- EC and RRC are big-endian, not little-endian
- The default is now to rotate regardless of GSS_C_DCE_STYLE. There are no longer any references to GSS_C_DCE_STYLE. - rrc_rotate() avoids allocating memory on the heap if rrc <= 256 From: Luke Howard <lukeh@padl.com> git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12912 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
@@ -35,7 +35,7 @@
|
|||||||
RCSID("$Id$");
|
RCSID("$Id$");
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Implementation of draft-ietf-krb-wg-gssapi-cfx-0?.txt
|
* Implementation of draft-ietf-krb-wg-gssapi-cfx-02.txt
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#define SentByAcceptor (1 << 0)
|
#define SentByAcceptor (1 << 0)
|
||||||
@@ -149,6 +149,7 @@ static krb5_error_code rrc_rotate(void *data,
|
|||||||
{
|
{
|
||||||
u_char *tmp;
|
u_char *tmp;
|
||||||
size_t left;
|
size_t left;
|
||||||
|
char buf[256];
|
||||||
|
|
||||||
if (rrc == 0) {
|
if (rrc == 0) {
|
||||||
return 0;
|
return 0;
|
||||||
@@ -160,9 +161,12 @@ static krb5_error_code rrc_rotate(void *data,
|
|||||||
|
|
||||||
left = len - rrc;
|
left = len - rrc;
|
||||||
|
|
||||||
tmp = malloc(rrc);
|
if (rrc <= sizeof(buf)) {
|
||||||
if (tmp == NULL) {
|
tmp = buf;
|
||||||
return ENOMEM;
|
} else {
|
||||||
|
tmp = malloc(rrc);
|
||||||
|
if (tmp == NULL) {
|
||||||
|
return ENOMEM;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (unrotate) {
|
if (unrotate) {
|
||||||
@@ -175,7 +179,9 @@ static krb5_error_code rrc_rotate(void *data,
|
|||||||
memcpy(data, tmp, rrc);
|
memcpy(data, tmp, rrc);
|
||||||
}
|
}
|
||||||
|
|
||||||
free(tmp);
|
if (rrc > sizeof(buf))
|
||||||
|
free(tmp);
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -216,12 +222,8 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status,
|
|||||||
return GSS_S_FAILURE;
|
return GSS_S_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef GSS_C_DCE_STYLE
|
/* Always rotate encrypted token (if any) and checksum to header */
|
||||||
if (context_handle->flags & GSS_C_DCE_STYLE) {
|
rrc = (conf_req_flag ? sizeof(*token) : 0) + (u_int16_t)cksumsize;
|
||||||
/* Rotate encrypted token (if any) and checksum to header */
|
|
||||||
rrc = (conf_req_flag ? sizeof(*token) : 0) + (u_int16_t)cksumsize;
|
|
||||||
}
|
|
||||||
#endif /* GSS_C_DCE_STYLE */
|
|
||||||
|
|
||||||
output_message_buffer->length = wrapped_len;
|
output_message_buffer->length = wrapped_len;
|
||||||
output_message_buffer->value = malloc(output_message_buffer->length);
|
output_message_buffer->value = malloc(output_message_buffer->length);
|
||||||
@@ -245,8 +247,8 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status,
|
|||||||
* used to encode the size (in bytes) of the random filler.
|
* used to encode the size (in bytes) of the random filler.
|
||||||
*/
|
*/
|
||||||
token->Flags |= Sealed;
|
token->Flags |= Sealed;
|
||||||
token->EC[0] = (padlength >> 0) & 0xFF;
|
token->EC[0] = (padlength >> 8) & 0xFF;
|
||||||
token->EC[1] = (padlength >> 8) & 0xFF;
|
token->EC[1] = (padlength >> 0) & 0xFF;
|
||||||
} else {
|
} else {
|
||||||
/*
|
/*
|
||||||
* In Wrap tokens without confidentiality, the EC field is
|
* In Wrap tokens without confidentiality, the EC field is
|
||||||
@@ -328,8 +330,8 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status,
|
|||||||
return GSS_S_FAILURE;
|
return GSS_S_FAILURE;
|
||||||
}
|
}
|
||||||
assert(sizeof(*token) + cipher.length == wrapped_len);
|
assert(sizeof(*token) + cipher.length == wrapped_len);
|
||||||
token->RRC[0] = (rrc >> 0) & 0xFF;
|
token->RRC[0] = (rrc >> 8) & 0xFF;
|
||||||
token->RRC[1] = (rrc >> 8) & 0xFF;
|
token->RRC[1] = (rrc >> 0) & 0xFF;
|
||||||
|
|
||||||
ret = rrc_rotate(cipher.data, cipher.length, rrc, FALSE);
|
ret = rrc_rotate(cipher.data, cipher.length, rrc, FALSE);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
@@ -372,10 +374,10 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status,
|
|||||||
free(buf);
|
free(buf);
|
||||||
|
|
||||||
assert(cksum.checksum.length == cksumsize);
|
assert(cksum.checksum.length == cksumsize);
|
||||||
token->EC[0] = (cksum.checksum.length >> 0) & 0xFF;
|
token->EC[0] = (cksum.checksum.length >> 8) & 0xFF;
|
||||||
token->EC[1] = (cksum.checksum.length >> 8) & 0xFF;
|
token->EC[1] = (cksum.checksum.length >> 0) & 0xFF;
|
||||||
token->RRC[0] = (rrc >> 0) & 0xFF;
|
token->RRC[0] = (rrc >> 8) & 0xFF;
|
||||||
token->RRC[1] = (rrc >> 8) & 0xFF;
|
token->RRC[1] = (rrc >> 0) & 0xFF;
|
||||||
|
|
||||||
p += sizeof(*token);
|
p += sizeof(*token);
|
||||||
memcpy(p, input_message_buffer->value, input_message_buffer->length);
|
memcpy(p, input_message_buffer->value, input_message_buffer->length);
|
||||||
@@ -455,8 +457,8 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status,
|
|||||||
*conf_state = (token->Flags & Sealed) ? 1 : 0;
|
*conf_state = (token->Flags & Sealed) ? 1 : 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
ec = (token->EC[1] << 8) | token->EC[0];
|
ec = (token->EC[0] << 8) | token->EC[1];
|
||||||
rrc = (token->RRC[1] << 8) | token->RRC[0];
|
rrc = (token->RRC[0] << 8) | token->RRC[1];
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check sequence number
|
* Check sequence number
|
||||||
|
|||||||
@@ -35,7 +35,7 @@
|
|||||||
RCSID("$Id$");
|
RCSID("$Id$");
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Implementation of draft-ietf-krb-wg-gssapi-cfx-0?.txt
|
* Implementation of draft-ietf-krb-wg-gssapi-cfx-02.txt
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#define SentByAcceptor (1 << 0)
|
#define SentByAcceptor (1 << 0)
|
||||||
@@ -149,6 +149,7 @@ static krb5_error_code rrc_rotate(void *data,
|
|||||||
{
|
{
|
||||||
u_char *tmp;
|
u_char *tmp;
|
||||||
size_t left;
|
size_t left;
|
||||||
|
char buf[256];
|
||||||
|
|
||||||
if (rrc == 0) {
|
if (rrc == 0) {
|
||||||
return 0;
|
return 0;
|
||||||
@@ -160,9 +161,12 @@ static krb5_error_code rrc_rotate(void *data,
|
|||||||
|
|
||||||
left = len - rrc;
|
left = len - rrc;
|
||||||
|
|
||||||
tmp = malloc(rrc);
|
if (rrc <= sizeof(buf)) {
|
||||||
if (tmp == NULL) {
|
tmp = buf;
|
||||||
return ENOMEM;
|
} else {
|
||||||
|
tmp = malloc(rrc);
|
||||||
|
if (tmp == NULL) {
|
||||||
|
return ENOMEM;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (unrotate) {
|
if (unrotate) {
|
||||||
@@ -175,7 +179,9 @@ static krb5_error_code rrc_rotate(void *data,
|
|||||||
memcpy(data, tmp, rrc);
|
memcpy(data, tmp, rrc);
|
||||||
}
|
}
|
||||||
|
|
||||||
free(tmp);
|
if (rrc > sizeof(buf))
|
||||||
|
free(tmp);
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -216,12 +222,8 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status,
|
|||||||
return GSS_S_FAILURE;
|
return GSS_S_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef GSS_C_DCE_STYLE
|
/* Always rotate encrypted token (if any) and checksum to header */
|
||||||
if (context_handle->flags & GSS_C_DCE_STYLE) {
|
rrc = (conf_req_flag ? sizeof(*token) : 0) + (u_int16_t)cksumsize;
|
||||||
/* Rotate encrypted token (if any) and checksum to header */
|
|
||||||
rrc = (conf_req_flag ? sizeof(*token) : 0) + (u_int16_t)cksumsize;
|
|
||||||
}
|
|
||||||
#endif /* GSS_C_DCE_STYLE */
|
|
||||||
|
|
||||||
output_message_buffer->length = wrapped_len;
|
output_message_buffer->length = wrapped_len;
|
||||||
output_message_buffer->value = malloc(output_message_buffer->length);
|
output_message_buffer->value = malloc(output_message_buffer->length);
|
||||||
@@ -245,8 +247,8 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status,
|
|||||||
* used to encode the size (in bytes) of the random filler.
|
* used to encode the size (in bytes) of the random filler.
|
||||||
*/
|
*/
|
||||||
token->Flags |= Sealed;
|
token->Flags |= Sealed;
|
||||||
token->EC[0] = (padlength >> 0) & 0xFF;
|
token->EC[0] = (padlength >> 8) & 0xFF;
|
||||||
token->EC[1] = (padlength >> 8) & 0xFF;
|
token->EC[1] = (padlength >> 0) & 0xFF;
|
||||||
} else {
|
} else {
|
||||||
/*
|
/*
|
||||||
* In Wrap tokens without confidentiality, the EC field is
|
* In Wrap tokens without confidentiality, the EC field is
|
||||||
@@ -328,8 +330,8 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status,
|
|||||||
return GSS_S_FAILURE;
|
return GSS_S_FAILURE;
|
||||||
}
|
}
|
||||||
assert(sizeof(*token) + cipher.length == wrapped_len);
|
assert(sizeof(*token) + cipher.length == wrapped_len);
|
||||||
token->RRC[0] = (rrc >> 0) & 0xFF;
|
token->RRC[0] = (rrc >> 8) & 0xFF;
|
||||||
token->RRC[1] = (rrc >> 8) & 0xFF;
|
token->RRC[1] = (rrc >> 0) & 0xFF;
|
||||||
|
|
||||||
ret = rrc_rotate(cipher.data, cipher.length, rrc, FALSE);
|
ret = rrc_rotate(cipher.data, cipher.length, rrc, FALSE);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
@@ -372,10 +374,10 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status,
|
|||||||
free(buf);
|
free(buf);
|
||||||
|
|
||||||
assert(cksum.checksum.length == cksumsize);
|
assert(cksum.checksum.length == cksumsize);
|
||||||
token->EC[0] = (cksum.checksum.length >> 0) & 0xFF;
|
token->EC[0] = (cksum.checksum.length >> 8) & 0xFF;
|
||||||
token->EC[1] = (cksum.checksum.length >> 8) & 0xFF;
|
token->EC[1] = (cksum.checksum.length >> 0) & 0xFF;
|
||||||
token->RRC[0] = (rrc >> 0) & 0xFF;
|
token->RRC[0] = (rrc >> 8) & 0xFF;
|
||||||
token->RRC[1] = (rrc >> 8) & 0xFF;
|
token->RRC[1] = (rrc >> 0) & 0xFF;
|
||||||
|
|
||||||
p += sizeof(*token);
|
p += sizeof(*token);
|
||||||
memcpy(p, input_message_buffer->value, input_message_buffer->length);
|
memcpy(p, input_message_buffer->value, input_message_buffer->length);
|
||||||
@@ -455,8 +457,8 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status,
|
|||||||
*conf_state = (token->Flags & Sealed) ? 1 : 0;
|
*conf_state = (token->Flags & Sealed) ? 1 : 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
ec = (token->EC[1] << 8) | token->EC[0];
|
ec = (token->EC[0] << 8) | token->EC[1];
|
||||||
rrc = (token->RRC[1] << 8) | token->RRC[0];
|
rrc = (token->RRC[0] << 8) | token->RRC[1];
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check sequence number
|
* Check sequence number
|
||||||
|
|||||||
Reference in New Issue
Block a user