Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) X-RT-Original-Encoding: iso-8859-1 Content-Length: 6487 From fcusack@ratbert.iconnet.net Wed Nov 25 13:32:56 1998 Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id NAA00831 for ; Wed, 25 Nov 1998 13:32:55 -0500 Received: from ratbert.iconnet.net by MIT.EDU with SMTP id AA28743; Wed, 25 Nov 98 13:32:56 EST Received: (from fcusack@localhost) by ratbert.iconnet.net (8.9.1/8.9.1) id NAA07840; Wed, 25 Nov 1998 13:33:46 -0500 (EST) Message-Id: <199811251833.NAA07840@ratbert.iconnet.net> Date: Wed, 25 Nov 1998 13:33:46 -0500 (EST) From: fcusack@iconnet.net Reply-To: fcusack@iconnet.net To: krb5-bugs@MIT.EDU Cc: fcusack@iconnet.net Subject: SAM preauth patch X-Send-Pr-Version: 3.99 >Number: 663 >Category: krb5-kdc >Synopsis: a structure field name change to align with passwords-04 >Confidential: no >Severity: non-critical >Priority: medium >Responsible: krb5-unassigned >State: open >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Wed Nov 25 13:33:00 EST 1998 >Last-Modified: >Originator: Frank Cusack >Organization: Icon CMT Corp. >Release: krb5-current-19981119 >Environment: N/A System: SunOS ratbert 5.6 Generic_105181-09 sun4u sparc SUNW,Ultra-5_10 Architecture: sun4 >Description: enc_sam_response_enc.sam_passcode -> .sam_sad to align with draft-ietf-cat-kerberos-passwords-04.txt This patch depends on krb5-kdc/662. >How-To-Repeat: >Fix: Index: include/k5-int.h =================================================================== RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/include/k5-int.h,v retrieving revision 1.2 diff -u -r1.2 k5-int.h --- k5-int.h 1998/11/25 06:50:48 1.2 +++ k5-int.h 1998/11/25 18:28:31 @@ -379,7 +379,7 @@ krb5_int32 sam_nonce; krb5_timestamp sam_timestamp; krb5_int32 sam_usec; - krb5_data sam_passcode; + krb5_data sam_sad; } krb5_enc_sam_response_enc; typedef struct _krb5_sam_response { Index: kdc/preauth/pa_sam_securid.c =================================================================== RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/kdc/preauth/pa_sam_securid.c,v retrieving revision 1.1 diff -u -r1.1 pa_sam_securid.c --- pa_sam_securid.c 1998/11/25 04:06:18 1.1 +++ pa_sam_securid.c 1998/11/25 18:28:32 @@ -401,13 +401,13 @@ switch (securid_state.state) { case SECURID_STATE_INITIAL: - if (esre->sam_passcode.length > LENPRNST) { + if (esre->sam_sad.length > LENPRNST) { /* User entered too much data, keep same state. */ retval = KRB5KDC_ERR_PREAUTH_FAILED; goto cleanup; } - memcpy(&passcode, esre->sam_passcode.data, esre->sam_passcode.length); - passcode[esre->sam_passcode.length] = '\0'; + memcpy(&passcode, esre->sam_sad.data, esre->sam_sad.length); + passcode[esre->sam_sad.length] = '\0'; if (need_to_sd_init) { if (sd_init(&sd_dat)) { Index: lib/krb5/asn.1/asn1_k_decode.c =================================================================== RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/lib/krb5/asn.1/asn1_k_decode.c,v retrieving revision 1.2 diff -u -r1.2 asn1_k_decode.c --- asn1_k_decode.c 1998/11/25 06:50:49 1.2 +++ asn1_k_decode.c 1998/11/25 18:28:33 @@ -768,7 +768,7 @@ opt_field(val->sam_nonce,0,asn1_decode_int32,0); opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0); opt_field(val->sam_usec,2,asn1_decode_int32,0); - opt_string(val->sam_passcode,3,asn1_decode_charstring); + opt_string(val->sam_sad,3,asn1_decode_charstring); end_structure(); val->magic = KV5M_ENC_SAM_RESPONSE_ENC; } Index: lib/krb5/asn.1/asn1_k_encode.c =================================================================== RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/lib/krb5/asn.1/asn1_k_encode.c,v retrieving revision 1.2 diff -u -r1.2 asn1_k_encode.c --- asn1_k_encode.c 1998/11/25 06:50:49 1.2 +++ asn1_k_encode.c 1998/11/25 18:28:33 @@ -909,7 +909,7 @@ int * retlen; { asn1_setup(); - add_optstring(val->sam_passcode,3,asn1_encode_charstring); + add_optstring(val->sam_sad,3,asn1_encode_charstring); asn1_addfield(val->sam_usec,2,asn1_encode_integer); asn1_addfield(val->sam_timestamp,1,asn1_encode_kerberos_time); asn1_addfield(val->sam_nonce,0,asn1_encode_integer); Index: lib/krb5/krb/preauth.c =================================================================== RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/lib/krb5/krb/preauth.c,v retrieving revision 1.2 diff -u -r1.2 preauth.c --- preauth.c 1998/11/25 06:50:50 1.2 +++ preauth.c 1998/11/25 18:28:33 @@ -568,8 +568,8 @@ free(passcode); return retval; } - enc_sam_response_enc.sam_passcode.data = passcode; - enc_sam_response_enc.sam_passcode.length = pcsize; + enc_sam_response_enc.sam_sad.data = passcode; + enc_sam_response_enc.sam_sad.length = pcsize; } else if (sam_challenge->sam_flags & KRB5_SAM_USE_SAD_AS_KEY) { prompt = handle_sam_labels(sam_challenge); if (prompt == NULL) @@ -580,14 +580,14 @@ free(prompt); if (retval) return retval; - enc_sam_response_enc.sam_passcode.length = 0; + enc_sam_response_enc.sam_sad.length = 0; } else { /* what *was* it? */ return KRB5_SAM_UNSUPPORTED; } /* so at this point, either sam_use_key is generated from the passcode - * or enc_sam_response_enc.sam_passcode is set to it, and we use + * or enc_sam_response_enc.sam_sad is set to it, and we use * def_enc_key instead. */ /* encode the encoded part of the response */ if ((retval = encode_krb5_enc_sam_response_enc(&enc_sam_response_enc, Index: lib/krb5/krb/preauth2.c =================================================================== RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/lib/krb5/krb/preauth2.c,v retrieving revision 1.2 diff -u -r1.2 preauth2.c --- preauth2.c 1998/11/25 06:50:50 1.2 +++ preauth2.c 1998/11/25 18:28:34 @@ -349,10 +349,10 @@ enc_sam_response_enc.sam_nonce = sam_challenge->sam_nonce; if (sam_challenge->sam_flags & KRB5_SAM_SEND_ENCRYPTED_SAD) { /* Add the passcode if required. */ - enc_sam_response_enc.sam_passcode = response_data; + enc_sam_response_enc.sam_sad = response_data; } else { /* We need to use the response as part or all of the key. */ - enc_sam_response_enc.sam_passcode.length = 0; + enc_sam_response_enc.sam_sad.length = 0; #if 0 if ((salt->length == -1) && (salt->data == NULL)) { >Audit-Trail: >Unformatted: