diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-10-28 13:09:15 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-10-30 12:31:00 -0400 |
| commit | 664f0d779ddc0aaf54a118a98a21ce7d53d81e08 (patch) | |
| tree | 5cf06795ecd171aefb4abaa890a031200b31c749 | |
| parent | 64ec2941af1561ef06e7e885b2ffb65a675516ce (diff) | |
| download | krb5-664f0d779ddc0aaf54a118a98a21ce7d53d81e08.tar.gz krb5-664f0d779ddc0aaf54a118a98a21ce7d53d81e08.tar.xz krb5-664f0d779ddc0aaf54a118a98a21ce7d53d81e08.zip | |
Accept anonymous GSS names in kadmind
The krb5 implementation of gss_display_name() reports the name type as
GSS_C_NT_ANONYMOUS if the client uses an anonymous principal. Accept
this name type in gss_name_to_string and gss_to_krb5_name so that
anonymous kadmin can work.
Also improve code hygiene: call gss_name_to_string from
gss_to_krb5_name to reduce code repetition; use gss_oid_equal instead
of pointer comparison for name types; and don't assume that the
gss_display_name result buffer is zero-terminated.
ticket: 7740 (new)
target_version: 1.12
tags: pullup
| -rw-r--r-- | src/kadmin/server/server_stubs.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/src/kadmin/server/server_stubs.c b/src/kadmin/server/server_stubs.c index eb50c2f7bd..446eaca595 100644 --- a/src/kadmin/server/server_stubs.c +++ b/src/kadmin/server/server_stubs.c @@ -214,15 +214,19 @@ static int cmp_gss_krb5_name(kadm5_server_handle_t handle, static int gss_to_krb5_name(kadm5_server_handle_t handle, gss_name_t gss_name, krb5_principal *princ) { - OM_uint32 status, minor_stat; + OM_uint32 minor_stat; gss_buffer_desc gss_str; - gss_OID gss_type; int success; + char *s; - status = gss_display_name(&minor_stat, gss_name, &gss_str, &gss_type); - if ((status != GSS_S_COMPLETE) || (gss_type != gss_nt_krb5_name)) + if (gss_name_to_string(gss_name, &gss_str) != 0) + return 0; + if (asprintf(&s, "%.*s", (int)gss_str.length, (char *)gss_str.value) < 0) { + gss_release_buffer(&minor_stat, &gss_str); return 0; - success = (krb5_parse_name(handle->context, gss_str.value, princ) == 0); + } + success = (krb5_parse_name(handle->context, s, princ) == 0); + free(s); gss_release_buffer(&minor_stat, &gss_str); return success; } @@ -232,10 +236,19 @@ gss_name_to_string(gss_name_t gss_name, gss_buffer_desc *str) { OM_uint32 status, minor_stat; gss_OID gss_type; + const char pref[] = KRB5_WELLKNOWN_NAMESTR "/" KRB5_ANONYMOUS_PRINCSTR "@"; + const size_t preflen = sizeof(pref) - 1; status = gss_display_name(&minor_stat, gss_name, str, &gss_type); - if ((status != GSS_S_COMPLETE) || (gss_type != gss_nt_krb5_name)) + if (status != GSS_S_COMPLETE) + return 1; + if (gss_oid_equal(gss_type, GSS_C_NT_ANONYMOUS)) { + /* Guard against non-krb5 mechs with different anonymous displays. */ + if (str->length < preflen || memcmp(str->value, pref, preflen) != 0) + return 1; + } else if (!gss_oid_equal(gss_type, GSS_KRB5_NT_PRINCIPAL_NAME)) { return 1; + } return 0; } |