diff options
author | Richard Basch <probe@mit.edu> | 1996-05-15 01:05:28 +0000 |
---|---|---|
committer | Richard Basch <probe@mit.edu> | 1996-05-15 01:05:28 +0000 |
commit | c2c3e65ee8a65fe62adadd266f63cf53b407ba2a (patch) | |
tree | 111981655312c06562a56050be4af362d8d43ab7 /src/lib/gssapi | |
parent | 733b0ee31972af22ca4bdb870b3b5b460b9e7c66 (diff) | |
download | krb5-c2c3e65ee8a65fe62adadd266f63cf53b407ba2a.tar.gz krb5-c2c3e65ee8a65fe62adadd266f63cf53b407ba2a.tar.xz krb5-c2c3e65ee8a65fe62adadd266f63cf53b407ba2a.zip |
* k5seal.c k5unseal.c util_cksum.c:
setup krb5_checksum "contents" and "length" field prior to
calling krb5_calculate_checksum().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8029 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi')
-rw-r--r-- | src/lib/gssapi/krb5/ChangeLog | 6 | ||||
-rw-r--r-- | src/lib/gssapi/krb5/k5seal.c | 6 | ||||
-rw-r--r-- | src/lib/gssapi/krb5/k5unseal.c | 9 | ||||
-rw-r--r-- | src/lib/gssapi/krb5/util_cksum.c | 4 |
4 files changed, 14 insertions, 11 deletions
diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index b58ed1ee8..88112479a 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,9 @@ +Tue May 14 19:09:49 1996 Richard Basch <basch@lehman.com> + + * k5seal.c k5unseal.c util_cksum.c: + setup krb5_checksum "contents" and "length" field prior to + calling krb5_calculate_checksum(). + Tue May 14 04:42:11 1996 Theodore Y. Ts'o <tytso@mit.edu> * init_sec_context.c (make_ap_req): Change call to diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c index bb8818c99..4e5c78bd1 100644 --- a/src/lib/gssapi/krb5/k5seal.c +++ b/src/lib/gssapi/krb5/k5seal.c @@ -40,6 +40,7 @@ make_seal_token(context, enc_ed, seq_ed, seqnum, direction, text, token, krb5_error_code code; krb5_MD5_CTX md5; krb5_checksum desmac; + krb5_octet cbc_checksum[KRB5_MIT_DES_KEYSIZE]; int tmsglen, tlen; unsigned char *t, *ptr; @@ -146,6 +147,8 @@ make_seal_token(context, enc_ed, seq_ed, seqnum, direction, text, token, /* XXX this depends on the key being a single-des key, but that's all that kerberos supports right now */ + desmac.length = sizeof(cbc_checksum); + desmac.contents = cbc_checksum; if (code = krb5_calculate_checksum(context, CKSUMTYPE_DESCBC, md5.digest, 16, seq_ed->key->contents, seq_ed->key->length, @@ -156,9 +159,6 @@ make_seal_token(context, enc_ed, seq_ed, seqnum, direction, text, token, memcpy(ptr+14, desmac.contents, 8); - /* XXX krb5_free_checksum_contents? */ - xfree(desmac.contents); - /* create the seq_num */ if (code = kg_make_seq_num(seq_ed, direction?0:0xff, *seqnum, diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c index e8219de3f..1b4288c0c 100644 --- a/src/lib/gssapi/krb5/k5unseal.c +++ b/src/lib/gssapi/krb5/k5unseal.c @@ -49,6 +49,7 @@ kg_unseal(context, minor_status, context_handle, input_token_buffer, gss_buffer_desc token; unsigned char *ptr; krb5_checksum desmac; + krb5_octet cbc_checksum[KRB5_MIT_DES_KEYSIZE]; krb5_MD5_CTX md5; unsigned char *cksum; krb5_timestamp now; @@ -174,7 +175,8 @@ kg_unseal(context, minor_status, context_handle, input_token_buffer, /* XXX this depends on the key being a single-des key, but that's all that kerberos supports right now */ - + desmac.length = sizeof(cbc_checksum); + desmac.contents = cbc_checksum; if (code = krb5_calculate_checksum(context, CKSUMTYPE_DESCBC, md5.digest, 16, ctx->seq.key->contents, ctx->seq.key->length, @@ -217,17 +219,12 @@ kg_unseal(context, minor_status, context_handle, input_token_buffer, /* compare the computed checksum against the transmitted checksum */ if (memcmp(cksum, ptr+14, 8) != 0) { - if (signalg == 0) - xfree(desmac.contents); if ((toktype == KG_TOK_SEAL_MSG) || (toktype == KG_TOK_WRAP_MSG)) xfree(token.value); *minor_status = 0; return(GSS_S_BAD_SIG); } - if (signalg == 0) - xfree(desmac.contents); - /* XXX this is where the seq_num check would go */ /* it got through unscathed. Make sure the context is unexpired */ diff --git a/src/lib/gssapi/krb5/util_cksum.c b/src/lib/gssapi/krb5/util_cksum.c index b762aa1ac..0b46d0e5e 100644 --- a/src/lib/gssapi/krb5/util_cksum.c +++ b/src/lib/gssapi/krb5/util_cksum.c @@ -61,8 +61,8 @@ kg_checksum_channel_bindings(cb, cksum, bigend) return(ENOMEM); /* allocate the cksum contents buffer */ - if ((cksum->contents = (krb5_octet *) - xmalloc(krb5_checksum_size(context, CKSUMTYPE_RSA_MD5))) == NULL) { + cksum->length = krb5_checksum_size(context, CKSUMTYPE_RSA_MD5); + if ((cksum->contents = (krb5_octet *) xmalloc(cksum->length)) == NULL) { free(buf); return(ENOMEM); } |