[28397] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.12]: Properly reflect MS krb5 mech in SPNEGO
daemon@ATHENA.MIT.EDU (Tom Yu)
Thu Jun 26 16:36:13 2014
Date: Thu, 26 Jun 2014 16:36:07 -0400
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201406262036.s5QKa7ec007599@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/dc31efaeec2c10dfd87951b9298c187f4c65bb39
commit dc31efaeec2c10dfd87951b9298c187f4c65bb39
Author: Greg Hudson <ghudson@mit.edu>
Date: Mon Feb 3 21:11:34 2014 -0500
Properly reflect MS krb5 mech in SPNEGO acceptor
r25590 changed negotiate_mech() to return an alias into the acceptor's
mech set, with the unfortunate side effect of transforming the
erroneous Microsoft krb5 mech OID into the correct krb5 mech OID,
meaning that we answer with a different OID than the requested one.
Return an alias into the initiator's mech set instead, and store that
in mech_set field the SPNEGO context. The acceptor code only uses
mech_set to hold the allocated storage pointed into by internal_mech,
so this change is safe.
(cherry picked from commit 8255613476d4c1583a5e810b50444f188fde871f)
ticket: 7858
version_fixed: 1.12.2
status: resolved
src/lib/gssapi/spnego/spnego_mech.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
index 167e4c1..57ddfc1 100644
--- a/src/lib/gssapi/spnego/spnego_mech.c
+++ b/src/lib/gssapi/spnego/spnego_mech.c
@@ -1395,8 +1395,8 @@ acc_ctx_new(OM_uint32 *minor_status,
*return_token = NO_TOKEN_SEND;
goto cleanup;
}
- sc->mech_set = supported_mechSet;
- supported_mechSet = GSS_C_NO_OID_SET;
+ sc->mech_set = mechTypes;
+ mechTypes = GSS_C_NO_OID_SET;
sc->internal_mech = mech_wanted;
sc->DER_mechTypes = der_mechTypes;
der_mechTypes.length = 0;
@@ -3545,7 +3545,7 @@ put_negResult(unsigned char **buf_out, OM_uint32 negResult,
* is set to ACCEPT_INCOMPLETE if it's the first mech, REQUEST_MIC if
* it's not the first mech, otherwise we return NULL and negResult
* is set to REJECT. The returned pointer is an alias into
- * supported->elements and should not be freed.
+ * received->elements and should not be freed.
*
* NOTE: There is currently no way to specify a preference order of
* mechanisms supported by the acceptor.
@@ -3567,7 +3567,7 @@ negotiate_mech(gss_OID_set supported, gss_OID_set received,
if (g_OID_equal(mech_oid, &supported->elements[j])) {
*negResult = (i == 0) ? ACCEPT_INCOMPLETE :
REQUEST_MIC;
- return &supported->elements[j];
+ return &received->elements[i];
}
}
}
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
