diff options
| author | Ezra Peisach <epeisach@mit.edu> | 2001-07-04 14:56:41 +0000 |
|---|---|---|
| committer | Ezra Peisach <epeisach@mit.edu> | 2001-07-04 14:56:41 +0000 |
| commit | d45c287d2d789e6e7703144fa13628a12a842271 (patch) | |
| tree | 5997d3e8984510ff7eb5c1f7a167c1be0661b548 /src | |
| parent | 1854df3ef4bad13a7f71a567cc2878759359387e (diff) | |
| download | krb5-d45c287d2d789e6e7703144fa13628a12a842271.tar.gz krb5-d45c287d2d789e6e7703144fa13628a12a842271.tar.xz krb5-d45c287d2d789e6e7703144fa13628a12a842271.zip | |
* secure.c: Instead of hard wiring the FUDGE_FACTOR, new
variables to keep track of the total buffer length desired and
the actual maximum that can be fitted. Add
secure_determine_constants() to determine the mechanism
dependent overhead. This has a hard limit for krb4 - for
gssapi use gss_wrap_size_limit.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13553 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/appl/gssftp/ftp/ChangeLog | 8 | ||||
| -rw-r--r-- | src/appl/gssftp/ftp/secure.c | 75 |
2 files changed, 65 insertions, 18 deletions
diff --git a/src/appl/gssftp/ftp/ChangeLog b/src/appl/gssftp/ftp/ChangeLog index eea5fba37..be49ce6f6 100644 --- a/src/appl/gssftp/ftp/ChangeLog +++ b/src/appl/gssftp/ftp/ChangeLog @@ -1,3 +1,11 @@ +2001-07-03 Ezra Peisach <epeisach@mit.edu> + + * secure.c: Instead of hard wiring the FUDGE_FACTOR, new variables + to keep track of the total buffer length desired and the actual + maximum that can be fitted. Add secure_determine_constants() to + determine the mechanism dependent overhead. This has a hard limit + for krb4 - for gssapi use gss_wrap_size_limit. + 2001-06-15 Ezra Peisach <epeisach@mit.edu> * cmds.c, domacro.c: Cast arguments to isspace() and isdigit() diff --git a/src/appl/gssftp/ftp/secure.c b/src/appl/gssftp/ftp/secure.c index 32b190d8f..7062345f5 100644 --- a/src/appl/gssftp/ftp/secure.c +++ b/src/appl/gssftp/ftp/secure.c @@ -3,7 +3,6 @@ * secure read(), write(), getc(), and putc(). * Only one security context, thus only work on one fd at a time! */ - #ifdef GSSAPI #include <gssapi/gssapi.h> #include <gssapi/gssapi_generic.h> @@ -70,24 +69,19 @@ extern unsigned int maxbuf; /* maximum output buffer size */ extern unsigned char *ucbuf; /* cleartext buffer */ static unsigned int nout; /* number of chars in ucbuf, * pointer into ucbuf */ +static unsigned int smaxbuf; /* Internal saved value of maxbuf + in case changes on us */ +static unsigned int smaxqueue; /* Maximum allowed to queue before + flush buffer. < smaxbuf by fudgefactor */ #ifdef KRB5_KRB4_COMPAT -#define FUDGE_FACTOR 32 /* Amount of growth +#define KRB4_FUDGE_FACTOR 32 /* Amount of growth * from cleartext to ciphertext. * krb_mk_priv adds this # bytes. * Must be defined for each auth type. */ #endif /* KRB5_KRB4_COMPAT */ -#ifdef GSSAPI -#undef FUDGE_FACTOR -#define FUDGE_FACTOR 64 /*It appears to add 52 byts, but I'm not usre it is a constant--hartmans*/ -#endif /*GSSAPI*/ - -#ifndef FUDGE_FACTOR /* In case no auth types define it. */ -#define FUDGE_FACTOR 0 -#endif - #ifdef KRB5_KRB4_COMPAT /* XXX - The following must be redefined if KERBEROS_V4 is not used * but some other auth type is. They must have the same properties. */ @@ -153,6 +147,45 @@ looping_read(fd, buf, len) #define ERR -2 +/* + * Given maxbuf as a buffer size, determine how much can we + * really transfer given the overhead of different algorithms + * + * Sets smaxbuf and smaxqueue + */ + +static int secure_determine_constants() +{ + smaxbuf = maxbuf; + smaxqueue = maxbuf; + +#ifdef KRB5_KRB4_COMPAT + /* For KRB4 - we know the fudge factor to be 32 */ + if (strcmp(auth_type, "KERBEROS_V4") == 0) { + smaxqueue = smaxbuf - KRB4_FUDGE_FACTOR; + } +#endif +#ifdef GSSAPI + if (strcmp(auth_type, "GSSAPI") == 0) { + OM_uint32 maj_stat, min_stat, mlen; + OM_uint32 msize = maxbuf; + maj_stat = gss_wrap_size_limit(&min_stat, gcontext, + (dlevel == PROT_P), + GSS_C_QOP_DEFAULT, + msize, &mlen); + if (maj_stat != GSS_S_COMPLETE) { + secure_gss_error(maj_stat, min_stat, + "GSSAPI fudge determination"); + /* Return error how? */ + return ERR; + } + smaxqueue = mlen; + } +#endif + + return 0; +} + static int secure_putbyte(fd, c) int fd; @@ -160,13 +193,17 @@ unsigned char c; { int ret; + if ((smaxbuf == 0) || (smaxqueue == 0) || (smaxbuf != maxbuf)) { + ret = secure_determine_constants(); + if (ret) return ret; + } ucbuf[nout++] = c; - if (nout == MAX - FUDGE_FACTOR) { + if (nout == smaxqueue) { nout = 0; - ret = secure_putbuf(fd, ucbuf, MAX - FUDGE_FACTOR); + ret = secure_putbuf(fd, ucbuf, smaxqueue); return(ret?ret:c); } -return (c); + return (c); } /* returns: @@ -240,14 +277,16 @@ unsigned int nbyte; static unsigned int bufsize; /* size of outbuf */ ftp_int32 length; ftp_uint32 net_len; + unsigned int fudge = smaxbuf - smaxqueue; /* Difference in length + buffer lengths required */ /* Other auth types go here ... */ #ifdef KRB5_KRB4_COMPAT - if (bufsize < nbyte + FUDGE_FACTOR) { + if (bufsize < nbyte + fudge) { if (outbuf? - (outbuf = realloc(outbuf, (unsigned) (nbyte + FUDGE_FACTOR))): - (outbuf = malloc((unsigned) (nbyte + FUDGE_FACTOR)))) { - bufsize =nbyte + FUDGE_FACTOR; + (outbuf = realloc(outbuf, (unsigned) (nbyte + fudge))): + (outbuf = malloc((unsigned) (nbyte + fudge)))) { + bufsize = nbyte + fudge; } else { bufsize = 0; secure_error("%s (in malloc of PROT buffer)", |