krb5/0017-End-connection-on-KDC_ERR_SVC_UNAVAILABLE.patch
Julien Rische b0d04d78e0 krb5 1.21.1-2
- Fix memory leak in GSSAPI interface
  Resolves: RHEL-27251
- Fix memory leak in PMAP RPC interface
  Resolves: RHEL-27245
- Fix memory leak in failing UTF-8 to UTF-16 re-encoding for PAC
  Resolves: RHEL-27253
- Make TCP waiting time configurable
  Resolves: RHEL-17132

Signed-off-by: Julien Rische <jrische@redhat.com>
2024-03-22 17:38:06 +01:00

35 lines
1.3 KiB
Diff

From 347079e258e6ded99d8dda162cafaf133b982ab9 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Fri, 27 Oct 2023 00:44:53 -0400
Subject: [PATCH] End connection on KDC_ERR_SVC_UNAVAILABLE
In sendto_kdc.c:service_fds(), if a message handler indicates that a
message should be discarded, kill the connection so we don't continue
waiting on it for more data.
ticket: 7899
(cherry picked from commit ca80f64c786341d5871ae1de18142e62af64f7b9)
---
src/lib/krb5/os/sendto_kdc.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index 0f4bf23a95..262edf09b4 100644
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -1440,7 +1440,10 @@ service_fds(krb5_context context, struct select_state *selstate,
if (msg_handler != NULL) {
krb5_data reply = make_data(state->in.buf, state->in.pos);
- stop = (msg_handler(context, &reply, msg_handler_data) != 0);
+ if (!msg_handler(context, &reply, msg_handler_data)) {
+ kill_conn(context, state, selstate);
+ stop = 0;
+ }
}
if (stop) {
--
2.44.0