- Update FreeBSD's Heimdal distribution to 1.5.2. This is a bugfix

release, which fixes a DoS issue in libkrb5.
author: stas <stas@FreeBSD.org> 2012-04-08 08:19:17 +0000
committer: stas <stas@FreeBSD.org> 2012-04-08 08:19:17 +0000
commit: e98d05b4f007c4c6849229bc6c5f1586d0207896 (patch)
tree: b776209adefb14f82be8f607e6cc465dfddd90c3 /crypto/heimdal/lib/gssapi/krb5/verify_mic.c
parent: 614fd4fe5e7e76da2328df84ca390b36dad17e79 (diff)
download: FreeBSD-src-e98d05b4f007c4c6849229bc6c5f1586d0207896.zip
FreeBSD-src-e98d05b4f007c4c6849229bc6c5f1586d0207896.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/crypto/heimdal/lib/gssapi/krb5/verify_mic.c b/crypto/heimdal/lib/gssapi/krb5/verify_mic.c
index 3123787..3814ef7 100644
--- a/crypto/heimdal/lib/gssapi/krb5/verify_mic.c
+++ b/crypto/heimdal/lib/gssapi/krb5/verify_mic.c
@@ -251,6 +251,14 @@ retry:
   csum.checksum.length = 20;
   csum.checksum.data   = p + 8;
 
+  krb5_crypto_destroy (context, crypto);
+  ret = krb5_crypto_init(context, key,
+			 ETYPE_DES3_CBC_SHA1, &crypto);
+  if (ret){
+      *minor_status = ret;
+      return GSS_S_FAILURE;
+  }
+
   ret = krb5_verify_checksum (context, crypto,
 			      KRB5_KU_USAGE_SIGN,
 			      tmp, message_buffer->length + 8,
author	stas <stas@FreeBSD.org>	2012-04-08 08:19:17 +0000
committer	stas <stas@FreeBSD.org>	2012-04-08 08:19:17 +0000
commit	e98d05b4f007c4c6849229bc6c5f1586d0207896 (patch)
tree	b776209adefb14f82be8f607e6cc465dfddd90c3 /crypto/heimdal/lib/gssapi/krb5/verify_mic.c
parent	614fd4fe5e7e76da2328df84ca390b36dad17e79 (diff)
download	FreeBSD-src-e98d05b4f007c4c6849229bc6c5f1586d0207896.zip FreeBSD-src-e98d05b4f007c4c6849229bc6c5f1586d0207896.tar.gz