Add some assertion checks, deal with cred->princ == NULL for acceptor creds

author Luke Howard <lukeh@padl.com>

Wed, 26 Aug 2009 16:59:17 +0000 (16:59 +0000)

committer Luke Howard <lukeh@padl.com>

Wed, 26 Aug 2009 16:59:17 +0000 (16:59 +0000)
author Luke Howard <lukeh@padl.com>
Wed, 26 Aug 2009 16:59:17 +0000 (16:59 +0000)
committer Luke Howard <lukeh@padl.com>
Wed, 26 Aug 2009 16:59:17 +0000 (16:59 +0000)
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c

index 098edd6b59ce3936fb79bd911ce9308732d9f799..4ce850891488e7e80cbc55d1e3bfff7ed19d8c38 100644 (file)
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -537,7 +537,7 @@ kg_accept_krb5(minor_status, context_handle,
      }
  
      if ((code = krb5_rd_req(context, &auth_context, &ap_req,
-                            cred->name->princ,
+                            cred->name ? cred->name->princ : NULL,
                              cred->keytab,
                              &ap_req_options,
                              &ticket))) {
@@ -1150,7 +1150,7 @@ fail:
          krb_error_data.error = code;
          (void) krb5_us_timeofday(context, &krb_error_data.stime,
                                   &krb_error_data.susec);
-        krb_error_data.server = cred->name->princ;
+        krb_error_data.server = cred->name ? cred->name->princ : NULL;
  
          code = krb5_mk_error(context, &krb_error_data, &scratch);
          if (code)
diff --git a/src/lib/gssapi/krb5/add_cred.c b/src/lib/gssapi/krb5/add_cred.c

index 383e6f5c3b5cd439703b5e618e688e354d697e08..cb14a5c9bdc198cb211f9b27c2be679dd7e940c1 100644 (file)
--- a/src/lib/gssapi/krb5/add_cred.c
+++ b/src/lib/gssapi/krb5/add_cred.c
@@ -260,6 +260,8 @@ krb5_gss_add_cred(minor_status, input_cred_handle,
  
          if (cred->rcache) {
              /* Open the replay cache for this principal. */
+            assert(cred->name->princ != NULL);
+
              if ((code = krb5_get_server_rcache(context,
                                                 krb5_princ_component(context, cred->name->princ, 0),
                                                 &new_cred->rcache))) {
diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c

index b612f63748c7a0b783f3e3dbfb5cdf4c219c88f9..66556e3f065847ed0d2a6616315341bafc431bb5 100644 (file)
--- a/src/lib/gssapi/krb5/init_sec_context.c
+++ b/src/lib/gssapi/krb5/init_sec_context.c
@@ -134,6 +134,8 @@ static krb5_error_code get_credentials(context, cred, server, now,
      memset(&in_creds, 0, sizeof(krb5_creds));
      in_creds.client = in_creds.server = NULL;
  
+    assert(cred->name != NULL);
+
      in_creds.client = cred->name->princ;
      in_creds.server = server->princ;
      in_creds.times.endtime = endtime;
@@ -192,6 +194,8 @@ make_gss_checksum (krb5_context context, krb5_auth_context auth_context,
          krb5_auth_con_setflags(context, auth_context,
                                 con_flags & ~KRB5_AUTH_CONTEXT_DO_TIME);
  
+        assert(data->cred->name != NULL);
+
          code = krb5_fwd_tgt_creds(context, auth_context, 0,
                                    data->cred->name->princ, data->ctx->there->princ,
                                    data->cred->ccache, 1,
author	Luke Howard <lukeh@padl.com>
	Wed, 26 Aug 2009 16:59:17 +0000 (16:59 +0000)
committer	Luke Howard <lukeh@padl.com>
	Wed, 26 Aug 2009 16:59:17 +0000 (16:59 +0000)
src/lib/gssapi/krb5/accept_sec_context.c		patch \| blob \| blame \| history
src/lib/gssapi/krb5/add_cred.c		patch \| blob \| blame \| history
src/lib/gssapi/krb5/init_sec_context.c		patch \| blob \| blame \| history