oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(spnego_reply): Don't pass back raw Kerberos errors, use GSS-API

Browse Source 
errors instead.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16158 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-10-12 07:25:18 +00:00
parent a2eac30736
commit 72fabc6c6b
2 changed files with 24 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/gssapi/init_sec_context.c
View File

@@ -677,16 +677,23 @@ spnego_reply
ret = der_match_tag_and_length((const char *)indata.data, ret = der_match_tag_and_length((const char *)indata.data,
indata.length, indata.length,
ASN1_C_CONTEXT, CONS, 1, &len, &taglen); ASN1_C_CONTEXT, CONS, 1, &len, &taglen);
if (ret) if (ret) {
return ret; gssapi_krb5_set_status("Failed to decode NegToken choice");
*minor_status = ret;
return GSS_S_FAILURE;
}
if(len > indata.length - taglen) if(len > indata.length - taglen) {
return ASN1_OVERRUN; gssapi_krb5_set_status("Buffer overrun in NegToken choice");
*minor_status = ASN1_OVERRUN;
return GSS_S_FAILURE;
}
ret = decode_NegTokenTarg((const char *)indata.data + taglen, ret = decode_NegTokenTarg((const char *)indata.data + taglen,
len, &targ, NULL); len, &targ, NULL);
if (ret) { if (ret) {
*minor_status = ENOMEM; gssapi_krb5_set_status("Failed to decode NegTokenTarg");
*minor_status = ret;
return GSS_S_FAILURE; return GSS_S_FAILURE;
} }

17
lib/gssapi/krb5/init_sec_context.c
View File

@@ -677,16 +677,23 @@ spnego_reply
ret = der_match_tag_and_length((const char *)indata.data, ret = der_match_tag_and_length((const char *)indata.data,
indata.length, indata.length,
ASN1_C_CONTEXT, CONS, 1, &len, &taglen); ASN1_C_CONTEXT, CONS, 1, &len, &taglen);
if (ret) if (ret) {
return ret; gssapi_krb5_set_status("Failed to decode NegToken choice");
*minor_status = ret;
return GSS_S_FAILURE;
}
if(len > indata.length - taglen) if(len > indata.length - taglen) {
return ASN1_OVERRUN; gssapi_krb5_set_status("Buffer overrun in NegToken choice");
*minor_status = ASN1_OVERRUN;
return GSS_S_FAILURE;
}
ret = decode_NegTokenTarg((const char *)indata.data + taglen, ret = decode_NegTokenTarg((const char *)indata.data + taglen,
len, &targ, NULL); len, &targ, NULL);
if (ret) { if (ret) {
*minor_status = ENOMEM; gssapi_krb5_set_status("Failed to decode NegTokenTarg");
*minor_status = ret;
return GSS_S_FAILURE; return GSS_S_FAILURE;
} }