keep track of the message type of FAST requests

- pull in fix for keeping track of the message type when parsing FAST requests in the KDC (RT#7605, #951843)
2013-04-15 11:06:55 -04:00 · 2013-04-15 11:06:55 -04:00 · 3ba00c4edc
commit 3ba00c4edc
parent 61043181c7
2 changed files with 32 additions and 0 deletions
--- a/krb5-fast-msg_type.patch
+++ b/krb5-fast-msg_type.patch
@ -0,0 +1,28 @@
+commit 3fbdcd0965180b46c545187e7784350340ae88ee
+Author: Greg Hudson <ghudson@mit.edu>
+Date:   Fri Apr 12 16:28:14 2013 -0400
+
+    Set msg_type when decoding FAST requests
+    
+    An RFC 6113 KrbFastReq contains a padata sequence and a KDC-REQ-BODY,
+    neither of which contain the msg-type field found in a KDC-REQ.  So
+    when we decode the FAST request, the resulting krb5_kdc_req structure
+    has a msg_type of 0.  Copy msg_type from the outer body, since we make
+    use of it in further KDC processing.
+    
+    ticket: 7605 (new)
+    target_version: 1.11.3
+    tags: pullup
+
+diff --git a/src/kdc/fast_util.c b/src/kdc/fast_util.c
+index 40c5783..4fa36c6 100644
+--- a/src/kdc/fast_util.c
+++ b/src/kdc/fast_util.c
+@@ -239,6 +239,7 @@ kdc_find_fast(krb5_kdc_req **requestptr,
+                                                  KRB5_PADATA_FX_COOKIE);
+         if (retval == 0) {
+             state->fast_options = fast_req->fast_options;
+            fast_req->req_body->msg_type = request->msg_type;
+             krb5_free_kdc_req( kdc_context, request);
+             *requestptr = fast_req->req_body;
+             fast_req->req_body = NULL;
--- a/krb5.spec
+++ b/krb5.spec
@ -76,6 +76,7 @@ Patch113: krb5-1.11-alpha1-init.patch
 Patch116: http://ausil.fedorapeople.org/aarch64/krb5/krb5-aarch64.patch
 Patch117: krb5-1.11-gss-client-keytab.patch
 Patch118: krb5-1.11.1-rpcbind.patch
+Patch119: krb5-fast-msg_type.patch

 # Patch for otp plugin backport
 Patch201: 0001-add-k5memdup.patch
@ -296,6 +297,7 @@ ln -s NOTICE LICENSE
 %patch116 -p1 -b .aarch64
 %patch117 -p1 -b .gss-client-keytab
 %patch118 -p1 -b .rpcbind
+%patch119 -p1 -b .fast-msg_type

 %patch201 -p1 -b .add-k5memdup
 %patch202 -p1 -b .add-libkrad
@ -827,6 +829,8 @@ exit 0
 - update to 1.11.2
  - drop pulled in patch for RT#7586, included in this release
  - drop pulled in patch for RT#7592, included in this release
+- pull in fix for keeping track of the message type when parsing FAST requests
+  in the KDC (RT#7605, #951843)

 * Fri Apr 12 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.1-9
 - move the compiled-in default ccache location from the previous default of