(krb5_rd_priv): handle no sequence number as zero when we were

expecting a sequence number.  MIT krb5 cannot generate a sequence
number of zero, instead generating no sequence number


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9484 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
2001-01-19 04:27:09 +00:00
parent 2b112c9a06
commit c87dc9d5f6

View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2001 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -126,14 +126,19 @@ krb5_rd_priv(krb5_context context,
/* XXX - check replay cache */
/* check sequence number */
/* check sequence number. since MIT krb5 cannot generate a sequence
number of zero but instead generates no sequence number, we accept that
*/
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
if (part.seq_number == NULL ||
*part.seq_number != auth_context->remote_seqnumber) {
ret = KRB5KRB_AP_ERR_BADORDER;
goto failure_part;
}
auth_context->remote_seqnumber++;
if ((part.seq_number == NULL
&& auth_context->remote_seqnumber != 0)
|| (part.seq_number != NULL
&& *part.seq_number != auth_context->remote_seqnumber)) {
ret = KRB5KRB_AP_ERR_BADORDER;
goto failure_part;
}
auth_context->remote_seqnumber++;
}
ret = krb5_data_copy (outbuf, part.user_data.data, part.user_data.length);