[bug-mailutils] Re: [PATCH] IMAP GSS-API fixes

[Simon Josefsson]

The gss_{un,}wrap() can abort with useful errors.  In any case,
ignoring the errors cause it to crash, since outbuf is empty.

2003-05-25  Simon Josefsson  <address@hidden>

        * imap4d/auth_gss.c (auth_gssapi): Abort if GSS (un)wrap fails.

Index: auth_gss.c
===================================================================
RCS file: /cvsroot/mailutils/mailutils/imap4d/auth_gss.c,v
retrieving revision 1.8
diff -u -p -u -w -r1.8 auth_gss.c
--- auth_gss.c  20 May 2003 09:35:40 -0000      1.8
+++ auth_gss.c  24 May 2003 23:09:09 -0000
@@ -190,8 +198,13 @@ auth_gssapi (struct imap4d_command *comm
   sec_level = htonl ((SUPPORTED_P_MECH << 24) | server_buffer_size);
   tokbuf.length = 4;
   tokbuf.value = &sec_level;
-  gss_wrap (&min_stat, context, 0, GSS_C_QOP_DEFAULT,
+  maj_stat = gss_wrap (&min_stat, context, 0, GSS_C_QOP_DEFAULT,
            &tokbuf, &cflags, &outbuf);
+  if (maj_stat != GSS_S_COMPLETE)
+    {
+      display_status ("wrap", maj_stat, min_stat);
+      return RESP_NO;
+    }
   util_base64_encode (outbuf.value, outbuf.length, &tmp, &size);
   util_send ("+ %*.*s\r\n", size, size, tmp);
   free (tmp);
@@ -201,7 +214,13 @@ auth_gssapi (struct imap4d_command *comm
                      (unsigned char **) &tokbuf.value, &tokbuf.length);
   free (token_str);
 
-  gss_unwrap (&min_stat, context, &tokbuf, &outbuf, &cflags, &quality);
+  maj_stat = gss_unwrap (&min_stat, context, &tokbuf, &outbuf,
+                        &cflags, &quality);
+  if (maj_stat != GSS_S_COMPLETE)
+    {
+      display_status ("unwrap", maj_stat, min_stat);
+      return RESP_NO;
+    }
   free (tokbuf.value);
 
   sec_level = ntohl (*(OM_uint32 *) outbuf.value);