git.ipfire.org Git - thirdparty/krb5.git/commit

author	Greg Hudson <ghudson@mit.edu>
	Wed, 19 Jun 2024 22:55:35 +0000 (18:55 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Wed, 31 Jul 2024 00:00:31 +0000 (20:00 -0400)
commit	3ebe2ec4c1c5afe39f094b50590dd6f56cbce5ca
tree	96d0fbbd024ad4e6d5988bcab8d629fb70890ad5	tree \| snapshot
parent	aafc170587c69346a9b06583db6f1bb8edf524f2	commit \| diff

Refactor GSS token header parsing

Rewrite g_verify_token_header() to use k5input and not to handle
two-byte token IDs (which are specific to the krb5 mechanism). Add a
more general g_get_token_header() which can handle detached wrappers
and cases where the mech is not known in advance. Adjust all current
callers, and get rid of the duplicate DER parsing code added in commit
b0a2f8a5365f2eec3e27d78907de9f9d2c80505a.

In k5-input.h, split out tag and length parsing into
k5_der_get_taglen(), needed by g_get_token_header().

src/include/k5-der.h		diff \| blob \| blame \| history
src/lib/gssapi/generic/gssapiP_generic.h		diff \| blob \| blame \| history
src/lib/gssapi/generic/util_token.c		diff \| blob \| blame \| history
src/lib/gssapi/krb5/accept_sec_context.c		diff \| blob \| blame \| history
src/lib/gssapi/krb5/iakerb.c		diff \| blob \| blame \| history
src/lib/gssapi/krb5/init_sec_context.c		diff \| blob \| blame \| history
src/lib/gssapi/krb5/k5unseal.c		diff \| blob \| blame \| history
src/lib/gssapi/krb5/k5unsealiov.c		diff \| blob \| blame \| history
src/lib/gssapi/mechglue/g_decapsulate_token.c		diff \| blob \| blame \| history
src/lib/gssapi/mechglue/g_glue.c		diff \| blob \| blame \| history
src/lib/gssapi/mechglue/mglueP.h		diff \| blob \| blame \| history