Mercurial > illumos > illumos-gate

changeset 279:bf3a45792fd2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
6262680 lock usage error in krb5_gss_init_sec_context() 6301844 mech_krb5 has problem working on 64 bit systems
author willf
date Wed, 03 Aug 2005 06:13:20 -0700
parents a67c0ed6398a
children ffd6f0e5ac00
files usr/src/lib/gss_mechs/mech_krb5/crypto/pbkdf2.c usr/src/lib/gss_mechs/mech_krb5/mech/init_sec_context.c
diffstat 2 files changed, 17 insertions(+), 9 deletions(-) [+]
line wrap: on
line diff
--- a/usr/src/lib/gss_mechs/mech_krb5/crypto/pbkdf2.c	Tue Aug 02 18:36:51 2005 -0700
+++ b/usr/src/lib/gss_mechs/mech_krb5/crypto/pbkdf2.c	Wed Aug 03 06:13:20 2005 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -62,6 +62,7 @@
 	CK_KEY_TYPE	keytype;
 	CK_OBJECT_HANDLE hKey;
 	int attrs = 0;
+	CK_ULONG outlen, passlen;
 
 	mechanism.mechanism = CKM_PKCS5_PBKD2;
 	mechanism.pParameter = &params;
@@ -92,8 +93,10 @@
 	    enctype != ENCTYPE_DES3_CBC_SHA1 &&
 	    enctype != ENCTYPE_DES3_CBC_RAW) {
 		tmpl[attrs].type = CKA_VALUE_LEN;
-		tmpl[attrs].pValue = (void *)&out->length;
-		tmpl[attrs].ulValueLen = out->length;
+		/* using outlen to avoid 64bit alignment issues */
+		outlen = (CK_ULONG)out->length;
+		tmpl[attrs].pValue = &outlen;
+		tmpl[attrs].ulValueLen = sizeof(outlen);
 		attrs++;
 	}
 
@@ -105,7 +108,9 @@
 	params.pPrfData = NULL;
 	params.ulPrfDataLen = 0;
 	params.pPassword = (CK_UTF8CHAR_PTR)pass->data;
-	params.ulPasswordLen = (CK_ULONG *)&pass->length;
+	/* using passlen to avoid 64bit alignment issues */
+	passlen = (CK_ULONG)pass->length;
+	params.ulPasswordLen = &passlen;
 
 	rv = C_GenerateKey(krb_ctx_hSession(context), &mechanism, tmpl,
 		attrs, &hKey);
--- a/usr/src/lib/gss_mechs/mech_krb5/mech/init_sec_context.c	Tue Aug 02 18:36:51 2005 -0700
+++ b/usr/src/lib/gss_mechs/mech_krb5/mech/init_sec_context.c	Wed Aug 03 06:13:20 2005 -0700
@@ -1293,8 +1293,10 @@
 	if (ctx_free->subkey)
 	   krb5_free_keyblock(context, ctx_free->subkey);
 	xfree(ctx_free);
-   } else
-        (void)krb5_gss_delete_sec_context(context, minor_status, context_handle, NULL);
+   } else {
+        (void)krb5_gss_delete_sec_context_no_lock(context, minor_status,
+	    context_handle, NULL);
+   }
 
    *minor_status = code;
    return (major_status);
@@ -1354,7 +1356,7 @@
 
    if (! krb5_principal_compare(context, ctx->there,
 				(krb5_principal) target_name)) {
-	(void)krb5_gss_delete_sec_context(context, minor_status,
+	(void)krb5_gss_delete_sec_context_no_lock(context, minor_status,
                                         context_handle, NULL);
 	code = 0;
 	major_status = GSS_S_BAD_NAME;
@@ -1364,7 +1366,7 @@
    /* verify the token and leave the AP_REP message in ap_rep */
 
    if (input_token == GSS_C_NO_BUFFER) {
-	(void)krb5_gss_delete_sec_context(context, minor_status,
+	(void)krb5_gss_delete_sec_context_no_lock(context, minor_status,
                                         context_handle, NULL);
 	code = 0;
 	major_status = GSS_S_DEFECTIVE_TOKEN;
@@ -1464,7 +1466,8 @@
    return GSS_S_COMPLETE;
 
 fail:
-   (void)krb5_gss_delete_sec_context(context, minor_status, context_handle, NULL);
+   (void)krb5_gss_delete_sec_context_no_lock(context, minor_status,
+       context_handle, NULL);
 
    *minor_status = code;
    return (major_status);