[src/trunk]: src/crypto/external/bsd/libsaslc/dist/src AUTHCID is optional fo...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/crypto/external/bsd/libsaslc/dist/src AUTHCID is optional fo...
From: elric <elric%NetBSD.org@localhost>
Date: Tue, 07 Apr 2020 00:39:38 +0000

details:   https://anonhg.NetBSD.org/src/rev/00cdc7aeadaa
branches:  trunk
changeset: 786861:00cdc7aeadaa
user:      elric <elric%NetBSD.org@localhost>
date:      Thu May 16 13:02:12 2013 +0000

description:
AUTHCID is optional for the GSSAPI mechanism.

diffstat:

 crypto/external/bsd/libsaslc/dist/src/mech_gssapi.c |  21 +++++++++------------
 1 files changed, 9 insertions(+), 12 deletions(-)

diffs (47 lines):

diff -r c7ae6f7ac07c -r 00cdc7aeadaa crypto/external/bsd/libsaslc/dist/src/mech_gssapi.c
--- a/crypto/external/bsd/libsaslc/dist/src/mech_gssapi.c       Thu May 16 07:43:02 2013 +0000
+++ b/crypto/external/bsd/libsaslc/dist/src/mech_gssapi.c       Thu May 16 13:02:12 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: mech_gssapi.c,v 1.6 2011/02/20 01:59:46 christos Exp $ */
+/* $NetBSD: mech_gssapi.c,v 1.7 2013/05/16 13:02:12 elric Exp $ */
 
 /* Copyright (c) 2010 The NetBSD Foundation, Inc.
  * All rights reserved.
@@ -35,7 +35,7 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: mech_gssapi.c,v 1.6 2011/02/20 01:59:46 christos Exp $");
+__RCSID("$NetBSD: mech_gssapi.c,v 1.7 2013/05/16 13:02:12 elric Exp $");
 
 #include <assert.h>
 #include <errno.h>
@@ -582,21 +582,18 @@
        /* through fourth octets containing in network byte order the       */
        /* maximum size output_message the client is able to receive, and   */
        /* the remaining octets containing the authorization identity.  The */
-       /* client passes the data to GSS_Wrap with conf_flag set to FALSE,  */
-       /* and responds with the generated output_message.  The client can  */
-       /* then consider the server authenticated.                          */
+       /* authorization identity is optional in mechanisms where it is     */
+       /* encoded in the exchange such as GSSAPI.  The client passes the   */
+       /* data to GSS_Wrap with conf_flag set to FALSE, and responds with  */
+       /* the generated output_message.  The client can then consider the  */
+       /* server authenticated.                                            */
        /********************************************************************/
 
        ms = sess->mech_sess;
 
-       if ((authcid = saslc_sess_getprop(sess, SASLC_GSSAPI_AUTHCID))
-           == NULL) {
-               saslc__error_set(ERR(sess), ERROR_MECH,
-                   "authcid is required for an authentication");
-               return -1;
-       }
+       authcid = saslc_sess_getprop(sess, SASLC_GSSAPI_AUTHCID);
 
-       len = asprintf(&input_value, "qmax%s", authcid);
+       len = asprintf(&input_value, "qmax%s", authcid ? authcid : "");
        if (len == -1) {
                saslc__error_set_errno(ERR(sess), ERROR_NOMEM);
                return -1;

Prev by Date: [src/trunk]: src/tests/ipf Mark two more test case as only failing for BE
Next by Date: [src/trunk]: src/sys/arch/sh3/include name it like other ports do
Previous by Thread: [src/trunk]: src/tests/ipf Mark two more test case as only failing for BE
Next by Thread: [src/trunk]: src/sys/arch/sh3/include name it like other ports do
Indexes:

Home | Main Index | Thread Index | Old Index