1
1

gssapi: Add brackets in ssh_packet_userauth_gssapi_mic().

Этот коммит содержится в:
Andreas Schneider 2013-07-21 11:03:00 +02:00
родитель f458055e9c
Коммит d1bbc35f33

Просмотреть файл

@ -443,7 +443,8 @@ static ssh_buffer ssh_gssapi_build_mic(ssh_session session){
#ifdef WITH_SERVER #ifdef WITH_SERVER
SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic){ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic)
{
ssh_string mic_token; ssh_string mic_token;
OM_uint32 maj_stat, min_stat; OM_uint32 maj_stat, min_stat;
gss_buffer_desc mic_buf = GSS_C_EMPTY_BUFFER; gss_buffer_desc mic_buf = GSS_C_EMPTY_BUFFER;
@ -455,17 +456,18 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic){
SSH_LOG(SSH_LOG_PACKET,"Received SSH_MSG_USERAUTH_GSSAPI_MIC"); SSH_LOG(SSH_LOG_PACKET,"Received SSH_MSG_USERAUTH_GSSAPI_MIC");
mic_token = buffer_get_ssh_string(packet); mic_token = buffer_get_ssh_string(packet);
if (!mic_token){ if (mic_token == NULL) {
ssh_set_error(session, SSH_FATAL, "Missing MIC in packet"); ssh_set_error(session, SSH_FATAL, "Missing MIC in packet");
goto error; goto error;
} }
if (!session->gssapi || session->gssapi->state != SSH_GSSAPI_STATE_RCV_MIC){ if (session->gssapi == NULL
|| session->gssapi->state != SSH_GSSAPI_STATE_RCV_MIC) {
ssh_set_error(session, SSH_FATAL, "Received SSH_MSG_USERAUTH_GSSAPI_MIC in invalid state"); ssh_set_error(session, SSH_FATAL, "Received SSH_MSG_USERAUTH_GSSAPI_MIC in invalid state");
goto error; goto error;
} }
mic_buffer = ssh_gssapi_build_mic(session); mic_buffer = ssh_gssapi_build_mic(session);
if(!mic_buffer){ if (mic_buffer == NULL) {
ssh_set_error_oom(session); ssh_set_error_oom(session);
goto error; goto error;
} }
@ -473,8 +475,9 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic){
int rc = session->server_callbacks->gssapi_verify_mic_function(session, mic_token, int rc = session->server_callbacks->gssapi_verify_mic_function(session, mic_token,
ssh_buffer_get_begin(mic_buffer), ssh_buffer_get_len(mic_buffer), ssh_buffer_get_begin(mic_buffer), ssh_buffer_get_len(mic_buffer),
session->server_callbacks->userdata); session->server_callbacks->userdata);
if (rc != SSH_OK) if (rc != SSH_OK) {
goto error; goto error;
}
} else { } else {
mic_buf.length = ssh_buffer_get_len(mic_buffer); mic_buf.length = ssh_buffer_get_len(mic_buffer);
mic_buf.value = ssh_buffer_get_begin(mic_buffer); mic_buf.value = ssh_buffer_get_begin(mic_buffer);
@ -484,8 +487,9 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_mic){
maj_stat = gss_verify_mic(&min_stat, session->gssapi->ctx, &mic_buf, &mic_token_buf, NULL); maj_stat = gss_verify_mic(&min_stat, session->gssapi->ctx, &mic_buf, &mic_token_buf, NULL);
ssh_gssapi_log_error(0, "verifying MIC", maj_stat); ssh_gssapi_log_error(0, "verifying MIC", maj_stat);
ssh_gssapi_log_error(0, "verifying MIC (min stat)", min_stat); ssh_gssapi_log_error(0, "verifying MIC (min stat)", min_stat);
if (maj_stat == GSS_S_DEFECTIVE_TOKEN || GSS_ERROR(maj_stat)) if (maj_stat == GSS_S_DEFECTIVE_TOKEN || GSS_ERROR(maj_stat)) {
goto error; goto error;
}
} }
if (ssh_callbacks_exists(session->server_callbacks, auth_gssapi_mic_function)){ if (ssh_callbacks_exists(session->server_callbacks, auth_gssapi_mic_function)){
@ -511,10 +515,13 @@ error:
end: end:
ssh_gssapi_free(session); ssh_gssapi_free(session);
if(mic_buffer != NULL) if (mic_buffer != NULL) {
ssh_buffer_free(mic_buffer); ssh_buffer_free(mic_buffer);
if(mic_token != NULL) }
if (mic_token != NULL) {
ssh_string_free(mic_token); ssh_string_free(mic_token);
}
return SSH_PACKET_USED; return SSH_PACKET_USED;
} }