X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mod_auth_gssapi.git;a=blobdiff_plain;f=src%2Fmod_auth_gssapi.c;h=4f21123a4caa56d748307055be73099cc9a63dc0;hp=db87c106f42c46171416b629bc8c52aac13b9c9a;hb=e9c92795d87a316ea47f6bf37c9636e86eec57e7;hpb=3effbe272147674cf92c13b387373a60f2cbbacf

diff --git a/src/mod_auth_gssapi.c b/src/mod_auth_gssapi.c
index db87c10..4f21123 100644
--- a/src/mod_auth_gssapi.c
+++ b/src/mod_auth_gssapi.c
@@ -185,7 +185,7 @@ static int mag_auth(request_rec *req)
     gss_name_t server = GSS_C_NO_NAME;
 #ifdef HAVE_GSS_KRB5_CCACHE_NAME
     const char *user_ccache = NULL;
-    char *orig_ccache = NULL;
+    const char *orig_ccache = NULL;
 #endif
 
     type = ap_auth_type(req);
@@ -301,8 +301,7 @@ static int mag_auth(request_rec *req)
             goto done;
         }
         user_ccache = apr_psprintf(req->pool, "MEMORY:user_%qu", rndname);
-        maj = gss_krb5_ccache_name(&min, user_ccache,
-                                   (const char **)&orig_ccache);
+        maj = gss_krb5_ccache_name(&min, user_ccache, &orig_ccache);
         if (GSS_ERROR(maj)) {
             ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, req,
                           "In Basic Auth, %s",
@@ -516,8 +515,6 @@ done:
                                     "failed", maj, min));
         }
     }
-    free(orig_ccache);
-    orig_ccache = NULL;
 #endif
     gss_delete_sec_context(&min, &user_ctx, &output);
     gss_release_cred(&min, &user_cred);
@@ -589,7 +586,7 @@ static const char *mag_use_s4u2p(cmd_parms *parms, void *mconfig, int on)
 static const char *mag_sess_key(cmd_parms *parms, void *mconfig, const char *w)
 {
     struct mag_config *cfg = (struct mag_config *)mconfig;
-    struct databuf keys;
+    struct databuf key;
     unsigned char *val;
     apr_status_t rc;
     const char *k;
@@ -610,16 +607,16 @@ static const char *mag_sess_key(cmd_parms *parms, void *mconfig, const char *w)
         return NULL;
     }
 
-    keys.length = (int)apr_base64_decode_binary(val, k);
-    keys.value = (unsigned char *)val;
+    key.length = (int)apr_base64_decode_binary(val, k);
+    key.value = (unsigned char *)val;
 
-    if (keys.length != 32) {
+    if (key.length < 32) {
         ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, parms->server,
-                     "Invalid key lenght, expected 32 got %d", keys.length);
+                     "Invalid key length, expected >=32 got %d", key.length);
         return NULL;
     }
 
-    rc = SEAL_KEY_CREATE(cfg->pool, &cfg->mag_skey, &keys);
+    rc = SEAL_KEY_CREATE(cfg->pool, &cfg->mag_skey, &key);
     if (rc != OK) {
         ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, parms->server,
                      "Failed to import sealing key!");