diff options
| author | Robbie Harwood <rharwood@redhat.com> | 2015-12-16 17:48:11 -0500 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2015-12-16 20:56:51 -0500 |
| commit | 14e33b725c991d6c500ca93e241ed64e1a755843 (patch) | |
| tree | d01f1338dcbab522b6e27300d85e0fc46d886788 /proxy/src | |
| parent | 7128be99fcc4afa283ae7c25265ec702af9db814 (diff) | |
Fix for gss_inquire_attrs_for_mech accepting NULLs
As per rfc5587, gss_inquire_attrs_for_mech must accept NULL mech_attrs
and known_mech_attrs arguments. Up until 1.14, MIT krb5 was not ever
passing NULLs in these fields.
This fixes an interposer loop (and subsequent segmentation fault) due
to our previous assumption that these arguments not be NULL.
See also: https://tools.ietf.org/html/rfc5587#section-3.4.3
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'proxy/src')
| -rw-r--r-- | proxy/src/client/gpm_indicate_mechs.c | 38 |
1 files changed, 22 insertions, 16 deletions
diff --git a/proxy/src/client/gpm_indicate_mechs.c b/proxy/src/client/gpm_indicate_mechs.c index 35ce3bb..d4df923 100644 --- a/proxy/src/client/gpm_indicate_mechs.c +++ b/proxy/src/client/gpm_indicate_mechs.c @@ -444,10 +444,6 @@ OM_uint32 gpm_inquire_attrs_for_mech(OM_uint32 *minor_status, if (!minor_status) { return GSS_S_CALL_INACCESSIBLE_WRITE; } - if (!mech_attrs || !known_mech_attrs) { - *minor_status = 0; - return GSS_S_CALL_INACCESSIBLE_WRITE; - } ret_min = gpmint_init_global_mechs(); if (ret_min) { @@ -459,21 +455,31 @@ OM_uint32 gpm_inquire_attrs_for_mech(OM_uint32 *minor_status, if (!gpm_equal_oids(global_mechs.info[i].mech, mech)) { continue; } - ret_maj = gpm_copy_gss_OID_set(&ret_min, - global_mechs.info[i].mech_attrs, - mech_attrs); - if (ret_maj) { + + if (mech_attrs != NULL) { + ret_maj = gpm_copy_gss_OID_set(&ret_min, + global_mechs.info[i].mech_attrs, + mech_attrs); + if (ret_maj) { + *minor_status = ret_min; + return ret_maj; + } + } + + if (known_mech_attrs != NULL) { + ret_maj = gpm_copy_gss_OID_set(&ret_min, + global_mechs.info[i].known_mech_attrs, + known_mech_attrs); + if (ret_maj) { + gss_release_oid_set(&discard, known_mech_attrs); + } *minor_status = ret_min; return ret_maj; } - ret_maj = gpm_copy_gss_OID_set(&ret_min, - global_mechs.info[i].known_mech_attrs, - known_mech_attrs); - if (ret_maj) { - gss_release_oid_set(&discard, known_mech_attrs); - } - *minor_status = ret_min; - return ret_maj; + + /* all requested attributes copied successfully */ + *minor_status = 0; + return GSS_S_COMPLETE; } *minor_status = 0; |