gss_name_t server = GSS_C_NO_NAME;
gss_name_t gss_client_name = GSS_C_NO_NAME;
unsigned short us_length;
- char *user = NULL;
unsigned char socksreq[4]; /* room for GSS-API exchange header only */
const char *serviceptr = data->set.str[STRING_PROXY_SERVICE_NAME] ?
data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd";
failf(data, "Failed to determine username.");
return CURLE_COULDNT_CONNECT;
}
- user = malloc(gss_send_token.length + 1);
- if(!user) {
- Curl_gss_delete_sec_context(&gss_status, &gss_context, NULL);
- gss_release_name(&gss_status, &gss_client_name);
- gss_release_buffer(&gss_status, &gss_send_token);
- return CURLE_OUT_OF_MEMORY;
- }
- memcpy(user, gss_send_token.value, gss_send_token.length);
- user[gss_send_token.length] = '\0';
+ infof(data, "SOCKS5 server authenticated user %.*s with GSS-API.",
+ (int)gss_send_token.length, (char *)gss_send_token.value);
+
gss_release_name(&gss_status, &gss_client_name);
gss_release_buffer(&gss_status, &gss_send_token);
- infof(data, "SOCKS5 server authenticated user %s with GSS-API.",user);
- free(user);
- user = NULL;
/* Do encryption */
socksreq[0] = 1; /* GSS-API subnegotiation version */
const char *passwd,
struct bufref *out)
{
- char *plainauth;
- size_t plainlen;
- size_t zlen;
- size_t clen;
- size_t plen;
+ size_t len;
+ char *auth;
- zlen = (authzid == NULL ? 0 : strlen(authzid));
- clen = strlen(authcid);
- plen = strlen(passwd);
+ size_t zlen = (authzid == NULL ? 0 : strlen(authzid));
+ size_t clen = strlen(authcid);
+ size_t plen = strlen(passwd);
- /* Compute binary message length. Check for overflows. */
- if((zlen > SIZE_MAX/4) || (clen > SIZE_MAX/4) ||
- (plen > (SIZE_MAX/2 - 2)))
- return CURLE_OUT_OF_MEMORY;
- plainlen = zlen + clen + plen + 2;
+ if((zlen > CURL_MAX_INPUT_LENGTH) || (clen > CURL_MAX_INPUT_LENGTH) ||
+ (plen > CURL_MAX_INPUT_LENGTH))
+ return CURLE_TOO_LARGE;
- plainauth = malloc(plainlen + 1);
- if(!plainauth)
- return CURLE_OUT_OF_MEMORY;
+ len = zlen + clen + plen + 2;
- /* Calculate the reply */
- if(zlen)
- memcpy(plainauth, authzid, zlen);
- plainauth[zlen] = '\0';
- memcpy(plainauth + zlen + 1, authcid, clen);
- plainauth[zlen + clen + 1] = '\0';
- memcpy(plainauth + zlen + clen + 2, passwd, plen);
- plainauth[plainlen] = '\0';
- Curl_bufref_set(out, plainauth, plainlen, curl_free);
+ auth = curl_maprintf("%s%c%s%c%s", authzid ? authzid : "", '\0',
+ authcid, '\0', passwd);
+ if(!auth)
+ return CURLE_OUT_OF_MEMORY;
+ Curl_bufref_set(out, auth, len, curl_free);
return CURLE_OK;
}
Curl_sspi_free_identity(p_identity);
}
- resp = malloc(output_token_len + 1);
+ resp = Curl_memdup0((const char *)output_token, output_token_len);
+ free(output_token);
if(!resp) {
- free(output_token);
-
return CURLE_OUT_OF_MEMORY;
}
- /* Copy the generated response */
- memcpy(resp, output_token, output_token_len);
- resp[output_token_len] = 0;
-
/* Return the response */
*outptr = resp;
*outlen = output_token_len;
-
- /* Free the response buffer */
- free(output_token);
-
return CURLE_OK;
}
#include "../select.h"
#include "../setopt.h"
#include "../rand.h"
+#include "../strdup.h"
#ifdef USE_APPLE_SECTRUST
#include <Security/Security.h>
result = CURLE_SSL_CONNECT_ERROR;
goto out;
}
- connssl->negotiated.alpn = malloc(proto_len + 1);
+ connssl->negotiated.alpn = Curl_memdup0((const char *)proto, proto_len);
if(!connssl->negotiated.alpn)
return CURLE_OUT_OF_MEMORY;
- memcpy(connssl->negotiated.alpn, proto, proto_len);
- connssl->negotiated.alpn[proto_len] = 0;
}
if(proto && proto_len) {
projects / thirdparty / curl.git / commitdiff
