Pullup ticket 3299 - requested by tez

security fixes

Revisions pulled up:
- pkgsrc/security/mit-krb5/Makefile		1.50
- pkgsrc/security/mit-krb5/distinfo		1.26

Files added:
pkgsrc/security/mit-krb5/patches/patch-ca
pkgsrc/security/mit-krb5/patches/patch-cb
pkgsrc/security/mit-krb5/patches/patch-cc
pkgsrc/security/mit-krb5/patches/patch-cd

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tez
   Date:           Fri Dec  3 20:11:31 UTC 2010

   Modified Files:
           pkgsrc/security/mit-krb5: Makefile distinfo
   Added Files:
           pkgsrc/security/mit-krb5/patches: patch-ca patch-cb patch-cc patch-cd

   Log Message:
   add fix for CVE-2010-1323 from
   http://web.mit.edu/kerberos/advisories/2010-007-patch-r15.txt


   To generate a diff of this commit:
   cvs rdiff -u -r1.49 -r1.50 pkgsrc/security/mit-krb5/Makefile
   cvs rdiff -u -r1.25 -r1.26 pkgsrc/security/mit-krb5/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/security/mit-krb5/patches/patch-ca \
       pkgsrc/security/mit-krb5/patches/patch-cb \
       pkgsrc/security/mit-krb5/patches/patch-cc \
       pkgsrc/security/mit-krb5/patches/patch-cd

1 files changed, 15 insertions, 0 deletions

diff --git a/security/mit-krb5/patches/patch-cb b/security/mit-krb5/patches/patch-cb
new file mode 100644
index 00000000000..014def256af
--- /dev/null
+++ b/security/mit-krb5/patches/patch-cb
@@ -0,0 +1,15 @@
+$NetBSD: patch-cb,v 1.1.2.2 2010/12/12 15:20:09 spz Exp $
+
+CVE-2010-1323 fix
+
+--- lib/crypto/dk/derive.c.orig	2010-12-03 11:38:08.683111800 -0600
++++ lib/crypto/dk/derive.c	2010-12-03 11:38:50.395857000 -0600
+@@ -40,6 +40,8 @@
+     keybytes = enc->keybytes;
+     keylength = enc->keylength;
+ 
++    if (blocksize == 1)
++	return(KRB5_BAD_ENCTYPE);
+     if ((inkey->length != keylength) ||
+ 	(outkey->length != keylength))
+ 	return(KRB5_CRYPTO_INTERNAL);