From 0858b71b414acc59d29da72e94bf5e8b59de0cd2 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 9 Apr 2005 23:55:55 +0000 Subject: [PATCH] Make kerberos ciphersuite code work with newer header files --- CHANGES | 8 ++++++++ ssl/kssl.c | 18 ++++++++++++------ ssl/kssl.h | 6 ++++++ ssl/s3_srvr.c | 4 ++-- 4 files changed, 28 insertions(+), 8 deletions(-) diff --git a/CHANGES b/CHANGES index 46db3be250..2ff3b83698 100644 --- a/CHANGES +++ b/CHANGES @@ -780,6 +780,14 @@ Changes between 0.9.7f and 0.9.7g [XX xxx xxxx] + *) Fixes for newer kerberos headers. NB: the casts are needed because + the 'length' field is signed on one version and unsigned on another + with no (?) obvious way to tell the difference, without these VC++ + complains. Also the "definition" of FAR (blank) is no longer included + nor is the error ENOMEM. KRB5_PRIVATE has to be set to 1 to pick up + some needed definitions. + [Steve Henson] + *) Undo Cygwin change. [Ulf Möller] diff --git a/ssl/kssl.c b/ssl/kssl.c index 51378897f6..3afa95f3fa 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -73,6 +73,8 @@ #undef _XOPEN_SOURCE /* To avoid clashes with anything else... */ #include +#define KRB5_PRIVATE 1 + #include #include #include @@ -80,6 +82,10 @@ #ifndef OPENSSL_NO_KRB5 +#ifndef ENOMEM +#define ENOMEM KRB5KRB_ERR_GENERIC +#endif + /* * When OpenSSL is built on Windows, we do not want to require that * the Kerberos DLLs be available in order for the OpenSSL DLLs to @@ -932,7 +938,7 @@ print_krb5_data(char *label, krb5_data *kdata) int i; printf("%s[%d] ", label, kdata->length); - for (i=0; i < kdata->length; i++) + for (i=0; i < (int)kdata->length; i++) { if (0 && isprint((int) kdata->data[i])) printf( "%c ", kdata->data[i]); @@ -984,14 +990,14 @@ print_krb5_keyblock(char *label, krb5_keyblock *keyblk) #ifdef KRB5_HEIMDAL printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype, keyblk->keyvalue->length); - for (i=0; i < keyblk->keyvalue->length; i++) + for (i=0; i < (int)keyblk->keyvalue->length; i++) { printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]); } printf("\n"); #else printf("%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length); - for (i=0; i < keyblk->length; i++) + for (i=0; i < (int)keyblk->length; i++) { printf("%02x",keyblk->contents[i]); } @@ -1010,12 +1016,12 @@ print_krb5_princ(char *label, krb5_principal_data *princ) printf("%s principal Realm: ", label); if (princ == NULL) return; - for (ui=0; ui < princ->realm.length; ui++) putchar(princ->realm.data[ui]); + for (ui=0; ui < (int)princ->realm.length; ui++) putchar(princ->realm.data[ui]); printf(" (nametype %d) has %d strings:\n", princ->type,princ->length); - for (i=0; i < princ->length; i++) + for (i=0; i < (int)princ->length; i++) { printf("\t%d [%d]: ", i, princ->data[i].length); - for (uj=0; uj < princ->data[i].length; uj++) { + for (uj=0; uj < (int)princ->data[i].length; uj++) { putchar(princ->data[i].data[uj]); } printf("\n"); diff --git a/ssl/kssl.h b/ssl/kssl.h index 19a689b089..a3d20e1ccb 100644 --- a/ssl/kssl.h +++ b/ssl/kssl.h @@ -82,6 +82,12 @@ extern "C" { #ifdef KRB5_HEIMDAL typedef unsigned char krb5_octet; #define FAR +#else + +#ifndef FAR +#define FAR +#endif + #endif /* Uncomment this to debug kssl problems or diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 28b30fec23..4d196371ec 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1850,8 +1850,8 @@ static int ssl3_get_client_key_exchange(SSL *s) goto err; } - if (n != enc_ticket.length + authenticator.length + - enc_pms.length + 6) + if (n != (long)(enc_ticket.length + authenticator.length + + enc_pms.length + 6)) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG); -- GitLab