head	1.2;
access;
symbols
	pkgsrc-2015Q4:1.1.0.10
	pkgsrc-2015Q4-base:1.1
	pkgsrc-2015Q3:1.1.0.8
	pkgsrc-2015Q3-base:1.1
	pkgsrc-2015Q2:1.1.0.6
	pkgsrc-2015Q2-base:1.1
	pkgsrc-2015Q1:1.1.0.4
	pkgsrc-2015Q1-base:1.1
	pkgsrc-2014Q4:1.1.0.2
	pkgsrc-2014Q4-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2016.03.15.15.16.39;	author tez;	state dead;
branches;
next	1.1;
commitid	vfGyRvS5ID9EDKYy;

1.1
date	2014.11.25.23.40.49;	author tez;	state Exp;
branches;
next	;
commitid	rzJigt4GerGGJCZx;


desc
@@


1.2
log
@Update to 1.14.1 resolving all reported vulnerabilities including:
CVE-2015-2695
CVE-2015-2696
CVE-2015-2697
CVE-2015-2698
CVE-2015-8629
CVE-2015-8630
CVE-2015-8631
@
text
@$NetBSD: patch-CVE-2014-5351,v 1.1 2014/11/25 23:40:49 tez Exp $

Patch for CVE-2014-5351 from:
http://krbdev.mit.edu/rt/Ticket/Display.html?id=8018
https://github.com/krb5/krb5/commit/3bf9e33f9d66c0eef486cbd83f9e4f13a74d12c3.diff


--- lib/kadm5/srv/svr_principal.c.orig	2014-11-25 17:09:26.278975276 -0600
+++ lib/kadm5/srv/svr_principal.c	2014-11-25 17:11:45.406746599 -0600
@@@@ -200,6 +200,20 @@@@
     *passptr = NULL;
 }
 
+/* Return the number of keys with the newest kvno.  Assumes that all key data
+ * with the newest kvno are at the front of the key data array. */
+static int
+count_new_keys(int n_key_data, krb5_key_data *key_data)
+{
+    int n;
+
+    for (n = 1; n < n_key_data; n++) {
+        if (key_data[n - 1].key_data_kvno != key_data[n].key_data_kvno)
+            return n;
+    }
+    return n_key_data;
+}
+
 kadm5_ret_t
 kadm5_create_principal(void *server_handle,
                        kadm5_principal_ent_t entry, long mask,
@@@@ -1581,7 +1595,7 @@@@
     osa_princ_ent_rec           adb;
     krb5_int32                  now;
     kadm5_policy_ent_rec        pol;
-    int                         ret, last_pwd, have_pol = 0;
+    int                         ret, last_pwd, n_new_keys, have_pol = 0;
     kadm5_server_handle_t       handle = server_handle;
     krb5_keyblock               *act_mkey;
 
@@@@ -1667,8 +1681,9 @@@@
     kdb->fail_auth_count = 0;
 
     if (keyblocks) {
-        ret = decrypt_key_data(handle->context,
-                               kdb->n_key_data, kdb->key_data,
+        /* Return only the new keys added by krb5_dbe_crk. */
+        n_new_keys = count_new_keys(kdb->n_key_data, kdb->key_data);
+        ret = decrypt_key_data(handle->context, n_new_keys, kdb->key_data,
                                keyblocks, n_keys);
         if (ret)
             goto done;
@


1.1
log
@Add patch for CVE-2014-5351 from:
 http://krbdev.mit.edu/rt/Ticket/Display.html?id=8018
 https://github.com/krb5/krb5/commit/3bf9e33f9d66c0eef486cbd83f9e4f13a74d12c3.diff
@
text
@d1 1
a1 1
$NetBSD$
@