Return-Path: Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 33B4F3DECE; Thu, 11 Aug 2011 11:15:42 -0400 (EDT) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id p7BFFfM5031225; Thu, 11 Aug 2011 11:15:41 -0400 Received: from mailhub-dmz-4.mit.edu (MAILHUB-DMZ-4.MIT.EDU [18.7.62.38]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id p7B0Naqe025762 for ; Wed, 10 Aug 2011 20:23:36 -0400 Received: from dmz-mailsec-scanner-3.mit.edu (DMZ-MAILSEC-SCANNER-3.MIT.EDU [18.9.25.14]) by mailhub-dmz-4.mit.edu (8.13.8/8.9.2) with ESMTP id p7B0NR7W021463 for ; Wed, 10 Aug 2011 20:23:36 -0400 X-Auditid: 1209190e-b7c22ae000000a2c-fa-4e43209aa878 Authentication-Results: symauth.service.identifier Received: from hub025-nj-1.exch025.serverdata.net (hub025-nj-1.exch025.serverdata.net [206.225.166.84]) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id 14.17.02604.A90234E4; Wed, 10 Aug 2011 20:21:46 -0400 (EDT) Received: from MBX025-E1-NJ-4.exch025.domain.local ([10.240.12.54]) by HUB025-NJ-1.exch025.domain.local ([10.240.12.30]) with mapi id 14.01.0289.001; Wed, 10 Aug 2011 17:23:36 -0700 From: Arlene Berry To: "krb5-bugs@mit.edu" Subject: spnego_gss_acquire_cred_impersonate_name incorrect usage of impersonator_cred_handle Thread-Topic: spnego_gss_acquire_cred_impersonate_name incorrect usage of impersonator_cred_handle Thread-Index: AcxXvOaNY9CHIczxSEOxJinIczQCtg== Date: Thu, 11 Aug 2011 00:23:34 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-Tnef-Correlator: X-Originating-Ip: [74.202.214.86] Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrMKsWRWlGSWpSXmKPExsVy7uGyEN1ZCs5+BvtuSFg0PDzO7sDo0XTm KHMAYxSXTUpqTmZZapG+XQJXxucrC5kLHnBXbL/ZytTAeIeti5GTQ0LARKLp4WF2EJtRwEhi 97lXrBBxMYkL99YD1XBxCAl8YJR4sOgKM0hCSGAno8Tar7EgNpuAhsStW+tYQGwRAW2JJTOe gA0VFoiXuHX8PlQ8ReJyYxM7hK0nMaH/C1gNi4CqxNnHXxlBbF6BKIkpOydAHSEm8f3UGiYQ m1lAXOLWk/lMEAcJSCzZc54ZwhaVePn4H9ShihJNjfuh6nUkFuz+xAZha0ssW/iaGWK+oMTJ mU9YJjCKzEIydhaSlllIWmYhaVnAyLKKUTYlt0o3NzEzpzg1Wbc4OTEvL7VI11gvN7NELzWl dBMjMBaEOCX5djB+Pah0iFGAg1GJh5dptZOfEGtiWXFl7iFGSQ4mJVFedVlnPyG+pPyUyozE 4oz4otKc1OJDjBIczEoivFLzgMp5UxIrq1KL8mFS0hwsSuK8q3c4+AkJpCeWpGanphakFsFk mTjYDzHKcHAoSfAWAaNfSLAoNT21Ii0zpwRZDSeI4AJZwwO0Rh2kkLe4IDG3ODMdougUoy7H 9cdzjjEKseTl56VKifP6ghQJgBRllObBDQOltfr///9fYpSVEuZlZGBgEOIBugYYCAh5UFp8 xSgODABh3jkgU3gy80rgNr0COoIJ6Ij6Ow4gR5QkIqSkGhhtXgQf3aBt9vhtT/y3hqWC5/i8 amqynMti6nYv1pP6EGJwb5qN8blDP3927Pi7qi4hIXJOwpLzmieM7Ll+PJnb6napc+PHVEOG ja6+Ux5Ebgt81X9zakPV3AMdFQs5pNjPt6i8X76ZufERx1IGLsv9C9Zoxj1ieCT+S2Xy0tc+ h7y1zmeXTF6lxFKckWioxVxUnAgA0KvFEmYDAAA= Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by pch.mit.edu id p7B0Naqe025762 X-Mailman-Approved-At: Thu, 11 Aug 2011 11:15:38 -0400 X-Beenthere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Sender: krb5-bugs-incoming-bounces@PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu X-RT-Original-Encoding: us-ascii Content-Length: 1452 In src/lib/gssapi/spnego/spnego_mech.c for spnego_gss_acquire_cred it has: OM_uint32 spnego_gss_acquire_cred_impersonate_name(OM_uint32 *minor_status, const gss_cred_id_t impersonator_cred_handle, const gss_name_t desired_name, OM_uint32 time_req, gss_OID_set desired_mechs, gss_cred_usage_t cred_usage, gss_cred_id_t *output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *time_rec) ... if (desired_mechs == GSS_C_NO_OID_SET) { status = gss_inquire_cred(minor_status, impersonator_cred_handle, NULL, NULL, NULL, &amechs); desired_mechs = amechs; } imp_spcred = (spnego_gss_cred_id_t)impersonator_cred_handle; impersonator_cred_handle is a mechanism cred, i.e. an spnego_cred_id_t, not a gss_cred_id_t, and you cannot call gss_inquire_cred on it. The assignment to imp_spcred needs to be moved up and gss_inquire_cred needs to be called on imp_spcred->mcred in the same manner as the subsequent gss_acquire_cred_impersonate_name.