[29147] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.13]: Fix SPNEGO context import
daemon@ATHENA.MIT.EDU (Tom Yu)
Mon Nov 30 13:13:41 2015
Date: Mon, 30 Nov 2015 13:11:16 -0500
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201511301811.tAUIBG82018167@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/aae39008de0402cc516150225de4d8feef62b2da
commit aae39008de0402cc516150225de4d8feef62b2da
Author: Greg Hudson <ghudson@mit.edu>
Date: Sun Nov 1 22:46:56 2015 -0500
Fix SPNEGO context import
The patches for CVE-2015-2695 did not implement a SPNEGO
gss_import_sec_context() function, under the erroneous belief that an
exported SPNEGO context would be tagged with the underlying context
mechanism. Implement it now to allow SPNEGO contexts to be
successfully exported and imported after establishment.
(cherry picked from commit 222b09f6e2f536354555f2a0dedfe29fc10c01d6)
(cherry picked from commit 8e10a780fd3bfefd1ba08ca1552e8d0677917454)
ticket: 8284
version_fixed: 1.13.3
status: resolved
src/lib/gssapi/spnego/spnego_mech.c | 33 +++++++++++++++++++++++++++------
1 files changed, 27 insertions(+), 6 deletions(-)
diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
index 3423f22..ec38eea 100644
--- a/src/lib/gssapi/spnego/spnego_mech.c
+++ b/src/lib/gssapi/spnego/spnego_mech.c
@@ -2253,12 +2253,33 @@ spnego_gss_import_sec_context(
const gss_buffer_t interprocess_token,
gss_ctx_id_t *context_handle)
{
- /*
- * Until we implement partial context exports, there are no SPNEGO
- * exported context tokens, only tokens for underlying mechs. So just
- * return an error for now.
- */
- return GSS_S_UNAVAILABLE;
+ OM_uint32 ret, tmpmin;
+ gss_ctx_id_t mctx;
+ spnego_gss_ctx_id_t sc;
+ int initiate, opened;
+
+ ret = gss_import_sec_context(minor_status, interprocess_token, &mctx);
+ if (ret != GSS_S_COMPLETE)
+ return ret;
+
+ ret = gss_inquire_context(&tmpmin, mctx, NULL, NULL, NULL, NULL, NULL,
+ &initiate, &opened);
+ if (ret != GSS_S_COMPLETE || !opened) {
+ /* We don't currently support importing partially established
+ * contexts. */
+ (void) gss_delete_sec_context(&tmpmin, &mctx, GSS_C_NO_BUFFER);
+ return GSS_S_FAILURE;
+ }
+
+ sc = create_spnego_ctx(initiate);
+ if (sc == NULL) {
+ (void) gss_delete_sec_context(&tmpmin, &mctx, GSS_C_NO_BUFFER);
+ return GSS_S_FAILURE;
+ }
+ sc->ctx_handle = mctx;
+ sc->opened = 1;
+ *context_handle = (gss_ctx_id_t)sc;
+ return GSS_S_COMPLETE;
}
#endif /* LEAN_CLIENT */
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5