The "kaserver" part of Heimdal occasionally issues invalid AFS tokens

(here "occasionally" means for certain users in certain realms).

In lib/krb5/v4_glue.c, in the routine storage_to_etext the ticket is
padded to a multiple of 8 bytes. If it is already a multiple of 8
bytes, 8 additional 0-bytes are added.

This catches the AFS krb4 ticket decoder by surprise: unless the
ticket is exactly 56 bytes, it only supports the minimum necessary
padding.  It detects the superfluous padding by comparing the ticket
length decoded to the advertised ticket length.

Hence a 7-letter userid in "cern.ch" which resulted in a ticket of 40
bytes, got "padded" to 48 bytes which the rxkad decoder rejected.

From Rainer Toebbicke.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23475 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-07-28 15:01:05 +00:00
parent 7b5981996c
commit ba2127c788

View File

@@ -348,12 +348,12 @@ storage_to_etext(krb5_context context,
krb5_ssize_t size;
krb5_data data;
/* multiple of eight bytes */
/* multiple of eight bytes, don't round up */
size = krb5_storage_seek(sp, 0, SEEK_END);
if (size < 0)
return KRB4ET_RD_AP_UNDEC;
size = 8 - (size & 7);
size = ((size+7) & ~7) - size;
ret = krb5_storage_write(sp, eightzeros, size);
if (ret != size)