const struct gensec_channel_bindings *cb =
gensec_security->channel_bindings;
gnutls_hash_hd_t hash_hnd = NULL;
- uint8_t header[32];
- uint32_t next_offset = sizeof(header);
- uint32_t initiator_address_offset = 0;
- uint32_t acceptor_address_offset = 0;
- uint32_t application_data_offset = 0;
+ uint8_t uint32buf[4];
int rc;
if (cb == NULL) {
return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
}
- if (cb->initiator_address.length > 0) {
- initiator_address_offset = next_offset;
- next_offset += cb->initiator_address.length;
- }
- if (cb->acceptor_address.length > 0) {
- acceptor_address_offset = next_offset;
- next_offset += cb->acceptor_address.length;
- }
- if (cb->application_data.length > 0) {
- application_data_offset = next_offset;
- next_offset += cb->application_data.length;
+ SIVAL(uint32buf, 0, cb->initiator_addrtype);
+ rc = gnutls_hash(hash_hnd, uint32buf, sizeof(uint32buf));
+ if (rc < 0) {
+ gnutls_hash_deinit(hash_hnd, NULL);
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
}
-
- SIVAL(header, 0, cb->initiator_addrtype);
- SIVAL(header, 4, cb->initiator_address.length);
- SIVAL(header, 8, initiator_address_offset);
- SIVAL(header, 12, cb->acceptor_addrtype);
- SIVAL(header, 16, cb->acceptor_address.length);
- SIVAL(header, 20, acceptor_address_offset);
- SIVAL(header, 24, cb->application_data.length);
- SIVAL(header, 28, application_data_offset);
-
- rc = gnutls_hash(hash_hnd, header, sizeof(header));
+ SIVAL(uint32buf, 0, cb->initiator_address.length);
+ rc = gnutls_hash(hash_hnd, uint32buf, sizeof(uint32buf));
if (rc < 0) {
gnutls_hash_deinit(hash_hnd, NULL);
return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
}
-
- if (initiator_address_offset != 0) {
+ if (cb->initiator_address.length > 0) {
rc = gnutls_hash(hash_hnd,
cb->initiator_address.data,
cb->initiator_address.length);
return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
}
}
-
- if (acceptor_address_offset != 0) {
+ SIVAL(uint32buf, 0, cb->acceptor_addrtype);
+ rc = gnutls_hash(hash_hnd, uint32buf, sizeof(uint32buf));
+ if (rc < 0) {
+ gnutls_hash_deinit(hash_hnd, NULL);
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+ }
+ SIVAL(uint32buf, 0, cb->acceptor_address.length);
+ rc = gnutls_hash(hash_hnd, uint32buf, sizeof(uint32buf));
+ if (rc < 0) {
+ gnutls_hash_deinit(hash_hnd, NULL);
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+ }
+ if (cb->acceptor_address.length > 0) {
rc = gnutls_hash(hash_hnd,
cb->acceptor_address.data,
cb->acceptor_address.length);
return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
}
}
-
- if (application_data_offset != 0) {
+ SIVAL(uint32buf, 0, cb->application_data.length);
+ rc = gnutls_hash(hash_hnd, uint32buf, sizeof(uint32buf));
+ if (rc < 0) {
+ gnutls_hash_deinit(hash_hnd, NULL);
+ return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED);
+ }
+ if (cb->application_data.length > 0) {
rc = gnutls_hash(hash_hnd,
cb->application_data.data,
cb->application_data.length);