diff options
| author | Simo Sorce <simo@redhat.com> | 2012-02-23 02:02:17 -0500 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2012-02-23 16:53:17 -0500 |
| commit | e56dff9fe3484e0cc89f8cb75c42fa485176c1f3 (patch) | |
| tree | c176219279eede4f40851cef8c4cb9a66de9d5fd | |
| parent | a22e23145f4679f64856862641ca300b57febaa1 (diff) | |
| download | gss-proxy-e56dff9fe3484e0cc89f8cb75c42fa485176c1f3.tar.gz gss-proxy-e56dff9fe3484e0cc89f8cb75c42fa485176c1f3.tar.xz gss-proxy-e56dff9fe3484e0cc89f8cb75c42fa485176c1f3.zip | |
server: better handle return status
Ticket #33
| -rw-r--r-- | proxy/src/gp_conv.c | 55 | ||||
| -rw-r--r-- | proxy/src/gp_conv.h | 7 | ||||
| -rw-r--r-- | proxy/src/gp_export.c | 24 | ||||
| -rw-r--r-- | proxy/src/gp_export.h | 3 | ||||
| -rw-r--r-- | proxy/src/gp_rpc_accept_sec_context.c | 38 | ||||
| -rw-r--r-- | proxy/src/gp_rpc_acquire_cred.c | 35 | ||||
| -rw-r--r-- | proxy/src/gp_rpc_import_and_canon_name.c | 21 | ||||
| -rw-r--r-- | proxy/src/gp_rpc_indicate_mechs.c | 54 | ||||
| -rw-r--r-- | proxy/src/gp_rpc_init_sec_context.c | 24 | ||||
| -rw-r--r-- | proxy/src/mechglue/gpm_acquire_cred.c | 44 |
10 files changed, 181 insertions, 124 deletions
diff --git a/proxy/src/gp_conv.c b/proxy/src/gp_conv.c index 07d66c2..8da3784 100644 --- a/proxy/src/gp_conv.c +++ b/proxy/src/gp_conv.c @@ -333,26 +333,30 @@ done: return ret; } -int gp_conv_name_to_gssx(gss_name_t in, gssx_name *out) +uint32_t gp_conv_name_to_gssx(uint32_t *min, gss_name_t in, gssx_name *out) { uint32_t ret_maj; uint32_t ret_min; - gss_buffer_desc name_buffer; + gss_buffer_desc name_buffer = GSS_C_EMPTY_BUFFER; gss_OID name_type; - gss_buffer_desc exported_name; + gss_buffer_desc exported_name = GSS_C_EMPTY_BUFFER; int ret; ret_maj = gss_display_name(&ret_min, in, &name_buffer, &name_type); if (ret_maj) { - return -1; + goto done; } ret = gp_conv_buffer_to_gssx(&name_buffer, &out->display_name); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } ret = gp_conv_oid_to_gssx(name_type, &out->name_type); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } @@ -360,6 +364,8 @@ int gp_conv_name_to_gssx(gss_name_t in, gssx_name *out) if (ret_maj == 0) { ret = gp_conv_buffer_to_gssx(&exported_name, &out->exported_name); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } } else { @@ -367,7 +373,6 @@ int gp_conv_name_to_gssx(gss_name_t in, gssx_name *out) * canonicalized but that is ok we simply do not export the name * in this case */ if (ret_maj != GSS_S_NAME_NOT_MN) { - ret = -1; goto done; } } @@ -376,37 +381,40 @@ int gp_conv_name_to_gssx(gss_name_t in, gssx_name *out) /* out->name_attributes */ done: + *min = ret_min; gss_release_buffer(&ret_min, &name_buffer); gss_release_buffer(&ret_min, &exported_name); - if (ret) { + if (ret_maj) { xdr_free((xdrproc_t)xdr_gssx_buffer, (char *)&out->display_name); xdr_free((xdrproc_t)xdr_gssx_OID, (char *)&out->name_type); xdr_free((xdrproc_t)xdr_gssx_buffer, (char *)&out->exported_name); } - return ret; + return ret_maj; } -int gp_conv_name_to_gssx_alloc(gss_name_t in, gssx_name **out) +uint32_t gp_conv_name_to_gssx_alloc(uint32_t *min, + gss_name_t in, gssx_name **out) { gssx_name *o; - int ret; + uint32_t ret_maj; o = calloc(1, sizeof(gssx_name)); if (!o) { return ENOMEM; } - ret = gp_conv_name_to_gssx(in, o); + ret_maj = gp_conv_name_to_gssx(min, in, o); - if (ret) { + if (ret_maj) { free(o); + } else { + *out = o; } - *out = o; - return ret; + return ret_maj; } -int gp_conv_gssx_to_name(gssx_name *in, gss_name_t *out) +uint32_t gp_conv_gssx_to_name(uint32_t *min, gssx_name *in, gss_name_t *out) { gss_buffer_t input_name = GSS_C_NO_BUFFER; gss_OID name_type = GSS_C_NO_OID; @@ -422,16 +430,19 @@ int gp_conv_gssx_to_name(gssx_name *in, gss_name_t *out) * already have exported_name */ ret = gp_conv_gssx_to_buffer_alloc(&in->display_name, &input_name); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } ret = gp_conv_gssx_to_oid_alloc(&in->name_type, &name_type); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } ret_maj = gss_import_name(&ret_min, input_name, name_type, out); if (ret_maj) { - ret = ret_maj; goto done; } } else { @@ -440,15 +451,15 @@ int gp_conv_gssx_to_name(gssx_name *in, gss_name_t *out) ret_maj = gss_import_name(&ret_min, &name_buffer, GSS_C_NT_EXPORT_NAME, out); if (ret_maj) { - ret = ret_maj; goto done; } } done: + *min = ret_min; gss_release_buffer(&ret_min, input_name); gss_release_oid(&ret_min, &name_type); - return ret; + return ret_maj; } int gp_conv_ctx_id_to_gssx(gss_ctx_id_t *in, gssx_ctx *out) @@ -484,13 +495,15 @@ int gp_conv_ctx_id_to_gssx(gss_ctx_id_t *in, gssx_ctx *out) goto done; } - ret = gp_conv_name_to_gssx(src_name, &out->src_name); - if (ret) { + ret_maj = gp_conv_name_to_gssx(&ret_min, src_name, &out->src_name); + if (ret_maj) { + ret = EINVAL; goto done; } - ret = gp_conv_name_to_gssx(targ_name, &out->targ_name); - if (ret) { + ret_maj = gp_conv_name_to_gssx(&ret_min, targ_name, &out->targ_name); + if (ret_maj) { + ret = EINVAL; goto done; } diff --git a/proxy/src/gp_conv.h b/proxy/src/gp_conv.h index 3a8f952..4fb477b 100644 --- a/proxy/src/gp_conv.h +++ b/proxy/src/gp_conv.h @@ -55,9 +55,10 @@ gss_cred_usage_t gp_conv_gssx_to_cred_usage(gssx_cred_usage in); int gp_conv_err_to_gssx_string(uint32_t status, int type, gss_OID oid, utf8string *ret_str); -int gp_conv_name_to_gssx(gss_name_t in, gssx_name *out); -int gp_conv_name_to_gssx_alloc(gss_name_t in, gssx_name **out); -int gp_conv_gssx_to_name(gssx_name *in, gss_name_t *out); +uint32_t gp_conv_name_to_gssx(uint32_t *min, gss_name_t in, gssx_name *out); +uint32_t gp_conv_name_to_gssx_alloc(uint32_t *min, + gss_name_t in, gssx_name **out); +uint32_t gp_conv_gssx_to_name(uint32_t *min, gssx_name *in, gss_name_t *out); int gp_conv_ctx_id_to_gssx(gss_ctx_id_t *in, gssx_ctx *out); int gp_conv_gssx_to_ctx_id(gssx_ctx *in, gss_ctx_id_t *out); diff --git a/proxy/src/gp_export.c b/proxy/src/gp_export.c index f1b7dce..1ea84d2 100644 --- a/proxy/src/gp_export.c +++ b/proxy/src/gp_export.c @@ -52,7 +52,8 @@ * *MUST* BE FIXED BEFORE ANY OFFICIAL RELEASE. */ -int gp_export_gssx_cred(gss_cred_id_t *in, gssx_cred *out) +uint32_t gp_export_gssx_cred(uint32_t *min, + gss_cred_id_t *in, gssx_cred *out) { uint32_t ret_maj; uint32_t ret_min; @@ -69,12 +70,11 @@ int gp_export_gssx_cred(gss_cred_id_t *in, gssx_cred *out) ret_maj = gss_inquire_cred(&ret_min, *in, &name, &lifetime, &cred_usage, &mechanisms); if (ret_maj) { - ret = EINVAL; goto done; } - ret = gp_conv_name_to_gssx(name, &out->desired_name); - if (ret) { + ret_maj = gp_conv_name_to_gssx(&ret_min, name, &out->desired_name); + if (ret_maj) { goto done; } gss_release_name(&ret_min, &name); @@ -84,7 +84,8 @@ int gp_export_gssx_cred(gss_cred_id_t *in, gssx_cred *out) out->elements.elements_val = calloc(out->elements.elements_len, sizeof(gssx_cred_element)); if (!out->elements.elements_val) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } @@ -111,8 +112,8 @@ int gp_export_gssx_cred(gss_cred_id_t *in, gssx_cred *out) #endif } - ret = gp_conv_name_to_gssx(name, &el->MN); - if (ret) { + ret_maj = gp_conv_name_to_gssx(&ret_min, name, &el->MN); + if (ret_maj) { goto done; } gss_release_name(&ret_min, &name); @@ -120,6 +121,8 @@ int gp_export_gssx_cred(gss_cred_id_t *in, gssx_cred *out) ret = gp_conv_oid_to_gssx(&mechanisms->elements[i], &el->mech); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } el->cred_usage = gp_conv_gssx_to_cred_usage(cred_usage); @@ -131,6 +134,8 @@ int gp_export_gssx_cred(gss_cred_id_t *in, gssx_cred *out) ret = gp_conv_octet_string(sizeof(gss_cred_id_t), in, &out->cred_handle_reference); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } out->needs_release = true; @@ -139,11 +144,14 @@ int gp_export_gssx_cred(gss_cred_id_t *in, gssx_cred *out) /* when we will have gss_export_cred() we will actually free * them immediately instead */ *in = NULL; + ret_maj = GSS_S_COMPLETE; + ret_min = 0; done: + *min = ret_min; gss_release_name(&ret_min, &name); gss_release_oid_set(&ret_min, &mechanisms); - return ret; + return ret_maj; } int gp_import_gssx_cred(octet_string *in, gss_cred_id_t *out) diff --git a/proxy/src/gp_export.h b/proxy/src/gp_export.h index 8296a5a..c629dd2 100644 --- a/proxy/src/gp_export.h +++ b/proxy/src/gp_export.h @@ -29,7 +29,8 @@ #include <gssapi/gssapi.h> #include "rpcgen/gss_proxy.h" -int gp_export_gssx_cred(gss_cred_id_t *in, gssx_cred *out); +uint32_t gp_export_gssx_cred(uint32_t *min, + gss_cred_id_t *in, gssx_cred *out); int gp_import_gssx_cred(octet_string *in, gss_cred_id_t *out); int gp_find_cred(gssx_cred *cred, gss_cred_id_t *out); diff --git a/proxy/src/gp_rpc_accept_sec_context.c b/proxy/src/gp_rpc_accept_sec_context.c index fda2a14..6cb16ed 100644 --- a/proxy/src/gp_rpc_accept_sec_context.c +++ b/proxy/src/gp_rpc_accept_sec_context.c @@ -39,7 +39,7 @@ int gp_accept_sec_context(struct gssproxy_ctx *gpctx, struct gss_channel_bindings_struct cbs; gss_channel_bindings_t pcbs; gss_name_t src_name = GSS_C_NO_NAME; - gss_OID oid; + gss_OID oid = GSS_C_NO_OID; gss_buffer_desc obuf = GSS_C_EMPTY_BUFFER; uint32_t ret_flags; gss_cred_id_t dch = GSS_C_NO_CREDENTIAL; @@ -51,6 +51,8 @@ int gp_accept_sec_context(struct gssproxy_ctx *gpctx, if (asca->cred_handle) { ret = gp_find_cred(asca->cred_handle, &ach); if (ret) { + ret_maj = GSS_S_NO_CRED; + ret_min = ret; goto done; } } @@ -75,53 +77,56 @@ int gp_accept_sec_context(struct gssproxy_ctx *gpctx, &ret_flags, NULL, &dch); - - ret = gp_conv_status_to_gssx(&asca->call_ctx, - ret_maj, ret_min, oid, - &ascr->status); - if (ret) { - goto done; - } - if (ret_maj) { - ret = 0; goto done; } ascr->context_handle = calloc(1, sizeof(gssx_ctx)); if (!ascr->context_handle) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } ret = gp_conv_ctx_id_to_gssx(&ctx, ascr->context_handle); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } ascr->output_token = calloc(1, sizeof(gssx_buffer)); if (!ascr->output_token) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } ret = gp_conv_buffer_to_gssx(&obuf, ascr->output_token); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } if (ret_flags & GSS_C_DELEG_FLAG) { ascr->delegated_cred_handle = calloc(1, sizeof(gssx_cred)); if (!ascr->delegated_cred_handle) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } - ret = gp_export_gssx_cred(&dch, ascr->delegated_cred_handle); - if (ret) { + ret_maj = gp_export_gssx_cred(&ret_min, + &dch, ascr->delegated_cred_handle); + if (ret_maj) { goto done; } } done: - if (ret) { + ret = gp_conv_status_to_gssx(&asca->call_ctx, + ret_maj, ret_min, oid, + &ascr->status); + + if (ret_maj) { if (ascr->context_handle) { xdr_free((xdrproc_t)xdr_gssx_ctx, (char *)ascr->context_handle); free(ascr->context_handle); @@ -135,5 +140,6 @@ done: gss_release_buffer(&ret_min, &obuf); gss_release_cred(&ret_min, &dch); gss_delete_sec_context(&ret_min, &ctx, GSS_C_NO_BUFFER); + return ret; } diff --git a/proxy/src/gp_rpc_acquire_cred.c b/proxy/src/gp_rpc_acquire_cred.c index 7389bf1..4649e0e 100644 --- a/proxy/src/gp_rpc_acquire_cred.c +++ b/proxy/src/gp_rpc_acquire_cred.c @@ -48,6 +48,8 @@ int gp_acquire_cred(struct gssproxy_ctx *gpctx, if (aca->input_cred_handle) { ret = gp_find_cred(aca->input_cred_handle, &in_cred); if (ret) { + ret_maj = GSS_S_NO_CRED; + ret_min = ret; goto done; } } @@ -57,14 +59,17 @@ int gp_acquire_cred(struct gssproxy_ctx *gpctx, } if (aca->desired_name) { - ret = gp_conv_gssx_to_name(aca->desired_name, &desired_name); - if (ret) { + ret_maj = gp_conv_gssx_to_name(&ret_min, + aca->desired_name, &desired_name); + if (ret_maj) { goto done; } } ret = gp_conv_gssx_to_oid_set(&aca->desired_mechs, &desired_mechs); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } @@ -89,7 +94,8 @@ int gp_acquire_cred(struct gssproxy_ctx *gpctx, desired_mech = &desired_mechs->elements[0]; break; default: - ret = EINVAL; + ret_maj = GSS_S_FAILURE; + ret_min = EINVAL; goto done; } } @@ -105,16 +111,7 @@ int gp_acquire_cred(struct gssproxy_ctx *gpctx, NULL, NULL); } - - ret = gp_conv_status_to_gssx(&aca->call_ctx, - ret_maj, ret_min, GSS_C_NO_OID, - &acr->status); - if (ret) { - goto done; - } - if (ret_maj) { - ret = 0; goto done; } @@ -122,21 +119,27 @@ int gp_acquire_cred(struct gssproxy_ctx *gpctx, if (in_cred) { out_cred = in_cred; } else { - ret = EINVAL; + ret_maj = GSS_S_FAILURE; + ret_min = EINVAL; goto done; } } acr->output_cred_handle = calloc(1, sizeof(gssx_cred)); if (!acr->output_cred_handle) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } - ret = gp_export_gssx_cred(&out_cred, acr->output_cred_handle); - if (ret) { + ret_maj = gp_export_gssx_cred(&ret_min, &out_cred, acr->output_cred_handle); + if (ret_maj) { goto done; } done: + ret = gp_conv_status_to_gssx(&aca->call_ctx, + ret_maj, ret_min, desired_mech, + &acr->status); + gss_release_cred(&ret_min, &out_cred); return ret; } diff --git a/proxy/src/gp_rpc_import_and_canon_name.c b/proxy/src/gp_rpc_import_and_canon_name.c index be25f95..559373c 100644 --- a/proxy/src/gp_rpc_import_and_canon_name.c +++ b/proxy/src/gp_rpc_import_and_canon_name.c @@ -53,8 +53,8 @@ int gp_import_and_canon_name(struct gssproxy_ctx *gpctx, goto done; } - ret = gp_conv_gssx_to_name(&icna->input_name, &import_name); - if (ret) { + ret_maj = gp_conv_gssx_to_name(&ret_min, &icna->input_name, &import_name); + if (ret_maj) { goto done; } @@ -62,6 +62,8 @@ int gp_import_and_canon_name(struct gssproxy_ctx *gpctx, ret = gp_conv_gssx_to_oid_alloc(&icna->mech, &mech); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } @@ -71,20 +73,21 @@ int gp_import_and_canon_name(struct gssproxy_ctx *gpctx, goto done; } - ret = gp_conv_name_to_gssx_alloc(output_name, &icnr->output_name); + ret_maj = gp_conv_name_to_gssx_alloc(&ret_min, + output_name, &icnr->output_name); } else { - ret = gp_conv_name_to_gssx_alloc(import_name, &icnr->output_name); + ret_maj = gp_conv_name_to_gssx_alloc(&ret_min, + import_name, &icnr->output_name); } /* TODO: check also icna->input_name.exported_composite_name */ /* TODO: icna->name_attributes */ done: - if (!ret) { - ret = gp_conv_status_to_gssx(&icna->call_ctx, - ret_maj, ret_min, GSS_C_NO_OID, - &icnr->status); - } + ret = gp_conv_status_to_gssx(&icna->call_ctx, + ret_maj, ret_min, mech, + &icnr->status); + gss_release_oid(&ret_min, &mech); gss_release_name(&ret_min, &import_name); gss_release_name(&ret_min, &output_name); diff --git a/proxy/src/gp_rpc_indicate_mechs.c b/proxy/src/gp_rpc_indicate_mechs.c index f7f2167..b0fb2c5 100644 --- a/proxy/src/gp_rpc_indicate_mechs.c +++ b/proxy/src/gp_rpc_indicate_mechs.c @@ -56,29 +56,20 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, /* get all mechs */ ret_maj = gss_indicate_mechs(&ret_min, &mech_set); - - ret = gp_conv_status_to_gssx(&ima->call_ctx, - ret_maj, ret_min, GSS_C_NO_OID, - &imr->status); - if (ret) { - goto done; - } - if (ret_maj) { - ret = 0; goto done; } ret_maj = gss_create_empty_oid_set(&ret_min, &attr_set); if (ret_maj) { - ret = ENOMEM; goto done; } /* fill up gssx_mech_info */ imr->mechs.mechs_val = calloc(mech_set->count, sizeof(gssx_mech_info)); if (!imr->mechs.mechs_val) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } imr->mechs.mechs_len = mech_set->count; @@ -89,6 +80,8 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, ret = gp_conv_oid_to_gssx(&mech_set->elements[i], &mi->mech); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } @@ -104,13 +97,16 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, xdr_free((xdrproc_t)xdr_gssx_OID, (char *)&mi->mech); continue; #if 0 - ret = EINVAL; + ret_maj = GSS_S_FAILURE; + ret_min = EINVAL; goto done; #endif } ret = gp_conv_oid_set_to_gssx(name_types, &mi->name_types); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } gss_release_oid_set(&ret_min, &name_types); @@ -120,12 +116,13 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, &mech_attrs, &known_mech_attrs); if (ret_maj) { - ret = EINVAL; goto done; } ret = gp_conv_oid_set_to_gssx(mech_attrs, &mi->mech_attrs); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } for (j = 0; j < mech_attrs->count; j++) { @@ -135,7 +132,6 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, attr_set, &present); if (ret_maj) { - ret = EINVAL; goto done; } @@ -147,7 +143,6 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, &mech_attrs->elements[j], &attr_set); if (ret_maj) { - ret = ENOMEM; goto done; } @@ -157,6 +152,8 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, ret = gp_conv_oid_set_to_gssx(known_mech_attrs, &mi->known_mech_attrs); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } @@ -167,7 +164,6 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, attr_set, &present); if (ret_maj) { - ret = EINVAL; goto done; } @@ -179,7 +175,6 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, &known_mech_attrs->elements[j], &attr_set); if (ret_maj) { - ret = ENOMEM; goto done; } @@ -192,24 +187,29 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, &mech_name, &mech_desc); if (ret_maj) { - ret = EINVAL; goto done; } ret = gp_conv_buffer_to_gssx(&sasl_mech_name, &mi->saslname_sasl_mech_name); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } gss_release_buffer(&ret_min, &sasl_mech_name); ret = gp_conv_buffer_to_gssx(&mech_name, &mi->saslname_mech_name); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } gss_release_buffer(&ret_min, &mech_name); ret = gp_conv_buffer_to_gssx(&mech_desc, &mi->saslname_mech_desc); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } gss_release_buffer(&ret_min, &mech_desc); @@ -220,7 +220,8 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, imr->mech_attr_descs.mech_attr_descs_val = calloc(attr_set->count, sizeof(gssx_mech_attr)); if (!imr->mech_attr_descs.mech_attr_descs_val) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } imr->mech_attr_descs.mech_attr_descs_len = attr_set->count; @@ -231,6 +232,8 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, ret = gp_conv_oid_to_gssx(&attr_set->elements[i], &ma->attr); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } @@ -240,32 +243,39 @@ int gp_indicate_mechs(struct gssproxy_ctx *gpctx, &short_desc, &long_desc); if (ret_maj) { - ret = EINVAL; goto done; } ret = gp_conv_buffer_to_gssx(&name, &ma->name); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } gss_release_buffer(&ret_min, &name); ret = gp_conv_buffer_to_gssx(&short_desc, &ma->short_desc); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } gss_release_buffer(&ret_min, &short_desc); ret = gp_conv_buffer_to_gssx(&long_desc, &ma->long_desc); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } gss_release_buffer(&ret_min, &long_desc); } - ret = 0; - done: + ret = gp_conv_status_to_gssx(&ima->call_ctx, + ret_maj, ret_min, GSS_C_NO_OID, + &imr->status); + gss_release_buffer(&ret_min, &long_desc); gss_release_buffer(&ret_min, &short_desc); gss_release_buffer(&ret_min, &name); diff --git a/proxy/src/gp_rpc_init_sec_context.c b/proxy/src/gp_rpc_init_sec_context.c index 0addf16..1a4026d 100644 --- a/proxy/src/gp_rpc_init_sec_context.c +++ b/proxy/src/gp_rpc_init_sec_context.c @@ -52,6 +52,8 @@ int gp_init_sec_context(struct gssproxy_ctx *gpctx, if (isca->context_handle) { ret = gp_conv_gssx_to_ctx_id(isca->context_handle, &ctx); if (ret) { + ret_maj = GSS_S_NO_CONTEXT; + ret_min = ret; goto done; } } @@ -59,17 +61,21 @@ int gp_init_sec_context(struct gssproxy_ctx *gpctx, if (isca->cred_handle) { ret = gp_find_cred(isca->cred_handle, &ich); if (ret) { + ret_maj = GSS_S_NO_CRED; + ret_min = ret; goto done; } } - ret = gp_conv_gssx_to_name(isca->target_name, &target_name); - if (ret) { + ret_maj = gp_conv_gssx_to_name(&ret_min, isca->target_name, &target_name); + if (ret_maj) { goto done; } ret = gp_conv_gssx_to_oid_alloc(&isca->mech_type, &mech_type); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } @@ -105,31 +111,33 @@ int gp_init_sec_context(struct gssproxy_ctx *gpctx, iscr->context_handle = calloc(1, sizeof(gssx_ctx)); if (!iscr->context_handle) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } ret = gp_conv_ctx_id_to_gssx(&ctx, iscr->context_handle); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } if (obuf.length != 0) { iscr->output_token = calloc(1, sizeof(gssx_buffer)); if (!iscr->output_token) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } ret = gp_conv_buffer_to_gssx(&obuf, iscr->output_token); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } } done: - if (ret) { - ret_maj = GSS_S_FAILURE; - ret_min = ret; - } ret = gp_conv_status_to_gssx(&isca->call_ctx, ret_maj, ret_min, mech_type, &iscr->status); diff --git a/proxy/src/mechglue/gpm_acquire_cred.c b/proxy/src/mechglue/gpm_acquire_cred.c index 6c2bc01..8e9b010 100644 --- a/proxy/src/mechglue/gpm_acquire_cred.c +++ b/proxy/src/mechglue/gpm_acquire_cred.c @@ -82,13 +82,14 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status, gssx_res_acquire_cred *res = &ures.acquire_cred; uint32_t ret_min; uint32_t ret_maj; - int ret; + int ret = 0; memset(&uarg, 0, sizeof(union gp_rpc_arg)); memset(&ures, 0, sizeof(union gp_rpc_res)); if (output_cred_handle == NULL) { - ret = EINVAL; + ret_maj = GSS_S_FAILURE; + ret_min = EINVAL; goto done; } @@ -97,17 +98,21 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status, if (desired_name) { arg->desired_name = calloc(1, sizeof(gssx_name)); if (!arg->desired_name) { - ret = ENOMEM; + ret_maj = GSS_S_FAILURE; + ret_min = ENOMEM; goto done; } - ret = gp_conv_name_to_gssx(desired_name, arg->desired_name); - if (ret) { + ret_maj = gp_conv_name_to_gssx(&ret_min, + desired_name, arg->desired_name); + if (ret_maj) { goto done; } } if (desired_mechs) { ret = gp_conv_oid_set_to_gssx(desired_mechs, &arg->desired_mechs); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } } @@ -117,6 +122,8 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status, /* execute proxy request */ ret = gpm_make_call(GSSX_ACQUIRE_CRED, &uarg, &ures); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } @@ -124,7 +131,6 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status, gpm_save_status(&res->status); ret_min = res->status.minor_status; ret_maj = res->status.major_status; - ret = 0; goto done; } @@ -132,6 +138,8 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status, ret = gpmint_cred_to_actual_mechs(res->output_cred_handle, actual_mechs); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } } @@ -157,14 +165,9 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status, res->output_cred_handle = NULL; ret_maj = GSS_S_COMPLETE; ret_min = 0; - ret = 0; done: gpm_free_xdrs(GSSX_ACQUIRE_CRED, &uarg, &ures); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } *minor_status = ret_min; return ret_maj; } @@ -188,7 +191,7 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status, gss_OID_set_desc mechs; uint32_t ret_min; uint32_t ret_maj; - int ret; + int ret = 0; memset(&uarg, 0, sizeof(union gp_rpc_arg)); memset(&ures, 0, sizeof(union gp_rpc_res)); @@ -207,8 +210,9 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status, ret = ENOMEM; goto done; } - ret = gp_conv_name_to_gssx(desired_name, arg->desired_name); - if (ret) { + ret_maj = gp_conv_name_to_gssx(&ret_min, + desired_name, arg->desired_name); + if (ret_maj) { goto done; } } @@ -217,6 +221,8 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status, mechs.elements = desired_mech; ret = gp_conv_oid_set_to_gssx(&mechs, &arg->desired_mechs); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } } @@ -227,6 +233,8 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status, /* execute proxy request */ ret = gpm_make_call(GSSX_ACQUIRE_CRED, &uarg, &ures); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } @@ -234,7 +242,6 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status, gpm_save_status(&res->status); ret_min = res->status.minor_status; ret_maj = res->status.major_status; - ret = 0; goto done; } @@ -242,6 +249,8 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status, ret = gpmint_cred_to_actual_mechs(res->output_cred_handle, actual_mechs); if (ret) { + ret_maj = GSS_S_FAILURE; + ret_min = ret; goto done; } } @@ -272,14 +281,9 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status, ret_maj = GSS_S_COMPLETE; ret_min = 0; - ret = 0; done: gpm_free_xdrs(GSSX_ACQUIRE_CRED, &uarg, &ures); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } *minor_status = ret_min; return ret_maj; } |