system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-10-15 12:54:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

When receiving delegated credentials, initialise our cred's linked list.

Browse source 
Add a bit more sanity checking for GSS-API mechanisms that claim to have
delegated creds but don't actually return a cred handle.

MFC after: 2 weeks
This commit is contained in:
Doug Rabson 2008-04-30 11:29:22 +00:00
parent 8294c41328
commit e1a0d9eff3
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=178692
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/libgssapi/gss_accept_sec_context.c
View file

@ -187,10 +187,13 @@ OM_uint32 gss_accept_sec_context(OM_uint32 *minor_status,
*src_name = (gss_name_t) name;
}
if (delegated_mc == GSS_C_NO_CREDENTIAL)
mech_ret_flags &= ~GSS_C_DELEG_FLAG;
if (mech_ret_flags & GSS_C_DELEG_FLAG) {
if (!delegated_cred_handle) {
m->gm_release_cred(minor_status, &delegated_mc);
*ret_flags &= ~GSS_C_DELEG_FLAG;
mech_ret_flags &= ~GSS_C_DELEG_FLAG;
} else {
struct _gss_cred *cred;
struct _gss_mechanism_cred *mc;
@ -200,6 +203,7 @@ OM_uint32 gss_accept_sec_context(OM_uint32 *minor_status,
*minor_status = ENOMEM;
return (GSS_S_FAILURE);
}
SLIST_INIT(&cred->gc_mc);
mc = malloc(sizeof(struct _gss_mechanism_cred));
if (!mc) {
free(cred);