Bug fix: When the client connects to a server and Kerberos

authentication is enabled, the client effectively ignores any error from krb5_rd_rep due to a missing branch. In theory this could result in an ssh client using Kerberos 5 authentication accepting a spoofed AP-REP. I doubt this is a real possiblity, however, because the AP-REP is passed from the server to the client via the SSH encrypted channel. Any tampering should cause the decryption or MAC to fail. Approved by: green MFC after: 1 week
svn path=/head/; revision=79683
2001-07-13 18:12:13 +00:00 · 2001-07-13 18:12:13 +00:00 · b33edd3956 · 2020-12-20 02:59:44 +00:00
commit b33edd3956
parent 5f662f42d6
1 changed files with 1 additions and 0 deletions
--- a/crypto/openssh/sshconnect.c
+++ b/crypto/openssh/sshconnect.c
@ -802,6 +802,7 @@ try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context)
                problem = krb5_rd_rep(*context, *auth_context, &ap, &reply);
                if (problem) { 
 		   ret = 0;
+		   goto out;
                } 
 		ret = 1;
 		break;