From: Chris Provenzano Date: Mon, 1 May 1995 20:46:24 +0000 (+0000) Subject: * kcmd.c (kcmd()): Bug fixes from jik X-Git-Tag: krb5-1.0-beta5~81 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=e39969e1341988f68ba8e45287f84daa30401569;p=krb5.git * kcmd.c (kcmd()): Bug fixes from jik * krlogind.c (recvauth()): Changes to auth_context to better support full addresses, for rd_cred() and friends. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5672 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index b3a9d4fbb..143c68f83 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,11 @@ + +Mon May 01 15:56:32 1995 Chris Provenzano + + * kcmd.c (kcmd()): Bug fixes from jik. + + * krlogind.c (recvauth()): Changes to auth_context to better + support full addresses, for rd_cred() and friends. + Sat Apr 29 01:26:06 1995 Theodore Y. Ts'o * Makefile.in (login.krb5): Link the libraries twice due to diff --git a/src/appl/bsd/kcmd.c b/src/appl/bsd/kcmd.c index ad376e530..67656ccf1 100644 --- a/src/appl/bsd/kcmd.c +++ b/src/appl/bsd/kcmd.c @@ -116,8 +116,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm, strcpy(host_save, hp->h_name); - *ahost = host_save; - /* If no service is given set to the default service */ if (!service) service = default_service; @@ -138,15 +136,9 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm, } if (realm && *realm) { - char *copyrealm; - krb5_data rdata; - - rdata.length = strlen(realm); - rdata.data = (char *) malloc(rdata.length+1); - strcpy(rdata.data, realm); - - /* XXX we should free the old realm first */ - krb5_princ_set_realm(bsd_context, get_cred->server, &rdata); + (void) krb5_xfree(krb5_princ_realm(bsd_context,ret_cred->server)->data); + krb5_princ_set_realm_length(bsd_context,ret_cred->server,strlen(realm)); + krb5_princ_set_realm_data(bsd_context,ret_cred->server,strdup(realm)); } #ifdef POSIX_SIGNALS sigemptyset(&urgmask); @@ -269,16 +261,18 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm, goto bad2; } - status = krb5_cc_default(bsd_context, &cc); - if (status) goto bad2; + if (status = krb5_cc_default(bsd_context, &cc)) + goto bad2; - status = krb5_cc_get_principal(bsd_context, cc, &get_cred->client); - if (status) goto bad2; + if (status = krb5_cc_get_principal(bsd_context, cc, &get_cred->client)) { + (void) krb5_cc_close(bsd_context, cc); + goto bad2; + } /* Get ticket from credentials cache or kdc */ status = krb5_get_credentials(bsd_context, 0, cc, get_cred, &ret_cred); - (void) krb5_cc_close(bsd_context, cc); krb5_free_creds(bsd_context, get_cred); + (void) krb5_cc_close(bsd_context, cc); if (status) goto bad2; /* Reset internal flags; these should not be sent. */ diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c index c011a35e1..c7d1959dc 100644 --- a/src/appl/bsd/krlogind.c +++ b/src/appl/bsd/krlogind.c @@ -1571,7 +1571,7 @@ recvauth() /* Only need remote address for rd_cred() to verify client */ if (status = krb5_auth_con_genaddrs(bsd_context, auth_context, netf, - KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR)) + KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR)) return status; if (status = krb5_compat_recvauth(bsd_context, &auth_context, &netf, @@ -1656,14 +1656,10 @@ recvauth() if (status = krb5_read_message(bsd_context, (krb5_pointer)&netf, &inbuf)) fatal(netf, "Error reading message"); - if (inbuf.length) { /* Forwarding being done, read creds */ - if (status = krb5_auth_con_genaddrs(bsd_context, auth_context, netf, - KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR)) - fatal(netf, "Can't generate full address for client"); - - if (status = rd_and_store_for_creds(bsd_context, auth_context, &inbuf, - ticket, lusername)) - fatal(netf, "Can't get forwarded credentials"); + if ((inbuf.length) && /* Forwarding being done, read creds */ + (status = rd_and_store_for_creds(bsd_context, auth_context, &inbuf, + ticket, lusername))) { + fatal(netf, "Can't get forwarded credentials"); } return 0; }