diff options
| author | Mark Eichin <eichin@mit.edu> | 1995-02-04 00:00:13 +0000 |
|---|---|---|
| committer | Mark Eichin <eichin@mit.edu> | 1995-02-04 00:00:13 +0000 |
| commit | 768735cf312fcc0daf817764f36771f133bc9944 (patch) | |
| tree | fdf1fa8480ac0e40fce97c9761d41213518d527d | |
| parent | 63ef2d259bb9dcbaf37ebebca4932b178272ee5a (diff) | |
| download | krb5-768735cf312fcc0daf817764f36771f133bc9944.tar.gz krb5-768735cf312fcc0daf817764f36771f133bc9944.tar.xz krb5-768735cf312fcc0daf817764f36771f133bc9944.zip | |
* get_in_tkt.c (krb5_get_in_tkt): also check for the version
number of the reply being whatever we had in the first byte of the
request.
tested with kinit.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4910 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/lib/krb5/krb/ChangeLog | 6 | ||||
| -rw-r--r-- | src/lib/krb5/krb/get_in_tkt.c | 7 |
2 files changed, 11 insertions, 2 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index c3083e89a0..4cf6e21841 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,9 @@ +Fri Feb 3 16:41:19 1995 Mark Eichin (eichin@cygnus.com) + + * get_in_tkt.c (krb5_get_in_tkt): also check for the version + number of the reply being whatever we had in the first byte of the + request. + Fri Feb 3 08:07:55 1995 Theodore Y. Ts'o (tytso@dcl) * compat_recv.c (krb_v4_recvauth): Use explicit 32 bit types so diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index b29820714f..8cc5ae99e0 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -103,6 +103,7 @@ krb5_get_in_tkt(context, options, addrs, pre_auth_type, etype, keytype, krb5_enctype etypes[1]; krb5_timestamp time_now; krb5_pa_data *padata; + char k4_version; /* same type as *(krb5_data::data) */ if (! krb5_realm_compare(context, creds->client, creds->server)) return KRB5_IN_TKT_REALM_MISMATCH; @@ -177,6 +178,7 @@ krb5_get_in_tkt(context, options, addrs, pre_auth_type, etype, keytype, if (retval = encode_krb5_as_req(&request, &packet)) goto cleanup; + k4_version = packet->data[0]; retval = krb5_sendto_kdc(context, packet, krb5_princ_realm(context, creds->client), &reply); krb5_free_data(context, packet); @@ -218,8 +220,9 @@ krb5_get_in_tkt(context, options, addrs, pre_auth_type, etype, keytype, t_switch = reply.data[1]; t_switch &= ~1; - if (reply.data[0] == V4_KRB_PROT_VERSION - && t_switch == V4_AUTH_MSG_ERR_REPLY) { + if (t_switch == V4_AUTH_MSG_ERR_REPLY + && (reply.data[0] == V4_KRB_PROT_VERSION + || reply.data[0] == k4_version)) { retval = KRB5KRB_AP_ERR_V4_REPLY; } else { retval = KRB5KRB_AP_ERR_MSG_TYPE; |