Overview

File krb5-1.6-MITKRB5-SA-2010-007.dif of Package krb5

Index: krb5-1.6/src/plugins/preauth/pkinit/pkinit_srv.c
===================================================================
--- krb5-1.6/src/plugins/preauth/pkinit/pkinit_srv.c	(revision 24455)
+++ krb5-1.6/src/plugins/preauth/pkinit/pkinit_srv.c	(working copy)
@@ -694,8 +694,7 @@
     krb5_reply_key_pack *key_pack = NULL;
     krb5_reply_key_pack_draft9 *key_pack9 = NULL;
     krb5_data *encoded_key_pack = NULL;
-    unsigned int num_types;
-    krb5_cksumtype *cksum_types = NULL;
+    krb5_cksumtype cksum_type;
 
     pkinit_kdc_context plgctx;
     pkinit_kdc_req_context reqctx;
@@ -881,14 +880,24 @@
 		retval = ENOMEM;
 		goto cleanup;
 	    }
-	    /* retrieve checksums for a given enctype of the reply key */
-	    retval = krb5_c_keyed_checksum_types(context,
-		encrypting_key->enctype, &num_types, &cksum_types);
-	    if (retval)
-		goto cleanup;
+            switch (encrypting_key->enctype) {
+            case ENCTYPE_DES_CBC_MD4:
+                cksum_type = CKSUMTYPE_RSA_MD4_DES;
+                break;
+            case ENCTYPE_DES_CBC_MD5:
+            case ENCTYPE_DES_CBC_CRC:
+                cksum_type = CKSUMTYPE_RSA_MD5_DES;
+                break;
+            default:
+                retval = krb5int_c_mandatory_cksumtype(context,
+                                                       encrypting_key->enctype,
+                                                       &cksum_type);
+                if (retval)
+                    goto cleanup;
+                break;
+            }
 
-	    /* pick the first of acceptable enctypes for the checksum */
-	    retval = krb5_c_make_checksum(context, cksum_types[0],
+            retval = krb5_c_make_checksum(context, cksum_type,
 		    encrypting_key, KRB5_KEYUSAGE_TGS_REQ_AUTH_CKSUM,
 		    req_pkt, &key_pack->asChecksum);
 	    if (retval) {
@@ -1036,8 +1045,6 @@
 	free(dh_pubkey);
     if (server_key != NULL)
 	free(server_key);
-    if (cksum_types != NULL)
-	free(cksum_types);
 
     switch ((int)padata->pa_type) {
 	case KRB5_PADATA_PK_AS_REQ:
Index: krb5-1.6/src/lib/crypto/keyed_checksum_types.c
===================================================================
--- krb5-1.6/src/lib/crypto/keyed_checksum_types.c	(revision 24455)
+++ krb5-1.6/src/lib/crypto/keyed_checksum_types.c	(working copy)
@@ -51,6 +51,15 @@
 {
     unsigned int i, c;
 
+    if (enctype == ENCTYPE_ARCFOUR_HMAC ||
+	enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
+	*count = 1;
+	if ((*cksumtypes = malloc(sizeof(krb5_cksumtype))) == NULL)
+	    return(ENOMEM);
+	(*cksumtypes)[0] = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+	return(0);
+    }
+
     c = 0;
     for (i=0; i<krb5_cksumtypes_length; i++) {
 	if ((krb5_cksumtypes_list[i].keyhash &&
Index: krb5-1.6/src/lib/crypto/dk/derive.c
===================================================================
--- krb5-1.6/src/lib/crypto/dk/derive.c	(revision 24455)
+++ krb5-1.6/src/lib/crypto/dk/derive.c	(working copy)
@@ -40,6 +40,8 @@
     keybytes = enc->keybytes;
     keylength = enc->keylength;
 
+    if (blocksize == 1)
+	return(KRB5_BAD_ENCTYPE);
     if ((inkey->length != keylength) ||
 	(outkey->length != keylength))
 	return(KRB5_CRYPTO_INTERNAL);
Index: krb5-1.6/src/lib/krb5/krb/preauth2.c
===================================================================
--- krb5-1.6/src/lib/krb5/krb/preauth2.c	(revision 24455)
+++ krb5-1.6/src/lib/krb5/krb/preauth2.c	(working copy)
@@ -1191,7 +1191,9 @@
 
    cksum = sc2->sam_cksum;
    
-   while (*cksum) {
+   for (; *cksum; cksum++) {
+        if (!krb5_c_is_keyed_cksum((*cksum)->checksum_type))
+            continue;
 	/* Check this cksum */
 	retval = krb5_c_verify_checksum(context, as_key,
 			KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM,
@@ -1205,7 +1207,6 @@
 	}
 	if (valid_cksum)
 	   break;
-	cksum++;
    }
 
    if (!valid_cksum) {
Index: krb5-1.6/src/lib/krb5/krb/mk_safe.c
===================================================================
--- krb5-1.6/src/lib/krb5/krb/mk_safe.c	(revision 24455)
+++ krb5-1.6/src/lib/krb5/krb/mk_safe.c	(working copy)
@@ -212,10 +212,29 @@
 	for (i = 0; i < nsumtypes; i++)
 		if (auth_context->safe_cksumtype == sumtypes[i])
 			break;
-	if (i == nsumtypes)
-		i = 0;
-	sumtype = sumtypes[i];
 	krb5_free_cksumtypes (context, sumtypes);
+	if (i < nsumtypes)
+	    sumtype = auth_context->safe_cksumtype;
+	else {
+	    switch (keyblock->enctype) {
+	    case ENCTYPE_DES_CBC_MD4:
+		sumtype = CKSUMTYPE_RSA_MD4_DES;
+		break;
+	    case ENCTYPE_DES_CBC_MD5:
+	    case ENCTYPE_DES_CBC_CRC:
+		sumtype = CKSUMTYPE_RSA_MD5_DES;
+		break;
+	    default:
+		retval = krb5int_c_mandatory_cksumtype(context,
+						       keyblock->enctype,
+						       &sumtype);
+		if (retval) {
+		    CLEANUP_DONE();
+		    goto error;
+		}
+		break;
+	    }
+	}
     }
     if ((retval = krb5_mk_safe_basic(context, userdata, keyblock, &replaydata, 
 				     plocal_fulladdr, premote_fulladdr,
openSUSE Build Service is sponsored by
Places