diff options
Diffstat (limited to 'app-crypt/mit-krb5/files/CVE-2012-1015.patch')
| -rw-r--r-- | app-crypt/mit-krb5/files/CVE-2012-1015.patch | 40 |
1 files changed, 0 insertions, 40 deletions
diff --git a/app-crypt/mit-krb5/files/CVE-2012-1015.patch b/app-crypt/mit-krb5/files/CVE-2012-1015.patch deleted file mode 100644 index 60f2b38a2ffa..000000000000 --- a/app-crypt/mit-krb5/files/CVE-2012-1015.patch +++ /dev/null @@ -1,40 +0,0 @@ -diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c -index 9d8cb34..d4ece3f 100644 ---- a/src/kdc/kdc_preauth.c -+++ b/src/kdc/kdc_preauth.c -@@ -1438,7 +1438,8 @@ etype_info_helper(krb5_context context, krb5_kdc_req *request, - continue; - - } -- if (request_contains_enctype(context, request, db_etype)) { -+ if (krb5_is_permitted_enctype(context, db_etype) && -+ request_contains_enctype(context, request, db_etype)) { - retval = _make_etype_info_entry(context, client->princ, - client_key, db_etype, - &entry[i], etype_info2); -diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c -index a43b291..94dad3a 100644 ---- a/src/kdc/kdc_util.c -+++ b/src/kdc/kdc_util.c -@@ -2461,6 +2461,7 @@ kdc_handle_protected_negotiation(krb5_data *req_pkt, krb5_kdc_req *request, - return 0; - pa.magic = KV5M_PA_DATA; - pa.pa_type = KRB5_ENCPADATA_REQ_ENC_PA_REP; -+ memset(&checksum, 0, sizeof(checksum)); - retval = krb5_c_make_checksum(kdc_context,0, reply_key, - KRB5_KEYUSAGE_AS_REQ, req_pkt, &checksum); - if (retval != 0) -diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c -index c4bf92e..367c894 100644 ---- a/src/lib/kdb/kdb_default.c -+++ b/src/lib/kdb/kdb_default.c -@@ -61,6 +61,9 @@ krb5_dbe_def_search_enctype(kcontext, dbentp, start, ktype, stype, kvno, kdatap) - krb5_boolean saw_non_permitted = FALSE; - - ret = 0; -+ if (ktype != -1 && !krb5_is_permitted_enctype(kcontext, ktype)) -+ return KRB5_KDB_NO_PERMITTED_KEY; -+ - if (kvno == -1 && stype == -1 && ktype == -1) - kvno = 0; - |