krb5 commit: Improve KDC encrypting key memory management
Greg Hudson
ghudson at mit.edu
Fri Mar 2 11:46:34 EST 2018
https://github.com/krb5/krb5/commit/f79d71ecfd3aa2a25be6e4cef4eddd28bcccd722
commit f79d71ecfd3aa2a25be6e4cef4eddd28bcccd722
Author: Greg Hudson <ghudson at mit.edu>
Date: Tue Feb 27 13:09:51 2018 -0500
Improve KDC encrypting key memory management
Commit 0ba5ccd7bb3ea15e44a87f84ca6feed8890f657d caused encrypting_key
to hold either an owned or alias pointer depending on the presence of
the KDC_OPT_ENC_TKT_IN_SKEY (u2u) flag in the request. For better
memory management safety, introducing server_keyblock to hold owned
memory in the non-u2u case, and turning encrypting_key into an alias
pointer for both cases.
src/kdc/do_tgs_req.c | 16 ++++++++--------
1 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
index fca01db..e569937 100644
--- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
@@ -113,7 +113,7 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
krb5_enc_tkt_part enc_tkt_reply;
int newtransited = 0;
krb5_error_code retval = 0;
- krb5_keyblock encrypting_key;
+ krb5_keyblock server_keyblock, *encrypting_key;
krb5_timestamp kdc_time, authtime = 0;
krb5_keyblock session_key;
krb5_keyblock *reply_key = NULL;
@@ -144,7 +144,7 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
memset(&reply_encpart, 0, sizeof(reply_encpart));
memset(&ticket_reply, 0, sizeof(ticket_reply));
memset(&enc_tkt_reply, 0, sizeof(enc_tkt_reply));
- memset(&encrypting_key, 0, sizeof(encrypting_key));
+ memset(&server_keyblock, 0, sizeof(server_keyblock));
session_key.contents = NULL;
retval = decode_krb5_tgs_req(pkt, &request);
@@ -536,7 +536,7 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
}
if (isflagset(request->kdc_options, KDC_OPT_ENC_TKT_IN_SKEY)) {
krb5_enc_tkt_part *t2enc = request->second_ticket[st_idx]->enc_part2;
- encrypting_key = *(t2enc->session);
+ encrypting_key = t2enc->session;
} else {
/*
* Find the server key
@@ -555,11 +555,12 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
* (it may be encrypted in the database)
*/
if ((errcode = krb5_dbe_decrypt_key_data(kdc_context, NULL,
- server_key, &encrypting_key,
+ server_key, &server_keyblock,
NULL))) {
status = "DECRYPT_SERVER_KEY";
goto cleanup;
}
+ encrypting_key = &server_keyblock;
}
if (isflagset(c_flags, KRB5_KDB_FLAG_CONSTRAINED_DELEGATION)) {
@@ -670,7 +671,7 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
header_server, local_tgt,
subkey != NULL ? subkey :
header_ticket->enc_part2->session,
- &encrypting_key, /* U2U or server key */
+ encrypting_key, /* U2U or server key */
header_key,
pkt,
request,
@@ -718,7 +719,7 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
ticket_kvno = server_key->key_data_kvno;
}
- errcode = krb5_encrypt_tkt_part(kdc_context, &encrypting_key,
+ errcode = krb5_encrypt_tkt_part(kdc_context, encrypting_key,
&ticket_reply);
if (errcode)
goto cleanup;
@@ -809,8 +810,7 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt,
cleanup:
if (status == NULL)
status = "UNKNOWN_REASON";
- if (!isflagset(request->kdc_options, KDC_OPT_ENC_TKT_IN_SKEY))
- krb5_free_keyblock_contents(kdc_context, &encrypting_key);
+ krb5_free_keyblock_contents(kdc_context, &server_keyblock);
if (reply_key)
krb5_free_keyblock(kdc_context, reply_key);
if (errcode)
More information about the cvs-krb5
mailing list