diff options
| author | Tom Yu <tlyu@mit.edu> | 2000-04-08 07:36:03 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2000-04-08 07:36:03 +0000 |
| commit | 5c233a91278a667b484cf9dca9a0d75726acb253 (patch) | |
| tree | b99c1f0ba8f3e0b85c2181f4ecdffa72cd947c1f /src/lib | |
| parent | 7e5fa8ca9887946bdb2993ceef9fee4e7da69f13 (diff) | |
| download | krb5-5c233a91278a667b484cf9dca9a0d75726acb253.tar.gz krb5-5c233a91278a667b484cf9dca9a0d75726acb253.tar.xz krb5-5c233a91278a667b484cf9dca9a0d75726acb253.zip | |
* wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix up
wrap_size_limit() to deal with integrity wrap tokens properly.
The rfc1964 mech always pads and confounds regardless of whether
confidentiality is requested.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12155 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/gssapi/krb5/ChangeLog | 7 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/wrap_size_limit.c | 9 |
2 files changed, 11 insertions, 5 deletions
diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index 06639d4040..81be5ee0eb 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,10 @@ +2000-04-08 Tom Yu <tlyu@mit.edu> + + * wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix up + wrap_size_limit() to deal with integrity wrap tokens properly. + The rfc1964 mech always pads and confounds regardless of whether + confidentiality is requested. + 2000-01-27 Ken Raeburn <raeburn@raeburn.org> * init_sec_context.c (krb5_gss_init_sec_context): Default to diff --git a/src/lib/gssapi/krb5/wrap_size_limit.c b/src/lib/gssapi/krb5/wrap_size_limit.c index f7fee73cdf..d71a3f8647 100644 --- a/src/lib/gssapi/krb5/wrap_size_limit.c +++ b/src/lib/gssapi/krb5/wrap_size_limit.c @@ -157,10 +157,8 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag, /* Calculate the token size and subtract that from the output size */ overhead = 7 + ctx->mech_used->length; data_size = req_output_size; - if (conf_req_flag) { - conflen = kg_confounder_size(context, ctx->enc); - data_size = (conflen + data_size + 8) & (~7); - } + conflen = kg_confounder_size(context, ctx->enc); + data_size = (conflen + data_size + 8) & (~(OM_uint32)7); ohlen = g_token_size((gss_OID) ctx->mech_used, (unsigned int) (data_size + ctx->cksum_size + 14)) - req_output_size; @@ -170,7 +168,8 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag, * Cannot have trailer length that will cause us to pad over * our length */ - *max_input_size = (req_output_size - ohlen - overhead) & (~7); + *max_input_size = (req_output_size - ohlen - overhead) + & (~(OM_uint32)7); else *max_input_size = 0; } |