* kdc/network.c (make_toolong_error): New function.

(process_tcp_connection): If the specified length exceeds the internal limit,
stop reading and send back a FIELD_TOOLONG error.
* tests/dejagnu/krb-standalone/standalone.exp (doit): When testing TCP mode,
connect to the KDC and send a length of -1, and check that it sends back a
non-empty message.

ticket: 3923
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18233 dc483132-0cff-0310-8789-dd5450dbe970

1 files changed, 32 insertions, 0 deletions

diff --git a/src/tests/dejagnu/krb-standalone/standalone.exp b/src/tests/dejagnu/krb-standalone/standalone.exp
index dbe9b950c..554906e44 100644
--- a/src/tests/dejagnu/krb-standalone/standalone.exp
+++ b/src/tests/dejagnu/krb-standalone/standalone.exp
@@ -31,6 +31,8 @@ proc doit { } {
     global spawn_id
     global supported_enctypes
     global KRBIV
+    global portbase
+    global mode
 
     # Start up the kerberos and kadmind daemons.
     if ![start_kerberos_daemons 1] {
@@ -143,6 +145,36 @@ proc doit { } {
 	    pass "kadmin.local correct high kvno"
 	}
     }
+
+    if { $mode == "tcp" } {
+	set response {}
+	set got_response 0
+	set kdcsock ""
+	catch {
+	    send_log "connecting to $hostname [expr 3 + $portbase]\n"
+	    set kdcsock [socket $hostname [expr 3 + $portbase]]
+	    fconfigure $kdcsock -encoding binary -blocking 0 -buffering none
+	    puts -nonewline $kdcsock [binary format H* ffffffff]
+	    # XXX
+	    sleep 3
+	    set response [read $kdcsock]
+	    set got_response 1
+	} msg
+	if [string length $kdcsock] { catch "close $kdcsock" }
+	if $got_response {
+#	send_log [list sent length -1, got back $response]
+#	send_log "\n"
+	    if [string length $response]>10 {
+		pass "too-long TCP request"
+	    } else {
+		send_log "response too short\n"
+		fail "too-long TCP request"
+	    }
+	} else {
+	    send_log "too-long connect/exchange failure: $msg\n"
+	    fail "too-long TCP request"
+	}
+    }
 }
 
 set status [catch doit msg]