[31492] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix minor logic errors
daemon@ATHENA.MIT.EDU (ghudson@mit.edu)
Tue Jan 20 19:45:41 2026
From: ghudson@mit.edu
To: cvs-krb5@mit.edu
Message-Id: <20260121004532.ED1131041EC@krbdev.mit.edu>
Date: Tue, 20 Jan 2026 19:45:32 -0500 (EST)
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/5f4e17c8e2c31201628ab260f0991e8e47c8f1d2
commit 5f4e17c8e2c31201628ab260f0991e8e47c8f1d2
Author: Greg Hudson <ghudson@mit.edu>
Date: Fri Dec 19 02:56:55 2025 -0500
Fix minor logic errors
In k5_externalize_auth_context(), serialize the correct field when
local_port is set. This is not a reachable bug because the function
is only accessible via gss_export_sec_context(), and the GSS library
does not set a local port. Commit
e50f46b210ddafe85cc917e2571516ade46bc65f fixed a similar bug for
remote_port.
In krb5_pac_get_types(), correct the allocation of *types_out. (The
previous code was safe in spite of its incorrectness, because the size
of a pointer is at least as big as the size of uint32_t.)
Change make_spnego_tokenTarg_msg() to return 0 on success and -1 on
failure, to match make_spnego_tokenInit_msg() and the expectations of
its call sites. Commit fdceb225f881e2b1337eebcb9a9443fa4a9be3fd is
partly to blame as it changed the return type from int to OM_uint32,
but prior to that the function still returned GSS major codes rather
than -1 on error.
ticket: 9192
src/lib/gssapi/spnego/spnego_mech.c | 10 +++++-----
src/lib/krb5/krb/pac.c | 2 +-
src/lib/krb5/krb/ser_actx.c | 2 +-
3 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
index 4a7783643..f0c37c7cd 100644
--- a/src/lib/gssapi/spnego/spnego_mech.c
+++ b/src/lib/gssapi/spnego/spnego_mech.c
@@ -138,7 +138,7 @@ make_spnego_tokenInit_msg(spnego_gss_ctx_id_t,
gss_buffer_t,
OM_uint32, gss_buffer_t, send_token_flag,
gss_buffer_t);
-static OM_uint32
+static int
make_spnego_tokenTarg_msg(uint8_t, gss_OID, gss_buffer_t,
gss_buffer_t, send_token_flag,
gss_buffer_t);
@@ -3698,7 +3698,7 @@ make_spnego_tokenInit_msg(spnego_gss_ctx_id_t spnego_ctx, int negHintsCompat,
* gss_accept_sec_context and eventually up to the application program
* and over to the client.
*/
-static OM_uint32
+static int
make_spnego_tokenTarg_msg(uint8_t status, gss_OID mech_wanted,
gss_buffer_t token, gss_buffer_t mic,
send_token_flag sendtoken,
@@ -3709,9 +3709,9 @@ make_spnego_tokenTarg_msg(uint8_t status, gss_OID mech_wanted,
struct k5buf buf;
if (outbuf == GSS_C_NO_BUFFER)
- return (GSS_S_DEFECTIVE_TOKEN);
+ return (-1);
if (sendtoken == INIT_TOKEN_SEND && mech_wanted == GSS_C_NO_OID)
- return (GSS_S_DEFECTIVE_TOKEN);
+ return (-1);
outbuf->length = 0;
outbuf->value = NULL;
@@ -3744,7 +3744,7 @@ make_spnego_tokenTarg_msg(uint8_t status, gss_OID mech_wanted,
/* Allocate space and prepare a buffer. */
t = gssalloc_malloc(choice_len);
if (t == NULL)
- return (GSS_S_DEFECTIVE_TOKEN);
+ return (-1);
k5_buf_init_fixed(&buf, t, choice_len);
/* Add the choice tag and begin the sequence. */
diff --git a/src/lib/krb5/krb/pac.c b/src/lib/krb5/krb/pac.c
index 7e3338745..1232ce7fa 100644
--- a/src/lib/krb5/krb/pac.c
+++ b/src/lib/krb5/krb/pac.c
@@ -185,7 +185,7 @@ krb5_pac_get_types(krb5_context context, krb5_pac pac, size_t *len_out,
{
size_t i;
- *types_out = calloc(pac->nbuffers, sizeof(*types_out));
+ *types_out = calloc(pac->nbuffers, sizeof(**types_out));
if (*types_out == NULL)
return ENOMEM;
diff --git a/src/lib/krb5/krb/ser_actx.c b/src/lib/krb5/krb/ser_actx.c
index ed8e25596..01089e4f7 100644
--- a/src/lib/krb5/krb/ser_actx.c
+++ b/src/lib/krb5/krb/ser_actx.c
@@ -185,7 +185,7 @@ k5_externalize_auth_context(krb5_auth_context auth_context,
/* Now handle local_port, if appropriate */
if (!kret && auth_context->local_port) {
(void) krb5_ser_pack_int32(TOKEN_LPORT, &bp, &remain);
- kret = k5_externalize_address(auth_context->local_addr,
+ kret = k5_externalize_address(auth_context->local_port,
&bp, &remain);
}
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
