From: Luke Howard <lukeh@padl.com>
Date: Sat, 17 Sep 2011 07:32:28 +0000 (+1000)
Subject: make sure imported sec context keys correctly allocated
X-Git-Tag: tr-beta1~90
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=moonshot.git;a=commitdiff_plain;h=6395e4a899d3a02f2972253ec750088681d2499e

make sure imported sec context keys correctly allocated
---

diff --git a/moonshot/mech_eap/import_sec_context.c b/moonshot/mech_eap/import_sec_context.c
index 56ee8d8..1533a16 100644
--- a/moonshot/mech_eap/import_sec_context.c
+++ b/moonshot/mech_eap/import_sec_context.c
@@ -152,13 +152,19 @@ importKerberosKey(OM_uint32 *minor,
                   size_t *pRemain,
                   krb5_cksumtype *checksumType,
                   krb5_enctype *pEncryptionType,
-                  krb5_keyblock *key)
+                  krb5_keyblock *pKey)
 {
     unsigned char *p = *pBuf;
     size_t remain = *pRemain;
     OM_uint32 encryptionType;
     OM_uint32 length;
-    gss_buffer_desc tmp;
+    krb5_context krbContext;
+    krb5_keyblock key;
+    krb5_error_code code;
+
+    GSSEAP_KRB_INIT(&krbContext);
+
+    KRB_KEY_INIT(pKey);
 
     if (remain < 12) {
         *minor = GSSEAP_TOK_TRUNC;
@@ -179,14 +185,19 @@ importKerberosKey(OM_uint32 *minor,
         return GSS_S_DEFECTIVE_TOKEN;
     }
 
-    if (load_buffer(&p[12], length, &tmp) == NULL) {
-        *minor = ENOMEM;
-        return GSS_S_FAILURE;
-    }
+    if (encryptionType != ENCTYPE_NULL) {
+        KRB_KEY_INIT(&key);
 
-    KRB_KEY_TYPE(key)   = encryptionType;
-    KRB_KEY_LENGTH(key) = tmp.length;
-    KRB_KEY_DATA(key)   = (unsigned char *)tmp.value;
+        KRB_KEY_TYPE(&key)   = encryptionType;
+        KRB_KEY_LENGTH(&key) = length;
+        KRB_KEY_DATA(&key)   = &p[12];
+
+        code = krb5_copy_keyblock_contents(krbContext, &key, pKey);
+        if (code != 0) {
+            *minor = code;
+            return GSS_S_FAILURE;
+        }
+    }
 
     *pBuf    += 12 + length;
     *pRemain -= 12 + length;