From: kcr Date: Mon, 21 Jan 2008 19:12:44 +0000 (+0000) Subject: no more NOENCRYPTION X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=commitdiff_plain;h=a2384bd204bc982d7cfc5b9dd968de76559399ef;p=1ts-debian.git no more NOENCRYPTION git-svn-id: svn://svn.1ts.org/debian/branches/zephyr-reloaded@270 cbed1d16-5ef5-0310-b6a1-d4a37b08ba1f --- diff --git a/zephyr/server/bdump.c b/zephyr/server/bdump.c index 233ff0c..a88f371 100644 --- a/zephyr/server/bdump.c +++ b/zephyr/server/bdump.c @@ -114,10 +114,8 @@ static long ticket_time; #define TKTLIFETIME 120 #define tkt_lifetime(val) ((long) val * 5L * 60L) -#ifndef NOENCRYPTION extern C_Block serv_key; extern Sched serv_ksched; -#endif #endif /* HAVE_KRB4 */ static Timer *bdump_timer; @@ -1030,7 +1028,6 @@ get_tgt(void) ticket_time = NOW; } -#ifndef NOENCRYPTION retval = read_service_key(SERVER_SERVICE, SERVER_INSTANCE, ZGetRealm(), 0 /*kvno*/, srvtab_file, (char *)serv_key); @@ -1040,7 +1037,6 @@ get_tgt(void) return 1; } des_key_sched(serv_key, serv_ksched.s); -#endif /* !NOENCRYPTION */ } #ifdef HAVE_KRB5 /* XXX */ @@ -1292,12 +1288,8 @@ bdump_recv_loop(Server *server) syslog(LOG_ERR,"brl bad cblk read: %s (%s)", error_message(retval), cp); } else { -#ifdef NOENCRYPTION - memcpy(cblock, client->session_key, sizeof(C_Block)); -#else des_ecb_encrypt(cblock, client->session_key, serv_ksched.s, DES_DECRYPT); -#endif } } #endif /* HAVE_KRB4 */ diff --git a/zephyr/server/kstuff.c b/zephyr/server/kstuff.c index 5501e12..88b0cb1 100644 --- a/zephyr/server/kstuff.c +++ b/zephyr/server/kstuff.c @@ -851,11 +851,8 @@ ZCheckAuthentication4(ZNotice_t *notice, } /* Check the cryptographic checksum. */ -#ifdef NOENCRYPTION - checksum = 0; -#else checksum = compute_checksum(notice, dat.session); -#endif + if (checksum != notice->z_checksum) return ZAUTH_FAILED; @@ -872,9 +869,6 @@ static ZChecksum_t compute_checksum(ZNotice_t *notice, C_Block session_key) { -#ifdef NOENCRYPTION - return 0; -#else ZChecksum_t checksum; char *cstart, *cend, *hstart = notice->z_packet, *hend = notice->z_message; @@ -885,23 +879,19 @@ compute_checksum(ZNotice_t *notice, checksum ^= des_quad_cksum((unsigned char *)notice->z_message, NULL, notice->z_message_len, 0, (C_Block *)session_key); return checksum; -#endif } static ZChecksum_t compute_rlm_checksum(ZNotice_t *notice, C_Block session_key) { -#ifdef NOENCRYPTION - return 0; -#else ZChecksum_t checksum; char *cstart, *cend, *hstart = notice->z_packet; cstart = notice->z_default_format + strlen(notice->z_default_format) + 1; cend = cstart + strlen(cstart) + 1; checksum = des_quad_cksum((unsigned char *)hstart, NULL, cstart - hstart, 0, (C_Block *)session_key); + return checksum; -#endif } #ifdef HAVE_KRB5 diff --git a/zephyr/server/subscr.c b/zephyr/server/subscr.c index f5d8e5e..65aba3e 100644 --- a/zephyr/server/subscr.c +++ b/zephyr/server/subscr.c @@ -62,11 +62,9 @@ static const char rcsid_subscr_c[] = "$Id$"; */ #ifdef HAVE_KRB4 -#ifndef NOENCRYPTION C_Block serv_key; Sched serv_ksched; #endif -#endif /* for compatibility when sending subscription information to old clients */ @@ -872,11 +870,7 @@ subscr_send_subs(Client *client) #endif /* HAVE_KRB4 */ #else /* HAVE_KRB5 */ #ifdef HAVE_KRB4 -#ifdef NOENCRYPTION - memcpy(cblock, client->session_key, sizeof(C_Block)); -#else /* NOENCRYPTION */ des_ecb_encrypt(client->session_key, cblock, serv_ksched.s, DES_ENCRYPT); -#endif /* NOENCRYPTION */ retval = ZMakeAscii(buf, sizeof(buf), cblock, sizeof(C_Block)); #endif /* HAVE_KRB4 */ diff --git a/zephyr/server/zserver.h b/zephyr/server/zserver.h index e78ef5a..a863641 100644 --- a/zephyr/server/zserver.h +++ b/zephyr/server/zserver.h @@ -58,13 +58,11 @@ Code_t ZFormatAuthenticNotice(ZNotice_t*, char*, int, int*, C_Block); #define NOW t_local.tv_sec #ifdef HAVE_KRB4 -#ifndef NOENCRYPTION /* Kerberos shouldn't stick us with array types... */ typedef struct { des_key_schedule s; } Sched; #endif -#endif typedef struct _Destination Destination; typedef struct _Destlist Destlist;