summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/heimdal/lib/gssapi/krb5/accept_sec_context.c')
-rw-r--r--source4/heimdal/lib/gssapi/krb5/accept_sec_context.c15
1 files changed, 11 insertions, 4 deletions
diff --git a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
index e3ba189b36..8ec3a65a31 100644
--- a/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
+++ b/source4/heimdal/lib/gssapi/krb5/accept_sec_context.c
@@ -55,10 +55,10 @@ _gsskrb5_register_acceptor_identity (const char *identity)
if (identity == NULL) {
ret = krb5_kt_default(context, &_gsskrb5_keytab);
} else {
- char *p;
+ char *p = NULL;
- asprintf(&p, "FILE:%s", identity);
- if(p == NULL) {
+ ret = asprintf(&p, "FILE:%s", identity);
+ if(ret < 0 || p == NULL) {
HEIMDAL_MUTEX_unlock(&gssapi_keytab_mutex);
return GSS_S_FAILURE;
}
@@ -462,6 +462,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
/*
* We need to get the flags out of the 8003 checksum.
*/
+
{
krb5_authenticator authenticator;
@@ -474,6 +475,12 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
return ret;
}
+ if (authenticator->cksum == NULL) {
+ krb5_free_authenticator(context, &authenticator);
+ *minor_status = 0;
+ return GSS_S_BAD_BINDINGS;
+ }
+
if (authenticator->cksum->cksumtype == CKSUMTYPE_GSSAPI) {
ret = _gsskrb5_verify_8003_checksum(minor_status,
input_chan_bindings,
@@ -793,7 +800,7 @@ acceptor_wait_for_dcestyle(OM_uint32 * minor_status,
}
-OM_uint32
+OM_uint32 GSSAPI_CALLCONV
_gsskrb5_accept_sec_context(OM_uint32 * minor_status,
gss_ctx_id_t * context_handle,
const gss_cred_id_t acceptor_cred_handle,
generated by cgit (git 2.34.1) at 2024-06-13 05:37:25 +0000