[src/netbsd-1-6]: src/crypto/dist/heimdal/kdc Pull up revision 1.8 (requested...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/netbsd-1-6]: src/crypto/dist/heimdal/kdc Pull up revision 1.8 (requested...
From: tron <tron%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 11:20:18 +0000

details:   https://anonhg.NetBSD.org/src/rev/a69d0cd20d1b
branches:  netbsd-1-6
changeset: 530190:a69d0cd20d1b
user:      tron <tron%NetBSD.org@localhost>
date:      Fri Mar 21 09:22:11 2003 +0000

description:
Pull up revision 1.8 (requested by lha in ticket #1225):
Fix Kerberos 4 procotocol problem mentioned in
[MIT krb5 Security Advisory 2003-004]/[heimdal-0.5.2 release notes]
by disable support for it.

diffstat:

 crypto/dist/heimdal/kdc/524.c      |  10 +++++++++-
 crypto/dist/heimdal/kdc/kdc_locl.h |   5 +++--
 2 files changed, 12 insertions(+), 3 deletions(-)

diffs (54 lines):

diff -r 0c04a64d7e0a -r a69d0cd20d1b crypto/dist/heimdal/kdc/524.c
--- a/crypto/dist/heimdal/kdc/524.c     Fri Mar 21 09:22:02 2003 +0000
+++ b/crypto/dist/heimdal/kdc/524.c     Fri Mar 21 09:22:11 2003 +0000
@@ -33,7 +33,7 @@
 
 #include "kdc_locl.h"
 
-RCSID("$Id: 524.c,v 1.6 2001/09/17 12:32:35 assar Exp $");
+RCSID("$Id: 524.c,v 1.6.2.1 2003/03/21 09:22:11 tron Exp $");
 
 #ifdef KRB4
 
@@ -251,6 +251,14 @@
        free_EncTicketPart(&et);
        goto out;
     }
+    if (!enable_v4_cross_realm && strcmp (et.crealm, t->realm) != 0) {
+       kdc_log(0, "524 cross-realm %s -> %s disabled", et.crealm,
+               t->realm);
+       free_EncTicketPart(&et);
+       ret = KRB5KDC_ERR_POLICY;
+       goto out;
+    }
+
     ret = encode_v4_ticket(buf + sizeof(buf) - 1, sizeof(buf),
                           &et, &t->sname, &len);
     free_EncTicketPart(&et);
diff -r 0c04a64d7e0a -r a69d0cd20d1b crypto/dist/heimdal/kdc/kdc_locl.h
--- a/crypto/dist/heimdal/kdc/kdc_locl.h        Fri Mar 21 09:22:02 2003 +0000
+++ b/crypto/dist/heimdal/kdc/kdc_locl.h        Fri Mar 21 09:22:11 2003 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2003 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -32,7 +32,7 @@
  */
 
 /* 
- * $Id: kdc_locl.h,v 1.6 2001/09/17 12:32:36 assar Exp $ 
+ * $Id: kdc_locl.h,v 1.6.2.1 2003/03/21 09:22:11 tron Exp $ 
  */
 
 #ifndef __KDC_LOCL_H__
@@ -68,6 +68,7 @@
 extern char *v4_realm;
 extern int enable_v4;
 extern int enable_524;
+extern int enable_v4_cross_realm;
 extern krb5_boolean enable_kaserver;
 #endif

Prev by Date: [src/netbsd-1-6]: src/distrib/notes/common Pull up revision 1.63 (requested b...
Next by Date: [src/netbsd-1-6]: src/include/heimdal Pull up revision 1.13 (requested by lha...
Previous by Thread: [src/netbsd-1-6]: src/distrib/notes/common Pull up revision 1.63 (requested b...
Next by Thread: [src/netbsd-1-6]: src/include/heimdal Pull up revision 1.13 (requested by lha...
Indexes:

Home | Main Index | Thread Index | Old Index