From 06412c7fafc535ac3c20634f37e5d95fd02004a6f7e870b3ffc294dccfc45e67 Mon Sep 17 00:00:00 2001
From: OBS User unknown <null@suse.de>
Date: Fri, 11 May 2007 08:36:44 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/openSUSE:Factory/krb5?expand=0&rev=17

---
 krb5-1.4.3-extra-check-kt_file.c.dif | 15 +++++++++++++++
 krb5-1.6.1-init-salt-length.dif      | 14 ++++++++++++++
 krb5-doc.spec                        |  2 +-
 krb5-plugins.changes                 |  6 ++++++
 krb5-plugins.spec                    |  9 ++++++++-
 krb5.changes                         |  6 ++++++
 krb5.spec                            |  9 ++++++++-
 7 files changed, 58 insertions(+), 3 deletions(-)
 create mode 100644 krb5-1.4.3-extra-check-kt_file.c.dif
 create mode 100644 krb5-1.6.1-init-salt-length.dif

diff --git a/krb5-1.4.3-extra-check-kt_file.c.dif b/krb5-1.4.3-extra-check-kt_file.c.dif
new file mode 100644
index 0000000..af68a6d
--- /dev/null
+++ b/krb5-1.4.3-extra-check-kt_file.c.dif
@@ -0,0 +1,15 @@
+Index: src/lib/krb5/keytab/kt_file.c
+===================================================================
+--- src/lib/krb5/keytab/kt_file.c.orig
++++ src/lib/krb5/keytab/kt_file.c
+@@ -461,6 +461,10 @@ krb5_ktfile_get_next(krb5_context contex
+     kerror = KTLOCK(id);
+     if (kerror)
+ 	return kerror;
++    if (KTFILEP(id) == NULL) {
++	KTUNLOCK(id);
++	return KRB5_KT_IOERR;
++    }
+     if (fseek(KTFILEP(id), *fileoff, 0) == -1) {
+ 	KTUNLOCK(id);
+ 	return KRB5_KT_END;
diff --git a/krb5-1.6.1-init-salt-length.dif b/krb5-1.6.1-init-salt-length.dif
new file mode 100644
index 0000000..fdfbf7f
--- /dev/null
+++ b/krb5-1.6.1-init-salt-length.dif
@@ -0,0 +1,14 @@
+Index: src/lib/krb5/asn.1/ldap_key_seq.c
+===================================================================
+--- src/lib/krb5/asn.1/ldap_key_seq.c.orig
++++ src/lib/krb5/asn.1/ldap_key_seq.c
+@@ -341,7 +341,8 @@ static asn1_error_code asn1_decode_key(a
+ 	if (asn1buf_remains(&slt, 0) != 0) { /* Salt value is optional */
+ 	    ret = decode_tagged_octetstring (&slt, 1, &keylen,
+ 		    &key->key_data_contents[1]); checkerr;
+-	}
++       } else
++           keylen = 0;
+ 	safe_syncbuf (&subbuf, &slt);
+ 	key->key_data_length[1] = keylen; /* XXX range check?? */
+ 
diff --git a/krb5-doc.spec b/krb5-doc.spec
index 4a9aace..db17ff6 100644
--- a/krb5-doc.spec
+++ b/krb5-doc.spec
@@ -13,7 +13,7 @@
 Name:           krb5-doc
 BuildRequires:  ghostscript-library latex2html texlive
 Version:        1.6.1
-Release:        9
+Release:        13
 %define srcRoot krb5-1.6.1
 Summary:        MIT Kerberos5 Implementation--Documentation
 License:        X11/MIT
diff --git a/krb5-plugins.changes b/krb5-plugins.changes
index 438b4e5..f365841 100644
--- a/krb5-plugins.changes
+++ b/krb5-plugins.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed May  9 15:31:08 CEST 2007 - mc@suse.de
+
+- fix uninitialized salt length
+- add extra check for keytab file
+
 -------------------------------------------------------------------
 Thu May  3 12:13:35 CEST 2007 - mc@suse.de
 
diff --git a/krb5-plugins.spec b/krb5-plugins.spec
index e1455aa..d543e2d 100644
--- a/krb5-plugins.spec
+++ b/krb5-plugins.spec
@@ -13,7 +13,7 @@
 
 Name:           krb5-plugins
 Version:        1.6.1
-Release:        4
+Release:        5
 BuildRequires:  bison krb5-devel ncurses-devel openldap2-devel
 %define srcRoot krb5-1.6.1 
 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
@@ -43,6 +43,8 @@ Patch21:        krb5-1.5.1-fix-var-used-before-value-set.dif
 Patch22:        krb5-1.5.1-fix-ftp-var-used-uninitialized.dif
 #Patch23:        trunk-install-preauth-header.dif
 Patch24:        krb5-1.5.1-fix-strncat-warning.dif
+Patch25:        krb5-1.6.1-init-salt-length.dif
+Patch26:        krb5-1.4.3-extra-check-kt_file.c.dif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -106,6 +108,8 @@ fi
 %patch22
 #%patch23
 %patch24
+%patch25
+%patch26
 cp %{_sourcedir}/EncryptWithMasterKey.c %{_builddir}/%{srcRoot}/src/kadmin/dbutil/EncryptWithMasterKey.c
 
 %build
@@ -203,6 +207,9 @@ rm -rf %{buildroot}
 %{_mandir}/man8/*
 
 %changelog
+* Wed May 09 2007 - mc@suse.de
+- fix uninitialized salt length
+- add extra check for keytab file
 * Thu May 03 2007 - mc@suse.de
 - adding krb5-1.6.1-post.dif
   * fix segfault in krb5_get_init_creds_password
diff --git a/krb5.changes b/krb5.changes
index d7b515b..ad89c83 100644
--- a/krb5.changes
+++ b/krb5.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed May  9 15:30:53 CEST 2007 - mc@suse.de
+
+- fix uninitialized salt length 
+- add extra check for keytab file
+
 -------------------------------------------------------------------
 Thu May  3 12:11:29 CEST 2007 - mc@suse.de
 
diff --git a/krb5.spec b/krb5.spec
index 80d1d89..366424b 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -12,7 +12,7 @@
 
 Name:           krb5
 Version:        1.6.1
-Release:        9
+Release:        12
 BuildRequires:  bison libcom_err ncurses-devel
 %if %{suse_version} > 1010
 BuildRequires:  keyutils keyutils-devel
@@ -46,6 +46,8 @@ Patch21:        krb5-1.5.1-fix-var-used-before-value-set.dif
 Patch22:        krb5-1.5.1-fix-ftp-var-used-uninitialized.dif
 #Patch23:        trunk-install-preauth-header.dif
 Patch24:        krb5-1.5.1-fix-strncat-warning.dif
+Patch25:        krb5-1.6.1-init-salt-length.dif
+Patch26:        krb5-1.4.3-extra-check-kt_file.c.dif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         mktemp, grep, /bin/touch 
 
@@ -196,6 +198,8 @@ fi
 %patch22
 #%patch23
 %patch24
+%patch25
+%patch26
 cp %{_sourcedir}/EncryptWithMasterKey.c %{_builddir}/%{srcRoot}/src/kadmin/dbutil/EncryptWithMasterKey.c
 
 %build
@@ -501,6 +505,9 @@ rm -rf %{buildroot}
 %{_mandir}/man1/krb5-config.1*
 
 %changelog
+* Wed May 09 2007 - mc@suse.de
+- fix uninitialized salt length
+- add extra check for keytab file
 * Thu May 03 2007 - mc@suse.de
 - adding krb5-1.6.1-post.dif
   * fix segfault in krb5_get_init_creds_password