From: Tom Yu <tlyu@mit.edu>
Date: Thu, 20 May 2010 22:57:50 +0000 (+0000)
Subject: pull up r24075 from trunk
X-Git-Tag: krb5-1.8.2-beta1~4
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=497b3e2cb92ca98280a9c889e21572e8c707d5ec;p=krb5.git

pull up r24075 from trunk

 ------------------------------------------------------------------------
 r24075 | tlyu | 2010-05-20 17:32:47 -0400 (Thu, 20 May 2010) | 8 lines

 ticket: 6726
 target_version: 1.8.2
 tags: pullup

 Apply patch from Arlene Berry to detect and ignore a duplicate
 mechanism token sent in the mechListMIC field, such as sent by Windows
 2000 Server.

ticket: 6726
version_fixed: 1.8.2
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@24076 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
index cda76d1ad..6c4ea0ac1 100644
--- a/src/lib/gssapi/spnego/spnego_mech.c
+++ b/src/lib/gssapi/spnego/spnego_mech.c
@@ -3149,6 +3149,18 @@ get_negTokenResp(OM_uint32 *minor_status,
 		*mechListMIC = get_input_token(&ptr, REMAIN);
 		if (*mechListMIC == GSS_C_NO_BUFFER)
 			return GSS_S_DEFECTIVE_TOKEN;
+
+                /* Handle Windows 2000 duplicate response token */
+                if (*responseToken &&
+                    ((*responseToken)->length == (*mechListMIC)->length) &&
+                    !memcmp((*responseToken)->value, (*mechListMIC)->value,
+                            (*responseToken)->length)) {
+			OM_uint32 tmpmin;
+
+			gss_release_buffer(&tmpmin, *mechListMIC);
+			free(*mechListMIC);
+			*mechListMIC = NULL;
+		}
 	}
 	return GSS_S_COMPLETE;
 #undef REMAIN