gss_display_status() bug dealing with minor/mech specific error codes?
Greg Hudson
ghudson at MIT.EDU
Tue Apr 23 22:29:35 EDT 2013
On 04/23/2013 06:51 PM, Will Fiveash wrote:
> I think there is a bug in MIT's gss_display_status() when dealing with
> mech specific minor codes. Here is my test program:
Our mechglue's gss_display_status can only translate minor codes which
were returned from another GSSAPI function within the same process.
It's not a translation facility for error codes returned from libkrb5
functions or plucked from libkrb5's com_err tables, even if you supply
the krb5 mech OID as the req_mech_type parameter (which we ignore).
> gssint_mecherrmap_get() is passing the global variable m, defined in
> src/lib/gssapi/generic/util_errmap.c, to mecherrmap_findleft() but I
> don't believe it has been initialized. AFAICT, m is initialized by
> gssint_mecherrmap_init() yet I don't see that call in the truss output.
> Thoughts?
It's true that the map hasn't been initialized in this code path, but it
doesn't matter. There wouldn't be an entry for the minor code either
way. (You can test this by adding a call to
gssint_mechglue_initialize_library at the beginning of gss_display_status.)
More information about the krbdev
mailing list