From 926dbfad5bd7cdda2545e082c40e3ad531154302 Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Fri, 19 Jan 2001 01:05:13 +0000
Subject: [PATCH] 	* g_ad_tkt.c: Fix error packet parsing

	* g_in_tkt.c: Fix error packet parsing.  Also, declare some
	internal functions as static and add prototypes.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12914 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/krb4/ChangeLog  |  7 +++++++
 src/lib/krb4/g_ad_tkt.c | 32 +++++++++++++++---------------
 src/lib/krb4/g_in_tkt.c | 44 ++++++++++++++++++++++++-----------------
 3 files changed, 49 insertions(+), 34 deletions(-)

diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog
index 1a4e2472d..5fabd2b96 100644
--- a/src/lib/krb4/ChangeLog
+++ b/src/lib/krb4/ChangeLog
@@ -1,3 +1,10 @@
+2001-01-18  Tom Yu  <tlyu@mit.edu>
+
+	* g_ad_tkt.c: Fix error packet parsing.
+
+	* g_in_tkt.c: Fix error packet parsing.  Also, declare some
+	internal functions as static and add prototypes.
+
 2000-11-09  Danilo Almeida  <dalmeida@mit.edu>
 
 	* strnlen.c (krb_strnlen): Put The return type before the calling
diff --git a/src/lib/krb4/g_ad_tkt.c b/src/lib/krb4/g_ad_tkt.c
index 092be7a22..a1e3b36f0 100644
--- a/src/lib/krb4/g_ad_tkt.c
+++ b/src/lib/krb4/g_ad_tkt.c
@@ -1,8 +1,8 @@
 /*
  * lib/krb4/g_ad_tkt.c
  *
- * Copyright 1986, 1987, 1988, 2000 by the Massachusetts Institute of
- * Technology.  All Rights Reserved.
+ * Copyright 1986, 1987, 1988, 2000, 2001 by the Massachusetts
+ * Institute of Technology.  All Rights Reserved.
  *
  * Export of this software from the United States of America may
  *   require a specific license from the United States Government.
@@ -110,8 +110,22 @@ g_ad_tkt_parse(KTEXT rpkt, C_Block tgtses, C_Block ses,
     /* Check byte order (little-endian == 1) */
     msg_byte_order = t_switch & 1;
     t_switch &= ~1;
+    /*
+     * Skip over some stuff (3 strings and various integers -- see
+     * cr_auth_repl.c for details).  Maybe we should actually verify
+     * these?
+     */
+    for (i = 0; i < 3; i++) {
+	len = krb_strnlen((char *)ptr, RPKT_REMAIN) + 1;
+	if (len <= 0)
+	    return INTK_PROT;
+	ptr += len;
+    }
     switch (t_switch) {
     case AUTH_MSG_KDC_REPLY:
+	if (RPKT_REMAIN < 4 + 1 + 4 + 1)
+	    return INTK_PROT;
+	ptr += 4 + 1 + 4 + 1;
 	break;
     case AUTH_MSG_ERR_REPLY:
 	if (RPKT_REMAIN < 4)
@@ -122,20 +136,6 @@ g_ad_tkt_parse(KTEXT rpkt, C_Block tgtses, C_Block ses,
     default:
 	return INTK_PROT;
     }
-    /*
-     * Skip over some stuff (3 strings and various integers -- see
-     * cr_auth_repl.c for details).  Maybe we should actually verify
-     * these?
-     */
-    for (i = 0; i < 3; i++) {
-	len = krb_strnlen((char *)ptr, RPKT_REMAIN) + 1;
-	if (len <= 0)
-	    return INTK_PROT;
-	ptr += len;
-    }
-    if (RPKT_REMAIN < 4 + 1 + 4 + 1)
-    	return INTK_PROT;
-    ptr += 4 + 1 + 4 + 1;
 
     /* Extract the ciphertext */
     if (RPKT_REMAIN < 2)
diff --git a/src/lib/krb4/g_in_tkt.c b/src/lib/krb4/g_in_tkt.c
index b7ab0dfc4..872d3fe2b 100644
--- a/src/lib/krb4/g_in_tkt.c
+++ b/src/lib/krb4/g_in_tkt.c
@@ -1,8 +1,8 @@
 /*
  * lib/krb4/g_in_tkt.c
  *
- * Copyright 1986, 1987, 1988, 2000 by the Massachusetts Institute of
- * Technology.  All Rights Reserved.
+ * Copyright 1986, 1987, 1988, 2000, 2001 by the Massachusetts
+ * Institute of Technology.  All Rights Reserved.
  *
  * Export of this software from the United States of America may
  *   require a specific license from the United States Government.
@@ -44,6 +44,14 @@ typedef int (*decrypt_tkt_type) PROTOTYPE ((char *, char *, char *, char *,
 				     key_proc_type, KTEXT *));
 #endif
 
+static int
+krb_mk_in_tkt_preauth(char *, char *, char *, char *, char *,
+		      int, char *, int, KTEXT, int *);
+
+static int
+krb_parse_in_tkt(char *, char *, char *, char *, char *,
+		 int, KTEXT, int);
+
 /*
  * decrypt_tkt(): Given user, instance, realm, passwd, key_proc
  * and the cipher text sent from the KDC, decrypt the cipher text
@@ -125,7 +133,7 @@ decrypt_tkt(user, instance, realm, arg, key_proc, cipp)
  * string		sinstance		service's instance
  */
 
-int
+static int
 krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life,
 		      preauth_p, preauth_len, cip, byteorder)
     char *user;
@@ -225,17 +233,6 @@ krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life,
     /* Check byte order */
     msg_byte_order = t_switch & 1;
     t_switch &= ~1;
-    switch (t_switch) {
-    case AUTH_MSG_KDC_REPLY:
-        break;
-    case AUTH_MSG_ERR_REPLY:
-	if (RPKT_REMAIN < 4)
-	    return INTK_PROT;
-	KRB4_GET32(rep_err_code, p, msg_byte_order);
-	return rep_err_code;
-    default:
-        return INTK_PROT;
-    }
 
     /* EXTRACT INFORMATION FROM RETURN PACKET */
 
@@ -249,9 +246,20 @@ krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life,
 	    return INTK_PROT;
 	p += len;
     }
-    if (RPKT_REMAIN < 4 + 1 + 4 + 1)
-	return INTK_PROT;
-    p += 4 + 1 + 4 + 1;
+    switch (t_switch) {
+    case AUTH_MSG_KDC_REPLY:
+	if (RPKT_REMAIN < 4 + 1 + 4 + 1)
+	    return INTK_PROT;
+	p += 4 + 1 + 4 + 1;
+        break;
+    case AUTH_MSG_ERR_REPLY:
+	if (RPKT_REMAIN < 4)
+	    return INTK_PROT;
+	KRB4_GET32(rep_err_code, p, msg_byte_order);
+	return rep_err_code;
+    default:
+        return INTK_PROT;
+    }
 
     /* Extract the ciphertext */
     if (RPKT_REMAIN < 2)
@@ -271,7 +279,7 @@ krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life,
     return INTK_OK;
 }
 
-int
+static int
 krb_parse_in_tkt(user, instance, realm, service, sinstance, life, cip,
 		 byteorder)
     char *user;
-- 
2.26.2