oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(gss_acquire_cred): more testing of input argument, make sure output

Browse Source 
arguments are ok, since we don't know the time_rec (for now), set it
to time_req


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11771 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2003-03-16 18:05:35 +00:00
parent f107a9a266
commit 408615bf37
2 changed files with 72 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
lib/gssapi/acquire_cred.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan * Copyright (c) 1997 - 2003 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -127,6 +127,11 @@ static OM_uint32 acquire_initiator_cred
if (kret) if (kret)
goto end; goto end;
} }
{
/* XXX get expiration -> handle->lifetime */
}
handle->ccache = ccache; handle->ccache = ccache;
ret = GSS_S_COMPLETE; ret = GSS_S_COMPLETE;
@@ -197,10 +202,30 @@ OM_uint32 gss_acquire_cred
GSSAPI_KRB5_INIT (); GSSAPI_KRB5_INIT ();
*minor_status = 0; *output_cred_handle = NULL;
if (time_rec)
*time_rec = 0;
if (actual_mechs)
*actual_mechs = GSS_C_NO_OID_SET;
if (desired_mechs) {
OM_uint32 present = 0;
ret = gss_test_oid_set_member(minor_status, GSS_KRB5_MECHANISM,
desired_mechs, &present);
if (ret)
return ret;
if (!present) {
*minor_status = 0;
return GSS_S_BAD_MECH;
}
}
handle = (gss_cred_id_t)malloc(sizeof(*handle)); handle = (gss_cred_id_t)malloc(sizeof(*handle));
if (handle == GSS_C_NO_CREDENTIAL) if (handle == GSS_C_NO_CREDENTIAL) {
*minor_status = ENOMEM;
return (GSS_S_FAILURE); return (GSS_S_FAILURE);
}
memset(handle, 0, sizeof (*handle)); memset(handle, 0, sizeof (*handle));
@@ -219,14 +244,17 @@ OM_uint32 gss_acquire_cred
free(handle); free(handle);
return (ret); return (ret);
} }
} } else if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) {
if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) {
ret = acquire_acceptor_cred(minor_status, desired_name, time_req, ret = acquire_acceptor_cred(minor_status, desired_name, time_req,
desired_mechs, cred_usage, handle, actual_mechs, time_rec); desired_mechs, cred_usage, handle, actual_mechs, time_rec);
if (ret != GSS_S_COMPLETE) { if (ret != GSS_S_COMPLETE) {
free(handle); free(handle);
return (ret); return (ret);
} }
} else {
free(handle);
*minor_status = GSS_KRB5_S_G_BAD_USAGE;
return GSS_S_FAILURE;
} }
ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms);
if (ret == GSS_S_COMPLETE) if (ret == GSS_S_COMPLETE)
@@ -241,6 +269,9 @@ OM_uint32 gss_acquire_cred
free(handle); free(handle);
return (ret); return (ret);
} }
*minor_status = 0;
if (time_rec)
*time_rec = time_req;
/* XXX */ /* XXX */
handle->lifetime = time_req; handle->lifetime = time_req;
handle->usage = cred_usage; handle->usage = cred_usage;

41
lib/gssapi/krb5/acquire_cred.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997 - 2002 Kungliga Tekniska H<>gskolan * Copyright (c) 1997 - 2003 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -127,6 +127,11 @@ static OM_uint32 acquire_initiator_cred
if (kret) if (kret)
goto end; goto end;
} }
{
/* XXX get expiration -> handle->lifetime */
}
handle->ccache = ccache; handle->ccache = ccache;
ret = GSS_S_COMPLETE; ret = GSS_S_COMPLETE;
@@ -197,10 +202,30 @@ OM_uint32 gss_acquire_cred
GSSAPI_KRB5_INIT (); GSSAPI_KRB5_INIT ();
*minor_status = 0; *output_cred_handle = NULL;
if (time_rec)
*time_rec = 0;
if (actual_mechs)
*actual_mechs = GSS_C_NO_OID_SET;
if (desired_mechs) {
OM_uint32 present = 0;
ret = gss_test_oid_set_member(minor_status, GSS_KRB5_MECHANISM,
desired_mechs, &present);
if (ret)
return ret;
if (!present) {
*minor_status = 0;
return GSS_S_BAD_MECH;
}
}
handle = (gss_cred_id_t)malloc(sizeof(*handle)); handle = (gss_cred_id_t)malloc(sizeof(*handle));
if (handle == GSS_C_NO_CREDENTIAL) if (handle == GSS_C_NO_CREDENTIAL) {
*minor_status = ENOMEM;
return (GSS_S_FAILURE); return (GSS_S_FAILURE);
}
memset(handle, 0, sizeof (*handle)); memset(handle, 0, sizeof (*handle));
@@ -219,14 +244,17 @@ OM_uint32 gss_acquire_cred
free(handle); free(handle);
return (ret); return (ret);
} }
} } else if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) {
if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) {
ret = acquire_acceptor_cred(minor_status, desired_name, time_req, ret = acquire_acceptor_cred(minor_status, desired_name, time_req,
desired_mechs, cred_usage, handle, actual_mechs, time_rec); desired_mechs, cred_usage, handle, actual_mechs, time_rec);
if (ret != GSS_S_COMPLETE) { if (ret != GSS_S_COMPLETE) {
free(handle); free(handle);
return (ret); return (ret);
} }
} else {
free(handle);
*minor_status = GSS_KRB5_S_G_BAD_USAGE;
return GSS_S_FAILURE;
} }
ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms);
if (ret == GSS_S_COMPLETE) if (ret == GSS_S_COMPLETE)
@@ -241,6 +269,9 @@ OM_uint32 gss_acquire_cred
free(handle); free(handle);
return (ret); return (ret);
} }
*minor_status = 0;
if (time_rec)
*time_rec = time_req;
/* XXX */ /* XXX */
handle->lifetime = time_req; handle->lifetime = time_req;
handle->usage = cred_usage; handle->usage = cred_usage;