bug with SGN_ALG_MD2_5 case handling in kg_unseal_v1()?
Will Fiveash
will.fiveash at oracle.com
Thu Apr 13 15:55:56 EDT 2017
In src/lib/gssapi/krb5/k5unseal.c:kg_unseal_v1() at line 381 which is
part of the case SGN_ALG_MD2_5 block I see:
code = k5_bcmp(md5cksum.contents, ptr + 14, 8);
/* Falls through to defective-token?? */
default:
*minor_status = 0;
return(GSS_S_DEFECTIVE_TOKEN);
This seems like a bug given the processing that precedes this, thoughts?
--
Will Fiveash
Oracle Solaris Software Engineer
More information about the krbdev
mailing list