vendor/heimdal/1.5

1 files changed, 65 insertions, 70 deletions

diff --git a/lib/gssapi/ntlm/crypto.c b/lib/gssapi/ntlm/crypto.c
index b05246ca52f4..85dc638dda58 100644
--- a/lib/gssapi/ntlm/crypto.c
+++ b/lib/gssapi/ntlm/crypto.c
@@ -1,39 +1,37 @@
 /*
- * Copyright (c) 2006 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden). 
- * All rights reserved. 
+ * Copyright (c) 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
  *
- * Redistribution and use in source and binary forms, with or without 
- * modification, are permitted provided that the following conditions 
- * are met: 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
  *
- * 1. Redistributions of source code must retain the above copyright 
- *    notice, this list of conditions and the following disclaimer. 
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
  *
- * 2. Redistributions in binary form must reproduce the above copyright 
- *    notice, this list of conditions and the following disclaimer in the 
- *    documentation and/or other materials provided with the distribution. 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
  *
- * 3. Neither the name of the Institute nor the names of its contributors 
- *    may be used to endorse or promote products derived from this software 
- *    without specific prior written permission. 
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
  *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
- * SUCH DAMAGE. 
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
  */
 
-#include "ntlm/ntlm.h"
-
-RCSID("$Id: crypto.c 19535 2006-12-28 14:49:01Z lha $");
+#include "ntlm.h"
 
 uint32_t
 _krb5_crc_update (const char *p, size_t len, uint32_t res);
@@ -80,7 +78,7 @@ _gss_ntlm_set_key(struct ntlmv2_key *key, int acceptor, int sealsign,
 		  unsigned char *data, size_t len)
 {
     unsigned char out[16];
-    MD5_CTX ctx;
+    EVP_MD_CTX *ctx;
     const char *signmagic;
     const char *sealmagic;
 
@@ -94,15 +92,17 @@ _gss_ntlm_set_key(struct ntlmv2_key *key, int acceptor, int sealsign,
 
     key->seq = 0;
 
-    MD5_Init(&ctx);
-    MD5_Update(&ctx, data, len);
-    MD5_Update(&ctx, signmagic, strlen(signmagic) + 1);
-    MD5_Final(key->signkey, &ctx);
+    ctx = EVP_MD_CTX_create();
+    EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
+    EVP_DigestUpdate(ctx, data, len);
+    EVP_DigestUpdate(ctx, signmagic, strlen(signmagic) + 1);
+    EVP_DigestFinal_ex(ctx, key->signkey, NULL);
 
-    MD5_Init(&ctx);
-    MD5_Update(&ctx, data, len);
-    MD5_Update(&ctx, sealmagic, strlen(sealmagic) + 1);
-    MD5_Final(out, &ctx);
+    EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
+    EVP_DigestUpdate(ctx, data, len);
+    EVP_DigestUpdate(ctx, sealmagic, strlen(sealmagic) + 1);
+    EVP_DigestFinal_ex(ctx, out, NULL);
+    EVP_MD_CTX_destroy(ctx);
 
     RC4_set_key(&key->sealkey, 16, out);
     if (sealsign)
@@ -121,20 +121,20 @@ v1_sign_message(gss_buffer_t in,
 {
     unsigned char sigature[12];
     uint32_t crc;
-    
+
     _krb5_crc_init_table();
     crc = _krb5_crc_update(in->value, in->length, 0);
-    
+
     encode_le_uint32(0, &sigature[0]);
     encode_le_uint32(crc, &sigature[4]);
     encode_le_uint32(seq, &sigature[8]);
-    
+
     encode_le_uint32(1, out); /* version */
     RC4(signkey, sizeof(sigature), sigature, out + 4);
-    
+
     if (RAND_bytes(out + 4, 4) != 1)
 	return GSS_S_UNAVAILABLE;
-    
+
     return 0;
 }
 
@@ -152,7 +152,7 @@ v2_sign_message(gss_buffer_t in,
 
     HMAC_CTX_init(&c);
     HMAC_Init_ex(&c, signkey, 16, EVP_md5(), NULL);
-    
+
     encode_le_uint32(seq, hmac);
     HMAC_Update(&c, hmac, 4);
     HMAC_Update(&c, in->value, in->length);
@@ -188,7 +188,7 @@ v2_verify_message(gss_buffer_t in,
 	return GSS_S_BAD_MIC;
 
     return GSS_S_COMPLETE;
-}    
+}
 
 static OM_uint32
 v2_seal_message(const gss_buffer_t in,
@@ -259,8 +259,9 @@ v2_unseal_message(gss_buffer_t in,
 /*
  *
  */
- 
-OM_uint32 _gss_ntlm_get_mic
+
+OM_uint32 GSSAPI_CALLCONV
+_gss_ntlm_get_mic
            (OM_uint32 * minor_status,
             const gss_ctx_id_t context_handle,
             gss_qop_t qop_req,
@@ -271,12 +272,7 @@ OM_uint32 _gss_ntlm_get_mic
     ntlm_ctx ctx = (ntlm_ctx)context_handle;
     OM_uint32 junk;
 
-    if (minor_status)
-	*minor_status = 0;
-    if (message_token) {
-	message_token->length = 0;
-	message_token->value = NULL;
-    }
+    *minor_status = 0;
 
     message_token->value = malloc(16);
     message_token->length = 16;
@@ -339,7 +335,7 @@ OM_uint32 _gss_ntlm_get_mic
  *
  */
 
-OM_uint32
+OM_uint32 GSSAPI_CALLCONV
 _gss_ntlm_verify_mic
            (OM_uint32 * minor_status,
             const gss_ctx_id_t context_handle,
@@ -388,7 +384,7 @@ _gss_ntlm_verify_mic
 	    ((unsigned char *)token_buffer->value) + 4, sigature);
 
 	_krb5_crc_init_table();
-	crc = _krb5_crc_update(message_buffer->value, 
+	crc = _krb5_crc_update(message_buffer->value,
 			       message_buffer->length, 0);
 	/* skip first 4 bytes in the encrypted checksum */
 	decode_le_uint32(&sigature[4], &num);
@@ -425,7 +421,7 @@ _gss_ntlm_verify_mic
  *
  */
 
-OM_uint32
+OM_uint32 GSSAPI_CALLCONV
 _gss_ntlm_wrap_size_limit (
             OM_uint32 * minor_status,
             const gss_ctx_id_t context_handle,
@@ -456,7 +452,8 @@ _gss_ntlm_wrap_size_limit (
  *
  */
 
-OM_uint32 _gss_ntlm_wrap
+OM_uint32 GSSAPI_CALLCONV
+_gss_ntlm_wrap
 (OM_uint32 * minor_status,
  const gss_ctx_id_t context_handle,
  int conf_req_flag,
@@ -469,14 +466,13 @@ OM_uint32 _gss_ntlm_wrap
     ntlm_ctx ctx = (ntlm_ctx)context_handle;
     OM_uint32 ret;
 
-    if (minor_status)
-	*minor_status = 0;
+    *minor_status = 0;
     if (conf_state)
 	*conf_state = 0;
     if (output_message_buffer == GSS_C_NO_BUFFER)
 	return GSS_S_FAILURE;
 
-    
+
     if (CTX_FLAGS_ISSET(ctx, NTLM_NEG_SEAL|NTLM_NEG_NTLM2_SESSION)) {
 
 	return v2_seal_message(input_message_buffer,
@@ -499,7 +495,7 @@ OM_uint32 _gss_ntlm_wrap
 
 	RC4(&ctx->u.v1.crypto_send.key, input_message_buffer->length,
 	    input_message_buffer->value, output_message_buffer->value);
-	
+
 	ret = _gss_ntlm_get_mic(minor_status, context_handle,
 				0, input_message_buffer,
 				&trailer);
@@ -512,7 +508,7 @@ OM_uint32 _gss_ntlm_wrap
 	    gss_release_buffer(&junk, &trailer);
 	    return GSS_S_FAILURE;
 	}
-	memcpy(((unsigned char *)output_message_buffer->value) + 
+	memcpy(((unsigned char *)output_message_buffer->value) +
 	       input_message_buffer->length,
 	       trailer.value, trailer.length);
 	gss_release_buffer(&junk, &trailer);
@@ -527,7 +523,8 @@ OM_uint32 _gss_ntlm_wrap
  *
  */
 
-OM_uint32 _gss_ntlm_unwrap
+OM_uint32 GSSAPI_CALLCONV
+_gss_ntlm_unwrap
            (OM_uint32 * minor_status,
             const gss_ctx_id_t context_handle,
             const gss_buffer_t input_message_buffer,
@@ -539,12 +536,10 @@ OM_uint32 _gss_ntlm_unwrap
     ntlm_ctx ctx = (ntlm_ctx)context_handle;
     OM_uint32 ret;
 
-    if (minor_status)
-	*minor_status = 0;
-    if (output_message_buffer) {
-	output_message_buffer->value = NULL;
-	output_message_buffer->length = 0;
-    }
+    *minor_status = 0;
+    output_message_buffer->value = NULL;
+    output_message_buffer->length = 0;
+
     if (conf_state)
 	*conf_state = 0;
     if (qop_state)
@@ -572,10 +567,10 @@ OM_uint32 _gss_ntlm_unwrap
 	    output_message_buffer->length = 0;
 	    return GSS_S_FAILURE;
 	}
-	
+
 	RC4(&ctx->u.v1.crypto_recv.key, output_message_buffer->length,
 	    input_message_buffer->value, output_message_buffer->value);
-	
+
 	trailer.value = ((unsigned char *)input_message_buffer->value) +
 	    output_message_buffer->length;
 	trailer.length = 16;