Fix cred_store handling w/o client keytab.
This commit is contained in:
parent
50753e3123
commit
f6735aa3f3
43
gssproxy-cred_store.patch
Normal file
43
gssproxy-cred_store.patch
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
From 4ceed9a85484bdde3d355d21ceb666dc8d910910 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gdeschner@redhat.com>
|
||||||
|
Date: Wed, 22 May 2013 17:26:00 +0200
|
||||||
|
Subject: [PATCH] Fix realloc size in gp_get_cred_environment().
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
This fixes a segfault when no client_keytab is passed in via cred_store api.
|
||||||
|
See https://fedorahosted.org/gss-proxy/ticket/85 for details.
|
||||||
|
|
||||||
|
Signed-off-by: Günther Deschner <gdeschner@redhat.com>
|
||||||
|
Reviewed-by: Simo Sorce <simo@redhat.com>
|
||||||
|
---
|
||||||
|
proxy/src/gp_creds.c | 5 +++--
|
||||||
|
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/proxy/src/gp_creds.c b/proxy/src/gp_creds.c
|
||||||
|
index 0dd54f0..2517665 100644
|
||||||
|
--- a/proxy/src/gp_creds.c
|
||||||
|
+++ b/proxy/src/gp_creds.c
|
||||||
|
@@ -292,7 +292,8 @@ static int gp_get_cred_environment(struct gp_service *svc,
|
||||||
|
} else {
|
||||||
|
gss_key_value_element_desc *t;
|
||||||
|
c = cs->count;
|
||||||
|
- t = realloc(cs->elements, c + 1);
|
||||||
|
+ t = realloc(cs->elements,
|
||||||
|
+ (c + 1) * sizeof(gss_key_value_element_desc));
|
||||||
|
if (!t) {
|
||||||
|
ret = ENOMEM;
|
||||||
|
goto done;
|
||||||
|
@@ -304,7 +305,7 @@ static int gp_get_cred_environment(struct gp_service *svc,
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* increment now so in case of failure to opy the value, key is
|
||||||
|
+ /* increment now so in case of failure to copy the value, key is
|
||||||
|
* still freed properly */
|
||||||
|
cs->count = c + 1;
|
||||||
|
cs->elements[c].value = strdup(cs->elements[k_num].value);
|
||||||
|
--
|
||||||
|
1.8.1.4
|
||||||
|
|
@ -1,6 +1,6 @@
|
|||||||
Name: gssproxy
|
Name: gssproxy
|
||||||
Version: 0.2.2
|
Version: 0.2.2
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
Summary: GSSAPI Proxy
|
Summary: GSSAPI Proxy
|
||||||
|
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -8,6 +8,7 @@ License: MIT
|
|||||||
URL: http://fedorahosted.org/gss-proxy
|
URL: http://fedorahosted.org/gss-proxy
|
||||||
Source0: http://fedorahosted.org/released/gss-proxy/%{name}-%{version}.tar.gz
|
Source0: http://fedorahosted.org/released/gss-proxy/%{name}-%{version}.tar.gz
|
||||||
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
||||||
|
Patch0: gssproxy-cred_store.patch
|
||||||
|
|
||||||
%global servicename gssproxy
|
%global servicename gssproxy
|
||||||
%global pubconfpath %{_sysconfdir}/gssproxy
|
%global pubconfpath %{_sysconfdir}/gssproxy
|
||||||
@ -51,6 +52,8 @@ A proxy for GSSAPI credential handling
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
|
||||||
|
%patch0 -p2 -b .cred_store
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf -f -i
|
autoreconf -f -i
|
||||||
%configure \
|
%configure \
|
||||||
@ -102,6 +105,9 @@ rm -rf %{buildroot}
|
|||||||
%systemd_postun_with_restart gssproxy.service
|
%systemd_postun_with_restart gssproxy.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed May 22 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.2-3
|
||||||
|
- Fix cred_store handling w/o client keytab
|
||||||
|
|
||||||
* Thu May 16 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.2-2
|
* Thu May 16 2013 Guenther Deschner <gdeschner@redhat.com> 0.2.2-2
|
||||||
- New upstream release
|
- New upstream release
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user