summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKen Raeburn <raeburn@mit.edu>2002-04-06 01:47:59 +0000
committerKen Raeburn <raeburn@mit.edu>2002-04-06 01:47:59 +0000
commit912d4caa379df94d4c82001bed40aa3858b525f0 (patch)
treefc7e1f44f091fade60e0d10e906ef6a7c30df847
parent7a7abd3b16d31acd862145157b931ebaa151f28a (diff)
downloadkrb5-912d4caa379df94d4c82001bed40aa3858b525f0.tar.gz
krb5-912d4caa379df94d4c82001bed40aa3858b525f0.tar.xz
krb5-912d4caa379df94d4c82001bed40aa3858b525f0.zip
call krb5_c_ versions of enctype/cksumtype checking routines
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14367 dc483132-0cff-0310-8789-dd5450dbe970
-rw-r--r--src/kadmin/dbutil/ChangeLog7
-rw-r--r--src/kadmin/dbutil/kdb5_stash.c6
-rw-r--r--src/kadmin/dbutil/kdb5_util.c4
-rw-r--r--src/kadmin/dbutil/loadv4.c6
-rw-r--r--src/kdc/ChangeLog8
-rw-r--r--src/kdc/do_as_req.c10
-rw-r--r--src/kdc/do_tgs_req.c2
-rw-r--r--src/kdc/kdc_util.c6
-rw-r--r--src/lib/krb5/krb/ChangeLog18
-rw-r--r--src/lib/krb5/krb/decrypt_tk.c2
-rw-r--r--src/lib/krb5/krb/encode_kdc.c2
-rw-r--r--src/lib/krb5/krb/gc_frm_kdc.c6
-rw-r--r--src/lib/krb5/krb/gic_keytab.c2
-rw-r--r--src/lib/krb5/krb/in_tkt_ktb.c2
-rw-r--r--src/lib/krb5/krb/in_tkt_sky.c2
-rw-r--r--src/lib/krb5/krb/init_ctx.c4
-rw-r--r--src/lib/krb5/krb/mk_safe.c5
-rw-r--r--src/lib/krb5/krb/rd_safe.c6
-rw-r--r--src/lib/krb5/krb/send_tgs.c2
-rw-r--r--src/tests/create/ChangeLog5
-rw-r--r--src/tests/create/kdb5_mkdums.c6
-rw-r--r--src/tests/verify/ChangeLog5
-rw-r--r--src/tests/verify/kdb5_verify.c6
23 files changed, 83 insertions, 39 deletions
diff --git a/src/kadmin/dbutil/ChangeLog b/src/kadmin/dbutil/ChangeLog
index de2ba00d71..af9b184969 100644
--- a/src/kadmin/dbutil/ChangeLog
+++ b/src/kadmin/dbutil/ChangeLog
@@ -1,3 +1,10 @@
+2002-04-05 Ken Raeburn <raeburn@mit.edu>
+
+ * kdb5_stash.c (kdb5_stash): Call krb5_c_valid_enctype instead of
+ valid_enctype.
+ * kdb5_util.c (main, open_db_and_mkey): Likewise.
+ * loadv4.c (load_v4db): Likewise.
+
2002-01-08 Sam Hartman <hartmans@mit.edu>
* kdb5_create.c (kdb5_create): Load strong random data
diff --git a/src/kadmin/dbutil/kdb5_stash.c b/src/kadmin/dbutil/kdb5_stash.c
index 0c6aed5ca4..37db048ac8 100644
--- a/src/kadmin/dbutil/kdb5_stash.c
+++ b/src/kadmin/dbutil/kdb5_stash.c
@@ -70,8 +70,8 @@ extern int close_policy_db;
void
kdb5_stash(argc, argv)
-int argc;
-char *argv[];
+ int argc;
+ char *argv[];
{
extern char *optarg;
extern int optind;
@@ -110,7 +110,7 @@ char *argv[];
}
}
- if (!valid_enctype(master_keyblock.enctype)) {
+ if (!krb5_c_valid_enctype(master_keyblock.enctype)) {
char tmp[32];
if (krb5_enctype_to_string(master_keyblock.enctype, tmp, sizeof(tmp)))
com_err(argv[0], KRB5_PROG_KEYTYPE_NOSUPP,
diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c
index d44f867147..bace2fae42 100644
--- a/src/kadmin/dbutil/kdb5_util.c
+++ b/src/kadmin/dbutil/kdb5_util.c
@@ -230,7 +230,7 @@ int main(argc, argv)
master_keyblock.enctype = global_params.enctype;
if ((master_keyblock.enctype != ENCTYPE_UNKNOWN) &&
- (!valid_enctype(master_keyblock.enctype))) {
+ (!krb5_c_valid_enctype(master_keyblock.enctype))) {
com_err(argv[0], KRB5_PROG_KEYTYPE_NOSUPP,
"while setting up enctype %d", master_keyblock.enctype);
}
@@ -369,7 +369,7 @@ static int open_db_and_mkey()
/* If no encryption type is set, use the default */
if (master_keyblock.enctype == ENCTYPE_UNKNOWN) {
master_keyblock.enctype = DEFAULT_KDC_ENCTYPE;
- if (!valid_enctype(master_keyblock.enctype))
+ if (!krb5_c_valid_enctype(master_keyblock.enctype))
com_err(progname, KRB5_PROG_KEYTYPE_NOSUPP,
"while setting up enctype %d",
master_keyblock.enctype);
diff --git a/src/kadmin/dbutil/loadv4.c b/src/kadmin/dbutil/loadv4.c
index 74710884cc..7ddba43c04 100644
--- a/src/kadmin/dbutil/loadv4.c
+++ b/src/kadmin/dbutil/loadv4.c
@@ -154,8 +154,8 @@ static krb5_principal_data db_create_princ = {
void
load_v4db(argc, argv)
-int argc;
-char *argv[];
+ int argc;
+ char *argv[];
{
krb5_error_code retval;
/* The kdb library will default to this, but it is convenient to
@@ -247,7 +247,7 @@ char *argv[];
return;
}
- if (!valid_enctype(master_keyblock.enctype)) {
+ if (!krb5_c_valid_enctype(master_keyblock.enctype)) {
com_err(PROGNAME, KRB5_PROG_KEYTYPE_NOSUPP,
"while setting up enctype %d", master_keyblock.enctype);
krb5_free_context(context);
diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index 9a70906801..1805af0977 100644
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,3 +1,11 @@
+2002-04-05 Ken Raeburn <raeburn@mit.edu>
+
+ * do_as_req.c (process_as_req): Call krb5_c_valid_enctype instead
+ of valid_enctype.
+ * do_tgs_req.c (process_tgs_req): Likewise.
+ * kdc_util.c (select_session_keytype): Likewise.
+ (comp_cksum): Similarly for valid_cksumtype, is_coll_proof_cksum.
+
2002-02-20 Ken Raeburn <raeburn@mit.edu>
* network.c: Include foreachaddr.c.
diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c
index 8ccada4c70..45ef811787 100644
--- a/src/kdc/do_as_req.c
+++ b/src/kdc/do_as_req.c
@@ -51,10 +51,10 @@ static krb5_error_code prepare_error_as (krb5_kdc_req *, int, krb5_data *,
/*ARGSUSED*/
krb5_error_code
process_as_req(request, from, portnum, response)
-register krb5_kdc_req *request;
-const krb5_fulladdr *from; /* who sent it ? */
-int portnum;
-krb5_data **response; /* filled in with a response packet */
+ krb5_kdc_req *request;
+ const krb5_fulladdr *from; /* who sent it ? */
+ int portnum;
+ krb5_data **response; /* filled in with a response packet */
{
krb5_db_entry client, server;
@@ -338,7 +338,7 @@ krb5_data **response; /* filled in with a response packet */
client_key = (krb5_key_data *) NULL;
for (i = 0; i < request->nktypes; i++) {
useenctype = request->ktype[i];
- if (!valid_enctype(useenctype))
+ if (!krb5_c_valid_enctype(useenctype))
continue;
if (!krb5_dbe_find_enctype(kdc_context, &client, useenctype, -1,
diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
index 2da823cbe1..ce1047947d 100644
--- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
@@ -238,7 +238,7 @@ tgt_again:
}
etype = request->second_ticket[st_idx]->enc_part2->session->enctype;
- if (!valid_enctype(etype)) {
+ if (!krb5_c_valid_enctype(etype)) {
status = "BAD_ETYPE_IN_2ND_TKT";
errcode = KRB5KDC_ERR_ETYPE_NOSUPP;
goto cleanup;
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index c0c35dad46..779d0a80fc 100644
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -179,11 +179,11 @@ comp_cksum(kcontext, source, ticket, his_cksum)
krb5_error_code retval;
krb5_boolean valid;
- if (!valid_cksumtype(his_cksum->checksum_type))
+ if (!krb5_c_valid_cksumtype(his_cksum->checksum_type))
return KRB5KDC_ERR_SUMTYPE_NOSUPP;
/* must be collision proof */
- if (!is_coll_proof_cksum(his_cksum->checksum_type))
+ if (!krb5_c_is_coll_proof_cksum(his_cksum->checksum_type))
return KRB5KRB_AP_ERR_INAPP_CKSUM;
/* verify checksum */
@@ -1456,7 +1456,7 @@ select_session_keytype(context, server, nktypes, ktype)
int i;
for (i = 0; i < nktypes; i++) {
- if (!valid_enctype(ktype[i]))
+ if (!krb5_c_valid_enctype(ktype[i]))
continue;
if (!krb5_is_permitted_enctype(context, ktype[i]))
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index f2d3ac21f7..9e062c3e7b 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,21 @@
+2002-04-05 Ken Raeburn <raeburn@mit.edu>
+
+ * decrypt_tk.c (krb5_decrypt_tkt_part): Call krb5_c_valid_enctype
+ instead of valid_enctype.
+ * encode_kdc.c (krb5_encode_kdc_rep): Likewise.
+ * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Likewise.
+ * gic_keytab.c (krb5_get_as_key_keytab): Likewise.
+ * in_tkt_ktb.c (keytab_keyproc): Likewise.
+ * in_tkt_sky.c (skey_keyproc): Likewise.
+ * init_ctx.c (krb5_set_default_in_tkt_ktypes,
+ krb5_set_default_tgs_enctypes): Likewise.
+ * send_tgs.c (krb5_send_tgs): Likewise.
+
+ * mk_safe.c (krb5_mk_safe_basic): Call krb5_c_valid_cksumtype,
+ krb5_c_is_coll_proof_cksum, krb5_c_is_keyed_cksum instead of
+ non-prefixed forms.
+ * rd_safe.c (krb5_rd_safe_basic): Likewise.
+
2002-03-28 Sam Hartman <hartmans@mit.edu>
* Makefile.in : New file init_keyblock.c
diff --git a/src/lib/krb5/krb/decrypt_tk.c b/src/lib/krb5/krb/decrypt_tk.c
index c8b35d4429..d1c44ba02d 100644
--- a/src/lib/krb5/krb/decrypt_tk.c
+++ b/src/lib/krb5/krb/decrypt_tk.c
@@ -48,7 +48,7 @@ krb5_decrypt_tkt_part(context, srv_key, ticket)
krb5_data scratch;
krb5_error_code retval;
- if (!valid_enctype(ticket->enc_part.enctype))
+ if (!krb5_c_valid_enctype(ticket->enc_part.enctype))
return KRB5_PROG_ETYPE_NOSUPP;
scratch.length = ticket->enc_part.ciphertext.length;
diff --git a/src/lib/krb5/krb/encode_kdc.c b/src/lib/krb5/krb/encode_kdc.c
index 3b0410dd31..fb19f3fc41 100644
--- a/src/lib/krb5/krb/encode_kdc.c
+++ b/src/lib/krb5/krb/encode_kdc.c
@@ -59,7 +59,7 @@ krb5_encode_kdc_rep(context, type, encpart, using_subkey, client_key,
krb5_enc_kdc_rep_part tmp_encpart;
krb5_keyusage usage;
- if (!valid_enctype(dec_rep->enc_part.enctype))
+ if (!krb5_c_valid_enctype(dec_rep->enc_part.enctype))
return KRB5_PROG_ETYPE_NOSUPP;
switch (type) {
diff --git a/src/lib/krb5/krb/gc_frm_kdc.c b/src/lib/krb5/krb/gc_frm_kdc.c
index 25ae0a6018..26f195b264 100644
--- a/src/lib/krb5/krb/gc_frm_kdc.c
+++ b/src/lib/krb5/krb/gc_frm_kdc.c
@@ -230,7 +230,7 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt)
/* didn't find it in the cache so try and get one */
/* with current tgt. */
- if (!valid_enctype(tgt.keyblock.enctype)) {
+ if (!krb5_c_valid_enctype(tgt.keyblock.enctype)) {
retval = KRB5_PROG_ETYPE_NOSUPP;
goto cleanup;
}
@@ -291,7 +291,7 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt)
/* not in the cache so try and get one with our current tgt. */
- if (!valid_enctype(tgt.keyblock.enctype)) {
+ if (!krb5_c_valid_enctype(tgt.keyblock.enctype)) {
retval = KRB5_PROG_ETYPE_NOSUPP;
goto cleanup;
}
@@ -375,7 +375,7 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt)
/* got/finally have tgt! try for the creds */
- if (!valid_enctype(tgt.keyblock.enctype)) {
+ if (!krb5_c_valid_enctype(tgt.keyblock.enctype)) {
retval = KRB5_PROG_ETYPE_NOSUPP;
goto cleanup;
}
diff --git a/src/lib/krb5/krb/gic_keytab.c b/src/lib/krb5/krb/gic_keytab.c
index 461940657c..4fd0aed933 100644
--- a/src/lib/krb5/krb/gic_keytab.c
+++ b/src/lib/krb5/krb/gic_keytab.c
@@ -28,7 +28,7 @@ krb5_get_as_key_keytab(
as_key->length = 0;
}
- if (!valid_enctype(etype))
+ if (!krb5_c_valid_enctype(etype))
return(KRB5_PROG_ETYPE_NOSUPP);
if ((ret = krb5_kt_get_entry(context, keytab, client,
diff --git a/src/lib/krb5/krb/in_tkt_ktb.c b/src/lib/krb5/krb/in_tkt_ktb.c
index 9991c97093..5d8cf3c6de 100644
--- a/src/lib/krb5/krb/in_tkt_ktb.c
+++ b/src/lib/krb5/krb/in_tkt_ktb.c
@@ -64,7 +64,7 @@ keytab_keyproc(context, type, salt, keyseed, key)
kt_id = arg->keytab;
- if (!valid_enctype(type))
+ if (!krb5_c_valid_enctype(type))
return KRB5_PROG_ETYPE_NOSUPP;
if (kt_id == NULL)
diff --git a/src/lib/krb5/krb/in_tkt_sky.c b/src/lib/krb5/krb/in_tkt_sky.c
index 245a03243c..168ada5667 100644
--- a/src/lib/krb5/krb/in_tkt_sky.c
+++ b/src/lib/krb5/krb/in_tkt_sky.c
@@ -61,7 +61,7 @@ skey_keyproc(context, type, salt, keyseed, key)
keyblock = (const krb5_keyblock *)keyseed;
- if (!valid_enctype(type))
+ if (!krb5_c_valid_enctype(type))
return KRB5_PROG_ETYPE_NOSUPP;
if ((retval = krb5_copy_keyblock(context, keyblock, &realkey)))
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
index 79a1cb09e3..c2477c5e22 100644
--- a/src/lib/krb5/krb/init_ctx.c
+++ b/src/lib/krb5/krb/init_ctx.c
@@ -273,7 +273,7 @@ krb5_set_default_in_tkt_ktypes(context, ktypes)
if (ktypes) {
for (i = 0; ktypes[i]; i++) {
- if (!valid_enctype(ktypes[i]))
+ if (!krb5_c_valid_enctype(ktypes[i]))
return KRB5_PROG_ETYPE_NOSUPP;
}
@@ -400,7 +400,7 @@ krb5_set_default_tgs_enctypes (context, ktypes)
if (ktypes) {
for (i = 0; ktypes[i]; i++) {
- if (!valid_enctype(ktypes[i]))
+ if (!krb5_c_valid_enctype(ktypes[i]))
return KRB5_PROG_ETYPE_NOSUPP;
}
diff --git a/src/lib/krb5/krb/mk_safe.c b/src/lib/krb5/krb/mk_safe.c
index eef712007a..d34f88668a 100644
--- a/src/lib/krb5/krb/mk_safe.c
+++ b/src/lib/krb5/krb/mk_safe.c
@@ -64,9 +64,10 @@ krb5_mk_safe_basic(context, userdata, keyblock, replaydata, local_addr,
krb5_checksum safe_checksum;
krb5_data *scratch1, *scratch2;
- if (!valid_cksumtype(sumtype))
+ if (!krb5_c_valid_cksumtype(sumtype))
return KRB5_PROG_SUMTYPE_NOSUPP;
- if (!is_coll_proof_cksum(sumtype) || !is_keyed_cksum(sumtype))
+ if (!krb5_c_is_coll_proof_cksum(sumtype)
+ || !krb5_c_is_keyed_cksum(sumtype))
return KRB5KRB_AP_ERR_INAPP_CKSUM;
safemsg.user_data = *userdata;
diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c
index a7f87b23da..200a338cb3 100644
--- a/src/lib/krb5/krb/rd_safe.c
+++ b/src/lib/krb5/krb/rd_safe.c
@@ -70,12 +70,12 @@ krb5_rd_safe_basic(context, inbuf, keyblock, recv_addr, sender_addr,
if ((retval = decode_krb5_safe(inbuf, &message)))
return retval;
- if (!valid_cksumtype(message->checksum->checksum_type)) {
+ if (!krb5_c_valid_cksumtype(message->checksum->checksum_type)) {
retval = KRB5_PROG_SUMTYPE_NOSUPP;
goto cleanup;
}
- if (!is_coll_proof_cksum(message->checksum->checksum_type) ||
- !is_keyed_cksum(message->checksum->checksum_type)) {
+ if (!krb5_c_is_coll_proof_cksum(message->checksum->checksum_type) ||
+ !krb5_c_is_keyed_cksum(message->checksum->checksum_type)) {
retval = KRB5KRB_AP_ERR_INAPP_CKSUM;
goto cleanup;
}
diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c
index 4526002013..341296cb33 100644
--- a/src/lib/krb5/krb/send_tgs.c
+++ b/src/lib/krb5/krb/send_tgs.c
@@ -197,7 +197,7 @@ krb5_send_tgs(context, kdcoptions, timestruct, ktypes, sname, addrs,
if (ktypes) {
/* Check passed ktypes and make sure they're valid. */
for (tgsreq.nktypes = 0; ktypes[tgsreq.nktypes]; tgsreq.nktypes++) {
- if (!valid_enctype(ktypes[tgsreq.nktypes]))
+ if (!krb5_c_valid_enctype(ktypes[tgsreq.nktypes]))
return KRB5_PROG_ETYPE_NOSUPP;
}
tgsreq.ktype = (krb5_enctype *)ktypes;
diff --git a/src/tests/create/ChangeLog b/src/tests/create/ChangeLog
index c9e18d510f..7c24a40db1 100644
--- a/src/tests/create/ChangeLog
+++ b/src/tests/create/ChangeLog
@@ -1,3 +1,8 @@
+2002-04-05 Ken Raeburn <raeburn@mit.edu>
+
+ * kdb5_mkdums.c (main): Call krb5_c_valid_enctype instead of
+ valid_enctype.
+
2001-11-19 Ezra Peisach <epeisach@mit.edu>
* kdb5_mkdums.c (main): Invoke krb5_free_context when finished.
diff --git a/src/tests/create/kdb5_mkdums.c b/src/tests/create/kdb5_mkdums.c
index 3275395804..d9c34062da 100644
--- a/src/tests/create/kdb5_mkdums.c
+++ b/src/tests/create/kdb5_mkdums.c
@@ -81,8 +81,8 @@ void add_princ (krb5_context, char *);
int
main(argc, argv)
-int argc;
-char *argv[];
+ int argc;
+ char *argv[];
{
extern char *optarg;
int optchar, i, n;
@@ -159,7 +159,7 @@ char *argv[];
if (!enctypedone)
master_keyblock.enctype = DEFAULT_KDC_ENCTYPE;
- if (!valid_enctype(master_keyblock.enctype)) {
+ if (!krb5_c_valid_enctype(master_keyblock.enctype)) {
com_err(progname, KRB5_PROG_ETYPE_NOSUPP,
"while setting up enctype %d", master_keyblock.enctype);
exit(1);
diff --git a/src/tests/verify/ChangeLog b/src/tests/verify/ChangeLog
index 39c3982c21..6ce4abd064 100644
--- a/src/tests/verify/ChangeLog
+++ b/src/tests/verify/ChangeLog
@@ -1,3 +1,8 @@
+2002-04-05 Ken Raeburn <raeburn@mit.edu>
+
+ * kdb5_verify.c (main): Call krb5_c_valid_enctype instead of
+ valid_enctype.
+
2001-11-19 Ezra Peisach <epeisach@mit.edu>
* kdb5_verify.c (main): Use krb5_free_unparsed_name() to free up
diff --git a/src/tests/verify/kdb5_verify.c b/src/tests/verify/kdb5_verify.c
index 1127c7fda0..878104d0a7 100644
--- a/src/tests/verify/kdb5_verify.c
+++ b/src/tests/verify/kdb5_verify.c
@@ -82,8 +82,8 @@ int check_princ (krb5_context, char *);
int
main(argc, argv)
-int argc;
-char *argv[];
+ int argc;
+ char *argv[];
{
extern char *optarg;
int optchar, i, n;
@@ -153,7 +153,7 @@ char *argv[];
if (!enctypedone)
master_keyblock.enctype = DEFAULT_KDC_ENCTYPE;
- if (!valid_enctype(master_keyblock.enctype)) {
+ if (!krb5_c_valid_enctype(master_keyblock.enctype)) {
com_err(progname, KRB5_PROG_ETYPE_NOSUPP,
"while setting up enctype %d", master_keyblock.enctype);
exit(1);