From: Sam Hartman <hartmans@mit.edu>
Date: Wed, 9 Apr 2003 18:19:18 +0000 (+0000)
Subject: etype info handling infinite loop
X-Git-Tag: krb5-1.4-beta1~1023
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=241c3aece6cb5569b525797c5bd3a3f64a7efad7;p=krb5.git

etype info handling infinite loop

If a request contains no des-cbc-crc enctype bumt des-cbc-crc or
des-cbc-md5 existis in the database then an infinite loop is created.
Fix etype info handling to avoid this.

ticket: new
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15332 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index 11bd82825..6fe495d34 100644
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,3 +1,8 @@
+2003-04-02  Sam Hartman  <hartmans@mit.edu>
+
+	* kdc_preauth.c (get_etype_info): Avoid infinite loop if request
+	does not contain des-cbc-crc and database does 
+
 2003-04-01  Nalin Dahyabhai  <nalin@redhat.com>
 
 	* do_tgs_req.c (process_tgs_req): Check that principal name
diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index f5c1e121a..87b0358d7 100644
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -568,8 +568,10 @@ get_etype_info(krb5_context context, krb5_kdc_req *request,
 	while (1) {
 	    if (!request_contains_enctype(context,
 					  request, db_etype)) {
-		if (db_etype == ENCTYPE_DES_CBC_CRC)
-                    continue;
+	      if (db_etype == ENCTYPE_DES_CBC_CRC) {
+		  db_etype = ENCTYPE_DES_CBC_MD5;
+		  continue;
+	      }
                 else break;
             }