This flag was introduced in the mskrb-integ merge but is not actually
used after r21742--while kg_unseal_iov_token sets it in vfyflags for
DCE-style contexts, it doesn't actually pass vfyflags to
g_verify_token_header or otherwise use it. Moreover, the flag is not
necessary there; we correctly set input_length to the header length
(without data, padding, or trailer) for v1 tokens in a DCE-style
context.
/* flags for g_verify_token_header() */
#define G_VFY_TOKEN_HDR_WRAPPER_REQUIRED 0x01
-#define G_VFY_TOKEN_HDR_IGNORE_SEQ_SIZE 0x02
gss_int32 g_verify_token_header (const gss_OID_desc * mech,
unsigned int *body_size,
if ((seqsize = der_read_length(&buf, &toksize)) < 0)
return(G_BAD_TOK_HEADER);
- if ((flags & G_VFY_TOKEN_HDR_IGNORE_SEQ_SIZE) == 0 &&
- seqsize != toksize)
+ if (seqsize != toksize)
return(G_BAD_TOK_HEADER);
if ((toksize-=1) < 0)
size_t input_length;
unsigned int bodysize;
int toktype2;
- int vfyflags = 0;
header = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
if (header == NULL) {
input_length += trailer->buffer.length;
}
- if (ctx->gss_flags & GSS_C_DCE_STYLE)
- vfyflags |= G_VFY_TOKEN_HDR_IGNORE_SEQ_SIZE;
-
code = g_verify_token_header(ctx->mech_used,
&bodysize, &ptr, -1,
input_length, 0);
projects / thirdparty / krb5.git / commitdiff
