svn rev #24076: branches/krb5-1-8/src/lib/gssapi/spnego/
tlyu@MIT.EDU
tlyu at MIT.EDU
Thu May 20 18:57:50 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24076
Commit By: tlyu
Log Message:
ticket: 6726
version_fixed: 1.8.2
status: resolved
pull up r24075 from trunk
------------------------------------------------------------------------
r24075 | tlyu | 2010-05-20 17:32:47 -0400 (Thu, 20 May 2010) | 8 lines
ticket: 6726
target_version: 1.8.2
tags: pullup
Apply patch from Arlene Berry to detect and ignore a duplicate
mechanism token sent in the mechListMIC field, such as sent by Windows
2000 Server.
Changed Files:
U branches/krb5-1-8/src/lib/gssapi/spnego/spnego_mech.c
Modified: branches/krb5-1-8/src/lib/gssapi/spnego/spnego_mech.c
===================================================================
--- branches/krb5-1-8/src/lib/gssapi/spnego/spnego_mech.c 2010-05-20 21:32:47 UTC (rev 24075)
+++ branches/krb5-1-8/src/lib/gssapi/spnego/spnego_mech.c 2010-05-20 22:57:50 UTC (rev 24076)
@@ -3149,6 +3149,18 @@
*mechListMIC = get_input_token(&ptr, REMAIN);
if (*mechListMIC == GSS_C_NO_BUFFER)
return GSS_S_DEFECTIVE_TOKEN;
+
+ /* Handle Windows 2000 duplicate response token */
+ if (*responseToken &&
+ ((*responseToken)->length == (*mechListMIC)->length) &&
+ !memcmp((*responseToken)->value, (*mechListMIC)->value,
+ (*responseToken)->length)) {
+ OM_uint32 tmpmin;
+
+ gss_release_buffer(&tmpmin, *mechListMIC);
+ free(*mechListMIC);
+ *mechListMIC = NULL;
+ }
}
return GSS_S_COMPLETE;
#undef REMAIN
More information about the cvs-krb5
mailing list