rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity
802e825d17
krb5/krb5-1.14.1-interpose-inquire_saslname_for_mech.patch
Robbie Harwood 96d71f74f7 Backport my interposer fixes from upstream 
Supersedes krb5-mechglue_inqure_attrs.patch
2016-02-19 20:11:26 +00:00

76 lines
3.0 KiB
Diff
Raw Blame History

From 92dbcf2eb436933f769c17e6a10f671992636e5f Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 12 Jan 2016 11:13:09 -0500
Subject: [PATCH] Enable interposing gss_inquire_saslname_for_mech
The behavior of gss_inquire_saslname_for_mech() changes slightly, to
report GSS_S_BAD_MECH when an unsupported mech oid is given. Also
call map_error() on the minor code resulting from the mech.
Note that gss_inquire_mech_for_saslname() cannot be interposed, as
mech_type is specified as output-only in RFC 5801.
ticket: 8359 (new)
---
src/lib/gssapi/mechglue/g_saslname.c | 27 ++++++++++++++++++++-------
1 file changed, 20 insertions(+), 7 deletions(-)
diff --git a/src/lib/gssapi/mechglue/g_saslname.c b/src/lib/gssapi/mechglue/g_saslname.c
index b025d9c..48060c3 100644
--- a/src/lib/gssapi/mechglue/g_saslname.c
+++ b/src/lib/gssapi/mechglue/g_saslname.c
@@ -113,7 +113,8 @@ OM_uint32 KRB5_CALLCONV gss_inquire_saslname_for_mech(
gss_buffer_t mech_name,
gss_buffer_t mech_description)
{
- OM_uint32 status = GSS_S_BAD_MECH;
+ OM_uint32 status;
+ gss_OID selected_mech, public_mech;
gss_mechanism mech;
if (minor_status == NULL)
@@ -136,15 +137,26 @@ OM_uint32 KRB5_CALLCONV gss_inquire_saslname_for_mech(
mech_description->value = NULL;
}
+ status = gssint_select_mech_type(minor_status, desired_mech,
+ &selected_mech);
+ if (status != GSS_S_COMPLETE)
+ return status;
+
mech = gssint_get_mechanism(desired_mech);
- if (mech != NULL && mech->gss_inquire_saslname_for_mech != NULL) {
- status = mech->gss_inquire_saslname_for_mech(minor_status,
- desired_mech,
- sasl_mech_name,
- mech_name,
+ if (mech == NULL) {
+ return GSS_S_BAD_MECH;
+ } else if (mech->gss_inquire_saslname_for_mech == NULL) {
+ status = GSS_S_UNAVAILABLE;
+ } else {
+ public_mech = gssint_get_public_oid(selected_mech);
+ status = mech->gss_inquire_saslname_for_mech(minor_status, public_mech,
+ sasl_mech_name, mech_name,
mech_description);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
}
- if (status == GSS_S_BAD_MECH) {
+
+ if (status == GSS_S_UNAVAILABLE) {
if (sasl_mech_name != GSS_C_NO_BUFFER)
status = oidToSaslNameAlloc(minor_status, desired_mech,
sasl_mech_name);
@@ -155,6 +167,7 @@ OM_uint32 KRB5_CALLCONV gss_inquire_saslname_for_mech(
return status;
}
+/* We cannot interpose this function as mech_type is an output parameter. */
OM_uint32 KRB5_CALLCONV gss_inquire_mech_for_saslname(
OM_uint32 *minor_status,
const gss_buffer_t sasl_mech_name,
--
2.7.0
Reference in New Issue View Git Blame Copy Permalink