From b2b972bb559c7f9df289d814bce1ba1f55eb3416 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Thu, 20 May 2010 21:32:47 +0000 Subject: [PATCH] Apply patch from Arlene Berry to detect and ignore a duplicate mechanism token sent in the mechListMIC field, such as sent by Windows 2000 Server. ticket: 6726 target_version: 1.8.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24075 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/spnego/spnego_mech.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c index c9cf441e0..e82e9b5b0 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c @@ -3261,6 +3261,18 @@ get_negTokenResp(OM_uint32 *minor_status, *mechListMIC = get_input_token(&ptr, REMAIN); if (*mechListMIC == GSS_C_NO_BUFFER) return GSS_S_DEFECTIVE_TOKEN; + + /* Handle Windows 2000 duplicate response token */ + if (*responseToken && + ((*responseToken)->length == (*mechListMIC)->length) && + !memcmp((*responseToken)->value, (*mechListMIC)->value, + (*responseToken)->length)) { + OM_uint32 tmpmin; + + gss_release_buffer(&tmpmin, *mechListMIC); + free(*mechListMIC); + *mechListMIC = NULL; + } } return GSS_S_COMPLETE; #undef REMAIN -- 2.26.2