mirror of
https://github.com/samba-team/samba.git
synced 2025-01-10 01:18:15 +03:00
third_party/heimdal: Import lorikeet-heimdal-202311030123 (commit 2346a67fe25cbf16128501665db41f6840546e15)
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Nov 3 03:53:08 UTC 2023 on atb-devel-224
This commit is contained in:
parent
3ef68efca2
commit
cfec96d5e9
18
third_party/heimdal/kdc/fast.c
vendored
18
third_party/heimdal/kdc/fast.c
vendored
@ -406,8 +406,8 @@ _kdc_fast_mk_e_data(astgs_request_t r,
|
|||||||
NULL,
|
NULL,
|
||||||
error_client,
|
error_client,
|
||||||
error_server,
|
error_server,
|
||||||
NULL,
|
csec,
|
||||||
NULL,
|
cusec,
|
||||||
e_data);
|
e_data);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
kdc_log(r->context, r->config, 1,
|
kdc_log(r->context, r->config, 1,
|
||||||
@ -508,8 +508,8 @@ _kdc_fast_mk_error(astgs_request_t r,
|
|||||||
error_client = NULL;
|
error_client = NULL;
|
||||||
error_server = NULL;
|
error_server = NULL;
|
||||||
}
|
}
|
||||||
csec = 0;
|
csec = NULL;
|
||||||
cusec = 0;
|
cusec = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = krb5_mk_error(r->context,
|
ret = krb5_mk_error(r->context,
|
||||||
@ -603,6 +603,9 @@ fast_unwrap_request(astgs_request_t r,
|
|||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
if (fxreq.u.armored_data.armor != NULL) {
|
if (fxreq.u.armored_data.armor != NULL) {
|
||||||
|
krb5uint32 kvno;
|
||||||
|
krb5uint32 *kvno_ptr = NULL;
|
||||||
|
|
||||||
if (fxreq.u.armored_data.armor->armor_type != 1) {
|
if (fxreq.u.armored_data.armor->armor_type != 1) {
|
||||||
kdc_log(r->context, r->config, 4,
|
kdc_log(r->context, r->config, 4,
|
||||||
"Incorrect AS-REQ armor type");
|
"Incorrect AS-REQ armor type");
|
||||||
@ -628,9 +631,14 @@ fast_unwrap_request(astgs_request_t r,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (ap_req.ticket.enc_part.kvno != NULL) {
|
||||||
|
kvno = *ap_req.ticket.enc_part.kvno;
|
||||||
|
kvno_ptr = &kvno;
|
||||||
|
}
|
||||||
|
|
||||||
ret = _kdc_db_fetch(r->context, r->config, armor_server_principal,
|
ret = _kdc_db_fetch(r->context, r->config, armor_server_principal,
|
||||||
HDB_F_GET_KRBTGT | HDB_F_DELAY_NEW_KEYS,
|
HDB_F_GET_KRBTGT | HDB_F_DELAY_NEW_KEYS,
|
||||||
(krb5uint32 *)ap_req.ticket.enc_part.kvno,
|
kvno_ptr,
|
||||||
&r->armor_serverdb, &r->armor_server);
|
&r->armor_serverdb, &r->armor_server);
|
||||||
if(ret == HDB_ERR_NOT_FOUND_HERE) {
|
if(ret == HDB_ERR_NOT_FOUND_HERE) {
|
||||||
free_AP_REQ(&ap_req);
|
free_AP_REQ(&ap_req);
|
||||||
|
2
third_party/heimdal/kdc/pkinit.c
vendored
2
third_party/heimdal/kdc/pkinit.c
vendored
@ -1078,9 +1078,9 @@ pk_mk_pa_reply_dh(krb5_context context,
|
|||||||
unsigned char *p;
|
unsigned char *p;
|
||||||
ret = _kdc_serialize_ecdh_key(context, cp->u.ecdh.key, &p,
|
ret = _kdc_serialize_ecdh_key(context, cp->u.ecdh.key, &p,
|
||||||
&dh_info.subjectPublicKey.length);
|
&dh_info.subjectPublicKey.length);
|
||||||
dh_info.subjectPublicKey.data = p;
|
|
||||||
if (ret)
|
if (ret)
|
||||||
goto out;
|
goto out;
|
||||||
|
dh_info.subjectPublicKey.data = p;
|
||||||
} else
|
} else
|
||||||
krb5_abortx(context, "no keyex selected ?");
|
krb5_abortx(context, "no keyex selected ?");
|
||||||
|
|
||||||
|
4
third_party/heimdal/lib/hcrypto/bn.c
vendored
4
third_party/heimdal/lib/hcrypto/bn.c
vendored
@ -235,7 +235,7 @@ static const unsigned char is_set[8] = { 1, 2, 4, 8, 16, 32, 64, 128 };
|
|||||||
int
|
int
|
||||||
BN_is_bit_set(const BIGNUM *bn, int bit)
|
BN_is_bit_set(const BIGNUM *bn, int bit)
|
||||||
{
|
{
|
||||||
heim_integer *hi = (heim_integer *)bn;
|
const heim_integer *hi = (const heim_integer *)bn;
|
||||||
unsigned char *p = hi->data;
|
unsigned char *p = hi->data;
|
||||||
|
|
||||||
if ((bit / 8) >= hi->length || hi->length == 0)
|
if ((bit / 8) >= hi->length || hi->length == 0)
|
||||||
@ -306,7 +306,7 @@ BN_set_word(BIGNUM *bn, unsigned long num)
|
|||||||
unsigned long
|
unsigned long
|
||||||
BN_get_word(const BIGNUM *bn)
|
BN_get_word(const BIGNUM *bn)
|
||||||
{
|
{
|
||||||
heim_integer *hi = (heim_integer *)bn;
|
const heim_integer *hi = (const heim_integer *)bn;
|
||||||
unsigned long num = 0;
|
unsigned long num = 0;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
|
4
third_party/heimdal/lib/hcrypto/pkcs12.c
vendored
4
third_party/heimdal/lib/hcrypto/pkcs12.c
vendored
@ -78,7 +78,7 @@ PKCS12_key_gen(const void *key, size_t keylen,
|
|||||||
|
|
||||||
if (salt && saltlen > 0) {
|
if (salt && saltlen > 0) {
|
||||||
for (i = 0; i < vlen; i++)
|
for (i = 0; i < vlen; i++)
|
||||||
I[i] = ((unsigned char*)salt)[i % saltlen];
|
I[i] = ((const unsigned char*)salt)[i % saltlen];
|
||||||
size_I += vlen;
|
size_I += vlen;
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
@ -89,7 +89,7 @@ PKCS12_key_gen(const void *key, size_t keylen,
|
|||||||
if (key) {
|
if (key) {
|
||||||
for (i = 0; i < vlen / 2; i++) {
|
for (i = 0; i < vlen / 2; i++) {
|
||||||
I[(i * 2) + size_I] = 0;
|
I[(i * 2) + size_I] = 0;
|
||||||
I[(i * 2) + size_I + 1] = ((unsigned char*)key)[i % (keylen + 1)];
|
I[(i * 2) + size_I + 1] = ((const unsigned char*)key)[i % (keylen + 1)];
|
||||||
}
|
}
|
||||||
size_I += vlen;
|
size_I += vlen;
|
||||||
}
|
}
|
||||||
|
1
third_party/heimdal/lib/hdb/common.c
vendored
1
third_party/heimdal/lib/hdb/common.c
vendored
@ -1629,7 +1629,6 @@ fetch_it(krb5_context context,
|
|||||||
/* Extra ':'s? No virtualization for you! */
|
/* Extra ':'s? No virtualization for you! */
|
||||||
free(host);
|
free(host);
|
||||||
host = NULL;
|
host = NULL;
|
||||||
htmp = NULL;
|
|
||||||
} else {
|
} else {
|
||||||
*htmp = '\0';
|
*htmp = '\0';
|
||||||
}
|
}
|
||||||
|
1
third_party/heimdal/lib/hdb/hdb-ldap.c
vendored
1
third_party/heimdal/lib/hdb/hdb-ldap.c
vendored
@ -366,6 +366,7 @@ LDAP_get_generalized_time_value(HDB * db, LDAPMessage * entry,
|
|||||||
if (ret)
|
if (ret)
|
||||||
return ret;
|
return ret;
|
||||||
|
|
||||||
|
memset(&tm, 0, sizeof tm);
|
||||||
tmp = strptime(gentime, "%Y%m%d%H%M%SZ", &tm);
|
tmp = strptime(gentime, "%Y%m%d%H%M%SZ", &tm);
|
||||||
if (tmp == NULL) {
|
if (tmp == NULL) {
|
||||||
free(gentime);
|
free(gentime);
|
||||||
|
13
third_party/heimdal/lib/hx509/ca.c
vendored
13
third_party/heimdal/lib/hx509/ca.c
vendored
@ -1187,8 +1187,7 @@ hx509_ca_tbs_add_san_permanentIdentifier_string(hx509_context context,
|
|||||||
p = strchr(freeme, ':');
|
p = strchr(freeme, ':');
|
||||||
if (!p) {
|
if (!p) {
|
||||||
hx509_set_error_string(context, 0, EINVAL,
|
hx509_set_error_string(context, 0, EINVAL,
|
||||||
"Invalid PermanentIdentifier string (should be \"[<oid>]:[<id>]\")",
|
"Invalid PermanentIdentifier string (should be \"[<oid>]:[<id>]\")");
|
||||||
oidstr);
|
|
||||||
free(freeme);
|
free(freeme);
|
||||||
return EINVAL;
|
return EINVAL;
|
||||||
}
|
}
|
||||||
@ -1297,8 +1296,7 @@ hx509_ca_tbs_add_san_hardwareModuleName_string(hx509_context context,
|
|||||||
if (!p) {
|
if (!p) {
|
||||||
hx509_set_error_string(context, 0, EINVAL,
|
hx509_set_error_string(context, 0, EINVAL,
|
||||||
"Invalid HardwareModuleName string (should be "
|
"Invalid HardwareModuleName string (should be "
|
||||||
"\"<oid>:<serial>\")",
|
"\"<oid>:<serial>\")");
|
||||||
oidstr);
|
|
||||||
free(freeme);
|
free(freeme);
|
||||||
return EINVAL;
|
return EINVAL;
|
||||||
}
|
}
|
||||||
@ -1735,7 +1733,12 @@ ca_sign(hx509_context context,
|
|||||||
hx509_set_error_string(context, 0, ret, "Out of memory");
|
hx509_set_error_string(context, 0, ret, "Out of memory");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
|
ret = RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
|
||||||
|
if (ret != 1) {
|
||||||
|
ret = HX509_CRYPTO_INTERNAL_ERROR;
|
||||||
|
hx509_set_error_string(context, 0, ret, "Failed to generate random bytes");
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f;
|
((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f;
|
||||||
((unsigned char *)tbsc->serialNumber.data)[0] |= 0x40;
|
((unsigned char *)tbsc->serialNumber.data)[0] |= 0x40;
|
||||||
}
|
}
|
||||||
|
2
third_party/heimdal/lib/hx509/cms.c
vendored
2
third_party/heimdal/lib/hx509/cms.c
vendored
@ -938,7 +938,7 @@ hx509_cms_verify_signed_ext(hx509_context context,
|
|||||||
if (signer_info->signature.length == 0) {
|
if (signer_info->signature.length == 0) {
|
||||||
ret = HX509_CMS_MISSING_SIGNER_DATA;
|
ret = HX509_CMS_MISSING_SIGNER_DATA;
|
||||||
hx509_set_error_string(context, 0, ret,
|
hx509_set_error_string(context, 0, ret,
|
||||||
"SignerInfo %d in SignedData "
|
"SignerInfo %zu in SignedData "
|
||||||
"missing sigature", i);
|
"missing sigature", i);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
2
third_party/heimdal/lib/hx509/hxtool.c
vendored
2
third_party/heimdal/lib/hx509/hxtool.c
vendored
@ -2902,9 +2902,11 @@ ptime(const char *s)
|
|||||||
char *rest;
|
char *rest;
|
||||||
int at_s;
|
int at_s;
|
||||||
|
|
||||||
|
memset(&at_tm, 0, sizeof at_tm);
|
||||||
if ((rest = strptime(s, "%Y-%m-%dT%H:%M:%S", &at_tm)) != NULL &&
|
if ((rest = strptime(s, "%Y-%m-%dT%H:%M:%S", &at_tm)) != NULL &&
|
||||||
rest[0] == '\0')
|
rest[0] == '\0')
|
||||||
return mktime(&at_tm);
|
return mktime(&at_tm);
|
||||||
|
memset(&at_tm, 0, sizeof at_tm);
|
||||||
if ((rest = strptime(s, "%Y%m%d%H%M%S", &at_tm)) != NULL && rest[0] == '\0')
|
if ((rest = strptime(s, "%Y%m%d%H%M%S", &at_tm)) != NULL && rest[0] == '\0')
|
||||||
return mktime(&at_tm);
|
return mktime(&at_tm);
|
||||||
if ((at_s = parse_time(s, "s")) != -1)
|
if ((at_s = parse_time(s, "s")) != -1)
|
||||||
|
2
third_party/heimdal/lib/hx509/ks_file.c
vendored
2
third_party/heimdal/lib/hx509/ks_file.c
vendored
@ -197,7 +197,7 @@ parse_pem_private_key(hx509_context context, const char *fn, int flags,
|
|||||||
if (strcmp(enc, "4,ENCRYPTED") != 0) {
|
if (strcmp(enc, "4,ENCRYPTED") != 0) {
|
||||||
hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED,
|
hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED,
|
||||||
"Private key encrypted in unknown method %s "
|
"Private key encrypted in unknown method %s "
|
||||||
"in file",
|
"in file %s",
|
||||||
enc, fn);
|
enc, fn);
|
||||||
hx509_clear_error_string(context);
|
hx509_clear_error_string(context);
|
||||||
return HX509_PARSING_KEY_FAILED;
|
return HX509_PARSING_KEY_FAILED;
|
||||||
|
2
third_party/heimdal/lib/krb5/acache.c
vendored
2
third_party/heimdal/lib/krb5/acache.c
vendored
@ -88,7 +88,9 @@ static krb5_error_code
|
|||||||
init_ccapi(krb5_context context)
|
init_ccapi(krb5_context context)
|
||||||
{
|
{
|
||||||
const char *lib = NULL;
|
const char *lib = NULL;
|
||||||
|
#ifdef HAVE_DLOPEN
|
||||||
char *explib = NULL;
|
char *explib = NULL;
|
||||||
|
#endif
|
||||||
|
|
||||||
HEIMDAL_MUTEX_lock(&acc_mutex);
|
HEIMDAL_MUTEX_lock(&acc_mutex);
|
||||||
if (init_func) {
|
if (init_func) {
|
||||||
|
6
third_party/heimdal/lib/krb5/build_ap_req.c
vendored
6
third_party/heimdal/lib/krb5/build_ap_req.c
vendored
@ -51,7 +51,11 @@ krb5_build_ap_req (krb5_context context,
|
|||||||
ap.ap_options.use_session_key = (ap_options & AP_OPTS_USE_SESSION_KEY) > 0;
|
ap.ap_options.use_session_key = (ap_options & AP_OPTS_USE_SESSION_KEY) > 0;
|
||||||
ap.ap_options.mutual_required = (ap_options & AP_OPTS_MUTUAL_REQUIRED) > 0;
|
ap.ap_options.mutual_required = (ap_options & AP_OPTS_MUTUAL_REQUIRED) > 0;
|
||||||
|
|
||||||
decode_Ticket(cred->ticket.data, cred->ticket.length, &ap.ticket, &len);
|
ret = decode_Ticket(cred->ticket.data, cred->ticket.length, &ap.ticket, &len);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
if (cred->ticket.length != len)
|
||||||
|
krb5_abortx(context, "internal error in ASN.1 encoder");
|
||||||
ap.authenticator.etype = enctype;
|
ap.authenticator.etype = enctype;
|
||||||
ap.authenticator.kvno = NULL;
|
ap.authenticator.kvno = NULL;
|
||||||
ap.authenticator.cipher = authenticator;
|
ap.authenticator.cipher = authenticator;
|
||||||
|
72
third_party/heimdal/lib/krb5/context.c
vendored
72
third_party/heimdal/lib/krb5/context.c
vendored
@ -284,29 +284,47 @@ init_context_from_config_file(krb5_context context)
|
|||||||
static krb5_error_code
|
static krb5_error_code
|
||||||
cc_ops_register(krb5_context context)
|
cc_ops_register(krb5_context context)
|
||||||
{
|
{
|
||||||
|
krb5_error_code ret;
|
||||||
|
|
||||||
context->cc_ops = NULL;
|
context->cc_ops = NULL;
|
||||||
context->num_cc_ops = 0;
|
context->num_cc_ops = 0;
|
||||||
|
|
||||||
#ifndef KCM_IS_API_CACHE
|
#ifndef KCM_IS_API_CACHE
|
||||||
krb5_cc_register(context, &krb5_acc_ops, TRUE);
|
ret = krb5_cc_register(context, &krb5_acc_ops, TRUE);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
#endif
|
#endif
|
||||||
krb5_cc_register(context, &krb5_fcc_ops, TRUE);
|
ret = krb5_cc_register(context, &krb5_fcc_ops, TRUE);
|
||||||
krb5_cc_register(context, &krb5_dcc_ops, TRUE);
|
if (ret)
|
||||||
krb5_cc_register(context, &krb5_mcc_ops, TRUE);
|
return ret;
|
||||||
|
ret = krb5_cc_register(context, &krb5_dcc_ops, TRUE);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
ret = krb5_cc_register(context, &krb5_mcc_ops, TRUE);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
#ifdef HAVE_SCC
|
#ifdef HAVE_SCC
|
||||||
krb5_cc_register(context, &krb5_scc_ops, TRUE);
|
ret = krb5_cc_register(context, &krb5_scc_ops, TRUE);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_KCM
|
#ifdef HAVE_KCM
|
||||||
#ifdef KCM_IS_API_CACHE
|
#ifdef KCM_IS_API_CACHE
|
||||||
krb5_cc_register(context, &krb5_akcm_ops, TRUE);
|
ret = krb5_cc_register(context, &krb5_akcm_ops, TRUE);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
#endif
|
#endif
|
||||||
krb5_cc_register(context, &krb5_kcm_ops, TRUE);
|
ret = krb5_cc_register(context, &krb5_kcm_ops, TRUE);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
#endif
|
#endif
|
||||||
#if defined(HAVE_KEYUTILS_H)
|
#if defined(HAVE_KEYUTILS_H)
|
||||||
krb5_cc_register(context, &krb5_krcc_ops, TRUE);
|
ret = krb5_cc_register(context, &krb5_krcc_ops, TRUE);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
#endif
|
#endif
|
||||||
_krb5_load_ccache_plugins(context);
|
ret = _krb5_load_ccache_plugins(context);
|
||||||
return 0;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static krb5_error_code
|
static krb5_error_code
|
||||||
@ -338,18 +356,30 @@ cc_ops_copy(krb5_context context, const krb5_context src_context)
|
|||||||
static krb5_error_code
|
static krb5_error_code
|
||||||
kt_ops_register(krb5_context context)
|
kt_ops_register(krb5_context context)
|
||||||
{
|
{
|
||||||
|
krb5_error_code ret;
|
||||||
|
|
||||||
context->num_kt_types = 0;
|
context->num_kt_types = 0;
|
||||||
context->kt_types = NULL;
|
context->kt_types = NULL;
|
||||||
|
|
||||||
krb5_kt_register (context, &krb5_fkt_ops);
|
ret = krb5_kt_register (context, &krb5_fkt_ops);
|
||||||
krb5_kt_register (context, &krb5_wrfkt_ops);
|
if (ret)
|
||||||
krb5_kt_register (context, &krb5_javakt_ops);
|
return ret;
|
||||||
krb5_kt_register (context, &krb5_mkt_ops);
|
ret = krb5_kt_register (context, &krb5_wrfkt_ops);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
ret = krb5_kt_register (context, &krb5_javakt_ops);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
ret = krb5_kt_register (context, &krb5_mkt_ops);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
#ifndef HEIMDAL_SMALLER
|
#ifndef HEIMDAL_SMALLER
|
||||||
krb5_kt_register (context, &krb5_akf_ops);
|
ret = krb5_kt_register (context, &krb5_akf_ops);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
#endif
|
#endif
|
||||||
krb5_kt_register (context, &krb5_any_ops);
|
ret = krb5_kt_register (context, &krb5_any_ops);
|
||||||
return 0;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static krb5_error_code
|
static krb5_error_code
|
||||||
@ -476,8 +506,12 @@ krb5_init_context(krb5_context *context)
|
|||||||
|
|
||||||
/* init error tables */
|
/* init error tables */
|
||||||
_krb5_init_ets(p);
|
_krb5_init_ets(p);
|
||||||
cc_ops_register(p);
|
ret = cc_ops_register(p);
|
||||||
kt_ops_register(p);
|
if (ret)
|
||||||
|
goto out;
|
||||||
|
ret = kt_ops_register(p);
|
||||||
|
if (ret)
|
||||||
|
goto out;
|
||||||
|
|
||||||
#ifdef PKINIT
|
#ifdef PKINIT
|
||||||
ret = hx509_context_init(&p->hx509ctx);
|
ret = hx509_context_init(&p->hx509ctx);
|
||||||
|
2
third_party/heimdal/lib/krb5/kx509.c
vendored
2
third_party/heimdal/lib/krb5/kx509.c
vendored
@ -1033,7 +1033,7 @@ rd_kx509_resp(krb5_context context,
|
|||||||
code = 0; /* No error */
|
code = 0; /* No error */
|
||||||
} else if (r.error_code < 0) {
|
} else if (r.error_code < 0) {
|
||||||
code = KRB5KRB_ERR_GENERIC; /* ??? */
|
code = KRB5KRB_ERR_GENERIC; /* ??? */
|
||||||
} else if (r.error_code <= KX509_ERR_SRV_OVERLOADED) {
|
} else if (r.error_code <= KX509_ERR_SRV_OVERLOADED - ERROR_TABLE_BASE_kx59) {
|
||||||
/*
|
/*
|
||||||
* RFC6717 (kx509) error code. These are actually not used on the
|
* RFC6717 (kx509) error code. These are actually not used on the
|
||||||
* wire in any existing implementations that we are aware of. Just
|
* wire in any existing implementations that we are aware of. Just
|
||||||
|
4
third_party/heimdal/lib/krb5/pkinit.c
vendored
4
third_party/heimdal/lib/krb5/pkinit.c
vendored
@ -448,7 +448,9 @@ build_auth_pack(krb5_context context,
|
|||||||
krb5_clear_error_message(context);
|
krb5_clear_error_message(context);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
RAND_bytes(a->clientDHNonce->data, a->clientDHNonce->length);
|
ret = RAND_bytes(a->clientDHNonce->data, a->clientDHNonce->length);
|
||||||
|
if (ret != 1)
|
||||||
|
return KRB5_CRYPTO_INTERNAL;
|
||||||
ret = krb5_copy_data(context, a->clientDHNonce,
|
ret = krb5_copy_data(context, a->clientDHNonce,
|
||||||
&ctx->clientDHNonce);
|
&ctx->clientDHNonce);
|
||||||
if (ret)
|
if (ret)
|
||||||
|
2
third_party/heimdal/lib/krb5/store.c
vendored
2
third_party/heimdal/lib/krb5/store.c
vendored
@ -968,7 +968,7 @@ krb5_ret_data(krb5_storage *sp,
|
|||||||
bytes = sp->fetch(sp, data->data, size);
|
bytes = sp->fetch(sp, data->data, size);
|
||||||
if (bytes < 0 || bytes != size) {
|
if (bytes < 0 || bytes != size) {
|
||||||
krb5_data_free(data);
|
krb5_data_free(data);
|
||||||
return (ret < 0)? errno : sp->eof_code;
|
return (bytes < 0)? errno : sp->eof_code;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
16
third_party/heimdal/lib/roken/base32.c
vendored
16
third_party/heimdal/lib/roken/base32.c
vendored
@ -91,14 +91,14 @@ rk_base32_encode(const void *data, int size, char **str, enum rk_base32_flags fl
|
|||||||
if (i < size)
|
if (i < size)
|
||||||
c += q[i];
|
c += q[i];
|
||||||
i++;
|
i++;
|
||||||
p[0] = chars[(c & 0x00000000f800000000ULL) >> 35];
|
p[0] = chars[(c & 0x000000f800000000ULL) >> 35];
|
||||||
p[1] = chars[(c & 0x0000000007c0000000ULL) >> 30];
|
p[1] = chars[(c & 0x00000007c0000000ULL) >> 30];
|
||||||
p[2] = chars[(c & 0x00000000003e000000ULL) >> 25];
|
p[2] = chars[(c & 0x000000003e000000ULL) >> 25];
|
||||||
p[3] = chars[(c & 0x000000000001f00000ULL) >> 20];
|
p[3] = chars[(c & 0x0000000001f00000ULL) >> 20];
|
||||||
p[4] = chars[(c & 0x0000000000000f8000ULL) >> 15];
|
p[4] = chars[(c & 0x00000000000f8000ULL) >> 15];
|
||||||
p[5] = chars[(c & 0x000000000000007c00ULL) >> 10];
|
p[5] = chars[(c & 0x0000000000007c00ULL) >> 10];
|
||||||
p[6] = chars[(c & 0x0000000000000003e0ULL) >> 5];
|
p[6] = chars[(c & 0x00000000000003e0ULL) >> 5];
|
||||||
p[7] = chars[(c & 0x00000000000000001fULL) >> 0];
|
p[7] = chars[(c & 0x000000000000001fULL) >> 0];
|
||||||
switch (i - size) {
|
switch (i - size) {
|
||||||
case 4: p[2] = p[3] = '='; HEIM_FALLTHROUGH;
|
case 4: p[2] = p[3] = '='; HEIM_FALLTHROUGH;
|
||||||
case 3: p[4] = '='; HEIM_FALLTHROUGH;
|
case 3: p[4] = '='; HEIM_FALLTHROUGH;
|
||||||
|
@ -61,10 +61,10 @@ while True:
|
|||||||
l2 = re.sub('^ *', '', l2)
|
l2 = re.sub('^ *', '', l2)
|
||||||
l = l[:-2] + l2
|
l = l[:-2] + l2
|
||||||
if start:
|
if start:
|
||||||
if re.match('7\.2', l):
|
if re.match(r'7\.2', l):
|
||||||
start = False
|
start = False
|
||||||
else:
|
else:
|
||||||
m = re.search('^ *\([A-Z]\) *(.*)$', l);
|
m = re.search(r'^ *\([A-Z]\) *(.*)$', l);
|
||||||
if m:
|
if m:
|
||||||
desc = m.group(1)
|
desc = m.group(1)
|
||||||
codes = []
|
codes = []
|
||||||
@ -77,7 +77,7 @@ while True:
|
|||||||
if m:
|
if m:
|
||||||
cases.append([codes, m.group(1), desc])
|
cases.append([codes, m.group(1), desc])
|
||||||
else:
|
else:
|
||||||
if re.match('^7\.1', l):
|
if re.match(r'^7\.1', l):
|
||||||
start = True
|
start = True
|
||||||
cases = []
|
cases = []
|
||||||
|
|
||||||
@ -114,7 +114,7 @@ for x in cases:
|
|||||||
examples_c.file.write(
|
examples_c.file.write(
|
||||||
" {%u, {%s}, \"%s\", \"%s\"},\n" %
|
" {%u, {%s}, \"%s\", \"%s\"},\n" %
|
||||||
(len(cp),
|
(len(cp),
|
||||||
",".join([re.sub('[uU]\+', '0x', x) for x in cp]),
|
",".join([re.sub(r'[uU]\+', '0x', x) for x in cp]),
|
||||||
pc,
|
pc,
|
||||||
desc))
|
desc))
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user