summaryrefslogtreecommitdiffstats
path: root/main/heimdal/return-invalid-enctype-for-weak-crypto.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/heimdal/return-invalid-enctype-for-weak-crypto.patch')
-rw-r--r--main/heimdal/return-invalid-enctype-for-weak-crypto.patch48
1 files changed, 48 insertions, 0 deletions
diff --git a/main/heimdal/return-invalid-enctype-for-weak-crypto.patch b/main/heimdal/return-invalid-enctype-for-weak-crypto.patch
new file mode 100644
index 00000000..c8ce39fe
--- /dev/null
+++ b/main/heimdal/return-invalid-enctype-for-weak-crypto.patch
@@ -0,0 +1,48 @@
+--- a/lib/krb5/context.c
++++ b/lib/krb5/context.c
+@@ -825,23 +825,33 @@ KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
+ krb5_set_default_in_tkt_etypes(krb5_context context,
+ const krb5_enctype *etypes)
+ {
++ krb5_error_code ret;
+ krb5_enctype *p = NULL;
+- int i;
++ unsigned int n, m;
+
+ if(etypes) {
+- for (i = 0; etypes[i]; ++i) {
+- krb5_error_code ret;
+- ret = krb5_enctype_valid(context, etypes[i]);
+- if (ret)
+- return ret;
+- }
+- ++i;
+- ALLOC(p, i);
++ for (n = 0; etypes[n]; n++)
++ ;
++ n++;
++ ALLOC(p, n);
+ if(!p) {
+- krb5_set_error_message (context, ENOMEM, N_("malloc: out of memory", ""));
++ krb5_set_error_message (context, ENOMEM,
++ N_("malloc: out of memory", ""));
+ return ENOMEM;
+ }
+- memmove(p, etypes, i * sizeof(krb5_enctype));
++ for (n = 0, m = 0; etypes[n]; n++) {
++ ret = krb5_enctype_valid(context, etypes[n]);
++ if (ret)
++ continue;
++ p[m++] = etypes[n];
++ }
++ p[m] = ETYPE_NULL;
++ if (m == 0) {
++ free(p);
++ krb5_set_error_message (context, KRB5_PROG_ETYPE_NOSUPP,
++ N_("no valid enctype set", ""));
++ return KRB5_PROG_ETYPE_NOSUPP;
++ }
+ }
+ if(context->etypes)
+ free(context->etypes);
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 03:30:02 +0000