ctxt may be NULL when using privsep, so either avoid using it to get the oid

author jbasney <jbasney>

Mon, 7 Oct 2002 18:24:15 +0000 (18:24 +0000)

committer jbasney <jbasney>

Mon, 7 Oct 2002 18:24:15 +0000 (18:24 +0000)
author jbasney <jbasney>
Mon, 7 Oct 2002 18:24:15 +0000 (18:24 +0000)
committer jbasney <jbasney>
Mon, 7 Oct 2002 18:24:15 +0000 (18:24 +0000)
diff --git a/openssh/auth2-gss.c b/openssh/auth2-gss.c

index 45cd5d1614d28b758592e9374ba9577bb8966693..c20796123a2516bb28fd8084528aa985cb64a176 100644 (file)
--- a/openssh/auth2-gss.c
+++ b/openssh/auth2-gss.c
@@ -156,7 +156,11 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt)
          
          if (GSS_ERROR(maj_status)) {
                  /* Failure <sniff> */
-               ssh_gssapi_send_error(gssctxt->oid,maj_status,min_status);
+               if (gssctxt) {  /* may be NULL under privsep */
+                   ssh_gssapi_send_error(gssctxt->oid,maj_status,min_status);
+               } else {
+                   ssh_gssapi_send_error(GSS_C_NO_OID,maj_status,min_status);
+               }
                  authctxt->postponed = 0;
                 dispatch_set(SSH_MSG_AUTH_GSSAPI_TOKEN, NULL);
                  dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
diff --git a/openssh/kexgss.c b/openssh/kexgss.c

index 7d18b1a28bbf4b5c2987edb461ad84ab9b901154..d202a8766d39b8e1c631779e8e0785ecf89a8dd0 100644 (file)
--- a/openssh/kexgss.c
+++ b/openssh/kexgss.c
@@ -371,18 +371,18 @@ kexgss_server(Kex *kex)
         } while (maj_status & GSS_S_CONTINUE_NEEDED);
  
         if (GSS_ERROR(maj_status)) {
-               ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+               ssh_gssapi_send_error(oid,maj_status,min_status);
                 packet_disconnect("gssapi key exchange handshake failed");
         }
  
         debug("gss_complete");
         if (!(ret_flags & GSS_C_MUTUAL_FLAG)) {
-               ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+               ssh_gssapi_send_error(oid,maj_status,min_status);
                 packet_disconnect("gssapi mutual authentication failed");
         }
                 
         if (!(ret_flags & GSS_C_INTEG_FLAG)) {
-               ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+               ssh_gssapi_send_error(oid,maj_status,min_status);
                 packet_disconnect("gssapi channel integrity not established");
         }               
         
@@ -423,7 +423,11 @@ kexgss_server(Kex *kex)
         gssbuf.length = 20; /* Hashlen appears to always be 20 */
         
         if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt,&gssbuf,&msg_tok)))) {
-               ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+               if (ctxt) { /* may be NULL under privsep */
+                   ssh_gssapi_send_error(ctxt->oid,maj_status,min_status);
+               } else {
+                   ssh_gssapi_send_error(GSS_C_NO_OID,maj_status,min_status);
+               }
                 packet_disconnect("Couldn't get MIC");
         }
author	jbasney <jbasney>
	Mon, 7 Oct 2002 18:24:15 +0000 (18:24 +0000)
committer	jbasney <jbasney>
	Mon, 7 Oct 2002 18:24:15 +0000 (18:24 +0000)
openssh/auth2-gss.c		patch \| blob \| blame \| history
openssh/kexgss.c		patch \| blob \| blame \| history