aboutsummaryrefslogtreecommitdiff
path: root/lib/gssapi/mech
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gssapi/mech')
-rw-r--r--lib/gssapi/mech/gss_display_status.c3
-rw-r--r--lib/gssapi/mech/gss_import_name.c2
-rw-r--r--lib/gssapi/mech/gss_mech_switch.c2
-rw-r--r--lib/gssapi/mech/gss_pname_to_uid.c4
-rw-r--r--lib/gssapi/mech/mech.cat558
-rw-r--r--lib/gssapi/mech/mech_locl.h1
6 files changed, 38 insertions, 32 deletions
diff --git a/lib/gssapi/mech/gss_display_status.c b/lib/gssapi/mech/gss_display_status.c
index a79ef350dc93..848e8a320b3d 100644
--- a/lib/gssapi/mech/gss_display_status.c
+++ b/lib/gssapi/mech/gss_display_status.c
@@ -91,8 +91,7 @@ routine_error(OM_uint32 v)
"Incorrect channel bindings were supplied",
"An invalid status code was supplied",
"A token had an invalid MIC",
- "No credentials were supplied, "
- "or the credentials were unavailable or inaccessible.",
+ "No credentials were supplied, or the credentials were unavailable or inaccessible.",
"No context has been established",
"A token was invalid",
"A credential was invalid",
diff --git a/lib/gssapi/mech/gss_import_name.c b/lib/gssapi/mech/gss_import_name.c
index 4c1d940d9af8..fab57597c90e 100644
--- a/lib/gssapi/mech/gss_import_name.c
+++ b/lib/gssapi/mech/gss_import_name.c
@@ -113,7 +113,7 @@ _gss_import_export_name(OM_uint32 *minor_status,
len -= t;
t = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
- p += 4;
+ /* p += 4; */
len -= 4;
if (!composite && len != t)
diff --git a/lib/gssapi/mech/gss_mech_switch.c b/lib/gssapi/mech/gss_mech_switch.c
index 58b187eda296..4d7f298d1961 100644
--- a/lib/gssapi/mech/gss_mech_switch.c
+++ b/lib/gssapi/mech/gss_mech_switch.c
@@ -137,6 +137,8 @@ _gss_string_to_oid(const char* s, gss_OID oid)
}
}
}
+ if (byte_count == 0)
+ return EINVAL;
if (!res) {
res = malloc(byte_count);
if (!res)
diff --git a/lib/gssapi/mech/gss_pname_to_uid.c b/lib/gssapi/mech/gss_pname_to_uid.c
index 315f0e0d8147..9223a918b858 100644
--- a/lib/gssapi/mech/gss_pname_to_uid.c
+++ b/lib/gssapi/mech/gss_pname_to_uid.c
@@ -158,6 +158,10 @@ gss_pname_to_uid(OM_uint32 *minor_status,
major = gss_localname(minor_status, pname, mech_type, &localname);
if (GSS_ERROR(major))
return major;
+ if (localname.length == 0) {
+ *minor_status = KRB5_NO_LOCALNAME;
+ return GSS_S_FAILURE;
+ }
szLocalname = malloc(localname.length + 1);
if (szLocalname == NULL) {
diff --git a/lib/gssapi/mech/mech.cat5 b/lib/gssapi/mech/mech.cat5
index 998079f2959c..d4a38d579eb3 100644
--- a/lib/gssapi/mech/mech.cat5
+++ b/lib/gssapi/mech/mech.cat5
@@ -1,61 +1,61 @@
-
MECH(5) BSD File Formats Manual MECH(5)
-NNAAMMEE
- mmeecchh, qqoopp -- GSS-API Mechanism and QOP files
+NAME
+ mech, qop -- GSS-API Mechanism and QOP files
-SSYYNNOOPPSSIISS
- _/_e_t_c_/_g_s_s_/_m_e_c_h _/_e_t_c_/_g_s_s_/_q_o_p
+SYNOPSIS
+ /etc/gss/mech /etc/gss/qop
-DDEESSCCRRIIPPTTIIOONN
- The _/_e_t_c_/_g_s_s_/_m_e_c_h file contains a list of installed GSS-API security
+DESCRIPTION
+ The /etc/gss/mech file contains a list of installed GSS-API security
mechanisms. Each line of the file either contains a comment if the first
character is '#' or it contains five fields with the following meanings:
- Name The name of this GSS-API mechanism.
+ Name The name of this GSS-API mechanism.
Object identifier
- The OID for this mechanism.
+ The OID for this mechanism.
- Library A shared library containing the implementation of this
- mechanism.
+ Library
+ A shared library containing the implementation of this mechanism.
Kernel module (optional)
- A kernel module containing the implementation of this mech-
- anism (not yet supported in FreeBSD).
+ A kernel module containing the implementation of this mechanism
+ (not yet supported in FreeBSD).
Library options (optional)
- Optionsal parameters interpreted by the mechanism. Library
- options must be enclosed in brackets ([ ]) to differentiate
- them from the optional kernel module entry.
+ Optionsal parameters interpreted by the mechanism. Library op-
+ tions must be enclosed in brackets ([ ]) to differentiate them
+ from the optional kernel module entry.
- The _/_e_t_c_/_g_s_s_/_q_o_p file contains a list of Quality of Protection values for
+ The /etc/gss/qop file contains a list of Quality of Protection values for
use with GSS-API. Each line of the file either contains a comment if the
first character is '#' or it contains three fields with the following
meanings:
- QOP string The name of this Quality of Protection algorithm.
+ QOP string
+ The name of this Quality of Protection algorithm.
- QOP value The numeric value used to select this algorithm for use
- with GSS-API functions such as gss_get_mic(3).
+ QOP value
+ The numeric value used to select this algorithm for use with GSS-
+ API functions such as gss_get_mic(3).
Mechanism name
- The GSS-API mechanism name that corresponds to this algo-
- rithm.
+ The GSS-API mechanism name that corresponds to this algorithm.
-EEXXAAMMPPLLEESS
- This is a typical entry from _/_e_t_c_/_g_s_s_/_m_e_c_h:
+EXAMPLES
+ This is a typical entry from /etc/gss/mech:
kerberosv5 1.2.840.113554.1.2.2 /usr/lib/libgssapi_krb5.so.8 -
- This is a typical entry from _/_e_t_c_/_g_s_s_/_q_o_p:
+ This is a typical entry from /etc/gss/qop:
GSS_KRB5_CONF_C_QOP_DES 0x0100 kerberosv5
-HHIISSTTOORRYY
- The mmeecchh manual page example first appeared in FreeBSD 7.0.
+HISTORY
+ The mech manual page example first appeared in FreeBSD 7.0.
-AAUUTTHHOORRSS
- This manual page was written by Doug Rabson <_d_f_r_@_F_r_e_e_B_S_D_._o_r_g>.
+AUTHORS
+ This manual page was written by Doug Rabson <dfr@FreeBSD.org>.
BSD November 14, 2005 BSD
diff --git a/lib/gssapi/mech/mech_locl.h b/lib/gssapi/mech/mech_locl.h
index 6c23ac5256b1..0f4d8e51b2c3 100644
--- a/lib/gssapi/mech/mech_locl.h
+++ b/lib/gssapi/mech/mech_locl.h
@@ -51,6 +51,7 @@
#include <roken.h>
+#include <krb5.h>
#include <gssapi.h>
#include <gssapi_mech.h>
#include <gssapi_krb5.h>
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-02 21:02:31 +0000