diff options
author | Mark H Weaver <mhw@netris.org> | 2015-11-08 23:05:11 -0500 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2015-11-13 12:42:47 -0500 |
commit | ff45a00e798350676ca7a4cf1cac349cc0b4c1f6 (patch) | |
tree | 516c980bab196807f9e1dc97a88db273796a62d4 /gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch | |
parent | 4d53c29e6ca0fb432e92c298f9537c688fbbc10e (diff) | |
download | guix-ff45a00e798350676ca7a4cf1cac349cc0b4c1f6.tar.gz |
gnu: mit-krb5: Add fixes for CVE-2015-{2695,2696,2697,2698}.
* gnu/packages/patches/mit-krb5-CVE-2015-2695-pt1.patch, gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch, gnu/packages/patches/mit-krb5-CVE-2015-2696.patch, gnu/packages/patches/mit-krb5-CVE-2015-2697.patch, gnu/packages/patches/mit-krb5-CVE-2015-2698-pt1.patch, gnu/packages/patches/mit-krb5-CVE-2015-2698-pt2.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/mit-krb5.scm (mit-krb5)[native-inputs]: Add patches.
Diffstat (limited to 'gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch')
-rw-r--r-- | gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch b/gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch new file mode 100644 index 0000000000..aa9fcfa0dd --- /dev/null +++ b/gnu/packages/patches/mit-krb5-CVE-2015-2695-pt2.patch @@ -0,0 +1,65 @@ +Copied from Debian. + +From 18c512ebdcc5cacc777e9dbcc6817f83c301ad93 Mon Sep 17 00:00:00 2001 +From: Greg Hudson <ghudson@mit.edu> +Date: Wed, 4 Nov 2015 21:29:10 -0500 +Subject: Fix SPNEGO context import + +The patches for CVE-2015-2695 did not implement a SPNEGO +gss_import_sec_context() function, under the erroneous belief than an +exported SPNEGO context would be tagged with the underlying context +mechanism. Implement it now to allow SPNEGO contexts to be +successfully exported and imported after establishment. + +ticket: 8273 +(cherry picked from commit fbb565f913c52eba9bea82f1694aba7a8c90e93d) + +Patch-Category: upstream +--- + src/lib/gssapi/spnego/spnego_mech.c | 33 +++++++++++++++++++++++++++------ + 1 file changed, 27 insertions(+), 6 deletions(-) + +diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c +index a1072b0..02284a1 100644 +--- a/src/lib/gssapi/spnego/spnego_mech.c ++++ b/src/lib/gssapi/spnego/spnego_mech.c +@@ -2256,12 +2256,33 @@ spnego_gss_import_sec_context( + const gss_buffer_t interprocess_token, + gss_ctx_id_t *context_handle) + { +- /* +- * Until we implement partial context exports, there are no SPNEGO +- * exported context tokens, only tokens for underlying mechs. So just +- * return an error for now. +- */ +- return GSS_S_UNAVAILABLE; ++ OM_uint32 ret, tmpmin; ++ gss_ctx_id_t mctx; ++ spnego_gss_ctx_id_t sc; ++ int initiate, opened; ++ ++ ret = gss_import_sec_context(minor_status, interprocess_token, &mctx); ++ if (ret != GSS_S_COMPLETE) ++ return ret; ++ ++ ret = gss_inquire_context(&tmpmin, mctx, NULL, NULL, NULL, NULL, NULL, ++ &initiate, &opened); ++ if (ret != GSS_S_COMPLETE || !opened) { ++ /* We don't currently support importing partially established ++ * contexts. */ ++ (void) gss_delete_sec_context(&tmpmin, &mctx, GSS_C_NO_BUFFER); ++ return GSS_S_FAILURE; ++ } ++ ++ sc = create_spnego_ctx(initiate); ++ if (sc == NULL) { ++ (void) gss_delete_sec_context(&tmpmin, &mctx, GSS_C_NO_BUFFER); ++ return GSS_S_FAILURE; ++ } ++ sc->ctx_handle = mctx; ++ sc->opened = 1; ++ *context_handle = (gss_ctx_id_t)sc; ++ return GSS_S_COMPLETE; + } + #endif /* LEAN_CLIENT */ + |