Skip to content

Commit

Permalink
Use DB allocators for default key data encryption
Browse files Browse the repository at this point in the history 
krb5_dbe_def_encrypt_key_data() is used by KDB modules as the default
encryption functions.  It deals with structures allocated or freed by
the KDB module, so it needs to use the module's memory allocation
functions.
  • Loading branch information
@simo5 @greghudson
simo5 authored and greghudson committed Feb 19, 2016
1 parent 0d1c32d commit 2e9f198
Showing 1 changed file with 9 additions and 7 deletions.
16 changes: 9 additions & 7 deletions src/lib/kdb/encrypt_key.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,9 +73,10 @@ krb5_dbe_def_encrypt_key_data( krb5_context context,
krb5_data plain;
krb5_enc_data cipher;

for (i = 0; i < key_data->key_data_ver; i++)
if (key_data->key_data_contents[i])
free(key_data->key_data_contents[i]);
for (i = 0; i < key_data->key_data_ver; i++) {
krb5_db_free(context, key_data->key_data_contents[i]);
key_data->key_data_contents[i] = NULL;
}

key_data->key_data_ver = 1;
key_data->key_data_kvno = keyver;
Expand All @@ -88,7 +89,8 @@ krb5_dbe_def_encrypt_key_data( krb5_context context,
&len)))
return(retval);

if ((ptr = (krb5_octet *) malloc(2 + len)) == NULL)
ptr = krb5_db_alloc(context, NULL, 2 + len);
if (ptr == NULL)
return(ENOMEM);

key_data->key_data_type[0] = dbkey->enctype;
Expand All @@ -106,7 +108,7 @@ krb5_dbe_def_encrypt_key_data( krb5_context context,

if ((retval = krb5_c_encrypt(context, mkey, /* XXX */ 0, 0,
&plain, &cipher))) {
free(key_data->key_data_contents[0]);
krb5_db_free(context, key_data->key_data_contents[0]);
return retval;
}

Expand All @@ -117,9 +119,9 @@ krb5_dbe_def_encrypt_key_data( krb5_context context,
key_data->key_data_type[1] = keysalt->type;
if ((key_data->key_data_length[1] = keysalt->data.length) != 0) {
key_data->key_data_contents[1] =
(krb5_octet *)malloc(keysalt->data.length);
krb5_db_alloc(context, NULL, keysalt->data.length);
if (key_data->key_data_contents[1] == NULL) {
free(key_data->key_data_contents[0]);
krb5_db_free(context, key_data->key_data_contents[0]);
return ENOMEM;
}
memcpy(key_data->key_data_contents[1], keysalt->data.data,
Expand Down

0 comments on commit 2e9f198

Please sign in to comment.