oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

kadm5: Add functions to check for bogus keys

Browse Source 
Introduce kadm5_all_keys_are_bogus() and kadm5_some_keys_are_bogus()
which will be used in later changes.

Change-Id: I3a07ffe07bee7d6eb17c3d2eae91c107e0bac255
This commit is contained in:
Nicolas Williams
2015-03-12 14:42:22 -05:00
committed by Jeffrey Altman
parent cfdf6d5cbe
commit db72e66eb9
4 changed files with 39 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/kadm5/libkadm5srv-exports.def
View File

@@ -2,6 +2,7 @@ EXPORTS
;! kadm5_ad_init_with_password ;! kadm5_ad_init_with_password
;! kadm5_ad_init_with_password_ctx ;! kadm5_ad_init_with_password_ctx
kadm5_add_passwd_quality_verifier kadm5_add_passwd_quality_verifier
kadm5_all_keys_are_bogus
kadm5_check_password_quality kadm5_check_password_quality
kadm5_chpass_principal kadm5_chpass_principal
kadm5_chpass_principal_3 kadm5_chpass_principal_3
@@ -43,6 +44,7 @@ EXPORTS
kadm5_setkey_principal kadm5_setkey_principal
kadm5_setkey_principal_3 kadm5_setkey_principal_3
kadm5_setup_passwd_quality_check kadm5_setup_passwd_quality_check
kadm5_some_keys_are_bogus
kadm5_store_key_data kadm5_store_key_data
kadm5_store_principal_ent kadm5_store_principal_ent
kadm5_store_principal_ent_mask kadm5_store_principal_ent_mask

33
lib/kadm5/marshall.c
View File

@@ -35,6 +35,39 @@
RCSID("$Id$"); RCSID("$Id$");
int
kadm5_some_keys_are_bogus(size_t n_keys, krb5_key_data *keys)
{
size_t i;
for (i = 0; i < n_keys; i++) {
krb5_key_data *key = &keys[i];
if (key->key_data_length[0] == sizeof(KADM5_BOGUS_KEY_DATA) - 1 &&
ct_memcmp(key->key_data_contents[1], KADM5_BOGUS_KEY_DATA,
key->key_data_length[0]) == 0)
return 1;
}
return 0;
}
int
kadm5_all_keys_are_bogus(size_t n_keys, krb5_key_data *keys)
{
size_t i;
if (n_keys == 0)
return 0;
for (i = 0; i < n_keys; i++) {
krb5_key_data *key = &keys[i];
if (key->key_data_length[0] != sizeof(KADM5_BOGUS_KEY_DATA) - 1 ||
ct_memcmp(key->key_data_contents[1], KADM5_BOGUS_KEY_DATA,
key->key_data_length[0]) != 0)
return 0;
}
return 1;
}
kadm5_ret_t kadm5_ret_t
kadm5_store_key_data(krb5_storage *sp, kadm5_store_key_data(krb5_storage *sp,
krb5_key_data *key) krb5_key_data *key)

2
lib/kadm5/version-script-client.map
View File

@@ -5,6 +5,7 @@ HEIMDAL_KADM5_CLIENT_1.0 {
initialize_kadm5_error_table_r; initialize_kadm5_error_table_r;
kadm5_ad_init_with_password; kadm5_ad_init_with_password;
kadm5_ad_init_with_password_ctx; kadm5_ad_init_with_password_ctx;
kadm5_all_keys_are_bogus;
kadm5_c_chpass_principal; kadm5_c_chpass_principal;
kadm5_c_chpass_principal_with_key; kadm5_c_chpass_principal_with_key;
kadm5_c_create_principal; kadm5_c_create_principal;
@@ -48,6 +49,7 @@ HEIMDAL_KADM5_CLIENT_1.0 {
kadm5_ret_principal_ent; kadm5_ret_principal_ent;
kadm5_ret_principal_ent_mask; kadm5_ret_principal_ent_mask;
kadm5_ret_tl_data; kadm5_ret_tl_data;
kadm5_some_keys_are_bogus;
kadm5_store_key_data; kadm5_store_key_data;
kadm5_store_principal_ent; kadm5_store_principal_ent;
kadm5_store_principal_ent_mask; kadm5_store_principal_ent_mask;

2
lib/kadm5/version-script.map
View File

@@ -4,6 +4,7 @@ HEIMDAL_KAMD5_SERVER_1.0 {
global: global:
kadm5_ad_init_with_password; kadm5_ad_init_with_password;
kadm5_ad_init_with_password_ctx; kadm5_ad_init_with_password_ctx;
kadm5_all_keys_are_bogus;
kadm5_add_passwd_quality_verifier; kadm5_add_passwd_quality_verifier;
kadm5_check_password_quality; kadm5_check_password_quality;
kadm5_chpass_principal; kadm5_chpass_principal;
@@ -46,6 +47,7 @@ HEIMDAL_KAMD5_SERVER_1.0 {
kadm5_setup_passwd_quality_check; kadm5_setup_passwd_quality_check;
kadm5_setkey_principal; kadm5_setkey_principal;
kadm5_setkey_principal_3; kadm5_setkey_principal_3;
kadm5_some_keys_are_bogus;
kadm5_store_key_data; kadm5_store_key_data;
kadm5_store_principal_ent; kadm5_store_principal_ent;
kadm5_store_principal_ent_mask; kadm5_store_principal_ent_mask;