diff options
| author | Richard Levitte <levitte@openssl.org> | 2001-07-21 09:43:43 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2001-07-21 09:43:43 +0000 |
| commit | acdf4afb9147a80d894383fe86ec6de1b6dbd4d5 (patch) | |
| tree | ddc1ca503e91e93ecdeb63cc83072f9a1321d32d /ssl/s3_srvr.c | |
| parent | 6d3dec92fb2df3129da5022f4277cc093ecd7b5f (diff) | |
More Kerberos SSL patches from Vern Staats <staatsvr@asc.hpc.mil>.
His comments are:
This patch fixes the problem of modern Kerberos using "derived keys"
to encrypt the authenticator by disabling the authenticator check
for all derived keys enctypes.
I think I've got all the bugfixes that Jeffrey and I discussed rolled
into this. There were some problems with Jeffrey's code to convert
the authenticator's Kerberos timestring into struct tm (e.g. Z, -1900;
it helps to have an actual decryptable authenticator to play with).
So I've shamelessly pushed in my code, while stealing some bits from
Jeffrey.
Diffstat (limited to 'ssl/s3_srvr.c')
| -rw-r--r-- | ssl/s3_srvr.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 20b8cc9ac5..8d1041ce00 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1463,7 +1463,8 @@ static int ssl3_get_client_key_exchange(SSL *s) EVP_CIPHER_CTX ciph_ctx; EVP_CIPHER *enc = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; - unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH]; + unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH + + EVP_MAX_IV_LENGTH + 1]; int padl, outl = sizeof(pms); krb5_timestamp authtime = 0; krb5_ticket_times ttimes; @@ -1537,16 +1538,31 @@ static int ssl3_get_client_key_exchange(SSL *s) enc = kssl_map_enc(kssl_ctx->enctype); memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */ - EVP_DecryptInit(&ciph_ctx,enc,kssl_ctx->key,iv); - EVP_DecryptUpdate(&ciph_ctx, pms,&outl, - enc_pms.data, enc_pms.length); + if (!EVP_DecryptInit(&ciph_ctx,enc,kssl_ctx->key,iv)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, + SSL_R_DECRYPTION_FAILED); + goto err; + } + if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl, + enc_pms.data, enc_pms.length)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, + SSL_R_DECRYPTION_FAILED); + goto err; + } if (outl > SSL_MAX_MASTER_KEY_LENGTH) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); goto err; } - EVP_DecryptFinal(&ciph_ctx,&(pms[outl]),&padl); + if (!EVP_DecryptFinal(&ciph_ctx,&(pms[outl]),&padl)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, + SSL_R_DECRYPTION_FAILED); + goto err; + } outl += padl; if (outl > SSL_MAX_MASTER_KEY_LENGTH) { |