gss: honor GM_USE_MG_NAME in gss_accept_sec_context()
GM_USE_MG_NAME was not honored in the case where the mechanism emitted a name, but the caller of gss_accept_sec_context() did not request it be returned. This would result in m->gm_release_name() being called on the mechglue name, which would crash either because that function pointer was NULL or because it would have expected a mechanism name.
This commit is contained in:
Luke Howard
@@ -335,11 +335,12 @@ got_one:
|
||||
if (mech_type)
|
||||
*mech_type = mech_ret_type;
|
||||
|
||||
if (src_name && src_mn && (ctx->gc_mech->gm_flags & GM_USE_MG_NAME)) {
|
||||
if (src_name && src_mn) {
|
||||
if (ctx->gc_mech->gm_flags & GM_USE_MG_NAME) {
|
||||
/* Negotiation mechanisms use mechglue names as names */
|
||||
*src_name = src_mn;
|
||||
src_mn = GSS_C_NO_NAME;
|
||||
} else if (src_name && src_mn) {
|
||||
} else {
|
||||
/*
|
||||
* Make a new name and mark it as an MN.
|
||||
*
|
||||
@@ -355,9 +356,15 @@ got_one:
|
||||
}
|
||||
*src_name = (gss_name_t) name;
|
||||
src_mn = GSS_C_NO_NAME;
|
||||
}
|
||||
} else if (src_mn) {
|
||||
if (ctx->gc_mech->gm_flags & GM_USE_MG_NAME) {
|
||||
_gss_mg_release_name((struct _gss_name *)src_mn);
|
||||
src_mn = GSS_C_NO_NAME;
|
||||
} else {
|
||||
m->gm_release_name(minor_status, &src_mn);
|
||||
}
|
||||
}
|
||||
|
||||
if (mech_ret_flags & GSS_C_DELEG_FLAG) {
|
||||
if (!delegated_cred_handle) {
|
||||
|
||||
Reference in New Issue
Block a user