projects / mech_eap.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fixes for Heimdal (macOS) builds from Stefan.
[mech_eap.git] / mech_eap / unwrap_iov.c
diff --git a/mech_eap/unwrap_iov.c b/mech_eap/unwrap_iov.c
index 19bafc6..ba22079 100644 (file)
--- a/mech_eap/unwrap_iov.c
+++ b/mech_eap/unwrap_iov.c
@@ -102,8 +102,8 @@ unwrapToken(OM_uint32 *minor,
     if (qop_state != NULL)
         *qop_state = GSS_C_QOP_DEFAULT;
 
-    header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
-    assert(header != NULL);
+    header = gssEapLocateHeaderIov(iov, iov_count, toktype);
+    GSSEAP_ASSERT(header != NULL);
 
     padding = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
     if (padding != NULL && padding->buffer.length != 0) {
@@ -226,14 +226,16 @@ unwrapToken(OM_uint32 *minor,
 
             code = gssEapVerify(krbContext, ctx->checksumType, rrc,
                                 KRB_CRYPTO_CONTEXT(ctx), keyUsage,
-                                iov, iov_count, &valid);
+                                iov, iov_count, toktype, &valid);
             if (code != 0 || valid == FALSE) {
                 major = GSS_S_BAD_SIG;
                 goto cleanup;
             }
         }
 
-        code = sequenceCheck(minor, &ctx->seqState, seqnum);
+        major = sequenceCheck(&code, &ctx->seqState, seqnum);
+        if (GSS_ERROR(major))
+            goto cleanup;
     } else if (toktype == TOK_TYPE_MIC) {
         if (load_uint16_be(ptr) != toktype)
             goto defective;
@@ -243,14 +245,19 @@ unwrapToken(OM_uint32 *minor,
             goto defective;
         seqnum = load_uint64_be(ptr + 8);
 
-        code = gssEapVerify(krbContext, ctx->checksumType, 0,
+        /* For MIC tokens, the GSS header and checksum are in the same buffer.
+         * Fake up an RRC so that the checksum is expected in the header. */
+        rrc = (trailer != NULL) ? 0 : header->buffer.length - 16;
+        code = gssEapVerify(krbContext, ctx->checksumType, rrc,
                             KRB_CRYPTO_CONTEXT(ctx), keyUsage,
-                            iov, iov_count, &valid);
+                            iov, iov_count, toktype, &valid);
         if (code != 0 || valid == FALSE) {
             major = GSS_S_BAD_SIG;
             goto cleanup;
         }
-        code = sequenceCheck(minor, &ctx->seqState, seqnum);
+        major = sequenceCheck(&code, &ctx->seqState, seqnum);
+        if (GSS_ERROR(major))
+            goto cleanup;
     } else if (toktype == TOK_TYPE_DELETE_CONTEXT) {
         if (load_uint16_be(ptr) != TOK_TYPE_DELETE_CONTEXT)
             goto defective;
@@ -319,7 +326,7 @@ unwrapStream(OM_uint32 *minor,
     unsigned char *ptr;
     OM_uint32 code = 0, major = GSS_S_FAILURE;
     krb5_context krbContext;
-    int conf_req_flag, toktype2;
+    int conf_req_flag;
     int i = 0, j;
     gss_iov_buffer_desc *tiov = NULL;
     gss_iov_buffer_t stream, data = NULL;
@@ -330,7 +337,7 @@ unwrapStream(OM_uint32 *minor,
 
     GSSEAP_KRB_INIT(&krbContext);
 
-    assert(toktype == TOK_TYPE_WRAP);
+    GSSEAP_ASSERT(toktype == TOK_TYPE_WRAP);
 
     if (toktype != TOK_TYPE_WRAP) {
         code = GSSEAP_WRONG_TOK_ID;
@@ -338,7 +345,7 @@ unwrapStream(OM_uint32 *minor,
     }
 
     stream = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_STREAM);
-    assert(stream != NULL);
+    GSSEAP_ASSERT(stream != NULL);
 
     if (stream->buffer.length < 16) {
         major = GSS_S_DEFECTIVE_TOKEN;
@@ -346,8 +353,7 @@ unwrapStream(OM_uint32 *minor,
     }
 
     ptr = (unsigned char *)stream->buffer.value;
-    toktype2 = load_uint16_be(ptr);
-    ptr += 2;
+    ptr += 2; /* skip token type */
 
     tiov = (gss_iov_buffer_desc *)GSSEAP_CALLOC((size_t)iov_count + 2,
                                                 sizeof(gss_iov_buffer_desc));
@@ -459,7 +465,7 @@ unwrapStream(OM_uint32 *minor,
     tdata->buffer.length = stream->buffer.length - ttrailer->buffer.length -
         tpadding->buffer.length - theader->buffer.length;
 
-    assert(data != NULL);
+    GSSEAP_ASSERT(data != NULL);
 
     if (data->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
         code = gssEapAllocIov(tdata, tdata->buffer.length);
@@ -474,7 +480,7 @@ unwrapStream(OM_uint32 *minor,
                               theader->buffer.length;
     }
 
-    assert(i <= iov_count + 2);
+    GSSEAP_ASSERT(i <= iov_count + 2);
 
     major = unwrapToken(&code, ctx, KRB_CRYPTO_CONTEXT(ctx),
                         conf_state, qop_state, tiov, i, toktype);
@@ -529,7 +535,7 @@ gssEapUnwrapOrVerifyMIC(OM_uint32 *minor,
     return major;
 }
 
-OM_uint32
+OM_uint32 GSSAPI_CALLCONV
 gss_unwrap_iov(OM_uint32 *minor,
                gss_ctx_id_t ctx,
                int *conf_state,
Moonshot GSS-API mechanism