some fixes changes from marc. changelogs will be merged later

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7760 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/appl/gssftp/ftp/cmds.c b/src/appl/gssftp/ftp/cmds.c
index c715723cbc8e72d423149ba323bbad92a393e16e..396f317dd0808d1d3be1c4e582ae8b3c8109af28 100644 (file)
--- a/src/appl/gssftp/ftp/cmds.c
+++ b/src/appl/gssftp/ftp/cmds.c
@@ -182,6 +182,10 @@ setpeer(argc, argv)
 #ifdef _AIX
 #define unix
 #endif
+
+#ifdef __hpux
+#define unix
+#endif
 #endif
 
 #if defined(unix) && (NBBY == 8 || defined(linux))

diff --git a/src/appl/gssftp/ftp/secure.c b/src/appl/gssftp/ftp/secure.c
index 98e57978bfa1ecbe79fb765d6f1f4df9188ef0e1..6bcc4910665c0264a8aadef09bb892220eeee9b3 100644 (file)
--- a/src/appl/gssftp/ftp/secure.c
+++ b/src/appl/gssftp/ftp/secure.c
@@ -211,19 +211,21 @@ unsigned int nbyte;
        long length;
        u_long net_len;
 
+       /* Other auth types go here ... */
+#ifdef KERBEROS
        if (bufsize < nbyte + FUDGE_FACTOR) {
-               if (outbuf) (void) free(outbuf);
-               if (outbuf = malloc((unsigned) (nbyte + FUDGE_FACTOR)))
+               if (outbuf?
+                   (outbuf = realloc(outbuf, (unsigned) (nbyte + FUDGE_FACTOR))):
+                   (outbuf = malloc((unsigned) (nbyte + FUDGE_FACTOR)))) {
                        bufsize = nbyte + FUDGE_FACTOR;
-               else {
+               } else {
                        bufsize = 0;
                        secure_error("%s (in malloc of PROT buffer)",
-                                       sys_errlist[errno]);
+                                    sys_errlist[errno]);
                        return(ERR);
                }
        }
-       /* Other auth types go here ... */
-#ifdef KERBEROS
+
        if (strcmp(auth_type, "KERBEROS_V4") == 0)
          if ((length = level == PROT_P ?
            krb_mk_priv(buf, (unsigned char *) outbuf, nbyte, schedule,
@@ -237,29 +239,42 @@ unsigned int nbyte;
 #endif /* KERBEROS */
 #ifdef GSSAPI
        if (strcmp(auth_type, "GSSAPI") == 0) {
-         gss_buffer_desc in_buf, out_buf;
-         OM_uint32 maj_stat, min_stat;
-         int conf_state;
+               gss_buffer_desc in_buf, out_buf;
+               OM_uint32 maj_stat, min_stat;
+               int conf_state;
                
-         in_buf.value = buf;
-         in_buf.length = nbyte;
-         maj_stat = gss_seal(&min_stat, gcontext,
-                             (level == PROT_P), /* confidential */
-                             GSS_C_QOP_DEFAULT,
-                             &in_buf, &conf_state,
-                             &out_buf);
-         if (maj_stat != GSS_S_COMPLETE) {
-           /* generally need to deal */
-           /* ie. should loop, but for now just fail */
-           secure_gss_error(maj_stat, min_stat,
-                            level == PROT_P?
-                            "GSSAPI seal failed":
-                            "GSSAPI sign failed");
-           return(ERR);
-         }
-         memcpy(outbuf, out_buf.value, length=out_buf.length);
-         gss_release_buffer(&min_stat, &out_buf);
+               in_buf.value = buf;
+               in_buf.length = nbyte;
+               maj_stat = gss_seal(&min_stat, gcontext,
+                                   (level == PROT_P), /* confidential */
+                                   GSS_C_QOP_DEFAULT,
+                                   &in_buf, &conf_state,
+                                   &out_buf);
+               if (maj_stat != GSS_S_COMPLETE) {
+                       /* generally need to deal */
+                       /* ie. should loop, but for now just fail */
+                       secure_gss_error(maj_stat, min_stat,
+                                        level == PROT_P?
+                                        "GSSAPI seal failed":
+                                        "GSSAPI sign failed");
+                       return(ERR);
+               }
+
+               if (bufsize < out_buf.length) {
+                       if (outbuf?
+                           (outbuf = realloc(outbuf, (unsigned) out_buf.length)):
+                           (outbuf = malloc((unsigned) out_buf.length))) {
+                               bufsize = nbyte + FUDGE_FACTOR;
+                       } else {
+                               bufsize = 0;
+                               secure_error("%s (in malloc of PROT buffer)",
+                                            sys_errlist[errno]);
+                               return(ERR);
+                       }
+               }
 
+               memcpy(outbuf, out_buf.value, length=out_buf.length);
+               gss_release_buffer(&min_stat, &out_buf);
        }
 #endif /* GSSAPI */
        net_len = htonl((u_long) length);

diff --git a/src/appl/gssftp/ftpd/ftpd.c b/src/appl/gssftp/ftpd/ftpd.c
index e930a4a3620d3ee406a26c03343044c9954822bc..a18bfc21748b9c344a981852e3543d4fff6c2af4 100644 (file)
--- a/src/appl/gssftp/ftpd/ftpd.c
+++ b/src/appl/gssftp/ftpd/ftpd.c
@@ -2060,7 +2060,7 @@ char *data;
                   respond with reply code 535." */
                reply_gss_error(535, maj_stat, min_stat, 
                                "GSSAPI failed processing ADAT");
-               syslog(LOG_ERR, "GSSAPI failed prossing ADAT");
+               syslog(LOG_ERR, "GSSAPI failed processing ADAT");
                (void) gss_release_cred(&min_stat, &server_creds);
                return(0);
        }