From: John Kohl Date: Wed, 10 Oct 1990 17:19:54 +0000 (+0000) Subject: changes for new encryption data structures X-Git-Tag: krb5-1.0-alpha2~185 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=c1b41eb1f2af031cb9e999c274378653f5ce3872;p=krb5.git changes for new encryption data structures and new message styles for KDC requests. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1226 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/krb/decode_kdc.c b/src/lib/krb5/krb/decode_kdc.c index 2eea0c2d1..f8e30e722 100644 --- a/src/lib/krb5/krb/decode_kdc.c +++ b/src/lib/krb5/krb/decode_kdc.c @@ -25,7 +25,7 @@ static char rcsid_decode_kdc_c[] = /* Takes a KDC_REP message and decrypts encrypted part using etype and *key, putting result in *rep. - dec_rep->client,ticket,session.last_req,server,caddrs + dec_rep->client,ticket,session,last_req,server,caddrs are all set to allocated storage which should be freed by the caller when finished with the response. @@ -50,25 +50,17 @@ OLDDECLARG(krb5_kdc_rep **, dec_rep) /* XXX maybe caller should specify type expected? */ - if (!krb5_is_kdc_rep(enc_rep)) - return KRB5KRB_AP_ERR_MSG_TYPE; - retval = decode_krb5_as_rep(enc_rep, &local_dec_rep); - switch (retval) { - case ISODE_50_LOCAL_ERR_BADMSGTYPE: + if (krb5_is_as_rep(enc_rep)) + retval = decode_krb5_as_rep(enc_rep, &local_dec_rep); + else if (krb5_is_tgs_rep(enc_rep)) retval = decode_krb5_tgs_rep(enc_rep, &local_dec_rep); - switch (retval) { - case 0: - break; - default: - return(retval); - } - case 0: - break; - default: - return (retval); - } + else + return KRB5KRB_AP_ERR_MSG_TYPE; + + if (retval) + return retval; - if (local_dec_rep->etype != etype) { + if (local_dec_rep->enc_part.etype != etype) { krb5_free_kdc_rep(local_dec_rep); return KRB5_WRONG_ETYPE; } diff --git a/src/lib/krb5/krb/encode_kdc.c b/src/lib/krb5/krb/encode_kdc.c index 0a8397ef7..4c7f9f81e 100644 --- a/src/lib/krb5/krb/encode_kdc.c +++ b/src/lib/krb5/krb/encode_kdc.c @@ -31,9 +31,10 @@ static char rcsid_encode_kdc_c [] = returns system errors - dec_rep->enc_part is allocated and filled in. + dec_rep->enc_part.ciphertext is allocated and filled in. */ -/* due to promotion rules, we need to play with this... */ +/* due to argument promotion rules, we need to use the DECLARG/OLDDECLARG + stuff... */ krb5_error_code krb5_encode_kdc_rep(DECLARG(const krb5_msgtype, type), DECLARG(const register krb5_enc_kdc_rep_part *, encpart), @@ -50,7 +51,7 @@ OLDDECLARG(krb5_data **, enc_rep) krb5_encrypt_block eblock; krb5_error_code retval; - if (!valid_etype(dec_rep->etype)) + if (!valid_etype(dec_rep->enc_part.etype)) return KRB5_PROG_ETYPE_NOSUPP; switch (type) { @@ -69,23 +70,30 @@ OLDDECLARG(krb5_data **, enc_rep) /* put together an eblock for this encryption */ - eblock.crypto_entry = krb5_csarray[dec_rep->etype]->system; - dec_rep->enc_part.length = krb5_encrypt_size(scratch->length, - eblock.crypto_entry); + eblock.crypto_entry = krb5_csarray[dec_rep->enc_part.etype]->system; + dec_rep->enc_part.ciphertext.length = + krb5_encrypt_size(scratch->length, eblock.crypto_entry); /* add padding area, and zero it */ - if (!(scratch->data = realloc(scratch->data, dec_rep->enc_part.length))) { + if (!(scratch->data = realloc(scratch->data, + dec_rep->enc_part.ciphertext.length))) { /* may destroy scratch->data */ xfree(scratch); return ENOMEM; } bzero(scratch->data + scratch->length, - dec_rep->enc_part.length - scratch->length); - if (!(dec_rep->enc_part.data = malloc(dec_rep->enc_part.length))) { + dec_rep->enc_part.ciphertext.length - scratch->length); + if (!(dec_rep->enc_part.ciphertext.data = + malloc(dec_rep->enc_part.ciphertext.length))) { retval = ENOMEM; goto clean_scratch; } -#define cleanup_encpart() {(void) bzero(dec_rep->enc_part.data, dec_rep->enc_part.length); free(dec_rep->enc_part.data); dec_rep->enc_part.length = 0; dec_rep->enc_part.data = 0;} +#define cleanup_encpart() { \ +(void) bzero(dec_rep->enc_part.ciphertext.data, \ + dec_rep->enc_part.ciphertext.length); \ +free(dec_rep->enc_part.ciphertext.data); \ +dec_rep->enc_part.ciphertext.length = 0; \ +dec_rep->enc_part.ciphertext.data = 0;} if (retval = krb5_process_key(&eblock, client_key)) { goto clean_encpart; @@ -94,7 +102,7 @@ OLDDECLARG(krb5_data **, enc_rep) #define cleanup_prockey() {(void) krb5_finish_key(&eblock);} if (retval = krb5_encrypt((krb5_pointer) scratch->data, - (krb5_pointer) dec_rep->enc_part.data, + (krb5_pointer) dec_rep->enc_part.ciphertext.data, scratch->length, &eblock, 0)) { goto clean_prockey; }