Loading crypto/asn1/asn1.h +2 −0 Original line number Diff line number Diff line Loading @@ -440,6 +440,8 @@ typedef const ASN1_ITEM * ASN1_ITEM_EXP(void); DECLARE_STACK_OF(ASN1_INTEGER) DECLARE_ASN1_SET_OF(ASN1_INTEGER) DECLARE_STACK_OF(ASN1_GENERALSTRING) typedef struct asn1_type_st { int type; Loading crypto/stack/safestack.h +20 −0 Original line number Diff line number Diff line Loading @@ -224,6 +224,26 @@ STACK_OF(type) \ #define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st)) #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) #define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) #define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i)) #define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val)) #define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i)) #define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr)) #define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i)) #define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp)) #define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st) #define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func)) #define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st)) #define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st)) #define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER) #define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st)) Loading ssl/kssl.c +11 −12 Original line number Diff line number Diff line Loading @@ -793,7 +793,7 @@ char ** Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes. ** Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are OK. */ EVP_CIPHER * const EVP_CIPHER * kssl_map_enc(krb5_enctype enctype) { switch (enctype) Loading @@ -803,14 +803,14 @@ kssl_map_enc(krb5_enctype enctype) case ENCTYPE_DES_CBC_MD4: case ENCTYPE_DES_CBC_MD5: case ENCTYPE_DES_CBC_RAW: return (EVP_CIPHER *) EVP_des_cbc(); return EVP_des_cbc(); break; case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */ case ENCTYPE_DES3_CBC_SHA: case ENCTYPE_DES3_CBC_RAW: return (EVP_CIPHER *) EVP_des_ede3_cbc(); return EVP_des_ede3_cbc(); break; default: return (EVP_CIPHER *) NULL; default: return NULL; break; } } Loading Loading @@ -1221,8 +1221,7 @@ kssl_TKT2tkt( /* IN */ krb5_context krb5context, if (asn1ticket == NULL || asn1ticket->realm == NULL || asn1ticket->sname == NULL || asn1ticket->sname->namestring == NULL || asn1ticket->sname->namestring->num < 2) sk_ASN1_GENERALSTRING_num(asn1ticket->sname->namestring) < 2) { BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, "Null field in asn1ticket.\n"); Loading @@ -1238,14 +1237,14 @@ kssl_TKT2tkt( /* IN */ krb5_context krb5context, return ENOMEM; /* or KRB5KRB_ERR_GENERIC; */ } gstr_svc = (ASN1_GENERALSTRING*)asn1ticket->sname->namestring->data[0]; gstr_host = (ASN1_GENERALSTRING*)asn1ticket->sname->namestring->data[1]; gstr_svc = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 0); gstr_host = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 1); if ((krb5rc = kssl_build_principal_2(krb5context, &new5ticket->server, asn1ticket->realm->length, asn1ticket->realm->data, gstr_svc->length, gstr_svc->data, gstr_host->length, gstr_host->data)) != 0) asn1ticket->realm->length, (char *)asn1ticket->realm->data, gstr_svc->length, (char *)gstr_svc->data, gstr_host->length, (char *)gstr_host->data)) != 0) { free(new5ticket); BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, Loading Loading @@ -1965,7 +1964,7 @@ krb5_error_code kssl_check_authent( KRB5_AUTHENTBODY *auth = NULL; krb5_enctype enctype; EVP_CIPHER_CTX ciph_ctx; EVP_CIPHER *enc = NULL; const EVP_CIPHER *enc = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; unsigned char *p, *unenc_authent; int padl, outl, unencbufsize; Loading ssl/s3_srvr.c +4 −4 Original line number Diff line number Diff line Loading @@ -1561,17 +1561,17 @@ static int ssl3_get_client_key_exchange(SSL *s) n2s(p,i); enc_ticket.length = i; enc_ticket.data = p; enc_ticket.data = (char *)p; p+=enc_ticket.length; n2s(p,i); authenticator.length = i; authenticator.data = p; authenticator.data = (char *)p; p+=authenticator.length; n2s(p,i); enc_pms.length = i; enc_pms.data = p; enc_pms.data = (char *)p; p+=enc_pms.length; if ((unsigned long)n != enc_ticket.length + authenticator.length + Loading Loading @@ -1636,7 +1636,7 @@ static int ssl3_get_client_key_exchange(SSL *s) goto err; } if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl, enc_pms.data, enc_pms.length)) (unsigned char *)enc_pms.data, enc_pms.length)) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DECRYPTION_FAILED); Loading Loading
crypto/asn1/asn1.h +2 −0 Original line number Diff line number Diff line Loading @@ -440,6 +440,8 @@ typedef const ASN1_ITEM * ASN1_ITEM_EXP(void); DECLARE_STACK_OF(ASN1_INTEGER) DECLARE_ASN1_SET_OF(ASN1_INTEGER) DECLARE_STACK_OF(ASN1_GENERALSTRING) typedef struct asn1_type_st { int type; Loading
crypto/stack/safestack.h +20 −0 Original line number Diff line number Diff line Loading @@ -224,6 +224,26 @@ STACK_OF(type) \ #define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st)) #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) #define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING) #define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i)) #define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val)) #define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val)) #define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i)) #define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr)) #define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i)) #define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp)) #define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st) #define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func)) #define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st)) #define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st)) #define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st)) #define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER) #define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st)) Loading
ssl/kssl.c +11 −12 Original line number Diff line number Diff line Loading @@ -793,7 +793,7 @@ char ** Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes. ** Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are OK. */ EVP_CIPHER * const EVP_CIPHER * kssl_map_enc(krb5_enctype enctype) { switch (enctype) Loading @@ -803,14 +803,14 @@ kssl_map_enc(krb5_enctype enctype) case ENCTYPE_DES_CBC_MD4: case ENCTYPE_DES_CBC_MD5: case ENCTYPE_DES_CBC_RAW: return (EVP_CIPHER *) EVP_des_cbc(); return EVP_des_cbc(); break; case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */ case ENCTYPE_DES3_CBC_SHA: case ENCTYPE_DES3_CBC_RAW: return (EVP_CIPHER *) EVP_des_ede3_cbc(); return EVP_des_ede3_cbc(); break; default: return (EVP_CIPHER *) NULL; default: return NULL; break; } } Loading Loading @@ -1221,8 +1221,7 @@ kssl_TKT2tkt( /* IN */ krb5_context krb5context, if (asn1ticket == NULL || asn1ticket->realm == NULL || asn1ticket->sname == NULL || asn1ticket->sname->namestring == NULL || asn1ticket->sname->namestring->num < 2) sk_ASN1_GENERALSTRING_num(asn1ticket->sname->namestring) < 2) { BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, "Null field in asn1ticket.\n"); Loading @@ -1238,14 +1237,14 @@ kssl_TKT2tkt( /* IN */ krb5_context krb5context, return ENOMEM; /* or KRB5KRB_ERR_GENERIC; */ } gstr_svc = (ASN1_GENERALSTRING*)asn1ticket->sname->namestring->data[0]; gstr_host = (ASN1_GENERALSTRING*)asn1ticket->sname->namestring->data[1]; gstr_svc = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 0); gstr_host = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 1); if ((krb5rc = kssl_build_principal_2(krb5context, &new5ticket->server, asn1ticket->realm->length, asn1ticket->realm->data, gstr_svc->length, gstr_svc->data, gstr_host->length, gstr_host->data)) != 0) asn1ticket->realm->length, (char *)asn1ticket->realm->data, gstr_svc->length, (char *)gstr_svc->data, gstr_host->length, (char *)gstr_host->data)) != 0) { free(new5ticket); BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, Loading Loading @@ -1965,7 +1964,7 @@ krb5_error_code kssl_check_authent( KRB5_AUTHENTBODY *auth = NULL; krb5_enctype enctype; EVP_CIPHER_CTX ciph_ctx; EVP_CIPHER *enc = NULL; const EVP_CIPHER *enc = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; unsigned char *p, *unenc_authent; int padl, outl, unencbufsize; Loading
ssl/s3_srvr.c +4 −4 Original line number Diff line number Diff line Loading @@ -1561,17 +1561,17 @@ static int ssl3_get_client_key_exchange(SSL *s) n2s(p,i); enc_ticket.length = i; enc_ticket.data = p; enc_ticket.data = (char *)p; p+=enc_ticket.length; n2s(p,i); authenticator.length = i; authenticator.data = p; authenticator.data = (char *)p; p+=authenticator.length; n2s(p,i); enc_pms.length = i; enc_pms.data = p; enc_pms.data = (char *)p; p+=enc_pms.length; if ((unsigned long)n != enc_ticket.length + authenticator.length + Loading Loading @@ -1636,7 +1636,7 @@ static int ssl3_get_client_key_exchange(SSL *s) goto err; } if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl, enc_pms.data, enc_pms.length)) (unsigned char *)enc_pms.data, enc_pms.length)) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DECRYPTION_FAILED); Loading
