OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=36

2008-08-01 23:11:46 +00:00 · 2008-08-01 23:11:46 +00:00 · f3bf4312fc
commit f3bf4312fc
parent d5c17a28f6
5 changed files with 207 additions and 3 deletions
--- a/krb5-1.6.3-post.dif
+++ b/krb5-1.6.3-post.dif
@ -2867,3 +2867,190 @@ Index: src/util/profile/prof_init.c
 	    for (fs = files; !PROFILE_LAST_FILESPEC(*fs); fs++) {
 		retval = profile_open_file(*fs, &new_file);
 		/* if this file is missing, skip to the next */
+Index: src/kdc/network.c
+===================================================================
+--- src/kdc/network.c	(Revision 20580)
+++ src/kdc/network.c	(Revision 20587)
+@@ -277,6 +277,12 @@
+     struct connection *newconn;
+     void *tmp;
+ 
+    if (sock > FD_SETSIZE) {
+	data->retval = EMFILE;	/* XXX */
+	com_err(data->prog, 0,
+		"file descriptor number %d too high", sock);
+	return 0;
+    }
+     newconn = malloc(sizeof(*newconn));
+     if (newconn == 0) {
+ 	data->retval = errno;
+@@ -360,6 +366,12 @@
+ 		paddr(addr));
+ 	return -1;
+     }
+    if (sock > FD_SETSIZE) {
+	close(sock);
+	com_err(data->prog, 0, "TCP socket fd number %d (for %s) too high",
+		sock, paddr(addr));
+	return -1;
+    }
+     if (setreuseaddr(sock, 1) < 0)
+ 	com_err(data->prog, errno,
+ 		"Cannot enable SO_REUSEADDR on fd %d", sock);
+@@ -791,6 +803,10 @@
+     s = accept(conn->fd, addr, &addrlen);
+     if (s < 0)
+ 	return;
+    if (s > FD_SETSIZE) {
+	close(s);
+	return;
+    }
+     setnbio(s), setnolinger(s);
+ 
+     sockdata.prog = prog;
+Index: src/lib/gssapi/krb5/accept_sec_context.c
+===================================================================
+--- src/lib/gssapi/krb5/accept_sec_context.c	(Revision 20580)
+++ src/lib/gssapi/krb5/accept_sec_context.c	(Revision 20587)
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright 2000, 2004  by the Massachusetts Institute of Technology.
+ * Copyright 2000, 2004, 2008 by the Massachusetts Institute of Technology.
+  * All Rights Reserved.
+  *
+  * Export of this software from the United States of America may
+@@ -249,6 +249,7 @@
+    krb5_data option;
+    const gss_OID_desc *mech_used = NULL;
+    OM_uint32 major_status = GSS_S_FAILURE;
+   OM_uint32 tmp_minor_status;
+    krb5_error krb_error_data;
+    krb5_data scratch;
+    gss_cred_id_t cred_handle = NULL;
+@@ -903,13 +904,14 @@
+ 
+    if (!GSS_ERROR(major_status) && major_status != GSS_S_CONTINUE_NEEDED) {
+        ctx->k5_context = context;
+-       return(major_status);
+       context = NULL;
+       goto done;
+    }
+ 
+    /* from here on is the real "fail" code */
+ 
+    if (ctx)
+-       (void) krb5_gss_delete_sec_context(minor_status, 
+       (void) krb5_gss_delete_sec_context(&tmp_minor_status, 
+ 					  (gss_ctx_id_t *) &ctx, NULL);
+    if (deleg_cred) { /* free memory associated with the deleg credential */
+        if (deleg_cred->ccache)
+@@ -936,10 +938,9 @@
+    if (decode_req_message) {
+        krb5_ap_req 	* request;
+ 	   
+-       if (decode_krb5_ap_req(&ap_req, &request)) {
+-	   krb5_free_context(context);
+-	   return (major_status);
+-       }
+       if (decode_krb5_ap_req(&ap_req, &request))
+	   goto done;
+
+        if (request->ap_options & AP_OPTS_MUTUAL_REQUIRED)
+ 	   gss_flags |= GSS_C_MUTUAL_FLAG;
+        krb5_free_ap_req(context, request);
+@@ -967,20 +968,16 @@
+        krb_error_data.server = cred->princ;
+ 
+        code = krb5_mk_error(context, &krb_error_data, &scratch);
+-       if (code) {
+-	   krb5_free_context(context);
+-	   return (major_status);
+-       }
+       if (code)
+           goto done;
+ 
+        tmsglen = scratch.length;
+        toktype = KG_TOK_CTX_ERROR;
+ 
+        token.length = g_token_size(mech_used, tmsglen);
+        token.value = (unsigned char *) xmalloc(token.length);
+-       if (!token.value) {
+-	   krb5_free_context(context);
+-	   return (major_status);
+-       }
+       if (!token.value) 
+           goto done;
+ 
+        ptr = token.value;
+        g_make_token_header(mech_used, tmsglen, &ptr, toktype);
+@@ -990,9 +987,13 @@
+ 
+        *output_token = token;
+    }
+
+  done:
+    if (!verifier_cred_handle && cred_handle) {
+-	   krb5_gss_release_cred(minor_status, &cred_handle);
+       krb5_gss_release_cred(&tmp_minor_status, &cred_handle);
+    }
+-   krb5_free_context(context);
+   if (context) {
+       krb5_free_context(context);
+   }
+    return (major_status);
+ }
+Index: src/lib/comerr32.def
+===================================================================
+--- src/lib/comerr32.def	(Revision 20580)
+++ src/lib/comerr32.def	(Revision 20587)
+@@ -3,10 +3,10 @@
+ HEAPSIZE	8192
+ 
+ EXPORTS
+-	com_err
+-	com_err_va
+-	error_message
+-	add_error_table
+-	remove_error_table
+-	set_com_err_hook
+-	reset_com_err_hook
+	com_err			@2
+	com_err_va		@3
+	error_message		@4
+	add_error_table	   	@1
+	remove_error_table	@5
+	set_com_err_hook	@6
+	reset_com_err_hook	@7
+Index: src/lib/kadm5/srv/svr_principal.c
+===================================================================
+--- src/lib/kadm5/srv/svr_principal.c	(Revision 20580)
+++ src/lib/kadm5/srv/svr_principal.c	(Revision 20587)
+@@ -2099,7 +2099,8 @@
+      * inexact match on the enctype; this behavior will go away when
+      * the key storage architecture gets redesigned for 1.3.
+      */
+-    keyblock->enctype = ktype;
+    if (ktype != -1)
+        keyblock->enctype = ktype;
+ 
+     if (kvnop)
+ 	 *kvnop = key_data->key_data_kvno;
+Index: src/lib/krb5/os/sendto_kdc.c
+===================================================================
+--- src/lib/krb5/os/sendto_kdc.c	(Revision 20580)
+++ src/lib/krb5/os/sendto_kdc.c	(Revision 20587)
+@@ -654,6 +654,12 @@
+ 	dprint("socket: %m creating with af %d\n", state->err, ai->ai_family);
+ 	return -1;		/* try other hosts */
+     }
+    if (fd >= FD_SETSIZE) {
+	close(fd);
+	state->err = EMFILE;
+	dprint("socket: fd %d too high\n", fd);
+	return -1;
+    }
+     /* Make it non-blocking.  */
+     if (ai->ai_socktype == SOCK_STREAM) {
+ 	static const int one = 1;
+
+
--- a/krb5-doc.spec
+++ b/krb5-doc.spec
@ -14,7 +14,7 @@
 Name:           krb5-doc
 BuildRequires:  ghostscript-library latex2html texlive
 Version:        1.6.3
-Release:        96
+Release:        101
 %define srcRoot krb5-1.6.3
 Summary:        MIT Kerberos5 Implementation--Documentation
 License:        X11/MIT
--- a/krb5-plugins.spec
+++ b/krb5-plugins.spec
@ -14,7 +14,7 @@

 Name:           krb5-plugins
 Version:        1.6.3
-Release:        11
+Release:        12
 BuildRequires:  bison krb5-devel ncurses-devel openldap2-devel
 %define srcRoot krb5-1.6.3
 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
--- a/krb5.changes
+++ b/krb5.changes
@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Mon Jul 28 10:43:29 CEST 2008 - mc@suse.de
+
+- add new fixes to post 1.6.3 patch
+  * fix mem leak in krb5_gss_accept_sec_context()
+  * keep minor_status
+  * kadm5_decrypt_key: A ktype of -1 is documented as meaning 
+    "to be ignored" 
+  * Reject socket fds > FD_SETSIZE
+
 -------------------------------------------------------------------
 Fri Jul 25 12:13:24 CEST 2008 - mc@suse.de

--- a/krb5.spec
+++ b/krb5.spec
@ -13,7 +13,7 @@

 Name:           krb5
 Version:        1.6.3
-Release:        58
+Release:        62
 BuildRequires:  bison libcom_err-devel ncurses-devel
 %if %{suse_version} > 1010
 BuildRequires:  keyutils keyutils-devel
@ -554,6 +554,13 @@ rm -rf %{buildroot}
 %{_mandir}/man1/krb5-config.1*

 %changelog
+* Mon Jul 28 2008 mc@suse.de
+- add new fixes to post 1.6.3 patch
+  * fix mem leak in krb5_gss_accept_sec_context()
+  * keep minor_status
+  * kadm5_decrypt_key: A ktype of -1 is documented as meaning
+  "to be ignored"
+  * Reject socket fds > FD_SETSIZE
 * Fri Jul 25 2008 mc@suse.de
 - add patches from SVN post 1.6.3
  * krb5_string_to_keysalts: Fix an infinite loop