SHA256
1
0
forked from pool/krb5
krb5/krb5-MITKRB5-SA-2010-005.dif
2010-05-19 12:28:19 +00:00

19 lines
606 B
Plaintext

Index: krb5-1.8.1/src/lib/gssapi/krb5/accept_sec_context.c
===================================================================
--- krb5-1.8.1.orig/src/lib/gssapi/krb5/accept_sec_context.c
+++ krb5-1.8.1/src/lib/gssapi/krb5/accept_sec_context.c
@@ -647,6 +647,13 @@ kg_accept_krb5(minor_status, context_han
goto fail;
}
+ if (authdat->checksum == NULL) {
+ /* missing checksum counts as "inappropriate type" */
+ code = KRB5KRB_AP_ERR_INAPP_CKSUM;
+ major_status = GSS_S_FAILURE;
+ goto fail;
+ }
+
/* verify that the checksum is correct */
/*