diff options
Diffstat (limited to 'crypto/heimdal/lib/krb5/transited.c')
-rw-r--r-- | crypto/heimdal/lib/krb5/transited.c | 44 |
1 files changed, 31 insertions, 13 deletions
diff --git a/crypto/heimdal/lib/krb5/transited.c b/crypto/heimdal/lib/krb5/transited.c index 1faf378..dbe6c80 100644 --- a/crypto/heimdal/lib/krb5/transited.c +++ b/crypto/heimdal/lib/krb5/transited.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: transited.c,v 1.7 2000/02/07 13:30:41 joda Exp $"); +RCSID("$Id: transited.c,v 1.8 2001/05/14 06:14:52 assar Exp $"); /* this is an attempt at one of the most horrible `compression' schemes that has ever been invented; it's so amazingly brain-dead @@ -61,7 +61,8 @@ free_realms(struct tr_realm *r) } static int -make_path(struct tr_realm *r, const char *from, const char *to) +make_path(krb5_context context, struct tr_realm *r, + const char *from, const char *to) { const char *p; struct tr_realm *path = r->next; @@ -78,8 +79,10 @@ make_path(struct tr_realm *r, const char *from, const char *to) p = from; while(1){ p = strchr(p, '.'); - if(p == NULL) + if(p == NULL) { + krb5_clear_error_string (context); return KRB5KDC_ERR_POLICY; + } p++; if(strcmp(p, to) == 0) break; @@ -89,6 +92,7 @@ make_path(struct tr_realm *r, const char *from, const char *to) path->realm = strdup(p); if(path->realm == NULL){ r->next = path; /* XXX */ + krb5_set_error_string (context, "malloc: out of memory"); return ENOMEM;; } } @@ -106,21 +110,25 @@ make_path(struct tr_realm *r, const char *from, const char *to) path->realm = malloc(p - from + 1); if(path->realm == NULL){ r->next = path; /* XXX */ + krb5_set_error_string (context, "malloc: out of memory"); return ENOMEM; } memcpy(path->realm, from, p - from); path->realm[p - from] = '\0'; p--; } - }else + } else { + krb5_clear_error_string (context); return KRB5KDC_ERR_POLICY; + } r->next = path; return 0; } static int -make_paths(struct tr_realm *realms, const char *client_realm, +make_paths(krb5_context context, + struct tr_realm *realms, const char *client_realm, const char *server_realm) { struct tr_realm *r; @@ -138,7 +146,7 @@ make_paths(struct tr_realm *realms, const char *client_realm, next_realm = r->next->realm; else next_realm = server_realm; - ret = make_path(r, prev_realm, next_realm); + ret = make_path(context, r, prev_realm, next_realm); if(ret){ free_realms(realms); return ret; @@ -150,7 +158,8 @@ make_paths(struct tr_realm *realms, const char *client_realm, } static int -expand_realms(struct tr_realm *realms, const char *client_realm) +expand_realms(krb5_context context, + struct tr_realm *realms, const char *client_realm) { struct tr_realm *r; const char *prev_realm = NULL; @@ -162,6 +171,7 @@ expand_realms(struct tr_realm *realms, const char *client_realm) tmp = realloc(r->realm, strlen(r->realm) + strlen(prev_realm) + 1); if(tmp == NULL){ free_realms(realms); + krb5_set_error_string (context, "malloc: out of memory"); return ENOMEM; } r->realm = tmp; @@ -173,6 +183,7 @@ expand_realms(struct tr_realm *realms, const char *client_realm) tmp = malloc(strlen(r->realm) + strlen(prev_realm) + 1); if(tmp == NULL){ free_realms(realms); + krb5_set_error_string (context, "malloc: out of memory"); return ENOMEM; } strcpy(tmp, prev_realm); @@ -236,7 +247,8 @@ append_realm(struct tr_realm *head, struct tr_realm *r) } static int -decode_realms(const char *tr, int length, struct tr_realm **realms) +decode_realms(krb5_context context, + const char *tr, int length, struct tr_realm **realms) { struct tr_realm *r = NULL; @@ -261,6 +273,7 @@ decode_realms(const char *tr, int length, struct tr_realm **realms) r = make_realm(tmp); if(r == NULL){ free_realms(*realms); + krb5_set_error_string (context, "malloc: out of memory"); return ENOMEM; } *realms = append_realm(*realms, r); @@ -273,6 +286,7 @@ decode_realms(const char *tr, int length, struct tr_realm **realms) r = make_realm(tmp); if(r == NULL){ free_realms(*realms); + krb5_set_error_string (context, "malloc: out of memory"); return ENOMEM; } *realms = append_realm(*realms, r); @@ -282,7 +296,8 @@ decode_realms(const char *tr, int length, struct tr_realm **realms) krb5_error_code -krb5_domain_x500_decode(krb5_data tr, char ***realms, int *num_realms, +krb5_domain_x500_decode(krb5_context context, + krb5_data tr, char ***realms, int *num_realms, const char *client_realm, const char *server_realm) { struct tr_realm *r = NULL; @@ -290,16 +305,16 @@ krb5_domain_x500_decode(krb5_data tr, char ***realms, int *num_realms, int ret; /* split string in components */ - ret = decode_realms(tr.data, tr.length, &r); + ret = decode_realms(context, tr.data, tr.length, &r); if(ret) return ret; /* apply prefix rule */ - ret = expand_realms(r, client_realm); + ret = expand_realms(context, r, client_realm); if(ret) return ret; - ret = make_paths(r, client_realm, server_realm); + ret = make_paths(context, r, client_realm, server_realm); if(ret) return ret; @@ -324,6 +339,7 @@ krb5_domain_x500_decode(krb5_data tr, char ***realms, int *num_realms, R = realloc(*realms, (*num_realms + 1) * sizeof(**realms)); if(R == NULL) { free(*realms); + krb5_set_error_string (context, "malloc: out of memory"); return ENOMEM; } R[*num_realms] = r->realm; @@ -382,6 +398,8 @@ krb5_check_transited_realms(krb5_context context, char **p; for(p = bad_realms; *p; p++) if(strcmp(*p, realms[i]) == 0) { + krb5_set_error_string (context, "no transit through realm %s", + *p); ret = KRB5KRB_AP_ERR_ILL_CR_TKT; if(bad_realm) *bad_realm = i; |