diff options
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/krb5/src/lib/gssapi/krb5/util_crypt.c | 10 | ||||
| -rw-r--r-- | crypto/krb5/src/lib/gssapi/krb5/verify_mic.c | 11 | ||||
| -rw-r--r-- | crypto/openssh/uidswap.c | 15 |
3 files changed, 11 insertions, 25 deletions
diff --git a/crypto/krb5/src/lib/gssapi/krb5/util_crypt.c b/crypto/krb5/src/lib/gssapi/krb5/util_crypt.c index 28411429bf6e..386842e8a6e3 100644 --- a/crypto/krb5/src/lib/gssapi/krb5/util_crypt.c +++ b/crypto/krb5/src/lib/gssapi/krb5/util_crypt.c @@ -322,12 +322,16 @@ kg_verify_checksum_v3(krb5_context context, krb5_key key, krb5_keyusage usage, uint8_t ckhdr[16]; krb5_boolean valid; - /* Compose an RFC 4121 token header with EC and RRC set to 0. */ + /* + * Compose an RFC 4121 token header for the checksum. For a wrap token, + * the EC and RRC fields have the value 0 for the checksum operation, + * regardless of their values in the actual token (RFC 4121 section 4.2.4). + * For a MIC token, the corresponding four bytes have the value 0xFF. + */ store_16_be(toktype, ckhdr); ckhdr[2] = flags; ckhdr[3] = 0xFF; - store_16_be(0, ckhdr + 4); - store_16_be(0, ckhdr + 6); + store_32_be((toktype == KG2_TOK_MIC_MSG) ? 0xFFFFFFFF : 0, ckhdr + 4); store_64_be(seqnum, ckhdr + 8); /* Verify the checksum over the data and composed header. */ diff --git a/crypto/krb5/src/lib/gssapi/krb5/verify_mic.c b/crypto/krb5/src/lib/gssapi/krb5/verify_mic.c index 9852f49912a9..1c11d2016fca 100644 --- a/crypto/krb5/src/lib/gssapi/krb5/verify_mic.c +++ b/crypto/krb5/src/lib/gssapi/krb5/verify_mic.c @@ -90,7 +90,6 @@ verify_mic_v3(krb5_context context, OM_uint32 *minor_status, krb5_gss_ctx_id_rec *ctx, struct k5input *in, gss_buffer_t message) { - OM_uint32 status; krb5_keyusage usage; krb5_key key; krb5_cksumtype cksumtype; @@ -124,12 +123,10 @@ verify_mic_v3(krb5_context context, OM_uint32 *minor_status, } assert(key != NULL); - status = kg_verify_checksum_v3(context, key, usage, cksumtype, - KG2_TOK_MIC_MSG, flags, seqnum, - message->value, message->length, - in->ptr, in->len); - if (status != GSS_S_COMPLETE) - return status; + if (!kg_verify_checksum_v3(context, key, usage, cksumtype, KG2_TOK_MIC_MSG, + flags, seqnum, message->value, message->length, + in->ptr, in->len)) + return GSS_S_BAD_SIG; return g_seqstate_check(ctx->seqstate, seqnum); } diff --git a/crypto/openssh/uidswap.c b/crypto/openssh/uidswap.c index 0143f4994611..6ed3024d0180 100644 --- a/crypto/openssh/uidswap.c +++ b/crypto/openssh/uidswap.c @@ -14,9 +14,6 @@ #include "includes.h" -#ifdef __FreeBSD__ -#include <assert.h> -#endif #include <errno.h> #include <pwd.h> #include <string.h> @@ -124,20 +121,8 @@ temporarily_use_uid(struct passwd *pw) fatal("setgroups: %.100s", strerror(errno)); #ifndef SAVED_IDS_WORK_WITH_SETEUID /* Propagate the privileged gid to all of our gids. */ -#ifdef __FreeBSD__ - /* - * FreeBSD traditionally includes the egid as the first element. If we - * use getegid() here then we effectively propagate user_groups[0], - * which is probably pw->pw_gid. Fix it to work as intended by using - * the egid we already have stashed off. - */ - assert(saved_egroupslen > 0); - if (setgid(saved_egroups[0]) == -1) - debug("setgid %u: %.100s", (u_int) saved_egroups[0], strerror(errno)); -#else if (setgid(getegid()) == -1) debug("setgid %u: %.100s", (u_int) getegid(), strerror(errno)); -#endif /* Propagate the privileged uid to all of our uids. */ if (setuid(geteuid()) == -1) debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno)); |