bug with SGN_ALG_MD2_5 case handling in kg_unseal_v1()?

Will Fiveash will.fiveash at oracle.com
Thu Apr 13 15:55:56 EDT 2017

In src/lib/gssapi/krb5/k5unseal.c:kg_unseal_v1() at line 381 which is
part of the case SGN_ALG_MD2_5 block I see:

        code = k5_bcmp(md5cksum.contents, ptr + 14, 8);
        /* Falls through to defective-token??  */

        *minor_status = 0;

This seems like a bug given the processing that precedes this, thoughts?

Will Fiveash
Oracle Solaris Software Engineer

More information about the krbdev mailing list