Verify nonce in reply.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2446 ec53bebd-3082-4978-b11e-865c3cabbd6b
1997-07-18 23:18:29 +00:00
parent cc39875abf
commit 03a4e6eefb
1 changed files with 3 additions and 1 deletions
--- a/lib/krb5/get_cred.c
+++ b/lib/krb5/get_cred.c
@@ -159,7 +159,7 @@ krb5_get_kdc_cred(krb5_context context,
     */

    ret = krb5_sendto_kdc (context, &enc, &in_creds->server->realm, &resp);
-    if (ret)
+
 	goto out;

    memset(&rep, 0, sizeof(rep));
@@ -169,6 +169,8 @@ krb5_get_kdc_cred(krb5_context context,
 			     NULL,
 			     NULL,
 			     NULL);
+	if(ret == 0 && rep.part2.nonce != req.req_body.nonce)
+	    ret = KRB5KRB_AP_ERR_MODIFIED;
 	krb5_free_kdc_rep(context, &rep);
    }else if(decode_KRB_ERROR(resp.data, resp.length, &error, &len) == 0){
 #if 0