verify_buffers(OM_uint32 *minor_status,
 	}
     } else {
 	/*
-	 * In non-DCE style mode we require having a padding buffer
+	 * In non-DCE style mode we require having a padding buffer for
+	 * encryption types that do not behave as stream ciphers. This
+	 * check is superfluous for now, as only RC4 and RFC4121 enctypes
+	 * are presently implemented for the IOV APIs; be defensive.
 	 */
-	if (padding == NULL) {
+	if (block_cipher && padding == NULL) {
 	    *minor_status = EINVAL;
 	    return GSS_S_FAILURE;
 	}
@@ -306,7 +310,8 @@ _gssapi_wrap_cfx_iov(OM_uint32 *minor_status,
 
     trailer = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
 
-    major_status = _gk_verify_buffers(minor_status, ctx, header, padding, trailer);
+    major_status = _gk_verify_buffers(minor_status, ctx, header,
+				      padding, trailer, FALSE);
     if (major_status != GSS_S_COMPLETE) {
 	    return major_status;
     }
@@ -747,7 +752,8 @@ _gssapi_unwrap_cfx_iov(OM_uint32 *minor_status,
 
     trailer = _gk_find_buffer(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
 
-    major_status = _gk_verify_buffers(minor_status, ctx, header, padding, trailer);
+    major_status = _gk_verify_buffers(minor_status, ctx, header,
+				      padding, trailer, FALSE);
     if (major_status != GSS_S_COMPLETE) {
 	    return major_status;
     }
@@ -1069,7 +1075,8 @@ _gssapi_wrap_iov_length_cfx(OM_uint32 *minor_status,
 	}
     }
 
-    major_status = _gk_verify_buffers(minor_status, ctx, header, padding, trailer);
+    major_status = _gk_verify_buffers(minor_status, ctx, header,
+				      padding, trailer, FALSE);
     if (major_status != GSS_S_COMPLETE) {
 	    return major_status;
     }