oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Implement [kdc] derived_keys_maxdots

Browse Source
This commit is contained in:
Roland C. Dowdeswell
2019-10-17 16:30:24 +01:00
committed by Viktor Dukhovni
parent dfada0ccad
commit aa5c525e71
3 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
kdc/misc.c
View File

@@ -142,8 +142,9 @@ _fetch_it(krb5_context context, krb5_kdc_configuration *config, HDB *db,
char *tmp;
const char *realm = NULL;
int is_derived_key = 0;
size_t ndots = 0;
size_t hdots;
size_t ndots = 0;
size_t maxdots = -1;
flags |= HDB_F_DECRYPT;
@@ -167,6 +168,7 @@ _fetch_it(krb5_context context, krb5_kdc_configuration *config, HDB *db,
}
ndots = config->derived_keys_ndots;
maxdots = config->derived_keys_maxdots;
for (hdots = 0, tmp = host; tmp && *tmp; tmp++)
if (*tmp == '.')
@@ -192,6 +194,13 @@ _fetch_it(krb5_context context, krb5_kdc_configuration *config, HDB *db,
if (!tmp || !*tmp || hdots < ndots)
break;
while (maxdots > 0 && hdots > maxdots) {
tmp = strchr(tmp, '.');
/* tmp != NULL because maxdots > 0 */
tmp++;
hdots--;
}
is_derived_key = 1;
krb5_free_principal(context, tmpprinc);
krb5_build_principal(context, &tmpprinc, strlen(realm), realm,