------------------------------------------------------------------------
r22184 | ghudson | 2009-04-08 11:58:24 -0400 (Wed, 08 Apr 2009) | 7 lines
Changed paths:
M /trunk/src/lib/krb5/error_tables/krb5_err.et
M /trunk/src/lib/krb5/krb/mk_priv.c
M /trunk/src/lib/krb5/krb/mk_safe.c
M /trunk/src/lib/krb5/krb/rd_priv.c
M /trunk/src/lib/krb5/krb/rd_safe.c
ticket: 1165
mk_safe and mk_priv require the local address to be set in the auth
context; rd_safe and rd_priv require the remote address to be set.
Create error codes for both kinds of missing addresses and stop trying
futilely to handle the cases where they are not set.
ticket: 1165
version_fixed: 1.7
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@22254
dc483132-0cff-0310-8789-
dd5450dbe970
error_code KRB5_ERR_INVALID_UTF8, "Invalid UTF-8 string"
error_code KRB5_ERR_FAST_REQUIRED, "FAST protected pre-authentication required but not supported by KDC"
+
+error_code KRB5_LOCAL_ADDR_REQUIRED, "Auth context must contain local address"
+error_code KRB5_REMOTE_ADDR_REQUIRED, "Auth context must contain remote address"
end
/* Need a better error */
return KRB5_RC_REQUIRED;
+ if (!auth_context->local_addr)
+ return KRB5_LOCAL_ADDR_REQUIRED;
+
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME)) {
if ((retval = krb5_us_timeofday(context, &replaydata.timestamp,
} else {
outdata->seq = replaydata.seq;
}
- }
+ }
{
krb5_address * premote_fulladdr = NULL;
- krb5_address * plocal_fulladdr = NULL;
+ krb5_address * plocal_fulladdr;
krb5_address remote_fulladdr;
krb5_address local_fulladdr;
CLEANUP_INIT(2);
- if (auth_context->local_addr) {
- if (auth_context->local_port) {
- if (!(retval = krb5_make_fulladdr(context, auth_context->local_addr,
- auth_context->local_port,
- &local_fulladdr))) {
- CLEANUP_PUSH(local_fulladdr.contents, free);
- plocal_fulladdr = &local_fulladdr;
- } else {
- goto error;
- }
+ if (auth_context->local_port) {
+ if (!(retval = krb5_make_fulladdr(context, auth_context->local_addr,
+ auth_context->local_port,
+ &local_fulladdr))) {
+ CLEANUP_PUSH(local_fulladdr.contents, free);
+ plocal_fulladdr = &local_fulladdr;
} else {
- plocal_fulladdr = auth_context->local_addr;
+ goto error;
}
+ } else {
+ plocal_fulladdr = auth_context->local_addr;
}
if (auth_context->remote_addr) {
/* Need a better error */
return KRB5_RC_REQUIRED;
+ if (!auth_context->local_addr)
+ return KRB5_LOCAL_ADDR_REQUIRED;
+
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME)) {
if ((retval = krb5_us_timeofday(context, &replaydata.timestamp,
{
krb5_address * premote_fulladdr = NULL;
- krb5_address * plocal_fulladdr = NULL;
+ krb5_address * plocal_fulladdr;
krb5_address remote_fulladdr;
krb5_address local_fulladdr;
krb5_cksumtype sumtype;
CLEANUP_INIT(2);
- if (auth_context->local_addr) {
- if (auth_context->local_port) {
- if (!(retval = krb5_make_fulladdr(context, auth_context->local_addr,
- auth_context->local_port,
- &local_fulladdr))){
- CLEANUP_PUSH(local_fulladdr.contents, free);
- plocal_fulladdr = &local_fulladdr;
- } else {
- goto error;
- }
+ if (auth_context->local_port) {
+ if (!(retval = krb5_make_fulladdr(context, auth_context->local_addr,
+ auth_context->local_port,
+ &local_fulladdr))){
+ CLEANUP_PUSH(local_fulladdr.contents, free);
+ plocal_fulladdr = &local_fulladdr;
} else {
- plocal_fulladdr = auth_context->local_addr;
- }
-
+ goto error;
+ }
+ } else {
+ plocal_fulladdr = auth_context->local_addr;
}
if (auth_context->remote_addr) {
/* Need a better error */
return KRB5_RC_REQUIRED;
+ if (!auth_context->remote_addr)
+ return KRB5_REMOTE_ADDR_REQUIRED;
+
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) &&
(auth_context->rcache == NULL))
return KRB5_RC_REQUIRED;
{
- krb5_address * premote_fulladdr = NULL;
+ krb5_address * premote_fulladdr;
krb5_address * plocal_fulladdr = NULL;
krb5_address remote_fulladdr;
krb5_address local_fulladdr;
}
}
- if (auth_context->remote_addr) {
- if (auth_context->remote_port) {
- if (!(retval = krb5_make_fulladdr(context,auth_context->remote_addr,
- auth_context->remote_port,
- &remote_fulladdr))){
- CLEANUP_PUSH(remote_fulladdr.contents, free);
- premote_fulladdr = &remote_fulladdr;
- } else {
- CLEANUP_DONE();
- return retval;
- }
+ if (auth_context->remote_port) {
+ if (!(retval = krb5_make_fulladdr(context,auth_context->remote_addr,
+ auth_context->remote_port,
+ &remote_fulladdr))){
+ CLEANUP_PUSH(remote_fulladdr.contents, free);
+ premote_fulladdr = &remote_fulladdr;
} else {
- premote_fulladdr = auth_context->remote_addr;
- }
+ CLEANUP_DONE();
+ return retval;
+ }
+ } else {
+ premote_fulladdr = auth_context->remote_addr;
}
memset(&replaydata, 0, sizeof(replaydata));
(auth_context->rcache == NULL))
return KRB5_RC_REQUIRED;
+ if (!auth_context->remote_addr)
+ return KRB5_REMOTE_ADDR_REQUIRED;
+
/* Get keyblock */
if ((keyblock = auth_context->recv_subkey) == NULL)
keyblock = auth_context->keyblock;
{
- krb5_address * premote_fulladdr = NULL;
+ krb5_address * premote_fulladdr;
krb5_address * plocal_fulladdr = NULL;
krb5_address remote_fulladdr;
krb5_address local_fulladdr;
}
}
- if (auth_context->remote_addr) {
- if (auth_context->remote_port) {
- if (!(retval = krb5_make_fulladdr(context,auth_context->remote_addr,
- auth_context->remote_port,
- &remote_fulladdr))){
- CLEANUP_PUSH(remote_fulladdr.contents, free);
- premote_fulladdr = &remote_fulladdr;
- } else {
- return retval;
- }
+ if (auth_context->remote_port) {
+ if (!(retval = krb5_make_fulladdr(context,auth_context->remote_addr,
+ auth_context->remote_port,
+ &remote_fulladdr))){
+ CLEANUP_PUSH(remote_fulladdr.contents, free);
+ premote_fulladdr = &remote_fulladdr;
} else {
- premote_fulladdr = auth_context->remote_addr;
- }
+ return retval;
+ }
+ } else {
+ premote_fulladdr = auth_context->remote_addr;
}
memset(&replaydata, 0, sizeof(replaydata));
projects / krb5.git / commitdiff