This is an automated email from the git hooks/post-receive script.
rharwood pushed a change to branch master
in repository gssproxy.
from 25c5874 Fix incorrect use of non-null terminated string
new 02d9a79 Fix another incorrect use of non-null term. string
new ba27dee Always check if we have a remote credential
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
proxy/src/mechglue/gpp_acquire_cred.c | 43 +++++++++++++++++------------------
proxy/src/mechglue/gpp_creds.c | 9 +++++---
2 files changed, 27 insertions(+), 25 deletions(-)
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
Show replies by thread
This is an automated email from the git hooks/post-receive script.
rharwood pushed a commit to branch master
in repository gssproxy.
commit 02d9a798c1019f93579e5d29b0b21c0570717dc2
Author: Simo Sorce <simo(a)redhat.com>
Date: Thu Feb 23 13:32:06 2017 -0500
Fix another incorrect use of non-null term. string
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Reviewed-by: Robbie Harwood <rharwood(a)redhat.com>
PR: #50
---
proxy/src/mechglue/gpp_creds.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/proxy/src/mechglue/gpp_creds.c b/proxy/src/mechglue/gpp_creds.c
index 38d03fd..37517d6 100644
--- a/proxy/src/mechglue/gpp_creds.c
+++ b/proxy/src/mechglue/gpp_creds.c
@@ -103,9 +103,12 @@ OM_uint32 gppint_retrieve_remote_creds(uint32_t *min, const char
*ccache_name,
if (ret) goto done;
if (name) {
- ret = krb5_parse_name(ctx,
- name->display_name.octet_string_val,
- &icred.client);
+ char client_name[name->display_name.octet_string_len + 1];
+ memcpy(client_name, name->display_name.octet_string_val,
+ name->display_name.octet_string_len);
+ client_name[name->display_name.octet_string_len] = '\0';
+
+ ret = krb5_parse_name(ctx, client_name, &icred.client);
} else {
ret = krb5_cc_get_principal(ctx, ccache, &icred.client);
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
This is an automated email from the git hooks/post-receive script.
rharwood pushed a commit to branch master
in repository gssproxy.
commit ba27dee8a32750493664e720f751db2ff652d9a0
Author: Simo Sorce <simo(a)redhat.com>
Date: Thu Feb 23 13:56:34 2017 -0500
Always check if we have a remote credential
Even if we are not given an explicit ccache, check if the ccache we are
going to use for operations on the client side has a stored remote
credential. If one is found use it.
Signed-off-by: Simo Sorce <simo(a)redhat.com>
Reviewed-by: Robbie Harwood <rharwood(a)redhat.com>
PR: #51
---
proxy/src/mechglue/gpp_acquire_cred.c | 43 +++++++++++++++++------------------
1 file changed, 21 insertions(+), 22 deletions(-)
diff --git a/proxy/src/mechglue/gpp_acquire_cred.c
b/proxy/src/mechglue/gpp_acquire_cred.c
index 1444728..277e61a 100644
--- a/proxy/src/mechglue/gpp_acquire_cred.c
+++ b/proxy/src/mechglue/gpp_acquire_cred.c
@@ -88,6 +88,7 @@ OM_uint32 gssi_acquire_cred_from(OM_uint32 *minor_status,
struct gpp_name_handle *name;
struct gpp_cred_handle *out_cred_handle = NULL;
struct gssx_cred *in_cred_remote = NULL;
+ const char *ccache_name = NULL;
OM_uint32 maj, min;
OM_uint32 tmaj, tmin;
@@ -111,29 +112,27 @@ OM_uint32 gssi_acquire_cred_from(OM_uint32 *minor_status,
name = (struct gpp_name_handle *)desired_name;
behavior = gpp_get_behavior();
- /* if a cred_store option is passed in, check if it references
- * valid credentials, if so switch behavior appropriately */
- if (cred_store) {
- for (unsigned i = 0; i < cred_store->count; i++) {
- if (strcmp(cred_store->elements[i].key, "ccache") == 0) {
- gssx_cred remote = {0};
- maj = gppint_retrieve_remote_creds(&min,
- cred_store->elements[i].value, NULL, &remote);
- if (maj == GSS_S_COMPLETE) {
- in_cred_remote = malloc(sizeof(gssx_cred));
- if (!in_cred_remote) {
- maj = GSS_S_FAILURE;
- min = ENOMEM;
- goto done;
- }
- *in_cred_remote = remote;
- break;
- }
- }
+ /* Always check if we have remote creds stored in the local ccache */
+ for (unsigned i = 0; cred_store && i < cred_store->count; i++) {
+ if (strcmp(cred_store->elements[i].key, "ccache") == 0) {
+ ccache_name = cred_store->elements[i].value;
+ break;
}
- if (in_cred_remote) {
- behavior = GPP_REMOTE_ONLY;
- } else {
+ }
+
+ in_cred_remote = calloc(1, sizeof(gssx_cred));
+ if (!in_cred_remote) {
+ maj = GSS_S_FAILURE;
+ min = ENOMEM;
+ goto done;
+ }
+ maj = gppint_retrieve_remote_creds(&min, ccache_name, NULL,
+ in_cred_remote);
+ if (maj == GSS_S_COMPLETE) {
+ behavior = GPP_REMOTE_ONLY;
+ } else {
+ safefree(in_cred_remote);
+ if (ccache_name) {
behavior = GPP_LOCAL_ONLY;
}
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.