Projects
openEuler:20.03:LTS:SP3
audit
_service:tar_scm_kernel_repo:backport-Cleanup-g...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-Cleanup-gssapi-code.patch of Package audit
From ff0b0a11497fe9360e3aaa448c8744955f8c0fc9 Mon Sep 17 00:00:00 2001 From: Steve Grubb <sgrubb@redhat.com> Date: Fri, 15 Jul 2022 16:09:10 -0400 Subject: Cleanup gssapi code --- src/auditd-listen.c | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/src/auditd-listen.c b/src/auditd-listen.c index 34a142a..61a3480 100644 --- a/src/auditd-listen.c +++ b/src/auditd-listen.c @@ -414,10 +414,9 @@ static int negotiate_credentials(ev_tcp *io) GSS_C_NO_CHANNEL_BINDINGS, &client, NULL, &send_tok, &sess_flags, NULL, NULL); - if (recv_tok.value) { - free(recv_tok.value); - recv_tok.value = NULL; - } + if (recv_tok.value) + gss_release_buffer(&min_stat, &recv_tok); + if (maj_stat != GSS_S_COMPLETE && maj_stat != GSS_S_CONTINUE_NEEDED) { gss_release_buffer(&min_stat, &send_tok); @@ -441,6 +440,7 @@ static int negotiate_credentials(ev_tcp *io) if (*context != GSS_C_NO_CONTEXT) gss_delete_sec_context(&min_stat, context, GSS_C_NO_BUFFER); + gss_release_name(&min_stat, &client); return -1; } gss_release_buffer(&min_stat, &send_tok); @@ -455,14 +455,22 @@ static int negotiate_credentials(ev_tcp *io) return -1; } - audit_msg(LOG_INFO, "GSS-API Accepted connection from: %s", - (char *)recv_tok.value); - io->remote_name = strdup(recv_tok.value); - io->remote_name_len = strlen(recv_tok.value); + if (asprintf(&io->remote_name, "%.*s", (int)recv_tok.length, + (char *)recv_tok.value) < 0) { + io->remote_name = strdup("?"); + io->remote_name_len = 1; + } else + io->remote_name_len = recv_tok.length; + + audit_msg(LOG_INFO, "GSS-API Accepted connection from: %s", + io->remote_name); gss_release_buffer(&min_stat, &recv_tok); - slashptr = strchr(io->remote_name, '/'); - atptr = strchr(io->remote_name, '@'); + if (io->remote_name) { + slashptr = strchr(io->remote_name, '/'); + atptr = strchr(io->remote_name, '@'); + } else + slashptr = NULL; if (!slashptr || !atptr) { audit_msg(LOG_ERR, "Invalid GSS name from remote client: %s", -- 2.27.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.