{
switch (enctype)
{
-#if ! defined(KRB5_MIT_OLD11)
- /* cannot handle derived keys */
- case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
case ENCTYPE_DES_HMAC_SHA1: /* EVP_des_cbc(); */
- return (EVP_CIPHER *) NULL;
- break;
-#endif
case ENCTYPE_DES_CBC_CRC:
case ENCTYPE_DES_CBC_MD4:
case ENCTYPE_DES_CBC_MD5:
case ENCTYPE_DES_CBC_RAW:
return (EVP_CIPHER *) EVP_des_cbc();
break;
+ case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
case ENCTYPE_DES3_CBC_SHA:
case ENCTYPE_DES3_CBC_RAW:
return (EVP_CIPHER *) EVP_des_ede3_cbc();
** what the highest assigned CKSUMTYPE_ constant is. As of 1.2.2
** it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3). So we will use 0x0010.
*/
-int *populate_cksumlens(void)
+size_t *populate_cksumlens(void)
{
int i, j, n;
static size_t *cklens = NULL;
*/
unsigned char *kssl_skip_confound(krb5_enctype etype, unsigned char *a)
{
- int i, cklen, conlen;
- static int *cksumlens = NULL;
+ int i, conlen;
+ size_t cklen;
+ static size_t *cksumlens = NULL;
unsigned char *test_auth;
conlen = (etype)? 8: 0;
}
arlen = krb5_app_req.length;
- p = krb5_app_req.data;
+ p = (unsigned char *)krb5_app_req.data;
ap_req = (KRB5_APREQBODY *) d2i_KRB5_APREQ(NULL, &p, arlen);
if (ap_req)
{
if (authenp->length &&
(authenp->data = malloc(authenp->length)))
{
- unsigned char *p = authenp->data;
+ unsigned char *adp = (unsigned char *)authenp->data;
authenp->length = i2d_KRB5_ENCDATA(
- ap_req->authenticator, &p);
+ ap_req->authenticator, &adp);
}
}
** &ap_option, &krb5ticket)) != 0) { Error }
*/
- p = indata->data;
+ p = (unsigned char *)indata->data;
if ((asn1ticket = (KRB5_TKTBODY *) d2i_KRB5_TICKET(NULL, &p,
(long) indata->length)) == NULL)
{
** Return pointer to the (partially) filled in struct tm on success,
** return NULL on failure.
*/
-struct tm *k_gmtime(ASN1_GENERALIZEDTIME *ctime, struct tm *k_tm)
+struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
{
char c, *p;
if (!k_tm) return NULL;
- if (ctime == NULL || ctime->length < 14) return NULL;
- if (ctime->data == NULL) return NULL;
+ if (gtime == NULL || gtime->length < 14) return NULL;
+ if (gtime->data == NULL) return NULL;
- p = &ctime->data[14];
+ p = (char *)>ime->data[14];
c = *p; *p = '\0'; p -= 2; k_tm->tm_sec = atoi(p); *(p+2) = c;
c = *p; *p = '\0'; p -= 2; k_tm->tm_min = atoi(p); *(p+2) = c;
goto err;
}
- p = authentp->data;
+ p = (unsigned char *)authentp->data;
if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p,
(long) authentp->length)) == NULL)
{
}
enctype = dec_authent->etype->data[0]; /* should = kssl_ctx->enctype */
+#if !defined(KRB5_MIT_OLD11)
+ switch ( enctype ) {
+ case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
+ case ENCTYPE_DES3_CBC_SHA:
+ case ENCTYPE_DES3_CBC_RAW:
+ krb5rc = 0; /* Skip, can't handle derived keys */
+ goto err;
+ }
+#endif
enc = kssl_map_enc(enctype);
memset(iv, 0, EVP_MAX_IV_LENGTH); /* per RFC 1510 */