krb5 commit: Add minimal KDC MS-RPCE (NDR) encoder/decoder
Greg Hudson
ghudson at mit.edu
Wed Jan 12 14:38:39 EST 2022
https://github.com/krb5/krb5/commit/c85894cfb784257a6acb4d77d8c75137d2508f5e
commit c85894cfb784257a6acb4d77d8c75137d2508f5e
Author: Greg Hudson <ghudson at mit.edu>
Date: Fri Jan 7 19:58:42 2022 -0500
Add minimal KDC MS-RPCE (NDR) encoder/decoder
Add NDR marshalling functions for S4U_DELEGATION_INFO PAC buffers.
[ghudson at mit.edu: added safety checks; made minor style changes;
edited commit message]
.gitignore | 1 +
src/kdc/Makefile.in | 10 ++-
src/kdc/deps | 14 ++
src/kdc/ndr.c | 332 +++++++++++++++++++++++++++++++++++++++++++++++++++
src/kdc/t_ndr.c | 161 +++++++++++++++++++++++++
5 files changed, 516 insertions(+), 2 deletions(-)
diff --git a/.gitignore b/.gitignore
index 8a10057..00e42ad 100644
--- a/.gitignore
+++ b/.gitignore
@@ -256,6 +256,7 @@ local.properties
/src/kdc/kdc5_err.[ch]
/src/kdc/krb5kdc
/src/kdc/rtest
+/src/kdc/t_ndr
/src/kdc/t_replay
/src/lib/k5sprt32.def
diff --git a/src/kdc/Makefile.in b/src/kdc/Makefile.in
index c560741..ed85ca8 100644
--- a/src/kdc/Makefile.in
+++ b/src/kdc/Makefile.in
@@ -20,6 +20,7 @@ SRCS= \
$(srcdir)/kdc_preauth_ec.c \
$(srcdir)/kdc_preauth_encts.c \
$(srcdir)/main.c \
+ $(srcdir)/ndr.c \
$(srcdir)/policy.c \
$(srcdir)/extern.c \
$(srcdir)/replay.c \
@@ -43,6 +44,7 @@ OBJS= \
kdc_preauth_ec.o \
kdc_preauth_encts.o \
main.o \
+ ndr.o \
policy.o \
extern.o \
replay.o \
@@ -69,10 +71,14 @@ krb5kdc: $(OBJS) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(APPUTILS_DEPLIB) $(VE
rtest: $(RT_OBJS) $(KDB5_DEPLIBS) $(KADM_COMM_DEPLIBS) $(KRB5_BASE_DEPLIBS)
$(CC_LINK) -o rtest $(RT_OBJS) $(KDB5_LIBS) $(KADM_COMM_LIBS) $(KRB5_BASE_LIBS)
-check-unix: rtest runenv.sh
+t_ndr: t_ndr.o ndr.o $(KRB5_BASE_DEPLIBS)
+ $(CC_LINK) -o $@ t_ndr.o ndr.o $(KRB5_BASE_LIBS)
+
+check-unix: rtest runenv.sh t_ndr
$(RUN_TEST) $(srcdir)/rtscript > test.out
cmp test.out $(srcdir)/rtest.good
$(RM) test.out
+ $(RUN_TEST) ./t_ndr > /dev/null
T_REPLAY_OBJS=t_replay.o
@@ -92,4 +98,4 @@ install:
clean:
$(RM) kdc5_err.h kdc5_err.c krb5kdc rtest.o rtest t_replay.o t_replay
-
+ $(RM) t_ndr.o t_ndr
diff --git a/src/kdc/deps b/src/kdc/deps
index 9bf1db1..70d557f 100644
--- a/src/kdc/deps
+++ b/src/kdc/deps
@@ -173,6 +173,20 @@ $(OUTPRE)main.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(top_srcdir)/include/socket-utils.h extern.h kdc5_err.h \
kdc_audit.h kdc_util.h main.c policy.h realm_data.h \
reqstate.h
+$(OUTPRE)ndr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
+ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
+ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
+ $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
+ $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-input.h \
+ $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
+ $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
+ $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
+ $(top_srcdir)/include/k5-utf8.h $(top_srcdir)/include/kdb.h \
+ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
+ $(top_srcdir)/include/krb5/kdcpreauth_plugin.h $(top_srcdir)/include/krb5/plugin.h \
+ $(top_srcdir)/include/net-server.h $(top_srcdir)/include/port-sockets.h \
+ $(top_srcdir)/include/socket-utils.h kdc_util.h ndr.c \
+ realm_data.h reqstate.h
$(OUTPRE)policy.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
diff --git a/src/kdc/ndr.c b/src/kdc/ndr.c
new file mode 100644
index 0000000..2d16e6a
--- /dev/null
+++ b/src/kdc/ndr.c
@@ -0,0 +1,332 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* kdc/ndr.c - NDR encoding and decoding functions */
+/*
+ * Copyright (C) 2021 by Red Hat, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "k5-int.h"
+#include "k5-input.h"
+#include "k5-buf.h"
+#include "k5-utf8.h"
+#include "kdc_util.h"
+
+struct encoded_wchars {
+ uint16_t bytes_len;
+ uint16_t num_wchars;
+ uint8_t *encoded;
+};
+
+/*
+ * MS-DTYP 2.3.10:
+ *
+ * typedef struct _RPC_UNICODE_STRING {
+ * unsigned short Length;
+ * unsigned short MaximumLength;
+ * [size_is(MaximumLength/2), length_is(Length/2)] WCHAR* Buffer;
+ * } RPC_UNICODE_STRING, *PRPC_UNICODE_STRING;
+ *
+ * Note that Buffer is not a String - there's no termination.
+ *
+ * We don't actually decode Length and MaximumLength here - this is a
+ * conformant-varying array, which means that (per DCE-1.1-RPC 14.3.7.2) where
+ * those actually appear in the serialized data is variable depending on
+ * whether the string is at top level of the struct or not. (This also
+ * affects where the pointer identifier appears.)
+ *
+ * See MS-RPCE 4.7 for what an RPC_UNICODE_STRING looks like when not at
+ * top-level.
+ */
+static krb5_error_code
+dec_wchar_pointer(struct k5input *in, char **out)
+{
+ const uint8_t *bytes;
+ uint32_t actual_count;
+
+ /* Maximum count. */
+ (void)k5_input_get_uint32_le(in);
+ /* Offset - all zeroes, "should" not be checked. */
+ (void)k5_input_get_uint32_le(in);
+
+ actual_count = k5_input_get_uint32_le(in);
+ if (actual_count > UINT32_MAX / 2)
+ return ERANGE;
+
+ bytes = k5_input_get_bytes(in, actual_count * 2);
+ if (bytes == NULL || k5_utf16le_to_utf8(bytes, actual_count * 2, out) != 0)
+ return EINVAL;
+
+ /* Always align on 4. */
+ if (actual_count % 2 == 1)
+ (void)k5_input_get_uint16_le(in);
+
+ return 0;
+}
+
+static krb5_error_code
+enc_wchar_pointer(const char *utf8, struct encoded_wchars *encoded_out)
+{
+ krb5_error_code ret;
+ struct k5buf b;
+ size_t utf16len, num_wchars;
+ uint8_t *utf16;
+
+ k5_buf_init_dynamic(&b);
+
+ ret = k5_utf8_to_utf16le(utf8, &utf16, &utf16len);
+ if (ret)
+ return ret;
+
+ num_wchars = utf16len / 2;
+
+ k5_buf_add_uint32_le(&b, num_wchars + 1);
+ k5_buf_add_uint32_le(&b, 0);
+ k5_buf_add_uint32_le(&b, num_wchars);
+ k5_buf_add_len(&b, utf16, utf16len);
+
+ free(utf16);
+
+ if (num_wchars % 2 == 1)
+ k5_buf_add_uint16_le(&b, 0);
+
+ ret = k5_buf_status(&b);
+ if (ret)
+ return ret;
+
+ encoded_out->bytes_len = b.len;
+ encoded_out->num_wchars = num_wchars;
+ encoded_out->encoded = b.data;
+ return 0;
+}
+
+/*
+ * Decode a delegation info structure, leaving room to add an additional
+ * service.
+ *
+ * MS-PAC 2.9:
+ *
+ * typedef struct _S4U_DELEGATION_INFO {
+ * RPC_UNICODE_STRING S4U2proxyTarget;
+ * ULONG TransitedListSize;
+ * [size_is(TransitedListSize)] PRPC_UNICODE_STRING S4UTransitedServices;
+ * } S4U_DELEGATION_INFO, *PS4U_DELEGATION_INFO;
+ */
+krb5_error_code
+ndr_dec_delegation_info(krb5_data *data, struct pac_s4u_delegation_info **out)
+{
+ krb5_error_code ret;
+ struct pac_s4u_delegation_info *di = NULL;
+ struct k5input in;
+ uint32_t i, object_buffer_length;
+ uint8_t version, endianness, common_header_length;
+
+ *out = NULL;
+
+ di = k5alloc(sizeof(*di), &ret);
+ if (di == NULL)
+ return ret;
+
+ k5_input_init(&in, data->data, data->length);
+
+ /* Common Type Header - MS-RPCE 2.2.6.1 */
+ version = k5_input_get_byte(&in);
+ endianness = k5_input_get_byte(&in);
+ common_header_length = k5_input_get_uint16_le(&in);
+ (void)k5_input_get_uint32_le(&in); /* Filler - 0xcccccccc. */
+ if (version != 1 || endianness != 0x10 || common_header_length != 8) {
+ ret = EINVAL;
+ goto error;
+ }
+
+ /* Private Header for Constructed Type - MS-RPCE 2.2.6.2 */
+ object_buffer_length = k5_input_get_uint32_le(&in);
+ if (data->length < 16 || object_buffer_length != data->length - 16) {
+ ret = EINVAL;
+ goto error;
+ }
+
+ (void)k5_input_get_uint32_le(&in); /* Filler - 0. */
+
+ /* This code doesn't handle re-used pointers, which could come into play in
+ * the unlikely case of a delegation loop. */
+
+ /* Pointer. Microsoft always starts at 00 00 02 00 */
+ (void)k5_input_get_uint32_le(&in);
+ /* Length of proxy target - 2 */
+ (void)k5_input_get_uint16_le(&in);
+ /* Length of proxy target */
+ (void)k5_input_get_uint16_le(&in);
+ /* Another pointer - 04 00 02 00. Microsoft increments by 4 (le). */
+ (void)k5_input_get_uint32_le(&in);
+
+ /* Transited services length - header version. */
+ (void)k5_input_get_uint32_le(&in);
+
+ /* More pointer: 08 00 02 00 */
+ (void)k5_input_get_uint32_le(&in);
+
+ ret = dec_wchar_pointer(&in, &di->proxy_target);
+ if (ret)
+ goto error;
+ di->transited_services_length = k5_input_get_uint32_le(&in);
+
+ /* Here, we have encoded 2 bytes of length, 2 bytes of (length + 2), and 4
+ * bytes of pointer, for each element (deferred pointers). */
+ if (di->transited_services_length > UINT32_MAX / 8) {
+ ret = ERANGE;
+ goto error;
+ }
+ (void)k5_input_get_bytes(&in, 8 * di->transited_services_length);
+
+ /* Since we're likely to add another entry, leave a blank at the end. */
+ di->transited_services = k5calloc(di->transited_services_length + 1,
+ sizeof(char *), &ret);
+ if (di->transited_services == NULL)
+ goto error;
+
+ for (i = 0; i < di->transited_services_length; i++) {
+ ret = dec_wchar_pointer(&in, &di->transited_services[i]);
+ if (ret)
+ goto error;
+ }
+
+ ret = in.status;
+ if (ret)
+ goto error;
+
+ *out = di;
+ return 0;
+
+error:
+ ndr_free_delegation_info(di);
+ return ret;
+}
+
+/* Empirically, Microsoft starts pointers at 00 00 02 00, and if treated little
+ * endian, they increase by 4. */
+static inline void
+write_ptr(struct k5buf *buf, uint32_t *pointer)
+{
+ if (*pointer == 0)
+ *pointer = 0x00020000;
+ k5_buf_add_uint32_le(buf, *pointer);
+ *pointer += 4;
+}
+
+krb5_error_code
+ndr_enc_delegation_info(struct pac_s4u_delegation_info *in, krb5_data *out)
+{
+ krb5_error_code ret;
+ size_t i;
+ struct k5buf b;
+ struct encoded_wchars pt_encoded = { 0 }, *tss_encoded = NULL;
+ uint32_t pointer = 0;
+
+ /* Encode ahead of time since we need the lengths. */
+ ret = enc_wchar_pointer(in->proxy_target, &pt_encoded);
+ if (ret)
+ goto cleanup;
+
+ tss_encoded = k5calloc(in->transited_services_length, sizeof(*tss_encoded),
+ &ret);
+ if (tss_encoded == NULL)
+ goto cleanup;
+
+ k5_buf_init_dynamic(&b);
+
+ /* Common Type Header - MS-RPCE 2.2.6.1 */
+ k5_buf_add_len(&b, "\x01\x10\x08\x00", 4);
+ k5_buf_add_uint32_le(&b, 0xcccccccc);
+
+ /* Private Header for Constructed Type - MS-RPCE 2.2.6.2 */
+ k5_buf_add_uint32_le(&b, 0); /* Skip over where payload length goes. */
+ k5_buf_add_uint32_le(&b, 0); /* Filler - all zeroes. */
+
+ write_ptr(&b, &pointer);
+ k5_buf_add_uint16_le(&b, 2 * pt_encoded.num_wchars);
+ k5_buf_add_uint16_le(&b, 2 * (pt_encoded.num_wchars + 1));
+ write_ptr(&b, &pointer);
+
+ k5_buf_add_uint32_le(&b, in->transited_services_length);
+ write_ptr(&b, &pointer);
+
+ k5_buf_add_len(&b, pt_encoded.encoded, pt_encoded.bytes_len);
+
+ k5_buf_add_uint32_le(&b, in->transited_services_length);
+
+ /* Deferred pointers. */
+ for (i = 0; i < in->transited_services_length; i++) {
+ ret = enc_wchar_pointer(in->transited_services[i], &tss_encoded[i]);
+ if (ret)
+ goto cleanup;
+
+ k5_buf_add_uint16_le(&b, 2 * tss_encoded[i].num_wchars);
+ k5_buf_add_uint16_le(&b, 2 * (tss_encoded[i].num_wchars + 1));
+ write_ptr(&b, &pointer);
+ }
+
+ for (i = 0; i < in->transited_services_length; i++)
+ k5_buf_add_len(&b, tss_encoded[i].encoded, tss_encoded[i].bytes_len);
+
+ /* Now, pad to 8 bytes. RPC_UNICODE_STRING is aligned on 4 bytes. */
+ if (b.len % 8 != 0)
+ k5_buf_add_uint32_le(&b, 0);
+
+ /* Record the payload length where we skipped over it previously. */
+ if (b.data != NULL)
+ store_32_le(b.len - 0x10, ((uint8_t *)b.data) + 8);
+
+ ret = k5_buf_status(&b);
+ if (ret)
+ goto cleanup;
+
+ *out = make_data(b.data, b.len);
+ b.data = NULL;
+
+cleanup:
+ free(b.data);
+ free(pt_encoded.encoded);
+ for (i = 0; tss_encoded != NULL && i < in->transited_services_length; i++)
+ free(tss_encoded[i].encoded);
+ free(tss_encoded);
+ return ret;
+}
+
+void
+ndr_free_delegation_info(struct pac_s4u_delegation_info *di)
+{
+ uint32_t i;
+
+ if (di == NULL)
+ return;
+ free(di->proxy_target);
+ for (i = 0; i < di->transited_services_length; i++)
+ free(di->transited_services[i]);
+ free(di->transited_services);
+ free(di);
+}
diff --git a/src/kdc/t_ndr.c b/src/kdc/t_ndr.c
new file mode 100644
index 0000000..6f1173f
--- /dev/null
+++ b/src/kdc/t_ndr.c
@@ -0,0 +1,161 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* kdc/t_ndr.c - tests for ndr.c */
+/*
+ * Copyright (C) 2021 by Red Hat, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Unit tests for the NDR marshalling/unmarshalling in ndr.c
+ */
+
+#include "k5-int.h"
+#include "kdc_util.h"
+
+/*
+ * Three S4U_DELEGATION_INFO buffers decoded from communication with AD 2019:
+ *
+ * - svc1/adserver.ad.test at AD.TEST to svc2/adserver.ad.test at AD.TEST
+ * - svc1/adserver.ad.test at AD.TEST to longsvc/adserver.ad.test at AD.TEST
+ * - svc1/adserver.ad.test at AD.TEST to svc2/adserver.ad.test at AD.TEST then
+ * to longsvc/adserver.ad.test at AD.TEST
+ */
+static uint8_t s4u_di_short[] = {
+ 0x01, 0x10, 0x08, 0x00, 0xcc, 0xcc, 0xcc, 0xcc, 0xa0, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x2a, 0x00, 0x2c, 0x00,
+ 0x04, 0x00, 0x02, 0x00, 0x01, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00,
+ 0x16, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x15, 0x00, 0x00, 0x00,
+ 0x73, 0x00, 0x76, 0x00, 0x63, 0x00, 0x32, 0x00, 0x2f, 0x00, 0x61, 0x00,
+ 0x64, 0x00, 0x73, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00,
+ 0x72, 0x00, 0x2e, 0x00, 0x61, 0x00, 0x64, 0x00, 0x2e, 0x00, 0x74, 0x00,
+ 0x65, 0x00, 0x73, 0x00, 0x74, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
+ 0x3a, 0x00, 0x3c, 0x00, 0x0c, 0x00, 0x02, 0x00, 0x1e, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x1d, 0x00, 0x00, 0x00, 0x73, 0x00, 0x76, 0x00,
+ 0x63, 0x00, 0x31, 0x00, 0x2f, 0x00, 0x61, 0x00, 0x64, 0x00, 0x73, 0x00,
+ 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x2e, 0x00,
+ 0x61, 0x00, 0x64, 0x00, 0x2e, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00,
+ 0x74, 0x00, 0x40, 0x00, 0x41, 0x00, 0x44, 0x00, 0x2e, 0x00, 0x54, 0x00,
+ 0x45, 0x00, 0x53, 0x00, 0x54, 0x00, 0x00, 0x00,
+};
+
+static uint8_t s4u_di_long[] = {
+ 0x01, 0x10, 0x08, 0x00, 0xcc, 0xcc, 0xcc, 0xcc, 0xa8, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x30, 0x00, 0x32, 0x00,
+ 0x04, 0x00, 0x02, 0x00, 0x01, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00,
+ 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x00, 0x00,
+ 0x6c, 0x00, 0x6f, 0x00, 0x6e, 0x00, 0x67, 0x00, 0x73, 0x00, 0x76, 0x00,
+ 0x63, 0x00, 0x2f, 0x00, 0x61, 0x00, 0x64, 0x00, 0x73, 0x00, 0x65, 0x00,
+ 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x2e, 0x00, 0x61, 0x00,
+ 0x64, 0x00, 0x2e, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00, 0x74, 0x00,
+ 0x01, 0x00, 0x00, 0x00, 0x3a, 0x00, 0x3c, 0x00, 0x0c, 0x00, 0x02, 0x00,
+ 0x1e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1d, 0x00, 0x00, 0x00,
+ 0x73, 0x00, 0x76, 0x00, 0x63, 0x00, 0x31, 0x00, 0x2f, 0x00, 0x61, 0x00,
+ 0x64, 0x00, 0x73, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00,
+ 0x72, 0x00, 0x2e, 0x00, 0x61, 0x00, 0x64, 0x00, 0x2e, 0x00, 0x74, 0x00,
+ 0x65, 0x00, 0x73, 0x00, 0x74, 0x00, 0x40, 0x00, 0x41, 0x00, 0x44, 0x00,
+ 0x2e, 0x00, 0x54, 0x00, 0x45, 0x00, 0x53, 0x00, 0x54, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+};
+
+static uint8_t s4u_di_double[] = {
+ 0x01, 0x10, 0x08, 0x00, 0xcc, 0xcc, 0xcc, 0xcc, 0xf8, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x30, 0x00, 0x32, 0x00,
+ 0x04, 0x00, 0x02, 0x00, 0x02, 0x00, 0x00, 0x00, 0x08, 0x00, 0x02, 0x00,
+ 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x00, 0x00,
+ 0x6c, 0x00, 0x6f, 0x00, 0x6e, 0x00, 0x67, 0x00, 0x73, 0x00, 0x76, 0x00,
+ 0x63, 0x00, 0x2f, 0x00, 0x61, 0x00, 0x64, 0x00, 0x73, 0x00, 0x65, 0x00,
+ 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x2e, 0x00, 0x61, 0x00,
+ 0x64, 0x00, 0x2e, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00, 0x74, 0x00,
+ 0x02, 0x00, 0x00, 0x00, 0x3a, 0x00, 0x3c, 0x00, 0x0c, 0x00, 0x02, 0x00,
+ 0x3a, 0x00, 0x3c, 0x00, 0x10, 0x00, 0x02, 0x00, 0x1e, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x1d, 0x00, 0x00, 0x00, 0x73, 0x00, 0x76, 0x00,
+ 0x63, 0x00, 0x31, 0x00, 0x2f, 0x00, 0x61, 0x00, 0x64, 0x00, 0x73, 0x00,
+ 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x2e, 0x00,
+ 0x61, 0x00, 0x64, 0x00, 0x2e, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00,
+ 0x74, 0x00, 0x40, 0x00, 0x41, 0x00, 0x44, 0x00, 0x2e, 0x00, 0x54, 0x00,
+ 0x45, 0x00, 0x53, 0x00, 0x54, 0x00, 0x00, 0x00, 0x1e, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x1d, 0x00, 0x00, 0x00, 0x73, 0x00, 0x76, 0x00,
+ 0x63, 0x00, 0x32, 0x00, 0x2f, 0x00, 0x61, 0x00, 0x64, 0x00, 0x73, 0x00,
+ 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x2e, 0x00,
+ 0x61, 0x00, 0x64, 0x00, 0x2e, 0x00, 0x74, 0x00, 0x65, 0x00, 0x73, 0x00,
+ 0x74, 0x00, 0x40, 0x00, 0x41, 0x00, 0x44, 0x00, 0x2e, 0x00, 0x54, 0x00,
+ 0x45, 0x00, 0x53, 0x00, 0x54, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
+static void
+test_dec_enc(uint8_t *blob, size_t len, char *name)
+{
+ krb5_data data_in, data_out;
+ struct pac_s4u_delegation_info *di = NULL;
+ krb5_error_code ret;
+ int eq;
+ size_t i;
+
+ printf("Checking blob %s...\n", name);
+
+ data_in = make_data(blob, len);
+ ret = ndr_dec_delegation_info(&data_in, &di);
+ if (ret) {
+ printf("%s: bad decode (%d): %s\n", name, ret, strerror(ret));
+ exit(1);
+ }
+
+ printf("%s, %d\n", di->proxy_target, di->transited_services_length);
+ for (i = 0; i < di->transited_services_length; i++)
+ printf(" %s\n", di->transited_services[i]);
+
+ ret = ndr_enc_delegation_info(di, &data_out);
+ ndr_free_delegation_info(di);
+ if (ret) {
+ printf("%s: bad encode (%d): %s\n", name, ret, strerror(ret));
+ exit(1);
+ }
+
+ eq = data_eq(data_in, data_out);
+ krb5_free_data_contents(NULL, &data_out);
+ if (!eq) {
+ printf("%s: re-encoding did not produce the same result\n", name);
+ exit(1);
+ }
+
+ printf("%s matched\n\n", name);
+}
+
+#define RUN_TEST(blob) test_dec_enc(blob, sizeof(blob), #blob)
+
+int
+main()
+{
+ printf("Running NDR tests...\n");
+
+ RUN_TEST(s4u_di_short);
+ RUN_TEST(s4u_di_long);
+ RUN_TEST(s4u_di_double);
+
+ printf("Passed NDR tests\n");
+}
More information about the cvs-krb5
mailing list