Commit f52ee2f7 authored by Kevin J. McCarthy's avatar Kevin J. McCarthy

Remove trailing null count from gss_buffer_desc.length field.

RFC 2744 section 3.2.2 clearly states that trailing NULL characters
are not to be included in the length field, and are not to be assumed
to be present in the value field.

Thanks to Greg Hudson, who recently debugged this same issue with
fetchmail, and kindly took the time to look at Mutt's code too.
parent a550d535
......@@ -59,7 +59,9 @@ static void print_gss_error(OM_uint32 err_maj, OM_uint32 err_min)
&status_string);
if (GSS_ERROR(maj_stat))
break;
strncpy(buf_maj, (char*) status_string.value, sizeof(buf_maj));
strfcpy(buf_maj, (char*) status_string.value, sizeof(buf_maj));
if (status_string.length < sizeof(buf_maj))
buf_maj[status_string.length] = '\0';
gss_release_buffer(&min_stat, &status_string);
maj_stat = gss_display_status (&min_stat,
......@@ -70,7 +72,9 @@ static void print_gss_error(OM_uint32 err_maj, OM_uint32 err_min)
&status_string);
if (!GSS_ERROR(maj_stat))
{
strncpy(buf_min, (char*) status_string.value, sizeof(buf_min));
strfcpy(buf_min, (char*) status_string.value, sizeof(buf_min));
if (status_string.length < sizeof(buf_min))
buf_min[status_string.length] = '\0';
gss_release_buffer(&min_stat, &status_string);
}
} while (!GSS_ERROR(maj_stat) && msg_ctx != 0);
......@@ -105,7 +109,7 @@ imap_auth_res_t imap_auth_gss (IMAP_DATA* idata, const char* method)
/* get an IMAP service ticket for the server */
snprintf (buf1, sizeof (buf1), "imap@%s", idata->conn->account.host);
request_buf.value = buf1;
request_buf.length = strlen (buf1) + 1;
request_buf.length = strlen (buf1);
maj_stat = gss_import_name (&min_stat, &request_buf, gss_nt_service_name,
&target_name);
if (maj_stat != GSS_S_COMPLETE)
......@@ -258,7 +262,7 @@ imap_auth_res_t imap_auth_gss (IMAP_DATA* idata, const char* method)
/* server decides if principal can log in as user */
strncpy (buf1 + 4, idata->conn->account.user, sizeof (buf1) - 4);
request_buf.value = buf1;
request_buf.length = 4 + strlen (idata->conn->account.user) + 1;
request_buf.length = 4 + strlen (idata->conn->account.user);
maj_stat = gss_wrap (&min_stat, context, 0, GSS_C_QOP_DEFAULT, &request_buf,
&cflags, &send_token);
if (maj_stat != GSS_S_COMPLETE)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment