------------------------------------------------------------------------
r24075 | tlyu | 2010-05-20 17:32:47 -0400 (Thu, 20 May 2010) | 8 lines
ticket: 6726
target_version: 1.8.2
tags: pullup
Apply patch from Arlene Berry to detect and ignore a duplicate
mechanism token sent in the mechListMIC field, such as sent by Windows
2000 Server.
ticket: 6726
version_fixed: 1.8.2
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@24076
dc483132-0cff-0310-8789-
dd5450dbe970
*mechListMIC = get_input_token(&ptr, REMAIN);
if (*mechListMIC == GSS_C_NO_BUFFER)
return GSS_S_DEFECTIVE_TOKEN;
+
+ /* Handle Windows 2000 duplicate response token */
+ if (*responseToken &&
+ ((*responseToken)->length == (*mechListMIC)->length) &&
+ !memcmp((*responseToken)->value, (*mechListMIC)->value,
+ (*responseToken)->length)) {
+ OM_uint32 tmpmin;
+
+ gss_release_buffer(&tmpmin, *mechListMIC);
+ free(*mechListMIC);
+ *mechListMIC = NULL;
+ }
}
return GSS_S_COMPLETE;
#undef REMAIN
projects / krb5.git / commitdiff