summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/lib/hdb/mkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/heimdal/lib/hdb/mkey.c')
-rw-r--r--crypto/heimdal/lib/hdb/mkey.c86
1 files changed, 61 insertions, 25 deletions
diff --git a/crypto/heimdal/lib/hdb/mkey.c b/crypto/heimdal/lib/hdb/mkey.c
index 2c85333..c69e482 100644
--- a/crypto/heimdal/lib/hdb/mkey.c
+++ b/crypto/heimdal/lib/hdb/mkey.c
@@ -36,7 +36,7 @@
#define O_BINARY 0
#endif
-RCSID("$Id: mkey.c,v 1.8 2001/01/30 01:20:57 assar Exp $");
+RCSID("$Id: mkey.c,v 1.13 2001/12/05 14:41:45 nectar Exp $");
struct hdb_master_key_data {
krb5_keytab_entry keytab;
@@ -50,7 +50,8 @@ hdb_free_master_key(krb5_context context, hdb_master_key mkey)
struct hdb_master_key_data *ptr;
while(mkey) {
krb5_kt_free_entry(context, &mkey->keytab);
- krb5_crypto_destroy(context, mkey->crypto);
+ if (mkey->crypto)
+ krb5_crypto_destroy(context, mkey->crypto);
ptr = mkey;
mkey = mkey->next;
free(ptr);
@@ -63,26 +64,29 @@ hdb_process_master_key(krb5_context context,
hdb_master_key *mkey)
{
krb5_error_code ret;
+
*mkey = calloc(1, sizeof(**mkey));
- if(*mkey == NULL)
+ if(*mkey == NULL) {
+ krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
+ }
(*mkey)->keytab.vno = kvno;
ret = krb5_parse_name(context, "K/M", &(*mkey)->keytab.principal);
+ if(ret)
+ goto fail;
ret = krb5_copy_keyblock_contents(context, key, &(*mkey)->keytab.keyblock);
- if(ret) {
- free(*mkey);
- *mkey = NULL;
- return ret;
- }
+ if(ret)
+ goto fail;
if(etype != 0)
(*mkey)->keytab.keyblock.keytype = etype;
(*mkey)->keytab.timestamp = time(NULL);
ret = krb5_crypto_init(context, key, etype, &(*mkey)->crypto);
- if(ret) {
- krb5_free_keyblock_contents(context, &(*mkey)->keytab.keyblock);
- free(*mkey);
- *mkey = NULL;
- }
+ if(ret)
+ goto fail;
+ return 0;
+ fail:
+ hdb_free_master_key(context, *mkey);
+ *mkey = NULL;
return ret;
}
@@ -148,8 +152,12 @@ read_master_mit(krb5_context context, const char *filename,
krb5_keyblock key;
fd = open(filename, O_RDONLY | O_BINARY);
- if(fd < 0)
- return errno;
+ if(fd < 0) {
+ int save_errno = errno;
+ krb5_set_error_string(context, "failed to open %s: %s", filename,
+ strerror(save_errno));
+ return save_errno;
+ }
sp = krb5_storage_from_fd(fd);
if(sp == NULL) {
close(fd);
@@ -163,6 +171,8 @@ read_master_mit(krb5_context context, const char *filename,
#else
ret = krb5_ret_int16(sp, &enctype);
if((htons(enctype) & 0xff00) == 0x3000) {
+ krb5_set_error_string(context, "unknown keytype in %s: %#x, expected %#x",
+ filename, htons(enctype), 0x3000);
ret = HEIM_ERR_BAD_MKEY;
goto out;
}
@@ -191,13 +201,21 @@ read_master_encryptionkey(krb5_context context, const char *filename,
ssize_t len;
fd = open(filename, O_RDONLY | O_BINARY);
- if(fd < 0)
- return errno;
+ if(fd < 0) {
+ int save_errno = errno;
+ krb5_set_error_string(context, "failed to open %s: %s",
+ filename, strerror(save_errno));
+ return save_errno;
+ }
len = read(fd, buf, sizeof(buf));
close(fd);
- if(len < 0)
- return errno;
+ if(len < 0) {
+ int save_errno = errno;
+ krb5_set_error_string(context, "error reading %s: %s",
+ filename, strerror(save_errno));
+ return save_errno;
+ }
ret = decode_EncryptionKey(buf, len, &key, &len);
memset(buf, 0, sizeof(buf));
@@ -229,13 +247,25 @@ read_master_krb4(krb5_context context, const char *filename,
ssize_t len;
fd = open(filename, O_RDONLY | O_BINARY);
- if(fd < 0)
- return errno;
+ if(fd < 0) {
+ int save_errno = errno;
+ krb5_set_error_string(context, "failed to open %s: %s",
+ filename, strerror(save_errno));
+ return save_errno;
+ }
len = read(fd, buf, sizeof(buf));
close(fd);
- if(len < 0)
- return errno;
+ if(len < 0) {
+ int save_errno = errno;
+ krb5_set_error_string(context, "error reading %s: %s",
+ filename, strerror(save_errno));
+ return save_errno;
+ }
+ if(len != 8) {
+ krb5_set_error_string(context, "bad contents of %s", filename);
+ return HEIM_ERR_EOF; /* XXX file might be too large */
+ }
memset(&key, 0, sizeof(key));
key.keytype = ETYPE_DES_PCBC_NONE;
@@ -265,10 +295,15 @@ hdb_read_master_key(krb5_context context, const char *filename,
filename = HDB_DB_DIR "/m-key";
f = fopen(filename, "r");
- if(f == NULL)
- return errno;
+ if(f == NULL) {
+ int save_errno = errno;
+ krb5_set_error_string(context, "failed to open %s: %s",
+ filename, strerror(save_errno));
+ return save_errno;
+ }
if(fread(buf, 1, 2, f) != 2) {
+ krb5_set_error_string(context, "end of file reading %s", filename);
fclose(f);
return HEIM_ERR_EOF;
}
@@ -456,6 +491,7 @@ hdb_set_master_keyfile (krb5_context context,
if (ret) {
if (ret != ENOENT)
return ret;
+ krb5_clear_error_string(context);
return 0;
}
db->master_key = key;
OpenPOWER on IntegriCloud