From 3dba6097f91d71408b4a7c824521f8f0687ab6ff Mon Sep 17 00:00:00 2001 From: mp153739 Date: Mon, 8 Jan 2007 02:45:56 -0800 Subject: 4854431 krb5_gss_acquire_cred() does not implement correct GSS_C_NO_NAME semantics 6290693 krb mech isn't doing the right thing in regards to gss_delete_sec_context and the output token 6491792 gss_unwrap() is causing duplicate token detection to fail for subsequent calls to gss_unwrap() --- .../uts/common/gssapi/mechs/krb5/mech/k5sealv3.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) (limited to 'usr/src/uts/common/gssapi/mechs') diff --git a/usr/src/uts/common/gssapi/mechs/krb5/mech/k5sealv3.c b/usr/src/uts/common/gssapi/mechs/krb5/mech/k5sealv3.c index 0d29d158eb..36263e6a1f 100644 --- a/usr/src/uts/common/gssapi/mechs/krb5/mech/k5sealv3.c +++ b/usr/src/uts/common/gssapi/mechs/krb5/mech/k5sealv3.c @@ -1,5 +1,5 @@ /* - * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Copyright 2007 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -313,9 +313,12 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, message2 = &empty_message; goto wrap_with_checksum; } else if (toktype == KG_TOK_DEL_CTX) { - tok_id = 0x0405; - message = message2 = &empty_message; - goto wrap_with_checksum; + /* + * Solaris Kerberos: + * No token should be generated for context deletion. Just + * return. + */ + return 0; } else { err = KRB5KRB_AP_ERR_BAD_INTEGRITY; goto error; @@ -512,6 +515,16 @@ gss_krb5int_unseal_token_v3(krb5_context context, goto no_mem; (void) memcpy(message_buffer->value, plain.data, message_buffer->length); + + /* + * Solaris Kerberos: Restore the original token. + * This allows the token to be detected as a duplicate if it + * is passed in to gss_unwrap() again. + */ + if (!rotate_left(ptr, bodysize-ec, bodysize - ec - 16)) + goto no_mem; + store_16_be(ec, ptr+4); + store_16_be(rrc, ptr+6); } err = g_order_check(&ctx->seqstate, seqnum); *minor_status = 0; -- cgit v1.2.3