context loop to match with the draft-ietf-gssv2-cbind-04.txt
suggestion --- always send the output token even in the case of an
error, and call gss_delete_sec_context() if needed.
gss-client.c (client_establish_context): Check for error condition
after sending the output token, if present. In case of error, call
delete_sec_context if necessary.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10096
dc483132-0cff-0310-8789-
dd5450dbe970
+Fri Jun 6 15:05:57 1997 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * gss-server.c (server_establish_context): Rearrange server
+ establish context loop to match with the
+ draft-ietf-gssv2-cbind-04.txt suggestion --- always send
+ the output token even in the case of an error, and call
+ gss_delete_sec_context() if needed.
+
+ * gss-client.c (client_establish_context): Check for error
+ condition after sending the output token, if present. In
+ case of error, call delete_sec_context if necessary.
+
Wed Feb 5 20:25:57 1997 Tom Yu <tlyu@mit.edu>
* Makefile.in:
{
gss_buffer_desc send_tok, recv_tok, *token_ptr;
gss_name_t target_name;
- OM_uint32 maj_stat, min_stat;
+ OM_uint32 maj_stat, min_stat, init_sec_min_stat;
/*
* Import the name into target_name. Use send_tok to save
do {
maj_stat =
- gss_init_sec_context(&min_stat,
+ gss_init_sec_context(&init_sec_min_stat,
GSS_C_NO_CREDENTIAL,
gss_context,
target_name,
if (token_ptr != GSS_C_NO_BUFFER)
(void) gss_release_buffer(&min_stat, &recv_tok);
- if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) {
- display_status("initializing context", maj_stat, min_stat);
- (void) gss_release_name(&min_stat, &target_name);
- return -1;
- }
-
if (send_tok.length != 0) {
printf("Sending init_sec_context token (size=%d)...",
send_tok.length);
}
}
(void) gss_release_buffer(&min_stat, &send_tok);
+
+ if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) {
+ display_status("initializing context", maj_stat,
+ init_sec_min_stat);
+ (void) gss_release_name(&min_stat, &target_name);
+ if (*gss_context == GSS_C_NO_CONTEXT)
+ gss_delete_sec_context(&min_stat, gss_context,
+ GSS_C_NO_BUFFER);
+ return -1;
+ }
if (maj_stat == GSS_S_CONTINUE_NEEDED) {
printf("continue needed...");
gss_buffer_desc send_tok, recv_tok;
gss_name_t client;
gss_OID doid;
- OM_uint32 maj_stat, min_stat;
+ OM_uint32 maj_stat, min_stat, acc_sec_min_stat;
gss_buffer_desc oid_name;
*context = GSS_C_NO_CONTEXT;
}
maj_stat =
- gss_accept_sec_context(&min_stat,
+ gss_accept_sec_context(&acc_sec_min_stat,
context,
server_creds,
&recv_tok,
NULL, /* ignore time_rec */
NULL); /* ignore del_cred_handle */
- if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) {
- display_status("accepting context", maj_stat, min_stat);
- (void) gss_release_buffer(&min_stat, &recv_tok);
- return -1;
- }
-
(void) gss_release_buffer(&min_stat, &recv_tok);
if (send_tok.length != 0) {
(void) gss_release_buffer(&min_stat, &send_tok);
}
+ if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) {
+ display_status("accepting context", maj_stat,
+ acc_sec_min_stat);
+ if (*context == GSS_C_NO_CONTEXT)
+ gss_delete_sec_context(&min_stat, context,
+ GSS_C_NO_BUFFER);
+ return -1;
+ }
+
if (verbose && log) {
if (maj_stat == GSS_S_CONTINUE_NEEDED)
fprintf(log, "continue needed...\n");
projects / krb5.git / commitdiff