[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

gss_wrap_size_limit()

To: heimdal-discuss@sics.se
Subject: gss_wrap_size_limit()
From: Luke Howard <lukeh@PADL.COM>
Date: Tue, 3 Jun 2003 19:29:18 +1000
Organization: PADL Software Pty Ltd
Reply-To: lukeh@PADL.COM
Sender: owner-heimdal-discuss@sics.se
Versions: dmail (bsd44) 2.4c/makemail 2.9d


While testing Heimdal's GSS-API library against Martin Rex's GSS-API
test suite, I ran into the following problem.

gss_wrap_size_limit() has req_output_size and max_input_size around
the wrong way -- it returns the output token size for a given input
size, rather than the maximum input size for a given output token
size.

Does this look right? (I took a look at the MIT code...)

static OM_uint32
sub_wrap_size (
            OM_uint32 req_output_size,
            OM_uint32 * max_input_size,
            int blocksize,
            int extrasize
           )
{
    size_t len, total_len, padlength;

    len = 8 /* confounder length */ + req_output_size + extrasize;
    padlength = blocksize - (len % blocksize);
    len += padlength;
    gssapi_krb5_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM);

    total_len -= req_output_size; /* token length */
    if (total_len < req_output_size) {
        *max_input_size = (req_output_size - total_len);
        padlength = blocksize - (*max_input_size % blocksize);
        *max_input_size -= padlength;
    } else {
        *max_input_size = 0;
    }
    return GSS_S_COMPLETE;
}

-- Luke

--
Luke Howard | PADL Software Pty Ltd | www.padl.com

Prev by Date: RE: how to achieve what kinit does programmatically?
Next by Date: Re: gss_wrap_size_limit()
Prev by thread: RE: how to achieve what kinit does programmatically?
Next by thread: Re: gss_wrap_size_limit()
Index(es):
- Date
- Thread