svn rev #24102: trunk/src/lib/krb5/krb/
ghudson@MIT.EDU
ghudson at MIT.EDU
Mon May 24 22:44:45 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24102
Commit By: ghudson
Log Message:
ticket: 6734
subject: FAST negotiation could erroneously succeed
target_version: 1.8.2
tags: pullup
When FAST negotiation is performed against an older KDC
(rep->enc_part2->flags & TKT_FLG_ENC_PA_REP not set),
krb5int_fast_verify_nego did not set the value of *fast_avail, causing
stack garbage to be used in init_creds_step_reply. Initialize
*fast_avail at the beginning of the function per coding practices.
Changed Files:
U trunk/src/lib/krb5/krb/fast.c
Modified: trunk/src/lib/krb5/krb/fast.c
===================================================================
--- trunk/src/lib/krb5/krb/fast.c 2010-05-24 19:22:02 UTC (rev 24101)
+++ trunk/src/lib/krb5/krb/fast.c 2010-05-25 02:44:45 UTC (rev 24102)
@@ -597,6 +597,7 @@
krb5_data scratch;
krb5_boolean valid;
+ *fast_avail = FALSE;
if (rep->enc_part2->flags& TKT_FLG_ENC_PA_REP) {
pa = krb5int_find_pa_data(context, rep->enc_part2->enc_padata,
KRB5_ENCPADATA_REQ_ENC_PA_REP);
More information about the cvs-krb5
mailing list