From d44144bc3c86cd2e0b9dbe74f0241905201ddd23 Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Thu, 2 Apr 2009 23:30:28 +0000
Subject: [PATCH] Fix krshd and krlogind to use krb5_c_verify_checksum

ticket: 1624

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22159 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/appl/bsd/krlogind.c | 25 +++++++++++++++----------
 src/appl/bsd/krshd.c    | 24 ++++++++++++++----------
 2 files changed, 29 insertions(+), 20 deletions(-)

diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c
index 705285640..09aeaad21 100644
--- a/src/appl/bsd/krlogind.c
+++ b/src/appl/bsd/krlogind.c
@@ -1358,21 +1358,26 @@ recvauth(valid_checksum)
       if (authenticator->checksum) {
 	struct sockaddr_in adr;
 	socklen_t adr_length = sizeof(adr);
-	char * chksumbuf = NULL;
+	krb5_data chksumbuf;
+	krb5_boolean valid = 0;
+
+	chksumbuf.data = NULL;
 	if (getsockname(netf, (struct sockaddr *) &adr, &adr_length) != 0)
 	    goto error_cleanup;
-	if (asprintf(&chksumbuf, "%u:%s%s", ntohs(adr.sin_port), term, lusername) < 0)
+	if (asprintf(&chksumbuf.data, "%u:%s%s", ntohs(adr.sin_port), term, lusername) < 0)
 	    goto error_cleanup;
 
-	status = krb5_verify_checksum(bsd_context,
-				      authenticator->checksum->checksum_type,
-				      authenticator->checksum,
-				      chksumbuf, strlen(chksumbuf),
-				      ticket->enc_part2->session->contents, 
-				      ticket->enc_part2->session->length);
+	chksumbuf.length = strlen(chksumbuf.data);
+	status = krb5_c_verify_checksum(bsd_context,
+					ticket->enc_part2->session,
+					KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM,
+					&chksumbuf, authenticator->checksum,
+					&valid);
+	if (status == 0 && !valid) status = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+
     error_cleanup:
-	if (chksumbuf)
-	    free(chksumbuf);
+	if (chksumbuf.data)
+	    free(chksumbuf.data);
 	if (status) {
 	  krb5_free_authenticator(bsd_context, authenticator);
 	  return status;
diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c
index 76c0ca1fc..59a088ef1 100644
--- a/src/appl/bsd/krshd.c
+++ b/src/appl/bsd/krshd.c
@@ -1810,8 +1810,11 @@ recvauth(netfd, peersin, valid_checksum)
 	struct sockaddr_storage adr;
 	unsigned int adr_length = sizeof(adr);
 	int e;
-	char namebuf[32], *chksumbuf = NULL;
+	char namebuf[32];
+	krb5_boolean valid = 0;
+	krb5_data chksumbuf;
 
+	chksumbuf.data = NULL;
 	if (getsockname(netfd, (struct sockaddr *) &adr, &adr_length) != 0)
 	    goto error_cleanup;
 
@@ -1819,19 +1822,20 @@ recvauth(netfd, peersin, valid_checksum)
 			namebuf, sizeof(namebuf), NI_NUMERICSERV);
 	if (e)
 	    fatal(netfd, "local error: can't examine port number");
-	if (asprintf(&chksumbuf, "%s:%s%s", namebuf, cmdbuf, locuser) < 0)
+	if (asprintf(&chksumbuf.data, "%s:%s%s", namebuf, cmdbuf, locuser) < 0)
 	    goto error_cleanup;
 
-	status = krb5_verify_checksum(bsd_context,
-				      authenticator->checksum->checksum_type,
-				      authenticator->checksum,
-				      chksumbuf, strlen(chksumbuf),
-				      ticket->enc_part2->session->contents, 
-				      ticket->enc_part2->session->length);
+	chksumbuf.length = strlen(chksumbuf.data);
+	status = krb5_c_verify_checksum(bsd_context,
+					ticket->enc_part2->session,
+					KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM,
+					&chksumbuf, authenticator->checksum,
+					&valid);
+	if (status == 0 && !valid) status = KRB5KRB_AP_ERR_BAD_INTEGRITY;
 
     error_cleanup:
-	if (chksumbuf)
-	    free(chksumbuf);
+	if (chksumbuf.data)
+	    free(chksumbuf.data);
 	if (status) {
 	    krb5_free_authenticator(bsd_context, authenticator);
 	    return status;
-- 
2.26.2