diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2006-04-24 09:36:24 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:04:15 -0500 |
| commit | c33f6b2c370379dfd010600adc59e7439f1318f7 (patch) | |
| tree | 2ac36b3751796f05ecb45a2ecd03bd166ed7182f /source4/heimdal/lib/krb5/rd_req.c | |
| parent | 0eddf14b307e905663b95296aa695a10d3fb90f7 (diff) | |
| download | samba-c33f6b2c370379dfd010600adc59e7439f1318f7.tar.gz samba-c33f6b2c370379dfd010600adc59e7439f1318f7.tar.bz2 samba-c33f6b2c370379dfd010600adc59e7439f1318f7.zip | |
r15192: Update Samba4 to use current lorikeet-heimdal.
Andrew Bartlett
(This used to be commit f0e538126c5cb29ca14ad0d8281eaa0a715ed94f)
Diffstat (limited to 'source4/heimdal/lib/krb5/rd_req.c')
| -rw-r--r-- | source4/heimdal/lib/krb5/rd_req.c | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/source4/heimdal/lib/krb5/rd_req.c b/source4/heimdal/lib/krb5/rd_req.c index 313c14f6e6..0d4635b964 100644 --- a/source4/heimdal/lib/krb5/rd_req.c +++ b/source4/heimdal/lib/krb5/rd_req.c @@ -33,7 +33,7 @@ #include <krb5_locl.h> -RCSID("$Id: rd_req.c,v 1.61 2005/11/29 18:22:51 lha Exp $"); +RCSID("$Id: rd_req.c,v 1.63 2006/04/10 10:14:44 lha Exp $"); static krb5_error_code decrypt_tkt_enc_part (krb5_context context, @@ -279,8 +279,10 @@ krb5_verify_authenticator_checksum(krb5_context context, &authenticator); if(ret) return ret; - if(authenticator->cksum == NULL) + if(authenticator->cksum == NULL) { + krb5_free_authenticator(context, &authenticator); return -17; + } ret = krb5_auth_con_getkey(context, ac, &key); if(ret) { krb5_free_authenticator(context, &authenticator); @@ -340,6 +342,9 @@ krb5_verify_ap_req2(krb5_context context, krb5_error_code ret; EtypeList etypes; + if (ticket) + *ticket = NULL; + if (auth_context && *auth_context) { ac = *auth_context; } else { @@ -348,13 +353,12 @@ krb5_verify_ap_req2(krb5_context context, return ret; } - t = malloc(sizeof(*t)); + t = calloc(1, sizeof(*t)); if (t == NULL) { ret = ENOMEM; krb5_clear_error_string (context); goto out; } - memset(t, 0, sizeof(*t)); if (ap_req->ap_options.use_session_key && ac->keyblock){ ret = krb5_decrypt_ticket(context, &ap_req->ticket, @@ -372,14 +376,17 @@ krb5_verify_ap_req2(krb5_context context, if(ret) goto out; - _krb5_principalname2krb5_principal(&t->server, ap_req->ticket.sname, - ap_req->ticket.realm); - _krb5_principalname2krb5_principal(&t->client, t->ticket.cname, - t->ticket.crealm); + ret = _krb5_principalname2krb5_principal(&t->server, ap_req->ticket.sname, + ap_req->ticket.realm); + if (ret) goto out; + ret = _krb5_principalname2krb5_principal(&t->client, t->ticket.cname, + t->ticket.crealm); + if (ret) goto out; /* save key */ - krb5_copy_keyblock(context, &t->ticket.key, &ac->keyblock); + ret = krb5_copy_keyblock(context, &t->ticket.key, &ac->keyblock); + if (ret) goto out; ret = decrypt_authenticator (context, &t->ticket.key, |