oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(get_des_key): rewrite some, be more paranoid

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8571 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
2000-07-07 21:52:02 +00:00
parent 4499baef64
commit d2db791403
1 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
kdc/kerberos4.c
View File

@@ -109,15 +109,17 @@ db_fetch4(const char *name, const char *instance, const char *realm)
krb5_error_code krb5_error_code
get_des_key(hdb_entry *principal, krb5_boolean prefer_afs_key, Key **ret_key) get_des_key(hdb_entry *principal, krb5_boolean prefer_afs_key, Key **ret_key)
{ {
Key *key = NULL;
Key *v5_key = NULL, *v4_key = NULL, *afs_key = NULL; Key *v5_key = NULL, *v4_key = NULL, *afs_key = NULL;
int i; int i;
krb5_enctype etypes[] = { ETYPE_DES_CBC_MD5, krb5_enctype etypes[] = { ETYPE_DES_CBC_MD5,
ETYPE_DES_CBC_MD4, ETYPE_DES_CBC_MD4,
ETYPE_DES_CBC_CRC }; ETYPE_DES_CBC_CRC };
for(i = 0; i < 3; i++) { for(i = 0;
key = NULL; i < sizeof(etypes)/sizeof(etypes[0])
&& (v5_key == NULL || v4_key == NULL || afs_key == NULL);
++i) {
Key *key = NULL;
while(hdb_next_enctype2key(context, principal, etypes[i], &key) == 0) { while(hdb_next_enctype2key(context, principal, etypes[i], &key) == 0) {
if(key->salt == NULL) { if(key->salt == NULL) {
if(v5_key == NULL) if(v5_key == NULL)
@@ -131,24 +133,27 @@ get_des_key(hdb_entry *principal, krb5_boolean prefer_afs_key, Key **ret_key)
afs_key = key; afs_key = key;
} }
} }
if(v5_key != NULL && v4_key != NULL && afs_key != NULL)
break;
} }
if(prefer_afs_key) if(prefer_afs_key) {
if(afs_key) if(afs_key)
*ret_key = afs_key; *ret_key = afs_key;
else if(v4_key) else if(v4_key)
*ret_key = v4_key; *ret_key = v4_key;
else else if(v5_key)
*ret_key = v5_key; *ret_key = v5_key;
else else
return KERB_ERR_NULL_KEY;
} else {
if(v4_key) if(v4_key)
*ret_key = v4_key; *ret_key = v4_key;
else if(afs_key) else if(afs_key)
*ret_key = afs_key; *ret_key = afs_key;
else else if(v5_key)
*ret_key = v5_key; *ret_key = v5_key;
else
return KERB_ERR_NULL_KEY;
}
if((*ret_key)->key.keyvalue.length == 0) if((*ret_key)->key.keyvalue.length == 0)
return KERB_ERR_NULL_KEY; return KERB_ERR_NULL_KEY;