[1413] in Kerberos-V5-bugs
krb5_rd_safe does not increement sequence numbers
daemon@ATHENA.MIT.EDU (epeisach@MIT.EDU)
Mon May 15 12:40:50 1995
From: epeisach@MIT.EDU
Date: Mon, 15 May 1995 12:40:36 -0400
To: proven@MIT.EDU
Cc: krb5-bugs@MIT.EDU
While tracking down the problems with kprop/kpropd that was reported, I
discovered that there are at least two problems
a) kprop is not calling krb5_auth_setaddrs
b) krb5_rd_safe is not incrementing the sequence numbers so that you get
a packet out of order report.
(kprop/kpropd use mk_safe followed by mk_priv messages so the sequence
numbering is fine for the first packet but then everything else fails).
Chris: Can you verify that the patch below is correct. I am not really
up to speed with all the sequence numbering code.
Ezra
Index: rd_safe.c
===================================================================
RCS file: /mit/krb5/.cvsroot/src/lib/krb5/krb/rd_safe.c,v
retrieving revision 5.35
diff -c -r5.35 rd_safe.c
*** rd_safe.c 1995/05/11 23:07:45 5.35
--- rd_safe.c 1995/05/15 16:13:16
***************
*** 267,272 ****
--- 267,273 ----
retval = KRB5KRB_AP_ERR_BADORDER;
goto error;
}
+ auth_context->remote_seq_number++;
}
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) ||
