oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Sprinkle error strings.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18988 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-11-10 07:36:48 +00:00
parent ce3af21b1e
commit 33b12f5ffd
1 changed files with 29 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
lib/krb5/pac.c
View File

@@ -65,7 +65,13 @@ struct krb5_pac {
#define PAC_PRIVSVR_CHECKSUM 7 #define PAC_PRIVSVR_CHECKSUM 7
#define PAC_LOGON_NAME 10 #define PAC_LOGON_NAME 10
#define VCHECK(r,f,l) if (((r) = f ) != 0) goto l #define VCHECK(r,f,l) \
do { \
if (((r) = f ) != 0) { \
krb5_clear_error_string(context); \
goto l; \
} \
} while(0)
/* /*
* *
@@ -89,8 +95,8 @@ _krb5_pac_parse(krb5_context context, const void *ptr, size_t len,
sp = krb5_storage_from_readonly_mem(ptr, len); sp = krb5_storage_from_readonly_mem(ptr, len);
if (sp == NULL) { if (sp == NULL) {
krb5_clear_error_string(context);
ret = ENOMEM; ret = ENOMEM;
krb5_set_error_string(context, "out of memory");
goto out; goto out;
} }
krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE); krb5_storage_set_flags(sp, KRB5_STORAGE_BYTEORDER_LE);
@@ -98,10 +104,12 @@ _krb5_pac_parse(krb5_context context, const void *ptr, size_t len,
VCHECK(ret, krb5_ret_uint32(sp, &tmp), out); VCHECK(ret, krb5_ret_uint32(sp, &tmp), out);
VCHECK(ret, krb5_ret_uint32(sp, &tmp2), out); VCHECK(ret, krb5_ret_uint32(sp, &tmp2), out);
if (tmp < 1) { if (tmp < 1) {
krb5_set_error_string(context, "PAC have too few buffer");
ret = EINVAL; /* Too few buffers */ ret = EINVAL; /* Too few buffers */
goto out; goto out;
} }
if (tmp2 != 0) { if (tmp2 != 0) {
krb5_set_error_string(context, "PAC have wrong version");
ret = EINVAL; /* Wrong version */ ret = EINVAL; /* Wrong version */
goto out; goto out;
} }
@@ -109,8 +117,8 @@ _krb5_pac_parse(krb5_context context, const void *ptr, size_t len,
p->pac = calloc(1, p->pac = calloc(1,
sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * (tmp - 1))); sizeof(*p->pac) + (sizeof(p->pac->buffers[0]) * (tmp - 1)));
if (p->pac == NULL) { if (p->pac == NULL) {
ret = ENOMEM;
krb5_set_error_string(context, "out of memory"); krb5_set_error_string(context, "out of memory");
ret = ENOMEM;
goto out; goto out;
} }
@@ -131,22 +139,27 @@ _krb5_pac_parse(krb5_context context, const void *ptr, size_t len,
/* consistency checks */ /* consistency checks */
if (p->pac->buffers[i].offset_lo & (PAC_ALIGNMENT - 1)) { if (p->pac->buffers[i].offset_lo & (PAC_ALIGNMENT - 1)) {
krb5_set_error_string(context, "PAC out of allignment");
ret = EINVAL; ret = EINVAL;
goto out; goto out;
} }
if (p->pac->buffers[i].offset_hi) { if (p->pac->buffers[i].offset_hi) {
krb5_set_error_string(context, "PAC high offset set");
ret = EINVAL; ret = EINVAL;
goto out; goto out;
} }
if (p->pac->buffers[i].offset_lo > len) { if (p->pac->buffers[i].offset_lo > len) {
krb5_set_error_string(context, "PAC offset off end");
ret = EINVAL; ret = EINVAL;
goto out; goto out;
} }
if (p->pac->buffers[i].offset_lo < header_end) { if (p->pac->buffers[i].offset_lo < header_end) {
krb5_set_error_string(context, "PAC offset inside header");
ret = EINVAL; ret = EINVAL;
goto out; goto out;
} }
if (p->pac->buffers[i].buffersize > len - p->pac->buffers[i].offset_lo){ if (p->pac->buffers[i].buffersize > len - p->pac->buffers[i].offset_lo){
krb5_set_error_string(context, "PAC length off end");
ret = EINVAL; ret = EINVAL;
goto out; goto out;
} }
@@ -154,18 +167,21 @@ _krb5_pac_parse(krb5_context context, const void *ptr, size_t len,
/* let save pointer to data we need later */ /* let save pointer to data we need later */
if (p->pac->buffers[i].type == PAC_SERVER_CHECKSUM) { if (p->pac->buffers[i].type == PAC_SERVER_CHECKSUM) {
if (p->server_checksum) { if (p->server_checksum) {
krb5_set_error_string(context, "PAC have two server checksums");
ret = EINVAL; ret = EINVAL;
goto out; goto out;
} }
p->server_checksum = &p->pac->buffers[i]; p->server_checksum = &p->pac->buffers[i];
} else if (p->pac->buffers[i].type == PAC_PRIVSVR_CHECKSUM) { } else if (p->pac->buffers[i].type == PAC_PRIVSVR_CHECKSUM) {
if (p->privsvr_checksum) { if (p->privsvr_checksum) {
krb5_set_error_string(context, "PAC have two KDC checksums");
ret = EINVAL; ret = EINVAL;
goto out; goto out;
} }
p->privsvr_checksum = &p->pac->buffers[i]; p->privsvr_checksum = &p->pac->buffers[i];
} else if (p->pac->buffers[i].type == PAC_LOGON_NAME) { } else if (p->pac->buffers[i].type == PAC_LOGON_NAME) {
if (p->logon_name) { if (p->logon_name) {
krb5_set_error_string(context, "PAC have two logon names");
ret = EINVAL; ret = EINVAL;
goto out; goto out;
} }
@@ -244,6 +260,7 @@ verify_checksum(krb5_context context,
} }
ret = krb5_storage_read(sp, cksum.checksum.data, cksum.checksum.length); ret = krb5_storage_read(sp, cksum.checksum.data, cksum.checksum.length);
if (ret != cksum.checksum.length) { if (ret != cksum.checksum.length) {
krb5_set_error_string(context, "PAC checksum missing checksum");
ret = EINVAL; ret = EINVAL;
goto out; goto out;
} }
@@ -414,12 +431,18 @@ _krb5_pac_verify(krb5_context context,
{ {
krb5_error_code ret; krb5_error_code ret;
if (pac->server_checksum == NULL) if (pac->server_checksum == NULL) {
krb5_set_error_string(context, "PAC missing server checksum");
return EINVAL; return EINVAL;
if (pac->privsvr_checksum == NULL) }
if (pac->privsvr_checksum == NULL) {
krb5_set_error_string(context, "PAC missing kdc checksum");
return EINVAL; return EINVAL;
if (pac->logon_name == NULL) }
if (pac->logon_name == NULL) {
krb5_set_error_string(context, "PAC missing logon name");
return EINVAL; return EINVAL;
}
ret = verify_logonname(context, ret = verify_logonname(context,
pac->logon_name, pac->logon_name,