Distribute extra files
[mech_eap.git] / mech_eap / unwrap_iov.c
index 6291172..39f7f1c 100644 (file)
@@ -233,7 +233,9 @@ unwrapToken(OM_uint32 *minor,
             }
         }
 
-        code = sequenceCheck(minor, &ctx->seqState, seqnum);
+        major = sequenceCheck(&code, &ctx->seqState, seqnum);
+        if (GSS_ERROR(major))
+            goto cleanup;
     } else if (toktype == TOK_TYPE_MIC) {
         if (load_uint16_be(ptr) != toktype)
             goto defective;
@@ -243,14 +245,23 @@ unwrapToken(OM_uint32 *minor,
             goto defective;
         seqnum = load_uint64_be(ptr + 8);
 
-        code = gssEapVerify(krbContext, ctx->checksumType, 0,
+        /*
+         * Although MIC tokens don't have a RRC, they are similarly
+         * composed of a header and a checksum. So the verify_mic()
+         * can be implemented with a single header buffer, fake the
+         * RRC to the putative trailer length if no trailer buffer.
+         */
+        code = gssEapVerify(krbContext, ctx->checksumType,
+                            trailer != NULL ? 0 : header->buffer.length - 16,
                             KRB_CRYPTO_CONTEXT(ctx), keyUsage,
                             iov, iov_count, &valid);
         if (code != 0 || valid == FALSE) {
             major = GSS_S_BAD_SIG;
             goto cleanup;
         }
-        code = sequenceCheck(minor, &ctx->seqState, seqnum);
+        major = sequenceCheck(&code, &ctx->seqState, seqnum);
+        if (GSS_ERROR(major))
+            goto cleanup;
     } else if (toktype == TOK_TYPE_DELETE_CONTEXT) {
         if (load_uint16_be(ptr) != TOK_TYPE_DELETE_CONTEXT)
             goto defective;