diff options
author | Stefan Metzmacher <metze@samba.org> | 2015-06-19 14:46:53 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2015-06-23 14:38:53 +0200 |
commit | 3542d33314e32279340f07f995c1dcbd16106352 (patch) | |
tree | fc1ee24895f8fae933d2906fa866d6a23b794ebe /auth | |
parent | 57579453d12429adba08b80c1eb6936cc422a2fd (diff) | |
download | samba-3542d33314e32279340f07f995c1dcbd16106352.tar.gz |
auth/gensec: gensec_[un]seal_packet() should only work with GENSEC_FEATURE_DCE_STYLE
gensec_sig_size() also requires GENSEC_FEATURE_DCE_STYLE if
GENSEC_FEATURE_SEAL is negotiated.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'auth')
-rw-r--r-- | auth/gensec/gensec.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/auth/gensec/gensec.c b/auth/gensec/gensec.c index d9504f773c4..9fd5f254554 100644 --- a/auth/gensec/gensec.c +++ b/auth/gensec/gensec.c @@ -41,9 +41,15 @@ _PUBLIC_ NTSTATUS gensec_unseal_packet(struct gensec_security *gensec_security, if (!gensec_security->ops->unseal_packet) { return NT_STATUS_NOT_IMPLEMENTED; } + if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) { + return NT_STATUS_INVALID_PARAMETER; + } if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) { return NT_STATUS_INVALID_PARAMETER; } + if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_DCE_STYLE)) { + return NT_STATUS_INVALID_PARAMETER; + } return gensec_security->ops->unseal_packet(gensec_security, data, length, @@ -81,6 +87,9 @@ _PUBLIC_ NTSTATUS gensec_seal_packet(struct gensec_security *gensec_security, if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) { return NT_STATUS_INVALID_PARAMETER; } + if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_DCE_STYLE)) { + return NT_STATUS_INVALID_PARAMETER; + } return gensec_security->ops->seal_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig); } @@ -109,6 +118,11 @@ _PUBLIC_ size_t gensec_sig_size(struct gensec_security *gensec_security, size_t if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) { return 0; } + if (gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) { + if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_DCE_STYLE)) { + return 0; + } + } return gensec_security->ops->sig_size(gensec_security, data_size); } |