From e9cab3585f14bd108de6ca0bbacf1aa97f02efeb Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Wed, 17 Aug 1994 22:08:52 +0000 Subject: [PATCH] 1) Stop checking the msg_type field unless KRB5_MSGTYPE_STRICT is defined 2) Allow the enc_kdc_rep_part structure to have a ASN.1 tag of either 25 (AS REP) or 26 (TGS REP). Unfortunately, old versions of Kerberos always use TGS REP (#26), so we can't change the encoder with breaking compatibility. Sigh.... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4175 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/asn.1/ChangeLog | 27 ++++++++++++++++ src/lib/krb5/asn.1/asn1_decode_k.c | 37 ++-------------------- src/lib/krb5/asn.1/krb5_decode.c | 50 ++++++++++++++++++++++-------- src/lib/krb5/asn.1/krb5_encode.c | 2 +- src/lib/krb5/asn.1/krbasn1.h | 25 ++++++++++----- 5 files changed, 86 insertions(+), 55 deletions(-) diff --git a/src/lib/krb5/asn.1/ChangeLog b/src/lib/krb5/asn.1/ChangeLog index d984b68e9..2dbca5463 100644 --- a/src/lib/krb5/asn.1/ChangeLog +++ b/src/lib/krb5/asn.1/ChangeLog @@ -1,3 +1,30 @@ +Wed Aug 17 16:07:06 1994 Theodore Y. Ts'o (tytso at tsx-11) + + * krb5_encode.c (encode_krb5_enc_kdc_rep_part): Older versions of + the Kerberos are always sending the enc_kdc_rep_part structure + with an application tag of #26, instead of using the application + tag of #25 (AS REP) or #26 (AS REP) as necessary. Worse yet, they + will only accept a tag of #26, so we need to follow this for + backwards compatibility. #defining KRB5_ENCKRB5KDCREPPART_COMPAT + will preserve this wrong (but compatible) behavior. + + * krb5_decode.c (decode_krb5_enc_kdc_rep_part): Record the tag + value of the ASN.1 sequence in the rkb5_enc_kdc_rep structure. + Allow both tag #25 and #26 (although old software was always + sending tag #26). + + * krb5_decode.c (decode_krb5_as_rep, decode_krb5_tgs_rep, + decode_krb5_ap_req, decode_krb5_ap_rep, decode_krb5_as_req, + decode_krb5_tgs_req, decode_krb5_safe, decode_krb5_priv, + decode_krb5_cred, decode_krb5_error): Only check the ASN.1 message + type if KRB5_MSGTYPE_STRICT is defined. "Be strict in what you + send out, liberal in what you receive..." + + * asn1_decode_k.c (asn1_decode_msgtype): Stop checking the + validity of the message type here. Each routine that calls + asn1_decode_msgtype is checking the message type anyway, so it's + just duplicated effort. + Sat Aug 13 03:40:16 1994 Mark Eichin (eichin@perdiem) * krbasn1.h: include stdlib.h for calloc declaration (if we can) diff --git a/src/lib/krb5/asn.1/asn1_decode_k.c b/src/lib/krb5/asn.1/asn1_decode_k.c index 94373ca9b..322c66431 100644 --- a/src/lib/krb5/asn.1/asn1_decode_k.c +++ b/src/lib/krb5/asn.1/asn1_decode_k.c @@ -163,42 +163,11 @@ asn1_error_code asn1_decode_msgtype(DECLARG(asn1buf *, buf), { asn1_error_code retval; unsigned long n; + retval = asn1_decode_unsigned_integer(buf,&n); if(retval) return retval; - switch(n){ - case ASN1_KRB_AS_REQ: - *val = KRB5_AS_REQ; - break; - case ASN1_KRB_AS_REP: - *val = KRB5_AS_REP; - break; - case ASN1_KRB_TGS_REQ: - *val = KRB5_TGS_REQ; - break; - case ASN1_KRB_TGS_REP: - *val = KRB5_TGS_REP; - break; - case ASN1_KRB_AP_REQ: - *val = KRB5_AP_REQ; - break; - case ASN1_KRB_AP_REP: - *val = KRB5_AP_REP; - break; - case ASN1_KRB_SAFE: - *val = KRB5_SAFE; - break; - case ASN1_KRB_PRIV: - *val = KRB5_PRIV; - break; - case ASN1_KRB_CRED: - *val = KRB5_CRED; - break; - case ASN1_KRB_ERROR: - *val = KRB5_ERROR; - break; - default: - return KRB5_BADMSGTYPE; - } + + *val = (krb5_msgtype) n; return 0; } diff --git a/src/lib/krb5/asn.1/krb5_decode.c b/src/lib/krb5/asn.1/krb5_decode.c index f991a0ef3..c9f48fb51 100644 --- a/src/lib/krb5/asn.1/krb5_decode.c +++ b/src/lib/krb5/asn.1/krb5_decode.c @@ -252,16 +252,13 @@ krb5_error_code decode_krb5_enc_kdc_rep_part(DECLARG(const krb5_data *, code), setup_no_length(); alloc_field(*rep,krb5_enc_kdc_rep_part); -#ifndef ENCKRB5KDCREPPART_HAS_MSGTYPE - check_apptag(26); -#else retval = asn1_get_tag(&buf,&class,&construction,&tagnum,NULL); if(retval) return retval; if(class != APPLICATION || construction != CONSTRUCTED) return ASN1_BAD_ID; if(tagnum == 25) (*rep)->msg_type = KRB5_AS_REP; else if(tagnum == 26) (*rep)->msg_type = KRB5_TGS_REP; else return KRB5_BADMSGTYPE; -#endif + retval = asn1_decode_enc_kdc_rep_part(&buf,*rep); if(retval) return (krb5_error_code)retval; @@ -279,7 +276,10 @@ krb5_error_code decode_krb5_as_rep(DECLARG(const krb5_data *, code), check_apptag(11); retval = asn1_decode_kdc_rep(&buf,*rep); if(retval) return (krb5_error_code)retval; - if((*rep)->msg_type != KRB5_AS_REP) return KRB5_BADMSGTYPE; +#ifdef KRB5_MSGTYPE_STRICT + if((*rep)->msg_type != KRB5_AS_REP) + return KRB5_BADMSGTYPE; +#endif cleanup(); } @@ -295,7 +295,9 @@ krb5_error_code decode_krb5_tgs_rep(DECLARG(const krb5_data *, code), check_apptag(13); retval = asn1_decode_kdc_rep(&buf,*rep); if(retval) return (krb5_error_code)retval; +#ifdef KRB5_MSGTYPE_STRICT if((*rep)->msg_type != KRB5_TGS_REP) return KRB5_BADMSGTYPE; +#endif cleanup(); } @@ -315,7 +317,10 @@ krb5_error_code decode_krb5_ap_req(DECLARG(const krb5_data *, code), if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; } { krb5_msgtype msg_type; get_field(msg_type,1,asn1_decode_msgtype); - if(msg_type != KRB5_AP_REQ) return KRB5_BADMSGTYPE; } +#ifdef KRB5_MSGTYPE_STRICT + if(msg_type != KRB5_AP_REQ) return KRB5_BADMSGTYPE; +#endif + } get_field((*rep)->ap_options,2,asn1_decode_ap_options); alloc_field((*rep)->ticket,krb5_ticket); get_field(*((*rep)->ticket),3,asn1_decode_ticket); @@ -340,7 +345,10 @@ krb5_error_code decode_krb5_ap_rep(DECLARG(const krb5_data *, code), if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; } { krb5_msgtype msg_type; get_field(msg_type,1,asn1_decode_msgtype); - if(msg_type != KRB5_AP_REP) return KRB5_BADMSGTYPE; } +#ifdef KRB5_MSGTYPE_STRICT + if(msg_type != KRB5_AP_REP) return KRB5_BADMSGTYPE; +#endif + } get_field((*rep)->enc_part,2,asn1_decode_encrypted_data); end_structure(); } @@ -378,8 +386,10 @@ krb5_error_code decode_krb5_as_req(DECLARG(const krb5_data *, code), check_apptag(10); retval = asn1_decode_kdc_req(&buf,*rep); if(retval) return (krb5_error_code)retval; +#ifdef KRB5_MSGTYPE_STRICT if((*rep)->msg_type != KRB5_AS_REQ) return KRB5_BADMSGTYPE; - +#endif + cleanup(); } @@ -394,8 +404,10 @@ krb5_error_code decode_krb5_tgs_req(DECLARG(const krb5_data *, code), check_apptag(12); retval = asn1_decode_kdc_req(&buf,*rep); if(retval) return (krb5_error_code)retval; +#ifdef KRB5_MSGTYPE_STRICT if((*rep)->msg_type != KRB5_TGS_REQ) return KRB5_BADMSGTYPE; - +#endif + cleanup(); } @@ -428,7 +440,10 @@ krb5_error_code decode_krb5_safe(DECLARG(const krb5_data *, code), if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; } { krb5_msgtype msg_type; get_field(msg_type,1,asn1_decode_msgtype); - if(msg_type != KRB5_SAFE) return KRB5_BADMSGTYPE; } +#ifdef KRB5_MSGTYPE_STRICT + if(msg_type != KRB5_SAFE) return KRB5_BADMSGTYPE; +#endif + } get_field(**rep,2,asn1_decode_krb_safe_body); alloc_field((*rep)->checksum,krb5_checksum); get_field(*((*rep)->checksum),3,asn1_decode_checksum); @@ -452,7 +467,10 @@ krb5_error_code decode_krb5_priv(DECLARG(const krb5_data *, code), if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; } { krb5_msgtype msg_type; get_field(msg_type,1,asn1_decode_msgtype); - if(msg_type != KRB5_PRIV) return KRB5_BADMSGTYPE; } +#ifdef KRB5_MSGTYPE_STRICT + if(msg_type != KRB5_PRIV) return KRB5_BADMSGTYPE; +#endif + } get_field((*rep)->enc_part,3,asn1_decode_encrypted_data); end_structure(); } @@ -497,7 +515,10 @@ krb5_error_code decode_krb5_cred(DECLARG(const krb5_data *, code), if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; } { krb5_msgtype msg_type; get_field(msg_type,1,asn1_decode_msgtype); - if(msg_type != KRB5_CRED) return KRB5_BADMSGTYPE; } +#ifdef KRB5_MSGTYPE_STRICT + if(msg_type != KRB5_CRED) return KRB5_BADMSGTYPE; +#endif + } get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket); get_field((*rep)->enc_part,3,asn1_decode_encrypted_data); end_structure(); @@ -543,7 +564,10 @@ krb5_error_code decode_krb5_error(DECLARG(const krb5_data *, code), if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; } { krb5_msgtype msg_type; get_field(msg_type,1,asn1_decode_msgtype); - if(msg_type != KRB5_ERROR) return KRB5_BADMSGTYPE; } +#ifdef KRB5_MSGTYPE_STRICT + if(msg_type != KRB5_ERROR) return KRB5_BADMSGTYPE; +#endif + } opt_field((*rep)->ctime,2,asn1_decode_kerberos_time); opt_field((*rep)->cusec,3,asn1_decode_int32); get_field((*rep)->stime,4,asn1_decode_kerberos_time); diff --git a/src/lib/krb5/asn.1/krb5_encode.c b/src/lib/krb5/asn.1/krb5_encode.c index f61497ff7..40fb7870d 100644 --- a/src/lib/krb5/asn.1/krb5_encode.c +++ b/src/lib/krb5/asn.1/krb5_encode.c @@ -315,7 +315,7 @@ krb5_error_code encode_krb5_enc_kdc_rep_part(DECLARG(const krb5_enc_kdc_rep_part if(retval) return retval; sum += length; -#ifndef ENCKRB5KDCREPPART_HAS_MSGTYPE +#ifdef KRB5_ENCKRB5KDCREPPART_COMPAT krb5_apptag(26); #else if(rep->msg_type = KRB5_AS_REP){ krb5_apptag(ASN1_KRB_AS_REP); } diff --git a/src/lib/krb5/asn.1/krbasn1.h b/src/lib/krb5/asn.1/krbasn1.h index ec58ac2d2..e4243c488 100644 --- a/src/lib/krb5/asn.1/krbasn1.h +++ b/src/lib/krb5/asn.1/krbasn1.h @@ -8,13 +8,24 @@ #ifdef HAS_STDLIB_H #include #endif -/* The current version of {en,de}code_krb5_enc_kdc_rep_part has a - problem in that there's no way to know the message type (AS/TGS) of - a krb5_enc_kdc_rep_part. This should be fixed in the next version - by including a msg_type field in krb5_enc_kdc_rep_part. When that - happens, #defining ENCKRB5KDCREPPART_HAS_MSGTYPE will activate the - code that uses it. */ -/* #define ENCKRB5KDCREPPART_HAS_MSGTYPE */ +/* + * Older versions of the Kerberos are always sending the + * enc_kdc_rep_part structure with an application tag of #26, instead + * of using the application tag of #25 (AS REP) or #26 (AS REP) as + * necessary. Worse yet, they will only accept a tag of #26, so we + * need to follow this for backwards compatibility. #defining + * KRB5_ENCKRB5KDCREPPART_COMPAT will preserve this wrong (but + * compatible) behavior. + */ +#define KRB5_ENCKRB5KDCREPPART_COMPAT + +/* + * If KRB5_MSGTYPE_STRICT is defined, then be strict about checking + * the msgtype fields. Unfortunately, there old versions of Kerberos + * don't set these fields correctly, so we have to make allowances for + * them. + */ +/* #define KRB5_MSGTYPE_STRICT */ typedef krb5_octet asn1_octet; typedef krb5_error_code asn1_error_code; -- 2.26.2