svn rev #21530: branches/mskrb-integ/src/lib/gssapi/krb5/

lhoward@MIT.EDU lhoward at MIT.EDU
Wed Dec 17 22:46:59 EST 2008 

http://src.mit.edu/fisheye/changelog/krb5/?cs=21530
Commit By: lhoward
Log Message:
cleanup



Changed Files:
U   branches/mskrb-integ/src/lib/gssapi/krb5/util_crypt.c
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/util_crypt.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/util_crypt.c	2008-12-18 03:39:25 UTC (rev 21529)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/util_crypt.c	2008-12-18 03:46:58 UTC (rev 21530)
@@ -697,6 +697,7 @@
     gss_iov_buffer_t data = NULL;
     size_t padlength, relative_padlength;
     unsigned char *p;
+    OM_uint32 minor;
 
     data = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_DATA);
     padding = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
@@ -712,7 +713,7 @@
     }
 
     p = (unsigned char *)padding->buffer.value;
-    padlength = p[0];
+    padlength = p[padding->buffer.length - 1];
 
     if (data->buffer.length + padding->buffer.length < padlength ||
         padlength == 0) {
@@ -722,10 +723,15 @@
 
     /*
      * kg_tokenize_stream_iov() will place one byte of padding in the
-     * padding buffer, because its true value is unknown until decryption
-     * time. relative_padlength contains the number of bytes to compensate
-     * the padding and data buffers by.
+     * padding buffer; its true value is unknown until after decryption.
      *
+     * relative_padlength contains the number of bytes to compensate the
+     * padding and data buffers by; it will be zero if the caller manages
+     * the padding length.
+     *
+     * If the caller manages the padding length, then relative_padlength
+     * wil be zero.
+     *
      * eg. if the buffers are structured as follows:
      *
      *	    +---DATA---+-PAD-+
@@ -735,17 +741,18 @@
      * after compensation they would look like:
      *
      *	    +-DATA--+-PAD--+
-     *	    | ABCDE | 4444 |
+     *	    | ABCDE | NULL |
      *	    +-------+------+
      */
     relative_padlength = padlength - padding->buffer.length;
 
+    assert(data->buffer.length >= relative_padlength);
+
     data->buffer.length -= relative_padlength;
 
-    /*
-     * We don't really know DATA and PADDING buffers are
-     * adjacent in memory so just set PADDING to NULL.
-     */
+    if (padding->type & GSS_IOV_BUFFER_FLAG_ALLOCATED)
+	gss_release_buffer(&minor, &padding->buffer);
+
     padding->buffer.length = 0;
     padding->buffer.value = NULL;

More information about the cvs-krb5 mailing list