diff options
| author | Theodore Tso <tytso@mit.edu> | 1994-06-02 16:43:33 +0000 |
|---|---|---|
| committer | Theodore Tso <tytso@mit.edu> | 1994-06-02 16:43:33 +0000 |
| commit | 3b0f7fb81a6e6c61f9744de76d902fecdc299661 (patch) | |
| tree | cf1a4a0e95075695ce8b7d3862883b20e9e71f3f /src/lib/krb5/krb/rd_priv.c | |
| parent | 754201bd7a7d12eb60e73a4f822595b7bc7ed8c6 (diff) | |
| download | krb5-3b0f7fb81a6e6c61f9744de76d902fecdc299661.zip krb5-3b0f7fb81a6e6c61f9744de76d902fecdc299661.tar.gz krb5-3b0f7fb81a6e6c61f9744de76d902fecdc299661.tar.bz2 | |
Always check the sender and receiver addresses. If the receiver is null
use the local address.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3673 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/krb/rd_priv.c')
| -rw-r--r-- | src/lib/krb5/krb/rd_priv.c | 48 |
1 files changed, 26 insertions, 22 deletions
diff --git a/src/lib/krb5/krb/rd_priv.c b/src/lib/krb5/krb/rd_priv.c index 1e51f93..f069d32 100644 --- a/src/lib/krb5/krb/rd_priv.c +++ b/src/lib/krb5/krb/rd_priv.c @@ -180,17 +180,6 @@ OLDDECLARG(krb5_data *, outbuf) cleanup_mesg(); return KRB5_RC_REQUIRED; } - if (!krb5_address_compare(sender_addr, privmsg_enc_part->s_address)) { - cleanup_data(); - cleanup_mesg(); - return KRB5KRB_AP_ERR_BADADDR; - } - if (recv_addr && privmsg_enc_part->r_address && - !krb5_address_compare(recv_addr, privmsg_enc_part->r_address)) { - cleanup_data(); - cleanup_mesg(); - return KRB5KRB_AP_ERR_BADADDR; - } if (retval = krb5_gen_replay_name(sender_addr, "_priv", &replay.client)) { cleanup_data(); @@ -216,21 +205,36 @@ OLDDECLARG(krb5_data *, outbuf) return KRB5KRB_AP_ERR_BADORDER; } + if (!krb5_address_compare(sender_addr, privmsg_enc_part->s_address)) { + cleanup_data(); + cleanup_mesg(); + return KRB5KRB_AP_ERR_BADADDR; + } + if (privmsg_enc_part->r_address) { - krb5_address **our_addrs; + if (recv_addr) { + if (!krb5_address_compare(recv_addr, + privmsg_enc_part->r_address)) { + cleanup_data(); + cleanup_mesg(); + return KRB5KRB_AP_ERR_BADADDR; + } + } else { + krb5_address **our_addrs; - if (retval = krb5_os_localaddr(&our_addrs)) { - cleanup_data(); - cleanup_mesg(); - return retval; - } - if (!krb5_address_search(privmsg_enc_part->r_address, our_addrs)) { + if (retval = krb5_os_localaddr(&our_addrs)) { + cleanup_data(); + cleanup_mesg(); + return retval; + } + if (!krb5_address_search(privmsg_enc_part->r_address, our_addrs)) { + krb5_free_addresses(our_addrs); + cleanup_data(); + cleanup_mesg(); + return KRB5KRB_AP_ERR_BADADDR; + } krb5_free_addresses(our_addrs); - cleanup_data(); - cleanup_mesg(); - return KRB5KRB_AP_ERR_BADADDR; } - krb5_free_addresses(our_addrs); } /* everything is ok - return data to the user */ |