← Back to branch summary

~ubuntu-branches/ubuntu/maverick/krb5/maverick

« back to all changes in this revision

Viewing changes to src/lib/krb5/os/an_to_ln.c

  • Committer: Bazaar Package Importer
  • Author(s): Sam Hartman
  • Date: 2009-05-07 16:16:34 UTC
  • mfrom: (13.1.7 sid)
  • Revision ID: james.westby@ubuntu.com-20090507161634-xqyk0s9na0le4flj
Tags: 1.7dfsg~beta1-4
http://bugs.debian.org/527353
When  decrypting the TGS response fails with the subkey, try with the
session key to work around Heimdal bug, Closes: #527353 

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/lib/krb5/os/an_to_ln.c
1
1
/*
2
2
 * lib/krb5/os/an_to_ln.c
3
3
 *
4
 
 * Copyright 1990,1991 by the Massachusetts Institute of Technology.
 
4
 * Copyright 1990,1991,2007,2008 by the Massachusetts Institute of Technology.
5
5
 * All Rights Reserved.
6
6
 *
7
7
 * Export of this software from the United States of America may
47
47
#include <regexpr.h>
48
48
#endif  /* !HAVE_REGCOMP && HAVE_REGEXP_H && HAVE_COMPILE */
49
49
 
50
 
#define MAX_FORMAT_BUFFER       1024
 
50
#define MAX_FORMAT_BUFFER       ((size_t)1024)
51
51
#ifndef min
52
52
#define min(a,b)        ((a>b) ? b : a)
53
53
#endif  /* min */
115
115
 
116
116
    db = KDBM_OPEN(dbname, O_RDONLY, 0600);
117
117
    if (!db) {
118
 
        krb5_xfree(princ_name);
 
118
        free(princ_name);
119
119
        return KRB5_LNAME_CANTOPEN;
120
120
    }
121
121
 
122
122
    contents = KDBM_FETCH(db, key);
123
123
 
124
 
    krb5_xfree(princ_name);
 
124
    free(princ_name);
125
125
 
126
126
    if (contents.dptr == NULL) {
127
127
        retval = KRB5_LNAME_NOTRANS;
438
438
                    memset(out, '\0', MAX_FORMAT_BUFFER);
439
439
                    if (!do_replacement(rule, repl, doglobal, in, out)) {
440
440
                        free(rule);
441
 
                    free(repl);
 
441
                        free(repl);
442
442
                        kret = KRB5_LNAME_NOTRANS;
443
443
                        break;
444
444
                    }
453
453
                }
454
454
                else {
455
455
                    /* No memory for copies */
 
456
                    free(rule);
456
457
                    kret = ENOMEM;
457
458
                    break;
458
459
                }
582
583
            if (!(selstring = aname_full_to_mapping_name(fprincname)))
583
584
                kret = ENOMEM;
584
585
        }
585
 
        krb5_xfree(fprincname);
 
586
        free(fprincname);
586
587
    }
587
588
    if (!kret) {
588
589
        /*
599
600
            kret = aname_replacer(selstring, &current, &outstring);
600
601
            if (outstring) {
601
602
                /* Copy out the value if there's enough room */
602
 
                if (strlen(outstring)+1 <= (size_t) lnsize)
603
 
                    strcpy(lname, outstring);
604
 
                else
 
603
                if (strlcpy(lname, outstring, lnsize) >= lnsize)
605
604
                    kret = KRB5_CONFIG_NOTENUFSPACE;
606
605
                free(outstring);
607
606
            }
630
629
    if ((retval = krb5_get_default_realm(context, &def_realm))) {
631
630
        return(retval);
632
631
    }
633
 
    if (((size_t) realm_length != strlen(def_realm)) ||
634
 
        (memcmp(def_realm, krb5_princ_realm(context, aname)->data, realm_length))) {
 
632
    if (!data_eq_string(*krb5_princ_realm(context, aname), def_realm)) {
635
633
        free(def_realm);
636
634
        return KRB5_LNAME_NOTRANS;
637
635
    }
675
673
*/
676
674
 
677
675
krb5_error_code KRB5_CALLCONV
678
 
krb5_aname_to_localname(krb5_context context, krb5_const_principal aname, const int lnsize_in, char *lname)
 
676
krb5_aname_to_localname(krb5_context context, krb5_const_principal aname, int lnsize_in, char *lname)
679
677
{
680
678
    krb5_error_code     kret;
681
679
    char                *realm;
705
703
                 *
706
704
                 * [realms]->realm->"auth_to_local_names"->mapping_name
707
705
                 */
708
 
                hierarchy[0] = "realms";
 
706
                hierarchy[0] = KRB5_CONF_REALMS;
709
707
                hierarchy[1] = realm;
710
 
                hierarchy[2] = "auth_to_local_names";
 
708
                hierarchy[2] = KRB5_CONF_AUTH_TO_LOCAL_NAMES;
711
709
                hierarchy[3] = mname;
712
710
                hierarchy[4] = (char *) NULL;
713
711
                if (!(kret = profile_get_values(context->profile,
728
726
                    }
729
727
 
730
728
                    /* Copy out the value if there's enough room */
731
 
                    if (strlen(mapping_values[nvalid-1])+1 <= (size_t) lnsize)
732
 
                        strcpy(lname, mapping_values[nvalid-1]);
733
 
                    else
 
729
                    if (strlcpy(lname, mapping_values[nvalid-1],
 
730
                                lnsize) >= lnsize)
734
731
                        kret = KRB5_CONFIG_NOTENUFSPACE;
735
732
 
736
733
                    /* Free residue */
750
747
                     *  DEFAULT         - Use default rule.
751
748
                     * The first rule to find a match is used.
752
749
                     */
753
 
                    hierarchy[0] = "realms";
 
750
                    hierarchy[0] = KRB5_CONF_REALMS;
754
751
                    hierarchy[1] = realm;
755
 
                    hierarchy[2] = "auth_to_local";
 
752
                    hierarchy[2] = KRB5_CONF_AUTH_TO_LOCAL;
756
753
                    hierarchy[3] = (char *) NULL;
757
754
                    if (!(kret = profile_get_values(context->profile,
758
755
                                                    hierarchy,
822
819
            }
823
820
            else
824
821
                kret = ENOMEM;
825
 
            krb5_xfree(pname);
 
822
            free(pname);
826
823
        }
827
 
        krb5_xfree(realm);
 
824
        free(realm);
828
825
    }
829
826
    return(kret);
830
827
}