252 lines
8.1 KiB
Plaintext
252 lines
8.1 KiB
Plaintext
Index: src/lib/gssapi/krb5/k5sealv3.c
|
|
===================================================================
|
|
--- src/lib/gssapi/krb5/k5sealv3.c (.../tags/krb5-1-6-final) (Revision 19119)
|
|
+++ src/lib/gssapi/krb5/k5sealv3.c (.../branches/krb5-1-6) (Revision 19119)
|
|
@@ -412,10 +412,16 @@
|
|
if (load_16_be(althdr) != 0x0504
|
|
|| althdr[2] != ptr[2]
|
|
|| althdr[3] != ptr[3]
|
|
- || memcmp(althdr+8, ptr+8, 8))
|
|
+ || memcmp(althdr+8, ptr+8, 8)) {
|
|
+ free(plain.data);
|
|
goto defective;
|
|
+ }
|
|
message_buffer->value = plain.data;
|
|
message_buffer->length = plain.length - ec - 16;
|
|
+ if(message_buffer->length == 0) {
|
|
+ free(message_buffer->value);
|
|
+ message_buffer->value = NULL;
|
|
+ }
|
|
} else {
|
|
/* no confidentiality */
|
|
if (conf_state)
|
|
Index: src/lib/krb5/keytab/kt_file.c
|
|
===================================================================
|
|
--- src/lib/krb5/keytab/kt_file.c (.../tags/krb5-1-6-final) (Revision 19119)
|
|
+++ src/lib/krb5/keytab/kt_file.c (.../branches/krb5-1-6) (Revision 19119)
|
|
@@ -193,6 +193,7 @@
|
|
|
|
err = k5_mutex_init(&data->lock);
|
|
if (err) {
|
|
+ krb5_xfree(data);
|
|
krb5_xfree(*id);
|
|
return err;
|
|
}
|
|
@@ -791,6 +792,7 @@
|
|
|
|
err = k5_mutex_init(&data->lock);
|
|
if (err) {
|
|
+ krb5_xfree(data);
|
|
krb5_xfree(*id);
|
|
return err;
|
|
}
|
|
Index: src/lib/krb5/os/sendto_kdc.c
|
|
===================================================================
|
|
--- src/lib/krb5/os/sendto_kdc.c (.../tags/krb5-1-6-final) (Revision 19119)
|
|
+++ src/lib/krb5/os/sendto_kdc.c (.../branches/krb5-1-6) (Revision 19119)
|
|
@@ -1127,7 +1127,7 @@
|
|
return ENOMEM;
|
|
}
|
|
|
|
- memset(conns, 0, n_conns * sizeof(conns[i]));
|
|
+ memset(conns, 0, n_conns * sizeof(struct conn_state));
|
|
|
|
if (callback_info) {
|
|
callback_data = malloc(n_conns * sizeof(krb5_data));
|
|
@@ -1135,7 +1135,7 @@
|
|
return ENOMEM;
|
|
}
|
|
|
|
- memset(conns, 0, n_conns * sizeof(callback_data[i]));
|
|
+ memset(callback_data, 0, n_conns * sizeof(krb5_data));
|
|
}
|
|
|
|
for (i = 0; i < n_conns; i++) {
|
|
Index: src/lib/krb5/os/changepw.c
|
|
===================================================================
|
|
--- src/lib/krb5/os/changepw.c (.../tags/krb5-1-6-final) (Revision 19119)
|
|
+++ src/lib/krb5/os/changepw.c (.../branches/krb5-1-6) (Revision 19119)
|
|
@@ -70,12 +70,14 @@
|
|
locate_service_kadmin, SOCK_STREAM, 0);
|
|
if (!code) {
|
|
/* Success with admin_server but now we need to change the
|
|
- port number to use DEFAULT_KPASSWD_PORT. */
|
|
+ port number to use DEFAULT_KPASSWD_PORT and the socktype. */
|
|
int i;
|
|
for (i=0; i<addrlist->naddrs; i++) {
|
|
struct addrinfo *a = addrlist->addrs[i].ai;
|
|
if (a->ai_family == AF_INET)
|
|
sa2sin (a->ai_addr)->sin_port = htons(DEFAULT_KPASSWD_PORT);
|
|
+ if (sockType != SOCK_STREAM)
|
|
+ a->ai_socktype = sockType;
|
|
}
|
|
}
|
|
}
|
|
Index: src/lib/krb5/ccache/ccapi/stdcc.c
|
|
===================================================================
|
|
--- src/lib/krb5/ccache/ccapi/stdcc.c (.../tags/krb5-1-6-final) (Revision 19119)
|
|
+++ src/lib/krb5/ccache/ccapi/stdcc.c (.../branches/krb5-1-6) (Revision 19119)
|
|
@@ -56,6 +56,7 @@
|
|
|
|
#ifdef USE_CCAPI_V3
|
|
cc_context_t gCntrlBlock = NULL;
|
|
+cc_int32 gCCVersion = 0;
|
|
#else
|
|
apiCB *gCntrlBlock = NULL;
|
|
#endif
|
|
@@ -222,13 +223,59 @@
|
|
|
|
|
|
#ifdef USE_CCAPI_V3
|
|
+
|
|
+static krb5_error_code stdccv3_get_timeoffset (krb5_context in_context,
|
|
+ cc_ccache_t in_ccache)
|
|
+{
|
|
+ krb5_error_code err = 0;
|
|
+
|
|
+ if (gCCVersion >= ccapi_version_5) {
|
|
+ krb5_os_context os_ctx = (krb5_os_context) in_context->os_context;
|
|
+ cc_time_t time_offset = 0;
|
|
+
|
|
+ err = cc_ccache_get_kdc_time_offset (in_ccache, cc_credentials_v5,
|
|
+ &time_offset);
|
|
+
|
|
+ if (!err) {
|
|
+ os_ctx->time_offset = time_offset;
|
|
+ os_ctx->usec_offset = 0;
|
|
+ os_ctx->os_flags = ((os_ctx->os_flags & ~KRB5_OS_TOFFSET_TIME) |
|
|
+ KRB5_OS_TOFFSET_VALID);
|
|
+ }
|
|
+
|
|
+ if (err == ccErrTimeOffsetNotSet) {
|
|
+ err = 0; /* okay if there is no time offset */
|
|
+ }
|
|
+ }
|
|
+
|
|
+ return err; /* Don't translate. Callers will translate for us */
|
|
+}
|
|
+
|
|
+static krb5_error_code stdccv3_set_timeoffset (krb5_context in_context,
|
|
+ cc_ccache_t in_ccache)
|
|
+{
|
|
+ krb5_error_code err = 0;
|
|
+
|
|
+ if (gCCVersion >= ccapi_version_5) {
|
|
+ krb5_os_context os_ctx = (krb5_os_context) in_context->os_context;
|
|
+
|
|
+ if (!err && os_ctx->os_flags & KRB5_OS_TOFFSET_VALID) {
|
|
+ err = cc_ccache_set_kdc_time_offset (in_ccache,
|
|
+ cc_credentials_v5,
|
|
+ os_ctx->time_offset);
|
|
+ }
|
|
+ }
|
|
+
|
|
+ return err; /* Don't translate. Callers will translate for us */
|
|
+}
|
|
+
|
|
static krb5_error_code stdccv3_setup (krb5_context context,
|
|
stdccCacheDataPtr ccapi_data)
|
|
{
|
|
krb5_error_code err = 0;
|
|
|
|
if (!err && !gCntrlBlock) {
|
|
- err = cc_initialize (&gCntrlBlock, ccapi_version_max, NULL, NULL);
|
|
+ err = cc_initialize (&gCntrlBlock, ccapi_version_max, &gCCVersion, NULL);
|
|
}
|
|
|
|
if (!err && ccapi_data && !ccapi_data->NamedCache) {
|
|
@@ -237,6 +284,10 @@
|
|
&ccapi_data->NamedCache);
|
|
}
|
|
|
|
+ if (!err && ccapi_data && ccapi_data->NamedCache) {
|
|
+ err = stdccv3_get_timeoffset (context, ccapi_data->NamedCache);
|
|
+ }
|
|
+
|
|
return err; /* Don't translate. Callers will translate for us */
|
|
}
|
|
|
|
@@ -245,6 +296,7 @@
|
|
{
|
|
if (gCntrlBlock) { cc_context_release(gCntrlBlock); }
|
|
gCntrlBlock = NULL;
|
|
+ gCCVersion = 0;
|
|
}
|
|
|
|
/*
|
|
@@ -278,11 +330,15 @@
|
|
}
|
|
|
|
if (!err) {
|
|
- err = cc_context_create_new_ccache (gCntrlBlock, cc_credentials_v5, 0L,
|
|
+ err = cc_context_create_new_ccache (gCntrlBlock, cc_credentials_v5, "",
|
|
&ccache);
|
|
}
|
|
|
|
if (!err) {
|
|
+ err = stdccv3_set_timeoffset (context, ccache);
|
|
+ }
|
|
+
|
|
+ if (!err) {
|
|
err = cc_ccache_get_name (ccache, &ccstring);
|
|
}
|
|
|
|
@@ -395,6 +451,7 @@
|
|
krb5_error_code err = 0;
|
|
stdccCacheDataPtr ccapi_data = id->data;
|
|
char *name = NULL;
|
|
+ cc_ccache_t ccache = NULL;
|
|
|
|
if (id == NULL) { err = KRB5_CC_NOMEM; }
|
|
|
|
@@ -406,23 +463,28 @@
|
|
err = krb5_unparse_name(context, princ, &name);
|
|
}
|
|
|
|
- if (!err && ccapi_data->NamedCache) {
|
|
- err = cc_ccache_release(ccapi_data->NamedCache);
|
|
- ccapi_data->NamedCache = NULL;
|
|
- }
|
|
-
|
|
if (!err) {
|
|
err = cc_context_create_ccache (gCntrlBlock, ccapi_data->cache_name,
|
|
cc_credentials_v5, name,
|
|
- &ccapi_data->NamedCache);
|
|
+ &ccache);
|
|
}
|
|
|
|
if (!err) {
|
|
- cache_changed();
|
|
+ err = stdccv3_set_timeoffset (context, ccache);
|
|
}
|
|
|
|
- if (name) { krb5_free_unparsed_name(context, name); }
|
|
+ if (!err) {
|
|
+ if (ccapi_data->NamedCache) {
|
|
+ err = cc_ccache_release (ccapi_data->NamedCache);
|
|
+ }
|
|
+ ccapi_data->NamedCache = ccache;
|
|
+ ccache = NULL; /* take ownership */
|
|
+ cache_changed ();
|
|
+ }
|
|
|
|
+ if (ccache) { cc_ccache_release (ccache); }
|
|
+ if (name ) { krb5_free_unparsed_name(context, name); }
|
|
+
|
|
return cc_err_xlate(err);
|
|
}
|
|
|
|
|
|
Eigenschaftsänderungen: .
|
|
___________________________________________________________________
|
|
Name: svk:merge
|
|
- 122d7f7f-0217-0410-a6d0-d37b9a318acc:/local/krb5/branches/krb5-1-6:19331
|
|
304ed8f4-7412-0410-a0db-8249d8f37659:/my-branches/kdb-config:339
|
|
dc483132-0cff-0310-8789-dd5450dbe970:/branches/ccapi:18199
|
|
dc483132-0cff-0310-8789-dd5450dbe970:/branches/referrals/trunk:18581
|
|
+ 122d7f7f-0217-0410-a6d0-d37b9a318acc:/local/krb5/branches/krb5-1-6:19411
|
|
304ed8f4-7412-0410-a0db-8249d8f37659:/my-branches/kdb-config:339
|
|
dc483132-0cff-0310-8789-dd5450dbe970:/branches/ccapi:18199
|
|
dc483132-0cff-0310-8789-dd5450dbe970:/branches/referrals/trunk:18581
|
|
|