From 22eae763a45f9047a3bd52f60a7cf0942d3285da Mon Sep 17 00:00:00 2001 From: Sam Hartman Date: Wed, 5 Oct 2011 21:30:12 +0000 Subject: [PATCH] Treat the client's list of supported KDFs as an unordered list Signed-off-by: Margaret Wasserman git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25303 dc483132-0cff-0310-8789-dd5450dbe970 --- src/plugins/preauth/pkinit/pkinit_srv.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/plugins/preauth/pkinit/pkinit_srv.c b/src/plugins/preauth/pkinit/pkinit_srv.c index a79b25c29..de6f03cd2 100644 --- a/src/plugins/preauth/pkinit/pkinit_srv.c +++ b/src/plugins/preauth/pkinit/pkinit_srv.c @@ -664,10 +664,10 @@ pkinit_pick_kdf_alg(krb5_context context, *alg_oid = NULL; - /* for each of the OIDs in the client's request... */ - for (i = 0; NULL != (req_oid = kdf_list[i]); i++) { - /* if the requested OID is supported, use it. */ - for (j = 0; NULL != (supp_oid = supported_kdf_alg_ids[j]); j++) { + /* for each of the OIDs that the server supports... */ + for (i = 0; NULL != (supp_oid = supported_kdf_alg_ids[i]); i++) { + /* if the requested OID is in the client's list, use it. */ + for (j = 0; NULL != (req_oid = kdf_list[j]); j++) { if ((req_oid->length == supp_oid->length) && (0 == memcmp(req_oid->data, supp_oid->data, req_oid->length))) { tmp_oid = k5alloc(sizeof(krb5_octet_data), &retval); @@ -679,6 +679,7 @@ pkinit_pick_kdf_alg(krb5_context context, tmp_oid->length = supp_oid->length; memcpy(tmp_oid->data, supp_oid->data, supp_oid->length); *alg_oid = tmp_oid; + /* don't free the OID in clean-up if we are returning it */ tmp_oid = NULL; goto cleanup; } -- 2.26.2