error handling fixes

diff --git a/gsseap_err.et b/gsseap_err.et
index 5a6a493..a7d6bd7 100644 (file)
--- a/gsseap_err.et
+++ b/gsseap_err.et
@@ -61,5 +61,6 @@ error_code GSSEAP_ATTR_CONTEXT_FAILURE,     "Failed to initialise attribute cont
 error_code GSSEAP_BAD_CONTEXT_TOKEN,        "Context token is malformed or corrupt"
 error_code GSSEAP_MISSING_IOV,              "IOV is missing required buffer"
 error_code GSSEAP_BAD_STREAM_IOV,           "Stream IOV can only contain a single data buffer"
+error_code GSSEAP_BAD_PRF_KEY,              "PRF key usage type is unknown"
 
 end

diff --git a/pseudo_random.c b/pseudo_random.c
index 7895060..3440055 100644 (file)
--- a/pseudo_random.c
+++ b/pseudo_random.c
@@ -99,7 +99,7 @@ gss_pseudo_random(OM_uint32 *minor,
 
     if (prf_key != GSS_C_PRF_KEY_PARTIAL &&
         prf_key != GSS_C_PRF_KEY_FULL) {
-        code = EINVAL;
+        code = GSSEAP_BAD_PRF_KEY;
         goto cleanup;
     }
 

diff --git a/set_cred_option.c b/set_cred_option.c
index f73564e..95ec6a4 100644 (file)
--- a/set_cred_option.c
+++ b/set_cred_option.c
@@ -89,11 +89,16 @@ setCredFlag(OM_uint32 *minor,
     OM_uint32 flags;
     unsigned char *p;
 
-    if (buffer == GSS_C_NO_BUFFER || buffer->length < 4) {
+    if (buffer == GSS_C_NO_BUFFER) {
         *minor = EINVAL;
         return GSS_S_FAILURE;
     }
 
+    if (buffer->length < 4) {
+        *minor = GSSEAP_WRONG_SIZE;
+        return GSS_S_FAILURE;
+    }
+
     p = (unsigned char *)buffer->value;
 
     flags = load_uint32_be(buffer->value) & CRED_FLAG_PUBLIC_MASK;

diff --git a/util_name.c b/util_name.c
index b3f061f..c920d65 100644 (file)
--- a/util_name.c
+++ b/util_name.c
@@ -166,10 +166,10 @@ importServiceName(OM_uint32 *minor,
     }
 
     /* XXX this is probably NOT what we want to be doing */
-    *minor = krb5_sname_to_principal(krbContext, host, service,
-                                     KRB5_NT_SRV_HST, &krbPrinc);
-    if (*minor != 0) {
+    if (krb5_sname_to_principal(krbContext, host, service,
+                                KRB5_NT_SRV_HST, &krbPrinc) != 0) {
         GSSEAP_FREE(service);
+        *minor = GSSEAP_BAD_SERVICE_NAME;
         return GSS_S_FAILURE;
     }
 

diff --git a/util_oid.c b/util_oid.c
index 45c37d8..687943d 100644 (file)
--- a/util_oid.c
+++ b/util_oid.c
@@ -116,7 +116,7 @@ composeOid(OM_uint32 *minor,
     suffix = osuffix;
 
     if (oid->length < prefix_len + nbytes) {
-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;
         return GSS_S_FAILURE;
     }
 

diff --git a/util_ordering.c b/util_ordering.c
index 3427881..c58ac6c 100644 (file)
--- a/util_ordering.c
+++ b/util_ordering.c
@@ -264,7 +264,7 @@ sequenceExternalize(OM_uint32 *minor,
                     size_t *lenremain)
 {
     if (*lenremain < sizeof(queue)) {
-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;
         return GSS_S_FAILURE;
     }
     memcpy(*buf, vqueue, sizeof(queue));
@@ -283,7 +283,7 @@ sequenceInternalize(OM_uint32 *minor,
     void *q;
 
     if (*lenremain < sizeof(queue)) {
-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;
         return GSS_S_DEFECTIVE_TOKEN;
     }