From 815ea80b4fe2d755a5c9bad02d4c852ed201ba97 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Mon, 27 Apr 2020 22:32:59 +1000 Subject: [PATCH] gss: mask out SAnon req_flags after computing session key In SAnon, the optional flags send in the initial context token are input into the key derivation function. Mask out the flags we wish to ignore after (not before) calling the key derivation function, as the initiator may not know which flags we wish to ignore. --- lib/gssapi/sanon/accept_sec_context.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/gssapi/sanon/accept_sec_context.c b/lib/gssapi/sanon/accept_sec_context.c index 51ba51a0a..74f4aa04a 100644 --- a/lib/gssapi/sanon/accept_sec_context.c +++ b/lib/gssapi/sanon/accept_sec_context.c @@ -107,14 +107,14 @@ _gss_sanon_accept_sec_context(OM_uint32 *minor, _gss_mg_decode_be_uint32(&p[4], &req_flags); } - req_flags &= SANON_PROTOCOL_FLAG_MASK; /* do not let initiator set any other flags */ - /* compute shared secret */ major = _gss_sanon_curve25519(minor, sc, &initiator_pk, req_flags, input_chan_bindings, &session_key); if (major != GSS_S_COMPLETE) goto out; + req_flags &= SANON_PROTOCOL_FLAG_MASK; /* do not let initiator set any other flags */ + req_flags |= GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG | GSS_C_CONF_FLAG | GSS_C_INTEG_FLAG | GSS_C_ANON_FLAG | GSS_C_TRANS_FLAG;