diff options
author | nectar <nectar@FreeBSD.org> | 2001-07-13 18:12:13 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2001-07-13 18:12:13 +0000 |
commit | 0e7f0df834bc075db63f8142d799d31036a37bd3 (patch) | |
tree | ca0f98072dcaca6a3189c501f46ac345b9faecc7 /crypto | |
parent | 2d388a1550ead8c438862577afebe5e5d2be978b (diff) | |
download | FreeBSD-src-0e7f0df834bc075db63f8142d799d31036a37bd3.zip FreeBSD-src-0e7f0df834bc075db63f8142d799d31036a37bd3.tar.gz |
Bug fix: When the client connects to a server and Kerberos
authentication is enabled, the client effectively ignores any error
from krb5_rd_rep due to a missing branch.
In theory this could result in an ssh client using Kerberos 5
authentication accepting a spoofed AP-REP. I doubt this is a real
possiblity, however, because the AP-REP is passed from the server to
the client via the SSH encrypted channel. Any tampering should cause
the decryption or MAC to fail.
Approved by: green
MFC after: 1 week
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/openssh/sshconnect.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c index eb3e66a..679660f 100644 --- a/crypto/openssh/sshconnect.c +++ b/crypto/openssh/sshconnect.c @@ -802,6 +802,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); if (problem) { ret = 0; + goto out; } ret = 1; break; |