krb5 commit: Correct GSS major code for non-default QOP values
Greg Hudson
ghudson at mit.edu
Wed Sep 30 18:44:10 EDT 2015
https://github.com/krb5/krb5/commit/45ccc1c85f42e4f41f2042df8a51dd7826533029
commit 45ccc1c85f42e4f41f2042df8a51dd7826533029
Author: Tomas Kuthan <tkuthan at gmail.com>
Date: Wed Sep 30 15:34:26 2015 +0200
Correct GSS major code for non-default QOP values
This patch fixes several krb5 mech error cases to comply with RFC
2743; non-default QOP arguments should result in GSS_S_BAD_QOP, not
GSS_S_FAILURE.
[ghudson at mit.edu: edit commit message]
ticket: 8258 (new)
target_version: 1.14
tags: pullup
src/lib/gssapi/krb5/k5seal.c | 2 +-
src/lib/gssapi/krb5/k5sealiov.c | 4 ++--
src/lib/gssapi/krb5/wrap_size_limit.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c
index f1c74dd..4da531b 100644
--- a/src/lib/gssapi/krb5/k5seal.c
+++ b/src/lib/gssapi/krb5/k5seal.c
@@ -337,7 +337,7 @@ kg_seal(minor_status, context_handle, conf_req_flag, qop_req,
them later. */
if (qop_req != 0) {
*minor_status = (OM_uint32) G_UNKNOWN_QOP;
- return GSS_S_FAILURE;
+ return GSS_S_BAD_QOP;
}
ctx = (krb5_gss_ctx_id_rec *) context_handle;
diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c
index b53e348..88caa85 100644
--- a/src/lib/gssapi/krb5/k5sealiov.c
+++ b/src/lib/gssapi/krb5/k5sealiov.c
@@ -277,7 +277,7 @@ kg_seal_iov(OM_uint32 *minor_status,
if (qop_req != 0) {
*minor_status = (OM_uint32)G_UNKNOWN_QOP;
- return GSS_S_FAILURE;
+ return GSS_S_BAD_QOP;
}
ctx = (krb5_gss_ctx_id_rec *)context_handle;
@@ -342,7 +342,7 @@ kg_seal_iov_length(OM_uint32 *minor_status,
if (qop_req != GSS_C_QOP_DEFAULT) {
*minor_status = (OM_uint32)G_UNKNOWN_QOP;
- return GSS_S_FAILURE;
+ return GSS_S_BAD_QOP;
}
ctx = (krb5_gss_ctx_id_rec *)context_handle;
diff --git a/src/lib/gssapi/krb5/wrap_size_limit.c b/src/lib/gssapi/krb5/wrap_size_limit.c
index ed5c599..7959f42 100644
--- a/src/lib/gssapi/krb5/wrap_size_limit.c
+++ b/src/lib/gssapi/krb5/wrap_size_limit.c
@@ -91,7 +91,7 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag,
/* only default qop is allowed */
if (qop_req != GSS_C_QOP_DEFAULT) {
*minor_status = (OM_uint32) G_UNKNOWN_QOP;
- return(GSS_S_FAILURE);
+ return GSS_S_BAD_QOP;
}
ctx = (krb5_gss_ctx_id_rec *) context_handle;
More information about the cvs-krb5
mailing list