summaryrefslogtreecommitdiffstats
path: root/src/kdc
diff options
context:
space:
mode:
Diffstat (limited to 'src/kdc')
-rw-r--r--src/kdc/do_as_req.c5
-rw-r--r--src/kdc/do_tgs_req.c2
-rw-r--r--src/kdc/fast_util.c2
3 files changed, 8 insertions, 1 deletions
diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c
index b183dcfc7..39242979a 100644
--- a/src/kdc/do_as_req.c
+++ b/src/kdc/do_as_req.c
@@ -139,6 +139,11 @@ process_as_req(krb5_kdc_req *request, krb5_data *req_pkt,
session_key.contents = 0;
enc_tkt_reply.authorization_data = NULL;
+ if (request->msg_type != KRB5_AS_REQ) {
+ status = "msg_type mismatch";
+ errcode = KRB5_BADMSGTYPE;
+ goto errout;
+ }
errcode = kdc_make_rstate(&state);
if (errcode != 0) {
status = "constructing state";
diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
index cb0496f9d..44b5791bc 100644
--- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
@@ -143,6 +143,8 @@ process_tgs_req(krb5_data *pkt, const krb5_fulladdr *from,
retval = decode_krb5_tgs_req(pkt, &request);
if (retval)
return retval;
+ if (request->msg_type != KRB5_TGS_REQ)
+ return KRB5_BADMSGTYPE;
/*
* setup_server_realm() sets up the global realm-specific data pointer.
diff --git a/src/kdc/fast_util.c b/src/kdc/fast_util.c
index 06b1e2bc7..e411e320d 100644
--- a/src/kdc/fast_util.c
+++ b/src/kdc/fast_util.c
@@ -384,7 +384,7 @@ kdc_fast_handle_error(krb5_context context,
krb5_data *encoded_e_data = NULL;
memset(outer_pa, 0, sizeof(outer_pa));
- if (!state->armor_key)
+ if (!state || !state->armor_key)
return 0;
fx_error = *err;
fx_error.e_data.data = NULL;
generated by cgit (git 2.34.1) at 2024-11-13 06:51:52 +0000