oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5: Fix skew bug, or krb5_copy_context() moar

Browse Source 
Now that we use krb5_copy_context() via kadm5_c_dup_context(), we see
occasional skew errors in the tests because context->max_skew was not
being initialized, so it was set to 0s of skew, and krb5_rd_priv() or
others could fail.
This commit is contained in:
Nicolas Williams
2022-03-24 16:38:17 -05:00
parent d5e21b7771
commit d1e7650988
1 changed files with 58 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
lib/krb5/context.c
View File

@@ -545,7 +545,7 @@ copy_etypes (krb5_context context,
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_copy_context(krb5_context context, krb5_context *out)
{
krb5_error_code ret;
krb5_error_code ret = 0;
krb5_context p;
*out = NULL;
@@ -554,80 +554,79 @@ krb5_copy_context(krb5_context context, krb5_context *out)
if (p == NULL)
return krb5_enomem(context);
if ((p->hcontext = heim_context_init()) == NULL) {
ret = ENOMEM;
goto out;
}
p->cc_ops = NULL;
p->etypes = NULL;
p->kt_types = NULL;
p->cfg_etypes = NULL;
p->etypes_des = NULL;
p->default_realms = NULL;
p->extra_addresses = NULL;
p->ignore_addresses = NULL;
if ((p->hcontext = heim_context_init()) == NULL)
ret = ENOMEM;
if (ret == 0) {
heim_context_set_log_utc(p->hcontext, context->log_utc);
if (context->default_cc_name &&
(p->default_cc_name = strdup(context->default_cc_name)) == NULL) {
ret = ENOMEM;
goto out;
ret = _krb5_config_copy(context, context->cf, &p->cf);
}
if (context->default_cc_name_env &&
(p->default_cc_name_env =
strdup(context->default_cc_name_env)) == NULL) {
if (ret == 0)
ret = init_context_from_config_file(p);
if (ret == 0 && context->default_cc_name) {
free(p->default_cc_name);
if ((p->default_cc_name = strdup(context->default_cc_name)) == NULL)
ret = ENOMEM;
goto out;
}
if (context->configured_default_cc_name &&
(p->configured_default_cc_name =
strdup(context->configured_default_cc_name)) == NULL) {
if (ret == 0 && context->default_cc_name_env) {
free(p->default_cc_name_env);
if ((p->default_cc_name_env =
strdup(context->default_cc_name_env)) == NULL)
ret = ENOMEM;
}
if (ret == 0 && context->configured_default_cc_name) {
free(context->configured_default_cc_name);
if ((p->configured_default_cc_name =
strdup(context->configured_default_cc_name)) == NULL)
ret = ENOMEM;
goto out;
}
if (context->etypes) {
if (ret == 0 && context->etypes) {
free(p->etypes);
ret = copy_etypes(context, context->etypes, &p->etypes);
if (ret)
goto out;
}
if (context->cfg_etypes) {
if (ret == 0 && context->cfg_etypes) {
free(p->cfg_etypes);
ret = copy_etypes(context, context->cfg_etypes, &p->cfg_etypes);
if (ret)
goto out;
}
if (context->etypes_des) {
if (ret == 0 && context->etypes_des) {
free(p->etypes_des);
ret = copy_etypes(context, context->etypes_des, &p->etypes_des);
if (ret)
goto out;
}
if (context->default_realms) {
if (ret == 0 && context->default_realms) {
krb5_free_host_realm(context, p->default_realms);
ret = krb5_copy_host_realm(context,
context->default_realms, &p->default_realms);
if (ret)
goto out;
}
ret = _krb5_config_copy(context, context->cf, &p->cf);
if (ret)
goto out;
/* XXX should copy */
if (ret == 0)
_krb5_init_ets(p);
cc_ops_copy(p, context);
kt_ops_copy(p, context);
if (ret == 0)
ret = cc_ops_copy(p, context);
if (ret == 0)
ret = kt_ops_copy(p, context);
if (ret == 0)
ret = krb5_set_extra_addresses(p, context->extra_addresses);
if (ret)
goto out;
if (ret == 0)
ret = krb5_set_extra_addresses(p, context->ignore_addresses);
if (ret)
goto out;
if (ret == 0)
ret = _krb5_copy_send_to_kdc_func(p, context);
if (ret)
goto out;
if (ret == 0)
*out = p;
return 0;
out:
else
krb5_free_context(p);
return ret;
}