[11256] in Kerberos-V5-bugs
[krbdev.mit.edu #6601] gsssspi_set_cred_option cannot handle mech
daemon@ATHENA.MIT.EDU (Arlene Berry" via RT)
Tue Dec 22 21:29:55 2009
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: ""Arlene Berry" via RT" <rt-comment@krbdev.MIT.EDU>
In-Reply-To: <rt-6601@krbdev.mit.edu>
Message-ID: <rt-6601-31930.5.96884275380923@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #6601'":;"'AdminCc of krbdev.mit.edu Ticket #6601'":;@MIT.EDU
Date: Wed, 23 Dec 2009 02:29:31 +0000 (UTC)
Reply-To: rt-comment@krbdev.MIT.EDU
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
The current options are specific to the kerberos mechanism. Options are
likely to be implemented by only one mechanism but the mechglue layer
assumes that all mechanisms have implemented each option and will
succeed when asked to set them. This fixes that:
Index: src/lib/gssapi/mechglue/g_set_cred_option.c
===================================================================
--- src/lib/gssapi/mechglue/g_set_cred_option.c (revision 23482)
+++ src/lib/gssapi/mechglue/g_set_cred_option.c (working copy)
@@ -45,6 +45,8 @@
gss_mechanism mech;
int i;
OM_uint32 status;
+ OM_uint32 mech_status;
+ OM_uint32 mech_minor_status;
if (minor_status == NULL)
return GSS_S_CALL_INACCESSIBLE_WRITE;
@@ -66,14 +68,20 @@
}
if (mech->gssspi_set_cred_option == NULL) {
- status = GSS_S_UNAVAILABLE;
continue;
}
- status = (mech->gssspi_set_cred_option)(minor_status,
+ mech_status = (mech->gssspi_set_cred_option)(&mech_minor_status,
union_cred->cred_array[i],
desired_object,
value);
+ if (mech_status == GSS_S_UNAVAILABLE) {
+ continue;
+ }
+ else {
+ status = mech_status;
+ *minor_status = mech_minor_status;
+ }
if (status != GSS_S_COMPLETE) {
map_error(minor_status, mech);
break;
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
