handle minor_status more consistently
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10533 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
@@ -198,11 +198,12 @@ gss_accept_sec_context
|
||||
tmp);
|
||||
}
|
||||
|
||||
ret = gssapi_krb5_decapsulate (input_token_buffer,
|
||||
ret = gssapi_krb5_decapsulate (minor_status,
|
||||
input_token_buffer,
|
||||
&indata,
|
||||
"\x01\x00");
|
||||
if (ret) {
|
||||
kret = 0;
|
||||
kret = *minor_status;
|
||||
goto failure;
|
||||
}
|
||||
|
||||
@@ -355,13 +356,14 @@ end_fwd:
|
||||
gssapi_krb5_set_error_string ();
|
||||
goto failure;
|
||||
}
|
||||
ret = gssapi_krb5_encapsulate (&outbuf,
|
||||
ret = gssapi_krb5_encapsulate (minor_status,
|
||||
&outbuf,
|
||||
output_token,
|
||||
"\x02\x00");
|
||||
krb5_data_free (&outbuf);
|
||||
if (ret) {
|
||||
kret = 0;
|
||||
goto failure;
|
||||
kret = *minor_status;
|
||||
goto failure;
|
||||
}
|
||||
} else {
|
||||
output_token->length = 0;
|
||||
|
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -80,6 +80,7 @@ gssapi_krb5_verify_header(u_char **str,
|
||||
|
||||
OM_uint32
|
||||
gssapi_krb5_decapsulate(
|
||||
OM_uint32 *minor_status,
|
||||
gss_buffer_t input_token_buffer,
|
||||
krb5_data *out_data,
|
||||
char *type
|
||||
@@ -92,8 +93,10 @@ gssapi_krb5_decapsulate(
|
||||
ret = gssapi_krb5_verify_header(&p,
|
||||
input_token_buffer->length,
|
||||
type);
|
||||
if (ret)
|
||||
if (ret) {
|
||||
*minor_status = 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
out_data->length = input_token_buffer->length -
|
||||
(p - (u_char *)input_token_buffer->value);
|
||||
|
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -78,6 +78,7 @@ gssapi_krb5_make_header (u_char *p,
|
||||
|
||||
OM_uint32
|
||||
gssapi_krb5_encapsulate(
|
||||
OM_uint32 *minor_status,
|
||||
const krb5_data *in_data,
|
||||
gss_buffer_t output_token,
|
||||
u_char *type
|
||||
@@ -90,8 +91,10 @@ gssapi_krb5_encapsulate(
|
||||
|
||||
output_token->length = outer_len;
|
||||
output_token->value = malloc (outer_len);
|
||||
if (output_token->value == NULL)
|
||||
if (output_token->value == NULL) {
|
||||
*minor_status = ENOMEM;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
|
||||
p = gssapi_krb5_make_header (output_token->value, len, type);
|
||||
memcpy (p, in_data->data, in_data->length);
|
||||
|
@@ -400,11 +400,10 @@ init_auth
|
||||
goto failure;
|
||||
}
|
||||
|
||||
ret = gssapi_krb5_encapsulate (&outbuf, output_token, "\x01\x00");
|
||||
if (ret) {
|
||||
*minor_status = kret;
|
||||
ret = gssapi_krb5_encapsulate (minor_status, &outbuf, output_token,
|
||||
"\x01\x00");
|
||||
if (ret)
|
||||
goto failure;
|
||||
}
|
||||
|
||||
krb5_data_free (&outbuf);
|
||||
|
||||
@@ -452,12 +451,11 @@ repl_mutual
|
||||
krb5_data indata;
|
||||
krb5_ap_rep_enc_part *repl;
|
||||
|
||||
ret = gssapi_krb5_decapsulate (input_token, &indata, "\x02\x00");
|
||||
if (ret) {
|
||||
ret = gssapi_krb5_decapsulate (minor_status, input_token, &indata,
|
||||
"\x02\x00");
|
||||
if (ret)
|
||||
/* XXX - Handle AP_ERROR */
|
||||
*minor_status = 0;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
return ret;
|
||||
|
||||
kret = krb5_rd_rep (gssapi_krb5_context,
|
||||
(*context_handle)->auth_context,
|
||||
|
@@ -198,11 +198,12 @@ gss_accept_sec_context
|
||||
tmp);
|
||||
}
|
||||
|
||||
ret = gssapi_krb5_decapsulate (input_token_buffer,
|
||||
ret = gssapi_krb5_decapsulate (minor_status,
|
||||
input_token_buffer,
|
||||
&indata,
|
||||
"\x01\x00");
|
||||
if (ret) {
|
||||
kret = 0;
|
||||
kret = *minor_status;
|
||||
goto failure;
|
||||
}
|
||||
|
||||
@@ -355,13 +356,14 @@ end_fwd:
|
||||
gssapi_krb5_set_error_string ();
|
||||
goto failure;
|
||||
}
|
||||
ret = gssapi_krb5_encapsulate (&outbuf,
|
||||
ret = gssapi_krb5_encapsulate (minor_status,
|
||||
&outbuf,
|
||||
output_token,
|
||||
"\x02\x00");
|
||||
krb5_data_free (&outbuf);
|
||||
if (ret) {
|
||||
kret = 0;
|
||||
goto failure;
|
||||
kret = *minor_status;
|
||||
goto failure;
|
||||
}
|
||||
} else {
|
||||
output_token->length = 0;
|
||||
|
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -80,6 +80,7 @@ gssapi_krb5_verify_header(u_char **str,
|
||||
|
||||
OM_uint32
|
||||
gssapi_krb5_decapsulate(
|
||||
OM_uint32 *minor_status,
|
||||
gss_buffer_t input_token_buffer,
|
||||
krb5_data *out_data,
|
||||
char *type
|
||||
@@ -92,8 +93,10 @@ gssapi_krb5_decapsulate(
|
||||
ret = gssapi_krb5_verify_header(&p,
|
||||
input_token_buffer->length,
|
||||
type);
|
||||
if (ret)
|
||||
if (ret) {
|
||||
*minor_status = 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
out_data->length = input_token_buffer->length -
|
||||
(p - (u_char *)input_token_buffer->value);
|
||||
|
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
|
||||
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
@@ -78,6 +78,7 @@ gssapi_krb5_make_header (u_char *p,
|
||||
|
||||
OM_uint32
|
||||
gssapi_krb5_encapsulate(
|
||||
OM_uint32 *minor_status,
|
||||
const krb5_data *in_data,
|
||||
gss_buffer_t output_token,
|
||||
u_char *type
|
||||
@@ -90,8 +91,10 @@ gssapi_krb5_encapsulate(
|
||||
|
||||
output_token->length = outer_len;
|
||||
output_token->value = malloc (outer_len);
|
||||
if (output_token->value == NULL)
|
||||
if (output_token->value == NULL) {
|
||||
*minor_status = ENOMEM;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
|
||||
p = gssapi_krb5_make_header (output_token->value, len, type);
|
||||
memcpy (p, in_data->data, in_data->length);
|
||||
|
@@ -400,11 +400,10 @@ init_auth
|
||||
goto failure;
|
||||
}
|
||||
|
||||
ret = gssapi_krb5_encapsulate (&outbuf, output_token, "\x01\x00");
|
||||
if (ret) {
|
||||
*minor_status = kret;
|
||||
ret = gssapi_krb5_encapsulate (minor_status, &outbuf, output_token,
|
||||
"\x01\x00");
|
||||
if (ret)
|
||||
goto failure;
|
||||
}
|
||||
|
||||
krb5_data_free (&outbuf);
|
||||
|
||||
@@ -452,12 +451,11 @@ repl_mutual
|
||||
krb5_data indata;
|
||||
krb5_ap_rep_enc_part *repl;
|
||||
|
||||
ret = gssapi_krb5_decapsulate (input_token, &indata, "\x02\x00");
|
||||
if (ret) {
|
||||
ret = gssapi_krb5_decapsulate (minor_status, input_token, &indata,
|
||||
"\x02\x00");
|
||||
if (ret)
|
||||
/* XXX - Handle AP_ERROR */
|
||||
*minor_status = 0;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
return ret;
|
||||
|
||||
kret = krb5_rd_rep (gssapi_krb5_context,
|
||||
(*context_handle)->auth_context,
|
||||
|
@@ -222,8 +222,10 @@ unwrap_des3
|
||||
ret = gssapi_krb5_verify_header (&p,
|
||||
input_message_buffer->length,
|
||||
"\x02\x01");
|
||||
if (ret)
|
||||
if (ret) {
|
||||
*minor_status = 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */
|
||||
return GSS_S_BAD_SIG;
|
||||
|
@@ -58,8 +58,10 @@ verify_mic_des
|
||||
ret = gssapi_krb5_verify_header (&p,
|
||||
token_buffer->length,
|
||||
"\x01\x01");
|
||||
if (ret)
|
||||
if (ret) {
|
||||
*minor_status = 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (memcmp(p, "\x00\x00", 2) != 0)
|
||||
return GSS_S_BAD_SIG;
|
||||
@@ -144,8 +146,10 @@ verify_mic_des3
|
||||
ret = gssapi_krb5_verify_header (&p,
|
||||
token_buffer->length,
|
||||
"\x01\x01");
|
||||
if (ret)
|
||||
if (ret) {
|
||||
*minor_status = 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */
|
||||
return GSS_S_BAD_SIG;
|
||||
|
@@ -222,8 +222,10 @@ unwrap_des3
|
||||
ret = gssapi_krb5_verify_header (&p,
|
||||
input_message_buffer->length,
|
||||
"\x02\x01");
|
||||
if (ret)
|
||||
if (ret) {
|
||||
*minor_status = 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */
|
||||
return GSS_S_BAD_SIG;
|
||||
|
@@ -58,8 +58,10 @@ verify_mic_des
|
||||
ret = gssapi_krb5_verify_header (&p,
|
||||
token_buffer->length,
|
||||
"\x01\x01");
|
||||
if (ret)
|
||||
if (ret) {
|
||||
*minor_status = 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (memcmp(p, "\x00\x00", 2) != 0)
|
||||
return GSS_S_BAD_SIG;
|
||||
@@ -144,8 +146,10 @@ verify_mic_des3
|
||||
ret = gssapi_krb5_verify_header (&p,
|
||||
token_buffer->length,
|
||||
"\x01\x01");
|
||||
if (ret)
|
||||
if (ret) {
|
||||
*minor_status = 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */
|
||||
return GSS_S_BAD_SIG;
|
||||
|
Reference in New Issue
Block a user