summaryrefslogtreecommitdiffstats
path: root/source4/heimdal/lib/krb5/pac.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2008-03-19 10:17:42 +1100
committerAndrew Bartlett <abartlet@samba.org>2008-03-19 10:17:42 +1100
commit9e6b0c28712ee77ce878809c8576826a3ba08d95 (patch)
tree1a325e474fbc22b1a1cadaf53a3af2c36e8d5ad2 /source4/heimdal/lib/krb5/pac.c
parent3530099cf226d591b687715b63b144d243e52083 (diff)
downloadsamba-9e6b0c28712ee77ce878809c8576826a3ba08d95.tar.gz
samba-9e6b0c28712ee77ce878809c8576826a3ba08d95.tar.xz
samba-9e6b0c28712ee77ce878809c8576826a3ba08d95.zip
Merge lorikeet-heimdal -r 787 into Samba4 tree.
Andrew Bartlett (This used to be commit d88b530522d3cef67c24422bd5182fb875d87ee2)
Diffstat (limited to 'source4/heimdal/lib/krb5/pac.c')
-rw-r--r--source4/heimdal/lib/krb5/pac.c92
1 files changed, 45 insertions, 47 deletions
diff --git a/source4/heimdal/lib/krb5/pac.c b/source4/heimdal/lib/krb5/pac.c
index f7a5e83ea34..0b44ca1da38 100644
--- a/source4/heimdal/lib/krb5/pac.c
+++ b/source4/heimdal/lib/krb5/pac.c
@@ -32,8 +32,9 @@
*/
#include "krb5_locl.h"
+#include <wind.h>
-RCSID("$Id: pac.c 21149 2007-06-18 21:50:22Z lha $");
+RCSID("$Id: pac.c 22562 2008-02-03 17:38:35Z lha $");
struct PAC_INFO_BUFFER {
uint32_t type;
@@ -48,7 +49,7 @@ struct PACTYPE {
struct PAC_INFO_BUFFER buffers[1];
};
-struct krb5_pac {
+struct krb5_pac_data {
struct PACTYPE *pac;
krb5_data data;
struct PAC_INFO_BUFFER *server_checksum;
@@ -82,10 +83,10 @@ static const char zeros[PAC_ALIGNMENT] = { 0 };
krb5_error_code
krb5_pac_parse(krb5_context context, const void *ptr, size_t len,
- struct krb5_pac **pac)
+ krb5_pac *pac)
{
krb5_error_code ret;
- struct krb5_pac *p;
+ krb5_pac p;
krb5_storage *sp = NULL;
uint32_t i, tmp, tmp2, header_end;
@@ -216,10 +217,10 @@ out:
}
krb5_error_code
-krb5_pac_init(krb5_context context, struct krb5_pac **pac)
+krb5_pac_init(krb5_context context, krb5_pac *pac)
{
krb5_error_code ret;
- struct krb5_pac *p;
+ krb5_pac p;
p = calloc(1, sizeof(*p));
if (p == NULL) {
@@ -248,7 +249,7 @@ krb5_pac_init(krb5_context context, struct krb5_pac **pac)
}
krb5_error_code
-krb5_pac_add_buffer(krb5_context context, struct krb5_pac *p,
+krb5_pac_add_buffer(krb5_context context, krb5_pac p,
uint32_t type, const krb5_data *data)
{
krb5_error_code ret;
@@ -316,7 +317,7 @@ krb5_pac_add_buffer(krb5_context context, struct krb5_pac *p,
}
krb5_error_code
-krb5_pac_get_buffer(krb5_context context, struct krb5_pac *p,
+krb5_pac_get_buffer(krb5_context context, krb5_pac p,
uint32_t type, krb5_data *data)
{
krb5_error_code ret;
@@ -361,7 +362,7 @@ krb5_pac_get_buffer(krb5_context context, struct krb5_pac *p,
krb5_error_code
krb5_pac_get_types(krb5_context context,
- struct krb5_pac *p,
+ krb5_pac p,
size_t *len,
uint32_t **types)
{
@@ -385,7 +386,7 @@ krb5_pac_get_types(krb5_context context,
*/
void
-krb5_pac_free(krb5_context context, struct krb5_pac *pac)
+krb5_pac_free(krb5_context context, krb5_pac pac)
{
krb5_data_free(&pac->data);
free(pac->pac);
@@ -564,51 +565,48 @@ verify_logonname(krb5_context context,
ret = krb5_storage_read(sp, s, len);
if (ret != len) {
krb5_storage_free(sp);
- krb5_set_error_string(context, "Failed to read pac logon name");
+ krb5_set_error_string(context, "Failed to read PAC logon name");
return EINVAL;
}
krb5_storage_free(sp);
-#if 1 /* cheat for now */
- {
- size_t i;
-
- if (len & 1) {
- krb5_set_error_string(context, "PAC logon name malformed");
- return EINVAL;
- }
-
- for (i = 0; i < len / 2; i++) {
- if (s[(i * 2) + 1]) {
- krb5_set_error_string(context, "PAC logon name not ASCII");
- return EINVAL;
- }
- s[i] = s[i * 2];
- }
- s[i] = '\0';
- }
-#else
{
+ size_t ucs2len = len / 2;
uint16_t *ucs2;
- ssize_t ucs2len;
size_t u8len;
+ unsigned int flags = WIND_RW_LE;
- ucs2 = malloc(sizeof(ucs2[0]) * len / 2);
- if (ucs2)
- abort();
- ucs2len = wind_ucs2read(s, len / 2, ucs2);
+ ucs2 = malloc(sizeof(ucs2[0]) * ucs2len);
+ if (ucs2 == NULL) {
+ krb5_set_error_string(context, "malloc: out of memory");
+ return ENOMEM;
+ }
+ ret = wind_ucs2read(s, len, &flags, ucs2, &ucs2len);
free(s);
- if (len < 0)
- return -1;
- ret = wind_ucs2toutf8(ucs2, ucs2len, NULL, &u8len);
- if (ret < 0)
- abort();
- s = malloc(u8len + 1);
- if (s == NULL)
- abort();
- wind_ucs2toutf8(ucs2, ucs2len, s, &u8len);
+ if (ret) {
+ free(ucs2);
+ krb5_set_error_string(context, "Failed to convert string to UCS-2");
+ return ret;
+ }
+ ret = wind_ucs2utf8_length(ucs2, ucs2len, &u8len);
+ if (ret) {
+ free(ucs2);
+ krb5_set_error_string(context, "Failed to count length of UCS-2 string");
+ return ret;
+ }
+ u8len += 1; /* Add space for NUL */
+ s = malloc(u8len);
+ if (s == NULL) {
+ free(ucs2);
+ krb5_set_error_string(context, "malloc: out of memory");
+ return ENOMEM;
+ }
+ ret = wind_ucs2utf8(ucs2, ucs2len, s, &u8len);
free(ucs2);
+ if (ret) {
+ krb5_set_error_string(context, "Failed to convert to UTF-8");
+ return ret;
+ }
}
-#endif
ret = krb5_parse_name_flags(context, s, KRB5_PRINCIPAL_PARSE_NO_REALM, &p2);
free(s);
if (ret)
@@ -703,7 +701,7 @@ out:
krb5_error_code
krb5_pac_verify(krb5_context context,
- const struct krb5_pac *pac,
+ const krb5_pac pac,
time_t authtime,
krb5_const_principal principal,
const krb5_keyblock *server,
@@ -840,7 +838,7 @@ pac_checksum(krb5_context context,
krb5_error_code
_krb5_pac_sign(krb5_context context,
- struct krb5_pac *p,
+ krb5_pac p,
time_t authtime,
krb5_principal principal,
const krb5_keyblock *server_key,