static DATA_BLOB gensec_gssapi_gen_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *ticket, const uint8_t tok_id[2])
{
struct asn1_data *data;
- DATA_BLOB ret;
+ DATA_BLOB ret = data_blob_null;
data = asn1_init(mem_ctx);
if (!data || !ticket->data) {
- return data_blob(NULL,0);
+ return ret;
}
- asn1_push_tag(data, ASN1_APPLICATION(0));
- asn1_write_OID(data, GENSEC_OID_KERBEROS5);
+ if (!asn1_push_tag(data, ASN1_APPLICATION(0))) goto err;
+ if (!asn1_write_OID(data, GENSEC_OID_KERBEROS5)) goto err;
- asn1_write(data, tok_id, 2);
- asn1_write(data, ticket->data, ticket->length);
- asn1_pop_tag(data);
+ if (!asn1_write(data, tok_id, 2)) goto err;
+ if (!asn1_write(data, ticket->data, ticket->length)) goto err;
+ if (!asn1_pop_tag(data)) goto err;
- if (data->has_error) {
- DEBUG(1,("Failed to build krb5 wrapper at offset %d\n", (int)data->ofs));
- asn1_free(data);
- return data_blob(NULL,0);
- }
ret = data_blob_talloc(mem_ctx, data->data, data->length);
asn1_free(data);
return ret;
+
+ err:
+
+ DEBUG(1,("Failed to build krb5 wrapper at offset %d\n", (int)data->ofs));
+ asn1_free(data);
+ return ret;
}
/*
*/
static bool gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, DATA_BLOB *ticket, uint8_t tok_id[2])
{
- bool ret;
+ bool ret = false;
struct asn1_data *data = asn1_init(mem_ctx);
int data_remaining;
return false;
}
- asn1_load(data, *blob);
- asn1_start_tag(data, ASN1_APPLICATION(0));
- asn1_check_OID(data, GENSEC_OID_KERBEROS5);
+ if (!asn1_load(data, *blob)) goto err;
+ if (!asn1_start_tag(data, ASN1_APPLICATION(0))) goto err;
+ if (!asn1_check_OID(data, GENSEC_OID_KERBEROS5)) goto err;
data_remaining = asn1_tag_remaining(data);
if (data_remaining < 3) {
data->has_error = true;
} else {
- asn1_read(data, tok_id, 2);
+ if (!asn1_read(data, tok_id, 2)) goto err;
data_remaining -= 2;
*ticket = data_blob_talloc(mem_ctx, NULL, data_remaining);
- asn1_read(data, ticket->data, ticket->length);
+ if (!asn1_read(data, ticket->data, ticket->length)) goto err;
}
- asn1_end_tag(data);
+ if (!asn1_end_tag(data)) goto err;
ret = !data->has_error;
+ err:
+
asn1_free(data);
return ret;