oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fix hdb_generate_key_set() to honour ks_tuple, n_ks_tuple.

Browse Source 
The code was generating a char ** of string representations of the
ks_tuple() array but it was not using it.  We modify the code to:

	1.  extend the array returned by ks_tuple2str() to include
	    enough space for the trailing NULL and ensure that there
	    is a NULL at the end,

	2.  not free the array before exiting ks_tuple2str() as we
	    intend to use it in the caller,

	3.  re-organise the pointers in hdb_generate_key_set() to
	    make it more clear how we are to free things that have
	    been allocated.

	4.  free the char ** given us by ks_tuple2str() if it has
	    been allocated.

Signed-off-by: Nicolas Williams <nico@cryptonector.com>
This commit is contained in:
Roland C. Dowdeswell
2011-11-28 13:41:38 +00:00
committed by Nicolas Williams
parent 2f6ad56c46
commit 00bea41dcb
1 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
lib/hdb/keys.c
View File

@@ -438,7 +438,7 @@ ks_tuple2str(krb5_context context, int n_ks_tuple,
if (n_ks_tuple < 1)
return 0;
if ((ksnames = calloc(n_ks_tuple, sizeof (*ksnames))) == NULL)
if ((ksnames = calloc(n_ks_tuple + 1, sizeof (*ksnames))) == NULL)
return (errno);
for (i = 0; i < n_ks_tuple; i++) {
@@ -458,8 +458,9 @@ ks_tuple2str(krb5_context context, int n_ks_tuple,
free(sname);
}
ksnames[i] = NULL;
*ks_tuple_strs = ksnames;
rc = 0;
return 0;
out:
for (i = 0; i < n_ks_tuple; i++)
@@ -485,6 +486,7 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal,
Key *k, *key_set;
size_t i, j;
char **ks_tuple_strs;
char **config_ktypes = NULL;
static const char *default_keytypes[] = {
"aes256-cts-hmac-sha1-96:pw-salt",
"des3-cbc-sha1:pw-salt",
@@ -495,9 +497,12 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal,
if ((ret = ks_tuple2str(context, n_ks_tuple, ks_tuple, &ks_tuple_strs)))
return ret;
if (ks_tuple_strs == NULL)
ktypes = krb5_config_get_strings(context, NULL, "kadmin",
"default_keys", NULL);
ktypes = ks_tuple_strs;
if (ktypes == NULL) {
config_ktypes = krb5_config_get_strings(context, NULL, "kadmin",
"default_keys", NULL);
ktypes = config_ktypes;
}
if (ktypes == NULL)
ktypes = (char **)(intptr_t)default_keytypes;
@@ -567,8 +572,12 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal,
*ret_key_set = key_set;
out:
if (ktypes != (char **)(intptr_t)default_keytypes)
krb5_config_free_strings(ktypes);
if (config_ktypes != NULL)
krb5_config_free_strings(config_ktypes);
for(kp = ks_tuple_strs; kp && *kp; kp++)
free(kp);
free(ks_tuple_strs);
if (ret) {
krb5_warn(context, ret,