summaryrefslogtreecommitdiff
path: root/security/cyrus-sasl2/patches/patch-ap
blob: d5d9bd4043a49f085286467db55710f5c8222f42 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
$NetBSD: patch-ap,v 1.2 2004/07/08 21:11:26 recht Exp $

--- plugins/gssapi.c.orig	Fri Feb  6 18:23:51 2004
+++ plugins/gssapi.c	Wed Jul  7 12:09:07 2004
@@ -990,8 +990,14 @@
 					    GSS_C_QOP_DEFAULT,
 					    (OM_uint32) oparams->maxoutbuf,
 					    &max_input);
-	    
-	    oparams->maxoutbuf -= (max_input - oparams->maxoutbuf);
+
+	    if(max_input > oparams->maxoutbuf) {
+		/* Heimdal appears to get this wrong */
+		oparams->maxoutbuf -= (max_input - oparams->maxoutbuf);
+	    } else {
+		/* This code is actually correct */
+		oparams->maxoutbuf = max_input;
+	    }    
 	}
 	
 	gss_release_buffer(&min_stat, output_token);
@@ -1134,6 +1140,7 @@
     gss_buffer_t input_token, output_token;
     gss_buffer_desc real_input_token, real_output_token;
     OM_uint32 maj_stat = 0, min_stat = 0;
+    OM_uint32 max_input;
     gss_buffer_desc name_token;
     int ret;
     OM_uint32 req_flags, out_req_flags;
@@ -1418,8 +1425,20 @@
             (((unsigned char *) output_token->value)[3] << 0);
 
 	if(oparams->mech_ssf) {
-	    /* xxx probably too large */
-	    oparams->maxoutbuf -= 50;
+            maj_stat = gss_wrap_size_limit( &min_stat,
+                                            text->gss_ctx,
+                                            1,
+                                            GSS_C_QOP_DEFAULT,
+                                            (OM_uint32) oparams->maxoutbuf,
+                                            &max_input);
+
+	    if(max_input > oparams->maxoutbuf) {
+		/* Heimdal appears to get this wrong */
+		oparams->maxoutbuf -= (max_input - oparams->maxoutbuf);
+	    } else {
+		/* This code is actually correct */
+		oparams->maxoutbuf = max_input;
+	    }
 	}
 	
 	gss_release_buffer(&min_stat, output_token);