X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mech_eap.git;a=blobdiff_plain;f=mech_eap%2Fpseudo_random.c;h=b434282b1d9a1d967dc0d938c3b1ead6bccabe34;hp=4bbf542789c87f6636ca4f9b5d6ee332aedbefe5;hb=HEAD;hpb=5d2cc0917c19bdb6196f060cac3af9f175b295c8

diff --git a/mech_eap/pseudo_random.c b/mech_eap/pseudo_random.c
index 4bbf542..b434282 100644
--- a/mech_eap/pseudo_random.c
+++ b/mech_eap/pseudo_random.c
@@ -60,12 +60,11 @@
 #include "gssapiP_eap.h"
 
 OM_uint32
-gss_pseudo_random(OM_uint32 *minor,
-                  gss_ctx_id_t ctx,
-                  int prf_key,
-                  const gss_buffer_t prf_in,
-                  ssize_t desired_output_len,
-                  gss_buffer_t prf_out)
+gssEapPseudoRandom(OM_uint32 *minor,
+                   gss_const_ctx_id_t ctx,
+                   int prf_key,
+                   const gss_buffer_t prf_in,
+                   gss_buffer_t prf_out)
 {
     krb5_error_code code;
     int i;
@@ -74,32 +73,17 @@ gss_pseudo_random(OM_uint32 *minor,
     krb5_data t, ns;
     unsigned char *p;
     krb5_context krbContext;
-
-    prf_out->length = 0;
-    prf_out->value = NULL;
-
-    if (ctx == GSS_C_NO_CONTEXT) {
-        *minor = EINVAL;
-        return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT;
-    }
+    ssize_t desired_output_len = prf_out->length;
+#ifdef HAVE_HEIMDAL_VERSION
+    krb5_crypto krbCrypto = NULL;
+#endif
 
     *minor = 0;
 
-    GSSEAP_MUTEX_LOCK(&ctx->mutex);
-
-    if (!CTX_IS_ESTABLISHED(ctx)) {
-        GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
-        *minor = GSSEAP_CONTEXT_INCOMPLETE;
-        return GSS_S_NO_CONTEXT;
-    }
-
     GSSEAP_KRB_INIT(&krbContext);
 
-    t.length = 0;
-    t.data = NULL;
-
-    ns.length = 0;
-    ns.data = NULL;
+    KRB_DATA_INIT(&t);
+    KRB_DATA_INIT(&ns);
 
     if (prf_key != GSS_C_PRF_KEY_PARTIAL &&
         prf_key != GSS_C_PRF_KEY_FULL) {
@@ -107,16 +91,11 @@ gss_pseudo_random(OM_uint32 *minor,
         goto cleanup;
     }
 
-    prf_out->value = GSSEAP_MALLOC(desired_output_len);
-    if (prf_out->value == NULL) {
-        code = ENOMEM;
-        goto cleanup;
-    }
-    prf_out->length = desired_output_len;
-
-    code = krb5_c_prf_length(krbContext,
-                             ctx->encryptionType,
-                             &prflen);
+#ifdef HAVE_HEIMDAL_VERSION
+    code = krb5_crypto_prf_length(krbContext, ctx->encryptionType, &prflen);
+#else
+    code = krb5_c_prf_length(krbContext, ctx->encryptionType, &prflen);
+#endif
     if (code != 0)
         goto cleanup;
 
@@ -127,20 +106,30 @@ gss_pseudo_random(OM_uint32 *minor,
         goto cleanup;
     }
 
+#ifdef HAVE_HEIMDAL_VERSION
+    code = krb5_crypto_init(krbContext, &ctx->rfc3961Key, 0, &krbCrypto);
+    if (code != 0)
+        goto cleanup;
+#else
     t.length = prflen;
     t.data = GSSEAP_MALLOC(t.length);
     if (t.data == NULL) {
         code = ENOMEM;
         goto cleanup;
     }
+#endif
 
-    memcpy(ns.data + 4, prf_in->value, prf_in->length);
+    memcpy((unsigned char *)ns.data + 4, prf_in->value, prf_in->length);
     i = 0;
     p = (unsigned char *)prf_out->value;
     while (desired_output_len > 0) {
         store_uint32_be(i, ns.data);
 
+#ifdef HAVE_HEIMDAL_VERSION
+        code = krb5_crypto_prf(krbContext, krbCrypto, &ns, &t);
+#else
         code = krb5_c_prf(krbContext, &ctx->rfc3961Key, &ns, &t);
+#endif
         if (code != 0)
             goto cleanup;
 
@@ -152,14 +141,69 @@ gss_pseudo_random(OM_uint32 *minor,
     }
 
 cleanup:
-    GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
-
     if (code != 0)
         gss_release_buffer(&tmpMinor, prf_out);
-    krb5_free_data_contents(krbContext, &ns);
-    krb5_free_data_contents(krbContext, &t);
+    if (ns.data != NULL) {
+        memset(ns.data, 0, ns.length);
+        GSSEAP_FREE(ns.data);
+    }
+#ifdef HAVE_HEIMDAL_VERSION
+    krb5_crypto_destroy(krbContext, krbCrypto);
+    krb5_data_free(&t);
+#else
+    if (t.data != NULL) {
+        memset(t.data, 0, t.length);
+        GSSEAP_FREE(t.data);
+    }
+#endif
 
     *minor = code;
 
     return (code == 0) ? GSS_S_COMPLETE : GSS_S_FAILURE;
 }
+
+OM_uint32 GSSAPI_CALLCONV
+gss_pseudo_random(OM_uint32 *minor,
+                  gss_ctx_id_t ctx,
+                  int prf_key,
+                  const gss_buffer_t prf_in,
+                  ssize_t desired_output_len,
+                  gss_buffer_t prf_out)
+{
+    OM_uint32 major;
+
+    if (ctx == GSS_C_NO_CONTEXT) {
+        *minor = EINVAL;
+        return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT;
+    }
+
+    prf_out->length = 0;
+    prf_out->value = NULL;
+
+    *minor = 0;
+
+    GSSEAP_MUTEX_LOCK(&ctx->mutex);
+
+    if (!CTX_IS_ESTABLISHED(ctx)) {
+        major = GSS_S_NO_CONTEXT;
+        *minor = GSSEAP_CONTEXT_INCOMPLETE;
+        goto cleanup;
+    }
+
+    prf_out->value = GSSEAP_MALLOC(desired_output_len);
+    if (prf_out->value == NULL) {
+        major = GSS_S_FAILURE;
+        *minor = ENOMEM;
+        goto cleanup;
+    }
+
+    prf_out->length = desired_output_len;
+
+    major = gssEapPseudoRandom(minor, ctx, prf_key,
+                               prf_in, prf_out);
+
+cleanup:
+    GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
+
+    return major;
+}