summaryrefslogtreecommitdiffstats
path: root/src/appl
diff options
context:
space:
mode:
authorTheodore Tso <tytso@mit.edu>1997-06-11 20:45:39 +0000
committerTheodore Tso <tytso@mit.edu>1997-06-11 20:45:39 +0000
commiteac86677d66fe140f7ca54205773c95687e4abe5 (patch)
treea367f00a5f8c642940f9ced4843d9897d9f0aff0 /src/appl
parent9c36f64ce36f44f806005366ccccf06cdf8e9c4a (diff)
downloadkrb5-eac86677d66fe140f7ca54205773c95687e4abe5.tar.gz
krb5-eac86677d66fe140f7ca54205773c95687e4abe5.tar.xz
krb5-eac86677d66fe140f7ca54205773c95687e4abe5.zip
gss-server.c (server_establish_context): Rearrange server establish
context loop to match with the draft-ietf-gssv2-cbind-04.txt suggestion --- always send the output token even in the case of an error, and call gss_delete_sec_context() if needed. gss-client.c (client_establish_context): Check for error condition after sending the output token, if present. In case of error, call delete_sec_context if necessary. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10096 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/appl')
-rw-r--r--src/appl/gss-sample/ChangeLog12
-rw-r--r--src/appl/gss-sample/gss-client.c20
-rw-r--r--src/appl/gss-sample/gss-server.c19
3 files changed, 35 insertions, 16 deletions
diff --git a/src/appl/gss-sample/ChangeLog b/src/appl/gss-sample/ChangeLog
index 7cc938680..68aa4ab30 100644
--- a/src/appl/gss-sample/ChangeLog
+++ b/src/appl/gss-sample/ChangeLog
@@ -1,3 +1,15 @@
+Fri Jun 6 15:05:57 1997 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * gss-server.c (server_establish_context): Rearrange server
+ establish context loop to match with the
+ draft-ietf-gssv2-cbind-04.txt suggestion --- always send
+ the output token even in the case of an error, and call
+ gss_delete_sec_context() if needed.
+
+ * gss-client.c (client_establish_context): Check for error
+ condition after sending the output token, if present. In
+ case of error, call delete_sec_context if necessary.
+
Wed Feb 5 20:25:57 1997 Tom Yu <tlyu@mit.edu>
* Makefile.in:
diff --git a/src/appl/gss-sample/gss-client.c b/src/appl/gss-sample/gss-client.c
index b91ea87aa..e0bca99c4 100644
--- a/src/appl/gss-sample/gss-client.c
+++ b/src/appl/gss-sample/gss-client.c
@@ -132,7 +132,7 @@ int client_establish_context(s, service_name, deleg_flag, oid,
{
gss_buffer_desc send_tok, recv_tok, *token_ptr;
gss_name_t target_name;
- OM_uint32 maj_stat, min_stat;
+ OM_uint32 maj_stat, min_stat, init_sec_min_stat;
/*
* Import the name into target_name. Use send_tok to save
@@ -168,7 +168,7 @@ int client_establish_context(s, service_name, deleg_flag, oid,
do {
maj_stat =
- gss_init_sec_context(&min_stat,
+ gss_init_sec_context(&init_sec_min_stat,
GSS_C_NO_CREDENTIAL,
gss_context,
target_name,
@@ -186,12 +186,6 @@ int client_establish_context(s, service_name, deleg_flag, oid,
if (token_ptr != GSS_C_NO_BUFFER)
(void) gss_release_buffer(&min_stat, &recv_tok);
- if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) {
- display_status("initializing context", maj_stat, min_stat);
- (void) gss_release_name(&min_stat, &target_name);
- return -1;
- }
-
if (send_tok.length != 0) {
printf("Sending init_sec_context token (size=%d)...",
send_tok.length);
@@ -202,6 +196,16 @@ int client_establish_context(s, service_name, deleg_flag, oid,
}
}
(void) gss_release_buffer(&min_stat, &send_tok);
+
+ if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) {
+ display_status("initializing context", maj_stat,
+ init_sec_min_stat);
+ (void) gss_release_name(&min_stat, &target_name);
+ if (*gss_context == GSS_C_NO_CONTEXT)
+ gss_delete_sec_context(&min_stat, gss_context,
+ GSS_C_NO_BUFFER);
+ return -1;
+ }
if (maj_stat == GSS_S_CONTINUE_NEEDED) {
printf("continue needed...");
diff --git a/src/appl/gss-sample/gss-server.c b/src/appl/gss-sample/gss-server.c
index c2549e4b6..f195b45a0 100644
--- a/src/appl/gss-sample/gss-server.c
+++ b/src/appl/gss-sample/gss-server.c
@@ -137,7 +137,7 @@ int server_establish_context(s, server_creds, context, client_name, ret_flags)
gss_buffer_desc send_tok, recv_tok;
gss_name_t client;
gss_OID doid;
- OM_uint32 maj_stat, min_stat;
+ OM_uint32 maj_stat, min_stat, acc_sec_min_stat;
gss_buffer_desc oid_name;
*context = GSS_C_NO_CONTEXT;
@@ -152,7 +152,7 @@ int server_establish_context(s, server_creds, context, client_name, ret_flags)
}
maj_stat =
- gss_accept_sec_context(&min_stat,
+ gss_accept_sec_context(&acc_sec_min_stat,
context,
server_creds,
&recv_tok,
@@ -164,12 +164,6 @@ int server_establish_context(s, server_creds, context, client_name, ret_flags)
NULL, /* ignore time_rec */
NULL); /* ignore del_cred_handle */
- if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) {
- display_status("accepting context", maj_stat, min_stat);
- (void) gss_release_buffer(&min_stat, &recv_tok);
- return -1;
- }
-
(void) gss_release_buffer(&min_stat, &recv_tok);
if (send_tok.length != 0) {
@@ -186,6 +180,15 @@ int server_establish_context(s, server_creds, context, client_name, ret_flags)
(void) gss_release_buffer(&min_stat, &send_tok);
}
+ if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) {
+ display_status("accepting context", maj_stat,
+ acc_sec_min_stat);
+ if (*context == GSS_C_NO_CONTEXT)
+ gss_delete_sec_context(&min_stat, context,
+ GSS_C_NO_BUFFER);
+ return -1;
+ }
+
if (verbose && log) {
if (maj_stat == GSS_S_CONTINUE_NEEDED)
fprintf(log, "continue needed...\n");
generated by cgit (git 2.34.1) at 2024-10-10 15:23:25 +0000