now that use used up more then 16 flags and we have been using the right bit order for many years, lets stop dealing with broken bit fields from ticket flags
This commit is contained in:
@@ -616,11 +616,6 @@ fcc_store_cred(krb5_context context,
|
||||
sp = krb5_storage_emem();
|
||||
krb5_storage_set_eof_code(sp, KRB5_CC_END);
|
||||
storage_set_flags(context, sp, FCACHE(id)->version);
|
||||
if (!krb5_config_get_bool_default(context, NULL, TRUE,
|
||||
"libdefaults",
|
||||
"fcc-mit-ticketflags",
|
||||
NULL))
|
||||
krb5_storage_set_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER);
|
||||
ret = krb5_store_creds(sp, creds);
|
||||
if (ret == 0)
|
||||
ret = write_storage(context, sp, fd);
|
||||
@@ -915,7 +910,6 @@ cred_delete(krb5_context context,
|
||||
struct stat sb1, sb2;
|
||||
int fd = -1;
|
||||
ssize_t bytes;
|
||||
krb5_flags flags = 0;
|
||||
krb5_const_realm srealm = krb5_principal_get_realm(context, cred->server);
|
||||
|
||||
/* This is best-effort code; if we lose track of errors here it's OK */
|
||||
@@ -924,19 +918,12 @@ cred_delete(krb5_context context,
|
||||
"fcache internal error");
|
||||
|
||||
krb5_data_zero(&orig_cred_data);
|
||||
if (!krb5_config_get_bool_default(context, NULL, TRUE,
|
||||
"libdefaults",
|
||||
"fcc-mit-ticketflags",
|
||||
NULL))
|
||||
flags = KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER;
|
||||
|
||||
sp = krb5_storage_emem();
|
||||
if (sp == NULL)
|
||||
return;
|
||||
krb5_storage_set_eof_code(sp, KRB5_CC_END);
|
||||
storage_set_flags(context, sp, FCACHE(id)->version);
|
||||
if (flags)
|
||||
krb5_storage_set_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER);
|
||||
|
||||
/* Get a copy of what the cred should look like in the file; see below */
|
||||
ret = krb5_store_creds(sp, cred);
|
||||
@@ -970,8 +957,6 @@ cred_delete(krb5_context context,
|
||||
return;
|
||||
krb5_storage_set_eof_code(sp, KRB5_CC_END);
|
||||
storage_set_flags(context, sp, FCACHE(id)->version);
|
||||
if (flags)
|
||||
krb5_storage_set_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER);
|
||||
|
||||
ret = krb5_store_creds(sp, cred);
|
||||
|
||||
|
@@ -1347,14 +1347,9 @@ krb5_store_creds(krb5_storage *sp, krb5_creds *creds)
|
||||
ret = krb5_store_int8(sp, creds->second_ticket.length != 0); /* is_skey */
|
||||
if(ret)
|
||||
return ret;
|
||||
|
||||
if(krb5_storage_is_flags(sp, KRB5_STORAGE_CREDS_FLAGS_WRONG_BITORDER))
|
||||
ret = krb5_store_int32(sp, creds->flags.i);
|
||||
else
|
||||
ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b)));
|
||||
ret = krb5_store_int32(sp, bitswap32(TicketFlags2int(creds->flags.b)));
|
||||
if(ret)
|
||||
return ret;
|
||||
|
||||
ret = krb5_store_addrs(sp, creds->addresses);
|
||||
if(ret)
|
||||
return ret;
|
||||
@@ -1399,23 +1394,7 @@ krb5_ret_creds(krb5_storage *sp, krb5_creds *creds)
|
||||
if(ret) goto cleanup;
|
||||
ret = krb5_ret_int32 (sp, &dummy32);
|
||||
if(ret) goto cleanup;
|
||||
/*
|
||||
* Runtime detect the what is the higher bits of the bitfield. If
|
||||
* any of the higher bits are set in the input data, it's either a
|
||||
* new ticket flag (and this code need to be removed), or it's a
|
||||
* MIT cache (or new Heimdal cache), lets change it to our current
|
||||
* format.
|
||||
*/
|
||||
{
|
||||
uint32_t mask = 0xffff0000;
|
||||
creds->flags.i = 0;
|
||||
creds->flags.b.anonymous = 1;
|
||||
if (creds->flags.i & mask)
|
||||
mask = ~mask;
|
||||
if (dummy32 & mask)
|
||||
dummy32 = bitswap32(dummy32);
|
||||
}
|
||||
creds->flags.i = dummy32;
|
||||
creds->flags.b = int2TicketFlags(bitswap32(dummy32));
|
||||
ret = krb5_ret_addrs (sp, &creds->addresses);
|
||||
if(ret) goto cleanup;
|
||||
ret = krb5_ret_authdata (sp, &creds->authdata);
|
||||
@@ -1574,23 +1553,7 @@ krb5_ret_creds_tag(krb5_storage *sp,
|
||||
if(ret) goto cleanup;
|
||||
ret = krb5_ret_int32 (sp, &dummy32);
|
||||
if(ret) goto cleanup;
|
||||
/*
|
||||
* Runtime detect the what is the higher bits of the bitfield. If
|
||||
* any of the higher bits are set in the input data, it's either a
|
||||
* new ticket flag (and this code need to be removed), or it's a
|
||||
* MIT cache (or new Heimdal cache), lets change it to our current
|
||||
* format.
|
||||
*/
|
||||
{
|
||||
uint32_t mask = 0xffff0000;
|
||||
creds->flags.i = 0;
|
||||
creds->flags.b.anonymous = 1;
|
||||
if (creds->flags.i & mask)
|
||||
mask = ~mask;
|
||||
if (dummy32 & mask)
|
||||
dummy32 = bitswap32(dummy32);
|
||||
}
|
||||
creds->flags.i = dummy32;
|
||||
creds->flags.b = int2TicketFlags(bitswap32(dummy32));
|
||||
if (header & SC_ADDRESSES) {
|
||||
ret = krb5_ret_addrs (sp, &creds->addresses);
|
||||
if(ret) goto cleanup;
|
||||
|
Reference in New Issue
Block a user