krb5 commit [krb5-1.14]: Enable interposing gss_inquire_saslname_for_mech
Tom Yu
tlyu at mit.edu
Tue Apr 5 23:02:52 EDT 2016
https://github.com/krb5/krb5/commit/41dc51a04f7581daec639342a3ac629388618d52
commit 41dc51a04f7581daec639342a3ac629388618d52
Author: Robbie Harwood <rharwood at redhat.com>
Date: Tue Jan 12 11:13:09 2016 -0500
Enable interposing gss_inquire_saslname_for_mech
The behavior of gss_inquire_saslname_for_mech() changes slightly, to
report GSS_S_BAD_MECH when an unsupported mech oid is given. Also
call map_error() on the minor code resulting from the mech.
Note that gss_inquire_mech_for_saslname() cannot be interposed, as
mech_type is specified as output-only in RFC 5801.
(cherry picked from commit 92dbcf2eb436933f769c17e6a10f671992636e5f)
ticket: 8359
version_fixed: 1.14.2
status: resolved
tags: -pullup
src/lib/gssapi/mechglue/g_saslname.c | 27 ++++++++++++++++++++-------
1 files changed, 20 insertions(+), 7 deletions(-)
diff --git a/src/lib/gssapi/mechglue/g_saslname.c b/src/lib/gssapi/mechglue/g_saslname.c
index b025d9c..48060c3 100644
--- a/src/lib/gssapi/mechglue/g_saslname.c
+++ b/src/lib/gssapi/mechglue/g_saslname.c
@@ -113,7 +113,8 @@ OM_uint32 KRB5_CALLCONV gss_inquire_saslname_for_mech(
gss_buffer_t mech_name,
gss_buffer_t mech_description)
{
- OM_uint32 status = GSS_S_BAD_MECH;
+ OM_uint32 status;
+ gss_OID selected_mech, public_mech;
gss_mechanism mech;
if (minor_status == NULL)
@@ -136,15 +137,26 @@ OM_uint32 KRB5_CALLCONV gss_inquire_saslname_for_mech(
mech_description->value = NULL;
}
+ status = gssint_select_mech_type(minor_status, desired_mech,
+ &selected_mech);
+ if (status != GSS_S_COMPLETE)
+ return status;
+
mech = gssint_get_mechanism(desired_mech);
- if (mech != NULL && mech->gss_inquire_saslname_for_mech != NULL) {
- status = mech->gss_inquire_saslname_for_mech(minor_status,
- desired_mech,
- sasl_mech_name,
- mech_name,
+ if (mech == NULL) {
+ return GSS_S_BAD_MECH;
+ } else if (mech->gss_inquire_saslname_for_mech == NULL) {
+ status = GSS_S_UNAVAILABLE;
+ } else {
+ public_mech = gssint_get_public_oid(selected_mech);
+ status = mech->gss_inquire_saslname_for_mech(minor_status, public_mech,
+ sasl_mech_name, mech_name,
mech_description);
+ if (status != GSS_S_COMPLETE)
+ map_error(minor_status, mech);
}
- if (status == GSS_S_BAD_MECH) {
+
+ if (status == GSS_S_UNAVAILABLE) {
if (sasl_mech_name != GSS_C_NO_BUFFER)
status = oidToSaslNameAlloc(minor_status, desired_mech,
sasl_mech_name);
@@ -155,6 +167,7 @@ OM_uint32 KRB5_CALLCONV gss_inquire_saslname_for_mech(
return status;
}
+/* We cannot interpose this function as mech_type is an output parameter. */
OM_uint32 KRB5_CALLCONV gss_inquire_mech_for_saslname(
OM_uint32 *minor_status,
const gss_buffer_t sasl_mech_name,
More information about the cvs-krb5
mailing list