Also fixes a segfault when mc->basic_hash.value is NULL
Signed-off-by: Simo Sorce <simo@redhat.com>
+ { ATF_NOFLAGS, 0, offsetof(struct GSSSessionData, basichash),
+ (ASN_TAG_CLASS_CONTEXT | (5 << 2)),
+ +1, /* EXPLICIT tag at current level */
+ &asn_DEF_OCTET_STRING,
+ 0, /* Defer constraints checking to the member type */
+ 0, /* PER is not compiled, use -gen-PER */
+ 0,
+ "basichash"
+ },
};
static ber_tlv_tag_t asn_DEF_GSSSessionData_tags_1[] = {
(ASN_TAG_CLASS_UNIVERSAL | (16 << 2))
};
static ber_tlv_tag_t asn_DEF_GSSSessionData_tags_1[] = {
(ASN_TAG_CLASS_UNIVERSAL | (16 << 2))
{ (ASN_TAG_CLASS_CONTEXT | (1 << 2)), 1, 0, 0 }, /* delegated */
{ (ASN_TAG_CLASS_CONTEXT | (2 << 2)), 2, 0, 0 }, /* expiration */
{ (ASN_TAG_CLASS_CONTEXT | (3 << 2)), 3, 0, 0 }, /* username */
{ (ASN_TAG_CLASS_CONTEXT | (1 << 2)), 1, 0, 0 }, /* delegated */
{ (ASN_TAG_CLASS_CONTEXT | (2 << 2)), 2, 0, 0 }, /* expiration */
{ (ASN_TAG_CLASS_CONTEXT | (3 << 2)), 3, 0, 0 }, /* username */
- { (ASN_TAG_CLASS_CONTEXT | (4 << 2)), 4, 0, 0 } /* gssname */
+ { (ASN_TAG_CLASS_CONTEXT | (4 << 2)), 4, 0, 0 }, /* gssname */
+ { (ASN_TAG_CLASS_CONTEXT | (5 << 2)), 5, 0, 0 } /* basichash */
};
static asn_SEQUENCE_specifics_t asn_SPC_GSSSessionData_specs_1 = {
sizeof(struct GSSSessionData),
offsetof(struct GSSSessionData, _asn_ctx),
asn_MAP_GSSSessionData_tag2el_1,
};
static asn_SEQUENCE_specifics_t asn_SPC_GSSSessionData_specs_1 = {
sizeof(struct GSSSessionData),
offsetof(struct GSSSessionData, _asn_ctx),
asn_MAP_GSSSessionData_tag2el_1,
- 5, /* Count of tags in the map */
+ 6, /* Count of tags in the map */
0, 0, 0, /* Optional elements (not needed) */
-1, /* Start extensions */
-1 /* Stop extensions */
0, 0, 0, /* Optional elements (not needed) */
-1, /* Start extensions */
-1 /* Stop extensions */
/sizeof(asn_DEF_GSSSessionData_tags_1[0]), /* 1 */
0, /* No PER visible constraints */
asn_MBR_GSSSessionData_1,
/sizeof(asn_DEF_GSSSessionData_tags_1[0]), /* 1 */
0, /* No PER visible constraints */
asn_MBR_GSSSessionData_1,
- 5, /* Elements count */
+ 6, /* Elements count */
&asn_SPC_GSSSessionData_specs_1 /* Additional specs */
};
&asn_SPC_GSSSessionData_specs_1 /* Additional specs */
};
Uint32_t expiration;
OCTET_STRING_t username;
OCTET_STRING_t gssname;
Uint32_t expiration;
OCTET_STRING_t username;
OCTET_STRING_t gssname;
+ OCTET_STRING_t basichash;
/* Context for parsing across buffer boundaries */
asn_struct_ctx_t _asn_ctx;
/* Context for parsing across buffer boundaries */
asn_struct_ctx_t _asn_ctx;
delegated [1] BOOLEAN,
expiration [2] Uint32,
username [3] OCTET STRING,
delegated [1] BOOLEAN,
expiration [2] Uint32,
username [3] OCTET STRING,
- gssname [4] OCTET STRING
+ gssname [4] OCTET STRING,
+ basichash [5] OCTET STRING
gsessdata->gssname.size);
if (!mc->gss_name) goto done;
gsessdata->gssname.size);
if (!mc->gss_name) goto done;
+ mc->basic_hash.length = gsessdata->basichash.size;
+ mc->basic_hash.value = apr_palloc(mc->parent, mc->basic_hash.length);
+ memcpy(mc->basic_hash.value,
+ gsessdata->basichash.buf, gsessdata->basichash.size);
+
/* OK we have a valid token */
mc->established = true;
/* OK we have a valid token */
mc->established = true;
goto done;
if (OCTET_STRING_fromString(&gsessdata.gssname, mc->gss_name) != 0)
goto done;
goto done;
if (OCTET_STRING_fromString(&gsessdata.gssname, mc->gss_name) != 0)
goto done;
+ if (OCTET_STRING_fromBuf(&gsessdata.basichash,
+ (const char *)mc->basic_hash.value,
+ mc->basic_hash.length) != 0)
+ goto done;
ret = encode_GSSSessionData(req->pool, &gsessdata,
&plainbuf.value, &plainbuf.length);
if (ret == false) {
ret = encode_GSSSessionData(req->pool, &gsessdata,
&plainbuf.value, &plainbuf.length);
if (ret == false) {
bool res = false;
if (mac_size == 0) return false;
bool res = false;
if (mac_size == 0) return false;
+ if (mc->basic_hash.value == NULL) return false;
ret = mag_basic_hmac(cfg->mag_skey, mac, user, pwd);
if (ret != 0) goto done;
ret = mag_basic_hmac(cfg->mag_skey, mac, user, pwd);
if (ret != 0) goto done;
projects / mod_auth_gssapi.git / commitdiff