From 2c7c51a966fc7f31b66d1b980daea7302e7621d6 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Sat, 14 Apr 2018 20:43:54 +0200 Subject: Abort GSSAPI authentication properly in more situations. --- gssapi.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gssapi.c b/gssapi.c index 85f19a66..31a990e0 100644 --- a/gssapi.c +++ b/gssapi.c @@ -241,7 +241,7 @@ cancelfail: decode_status("gss_unwrap", maj_stat, min_stat, stderr); report(stderr, GT_("Couldn't unwrap security level data\n")); gss_release_buffer(&min_stat, &send_token); - return PS_AUTHFAIL; + goto cancelfail; } if (outlevel >= O_DEBUG) report(stdout, GT_("Credential exchange complete\n")); @@ -250,7 +250,7 @@ cancelfail: if ( !(((char *)send_token.value)[0] & GSSAUTH_P_NONE) ) { report(stderr, GT_("Server requires integrity and/or privacy\n")); gss_release_buffer(&min_stat, &send_token); - return PS_AUTHFAIL; + goto cancelfail; } ((char *)send_token.value)[0] = 0; buf_size = ntohl(*((long *)send_token.value)); @@ -280,7 +280,7 @@ cancelfail: &cflags, &send_token); if (maj_stat != GSS_S_COMPLETE) { report(stderr, GT_("Error creating security level request\n")); - return PS_AUTHFAIL; + goto cancelfail; } if ((send_token.length + 3) * 4/3 >= sizeof(buf1) - 1) { report(stderr, GT_("GSSAPI send_token too large (%llu) while sending username.\n"), (unsigned long long)send_token.length); -- cgit v1.2.3