From 8d6a5685ad511366732e9603f2113eac8d2366b7 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Fri, 8 Dec 2000 04:48:24 +0000 Subject: [PATCH] * k5seal.c (make_seal_token_v1): Use ANSI-style definition, instead of K&R plus prototype. Don't use too-big numbers even as placeholders. * accept_sec_context.c (rd_and_store_for_creds): After creating an auth context, set flags to require sequence numbers. (krb5_gss_accept_sec_context): Likewise. * init_sec_context.c (krb5_gss_init_sec_context): Likewise. (thanks to assar for noticing this) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12887 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/krb5/accept_sec_context.c | 5 ++- src/lib/gssapi/krb5/init_sec_context.c | 2 + src/lib/gssapi/krb5/k5seal.c | 49 ++++++++---------------- 3 files changed, 21 insertions(+), 35 deletions(-) diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index 79f762717..5250112ff 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -94,7 +94,8 @@ rd_and_store_for_creds(context, inbuf, out_cred) if ((retval = krb5_auth_con_init(context, &auth_context))) return(retval); - krb5_auth_con_setflags(context, auth_context, 0); + krb5_auth_con_setflags(context, auth_context, + KRB5_AUTH_CONTEXT_DO_SEQUENCE); if ((retval = krb5_rd_cred(context, auth_context, inbuf, &creds, NULL))) goto cleanup; @@ -333,6 +334,8 @@ krb5_gss_accept_sec_context(minor_status, context_handle, major_status = GSS_S_FAILURE; goto fail; } + krb5_auth_con_setflags(context, auth_context, + KRB5_AUTH_CONTEXT_DO_SEQUENCE); if ((code = krb5_auth_con_setrcache(context, auth_context, cred->rcache))) { major_status = GSS_S_FAILURE; goto fail; diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index acac47184..ddd849c63 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -461,6 +461,8 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, ctx_free = ctx; if ((code = krb5_auth_con_init(context, &ctx->auth_context))) goto fail; + krb5_auth_con_setflags(context, ctx->auth_context, + KRB5_AUTH_CONTEXT_DO_SEQUENCE); ctx->initiate = 1; ctx->gss_flags = KG_IMPLFLAGS(req_flags); ctx->seed_init = 0; diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c index 1ca108e65..ff46afad8 100644 --- a/src/lib/gssapi/krb5/k5seal.c +++ b/src/lib/gssapi/krb5/k5seal.c @@ -49,39 +49,20 @@ #include "gssapiP_krb5.h" static krb5_error_code -make_seal_token_v1 PROTOTYPE((krb5_context context, - krb5_keyblock *enc, - krb5_keyblock *seq, - krb5_int32 *seqnum, - int direction, - gss_buffer_t text, - gss_buffer_t token, - int signalg, - int cksum_size, - int sealalg, - int encrypt, - int toktype, - int bigend, - gss_OID oid)); - -static krb5_error_code -make_seal_token_v1(context, enc, seq, seqnum, direction, text, token, - signalg, cksum_size, sealalg, encrypt, toktype, - bigend, oid) - krb5_context context; - krb5_keyblock *enc; - krb5_keyblock *seq; - krb5_int32 *seqnum; - int direction; - gss_buffer_t text; - gss_buffer_t token; - int signalg; - int cksum_size; - int sealalg; - int encrypt; - int toktype; - int bigend; - gss_OID oid; +make_seal_token_v1 (krb5_context context, + krb5_keyblock *enc, + krb5_keyblock *seq, + krb5_int32 *seqnum, + int direction, + gss_buffer_t text, + gss_buffer_t token, + int signalg, + int cksum_size, + int sealalg, + int encrypt, + int toktype, + int bigend, + gss_OID oid) { krb5_error_code code; size_t sumlen; @@ -119,7 +100,7 @@ make_seal_token_v1(context, enc, seq, seqnum, direction, text, token, break; default: abort (); - return 12345654321; + return 12345654; } /* create the token buffer */ -- 2.26.2