[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

problems with gss_set_allowable_enctypes()



Testing linux gssd with latest heimdal cvs (as of a couple of days
ago).  Found two problems:

1) gss_krb5_set_allowable_enctypes() assumes a zero-terminated list,
but the interface actually passes the number of enctypes.

Index: lib/gssapi/mech/gss_krb5.c
===================================================================
RCS file: /afs/pdc.kth.se/src/packages/kth-krb/SourceRepository/heimdal/lib/gssapi/mech/gss_krb5.c,v
retrieving revision 1.21
diff -u -r1.21 gss_krb5.c
--- lib/gssapi/mech/gss_krb5.c  10 Nov 2006 00:57:27 -0000      1.21
+++ lib/gssapi/mech/gss_krb5.c  29 Mar 2007 16:47:26 -0000
@@ -438,7 +438,7 @@
        goto out;
     }

-    while(*enctypes) {
+    for (; num_enctypes > 0 && *enctypes; num_enctypes--) {
        krb5_store_int32(sp, *enctypes);
        enctypes++;
     }


2) _gsskrb5_set_cred_option() doesn't have support for
GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X and always returns EINVAL.