diff options
author | Daniel Stenberg <daniel@haxx.se> | 2024-01-25 16:10:03 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2024-01-25 22:32:53 +0100 |
commit | 31db4bfa730303120e5ee81d054c7edff2d9627f (patch) | |
tree | 9647c26d27ca9d46e43c4f618e0410d28d518148 | |
parent | 73c4aaa2c09272581233625b2b5d45c1f37402f6 (diff) | |
download | curl-31db4bfa730303120e5ee81d054c7edff2d9627f.tar.gz |
krb5: access the response buffer correctly
As the pingpong code no longer uses the download buffer.
Folllow-up to c2d973627bab12ab
Pointed-out-by: Stefan Eissing
Closes #12796
-rw-r--r-- | lib/krb5.c | 32 |
1 files changed, 21 insertions, 11 deletions
diff --git a/lib/krb5.c b/lib/krb5.c index 19f0f0cf1..b334ae2f4 100644 --- a/lib/krb5.c +++ b/lib/krb5.c @@ -235,9 +235,12 @@ krb5_auth(void *app_data, struct Curl_easy *data, struct connectdata *conn) if(Curl_GetFTPResponse(data, &nread, NULL)) return -1; - - if(data->state.buffer[0] != '3') - return -1; + else { + struct pingpong *pp = &conn->proto.ftpc.pp; + char *line = Curl_dyn_ptr(&pp->recvbuf); + if(line[0] != '3') + return -1; + } } stringp = aprintf("%s@%s", service, host); @@ -321,15 +324,19 @@ krb5_auth(void *app_data, struct Curl_easy *data, struct connectdata *conn) ret = -1; break; } - - if(data->state.buffer[0] != '2' && data->state.buffer[0] != '3') { - infof(data, "Server didn't accept auth data"); - ret = AUTH_ERROR; - break; + else { + struct pingpong *pp = &conn->proto.ftpc.pp; + size_t len = Curl_dyn_len(&pp->recvbuf); + p = Curl_dyn_ptr(&pp->recvbuf); + if((len < 4) || (p[0] != '2' && p[0] != '3')) { + infof(data, "Server didn't accept auth data"); + ret = AUTH_ERROR; + break; + } } _gssresp.value = NULL; /* make sure it is initialized */ - p = data->state.buffer + 4; + p += 4; /* over '789 ' */ p = strstr(p, "ADAT="); if(p) { result = Curl_base64_decode(p + 5, @@ -748,6 +755,8 @@ static int sec_set_protection_level(struct Curl_easy *data) if(level) { char *pbsz; unsigned int buffer_size = 1 << 20; /* 1048576 */ + struct pingpong *pp = &conn->proto.ftpc.pp; + char *line; code = ftp_send_command(data, "PBSZ %u", buffer_size); if(code < 0) @@ -759,10 +768,11 @@ static int sec_set_protection_level(struct Curl_easy *data) } conn->buffer_size = buffer_size; - pbsz = strstr(data->state.buffer, "PBSZ="); + line = Curl_dyn_ptr(&pp->recvbuf); + pbsz = strstr(line, "PBSZ="); if(pbsz) { /* stick to default value if the check fails */ - if(!strncmp(pbsz, "PBSZ=", 5) && ISDIGIT(pbsz[5])) + if(ISDIGIT(pbsz[5])) buffer_size = atoi(&pbsz[5]); if(buffer_size < conn->buffer_size) conn->buffer_size = buffer_size; |