diff options
| author |  David Benjamin <davidben@mit.edu> | 2013-04-18 19:45:17 -0400 |
|---|---|---|
| committer |  Karl Ramm <kcr@1ts.org> | 2013-09-28 14:20:40 -0400 |
| commit | 50d60c3dc739be77574cbf80bc24d7fbd2ff41be (patch) | |
| tree | e67dcf6c8ba076e97107a8076b19b72192aa5ce8 | |
| parent | 241ec6e5c75b6872a32c5e05c17ebb4238e120e0 (diff) | |
Add internal Z_MakeZcodeAuthentication function
Explicitly takes a krb5_creds as input.
| -rw-r--r-- | h/internal.h | 4 | ||||
| -rw-r--r-- | lib/ZMkAuth.c | 44 |
2 files changed, 33 insertions, 15 deletions
diff --git a/h/internal.h b/h/internal.h index 93d76ab..f87c8a2 100644 --- a/h/internal.h +++ b/h/internal.h @@ -144,6 +144,10 @@ Code_t Z_ExtractEncCksum(krb5_keyblock *keyblock, krb5_enctype *enctype, int Z_krb5_verify_cksum(krb5_keyblock *keyblock, krb5_data *cksumbuf, krb5_cksumtype cksumtype, krb5_keyusage cksumusage, unsigned char *asn1_data, int asn1_len); +Code_t Z_MakeZcodeAuthentication(register ZNotice_t *notice, + char *buffer, int buffer_len, + int *phdr_len, + krb5_creds *creds); Code_t Z_InsertZcodeChecksum(krb5_keyblock *keyblock, ZNotice_t *notice, char *buffer, char *cksum_start, int cksum_len, diff --git a/lib/ZMkAuth.c b/lib/ZMkAuth.c index 8d7ea0c..f837a1e 100644 --- a/lib/ZMkAuth.c +++ b/lib/ZMkAuth.c @@ -111,14 +111,36 @@ ZMakeZcodeAuthentication(register ZNotice_t *notice, Code_t ZMakeZcodeRealmAuthentication(register ZNotice_t *notice, - char *buffer, - int buffer_len, - int *phdr_len, - char *realm) + char *buffer, + int buffer_len, + int *phdr_len, + char *realm) { #ifdef HAVE_KRB5 - krb5_error_code result; - krb5_creds *creds = 0; + Code_t result; + krb5_creds *creds = NULL; + + result = ZGetCredsRealm(&creds, realm); + if (!result) + result = Z_MakeZcodeAuthentication(notice, buffer, buffer_len, phdr_len, + creds); + if (creds != NULL) + krb5_free_creds(Z_krb5_ctx, creds); + return result; +#else /* HAVE_KRB5 */ + return ZERR_INTERNAL; +#endif +} + +#ifdef HAVE_KRB5 +Code_t +Z_MakeZcodeAuthentication(register ZNotice_t *notice, + char *buffer, + int buffer_len, + int *phdr_len, + krb5_creds *creds) +{ + krb5_error_code result = 0; krb5_keyblock *keyblock; krb5_auth_context authctx; krb5_data *authent; @@ -127,8 +149,6 @@ ZMakeZcodeRealmAuthentication(register ZNotice_t *notice, notice->z_ascii_authent = NULL; - result = ZGetCredsRealm(&creds, realm); - keyblock = Z_credskey(creds); authent = (krb5_data *)malloc(sizeof(krb5_data)); @@ -167,7 +187,7 @@ ZMakeZcodeRealmAuthentication(register ZNotice_t *notice, result = Z_NewFormatRawHeader(notice, buffer, buffer_len, phdr_len, &cksum_start, &cksum_len, &cstart, &cend); notice->z_authent_len = 0; - if (!result && creds != NULL) + if (!result) result = Z_InsertZcodeChecksum(keyblock, notice, buffer, cksum_start, cksum_len, cstart, cend, buffer_len, &phdr_adj, 0); @@ -179,15 +199,9 @@ ZMakeZcodeRealmAuthentication(register ZNotice_t *notice, krb5_free_data_contents(Z_krb5_ctx, authent); if (authent != NULL) free(authent); - if (creds != NULL) - krb5_free_creds(Z_krb5_ctx, creds); return result; -#else /* HAVE_KRB5 */ - return ZERR_INTERNAL; -#endif } -#ifdef HAVE_KRB5 int ZGetCreds(krb5_creds **creds_out) { |