import CS gssproxy-0.8.4-7.el9
This commit is contained in:
parent
59d3edb623
commit
26a36da84b
@ -0,0 +1,98 @@
|
||||
From 15b514abf47704fb4e5e5bea36fb847d1c199c45 Mon Sep 17 00:00:00 2001
|
||||
From: Julien Rische <jrische@redhat.com>
|
||||
Date: Tue, 6 Aug 2024 10:38:01 +0200
|
||||
Subject: [PATCH] Fix various issues detected by static analysis
|
||||
|
||||
Signed-off-by: Julien Rische <jrische@redhat.com>
|
||||
(cherry picked from commit be676f3c6338971d953c8da52f4172040c5e06a4)
|
||||
---
|
||||
src/client/gpm_accept_sec_context.c | 1 +
|
||||
src/gp_creds.c | 1 +
|
||||
src/gp_rpc_init_sec_context.c | 2 ++
|
||||
tests/interposetest.c | 5 +++--
|
||||
tests/t_accept.c | 2 +-
|
||||
5 files changed, 8 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/client/gpm_accept_sec_context.c b/src/client/gpm_accept_sec_context.c
|
||||
index ab20b03..d508615 100644
|
||||
--- a/src/client/gpm_accept_sec_context.c
|
||||
+++ b/src/client/gpm_accept_sec_context.c
|
||||
@@ -105,6 +105,7 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status,
|
||||
if (outbuf) {
|
||||
*output_token = *outbuf;
|
||||
free(outbuf);
|
||||
+ outbuf = NULL;
|
||||
}
|
||||
if (ret_flags) {
|
||||
*ret_flags = ctx->ctx_flags;
|
||||
diff --git a/src/gp_creds.c b/src/gp_creds.c
|
||||
index 843d1a3..1a0258a 100644
|
||||
--- a/src/gp_creds.c
|
||||
+++ b/src/gp_creds.c
|
||||
@@ -800,6 +800,7 @@ done:
|
||||
gss_release_cred(&discard, &user_cred);
|
||||
gss_release_name(&discard, &target_name);
|
||||
gss_delete_sec_context(&discard, &initiator_context, NULL);
|
||||
+ gss_delete_sec_context(&discard, &acceptor_context, NULL);
|
||||
gss_release_buffer(&discard, &init_token);
|
||||
gss_release_buffer(&discard, &accept_token);
|
||||
gss_release_name(&discard, &req_name);
|
||||
diff --git a/src/gp_rpc_init_sec_context.c b/src/gp_rpc_init_sec_context.c
|
||||
index f362dbc..7fe7365 100644
|
||||
--- a/src/gp_rpc_init_sec_context.c
|
||||
+++ b/src/gp_rpc_init_sec_context.c
|
||||
@@ -33,6 +33,7 @@ int gp_init_sec_context(struct gp_call_ctx *gpcall,
|
||||
};
|
||||
uint32_t gccn_before = 0;
|
||||
uint32_t gccn_after = 0;
|
||||
+ uint32_t discard;
|
||||
int ret;
|
||||
|
||||
isca = &arg->init_sec_context;
|
||||
@@ -192,6 +193,7 @@ done:
|
||||
|
||||
GPRPCDEBUG(gssx_res_init_sec_context, iscr);
|
||||
|
||||
+ gss_delete_sec_context(&discard, &ctx, NULL);
|
||||
gss_release_name(&ret_min, &target_name);
|
||||
gss_release_oid(&ret_min, &mech_type);
|
||||
gss_release_cred(&ret_min, &ich);
|
||||
diff --git a/tests/interposetest.c b/tests/interposetest.c
|
||||
index 0cdd473..7ab8ecc 100644
|
||||
--- a/tests/interposetest.c
|
||||
+++ b/tests/interposetest.c
|
||||
@@ -377,7 +377,7 @@ void run_server(struct aproc *data)
|
||||
uint32_t ret_min;
|
||||
gss_ctx_id_t context_handle = GSS_C_NO_CONTEXT;
|
||||
gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL;
|
||||
- gss_name_t src_name;
|
||||
+ gss_name_t src_name = GSS_C_NO_NAME;
|
||||
gss_buffer_desc out_token = GSS_C_EMPTY_BUFFER;
|
||||
gss_cred_id_t deleg_cred = GSS_C_NO_CREDENTIAL;
|
||||
gss_OID_set mech_set = GSS_C_NO_OID_SET;
|
||||
@@ -591,7 +591,8 @@ void run_server(struct aproc *data)
|
||||
goto done;
|
||||
}
|
||||
|
||||
- fprintf(stdout, "Server, RECV: %s\n", (char *)out_token.value);
|
||||
+ fprintf(stdout, "Server, RECV: %*s\n", (int)out_token.length,
|
||||
+ (char *)out_token.value);
|
||||
|
||||
gss_release_buffer(&ret_min, &out_token);
|
||||
|
||||
diff --git a/tests/t_accept.c b/tests/t_accept.c
|
||||
index 3afb7ac..8a663fe 100644
|
||||
--- a/tests/t_accept.c
|
||||
+++ b/tests/t_accept.c
|
||||
@@ -9,7 +9,7 @@ int main(int argc, const char *argv[])
|
||||
gss_ctx_id_t context_handle = GSS_C_NO_CONTEXT;
|
||||
gss_buffer_desc in_token = GSS_C_EMPTY_BUFFER;
|
||||
gss_buffer_desc out_token = GSS_C_EMPTY_BUFFER;
|
||||
- gss_name_t src_name;
|
||||
+ gss_name_t src_name = GSS_C_NO_NAME;
|
||||
uint32_t ret_maj;
|
||||
uint32_t ret_min;
|
||||
int ret = -1;
|
||||
--
|
||||
2.45.2
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Name: gssproxy
|
||||
|
||||
Version: 0.8.4
|
||||
Release: 6%{?dist}
|
||||
Release: 7%{?dist}
|
||||
Summary: GSSAPI Proxy
|
||||
|
||||
License: MIT
|
||||
@ -15,6 +15,7 @@ Source1: rwtab
|
||||
|
||||
### Patches ###
|
||||
Patch0001: 0001-Add-an-option-for-minimum-lifetime.patch
|
||||
Patch0002: 0002-Fix-various-issues-detected-by-static-analysis.patch
|
||||
|
||||
### Dependencies ###
|
||||
Requires: krb5-libs >= 1.12.0
|
||||
@ -111,6 +112,10 @@ install -m644 %{SOURCE1} $RPM_BUILD_ROOT/%{_sysconfdir}/rwtab.d/gssproxy
|
||||
%systemd_postun_with_restart gssproxy.service
|
||||
|
||||
%changelog
|
||||
* Thu Aug 08 2024 Julien Rische <jrische@redhat.com> - 0.8.4-7
|
||||
- Fix various issues detected by static analysis
|
||||
Resolves: RHEL-51177
|
||||
|
||||
* Wed Apr 05 2023 Julien Rische <jrische@redhat.com> - 0.8.4-6
|
||||
- Use openldap-servers from EPEL repo for testing
|
||||
- Resolves: rhbz#2187634
|
||||
|
||||
Loading…
Reference in New Issue
Block a user