Module Name: src Committed By: tteras Date: Fri Sep 18 10:32:48 UTC 2009
Modified Files: src/crypto/dist/ipsec-tools/src/racoon [ipsec-tools-0_7-branch]: isakmp_agg.c isakmp_ident.c Log Message: >From Tomas Mraz: Fix gssapi error checking. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.9.6.1 \ src/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c cvs rdiff -u -r1.6 -r1.6.6.1 \ src/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c diff -u src/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c:1.9 src/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c:1.9.6.1 --- src/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c:1.9 Sat Sep 30 21:49:37 2006 +++ src/crypto/dist/ipsec-tools/src/racoon/isakmp_agg.c Fri Sep 18 10:32:48 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: isakmp_agg.c,v 1.9 2006/09/30 21:49:37 manu Exp $ */ +/* $NetBSD: isakmp_agg.c,v 1.9.6.1 2009/09/18 10:32:48 tteras Exp $ */ /* Id: isakmp_agg.c,v 1.28 2006/04/06 16:46:08 manubsd Exp */ @@ -246,7 +246,11 @@ #ifdef HAVE_GSSAPI if (RMAUTHMETHOD(iph1) == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) { - gssapi_get_token_to_send(iph1, &gsstoken); + if (gssapi_get_token_to_send(iph1, &gsstoken) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "Failed to get gssapi token.\n"); + goto end; + } plist = isakmp_plist_append(plist, gsstoken, ISAKMP_NPTYPE_GSS); } #endif @@ -1254,7 +1258,11 @@ iph1->id, ISAKMP_NPTYPE_ID); /* create GSS payload */ - gssapi_get_token_to_send(iph1, &gsstoken); + if (gssapi_get_token_to_send(iph1, &gsstoken) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "Failed to get gssapi token.\n"); + goto end; + } plist = isakmp_plist_append(plist, gsstoken, ISAKMP_NPTYPE_GSS); Index: src/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c diff -u src/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c:1.6 src/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c:1.6.6.1 --- src/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c:1.6 Mon Oct 2 21:41:59 2006 +++ src/crypto/dist/ipsec-tools/src/racoon/isakmp_ident.c Fri Sep 18 10:32:48 2009 @@ -1,4 +1,4 @@ -/* $NetBSD: isakmp_ident.c,v 1.6 2006/10/02 21:41:59 manu Exp $ */ +/* $NetBSD: isakmp_ident.c,v 1.6.6.1 2009/09/18 10:32:48 tteras Exp $ */ /* Id: isakmp_ident.c,v 1.21 2006/04/06 16:46:08 manubsd Exp */ @@ -1721,7 +1721,11 @@ #ifdef HAVE_GSSAPI if (AUTHMETHOD(iph1) == OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB) - gssapi_get_token_to_send(iph1, &gsstoken); + if (gssapi_get_token_to_send(iph1, &gsstoken) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "Failed to get gssapi token.\n"); + goto end; + } #endif /* create isakmp KE payload */ @@ -1891,7 +1895,11 @@ if (gsshash == NULL) goto end; } else { - gssapi_get_token_to_send(iph1, &gsstoken); + if (gssapi_get_token_to_send(iph1, &gsstoken) < 0) { + plog(LLV_ERROR, LOCATION, NULL, + "Failed to get gssapi token.\n"); + goto end; + } } if (!gssapi_id_sent(iph1)) {