]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a6dde53) | patch
Don't blindly use PKCS11 slot IDs in PKINIT
authorGreg Hudson <ghudson@mit.edu>
Thu, 22 May 2014 23:18:34 +0000 (19:18 -0400)
committerTom Yu <tlyu@mit.edu>
Fri, 6 Feb 2015 22:46:16 +0000 (17:46 -0500)
commit1bc131a069dfe31d2a78f8c1f84e43027a3da967
tree048a18dbd3e171bbfe04e3ecc400553d3a5bc8actree | snapshot
parenta6dde5302783a59d958e1fdafd53b22fa627b158commit | diff
Don't blindly use PKCS11 slot IDs in PKINIT

Passing invalid slot IDs to C_OpenSession can cause some PKCS #11
implementations (such as the Solaris one) to crash.  If a PKINIT
identity specifies a slotid, use it to filter the result of
C_GetSlotList, but don't try it if it does not appear in the list.

(cherry picked from commit ac406bac3d73a7e4efcc74adbb90c722457da969)

ticket: 8100 (new)
version_fixed: 1.11.6
status: resolved
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git