Remove define for KRB5_CKSUM_LENGTH, which will become enctype-dependent

cleanup: When adding new encryption types, the checksum length
can be different for each enctype.  Face the fact that the
current code only supports DES which has a checksum length of 8.

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
This commit is contained in:
Kevin Coffman 2008-02-21 13:44:27 -05:00 committed by J. Bruce Fields
parent 3d4a688678
commit 30aef3166a
3 changed files with 2 additions and 7 deletions

View file

@ -70,8 +70,6 @@ enum seal_alg {
SEAL_ALG_DES3KD = 0x0002 SEAL_ALG_DES3KD = 0x0002
}; };
#define KRB5_CKSUM_LENGTH 8
#define CKSUMTYPE_CRC32 0x0001 #define CKSUMTYPE_CRC32 0x0001
#define CKSUMTYPE_RSA_MD4 0x0002 #define CKSUMTYPE_RSA_MD4 0x0002
#define CKSUMTYPE_RSA_MD4_DES 0x0003 #define CKSUMTYPE_RSA_MD4_DES 0x0003

View file

@ -109,8 +109,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
md5cksum.data, md5cksum.len)) md5cksum.data, md5cksum.len))
return GSS_S_FAILURE; return GSS_S_FAILURE;
memcpy(krb5_hdr + 16, md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH, memcpy(krb5_hdr + 16, md5cksum.data + md5cksum.len - 8, 8);
KRB5_CKSUM_LENGTH);
spin_lock(&krb5_seq_lock); spin_lock(&krb5_seq_lock);
seq_send = ctx->seq_send++; seq_send = ctx->seq_send++;

View file

@ -176,9 +176,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
if (krb5_encrypt(kctx->seq, NULL, md5cksum.data, if (krb5_encrypt(kctx->seq, NULL, md5cksum.data,
md5cksum.data, md5cksum.len)) md5cksum.data, md5cksum.len))
return GSS_S_FAILURE; return GSS_S_FAILURE;
memcpy(krb5_hdr + 16, memcpy(krb5_hdr + 16, md5cksum.data + md5cksum.len - 8, 8);
md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH,
KRB5_CKSUM_LENGTH);
spin_lock(&krb5_seq_lock); spin_lock(&krb5_seq_lock);
seq_send = kctx->seq_send++; seq_send = kctx->seq_send++;