diff options
| author | Sam Hartman <hartmans@mit.edu> | 2002-03-14 15:16:16 +0000 |
|---|---|---|
| committer | Sam Hartman <hartmans@mit.edu> | 2002-03-14 15:16:16 +0000 |
| commit | c8952afc6f0832ab773804342b962a8f1bc7bd47 (patch) | |
| tree | 961767af4fa6ee0a9ca46dfa8f7a1bcb3773a150 /src/lib | |
| parent | 1e9cabf77e32d8e734b8876defebecd279f9452f (diff) | |
| download | krb5-c8952afc6f0832ab773804342b962a8f1bc7bd47.tar.gz krb5-c8952afc6f0832ab773804342b962a8f1bc7bd47.tar.xz krb5-c8952afc6f0832ab773804342b962a8f1bc7bd47.zip | |
Fix walk_realm_tree handling of null realms
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14273 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/krb5/krb/ChangeLog | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/walk_rtree.c | 25 |
2 files changed, 29 insertions, 0 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 1ac426e4d..b594d2306 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,7 @@ +2002-03-14 Sam Hartman <hartmans@mit.edu> + + * walk_rtree.c (krb5_walk_realm_tree): Fix handling of null client or server realm + 2002-03-06 Ken Raeburn <raeburn@mit.edu> * ser_actx.c (krb5_auth_context_externalize): Do bounds checking diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c index b8160fdcc..86e1a33d4 100644 --- a/src/lib/krb5/krb/walk_rtree.c +++ b/src/lib/krb5/krb/walk_rtree.c @@ -93,6 +93,27 @@ #define max(x,y) ((x) > (y) ? (x) : (y)) #endif +/* + * xxx The following function is very confusing to read and probably + * is buggy. It should be documented better. Here is what I've + * learned about it doing a quick bug fixing walk through. The + * function takes a client and server realm name and returns the set + * of realms (in a field called tree) that you need to get tickets in + * in order to get from the source realm to the destination realm. It + * takes a realm separater character (normally ., but presumably there + * for all those X.500 realms) . There are two modes it runs in: the + * ANL krb5.confmode and the hierarchy mode. The ANL mode is + * fairly obvious. The hierarchy mode looks for common components in + * both the client and server realms. In general, the pointer scp and + * ccp are used to walk through the client and server realms. The + * com_sdot and com_cdot pointers point to (I think) the beginning of + * the common part of the realm names. I.E. strcmp(com_cdot, + * com_sdot) ==0 is roughly an invarient. However, there are cases + * where com_sdot and com_cdot are set to point before the start of + * the client or server strings. I think this only happens when there + * are no common components. --hartmans 2002/03/14 + */ + krb5_error_code krb5_walk_realm_tree(context, client, server, tree, realm_branch_char) krb5_context context; @@ -115,6 +136,10 @@ krb5_walk_realm_tree(context, client, server, tree, realm_branch_char) char *cap_client, *cap_server; char **cap_nodes; krb5_error_code cap_code; +#endif + if (!(client->data &&server->data)) + return KRB5_NO_TKT_IN_RLM; +#ifdef CONFIGURABLE_AUTHENTICATION_PATH if ((cap_client = (char *)malloc(client->length + 1)) == NULL) return ENOMEM; strncpy(cap_client, client->data, client->length); |