svn rev #23958: branches/iakerb/src/lib/ crypto/krb/ krb5/krb/
ghudson@MIT.EDU
ghudson at MIT.EDU
Fri Apr 30 17:08:12 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=23958
Commit By: ghudson
Log Message:
Merge trunk changes from r23937 to r23957 to iakerb branch.
Changed Files:
U branches/iakerb/src/lib/crypto/krb/old_api_glue.c
U branches/iakerb/src/lib/krb5/krb/get_creds.c
Modified: branches/iakerb/src/lib/crypto/krb/old_api_glue.c
===================================================================
--- branches/iakerb/src/lib/crypto/krb/old_api_glue.c 2010-04-30 20:56:26 UTC (rev 23957)
+++ branches/iakerb/src/lib/crypto/krb/old_api_glue.c 2010-04-30 21:08:11 UTC (rev 23958)
@@ -60,13 +60,11 @@
if (ret)
return ret;
- ivecd.length = blocksize;
- ivecd.data = ivec;
+ ivecd = make_data(ivec, blocksize);
}
/* size is the length of the input cleartext data. */
- inputd.length = size;
- inputd.data = inptr;
+ inputd = make_data((void *) inptr, size);
/*
* The size of the output buffer isn't part of the old api. Not too
@@ -76,8 +74,7 @@
if (ret)
return ret;
- outputd.ciphertext.length = outlen;
- outputd.ciphertext.data = outptr;
+ outputd.ciphertext = make_data(outptr, outlen);
return krb5_c_encrypt(context, eblock->key, 0, ivec ? &ivecd : 0,
&inputd, &outputd);
@@ -98,20 +95,17 @@
if (ret)
return ret;
- ivecd.length = blocksize;
- ivecd.data = ivec;
+ ivecd = make_data(ivec, blocksize);
}
/* size is the length of the input ciphertext data */
inputd.enctype = eblock->key->enctype;
- inputd.ciphertext.length = size;
- inputd.ciphertext.data = inptr;
+ inputd.ciphertext = make_data((void *) inptr, size);
/* we don't really know how big this is, but the code tends to assume
that the output buffer size should be the same as the input
buffer size */
- outputd.length = size;
- outputd.data = outptr;
+ outputd = make_data(outptr, size);
return krb5_c_decrypt(context, eblock->key, 0, ivec ? &ivecd : 0,
&inputd, &outputd);
@@ -145,11 +139,8 @@
krb5_init_random_key(krb5_context context, const krb5_encrypt_block *eblock,
const krb5_keyblock *keyblock, krb5_pointer *ptr)
{
- krb5_data data;
+ krb5_data data = make_data(keyblock->contents, keyblock->length);
- data.length = keyblock->length;
- data.data = (char *) keyblock->contents;
-
return krb5_c_random_seed(context, &data);
}
@@ -226,17 +217,14 @@
krb5_const_pointer seed, size_t seed_length,
krb5_checksum *outcksum)
{
- krb5_data input;
+ krb5_data input = make_data((void *) in, in_length);
krb5_keyblock key;
krb5_error_code ret;
krb5_checksum cksum;
- input.data = in;
- input.length = in_length;
-
key.enctype = ENCTYPE_NULL;
key.length = seed_length;
- key.contents = seed;
+ key.contents = (unsigned char *) seed;
ret = krb5_c_make_checksum(context, ctype, &key, 0, &input, &cksum);
if (ret)
@@ -264,16 +252,13 @@
size_t in_length, krb5_const_pointer seed,
size_t seed_length)
{
- krb5_data input;
+ krb5_data input = make_data((void *) in, in_length);
krb5_keyblock key;
krb5_error_code ret;
krb5_boolean valid;
- input.data = in;
- input.length = in_length;
-
key.length = seed_length;
- key.contents = seed;
+ key.contents = (unsigned char *) seed;
ret = krb5_c_verify_checksum(context, &key, 0, &input, cksum, &valid);
if (ret)
@@ -288,11 +273,8 @@
krb5_error_code KRB5_CALLCONV
krb5_random_confounder(size_t size, krb5_pointer ptr)
{
- krb5_data random_data;
+ krb5_data random_data = make_data(ptr, size);
- random_data.length = size;
- random_data.data = ptr;
-
return krb5_c_random_make_octets(NULL, &random_data);
}
@@ -313,17 +295,15 @@
if (ret)
return ret;
- ivecd.length = blocksize;
- ivecd.data = ivec;
+ ivecd = make_data(ivec, blocksize);
}
enc_data->magic = KV5M_ENC_DATA;
enc_data->kvno = 0;
enc_data->enctype = key->enctype;
- enc_data->ciphertext.length = enclen;
- enc_data->ciphertext.data = malloc(enclen);
- if (enc_data->ciphertext.data == NULL)
- return ENOMEM;
+ ret = alloc_data(&enc_data->ciphertext, enclen);
+ if (ret)
+ return ret;
ret = krb5_c_encrypt(context, key, 0, ivec ? &ivecd : 0, data, enc_data);
if (ret)
@@ -345,14 +325,12 @@
if (ret)
return ret;
- ivecd.length = blocksize;
- ivecd.data = ivec;
+ ivecd = make_data(ivec, blocksize);
}
- data->length = enc_data->ciphertext.length;
- data->data = malloc(data->length);
- if (data->data == NULL)
- return ENOMEM;
+ ret = alloc_data(data, enc_data->ciphertext.length);
+ if (ret)
+ return ret;
ret = krb5_c_decrypt(context, key, 0, ivec ? &ivecd : 0, enc_data, data);
if (ret)
Modified: branches/iakerb/src/lib/krb5/krb/get_creds.c
===================================================================
--- branches/iakerb/src/lib/krb5/krb/get_creds.c 2010-04-30 20:56:26 UTC (rev 23957)
+++ branches/iakerb/src/lib/krb5/krb/get_creds.c 2010-04-30 21:08:11 UTC (rev 23958)
@@ -733,14 +733,14 @@
*tgt = NULL;
/* Construct the principal krbtgt/<realm>@<client realm>. The realm
- * won't matter unless we're getting the local TGT. */
+ * won't matter if we're getting a foreign TGT. */
code = krb5int_tgtname(context, realm, &ctx->client->realm, &tgtname);
if (code != 0)
goto cleanup;
- /* Match the TGT realm only if we're getting the local TGT. */
+ /* Don't match the TGT realm if we're getting a foreign TGT. */
flags = KRB5_TC_SUPPORTED_KTYPES;
- if (local_realm)
+ if (!local_realm)
flags |= KRB5_TC_MATCH_SRV_NAMEONLY;
/* Construct a matching cred for the ccache query. */
More information about the cvs-krb5
mailing list