From 35cbc4ce07f9aec5e01ab61030d5cdc7431d02d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Mon, 9 Oct 2006 15:38:59 +0000
Subject: [PATCH] Reply KRB5KRB_ERR_RESPONSE_TOO_BIG error if its a datagram
 reply and the datagram reply length limit is reached.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18385 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/kerberos5.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index 17b955f0e..aeb072f53 100644
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -805,7 +805,8 @@ _kdc_as_rep(krb5_context context,
 	    const krb5_data *req_buffer, 
 	    krb5_data *reply,
 	    const char *from,
-	    struct sockaddr *from_addr)
+	    struct sockaddr *from_addr,
+	    int datagram_reply)
 {
     KDC_REQ_BODY *b = &req->req_body;
     AS_REP rep;
@@ -1475,6 +1476,16 @@ _kdc_as_rep(krb5_context context,
 			    reply_key, &e_text, reply);
     free_EncTicketPart(&et);
     free_EncKDCRepPart(&ek);
+    if (ret)
+	goto out;
+
+    /* */
+    if (datagram_reply && reply->length > config->max_datagram_reply_length) {
+	krb5_data_free(reply);
+	ret = KRB5KRB_ERR_RESPONSE_TOO_BIG;
+	e_text = "Reply packet too large";
+    }
+
 out:
     free_AS_REP(&rep);
     if(ret){