summaryrefslogtreecommitdiffstats
path: root/src/lib/gssapi/krb5/k5unsealiov.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/gssapi/krb5/k5unsealiov.c')
-rw-r--r--src/lib/gssapi/krb5/k5unsealiov.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c
index f7828b89a..b654c66c5 100644
--- a/src/lib/gssapi/krb5/k5unsealiov.c
+++ b/src/lib/gssapi/krb5/k5unsealiov.c
@@ -69,7 +69,14 @@ kg_unseal_v1_iov(krb5_context context,
return GSS_S_DEFECTIVE_TOKEN;
}
- if (header->buffer.length < token_wrapper_len + 14) {
+ if (ctx->seq == NULL) {
+ /* ctx was established using a newer enctype, and cannot process RFC
+ * 1964 tokens. */
+ *minor_status = 0;
+ return GSS_S_DEFECTIVE_TOKEN;
+ }
+
+ if (header->buffer.length < token_wrapper_len + 22) {
*minor_status = 0;
return GSS_S_DEFECTIVE_TOKEN;
}
generated by cgit (git 2.34.1) at 2025-09-12 13:11:13 +0000