diff options
| author | Mark Eichin <eichin@mit.edu> | 1996-04-09 22:40:18 +0000 |
|---|---|---|
| committer | Mark Eichin <eichin@mit.edu> | 1996-04-09 22:40:18 +0000 |
| commit | 1f173e97357592cd43c7769cbc81b5c40e1ad17d (patch) | |
| tree | 7d54fec601f24244d7fdd890192f39bab63264aa /src/appl/gssftp/ftp | |
| parent | 1011532454c037f2366864eac19662814a8cac1f (diff) | |
| download | krb5-1f173e97357592cd43c7769cbc81b5c40e1ad17d.zip krb5-1f173e97357592cd43c7769cbc81b5c40e1ad17d.tar.gz krb5-1f173e97357592cd43c7769cbc81b5c40e1ad17d.tar.bz2 | |
some fixes changes from marc. changelogs will be merged later
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7760 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/appl/gssftp/ftp')
| -rw-r--r-- | src/appl/gssftp/ftp/cmds.c | 4 | ||||
| -rw-r--r-- | src/appl/gssftp/ftp/secure.c | 69 |
2 files changed, 46 insertions, 27 deletions
diff --git a/src/appl/gssftp/ftp/cmds.c b/src/appl/gssftp/ftp/cmds.c index c715723..396f317 100644 --- a/src/appl/gssftp/ftp/cmds.c +++ b/src/appl/gssftp/ftp/cmds.c @@ -182,6 +182,10 @@ setpeer(argc, argv) #ifdef _AIX #define unix #endif + +#ifdef __hpux +#define unix +#endif #endif #if defined(unix) && (NBBY == 8 || defined(linux)) diff --git a/src/appl/gssftp/ftp/secure.c b/src/appl/gssftp/ftp/secure.c index 98e5797..6bcc491 100644 --- a/src/appl/gssftp/ftp/secure.c +++ b/src/appl/gssftp/ftp/secure.c @@ -211,19 +211,21 @@ unsigned int nbyte; long length; u_long net_len; + /* Other auth types go here ... */ +#ifdef KERBEROS if (bufsize < nbyte + FUDGE_FACTOR) { - if (outbuf) (void) free(outbuf); - if (outbuf = malloc((unsigned) (nbyte + FUDGE_FACTOR))) + if (outbuf? + (outbuf = realloc(outbuf, (unsigned) (nbyte + FUDGE_FACTOR))): + (outbuf = malloc((unsigned) (nbyte + FUDGE_FACTOR)))) { bufsize = nbyte + FUDGE_FACTOR; - else { + } else { bufsize = 0; secure_error("%s (in malloc of PROT buffer)", - sys_errlist[errno]); + sys_errlist[errno]); return(ERR); } } - /* Other auth types go here ... */ -#ifdef KERBEROS + if (strcmp(auth_type, "KERBEROS_V4") == 0) if ((length = level == PROT_P ? krb_mk_priv(buf, (unsigned char *) outbuf, nbyte, schedule, @@ -237,29 +239,42 @@ unsigned int nbyte; #endif /* KERBEROS */ #ifdef GSSAPI if (strcmp(auth_type, "GSSAPI") == 0) { - gss_buffer_desc in_buf, out_buf; - OM_uint32 maj_stat, min_stat; - int conf_state; + gss_buffer_desc in_buf, out_buf; + OM_uint32 maj_stat, min_stat; + int conf_state; - in_buf.value = buf; - in_buf.length = nbyte; - maj_stat = gss_seal(&min_stat, gcontext, - (level == PROT_P), /* confidential */ - GSS_C_QOP_DEFAULT, - &in_buf, &conf_state, - &out_buf); - if (maj_stat != GSS_S_COMPLETE) { - /* generally need to deal */ - /* ie. should loop, but for now just fail */ - secure_gss_error(maj_stat, min_stat, - level == PROT_P? - "GSSAPI seal failed": - "GSSAPI sign failed"); - return(ERR); - } - memcpy(outbuf, out_buf.value, length=out_buf.length); - gss_release_buffer(&min_stat, &out_buf); + in_buf.value = buf; + in_buf.length = nbyte; + maj_stat = gss_seal(&min_stat, gcontext, + (level == PROT_P), /* confidential */ + GSS_C_QOP_DEFAULT, + &in_buf, &conf_state, + &out_buf); + if (maj_stat != GSS_S_COMPLETE) { + /* generally need to deal */ + /* ie. should loop, but for now just fail */ + secure_gss_error(maj_stat, min_stat, + level == PROT_P? + "GSSAPI seal failed": + "GSSAPI sign failed"); + return(ERR); + } + + if (bufsize < out_buf.length) { + if (outbuf? + (outbuf = realloc(outbuf, (unsigned) out_buf.length)): + (outbuf = malloc((unsigned) out_buf.length))) { + bufsize = nbyte + FUDGE_FACTOR; + } else { + bufsize = 0; + secure_error("%s (in malloc of PROT buffer)", + sys_errlist[errno]); + return(ERR); + } + } + memcpy(outbuf, out_buf.value, length=out_buf.length); + gss_release_buffer(&min_stat, &out_buf); } #endif /* GSSAPI */ net_len = htonl((u_long) length); |