oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

use ASN1_MALLOC_ENCODE

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11372 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2002-09-04 16:26:05 +00:00
parent c93497a2e8
commit ddc308c36f
11 changed files with 104 additions and 319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/krb5/build_ap_req.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -66,15 +66,10 @@ krb5_build_ap_req (krb5_context context,
ap.authenticator.kvno = NULL;
ap.authenticator.cipher = authenticator;
retdata->length = length_AP_REQ(&ap);
retdata->data = malloc(retdata->length);
if(retdata->data == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
} else
encode_AP_REQ((unsigned char *)retdata->data + retdata->length - 1,
retdata->length, &ap, &len);
ASN1_MALLOC_ENCODE(AP_REQ, retdata->data, retdata->length,
&ap, &len, ret);
free_AP_REQ(&ap);
return ret;
}

16
lib/krb5/build_auth.c
View File

@@ -92,22 +92,10 @@ krb5_build_authenticator (krb5_context context,
auth_context->authenticator->cusec = auth->cusec;
}
buf_size = length_Authenticator(auth);
buf = malloc (buf_size);
if (buf == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto fail;
}
ASN1_MALLOC_ENCODE(Authenticator, buf, buf_size, auth, &len, ret);
ret = krb5_encode_Authenticator (context,
buf + buf_size - 1,
buf_size,
auth, &len);
if (ret) {
krb5_set_error_string(context, "internal error in ASN.1 encoder");
if (ret)
goto fail;
}
ret = krb5_crypto_init(context, &cred->session, enctype, &crypto);
if (ret)

78
lib/krb5/get_cred.c
View File

@@ -54,36 +54,14 @@ make_pa_tgs_req(krb5_context context,
krb5_data in_data;
krb5_error_code ret;
buf_size = 1024;
buf = malloc (buf_size);
if (buf == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
do {
ret = encode_KDC_REQ_BODY(buf + buf_size - 1, buf_size,
body, &len);
if (ret){
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
buf_size *= 2;
tmp = realloc (buf, buf_size);
if (tmp == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
buf = tmp;
} else {
goto out;
}
}
} while (ret == ASN1_OVERFLOW);
ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, body, &len, ret);
if (ret)
goto out;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
in_data.length = len;
in_data.data = buf + buf_size - len;
in_data.data = buf;
ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds,
&padata->padata_value,
KRB5_KU_TGS_REQ_AUTH_CKSUM,
@@ -113,18 +91,9 @@ set_auth_data (krb5_context context,
krb5_crypto crypto;
krb5_error_code ret;
len = length_AuthorizationData(authdata);
buf = malloc(len);
if (buf == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
ret = encode_AuthorizationData(buf + len - 1,
len, authdata, &len);
if (ret) {
free (buf);
ASN1_MALLOC_ENCODE(AuthorizationData, buf, len, authdata, &len, ret);
if (ret)
return ret;
}
ALLOC(req_body->enc_authorization_data, 1);
if (req_body->enc_authorization_data == NULL) {
@@ -434,34 +403,11 @@ get_cred_kdc_usage(krb5_context context,
if (ret)
goto out;
buf_size = 1024;
buf = malloc (buf_size);
if (buf == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
ASN1_MALLOC_ENCODE(TGS_REQ, buf, buf_size, &req, &enc.length, ret);
if (ret)
goto out;
}
do {
ret = encode_TGS_REQ (buf + buf_size - 1, buf_size,
&req, &enc.length);
if (ret) {
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
buf_size *= 2;
tmp = realloc (buf, buf_size);
if (tmp == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
buf = tmp;
} else {
goto out;
}
}
} while (ret == ASN1_OVERFLOW);
if(enc.length != buf_size)
krb5_abortx(context, "internal error in ASN.1 encoder");
/* don't free addresses */
req.req_body.addresses = NULL;

28
lib/krb5/get_for_creds.c
View File

@@ -162,7 +162,8 @@ krb5_get_forwarded_creds (krb5_context context,
KrbCredInfo *krb_cred_info;
EncKrbCredPart enc_krb_cred_part;
size_t len;
u_char buf[1024];
unsigned char *buf;
size_t buf_size;
int32_t sec, usec;
krb5_kdc_flags kdc_flags;
krb5_crypto crypto;
@@ -320,14 +321,15 @@ krb5_get_forwarded_creds (krb5_context context,
/* encode EncKrbCredPart */
ret = krb5_encode_EncKrbCredPart (context,
buf + sizeof(buf) - 1, sizeof(buf),
&enc_krb_cred_part, &len);
ASN1_MALLOC_ENCODE(EncKrbCredPart, buf, buf_size,
&enc_krb_cred_part, &len, ret);
free_EncKrbCredPart (&enc_krb_cred_part);
if (ret) {
free_KRB_CRED(&cred);
return ret;
}
}
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
if (auth_context->local_subkey)
key = auth_context->local_subkey;
@@ -338,34 +340,32 @@ krb5_get_forwarded_creds (krb5_context context,
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) {
free(buf);
free_KRB_CRED(&cred);
return ret;
}
ret = krb5_encrypt_EncryptedData (context,
crypto,
KRB5_KU_KRB_CRED,
buf + sizeof(buf) - len,
buf,
len,
0,
&cred.enc_part);
free(buf);
krb5_crypto_destroy(context, crypto);
if (ret) {
free_KRB_CRED(&cred);
return ret;
}
ret = encode_KRB_CRED (buf + sizeof(buf) - 1, sizeof(buf),
&cred, &len);
ASN1_MALLOC_ENCODE(KRB_CRED, buf, buf_size, &cred, &len, ret);
free_KRB_CRED (&cred);
if (ret)
return ret;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
out_data->length = len;
out_data->data = malloc(len);
if (out_data->data == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
memcpy (out_data->data, buf + sizeof(buf) - len, len);
out_data->data = buf;
return 0;
out4:
free_EncKrbCredPart(&enc_krb_cred_part);

65
lib/krb5/get_in_tkt.c
View File

@@ -158,22 +158,12 @@ _krb5_extract_ticket(krb5_context context,
creds->client = tmp_principal;
/* extract ticket */
{
unsigned char *buf;
size_t len;
len = length_Ticket(&rep->kdc_rep.ticket);
buf = malloc(len);
if(buf == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
encode_Ticket(buf + len - 1, len, &rep->kdc_rep.ticket, &len);
creds->ticket.data = buf;
creds->ticket.length = len;
creds->second_ticket.length = 0;
creds->second_ticket.data = NULL;
}
ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length,
&rep->kdc_rep.ticket, &creds->ticket.length, ret);
if(ret)
goto out;
creds->second_ticket.length = 0;
creds->second_ticket.data = NULL;
/* compare server */
@@ -315,7 +305,8 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
krb5_enctype etype, krb5_keyblock *key)
{
PA_ENC_TS_ENC p;
u_char buf[1024];
unsigned char *buf;
size_t buf_size;
size_t len;
EncryptedData encdata;
krb5_error_code ret;
@@ -328,39 +319,37 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
usec2 = usec;
p.pausec = &usec2;
ret = encode_PA_ENC_TS_ENC(buf + sizeof(buf) - 1,
sizeof(buf),
&p,
&len);
ASN1_MALLOC_ENCODE(PA_ENC_TS_ENC, buf, buf_size, &p, &len, ret);
if (ret)
return ret;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret)
if (ret) {
free(buf);
return ret;
}
ret = krb5_encrypt_EncryptedData(context,
crypto,
KRB5_KU_PA_ENC_TIMESTAMP,
buf + sizeof(buf) - len,
buf,
len,
0,
&encdata);
free(buf);
krb5_crypto_destroy(context, crypto);
if (ret)
return ret;
ret = encode_EncryptedData(buf + sizeof(buf) - 1,
sizeof(buf),
&encdata,
&len);
ASN1_MALLOC_ENCODE(EncryptedData, buf, buf_size, &encdata, &len, ret);
free_EncryptedData(&encdata);
if (ret)
return ret;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP;
pa->padata_value.length = 0;
krb5_data_copy(&pa->padata_value,
buf + sizeof(buf) - len,
len);
pa->padata_value.length = len;
pa->padata_value.data = buf;
return 0;
}
@@ -657,7 +646,7 @@ krb5_get_in_cred(krb5_context context,
AS_REQ a;
krb5_kdc_rep rep;
krb5_data req, resp;
char buf[BUFSIZ];
size_t len;
krb5_salt salt;
krb5_keyblock *key;
size_t size;
@@ -693,17 +682,15 @@ krb5_get_in_cred(krb5_context context,
if (ret)
return ret;
ret = encode_AS_REQ ((unsigned char*)buf + sizeof(buf) - 1,
sizeof(buf),
&a,
&req.length);
ASN1_MALLOC_ENCODE(AS_REQ, req.data, req.length, &a, &len, ret);
free_AS_REQ(&a);
if (ret)
return ret;
req.data = buf + sizeof(buf) - req.length;
if(len != req.length)
krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_sendto_kdc (context, &req, &creds->client->realm, &resp);
krb5_data_free(&req);
if (ret)
return ret;

49
lib/krb5/mk_error.c
View File

@@ -47,8 +47,6 @@ krb5_mk_error(krb5_context context,
krb5_data *reply)
{
KRB_ERROR msg;
u_char *buf;
size_t buf_size;
int32_t sec, usec;
size_t len;
krb5_error_code ret = 0;
@@ -84,45 +82,10 @@ krb5_mk_error(krb5_context context,
msg.cname = &client->name;
}
buf_size = 1024;
buf = malloc (buf_size);
if (buf == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
do {
ret = encode_KRB_ERROR(buf + buf_size - 1,
buf_size,
&msg,
&len);
if (ret) {
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
buf_size *= 2;
tmp = realloc (buf, buf_size);
if (tmp == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
buf = tmp;
} else {
goto out;
}
}
} while (ret == ASN1_OVERFLOW);
reply->length = len;
reply->data = malloc(len);
if (reply->data == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
ret = ENOMEM;
goto out;
}
memcpy (reply->data, buf + buf_size - len, len);
out:
free (buf);
return ret;
ASN1_MALLOC_ENCODE(KRB_ERROR, reply->data, reply->length, &msg, &len, ret);
if (ret)
return ret;
if(reply->length != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
return 0;
}

65
lib/krb5/mk_priv.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -35,10 +35,7 @@
RCSID("$Id$");
/*
*
*/
krb5_error_code
krb5_mk_priv(krb5_context context,
krb5_auth_context auth_context,
@@ -83,35 +80,11 @@ krb5_mk_priv(krb5_context context,
part.s_address = auth_context->local_address;
part.r_address = auth_context->remote_address;
buf_size = 1024;
buf = malloc (buf_size);
if (buf == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
krb5_data_zero (&s.enc_part.cipher);
do {
ret = encode_EncKrbPrivPart (buf + buf_size - 1, buf_size,
&part, &len);
if (ret) {
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
buf_size *= 2;
tmp = realloc (buf, buf_size);
if (tmp == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
ret = ENOMEM;
goto fail;
}
buf = tmp;
} else {
goto fail;
}
}
} while(ret == ASN1_OVERFLOW);
ASN1_MALLOC_ENCODE(EncKrbPrivPart, buf, buf_size, &part, &len, ret);
if (ret)
goto fail;
s.pvno = 5;
s.msg_type = krb_priv;
@@ -134,37 +107,21 @@ krb5_mk_priv(krb5_context context,
free(buf);
return ret;
}
free(buf);
do {
ret = encode_KRB_PRIV (buf + buf_size - 1, buf_size, &s, &len);
if (ret){
if (ret == ASN1_OVERFLOW) {
u_char *tmp;
ASN1_MALLOC_ENCODE(KRB_PRIV, buf, buf_size, &s, &len, ret);
buf_size *= 2;
tmp = realloc (buf, buf_size);
if (tmp == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
ret = ENOMEM;
goto fail;
}
buf = tmp;
} else {
goto fail;
}
}
} while(ret == ASN1_OVERFLOW);
if(ret)
goto fail;
krb5_data_free (&s.enc_part.cipher);
outbuf->length = len;
outbuf->data = malloc (len);
if (outbuf->data == NULL) {
ret = krb5_data_copy(outbuf, buf + buf_size - len, len);
if (ret) {
krb5_set_error_string (context, "malloc: out of memory");
free(buf);
return ENOMEM;
}
memcpy (outbuf->data, buf + buf_size - len, len);
free (buf);
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
auth_context->local_seqnumber =

36
lib/krb5/mk_rep.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -72,21 +72,10 @@ krb5_mk_rep(krb5_context context,
ap.enc_part.etype = auth_context->keyblock->keytype;
ap.enc_part.kvno = NULL;
buf_size = length_EncAPRepPart(&body);
buf = malloc (buf_size);
if (buf == NULL) {
free_EncAPRepPart (&body);
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
ret = krb5_encode_EncAPRepPart (context,
buf + buf_size - 1,
buf_size,
&body,
&len);
ASN1_MALLOC_ENCODE(EncAPRepPart, buf, buf_size, &body, &len, ret);
free_EncAPRepPart (&body);
if(ret)
return ret;
ret = krb5_crypto_init(context, auth_context->keyblock,
0 /* ap.enc_part.etype */, &crypto);
if (ret) {
@@ -105,20 +94,7 @@ krb5_mk_rep(krb5_context context,
return ret;
}
buf_size = length_AP_REP(&ap);
buf = realloc(buf, buf_size);
if(buf == NULL) {
free_AP_REP (&ap);
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
ret = encode_AP_REP (buf + buf_size - 1, buf_size, &ap, &len);
ASN1_MALLOC_ENCODE(AP_REP, outbuf->data, outbuf->length, &ap, &len, ret);
free_AP_REP (&ap);
if(len != buf_size)
krb5_abortx(context, "krb5_mk_rep: encoded length != calculated length");
outbuf->data = buf;
outbuf->length = len;
return 0;
return ret;
}

44
lib/krb5/mk_safe.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -48,7 +48,6 @@ krb5_mk_safe(krb5_context context,
KerberosTime sec2;
int usec2;
u_char *buf = NULL;
void *tmp;
size_t buf_size;
size_t len;
u_int32_t tmp_seq;
@@ -85,17 +84,11 @@ krb5_mk_safe(krb5_context context,
s.cksum.checksum.data = NULL;
s.cksum.checksum.length = 0;
buf_size = length_KRB_SAFE(&s);
buf = malloc(buf_size + 128); /* add some for checksum */
if(buf == NULL) {
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
if (ret) {
free (buf);
ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret);
if (ret)
return ret;
}
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) {
free (buf);
@@ -105,7 +98,7 @@ krb5_mk_safe(krb5_context context,
crypto,
KRB5_KU_KRB_SAFE_CKSUM,
0,
buf + buf_size - len,
buf,
len,
&s.cksum);
krb5_crypto_destroy(context, crypto);
@@ -114,27 +107,16 @@ krb5_mk_safe(krb5_context context,
return ret;
}
buf_size = length_KRB_SAFE(&s);
tmp = realloc(buf, buf_size);
if(tmp == NULL) {
free(buf);
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
buf = tmp;
ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
free(buf);
ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret);
free_Checksum (&s.cksum);
if(ret)
return ret;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
outbuf->length = len;
outbuf->data = malloc (len);
if (outbuf->data == NULL) {
free (buf);
krb5_set_error_string (context, "malloc: out of memory");
return ENOMEM;
}
memcpy (outbuf->data, buf + buf_size - len, len);
free (buf);
outbuf->data = buf;
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
auth_context->local_seqnumber =
(auth_context->local_seqnumber + 1) & 0xFFFFFFFF;

9
lib/krb5/rd_cred.c
View File

@@ -214,7 +214,6 @@ krb5_rd_cred(krb5_context context,
for (i = 0; i < enc_krb_cred_part.ticket_info.len; ++i) {
KrbCredInfo *kci = &enc_krb_cred_part.ticket_info.val[i];
krb5_creds *creds;
u_char buf[1024];
size_t len;
creds = calloc(1, sizeof(*creds));
@@ -224,12 +223,12 @@ krb5_rd_cred(krb5_context context,
goto out;
}
ret = encode_Ticket (buf + sizeof(buf) - 1, sizeof(buf),
&cred.tickets.val[i],
&len);
ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length,
&cred.tickets.val[i], &len, ret);
if (ret)
goto out;
krb5_data_copy (&creds->ticket, buf + sizeof(buf) - len, len);
if(creds->ticket.length != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
copy_EncryptionKey (&kci->key, &creds->session);
if (kci->prealm && kci->pname)
principalname2krb5_principal (&creds->client,

18
lib/krb5/rd_safe.c
View File

@@ -53,19 +53,11 @@ verify_checksum(krb5_context context,
safe->cksum.checksum.data = NULL;
safe->cksum.checksum.length = 0;
buf_size = length_KRB_SAFE(safe);
buf = malloc(buf_size);
if (buf == NULL) {
ret = ENOMEM;
krb5_set_error_string (context, "malloc: out of memory");
goto out;
}
ret = encode_KRB_SAFE (buf + buf_size - 1,
buf_size,
safe,
&len);
ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, safe, &len, ret);
if(ret)
return ret;
if(buf_size != len)
krb5_abortx(context, "internal error in ASN.1 encoder");
if (auth_context->remote_subkey)
key = auth_context->remote_subkey;