+Wed Aug 17 16:07:06 1994 Theodore Y. Ts'o (tytso at tsx-11)
+
+ * krb5_encode.c (encode_krb5_enc_kdc_rep_part): Older versions of
+ the Kerberos are always sending the enc_kdc_rep_part structure
+ with an application tag of #26, instead of using the application
+ tag of #25 (AS REP) or #26 (AS REP) as necessary. Worse yet, they
+ will only accept a tag of #26, so we need to follow this for
+ backwards compatibility. #defining KRB5_ENCKRB5KDCREPPART_COMPAT
+ will preserve this wrong (but compatible) behavior.
+
+ * krb5_decode.c (decode_krb5_enc_kdc_rep_part): Record the tag
+ value of the ASN.1 sequence in the rkb5_enc_kdc_rep structure.
+ Allow both tag #25 and #26 (although old software was always
+ sending tag #26).
+
+ * krb5_decode.c (decode_krb5_as_rep, decode_krb5_tgs_rep,
+ decode_krb5_ap_req, decode_krb5_ap_rep, decode_krb5_as_req,
+ decode_krb5_tgs_req, decode_krb5_safe, decode_krb5_priv,
+ decode_krb5_cred, decode_krb5_error): Only check the ASN.1 message
+ type if KRB5_MSGTYPE_STRICT is defined. "Be strict in what you
+ send out, liberal in what you receive..."
+
+ * asn1_decode_k.c (asn1_decode_msgtype): Stop checking the
+ validity of the message type here. Each routine that calls
+ asn1_decode_msgtype is checking the message type anyway, so it's
+ just duplicated effort.
+
Sat Aug 13 03:40:16 1994 Mark Eichin (eichin@perdiem)
* krbasn1.h: include stdlib.h for calloc declaration (if we can)
setup_no_length();
alloc_field(*rep,krb5_enc_kdc_rep_part);
-#ifndef ENCKRB5KDCREPPART_HAS_MSGTYPE
- check_apptag(26);
-#else
retval = asn1_get_tag(&buf,&class,&construction,&tagnum,NULL);
if(retval) return retval;
if(class != APPLICATION || construction != CONSTRUCTED) return ASN1_BAD_ID;
if(tagnum == 25) (*rep)->msg_type = KRB5_AS_REP;
else if(tagnum == 26) (*rep)->msg_type = KRB5_TGS_REP;
else return KRB5_BADMSGTYPE;
-#endif
+
retval = asn1_decode_enc_kdc_rep_part(&buf,*rep);
if(retval) return (krb5_error_code)retval;
check_apptag(11);
retval = asn1_decode_kdc_rep(&buf,*rep);
if(retval) return (krb5_error_code)retval;
- if((*rep)->msg_type != KRB5_AS_REP) return KRB5_BADMSGTYPE;
+#ifdef KRB5_MSGTYPE_STRICT
+ if((*rep)->msg_type != KRB5_AS_REP)
+ return KRB5_BADMSGTYPE;
+#endif
cleanup();
}
check_apptag(13);
retval = asn1_decode_kdc_rep(&buf,*rep);
if(retval) return (krb5_error_code)retval;
+#ifdef KRB5_MSGTYPE_STRICT
if((*rep)->msg_type != KRB5_TGS_REP) return KRB5_BADMSGTYPE;
+#endif
cleanup();
}
if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
{ krb5_msgtype msg_type;
get_field(msg_type,1,asn1_decode_msgtype);
- if(msg_type != KRB5_AP_REQ) return KRB5_BADMSGTYPE; }
+#ifdef KRB5_MSGTYPE_STRICT
+ if(msg_type != KRB5_AP_REQ) return KRB5_BADMSGTYPE;
+#endif
+ }
get_field((*rep)->ap_options,2,asn1_decode_ap_options);
alloc_field((*rep)->ticket,krb5_ticket);
get_field(*((*rep)->ticket),3,asn1_decode_ticket);
if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
{ krb5_msgtype msg_type;
get_field(msg_type,1,asn1_decode_msgtype);
- if(msg_type != KRB5_AP_REP) return KRB5_BADMSGTYPE; }
+#ifdef KRB5_MSGTYPE_STRICT
+ if(msg_type != KRB5_AP_REP) return KRB5_BADMSGTYPE;
+#endif
+ }
get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
end_structure();
}
check_apptag(10);
retval = asn1_decode_kdc_req(&buf,*rep);
if(retval) return (krb5_error_code)retval;
+#ifdef KRB5_MSGTYPE_STRICT
if((*rep)->msg_type != KRB5_AS_REQ) return KRB5_BADMSGTYPE;
-
+#endif
+
cleanup();
}
check_apptag(12);
retval = asn1_decode_kdc_req(&buf,*rep);
if(retval) return (krb5_error_code)retval;
+#ifdef KRB5_MSGTYPE_STRICT
if((*rep)->msg_type != KRB5_TGS_REQ) return KRB5_BADMSGTYPE;
-
+#endif
+
cleanup();
}
if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
{ krb5_msgtype msg_type;
get_field(msg_type,1,asn1_decode_msgtype);
- if(msg_type != KRB5_SAFE) return KRB5_BADMSGTYPE; }
+#ifdef KRB5_MSGTYPE_STRICT
+ if(msg_type != KRB5_SAFE) return KRB5_BADMSGTYPE;
+#endif
+ }
get_field(**rep,2,asn1_decode_krb_safe_body);
alloc_field((*rep)->checksum,krb5_checksum);
get_field(*((*rep)->checksum),3,asn1_decode_checksum);
if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
{ krb5_msgtype msg_type;
get_field(msg_type,1,asn1_decode_msgtype);
- if(msg_type != KRB5_PRIV) return KRB5_BADMSGTYPE; }
+#ifdef KRB5_MSGTYPE_STRICT
+ if(msg_type != KRB5_PRIV) return KRB5_BADMSGTYPE;
+#endif
+ }
get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
end_structure();
}
if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
{ krb5_msgtype msg_type;
get_field(msg_type,1,asn1_decode_msgtype);
- if(msg_type != KRB5_CRED) return KRB5_BADMSGTYPE; }
+#ifdef KRB5_MSGTYPE_STRICT
+ if(msg_type != KRB5_CRED) return KRB5_BADMSGTYPE;
+#endif
+ }
get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
end_structure();
if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
{ krb5_msgtype msg_type;
get_field(msg_type,1,asn1_decode_msgtype);
- if(msg_type != KRB5_ERROR) return KRB5_BADMSGTYPE; }
+#ifdef KRB5_MSGTYPE_STRICT
+ if(msg_type != KRB5_ERROR) return KRB5_BADMSGTYPE;
+#endif
+ }
opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
opt_field((*rep)->cusec,3,asn1_decode_int32);
get_field((*rep)->stime,4,asn1_decode_kerberos_time);
#ifdef HAS_STDLIB_H
#include <stdlib.h>
#endif
-/* The current version of {en,de}code_krb5_enc_kdc_rep_part has a
- problem in that there's no way to know the message type (AS/TGS) of
- a krb5_enc_kdc_rep_part. This should be fixed in the next version
- by including a msg_type field in krb5_enc_kdc_rep_part. When that
- happens, #defining ENCKRB5KDCREPPART_HAS_MSGTYPE will activate the
- code that uses it. */
-/* #define ENCKRB5KDCREPPART_HAS_MSGTYPE */
+/*
+ * Older versions of the Kerberos are always sending the
+ * enc_kdc_rep_part structure with an application tag of #26, instead
+ * of using the application tag of #25 (AS REP) or #26 (AS REP) as
+ * necessary. Worse yet, they will only accept a tag of #26, so we
+ * need to follow this for backwards compatibility. #defining
+ * KRB5_ENCKRB5KDCREPPART_COMPAT will preserve this wrong (but
+ * compatible) behavior.
+ */
+#define KRB5_ENCKRB5KDCREPPART_COMPAT
+
+/*
+ * If KRB5_MSGTYPE_STRICT is defined, then be strict about checking
+ * the msgtype fields. Unfortunately, there old versions of Kerberos
+ * don't set these fields correctly, so we have to make allowances for
+ * them.
+ */
+/* #define KRB5_MSGTYPE_STRICT */
typedef krb5_octet asn1_octet;
typedef krb5_error_code asn1_error_code;