From 4b6fb5ab1a67d195f277bc3d2ba7560972415692 Mon Sep 17 00:00:00 2001
From: Jeffrey Altman <jaltman@secure-endpoints.com>
Date: Mon, 17 Jan 2022 21:51:57 -0500
Subject: [PATCH] kdc: _kdc_find_etype prevent NULL dereference

If use_strongest_session_key and no keys are found the return
code will be set to KRB5KDC_ERR_ETYPE_NOSUPP.  However, before
exiting if the principal is a weak exception then the return
code will be set to success and a NULL key pointer will be
dereferenced.   Skip the weak exception check if the return
code is non-zero.

Change-Id: I36d0e1b179b3392171ad6767c75111d59c3f2f7d
---
 kdc/kerberos5.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index 9bab35cd2..13c7a4980 100644
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -333,7 +333,7 @@ _kdc_find_etype(astgs_request_t r, uint32_t flags,
 	}
     }
 
-    if (enctype == ETYPE_NULL) {
+    if (ret == 0 && enctype == ETYPE_NULL) {
         /*
          * if the service principal is one for which there is a known 1DES
          * exception and no other enctype matches both the client request and