diff options
Diffstat (limited to 'app-crypt/mit-krb5/files/CVE-2011-1530.patch')
| -rw-r--r-- | app-crypt/mit-krb5/files/CVE-2011-1530.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/app-crypt/mit-krb5/files/CVE-2011-1530.patch b/app-crypt/mit-krb5/files/CVE-2011-1530.patch new file mode 100644 index 000000000000..336a4ad3172a --- /dev/null +++ b/app-crypt/mit-krb5/files/CVE-2011-1530.patch @@ -0,0 +1,40 @@ +diff --git a/src/kdc/Makefile.in b/src/kdc/Makefile.in +index f46cad3..102fbaa 100644 +--- a/src/kdc/Makefile.in ++++ b/src/kdc/Makefile.in +@@ -67,6 +67,7 @@ check-unix:: rtest + + check-pytests:: + $(RUNPYTEST) $(srcdir)/t_workers.py $(PYTESTFLAGS) ++ $(RUNPYTEST) $(srcdir)/t_emptytgt.py $(PYTESTFLAGS) + + install:: + $(INSTALL_PROGRAM) krb5kdc ${DESTDIR}$(SERVER_BINDIR)/krb5kdc +diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c +index c169c54..840a2ef 100644 +--- a/src/kdc/do_tgs_req.c ++++ b/src/kdc/do_tgs_req.c +@@ -243,7 +243,8 @@ tgt_again: + if (!tgs_1 || !data_eq(*server_1, *tgs_1)) { + errcode = find_alternate_tgs(request, &server); + firstpass = 0; +- goto tgt_again; ++ if (errcode == 0) ++ goto tgt_again; + } + } + status = "UNKNOWN_SERVER"; +diff --git a/src/kdc/t_emptytgt.py b/src/kdc/t_emptytgt.py +new file mode 100644 +index 0000000..1760bcd +--- /dev/null ++++ b/src/kdc/t_emptytgt.py +@@ -0,0 +1,8 @@ ++#!/usr/bin/python ++from k5test import * ++ ++realm = K5Realm(start_kadmind=False, create_host=False) ++output = realm.run_as_client([kvno, 'krbtgt/'], expected_code=1) ++if 'not found in Kerberos database' not in output: ++ fail('TGT lookup for empty realm failed in unexpected way') ++success('Empty tgt lookup.') |