krb5 commit [krb5-1.12]: Do not loop on add_cred_from and other new methods

Tom Yu tlyu at MIT.EDU
Fri Jun 27 13:15:21 EDT 2014 

https://github.com/krb5/krb5/commit/62e3a3372ac483fca2f996fe12109d3536fd1d3e
commit 62e3a3372ac483fca2f996fe12109d3536fd1d3e
Author: Sam Hartman <hartmans at debian.org>
Date:   Wed Jun 4 12:06:27 2014 -0400

    Do not loop on add_cred_from and other new methods
    
    Several new GSS-API methods were added but GSSAPI_ADD_METHOD was
    called to add them rather than GSSAPI_ADD_METHOD_NOLOOP.  This means
    that the implementation from the GSS-API mechglue would be used if the
    mechanism had no implementation.  As a result, the mechglue will call
    into itself exhausting the call stack in an endless loop when one of
    these methods is called.
    
    (cherry picked from commit 41d38531043b99e8daa334f2b6ddf376adf1e878)
    
    ticket: 7926
    version_fixed: 1.12.2
    status: resolved

 src/lib/gssapi/mechglue/g_initialize.c |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index 48a825e..50e37e1 100644
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -680,11 +680,11 @@ build_dynamicMech(void *dl, const gss_OID mech_type)
         GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_inquire_mech_for_saslname);
         /* RFC 5587 */
         GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_inquire_attrs_for_mech);
-	GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_acquire_cred_from);
-	GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_store_cred_into);
+	GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_acquire_cred_from);
+	GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_store_cred_into);
 	GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_acquire_cred_with_password);
-	GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_export_cred);
-	GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_import_cred);
+	GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_export_cred);
+	GSS_ADD_DYNAMIC_METHOD_NOLOOP(dl, mech, gss_import_cred);
 	GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_sec_context_by_mech);
 	GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_name_by_mech);
 	GSS_ADD_DYNAMIC_METHOD(dl, mech, gssspi_import_cred_by_mech);

More information about the cvs-krb5 mailing list