From: Greg Hudson <ghudson@mit.edu>
Date: Sun, 8 Mar 2015 20:20:07 +0000 (-0400)
Subject: Use unsigned 16-bit type for key data kvno
X-Git-Tag: krb5-1.14-alpha1~138
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1d4df2264684ab6731dedc8882a0cd6353af33da;p=thirdparty%2Fkrb5.git

Use unsigned 16-bit type for key data kvno

Change key_data_kvno from a signed 16-bit field to an unsigned 16-bit
field, since negative values are never meaningful.  When adding new
keys, wrap from 65535 to 1 to avoid using the special value 0.

Don't bump the KDB binary version since this change is unlikely to
affect callers.

ticket: 7532
---

diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 4868e7df02..e6ffba3f82 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -1646,7 +1646,7 @@ struct _krb5_key_data;          /* kdb.h */
 
 struct ldap_seqof_key_data {
     krb5_int32 mkvno;           /* Master key version number */
-    krb5_int16 kvno;            /* kvno of key_data elements (all the same) */
+    krb5_ui_2 kvno;             /* kvno of key_data elements (all the same) */
     struct _krb5_key_data *key_data;
     krb5_int16 n_key_data;
 };
diff --git a/src/include/kdb.h b/src/include/kdb.h
index d0a390a258..1563a6297f 100644
--- a/src/include/kdb.h
+++ b/src/include/kdb.h
@@ -167,7 +167,7 @@ typedef struct krb5_string_attr_st {
  */
 typedef struct _krb5_key_data {
     krb5_int16            key_data_ver;         /* Version */
-    krb5_int16            key_data_kvno;        /* Key Version */
+    krb5_ui_2             key_data_kvno;        /* Key Version */
     krb5_int16            key_data_type[2];     /* Array of types */
     krb5_ui_2             key_data_length[2];   /* Array of lengths */
     krb5_octet          * key_data_contents[2]; /* Array of pointers */
diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c
index 975f94c6c6..4ccf8e653b 100644
--- a/src/lib/kadm5/kadm_rpc_xdr.c
+++ b/src/lib/kadm5/kadm_rpc_xdr.c
@@ -262,7 +262,7 @@ bool_t xdr_krb5_key_data_nocontents(XDR *xdrs, krb5_key_data *objp)
      if (!xdr_krb5_int16(xdrs, &objp->key_data_ver)) {
 	  return (FALSE);
      }
-     if (!xdr_krb5_int16(xdrs, &objp->key_data_kvno)) {
+     if (!xdr_krb5_ui_2(xdrs, &objp->key_data_kvno)) {
 	  return (FALSE);
      }
      if (!xdr_krb5_int16(xdrs, &objp->key_data_type[0])) {
diff --git a/src/lib/kadm5/srv/adb_xdr.c b/src/lib/kadm5/srv/adb_xdr.c
index de1bdc00e1..fc732971d2 100644
--- a/src/lib/kadm5/srv/adb_xdr.c
+++ b/src/lib/kadm5/srv/adb_xdr.c
@@ -21,7 +21,7 @@ xdr_krb5_key_data(XDR *xdrs, krb5_key_data *objp)
 
     if (!xdr_krb5_int16(xdrs, &objp->key_data_ver))
 	return(FALSE);
-    if (!xdr_krb5_int16(xdrs, &objp->key_data_kvno))
+    if (!xdr_krb5_ui_2(xdrs, &objp->key_data_kvno))
 	return(FALSE);
     if (!xdr_krb5_int16(xdrs, &objp->key_data_type[0]))
 	return(FALSE);
diff --git a/src/lib/kdb/kdb_convert.c b/src/lib/kdb/kdb_convert.c
index 1370395c8d..509016f73e 100644
--- a/src/lib/kdb/kdb_convert.c
+++ b/src/lib/kdb/kdb_convert.c
@@ -704,7 +704,7 @@ ulog_conv_2dbentry(krb5_context context, krb5_db_entry **entry,
                 krb5_key_data *kp = &ent->key_data[j];
                 kdbe_key_t *kv = &ULOG_ENTRY_KEYVAL(update, i, j);
                 kp->key_data_ver = (krb5_int16)kv->k_ver;
-                kp->key_data_kvno = (krb5_int16)kv->k_kvno;
+                kp->key_data_kvno = (krb5_ui_2)kv->k_kvno;
                 if (kp->key_data_ver > 2) {
                     return EINVAL; /* XXX ? */
                 }
diff --git a/src/lib/kdb/kdb_cpw.c b/src/lib/kdb/kdb_cpw.c
index fb076656f0..33017ecfdc 100644
--- a/src/lib/kdb/kdb_cpw.c
+++ b/src/lib/kdb/kdb_cpw.c
@@ -436,6 +436,10 @@ rekey(krb5_context context, krb5_keyblock *mkey, krb5_key_salt_tuple *ks_tuple,
     old_kvno = krb5_db_get_key_data_kvno(context, n_key_data, key_data);
     if (new_kvno < old_kvno + 1)
         new_kvno = old_kvno + 1;
+    /* Wrap from 65535 to 1; we can only store 16-bit kvno values in key_data,
+     * and we assign special meaning to kvno 0. */
+    if (new_kvno == (1 << 16))
+        new_kvno = 1;
 
     /* Add new keys to the front of the list. */
     if (password != NULL) {
diff --git a/src/lib/krb5/asn.1/ldap_key_seq.c b/src/lib/krb5/asn.1/ldap_key_seq.c
index deb47058df..74569d9e2c 100644
--- a/src/lib/krb5/asn.1/ldap_key_seq.c
+++ b/src/lib/krb5/asn.1/ldap_key_seq.c
@@ -51,6 +51,7 @@
 IMPORT_TYPE(int32, krb5_int32);
 
 DEFINTTYPE(int16, krb5_int16);
+DEFINTTYPE(uint16, krb5_ui_2);
 
 DEFCOUNTEDSTRINGTYPE(ui2_octetstring, unsigned char *, krb5_ui_2,
                      k5_asn1_encode_bytestring, k5_asn1_decode_bytestring,
@@ -108,7 +109,7 @@ DEFCOUNTEDSEQOFTYPE(cseqof_key_data, krb5_int16, ptr_key_data);
 DEFINT_IMMEDIATE(one, 1, ASN1_BAD_FORMAT);
 DEFCTAGGEDTYPE(ldap_key_seq_0, 0, one);
 DEFCTAGGEDTYPE(ldap_key_seq_1, 1, one);
-DEFFIELD(ldap_key_seq_2, ldap_seqof_key_data, kvno, 2, int16);
+DEFFIELD(ldap_key_seq_2, ldap_seqof_key_data, kvno, 2, uint16);
 DEFFIELD(ldap_key_seq_3, ldap_seqof_key_data, mkvno, 3, int32);
 DEFCNFIELD(ldap_key_seq_4, ldap_seqof_key_data, key_data, n_key_data, 4,
            cseqof_key_data);
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c b/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c
index 5eca41ee7b..cf1201d607 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c
@@ -98,7 +98,7 @@ ldap_xdr_krb5_key_data(XDR *xdrs, krb5_key_data *objp)
 
     if (!ldap_xdr_krb5_int16(xdrs, &objp->key_data_ver))
 	return(FALSE);
-    if (!ldap_xdr_krb5_int16(xdrs, &objp->key_data_kvno))
+    if (!ldap_xdr_krb5_ui_2(xdrs, &objp->key_data_kvno))
 	return(FALSE);
     if (!ldap_xdr_krb5_int16(xdrs, &objp->key_data_type[0]))
 	return(FALSE);