rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity
dc84b1a48b
krb5/0018-End-connection-on-KDC_ERR_SVC_UNAVAILABLE.patch
Julien Rische 8c423dc9d5 krb5 1.21.3-1 
- New upstream version (1.21.3)
- CVE-2024-37370 CVE-2024-37371
  Fix vulnerabilities in GSS message token handling
  Resolves: RHEL-45387 RHEL-45378
- Fix memory leak in GSSAPI interface
  Resolves: RHEL-47284
- Fix memory leak in PMAP RPC interface
  Resolves: RHEL-47287
- Fix memory leak in failing UTF-8 to UTF-16 re-encoding for PAC
  Resolves: RHEL-47285
- Make TCP waiting time configurable
  Resolves: RHEL-47278
- Do not include files with "~" termination in krb5-tests
  Resolves: RHEL-45995

Signed-off-by: Julien Rische <jrische@redhat.com>
2024-07-12 13:30:00 +02:00

35 lines
1.3 KiB
Diff
Raw Blame History

From 6e898b880a0c752f83decf33d64a7d8706e6d6f8 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Fri, 27 Oct 2023 00:44:53 -0400
Subject: [PATCH] End connection on KDC_ERR_SVC_UNAVAILABLE
In sendto_kdc.c:service_fds(), if a message handler indicates that a
message should be discarded, kill the connection so we don't continue
waiting on it for more data.
ticket: 7899
(cherry picked from commit ca80f64c786341d5871ae1de18142e62af64f7b9)
---
src/lib/krb5/os/sendto_kdc.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index 0f4bf23a95..262edf09b4 100644
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -1440,7 +1440,10 @@ service_fds(krb5_context context, struct select_state *selstate,
if (msg_handler != NULL) {
krb5_data reply = make_data(state->in.buf, state->in.pos);
- stop = (msg_handler(context, &reply, msg_handler_data) != 0);
+ if (!msg_handler(context, &reply, msg_handler_data)) {
+ kill_conn(context, state, selstate);
+ stop = 0;
+ }
}
if (stop) {
--
2.45.1
Reference in New Issue View Git Blame Copy Permalink