• Jeff Layton's avatar
    sunrpc: trim off EC bytes in GSSAPI v2 unwrap · cf4c024b
    Jeff Layton authored
    As Bruce points out in RFC 4121, section 4.2.3:
    
       "In Wrap tokens that provide for confidentiality, the first 16 octets
        of the Wrap token (the "header", as defined in section 4.2.6), SHALL
        be appended to the plaintext data before encryption.  Filler octets
        MAY be inserted between the plaintext data and the "header.""
    
    ...and...
    
       "In Wrap tokens with confidentiality, the EC field SHALL be used to
        encode the number of octets in the filler..."
    
    It's possible for the client to stuff different data in that area on a
    retransmission, which could make the checksum come out wrong in the DRC
    code.
    
    After decrypting the blob, we should trim off any extra count bytes in
    addition to the checksum blob.
    Reported-by: default avatar"J. Bruce Fields" <bfields@fieldses.org>
    Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
    Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
    cf4c024b
gss_krb5_wrap.c 17.4 KB