From 1f173e97357592cd43c7769cbc81b5c40e1ad17d Mon Sep 17 00:00:00 2001 From: Mark Eichin Date: Tue, 9 Apr 1996 22:40:18 +0000 Subject: [PATCH] some fixes changes from marc. changelogs will be merged later git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7760 dc483132-0cff-0310-8789-dd5450dbe970 --- src/appl/gssftp/ftp/cmds.c | 4 +++ src/appl/gssftp/ftp/secure.c | 69 ++++++++++++++++++++++-------------- src/appl/gssftp/ftpd/ftpd.c | 2 +- 3 files changed, 47 insertions(+), 28 deletions(-) diff --git a/src/appl/gssftp/ftp/cmds.c b/src/appl/gssftp/ftp/cmds.c index c715723cb..396f317dd 100644 --- a/src/appl/gssftp/ftp/cmds.c +++ b/src/appl/gssftp/ftp/cmds.c @@ -182,6 +182,10 @@ setpeer(argc, argv) #ifdef _AIX #define unix #endif + +#ifdef __hpux +#define unix +#endif #endif #if defined(unix) && (NBBY == 8 || defined(linux)) diff --git a/src/appl/gssftp/ftp/secure.c b/src/appl/gssftp/ftp/secure.c index 98e57978b..6bcc49106 100644 --- a/src/appl/gssftp/ftp/secure.c +++ b/src/appl/gssftp/ftp/secure.c @@ -211,19 +211,21 @@ unsigned int nbyte; long length; u_long net_len; + /* Other auth types go here ... */ +#ifdef KERBEROS if (bufsize < nbyte + FUDGE_FACTOR) { - if (outbuf) (void) free(outbuf); - if (outbuf = malloc((unsigned) (nbyte + FUDGE_FACTOR))) + if (outbuf? + (outbuf = realloc(outbuf, (unsigned) (nbyte + FUDGE_FACTOR))): + (outbuf = malloc((unsigned) (nbyte + FUDGE_FACTOR)))) { bufsize = nbyte + FUDGE_FACTOR; - else { + } else { bufsize = 0; secure_error("%s (in malloc of PROT buffer)", - sys_errlist[errno]); + sys_errlist[errno]); return(ERR); } } - /* Other auth types go here ... */ -#ifdef KERBEROS + if (strcmp(auth_type, "KERBEROS_V4") == 0) if ((length = level == PROT_P ? krb_mk_priv(buf, (unsigned char *) outbuf, nbyte, schedule, @@ -237,29 +239,42 @@ unsigned int nbyte; #endif /* KERBEROS */ #ifdef GSSAPI if (strcmp(auth_type, "GSSAPI") == 0) { - gss_buffer_desc in_buf, out_buf; - OM_uint32 maj_stat, min_stat; - int conf_state; + gss_buffer_desc in_buf, out_buf; + OM_uint32 maj_stat, min_stat; + int conf_state; - in_buf.value = buf; - in_buf.length = nbyte; - maj_stat = gss_seal(&min_stat, gcontext, - (level == PROT_P), /* confidential */ - GSS_C_QOP_DEFAULT, - &in_buf, &conf_state, - &out_buf); - if (maj_stat != GSS_S_COMPLETE) { - /* generally need to deal */ - /* ie. should loop, but for now just fail */ - secure_gss_error(maj_stat, min_stat, - level == PROT_P? - "GSSAPI seal failed": - "GSSAPI sign failed"); - return(ERR); - } - memcpy(outbuf, out_buf.value, length=out_buf.length); - gss_release_buffer(&min_stat, &out_buf); + in_buf.value = buf; + in_buf.length = nbyte; + maj_stat = gss_seal(&min_stat, gcontext, + (level == PROT_P), /* confidential */ + GSS_C_QOP_DEFAULT, + &in_buf, &conf_state, + &out_buf); + if (maj_stat != GSS_S_COMPLETE) { + /* generally need to deal */ + /* ie. should loop, but for now just fail */ + secure_gss_error(maj_stat, min_stat, + level == PROT_P? + "GSSAPI seal failed": + "GSSAPI sign failed"); + return(ERR); + } + + if (bufsize < out_buf.length) { + if (outbuf? + (outbuf = realloc(outbuf, (unsigned) out_buf.length)): + (outbuf = malloc((unsigned) out_buf.length))) { + bufsize = nbyte + FUDGE_FACTOR; + } else { + bufsize = 0; + secure_error("%s (in malloc of PROT buffer)", + sys_errlist[errno]); + return(ERR); + } + } + memcpy(outbuf, out_buf.value, length=out_buf.length); + gss_release_buffer(&min_stat, &out_buf); } #endif /* GSSAPI */ net_len = htonl((u_long) length); diff --git a/src/appl/gssftp/ftpd/ftpd.c b/src/appl/gssftp/ftpd/ftpd.c index e930a4a36..a18bfc217 100644 --- a/src/appl/gssftp/ftpd/ftpd.c +++ b/src/appl/gssftp/ftpd/ftpd.c @@ -2060,7 +2060,7 @@ char *data; respond with reply code 535." */ reply_gss_error(535, maj_stat, min_stat, "GSSAPI failed processing ADAT"); - syslog(LOG_ERR, "GSSAPI failed prossing ADAT"); + syslog(LOG_ERR, "GSSAPI failed processing ADAT"); (void) gss_release_cred(&min_stat, &server_creds); return(0); } -- 2.26.2