better propagation of bad name token errors

diff --git a/mech_eap/gsseap_err.et b/mech_eap/gsseap_err.et
index 5dfa3d4..8349773 100644 (file)
--- a/mech_eap/gsseap_err.et
+++ b/mech_eap/gsseap_err.et
@@ -70,6 +70,7 @@ error_code GSSEAP_BAD_SERVICE_NAME,             "Name is not a valid service nam
 error_code GSSEAP_BAD_INITIATOR_NAME,           "Initiator identity must be a valid name"
 error_code GSSEAP_NO_HOSTNAME,                  "Could not determine local host name"
 error_code GSSEAP_NO_ACCEPTOR_NAME,             "Could not determine acceptor identity"
+error_code GSSEAP_BAD_NAME_TOKEN,               "Name token is malformed or corrupt"
 
 #
 # Credential errors

diff --git a/mech_eap/util_attr.cpp b/mech_eap/util_attr.cpp
index 9868958..9cdcc20 100644 (file)
--- a/mech_eap/util_attr.cpp
+++ b/mech_eap/util_attr.cpp
@@ -684,6 +684,10 @@ gss_eap_attr_ctx::mapException(OM_uint32 *minor, std::exception &e) const
     if (typeid(e) == typeid(std::bad_alloc)) {
         *minor = ENOMEM;
         goto cleanup;
+    } else if (typeid(e) == typeid(std::runtime_error)) {
+        major = GSS_S_BAD_NAME;
+        *minor = GSSEAP_BAD_ATTR_TOKEN;
+        goto cleanup;
     }
 
     /* Errors we delegate to providers */
@@ -1014,7 +1018,7 @@ gssEapImportAttrContext(OM_uint32 *minor,
             if (!ctx->initFromBuffer(buffer)) {
                 delete ctx;
                 *minor = GSSEAP_BAD_ATTR_TOKEN;
-                return GSS_S_DEFECTIVE_TOKEN;
+                return GSS_S_BAD_NAME;
             }
             name->attrCtx = ctx;
         } catch (std::exception &e) {

diff --git a/mech_eap/util_name.c b/mech_eap/util_name.c
index aeef333..7950d0b 100644 (file)
--- a/mech_eap/util_name.c
+++ b/mech_eap/util_name.c
@@ -355,8 +355,10 @@ gssEapImportNameInternal(OM_uint32 *minor,
         gss_OID_desc mech;
 
         /* TOK_ID || MECH_OID_LEN || MECH_OID */
-        if (remain < 6)
+        if (remain < 6) {
+            *minor = GSSEAP_BAD_NAME_TOKEN;
             return GSS_S_BAD_NAME;
+        }
 
         if (flags & EXPORT_NAME_FLAG_COMPOSITE)
             tokType = TOK_TYPE_EXPORT_NAME_COMPOSITE;
@@ -364,19 +366,25 @@ gssEapImportNameInternal(OM_uint32 *minor,
             tokType = TOK_TYPE_EXPORT_NAME;
 
         /* TOK_ID */
-        if (load_uint16_be(p) != tokType)
+        if (load_uint16_be(p) != tokType) {
+            *minor = GSSEAP_WRONG_TOK_ID;
             return GSS_S_BAD_NAME;
+        }
         UPDATE_REMAIN(2);
 
         /* MECH_OID_LEN */
         len = load_uint16_be(p);
-        if (len < 2)
+        if (len < 2) {
+            *minor = GSSEAP_BAD_NAME_TOKEN;
             return GSS_S_BAD_NAME;
+        }
         UPDATE_REMAIN(2);
 
         /* MECH_OID */
-        if (p[0] != 0x06)
+        if (p[0] != 0x06) {
+            *minor = GSSEAP_BAD_NAME_TOKEN;
             return GSS_S_BAD_NAME;
+        }
 
         mech.length = p[1];
         mech.elements = &p[2];