Commit 2e2e5f24 authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

get_gss_name: proxy auth without proxy set equals error 

Previously it would access a NULL pointer and die.

Bug: http://curl.haxx.se/mail/lib-2011-06/0170.html
Reported by: Christian Hagele
parent ac28971a

lib/http_negotiate_sspi.c

+8 −5
Original line number Diff line number Diff line
@@ -45,13 +45,16 @@ 
#include "memdebug.h"



static int

get_gss_name(struct connectdata *conn, bool proxy, char *server)

get_gss_name(struct connectdata *conn, bool proxy,

             struct negotiatedata *neg_ctx)

{

  struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:

    &conn->data->state.negotiate;

  const char* service;

  size_t length;



  if(proxy && !conn->proxy.name)

    /* proxy auth requested but no given proxy name, error out! */

    return -1;



  /* GSSAPI implementation by Globus (known as GSI) requires the name to be

     of form "<service>/<fqdn>" instead of <service>@<fqdn> (ie. slash instead

     of at-sign). Also GSI servers are often identified as 'host' not 'khttp'.
@@ -71,7 +74,7 @@ get_gss_name(struct connectdata *conn, bool proxy, char *server) 
  if(length + 1 > sizeof(neg_ctx->server_name))

    return EMSGSIZE;



  snprintf(server, sizeof(neg_ctx->server_name), "%s/%s",

  snprintf(neg_ctx->server_name, sizeof(neg_ctx->server_name), "%s/%s",

           service, proxy ? conn->proxy.name : conn->host.name);



  return 0;
@@ -130,7 +133,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, 
  }



  if(strlen(neg_ctx->server_name) == 0 &&

     (ret = get_gss_name(conn, proxy, neg_ctx->server_name)))

     (ret = get_gss_name(conn, proxy, neg_ctx)))

    return ret;



  if(!neg_ctx->output_token) {