setup krb5_checksum "contents" and "length" field prior to
calling krb5_calculate_checksum().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8029
dc483132-0cff-0310-8789-
dd5450dbe970
+Tue May 14 19:09:49 1996 Richard Basch <basch@lehman.com>
+
+ * k5seal.c k5unseal.c util_cksum.c:
+ setup krb5_checksum "contents" and "length" field prior to
+ calling krb5_calculate_checksum().
+
Tue May 14 04:42:11 1996 Theodore Y. Ts'o <tytso@mit.edu>
* init_sec_context.c (make_ap_req): Change call to
krb5_error_code code;
krb5_MD5_CTX md5;
krb5_checksum desmac;
+ krb5_octet cbc_checksum[KRB5_MIT_DES_KEYSIZE];
int tmsglen, tlen;
unsigned char *t, *ptr;
/* XXX this depends on the key being a single-des key, but that's
all that kerberos supports right now */
+ desmac.length = sizeof(cbc_checksum);
+ desmac.contents = cbc_checksum;
if (code = krb5_calculate_checksum(context, CKSUMTYPE_DESCBC, md5.digest, 16,
seq_ed->key->contents,
seq_ed->key->length,
memcpy(ptr+14, desmac.contents, 8);
- /* XXX krb5_free_checksum_contents? */
- xfree(desmac.contents);
-
/* create the seq_num */
if (code = kg_make_seq_num(seq_ed, direction?0:0xff, *seqnum,
gss_buffer_desc token;
unsigned char *ptr;
krb5_checksum desmac;
+ krb5_octet cbc_checksum[KRB5_MIT_DES_KEYSIZE];
krb5_MD5_CTX md5;
unsigned char *cksum;
krb5_timestamp now;
/* XXX this depends on the key being a single-des key, but that's
all that kerberos supports right now */
-
+ desmac.length = sizeof(cbc_checksum);
+ desmac.contents = cbc_checksum;
if (code = krb5_calculate_checksum(context, CKSUMTYPE_DESCBC, md5.digest,
16, ctx->seq.key->contents,
ctx->seq.key->length,
/* compare the computed checksum against the transmitted checksum */
if (memcmp(cksum, ptr+14, 8) != 0) {
- if (signalg == 0)
- xfree(desmac.contents);
if ((toktype == KG_TOK_SEAL_MSG) || (toktype == KG_TOK_WRAP_MSG))
xfree(token.value);
*minor_status = 0;
return(GSS_S_BAD_SIG);
}
- if (signalg == 0)
- xfree(desmac.contents);
-
/* XXX this is where the seq_num check would go */
/* it got through unscathed. Make sure the context is unexpired */
return(ENOMEM);
/* allocate the cksum contents buffer */
- if ((cksum->contents = (krb5_octet *)
- xmalloc(krb5_checksum_size(context, CKSUMTYPE_RSA_MD5))) == NULL) {
+ cksum->length = krb5_checksum_size(context, CKSUMTYPE_RSA_MD5);
+ if ((cksum->contents = (krb5_octet *) xmalloc(cksum->length)) == NULL) {
free(buf);
return(ENOMEM);
}