X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=src%2Fmod_auth_kerb.c;h=cf2a8319a778c8e1a58e4ea9991d60f04a6f6c56;hb=b986cb63b02d937d5a4f8f8972508446015c8d4d;hp=32a84eac3c69dc81bd23d1c895800684c72345df;hpb=78f67298a35cf5e8a8c3d73f8d11ff826901b16d;p=mod_auth_kerb.git diff --git a/src/mod_auth_kerb.c b/src/mod_auth_kerb.c index 32a84ea..cf2a831 100644 --- a/src/mod_auth_kerb.c +++ b/src/mod_auth_kerb.c @@ -880,11 +880,20 @@ authenticate_user_gss(request_rec *r, ap_register_cleanup(r->connection->pool, gss_connection, cleanup_gss_connection, ap_null_cleanup); } - if (conf->krb_5_keytab) - /* use really strcat(), since the string passed to putenv() will become - * part of the enviroment and shouldn't be free()ed by apache */ - /* XXX space isn't allocated !!! */ - putenv(strcat("KRB5_KTNAME=", conf->krb_5_keytab)); + if (conf->krb_5_keytab) { + char *ktname; + /* we don't use the ap_* calls here, since the string passed to putenv() + * will become part of the enviroment and shouldn't be free()ed by apache + */ + ktname = malloc(strlen("KRB5_KTNAME=") + strlen(conf->krb_5_keytab) + 1); + if (ktname == NULL) { + log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "malloc() failed: not enough memory"); + ret = HTTP_INTERNAL_SERVER_ERROR; + goto end; + } + sprintf(ktname, "KRB5_KTNAME=%s", conf->krb_5_keytab); + putenv(ktname); + } if (gss_connection->server_creds == GSS_C_NO_CREDENTIAL) { ret = get_gss_creds(r, conf, &gss_connection->server_creds); @@ -1013,7 +1022,7 @@ note_kerb_auth_failure(request_rec *r, const kerb_auth_config *conf, /* XXX should the WWW-Authenticate header be cleared first? */ #ifdef KRB5 if (use_krb5 && conf->krb_method_gssapi) - ap_table_add(r->err_headers_out, "WWW-Authenticate", "Negotiate "); + ap_table_add(r->err_headers_out, "WWW-Authenticate", "Negotiate"); if (use_krb5 && conf->krb_method_k5pass) { ap_table_add(r->err_headers_out, "WWW-Authenticate", ap_pstrcat(r->pool, "Basic realm=\"", auth_name, "\"", NULL));