summaryrefslogtreecommitdiff
path: root/security/mit-krb5/patches/patch-bx
diff options
context:
space:
mode:
Diffstat (limited to 'security/mit-krb5/patches/patch-bx')
-rw-r--r--security/mit-krb5/patches/patch-bx19
1 files changed, 19 insertions, 0 deletions
diff --git a/security/mit-krb5/patches/patch-bx b/security/mit-krb5/patches/patch-bx
new file mode 100644
index 00000000000..831723af105
--- /dev/null
+++ b/security/mit-krb5/patches/patch-bx
@@ -0,0 +1,19 @@
+$NetBSD: patch-bx,v 1.1.2.2 2010/05/20 22:23:50 tron Exp $
+fix http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txt
+
+--- lib/gssapi/krb5/accept_sec_context.c.orig 2010-05-20 07:13:48.258046700 -0500
++++ lib/gssapi/krb5/accept_sec_context.c 2010-05-20 07:16:20.228175200 -0500
+@@ -423,6 +423,13 @@
+ }
+ #endif
+
++ if (authdat->checksum == NULL) {
++ /* missing checksum counts as "inappropriate type" */
++ code = KRB5KRB_AP_ERR_INAPP_CKSUM;
++ major_status = GSS_S_FAILURE;
++ goto fail;
++ }
++
+ {
+ /* gss krb5 v1 */
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-01 15:33:38 +0000