oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

handle minor_status more consistently

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10533 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
2001-08-23 04:35:55 +00:00
parent fe6efabb74
commit e129105771
12 changed files with 66 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/gssapi/accept_sec_context.c
View File

@@ -198,11 +198,12 @@ gss_accept_sec_context
tmp);
}
ret = gssapi_krb5_decapsulate (input_token_buffer,
ret = gssapi_krb5_decapsulate (minor_status,
input_token_buffer,
&indata,
"\x01\x00");
if (ret) {
kret = 0;
kret = *minor_status;
goto failure;
}
@@ -355,13 +356,14 @@ end_fwd:
gssapi_krb5_set_error_string ();
goto failure;
}
ret = gssapi_krb5_encapsulate (&outbuf,
ret = gssapi_krb5_encapsulate (minor_status,
&outbuf,
output_token,
"\x02\x00");
krb5_data_free (&outbuf);
if (ret) {
kret = 0;
goto failure;
kret = *minor_status;
goto failure;
}
} else {
output_token->length = 0;

7
lib/gssapi/decapsulate.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -80,6 +80,7 @@ gssapi_krb5_verify_header(u_char **str,
OM_uint32
gssapi_krb5_decapsulate(
OM_uint32 *minor_status,
gss_buffer_t input_token_buffer,
krb5_data *out_data,
char *type
@@ -92,8 +93,10 @@ gssapi_krb5_decapsulate(
ret = gssapi_krb5_verify_header(&p,
input_token_buffer->length,
type);
if (ret)
if (ret) {
*minor_status = 0;
return ret;
}
out_data->length = input_token_buffer->length -
(p - (u_char *)input_token_buffer->value);

7
lib/gssapi/encapsulate.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -78,6 +78,7 @@ gssapi_krb5_make_header (u_char *p,
OM_uint32
gssapi_krb5_encapsulate(
OM_uint32 *minor_status,
const krb5_data *in_data,
gss_buffer_t output_token,
u_char *type
@@ -90,8 +91,10 @@ gssapi_krb5_encapsulate(
output_token->length = outer_len;
output_token->value = malloc (outer_len);
if (output_token->value == NULL)
if (output_token->value == NULL) {
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
p = gssapi_krb5_make_header (output_token->value, len, type);
memcpy (p, in_data->data, in_data->length);

16
lib/gssapi/init_sec_context.c
View File

@@ -400,11 +400,10 @@ init_auth
goto failure;
}
ret = gssapi_krb5_encapsulate (&outbuf, output_token, "\x01\x00");
if (ret) {
*minor_status = kret;
ret = gssapi_krb5_encapsulate (minor_status, &outbuf, output_token,
"\x01\x00");
if (ret)
goto failure;
}
krb5_data_free (&outbuf);
@@ -452,12 +451,11 @@ repl_mutual
krb5_data indata;
krb5_ap_rep_enc_part *repl;
ret = gssapi_krb5_decapsulate (input_token, &indata, "\x02\x00");
if (ret) {
ret = gssapi_krb5_decapsulate (minor_status, input_token, &indata,
"\x02\x00");
if (ret)
/* XXX - Handle AP_ERROR */
*minor_status = 0;
return GSS_S_FAILURE;
}
return ret;
kret = krb5_rd_rep (gssapi_krb5_context,
(*context_handle)->auth_context,

12
lib/gssapi/krb5/accept_sec_context.c
View File

@@ -198,11 +198,12 @@ gss_accept_sec_context
tmp);
}
ret = gssapi_krb5_decapsulate (input_token_buffer,
ret = gssapi_krb5_decapsulate (minor_status,
input_token_buffer,
&indata,
"\x01\x00");
if (ret) {
kret = 0;
kret = *minor_status;
goto failure;
}
@@ -355,13 +356,14 @@ end_fwd:
gssapi_krb5_set_error_string ();
goto failure;
}
ret = gssapi_krb5_encapsulate (&outbuf,
ret = gssapi_krb5_encapsulate (minor_status,
&outbuf,
output_token,
"\x02\x00");
krb5_data_free (&outbuf);
if (ret) {
kret = 0;
goto failure;
kret = *minor_status;
goto failure;
}
} else {
output_token->length = 0;

7
lib/gssapi/krb5/decapsulate.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -80,6 +80,7 @@ gssapi_krb5_verify_header(u_char **str,
OM_uint32
gssapi_krb5_decapsulate(
OM_uint32 *minor_status,
gss_buffer_t input_token_buffer,
krb5_data *out_data,
char *type
@@ -92,8 +93,10 @@ gssapi_krb5_decapsulate(
ret = gssapi_krb5_verify_header(&p,
input_token_buffer->length,
type);
if (ret)
if (ret) {
*minor_status = 0;
return ret;
}
out_data->length = input_token_buffer->length -
(p - (u_char *)input_token_buffer->value);

7
lib/gssapi/krb5/encapsulate.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -78,6 +78,7 @@ gssapi_krb5_make_header (u_char *p,
OM_uint32
gssapi_krb5_encapsulate(
OM_uint32 *minor_status,
const krb5_data *in_data,
gss_buffer_t output_token,
u_char *type
@@ -90,8 +91,10 @@ gssapi_krb5_encapsulate(
output_token->length = outer_len;
output_token->value = malloc (outer_len);
if (output_token->value == NULL)
if (output_token->value == NULL) {
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
p = gssapi_krb5_make_header (output_token->value, len, type);
memcpy (p, in_data->data, in_data->length);

16
lib/gssapi/krb5/init_sec_context.c
View File

@@ -400,11 +400,10 @@ init_auth
goto failure;
}
ret = gssapi_krb5_encapsulate (&outbuf, output_token, "\x01\x00");
if (ret) {
*minor_status = kret;
ret = gssapi_krb5_encapsulate (minor_status, &outbuf, output_token,
"\x01\x00");
if (ret)
goto failure;
}
krb5_data_free (&outbuf);
@@ -452,12 +451,11 @@ repl_mutual
krb5_data indata;
krb5_ap_rep_enc_part *repl;
ret = gssapi_krb5_decapsulate (input_token, &indata, "\x02\x00");
if (ret) {
ret = gssapi_krb5_decapsulate (minor_status, input_token, &indata,
"\x02\x00");
if (ret)
/* XXX - Handle AP_ERROR */
*minor_status = 0;
return GSS_S_FAILURE;
}
return ret;
kret = krb5_rd_rep (gssapi_krb5_context,
(*context_handle)->auth_context,

4
lib/gssapi/krb5/unwrap.c
View File

@@ -222,8 +222,10 @@ unwrap_des3
ret = gssapi_krb5_verify_header (&p,
input_message_buffer->length,
"\x02\x01");
if (ret)
if (ret) {
*minor_status = 0;
return ret;
}
if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */
return GSS_S_BAD_SIG;

8
lib/gssapi/krb5/verify_mic.c
View File

@@ -58,8 +58,10 @@ verify_mic_des
ret = gssapi_krb5_verify_header (&p,
token_buffer->length,
"\x01\x01");
if (ret)
if (ret) {
*minor_status = 0;
return ret;
}
if (memcmp(p, "\x00\x00", 2) != 0)
return GSS_S_BAD_SIG;
@@ -144,8 +146,10 @@ verify_mic_des3
ret = gssapi_krb5_verify_header (&p,
token_buffer->length,
"\x01\x01");
if (ret)
if (ret) {
*minor_status = 0;
return ret;
}
if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */
return GSS_S_BAD_SIG;

4
lib/gssapi/unwrap.c
View File

@@ -222,8 +222,10 @@ unwrap_des3
ret = gssapi_krb5_verify_header (&p,
input_message_buffer->length,
"\x02\x01");
if (ret)
if (ret) {
*minor_status = 0;
return ret;
}
if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */
return GSS_S_BAD_SIG;

8
lib/gssapi/verify_mic.c
View File

@@ -58,8 +58,10 @@ verify_mic_des
ret = gssapi_krb5_verify_header (&p,
token_buffer->length,
"\x01\x01");
if (ret)
if (ret) {
*minor_status = 0;
return ret;
}
if (memcmp(p, "\x00\x00", 2) != 0)
return GSS_S_BAD_SIG;
@@ -144,8 +146,10 @@ verify_mic_des3
ret = gssapi_krb5_verify_header (&p,
token_buffer->length,
"\x01\x01");
if (ret)
if (ret) {
*minor_status = 0;
return ret;
}
if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */
return GSS_S_BAD_SIG;