Improve keysalt handling

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6443 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/kdb/ChangeLog b/src/lib/kdb/ChangeLog
index 7adf8e28ae5ce9a772e8f4136750d25fc4e40d98..4444164eabc6278cb7ad441542e44c3628cba630 100644 (file)
--- a/src/lib/kdb/ChangeLog
+++ b/src/lib/kdb/ChangeLog
@@ -1,4 +1,10 @@
 
+Mon Aug 7 17:40:10 EDT 1995    Paul Park       (pjpark@mit.edu)
+       * encrypt_key.c - Handle keysalt specification with null data length.
+       * decrypt_key.c - Handle salttypes with zero salt length.  Also, copy
+               out stored salt.
+
+
 Mon Aug 7 14:15:59 EDT 1995    Paul Park       (pjpark@mit.edu)
        * decrypt_key.c - Deserialize key length into a 16 bit integer, then
                jam it into the keyblock.

diff --git a/src/lib/kdb/decrypt_key.c b/src/lib/kdb/decrypt_key.c
index 9a46e845e94e26cb1a6520a916e3af9944ef1796..a735d63f38390a740438009837ebb81ae0cefa17 100644 (file)
--- a/src/lib/kdb/decrypt_key.c
+++ b/src/lib/kdb/decrypt_key.c
@@ -70,11 +70,17 @@ krb5_dbekd_decrypt_key_data(context, eblock, key_data, keyblock, keysalt)
     if (keysalt) {
        if (key_data->key_data_ver == 2) {
            keysalt->type = key_data->key_data_type[1];
-           keysalt->data.length = key_data->key_data_length[1];
-           if (!(keysalt->data.data = (char *)malloc(keysalt->data.length))){
-               krb5_xfree(keyblock->contents);
-               return ENOMEM;
+           if (keysalt->data.length = key_data->key_data_length[1]) {
+               if (!(keysalt->data.data =
+                     (char *)malloc(keysalt->data.length))){
+                   krb5_xfree(keyblock->contents);
+                   return ENOMEM;
+               }
+               memcpy(keysalt->data.data, key_data->key_data_contents[1],
+                      (size_t) keysalt->data.length);
            }
+           else
+               keysalt->data.data = (char *) NULL;
        } else {
            keysalt->type = KRB5_KDB_SALTTYPE_NORMAL;
            keysalt->data.length = 0;

diff --git a/src/lib/kdb/encrypt_key.c b/src/lib/kdb/encrypt_key.c
index bc2b0cb2daa6f4b23891739d595cea4ddcffebcc..cc8cf0be86b6a4450aeea01faca6cf3b21f6dbbf 100644 (file)
--- a/src/lib/kdb/encrypt_key.c
+++ b/src/lib/kdb/encrypt_key.c
@@ -93,18 +93,22 @@ krb5_dbekd_encrypt_key_data(context, eblock, keyblock, keysalt, keyver,key_data)
 
     /* After key comes the salt in necessary */
     if (keysalt) {
-       key_data->key_data_contents[1] =
-         (krb5_octet *)malloc(keysalt->data.length);
-       if (key_data->key_data_contents[1] == NULL) {
-           krb5_xfree(key_data->key_data_contents[0]);
-           return ENOMEM;
-       }
-       memcpy(key_data->key_data_contents[1],
-              keysalt->data.data,
-              (size_t) keysalt->data.length);
-       key_data->key_data_length[1] = keysalt->data.length;
        key_data->key_data_type[1] = keysalt->type;
-        key_data->key_data_ver++;
+       if (key_data->key_data_type[1] >= 0) {
+           key_data->key_data_ver++;
+           key_data->key_data_length[1] = keysalt->data.length;
+           if (keysalt && keysalt->data.length) {
+               key_data->key_data_contents[1] =
+                   (krb5_octet *)malloc(keysalt->data.length);
+               if (key_data->key_data_contents[1] == NULL) {
+                   krb5_xfree(key_data->key_data_contents[0]);
+                   return ENOMEM;
+               }
+               memcpy(key_data->key_data_contents[1],
+                      keysalt->data.data,
+                      (size_t) keysalt->data.length);
+           }
+       }
     }
     return retval;
 }