From 26f94f6e8fd99ee0dfc2f71afb38c74a12482601 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Wed, 16 Dec 2015 19:31:22 -0500
Subject: [PATCH] Fix mechglue on gss_inquire_attrs_for_mech()
This includes proper mechanism selection in gss_inquire_attrs_for_mech()
itself as well as passing the correct mech down from gss_accept_sec_context()
through allow_mech_by_default().
Also-authored-by: Simo Sorce <simo@redhat.com>
---
src/lib/gssapi/mechglue/g_accept_sec_context.c | 2 +-
src/lib/gssapi/mechglue/g_mechattr.c | 7 ++++++-
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/lib/gssapi/mechglue/g_accept_sec_context.c b/src/lib/gssapi/mechglue/g_accept_sec_context.c
index 6c72d1f..4a86024 100644
--- a/src/lib/gssapi/mechglue/g_accept_sec_context.c
+++ b/src/lib/gssapi/mechglue/g_accept_sec_context.c
@@ -245,7 +245,7 @@ gss_cred_id_t * d_cred;
status = GSS_S_NO_CRED;
goto error_out;
}
- } else if (!allow_mech_by_default(selected_mech)) {
+ } else if (!allow_mech_by_default(gssint_get_public_oid(selected_mech))) {
status = GSS_S_NO_CRED;
goto error_out;
}
diff --git a/src/lib/gssapi/mechglue/g_mechattr.c b/src/lib/gssapi/mechglue/g_mechattr.c
index e9299f4..4bd44b5 100644
--- a/src/lib/gssapi/mechglue/g_mechattr.c
+++ b/src/lib/gssapi/mechglue/g_mechattr.c
@@ -161,6 +161,7 @@ gss_inquire_attrs_for_mech(
{
OM_uint32 status, tmpMinor;
gss_mechanism mech;
+ gss_OID selected_mech;
if (minor == NULL)
return GSS_S_CALL_INACCESSIBLE_WRITE;
@@ -173,7 +174,11 @@ gss_inquire_attrs_for_mech(
if (known_mech_attrs != NULL)
*known_mech_attrs = GSS_C_NO_OID_SET;
- mech = gssint_get_mechanism((gss_OID)mech_oid);
+ status = gssint_select_mech_type(minor, mech_oid, &selected_mech);
+ if (status != GSS_S_COMPLETE)
+ return (status);
+
+ mech = gssint_get_mechanism(selected_mech);
if (mech != NULL && mech->gss_inquire_attrs_for_mech != NULL) {
status = mech->gss_inquire_attrs_for_mech(minor,
mech_oid,
--
2.6.4