oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

sanon: Fix flags and ctx export/import confusion

Browse Source 
We were passing SANON flags to _gss_mg_import_rfc4121_context(), which
wants GSS flags.  Meanwhile, I broke gss_inquire_context() on imported
SAnon contexts when I did my review of SAnon.

This commit fixes both issues and removes SANON_FLAG_*, which were only
ever needed because of a flag to track whether a context was locally
initiated or accepted.  Now we use a separate int field of the sanon_ctx
to track whether a context was locally initiated.  Once an SAnon context
is fully established, we rely on gss_inquire_context() on the rfc4121
sub-context for all metadata that isn't the initiator and acceptor names
nor the mechanism OID.
This commit is contained in:
Nicolas Williams
2020-04-26 00:53:29 -05:00
parent 51fdb4bc04
commit 2cb40ed97c
7 changed files with 34 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/gssapi/sanon/negoex.c
View File

@@ -64,7 +64,7 @@ _gss_sanon_inquire_negoex_key(OM_uint32 *minor,
return GSS_S_UNAVAILABLE;
}
initiator_key = !!(sc->flags & SANON_FLAG_INITIATOR);
initiator_key = !!(sc->is_initiator);
if (gss_oid_equal(desired_object, GSS_C_INQ_NEGOEX_VERIFY_KEY))
initiator_key ^= 1;
@@ -193,7 +193,8 @@ _gssspi_sanon_exchange_meta_data(OM_uint32 *minor,
if (major != GSS_S_COMPLETE)
return major;
sc->flags |= rfc4757_to_sanon_flags(init_flags);
init_flags &= ~(GSS_C_DCE_STYLE | GSS_C_IDENTIFY_FLAG | GSS_C_EXTENDED_ERROR_FLAG);
sc->flags |= init_flags | req_flags;
return GSS_S_COMPLETE;
}