Resolve conflicts after import of Heimdal Kerberos circa 2002/08/29.
This commit is contained in:
Jacques Vidrine
parent
714b4175a0
commit
7b173f654d
@ -32,7 +32,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include "krb5_locl.h"
|
#include "krb5_locl.h"
|
||||||
RCSID("$Id: crypto.c,v 1.60 2002/01/06 23:12:51 assar Exp $");
|
RCSID("$Id: crypto.c,v 1.64 2002/04/29 16:31:54 joda Exp $");
|
||||||
/* RCSID("$FreeBSD$"); */
|
/* RCSID("$FreeBSD$"); */
|
||||||
|
|
||||||
#undef CRYPTO_DEBUG
|
#undef CRYPTO_DEBUG
|
||||||
@ -140,7 +140,7 @@ static struct key_data *_new_derived_key(krb5_crypto crypto, unsigned usage);
|
|||||||
************************************************************/
|
************************************************************/
|
||||||
|
|
||||||
static void
|
static void
|
||||||
DES_random_key(krb5_context context,
|
krb5_DES_random_key(krb5_context context,
|
||||||
krb5_keyblock *key)
|
krb5_keyblock *key)
|
||||||
{
|
{
|
||||||
des_cblock *k = key->keyvalue.data;
|
des_cblock *k = key->keyvalue.data;
|
||||||
@ -151,7 +151,7 @@ DES_random_key(krb5_context context,
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
DES_schedule(krb5_context context,
|
krb5_DES_schedule(krb5_context context,
|
||||||
struct key_data *key)
|
struct key_data *key)
|
||||||
{
|
{
|
||||||
des_set_key(key->key->keyvalue.data, key->schedule->data);
|
des_set_key(key->key->keyvalue.data, key->schedule->data);
|
||||||
@ -189,7 +189,7 @@ DES_string_to_key_int(unsigned char *data, size_t length, des_cblock *key)
|
|||||||
}
|
}
|
||||||
|
|
||||||
static krb5_error_code
|
static krb5_error_code
|
||||||
DES_string_to_key(krb5_context context,
|
krb5_DES_string_to_key(krb5_context context,
|
||||||
krb5_enctype enctype,
|
krb5_enctype enctype,
|
||||||
krb5_data password,
|
krb5_data password,
|
||||||
krb5_salt salt,
|
krb5_salt salt,
|
||||||
@ -226,7 +226,7 @@ DES_string_to_key(krb5_context context,
|
|||||||
* Short passwords, i.e 8 characters or less.
|
* Short passwords, i.e 8 characters or less.
|
||||||
*/
|
*/
|
||||||
static void
|
static void
|
||||||
DES_AFS3_CMU_string_to_key (krb5_data pw,
|
krb5_DES_AFS3_CMU_string_to_key (krb5_data pw,
|
||||||
krb5_data cell,
|
krb5_data cell,
|
||||||
des_cblock *key)
|
des_cblock *key)
|
||||||
{
|
{
|
||||||
@ -255,7 +255,7 @@ DES_AFS3_CMU_string_to_key (krb5_data pw,
|
|||||||
* Long passwords, i.e 9 characters or more.
|
* Long passwords, i.e 9 characters or more.
|
||||||
*/
|
*/
|
||||||
static void
|
static void
|
||||||
DES_AFS3_Transarc_string_to_key (krb5_data pw,
|
krb5_DES_AFS3_Transarc_string_to_key (krb5_data pw,
|
||||||
krb5_data cell,
|
krb5_data cell,
|
||||||
des_cblock *key)
|
des_cblock *key)
|
||||||
{
|
{
|
||||||
@ -302,9 +302,9 @@ DES_AFS3_string_to_key(krb5_context context,
|
|||||||
{
|
{
|
||||||
des_cblock tmp;
|
des_cblock tmp;
|
||||||
if(password.length > 8)
|
if(password.length > 8)
|
||||||
DES_AFS3_Transarc_string_to_key(password, salt.saltvalue, &tmp);
|
krb5_DES_AFS3_Transarc_string_to_key(password, salt.saltvalue, &tmp);
|
||||||
else
|
else
|
||||||
DES_AFS3_CMU_string_to_key(password, salt.saltvalue, &tmp);
|
krb5_DES_AFS3_CMU_string_to_key(password, salt.saltvalue, &tmp);
|
||||||
key->keytype = enctype;
|
key->keytype = enctype;
|
||||||
krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp));
|
krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp));
|
||||||
memset(&key, 0, sizeof(key));
|
memset(&key, 0, sizeof(key));
|
||||||
@ -386,7 +386,7 @@ DES3_string_to_key(krb5_context context,
|
|||||||
memcpy(keys + i, tmp + i * 8, sizeof(keys[i]));
|
memcpy(keys + i, tmp + i * 8, sizeof(keys[i]));
|
||||||
des_set_odd_parity(keys + i);
|
des_set_odd_parity(keys + i);
|
||||||
if(des_is_weak_key(keys + i))
|
if(des_is_weak_key(keys + i))
|
||||||
xor(keys + i, (unsigned char*)"\0\0\0\0\0\0\0\xf0");
|
xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
|
||||||
des_set_key(keys + i, s[i]);
|
des_set_key(keys + i, s[i]);
|
||||||
}
|
}
|
||||||
memset(&ivec, 0, sizeof(ivec));
|
memset(&ivec, 0, sizeof(ivec));
|
||||||
@ -399,7 +399,7 @@ DES3_string_to_key(krb5_context context,
|
|||||||
memcpy(keys + i, tmp + i * 8, sizeof(keys[i]));
|
memcpy(keys + i, tmp + i * 8, sizeof(keys[i]));
|
||||||
des_set_odd_parity(keys + i);
|
des_set_odd_parity(keys + i);
|
||||||
if(des_is_weak_key(keys + i))
|
if(des_is_weak_key(keys + i))
|
||||||
xor(keys + i, (unsigned char*)"\0\0\0\0\0\0\0\xf0");
|
xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
|
||||||
}
|
}
|
||||||
memset(tmp, 0, sizeof(tmp));
|
memset(tmp, 0, sizeof(tmp));
|
||||||
}
|
}
|
||||||
@ -509,8 +509,8 @@ struct key_type keytype_des = {
|
|||||||
56,
|
56,
|
||||||
sizeof(des_cblock),
|
sizeof(des_cblock),
|
||||||
sizeof(des_key_schedule),
|
sizeof(des_key_schedule),
|
||||||
DES_random_key,
|
krb5_DES_random_key,
|
||||||
DES_schedule,
|
krb5_DES_schedule,
|
||||||
des_salt
|
des_salt
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -572,7 +572,7 @@ struct salt_type des_salt[] = {
|
|||||||
{
|
{
|
||||||
KRB5_PW_SALT,
|
KRB5_PW_SALT,
|
||||||
"pw-salt",
|
"pw-salt",
|
||||||
DES_string_to_key
|
krb5_DES_string_to_key
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
KRB5_AFS3_SALT,
|
KRB5_AFS3_SALT,
|
||||||
@ -1868,29 +1868,35 @@ ARCFOUR_subdecrypt(krb5_context context,
|
|||||||
* draft-brezak-win2k-krb-rc4-hmac-03.txt
|
* draft-brezak-win2k-krb-rc4-hmac-03.txt
|
||||||
*/
|
*/
|
||||||
|
|
||||||
static int
|
static krb5_error_code
|
||||||
usage2arcfour (int usage)
|
usage2arcfour (krb5_context context, int *usage)
|
||||||
{
|
{
|
||||||
switch (usage) {
|
switch (*usage) {
|
||||||
case KRB5_KU_PA_ENC_TIMESTAMP :
|
case KRB5_KU_PA_ENC_TIMESTAMP :
|
||||||
return 1;
|
*usage = 1;
|
||||||
|
return 0;
|
||||||
case KRB5_KU_TICKET :
|
case KRB5_KU_TICKET :
|
||||||
return 8;
|
*usage = 8;
|
||||||
case KRB5_KU_AS_REP_ENC_PART :
|
case KRB5_KU_AS_REP_ENC_PART :
|
||||||
return 8;
|
*usage = 8;
|
||||||
|
return 0;
|
||||||
case KRB5_KU_TGS_REQ_AUTH_DAT_SESSION :
|
case KRB5_KU_TGS_REQ_AUTH_DAT_SESSION :
|
||||||
case KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY :
|
case KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY :
|
||||||
case KRB5_KU_TGS_REQ_AUTH_CKSUM :
|
case KRB5_KU_TGS_REQ_AUTH_CKSUM :
|
||||||
case KRB5_KU_TGS_REQ_AUTH :
|
case KRB5_KU_TGS_REQ_AUTH :
|
||||||
return 7;
|
*usage = 7;
|
||||||
|
return 0;
|
||||||
case KRB5_KU_TGS_REP_ENC_PART_SESSION :
|
case KRB5_KU_TGS_REP_ENC_PART_SESSION :
|
||||||
case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY :
|
case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY :
|
||||||
return 8;
|
*usage = 8;
|
||||||
|
return 0;
|
||||||
case KRB5_KU_AP_REQ_AUTH_CKSUM :
|
case KRB5_KU_AP_REQ_AUTH_CKSUM :
|
||||||
case KRB5_KU_AP_REQ_AUTH :
|
case KRB5_KU_AP_REQ_AUTH :
|
||||||
case KRB5_KU_AP_REQ_ENC_PART :
|
case KRB5_KU_AP_REQ_ENC_PART :
|
||||||
return 11;
|
*usage = 11;
|
||||||
|
return 0;
|
||||||
case KRB5_KU_KRB_PRIV :
|
case KRB5_KU_KRB_PRIV :
|
||||||
|
*usage = 0;
|
||||||
return 0;
|
return 0;
|
||||||
case KRB5_KU_KRB_CRED :
|
case KRB5_KU_KRB_CRED :
|
||||||
case KRB5_KU_KRB_SAFE_CKSUM :
|
case KRB5_KU_KRB_SAFE_CKSUM :
|
||||||
@ -1904,7 +1910,8 @@ usage2arcfour (int usage)
|
|||||||
case KRB5_KU_USAGE_SIGN :
|
case KRB5_KU_USAGE_SIGN :
|
||||||
case KRB5_KU_USAGE_SEQ :
|
case KRB5_KU_USAGE_SEQ :
|
||||||
default :
|
default :
|
||||||
abort ();
|
krb5_set_error_string(context, "unknown arcfour usage type %d", *usage);
|
||||||
|
return KRB5_PROG_ETYPE_NOSUPP;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1917,7 +1924,9 @@ ARCFOUR_encrypt(krb5_context context,
|
|||||||
int usage,
|
int usage,
|
||||||
void *ivec)
|
void *ivec)
|
||||||
{
|
{
|
||||||
usage = usage2arcfour (usage);
|
krb5_error_code ret;
|
||||||
|
if((ret = usage2arcfour (context, &usage)) != 0)
|
||||||
|
return ret;
|
||||||
|
|
||||||
if (encrypt)
|
if (encrypt)
|
||||||
return ARCFOUR_subencrypt (context, key, data, len, usage, ivec);
|
return ARCFOUR_subencrypt (context, key, data, len, usage, ivec);
|
||||||
@ -3002,6 +3011,11 @@ krb5_crypto_init(krb5_context context,
|
|||||||
etype);
|
etype);
|
||||||
return KRB5_PROG_ETYPE_NOSUPP;
|
return KRB5_PROG_ETYPE_NOSUPP;
|
||||||
}
|
}
|
||||||
|
if((*crypto)->et->keytype->size != key->keyvalue.length) {
|
||||||
|
free(*crypto);
|
||||||
|
krb5_set_error_string (context, "encryption key has bad length");
|
||||||
|
return KRB5_BAD_KEYSIZE;
|
||||||
|
}
|
||||||
ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key);
|
ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key);
|
||||||
if(ret) {
|
if(ret) {
|
||||||
free(*crypto);
|
free(*crypto);
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
|
* Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
|
||||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@ -31,7 +31,7 @@
|
|||||||
* SUCH DAMAGE.
|
* SUCH DAMAGE.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* $Id: krb5_locl.h,v 1.67 2001/08/22 20:30:30 assar Exp $ */
|
/* $Id: krb5_locl.h,v 1.69 2002/08/12 15:09:19 joda Exp $ */
|
||||||
/* $FreeBSD$ */
|
/* $FreeBSD$ */
|
||||||
|
|
||||||
#ifndef __KRB5_LOCL_H__
|
#ifndef __KRB5_LOCL_H__
|
||||||
@ -106,6 +106,9 @@ struct sockaddr_dl;
|
|||||||
#ifdef HAVE_SYS_FILIO_H
|
#ifdef HAVE_SYS_FILIO_H
|
||||||
#include <sys/filio.h>
|
#include <sys/filio.h>
|
||||||
#endif
|
#endif
|
||||||
|
#ifdef HAVE_SYS_FILE_H
|
||||||
|
#include <sys/file.h>
|
||||||
|
#endif
|
||||||
#include <roken.h>
|
#include <roken.h>
|
||||||
#include <parse_time.h>
|
#include <parse_time.h>
|
||||||
#include <base64.h>
|
#include <base64.h>
|
||||||
@ -136,8 +139,8 @@ struct sockaddr_dl;
|
|||||||
#define ALLOC_SEQ(X, N) do { (X)->len = (N); ALLOC((X)->val, (N)); } while(0)
|
#define ALLOC_SEQ(X, N) do { (X)->len = (N); ALLOC((X)->val, (N)); } while(0)
|
||||||
|
|
||||||
/* should this be public? */
|
/* should this be public? */
|
||||||
#define KEYTAB_DEFAULT "ANY:FILE:/etc/krb5.keytab,krb4:/etc/srvtab"
|
#define KEYTAB_DEFAULT "ANY:FILE:" SYSCONFDIR "/krb5.keytab,krb4:" SYSCONFDIR "/srvtab"
|
||||||
#define KEYTAB_DEFAULT_MODIFY "FILE:/etc/krb5.keytab"
|
#define KEYTAB_DEFAULT_MODIFY "FILE:" SYSCONFDIR "/krb5.keytab"
|
||||||
|
|
||||||
#ifndef O_BINARY
|
#ifndef O_BINARY
|
||||||
#define O_BINARY 0
|
#define O_BINARY 0
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user