← Back to branch summary

~ubuntu-branches/ubuntu/maverick/krb5/maverick

« back to all changes in this revision

Viewing changes to src/lib/gssapi/krb5/process_context_token.c

  • Committer: Bazaar Package Importer
  • Author(s): Sam Hartman
  • Date: 2009-05-07 16:16:34 UTC
  • mfrom: (13.1.7 sid)
  • Revision ID: james.westby@ubuntu.com-20090507161634-xqyk0s9na0le4flj
Tags: 1.7dfsg~beta1-4
http://bugs.debian.org/527353
When  decrypting the TGS response fails with the subkey, try with the
session key to work around Heimdal bug, Closes: #527353 

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/lib/gssapi/krb5/process_context_token.c
 
1
/* -*- mode: c; indent-tabs-mode: nil -*- */
1
2
/*
2
3
 * Copyright 1993 by OpenVision Technologies, Inc.
3
 
 * 
 
4
 *
4
5
 * Permission to use, copy, modify, distribute, and sell this software
5
6
 * and its documentation for any purpose is hereby granted without fee,
6
7
 * provided that the above copyright notice appears in all copies and
10
11
 * without specific, written prior permission. OpenVision makes no
11
12
 * representations about the suitability of this software for any
12
13
 * purpose.  It is provided "as is" without express or implied warranty.
13
 
 * 
 
14
 *
14
15
 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
15
16
 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
16
17
 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
23
24
#include "gssapiP_krb5.h"
24
25
 
25
26
/*
26
 
 * $Id: process_context_token.c 18396 2006-07-25 20:29:43Z lxs $
 
27
 * $Id: process_context_token.c 20876 2008-10-15 21:58:43Z tlyu $
27
28
 */
28
29
 
29
30
OM_uint32
30
 
krb5_gss_process_context_token(minor_status, context_handle, 
31
 
                               token_buffer)
32
 
     OM_uint32 *minor_status;
33
 
     gss_ctx_id_t context_handle;
34
 
     gss_buffer_t token_buffer;
 
31
krb5_gss_process_context_token(minor_status, context_handle,
 
32
                               token_buffer)
 
33
    OM_uint32 *minor_status;
 
34
    gss_ctx_id_t context_handle;
 
35
    gss_buffer_t token_buffer;
35
36
{
36
 
   krb5_gss_ctx_id_rec *ctx;
37
 
   OM_uint32 majerr;
38
 
 
39
 
   /* validate the context handle */
40
 
   if (! kg_validate_ctx_id(context_handle)) {
41
 
      *minor_status = (OM_uint32) G_VALIDATE_FAILED;
42
 
      return(GSS_S_NO_CONTEXT);
43
 
   }
44
 
 
45
 
   ctx = (krb5_gss_ctx_id_t) context_handle;
46
 
 
47
 
   if (! ctx->established) {
48
 
      *minor_status = KG_CTX_INCOMPLETE;
49
 
      return(GSS_S_NO_CONTEXT);
50
 
   }
51
 
 
52
 
   /* "unseal" the token */
53
 
 
54
 
   if (GSS_ERROR(majerr = kg_unseal(minor_status, context_handle, 
55
 
                                    token_buffer,
56
 
                                    GSS_C_NO_BUFFER, NULL, NULL,
57
 
                                    KG_TOK_DEL_CTX)))
58
 
      return(majerr);
59
 
 
60
 
   /* that's it.  delete the context */
61
 
 
62
 
   return(krb5_gss_delete_sec_context(minor_status, &context_handle,
63
 
                                      GSS_C_NO_BUFFER));
 
37
    krb5_gss_ctx_id_rec *ctx;
 
38
    OM_uint32 majerr;
 
39
 
 
40
    /* validate the context handle */
 
41
    if (! kg_validate_ctx_id(context_handle)) {
 
42
        *minor_status = (OM_uint32) G_VALIDATE_FAILED;
 
43
        return(GSS_S_NO_CONTEXT);
 
44
    }
 
45
 
 
46
    ctx = (krb5_gss_ctx_id_t) context_handle;
 
47
 
 
48
    if (! ctx->established) {
 
49
        *minor_status = KG_CTX_INCOMPLETE;
 
50
        return(GSS_S_NO_CONTEXT);
 
51
    }
 
52
 
 
53
    /* "unseal" the token */
 
54
 
 
55
    if (GSS_ERROR(majerr = kg_unseal(minor_status, context_handle,
 
56
                                     token_buffer,
 
57
                                     GSS_C_NO_BUFFER, NULL, NULL,
 
58
                                     KG_TOK_DEL_CTX)))
 
59
        return(majerr);
 
60
 
 
61
    /* that's it.  delete the context */
 
62
 
 
63
    return(krb5_gss_delete_sec_context(minor_status, &context_handle,
 
64
                                       GSS_C_NO_BUFFER));
64
65
}