← Back to branch summary

~ubuntu-branches/ubuntu/maverick/krb5/maverick

« back to all changes in this revision

Viewing changes to src/lib/gssapi/mechglue/g_acquire_cred.c

  • Committer: Bazaar Package Importer
  • Author(s): Sam Hartman
  • Date: 2009-05-07 16:16:34 UTC
  • mfrom: (13.1.7 sid)
  • Revision ID: james.westby@ubuntu.com-20090507161634-xqyk0s9na0le4flj
Tags: 1.7dfsg~beta1-4
http://bugs.debian.org/527353
When  decrypting the TGS response fails with the subkey, try with the
session key to work around Heimdal bug, Closes: #527353 

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/lib/gssapi/mechglue/g_acquire_cred.c
105
105
    if (output_cred_handle == NULL)
106
106
        return (GSS_S_CALL_INACCESSIBLE_WRITE);
107
107
 
 
108
    if (cred_usage != GSS_C_ACCEPT
 
109
        && cred_usage != GSS_C_INITIATE
 
110
        && cred_usage != GSS_C_BOTH) {
 
111
        if (minor_status) {
 
112
            *minor_status = EINVAL;
 
113
            map_errcode(minor_status);
 
114
        }
 
115
        return GSS_S_FAILURE;
 
116
    }
 
117
 
108
118
    return (GSS_S_COMPLETE);
109
119
}
110
120
 
135
145
    gss_OID_set mechs;
136
146
    gss_OID_desc default_OID;
137
147
    gss_mechanism mech;
138
 
    int i;
 
148
    unsigned int i;
139
149
    gss_union_cred_t creds;
140
150
 
141
151
    major = val_acq_cred_args(minor_status,
281
291
 
282
292
    if (input_cred_handle == GSS_C_NO_CREDENTIAL &&
283
293
        output_cred_handle == NULL)
284
 
 
285
294
        return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED);
286
295
 
 
296
    if (cred_usage != GSS_C_ACCEPT
 
297
        && cred_usage != GSS_C_INITIATE
 
298
        && cred_usage != GSS_C_BOTH) {
 
299
        if (minor_status) {
 
300
            *minor_status = EINVAL;
 
301
            map_errcode(minor_status);
 
302
        }
 
303
        return GSS_S_FAILURE;
 
304
    }
 
305
 
287
306
    return (GSS_S_COMPLETE);
288
307
}
289
308
 
362
381
                internal_name = union_name->mech_name;
363
382
            else {
364
383
                if (gssint_import_internal_name(minor_status,
365
 
                                               &mech->mech_type, union_name,
366
 
                                               &allocated_name) != GSS_S_COMPLETE)
 
384
                                                &mech->mech_type, union_name,
 
385
                                                &allocated_name) != GSS_S_COMPLETE)
367
386
                    return (GSS_S_BAD_NAME);
368
387
                internal_name = allocated_name;
369
388
            }
378
397
    else if (cred_usage == GSS_C_BOTH)
379
398
        time_req = (acceptor_time_req > initiator_time_req) ?
380
399
            acceptor_time_req : initiator_time_req;
 
400
    else
 
401
        time_req = 0;
381
402
 
382
 
    status = mech->gss_acquire_cred(mech->context, minor_status,
 
403
    status = mech->gss_acquire_cred(minor_status,
383
404
                                    internal_name, time_req,
384
405
                                    GSS_C_NULL_OID_SET, cred_usage,
385
406
                                    &cred, NULL, &time_rec);
386
407
 
387
 
    if (status != GSS_S_COMPLETE)
 
408
    if (status != GSS_S_COMPLETE) {
 
409
        map_error(minor_status, mech);
388
410
        goto errout;
 
411
    }
389
412
 
390
413
    /* may need to set credential auxinfo strucutre */
391
414
    if (union_cred->auxinfo.creation_time == 0) {
400
423
        if (internal_name == NULL) {
401
424
            if (mech->gss_inquire_cred == NULL ||
402
425
                ((status = mech->gss_inquire_cred(
403
 
                      mech->context,
404
426
                      &temp_minor_status, cred,
405
427
                      &allocated_name, NULL, NULL,
406
428
                      NULL)) != GSS_S_COMPLETE))
409
431
        }
410
432
 
411
433
        if (internal_name != GSS_C_NO_NAME) {
412
 
            status = mech->gss_display_name(mech->context,
413
 
                                            &temp_minor_status, internal_name,
 
434
            status = mech->gss_display_name(&temp_minor_status, internal_name,
414
435
                                            &union_cred->auxinfo.name,
415
436
                                            &union_cred->auxinfo.name_type);
416
437
        
498
519
        free(new_cred_array);
499
520
 
500
521
    if (cred != NULL && mech->gss_release_cred)
501
 
        mech->gss_release_cred(mech->context,
502
 
                               &temp_minor_status, &cred);
 
522
        mech->gss_release_cred(&temp_minor_status, &cred);
503
523
 
504
524
    if (allocated_name)
505
525
        (void) gssint_release_internal_name(&temp_minor_status,