Don't send empty etype info from KDC

RFC 4120 prohibits empty ETYPE-INFO2 sequences (though not ETYPE-INFO sequences), and our client errors out if it sees an empty sequence of either. ticket: 7630
author: Greg Hudson <ghudson@mit.edu> 2013-04-29 14:55:31 -0400
committer: Greg Hudson <ghudson@mit.edu> 2013-05-03 16:11:28 -0400
commit: ef700ee2cc1b33a06cd1e5c6c56ca7cfac8e67c5 (patch)
tree: e06d0a7b96c039c471dafb14a85d94b1c9e7bebb /src
parent: 9593d1311fa5e6e841c429653ad35a63d17c2fdd (diff)
download: krb5-ef700ee2cc1b33a06cd1e5c6c56ca7cfac8e67c5.tar.gz
krb5-ef700ee2cc1b33a06cd1e5c6c56ca7cfac8e67c5.tar.xz
krb5-ef700ee2cc1b33a06cd1e5c6c56ca7cfac8e67c5.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index b7f9e15144..9c04f709ca 100644
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -1420,6 +1420,11 @@ etype_info_helper(krb5_context context, krb5_kdc_req *request,
             seen_des++;
         }
     }
+
+    /* If the list is empty, don't send it at all. */
+    if (i == 0)
+        goto cleanup;
+
     if (etype_info2)
         retval = encode_krb5_etype_info2(entry, &scratch);
     else
author	Greg Hudson <ghudson@mit.edu>	2013-04-29 14:55:31 -0400
committer	Greg Hudson <ghudson@mit.edu>	2013-05-03 16:11:28 -0400
commit	ef700ee2cc1b33a06cd1e5c6c56ca7cfac8e67c5 (patch)
tree	e06d0a7b96c039c471dafb14a85d94b1c9e7bebb /src
parent	9593d1311fa5e6e841c429653ad35a63d17c2fdd (diff)
download	krb5-ef700ee2cc1b33a06cd1e5c6c56ca7cfac8e67c5.tar.gz krb5-ef700ee2cc1b33a06cd1e5c6c56ca7cfac8e67c5.tar.xz krb5-ef700ee2cc1b33a06cd1e5c6c56ca7cfac8e67c5.zip