diff options
| author | Tomas Kuthan <tkuthan@gmail.com> | 2014-03-06 13:05:24 +0100 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2014-03-18 11:55:39 -0400 |
| commit | 13a9cb721194c8aa4ccf6ed6ef23e3ac8dd24037 (patch) | |
| tree | 1b709656c3284efe6aa2dd6af3d0cdac28bb8c75 /src/lib/gssapi | |
| parent | a47c4e68308331a630480cb62c2b7711432e0123 (diff) | |
| download | krb5-13a9cb721194c8aa4ccf6ed6ef23e3ac8dd24037.tar.gz krb5-13a9cb721194c8aa4ccf6ed6ef23e3ac8dd24037.tar.xz krb5-13a9cb721194c8aa4ccf6ed6ef23e3ac8dd24037.zip | |
Fix GSS krb5 initial sequence number gap handling
Since #2040, the dummy queue element inserted by g_order_init no
longer compares less than the initial sequence number, so we fail when
the first few sequence numbers are received out of order. Properly
detect when a sequence number fits between the dummy element and the
first real queue element.
[ghudson@mit.edu: rewrote commit message]
ticket: 7872
target_version: 1.12.2
tags: pullup
Diffstat (limited to 'src/lib/gssapi')
| -rw-r--r-- | src/lib/gssapi/generic/util_ordering.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/lib/gssapi/generic/util_ordering.c b/src/lib/gssapi/generic/util_ordering.c index 9a1ce8966..22c6be2e3 100644 --- a/src/lib/gssapi/generic/util_ordering.c +++ b/src/lib/gssapi/generic/util_ordering.c @@ -195,6 +195,21 @@ g_order_check(void **vqueue, uint64_t seqnum) return(GSS_S_UNSEQ_TOKEN); } } + /* + * Exception: if first token arrived out-of-order. + * In that case first two elements in queue are 0xFFFFFFFF and some k, + * where k > seqnum. We need to insert seqnum before k. + * We check this after the for-loop, because this should be rare. + */ + if ((QELEM(q, q->start) == (((uint64_t)0 - 1) & q->mask)) && + ((QELEM(q, q->start + 1) > seqnum))) { + queue_insert(q, q->start, seqnum); + if (q->do_replay && !q->do_sequence) + return(GSS_S_COMPLETE); + else + return(GSS_S_UNSEQ_TOKEN); + + } } /* this should never happen */ |