svn rev #24016: trunk/src/lib/krb5/keytab/
ghudson@MIT.EDU
ghudson at MIT.EDU
Thu May 13 13:34:33 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24016
Commit By: ghudson
Log Message:
ticket: 6720
subject: Negative enctypes improperly read from keytabs
When reading enctypes from keytabs, we need to ntohs() the 16-bit
value we read in before sign-extending it to a 32-bit value in the
keyblock, or we run the risk of extending the wrong sign.
Changed Files:
U trunk/src/lib/krb5/keytab/kt_file.c
Modified: trunk/src/lib/krb5/keytab/kt_file.c
===================================================================
--- trunk/src/lib/krb5/keytab/kt_file.c 2010-05-13 16:46:50 UTC (rev 24015)
+++ trunk/src/lib/krb5/keytab/kt_file.c 2010-05-13 17:34:33 UTC (rev 24016)
@@ -1362,11 +1362,10 @@
error = KRB5_KT_END;
goto fail;
}
+ if (KTVERSION(id) != KRB5_KT_VNO_1)
+ enctype = ntohs(enctype);
ret_entry->key.enctype = (krb5_enctype)enctype;
- if (KTVERSION(id) != KRB5_KT_VNO_1)
- ret_entry->key.enctype = ntohs(ret_entry->key.enctype);
-
/* key contents */
ret_entry->key.magic = KV5M_KEYBLOCK;
More information about the cvs-krb5
mailing list