[Heimdal-source-changes] [heimdal/heimdal] 9f6baf: lib/krb5: Implement krb5_c_random_make_octets corr...
GitHub
noreply at github.com
Sat Juni 18 23:36:20 CEST 2016
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: 9f6baf00f6b7c6f4bb6a231cf1753234b9f6148d
https://github.com/heimdal/heimdal/commit/9f6baf00f6b7c6f4bb6a231cf1753234b9f6148d
Author: Mikhail T <mi+github at aldan.algebra.com>
Date: 2016-06-18 (Sat, 18 Jun 2016)
Changed paths:
M lib/krb5/mit_glue.c
Log Message:
-----------
lib/krb5: Implement krb5_c_random_make_octets correctly
The function, found in lib/krb5/mit_glue.c, is currently using
krb5_generate_random_keyblock(). This compiles because warning-level is
not high enough, but does not work. At runtime the
krb5_generate_random_keyblock() interprets the second argument as the
krb5_enctype (rather than a length of anything) and tries to verify it.
When the length does not match any known enctype, as usually happens, the
function fails and returns an error. If the length happened to correspond
to an enctype, the function would likely crash due to misinterpreting its
third argument as a valid krb5_keyblock.
The change uses krb5_generate_random_block() instead. This function does
not return anything -- upon detecting failure it will cause the entire
application to exist instead...
Change-Id: I865a360037a513ce91abc7abba1dc554f844b464
More information about the Heimdal-source-changes
mailing list