g_glue.c (__gss_get_mech_type): Fix code to properly parse token
authorTheodore Tso <tytso@mit.edu>
Fri, 1 Mar 1996 05:06:19 +0000 (05:06 +0000)
committerTheodore Tso <tytso@mit.edu>
Fri, 1 Mar 1996 05:06:19 +0000 (05:06 +0000)
headers.  It was working only by serendipity....

g_accept_sec_context.c (gss_accept_sec_context): Add error checking
and memory cleanup.  Make gss_accept_sec_context work for mechanisms
that use multiple token roundtrips.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7581 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/gssapi/mechglue/ChangeLog
src/lib/gssapi/mechglue/g_accept_sec_context.c
src/lib/gssapi/mechglue/g_glue.c
src/lib/gssapi/mechglue/mglueP.h

index d944aecd953ce227e1e8970f288d5a237d4ae859..c50371c6045733e48d8684ed5247b4bf71a69373 100644 (file)
@@ -1,3 +1,12 @@
+Thu Feb 29 11:32:16 1996  Theodore Y. Ts'o  <tytso@dcl>
+
+       * g_glue.c (__gss_get_mech_type): Fix code to properly parse token
+               headers.  It was working only by serendipity....
+
+       * g_accept_sec_context.c (gss_accept_sec_context): Add error
+               checking and memory cleanup.  Make gss_accept_sec_context
+               work for mechanisms that use multiple token roundtrips.
+
 Wed Feb 28 20:33:47 1996  Theodore Y. Ts'o  <tytso@dcl>
 
        * mglueP.h: For MS-DOS, add #include of malloc.h
index a1251a3675096c886817337dd6f401f85a717ecd..b4ac67d25a46fef9e9ca596d4b9fd13be5c214e9 100644 (file)
@@ -31,6 +31,7 @@
 #include <stdlib.h>
 #endif
 #include <string.h>
+#include <errno.h>
 
 OM_uint32 INTERFACE
 gss_accept_sec_context (minor_status,
@@ -66,7 +67,6 @@ gss_cred_id_t *               delegated_cred_handle;
     gss_OID_desc       token_mech_type_desc;
     gss_OID            token_mech_type = &token_mech_type_desc;
     gss_mechanism      mech;
-    int i;
     
     gss_initialize();
 
@@ -81,22 +81,32 @@ gss_cred_id_t *             delegated_cred_handle;
      */
     
     if(*context_handle == GSS_C_NO_CONTEXT) {
+       
+       /* Get the token mech type */
+       status = __gss_get_mech_type(token_mech_type, input_token_buffer);
+       if (status)
+           return status;
 
+       status = GSS_S_FAILURE;
        union_ctx_id = (gss_union_ctx_id_t)
            malloc(sizeof(gss_union_ctx_id_desc));
-
-       union_ctx_id->mech_type = (gss_OID)
-           malloc(sizeof(gss_OID_desc));
-
-       /*
-        * get the token mech type, create the context id mech type space
-        * and copy in the OID
-        */
-
-       __gss_get_mech_type(&token_mech_type, input_token_buffer);
-
+       if (!union_ctx_id) {
+           *minor_status = ENOMEM;
+           goto error_out;
+       }
+
+       union_ctx_id->mech_type = (gss_OID) malloc(sizeof(gss_OID_desc));
+       if (!union_ctx_id->mech_type) {
+           *minor_status = ENOMEM;
+           goto error_out;
+       }
+       
        union_ctx_id->mech_type->elements = (void *)
            malloc(token_mech_type->length);
+       if (!union_ctx_id->mech_type->elements) {
+           *minor_status = ENOMEM;
+           goto error_out;
+       }
 
        union_ctx_id->mech_type->length = token_mech_type->length;
        memcpy(union_ctx_id->mech_type->elements,
@@ -106,8 +116,10 @@ gss_cred_id_t *            delegated_cred_handle;
        /* copy the supplied context handle */
 
        union_ctx_id->internal_ctx_id = *context_handle;
-    } else
+    } else {
        union_ctx_id = *context_handle;
+       token_mech_type = union_ctx_id->mech_type;
+    }
     
     /* 
      * get the appropriate cred handle from the union cred struct.
@@ -139,12 +151,13 @@ gss_cred_id_t *           delegated_cred_handle;
                                                  time_rec,
                                                  delegated_cred_handle);
 
+           /* If there's more work to do, keep going... */
+           if (status == GSS_S_CONTINUE_NEEDED)
+               return GSS_S_CONTINUE_NEEDED;
+           
            /* if the call failed, return with failure */
-
-           if(status != GSS_S_COMPLETE
-              &&
-              status != GSS_S_CONTINUE_NEEDED)
-               return(status);
+           if (status != GSS_S_COMPLETE)
+               goto error_out;
 
            /*
             * if src_name is non-NULL,
@@ -173,5 +186,16 @@ gss_cred_id_t *            delegated_cred_handle;
     }
     
     return(GSS_S_BAD_MECH);
+    
+error_out:
+    if (union_ctx_id) {
+       if (union_ctx_id->mech_type) {
+           if (union_ctx_id->mech_type->elements)
+               free(union_ctx_id->mech_type->elements);
+           free(union_ctx_id->mech_type);
+       }
+       free(union_ctx_id);
+    }
+    return (status);
 }
 
index 0993f6c8a263e0f0d2f5b397987797c884d72d4f..a59dd2b74283e96a4e7f4e0727b9861e152b0811 100644 (file)
@@ -72,12 +72,11 @@ gss_mechanism __gss_get_mechanism (gss_OID type)
  */
 
 OM_uint32 __gss_get_mech_type(OID, token)
-
-gss_OID *      OID;
-gss_buffer_t   token;
-
+    gss_OID            OID;
+    gss_buffer_t       token;
 {
     unsigned char * buffer_ptr;
+    int length;
     
     /*
      * This routine reads the prefix of "token" in order to determine
@@ -99,33 +98,31 @@ gss_buffer_t        token;
      * <length> - assume only one byte, hence OID length < 127
      * <mech OID bytes>
      *
-     * The routine returns a pointer to the OID value. The return code is
-     * the length of the OID, if successful; otherwise it is 0.
+     * The routine fills in the OID value and returns an error as necessary.
      */
     
-    if (OID == NULL || *OID == GSS_C_NULL_OID)
-       return (0);
-
-    /* if the token is a null pointer, return a zero length OID */
-    
-    if(token == NULL) {
-       (*OID)->length = 0;
-       (*OID)->elements = NULL;
-       return (0);
-    }
+    if (token == NULL)
+       return (GSS_S_DEFECTIVE_TOKEN);
     
     /* Skip past the APP/Sequnce byte and the token length */
     
     buffer_ptr = (unsigned char *) token->value;
+
+    if (*(buffer_ptr++) != 0x60)
+       return (GSS_S_DEFECTIVE_TOKEN);
+    length = *buffer_ptr++;
+    if (length & 0x80) {
+       if ((length & 0x7f) > 4)
+           return (GSS_S_DEFECTIVE_TOKEN);
+       buffer_ptr += length & 0x7f;
+    }
     
-    while(*(++buffer_ptr) & (1<<7))
-       continue;
-    
-    /* increment buffer_ptr to point to the OID and return its length */
+    if (*(buffer_ptr++) != 0x06)
+       return (GSS_S_DEFECTIVE_TOKEN);
     
-    (*OID)->length = (OM_uint32) *(buffer_ptr+3);
-    (*OID)->elements = (void *) (buffer_ptr+4);
-    return ((*OID)->length);
+    OID->length = (OM_uint32) *(buffer_ptr++);
+    OID->elements = (void *) buffer_ptr;
+    return (GSS_S_COMPLETE);
 }
 
 
index 60c94eefe8214cab839b1534728de23380c51b73..df5c34507fc4fa3f634b9badfedcd0970fe79826 100644 (file)
@@ -347,7 +347,7 @@ typedef struct gss_config {
 gss_mechanism __gss_get_mechanism
 PROTOTYPE((gss_OID));
 OM_uint32 __gss_get_mech_type
-PROTOTYPE((gss_OID *, gss_buffer_t));
+PROTOTYPE((gss_OID, gss_buffer_t));
 OM_uint32 __gss_import_internal_name
 PROTOTYPE((OM_uint32 *, gss_OID, gss_union_name_t,
           gss_name_t *));