oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

gsskrb5: Fix dead code issues in deleg cred path

Browse Source
This commit is contained in:
Nicolas Williams
2022-01-17 18:10:08 -06:00
parent 82b8c906e9
commit 00dd104b96
1 changed files with 59 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
lib/gssapi/krb5/accept_sec_context.c
View File

@@ -157,29 +157,20 @@ gsskrb5_accept_delegated_token(OM_uint32 *minor_status,
krb5_ccache ccache = NULL; krb5_ccache ccache = NULL;
krb5_error_code kret; krb5_error_code kret;
int32_t ac_flags, ret = GSS_S_COMPLETE; int32_t ac_flags, ret = GSS_S_COMPLETE;
gsskrb5_cred handle;
*minor_status = 0; *minor_status = 0;
/* XXX Create a new delegated_cred_handle? */ /* XXX Create a new delegated_cred_handle? */
if (delegated_cred_handle == NULL) { if (delegated_cred_handle == NULL)
ret = GSS_S_COMPLETE; return GSS_S_COMPLETE;
goto out;
}
*delegated_cred_handle = NULL; *delegated_cred_handle = NULL;
kret = krb5_cc_resolve(context, "MEMORY:anonymous", &ccache); kret = krb5_cc_resolve(context, "MEMORY:anonymous", &ccache);
if (kret) { if (kret == 0)
ctx->flags &= ~GSS_C_DELEG_FLAG;
goto out;
}
kret = krb5_cc_initialize(context, ccache, ctx->source); kret = krb5_cc_initialize(context, ccache, ctx->source);
if (kret) { if (kret == 0) {
ctx->flags &= ~GSS_C_DELEG_FLAG; (void) krb5_auth_con_removeflags(context,
goto out;
}
krb5_auth_con_removeflags(context,
ctx->auth_context, ctx->auth_context,
KRB5_AUTH_CONTEXT_DO_TIME, KRB5_AUTH_CONTEXT_DO_TIME,
&ac_flags); &ac_flags);
@@ -187,9 +178,10 @@ gsskrb5_accept_delegated_token(OM_uint32 *minor_status,
ctx->auth_context, ctx->auth_context,
ccache, ccache,
&ctx->fwd_data); &ctx->fwd_data);
krb5_auth_con_setflags(context, (void) krb5_auth_con_setflags(context,
ctx->auth_context, ctx->auth_context,
ac_flags); ac_flags);
}
if (kret) { if (kret) {
ctx->flags &= ~GSS_C_DELEG_FLAG; ctx->flags &= ~GSS_C_DELEG_FLAG;
ret = GSS_S_FAILURE; ret = GSS_S_FAILURE;
@@ -197,9 +189,6 @@ gsskrb5_accept_delegated_token(OM_uint32 *minor_status,
goto out; goto out;
} }
if (delegated_cred_handle) {
gsskrb5_cred handle;
ret = _gsskrb5_krb5_import_cred(minor_status, ret = _gsskrb5_krb5_import_cred(minor_status,
&ccache, &ccache,
NULL, NULL,
@@ -244,15 +233,10 @@ gsskrb5_accept_delegated_token(OM_uint32 *minor_status,
ret = GSS_S_FAILURE; ret = GSS_S_FAILURE;
goto out; goto out;
} }
}
out: out:
if (ccache) { if (ccache) {
/* Don't destroy the default cred cache */
if (delegated_cred_handle == NULL)
krb5_cc_close(context, ccache); krb5_cc_close(context, ccache);
else
krb5_cc_destroy(context, ccache);
} }
return ret; return ret;
} }