[16587] in Kerberos-V5-bugs
[krbdev.mit.edu #8926] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Wed Jul 22 16:12:16 2020
From: "Greg Hudson via RT" <rt-comment@krbdev.mit.edu>
In-Reply-To:
Message-ID: <rt-4.4.4-17418-1595448712-1175.8926-4-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8926":;
Date: Wed, 22 Jul 2020 16:11:52 -0400
MIME-Version: 1.0
Reply-To: rt-comment@krbdev.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Wed Jul 22 16:11:52 2020: Request 8926 was acted upon.
Transaction: Ticket created by ghudson@mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson@mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8926 >
Allow gss_unwrap_iov() of unpadded RC4 tokens
Windows Remote Management, when used with an RC4 session key, appears
to generate GSS wrap tokens with no padding instead of the expected
one byte (RFC 4757 section 7.3). These tokens cannot be decoded with
gss_unwrap() or a STREAM buffer (even with Microsoft SSPI), but SSPI
allows them to be decoded using explicit IOVs with either a
zero-length padding buffer or no padding buffer. Allow these cases to
work in kg_fixup_padding_iov(). (It is already possible to make this
work with HEADER | DATA | DATA, but only by
accident--kg_fixup_padding_iov() doesn't find a data buffer because
kg_locate_iov() only looks for singleton buffers, so it exits early.)
https://github.com/krb5/krb5/commit/3f204ddd567715ef360b4bb0b32961b6a9877f9d
Author: Greg Hudson <ghudson@mit.edu>
Commit: 3f204ddd567715ef360b4bb0b32961b6a9877f9d
Branch: master
src/lib/gssapi/krb5/util_crypt.c | 9 +++------
1 files changed, 3 insertions(+), 6 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
