ff45a00e79
* gnu/packages/patches/mit-krb5-CVE-2015-2695-pt1.patch, gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch, gnu/packages/patches/mit-krb5-CVE-2015-2696.patch, gnu/packages/patches/mit-krb5-CVE-2015-2697.patch, gnu/packages/patches/mit-krb5-CVE-2015-2698-pt1.patch, gnu/packages/patches/mit-krb5-CVE-2015-2698-pt2.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/mit-krb5.scm (mit-krb5)[native-inputs]: Add patches.
65 lines
2.1 KiB
Diff
65 lines
2.1 KiB
Diff
Copied from Debian.
|
|
|
|
From 18c512ebdcc5cacc777e9dbcc6817f83c301ad93 Mon Sep 17 00:00:00 2001
|
|
From: Greg Hudson <ghudson@mit.edu>
|
|
Date: Wed, 4 Nov 2015 21:29:10 -0500
|
|
Subject: Fix SPNEGO context import
|
|
|
|
The patches for CVE-2015-2695 did not implement a SPNEGO
|
|
gss_import_sec_context() function, under the erroneous belief than an
|
|
exported SPNEGO context would be tagged with the underlying context
|
|
mechanism. Implement it now to allow SPNEGO contexts to be
|
|
successfully exported and imported after establishment.
|
|
|
|
ticket: 8273
|
|
(cherry picked from commit fbb565f913c52eba9bea82f1694aba7a8c90e93d)
|
|
|
|
Patch-Category: upstream
|
|
---
|
|
src/lib/gssapi/spnego/spnego_mech.c | 33 +++++++++++++++++++++++++++------
|
|
1 file changed, 27 insertions(+), 6 deletions(-)
|
|
|
|
diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
|
|
index a1072b0..02284a1 100644
|
|
--- a/src/lib/gssapi/spnego/spnego_mech.c
|
|
+++ b/src/lib/gssapi/spnego/spnego_mech.c
|
|
@@ -2256,12 +2256,33 @@ spnego_gss_import_sec_context(
|
|
const gss_buffer_t interprocess_token,
|
|
gss_ctx_id_t *context_handle)
|
|
{
|
|
- /*
|
|
- * Until we implement partial context exports, there are no SPNEGO
|
|
- * exported context tokens, only tokens for underlying mechs. So just
|
|
- * return an error for now.
|
|
- */
|
|
- return GSS_S_UNAVAILABLE;
|
|
+ OM_uint32 ret, tmpmin;
|
|
+ gss_ctx_id_t mctx;
|
|
+ spnego_gss_ctx_id_t sc;
|
|
+ int initiate, opened;
|
|
+
|
|
+ ret = gss_import_sec_context(minor_status, interprocess_token, &mctx);
|
|
+ if (ret != GSS_S_COMPLETE)
|
|
+ return ret;
|
|
+
|
|
+ ret = gss_inquire_context(&tmpmin, mctx, NULL, NULL, NULL, NULL, NULL,
|
|
+ &initiate, &opened);
|
|
+ if (ret != GSS_S_COMPLETE || !opened) {
|
|
+ /* We don't currently support importing partially established
|
|
+ * contexts. */
|
|
+ (void) gss_delete_sec_context(&tmpmin, &mctx, GSS_C_NO_BUFFER);
|
|
+ return GSS_S_FAILURE;
|
|
+ }
|
|
+
|
|
+ sc = create_spnego_ctx(initiate);
|
|
+ if (sc == NULL) {
|
|
+ (void) gss_delete_sec_context(&tmpmin, &mctx, GSS_C_NO_BUFFER);
|
|
+ return GSS_S_FAILURE;
|
|
+ }
|
|
+ sc->ctx_handle = mctx;
|
|
+ sc->opened = 1;
|
|
+ *context_handle = (gss_ctx_id_t)sc;
|
|
+ return GSS_S_COMPLETE;
|
|
}
|
|
#endif /* LEAN_CLIENT */
|
|
|