From: Luke Howard <lukeh@padl.com>
Date: Wed, 26 Aug 2009 16:59:17 +0000 (+0000)
Subject: Add some assertion checks, deal with cred->princ == NULL for acceptor creds
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d39a0a7a512bc5d141a27055b13ffca799bb1b18;p=thirdparty%2Fkrb5.git

Add some assertion checks, deal with cred->princ == NULL for acceptor creds

git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/authdata@22627 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index 098edd6b59..4ce8508914 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -537,7 +537,7 @@ kg_accept_krb5(minor_status, context_handle,
     }
 
     if ((code = krb5_rd_req(context, &auth_context, &ap_req,
-                            cred->name->princ,
+                            cred->name ? cred->name->princ : NULL,
                             cred->keytab,
                             &ap_req_options,
                             &ticket))) {
@@ -1150,7 +1150,7 @@ fail:
         krb_error_data.error = code;
         (void) krb5_us_timeofday(context, &krb_error_data.stime,
                                  &krb_error_data.susec);
-        krb_error_data.server = cred->name->princ;
+        krb_error_data.server = cred->name ? cred->name->princ : NULL;
 
         code = krb5_mk_error(context, &krb_error_data, &scratch);
         if (code)
diff --git a/src/lib/gssapi/krb5/add_cred.c b/src/lib/gssapi/krb5/add_cred.c
index 383e6f5c3b..cb14a5c9bd 100644
--- a/src/lib/gssapi/krb5/add_cred.c
+++ b/src/lib/gssapi/krb5/add_cred.c
@@ -260,6 +260,8 @@ krb5_gss_add_cred(minor_status, input_cred_handle,
 
         if (cred->rcache) {
             /* Open the replay cache for this principal. */
+            assert(cred->name->princ != NULL);
+
             if ((code = krb5_get_server_rcache(context,
                                                krb5_princ_component(context, cred->name->princ, 0),
                                                &new_cred->rcache))) {
diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c
index b612f63748..66556e3f06 100644
--- a/src/lib/gssapi/krb5/init_sec_context.c
+++ b/src/lib/gssapi/krb5/init_sec_context.c
@@ -134,6 +134,8 @@ static krb5_error_code get_credentials(context, cred, server, now,
     memset(&in_creds, 0, sizeof(krb5_creds));
     in_creds.client = in_creds.server = NULL;
 
+    assert(cred->name != NULL);
+
     in_creds.client = cred->name->princ;
     in_creds.server = server->princ;
     in_creds.times.endtime = endtime;
@@ -192,6 +194,8 @@ make_gss_checksum (krb5_context context, krb5_auth_context auth_context,
         krb5_auth_con_setflags(context, auth_context,
                                con_flags & ~KRB5_AUTH_CONTEXT_DO_TIME);
 
+        assert(data->cred->name != NULL);
+
         code = krb5_fwd_tgt_creds(context, auth_context, 0,
                                   data->cred->name->princ, data->ctx->there->princ,
                                   data->cred->ccache, 1,