der_length_size(size_t length)
{
if (length < (1<<7))
- return(1);
+ return 1;
else if (length < (1<<8))
- return(2);
+ return 2;
#if INT_MAX == 0x7fff
else
- return(3);
+ return 3;
#else
else if (length < (1<<16))
- return(3);
+ return 3;
else if (length < (1<<24))
- return(4);
+ return 4;
else
- return(5);
+ return 5;
#endif
}
(*bufsize)--;
if (sf & 0x80) {
if ((sf &= 0x7f) > ((*bufsize)-1))
- return(-1);
+ return -1;
if (sf > sizeof(int))
- return (-1);
+ return -1;
ret = 0;
for (; sf; sf--) {
ret = (ret<<8) + (*(*buf)++);
{
/* set body_size to sequence contents size */
body_size += 4 + (size_t) mech->length; /* NEED overflow check */
- return (1 + der_length_size(body_size) + body_size);
+ return 1 + der_length_size(body_size) + body_size;
}
/* fills in a buffer with the token header. The buffer is assumed to
*/
int
-verifyTokenHeader(
- const gss_OID_desc * mech,
- size_t *body_size,
- unsigned char **buf_in,
- size_t toksize_in,
- enum gss_eap_token_type tok_type)
+verifyTokenHeader(gss_OID mech,
+ size_t *body_size,
+ unsigned char **buf_in,
+ size_t toksize_in,
+ enum gss_eap_token_type tok_type)
{
unsigned char *buf = *buf_in;
ssize_t seqsize;
toid.elements = buf;
buf += toid.length;
- if (!oidEqual(&toid, mech))
+ if (mech->elements == NULL) {
+ *mech = toid;
+ if (toid.length == 0)
+ return EINVAL;
+ } else if (!oidEqual(&toid, mech)) {
return EINVAL;
+ }
if (tok_type != TOK_TYPE_NONE) {
if (toksize -= 2 < 0)
return EINVAL;
- if ((*buf++ != ((tok_type>>8) & 0xff)) ||
+ if ((*buf++ != ((tok_type >> 8) & 0xff)) ||
(*buf++ != (tok_type & 0xff)))
return EINVAL;
}