aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_unseal.c47
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_wrap.c40
2 files changed, 27 insertions, 60 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_unseal.c b/net/sunrpc/auth_gss/gss_krb5_unseal.c
index 0828cf64100f..23b509dedf97 100644
--- a/net/sunrpc/auth_gss/gss_krb5_unseal.c
+++ b/net/sunrpc/auth_gss/gss_krb5_unseal.c
@@ -112,47 +112,26 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx,
112 112
113 if (sealalg != 0xffff) 113 if (sealalg != 0xffff)
114 goto out; 114 goto out;
115 115 if (signalg != SGN_ALG_DES_MAC_MD5)
116 /* there are several mappings of seal algorithms to sign algorithms,
117 but few enough that we can try them all. */
118
119 if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
120 (ctx->sealalg == SEAL_ALG_1 && signalg != SGN_ALG_3) ||
121 (ctx->sealalg == SEAL_ALG_DES3KD &&
122 signalg != SGN_ALG_HMAC_SHA1_DES3_KD))
123 goto out; 116 goto out;
124 117
125 /* compute the checksum of the message */ 118 /* compute the checksum of the message */
126 119
127 /* initialize the the cksum */ 120 /* initialize the the cksum */
128 switch (signalg) { 121 checksum_type = CKSUMTYPE_RSA_MD5;
129 case SGN_ALG_DES_MAC_MD5: 122
130 checksum_type = CKSUMTYPE_RSA_MD5; 123 ret = make_checksum(checksum_type, ptr - 2, 8,
131 break; 124 message_buffer, 0, &md5cksum);
132 default: 125 if (ret)
133 ret = GSS_S_DEFECTIVE_TOKEN; 126 goto out;
127
128 ret = krb5_encrypt(ctx->seq, NULL, md5cksum.data,
129 md5cksum.data, 16);
130 if (ret)
134 goto out; 131 goto out;
135 }
136 132
137 switch (signalg) { 133 if (memcmp(md5cksum.data + 8, ptr + 14, 8)) {
138 case SGN_ALG_DES_MAC_MD5: 134 ret = GSS_S_BAD_SIG;
139 ret = make_checksum(checksum_type, ptr - 2, 8,
140 message_buffer, 0, &md5cksum);
141 if (ret)
142 goto out;
143
144 ret = krb5_encrypt(ctx->seq, NULL, md5cksum.data,
145 md5cksum.data, 16);
146 if (ret)
147 goto out;
148
149 if (memcmp(md5cksum.data + 8, ptr + 14, 8)) {
150 ret = GSS_S_BAD_SIG;
151 goto out;
152 }
153 break;
154 default:
155 ret = GSS_S_DEFECTIVE_TOKEN;
156 goto out; 135 goto out;
157 } 136 }
158 137
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c
index eee49f4c4c6a..a7d5c135139b 100644
--- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
+++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
@@ -253,6 +253,8 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf)
253 253
254 if (sealalg == 0xffff) 254 if (sealalg == 0xffff)
255 goto out; 255 goto out;
256 if (signalg != SGN_ALG_DES_MAC_MD5)
257 goto out;
256 258
257 /* in the current spec, there is only one valid seal algorithm per 259 /* in the current spec, there is only one valid seal algorithm per
258 key type, so a simple comparison is ok */ 260 key type, so a simple comparison is ok */
@@ -276,34 +278,20 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf)
276 /* compute the checksum of the message */ 278 /* compute the checksum of the message */
277 279
278 /* initialize the the cksum */ 280 /* initialize the the cksum */
279 switch (signalg) { 281 checksum_type = CKSUMTYPE_RSA_MD5;
280 case SGN_ALG_DES_MAC_MD5: 282
281 checksum_type = CKSUMTYPE_RSA_MD5; 283 ret = make_checksum(checksum_type, ptr - 2, 8, buf,
282 break; 284 ptr + 22 - (unsigned char *)buf->head[0].iov_base, &md5cksum);
283 default: 285 if (ret)
284 ret = GSS_S_DEFECTIVE_TOKEN; 286 goto out;
287
288 ret = krb5_encrypt(kctx->seq, NULL, md5cksum.data,
289 md5cksum.data, md5cksum.len);
290 if (ret)
285 goto out; 291 goto out;
286 }
287 292
288 switch (signalg) { 293 if (memcmp(md5cksum.data + 8, ptr + 14, 8)) {
289 case SGN_ALG_DES_MAC_MD5: 294 ret = GSS_S_BAD_SIG;
290 ret = make_checksum(checksum_type, ptr - 2, 8, buf,
291 ptr + 22 - (unsigned char *)buf->head[0].iov_base, &md5cksum);
292 if (ret)
293 goto out;
294
295 ret = krb5_encrypt(kctx->seq, NULL, md5cksum.data,
296 md5cksum.data, md5cksum.len);
297 if (ret)
298 goto out;
299
300 if (memcmp(md5cksum.data + 8, ptr + 14, 8)) {
301 ret = GSS_S_BAD_SIG;
302 goto out;
303 }
304 break;
305 default:
306 ret = GSS_S_DEFECTIVE_TOKEN;
307 goto out; 295 goto out;
308 } 296 }
309 297