Apply patch from Arlene Berry to detect and ignore a duplicate
authorTom Yu <tlyu@mit.edu>
Thu, 20 May 2010 21:32:47 +0000 (21:32 +0000)
committerTom Yu <tlyu@mit.edu>
Thu, 20 May 2010 21:32:47 +0000 (21:32 +0000)
mechanism token sent in the mechListMIC field, such as sent by Windows
2000 Server.

ticket: 6726
target_version: 1.8.2
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24075 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/gssapi/spnego/spnego_mech.c

index c9cf441e0e086d7430469b26db48444ce0baab63..e82e9b5b00c270f0a8504e6afc9c7a9303624ca0 100644 (file)
@@ -3261,6 +3261,18 @@ get_negTokenResp(OM_uint32 *minor_status,
                *mechListMIC = get_input_token(&ptr, REMAIN);
                if (*mechListMIC == GSS_C_NO_BUFFER)
                        return GSS_S_DEFECTIVE_TOKEN;
+
+                /* Handle Windows 2000 duplicate response token */
+                if (*responseToken &&
+                    ((*responseToken)->length == (*mechListMIC)->length) &&
+                    !memcmp((*responseToken)->value, (*mechListMIC)->value,
+                            (*responseToken)->length)) {
+                       OM_uint32 tmpmin;
+
+                       gss_release_buffer(&tmpmin, *mechListMIC);
+                       free(*mechListMIC);
+                       *mechListMIC = NULL;
+               }
        }
        return GSS_S_COMPLETE;
 #undef REMAIN