From: Andreas Schneider <asn@samba.org>
Date: Wed, 8 May 2024 08:10:56 +0000 (+0200)
Subject: Handle empty initial buffer in IAKERB initiator
X-Git-Tag: krb5-1.22-beta1~97
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1342%2Fhead;p=thirdparty%2Fkrb5.git

Handle empty initial buffer in IAKERB initiator

Section 5.19 of RFC 2744 (about gss_init_sec_context) states,
"Initially, the input_token parameter should be specified either as
GSS_C_NO_BUFFER, or as a pointer to a gss_buffer_desc object whose
length field contains the value zero."  In iakerb_initiator_step(),
handle both cases when deciding whether to parse an acceptor message.

[ghudson@mit.edu: edited commit message]

ticket: 9126 (new)
---

diff --git a/src/lib/gssapi/krb5/iakerb.c b/src/lib/gssapi/krb5/iakerb.c
index a0d298c49e..3ee926e695 100644
--- a/src/lib/gssapi/krb5/iakerb.c
+++ b/src/lib/gssapi/krb5/iakerb.c
@@ -523,7 +523,7 @@ iakerb_initiator_step(iakerb_ctx_id_t ctx,
     output_token->length = 0;
     output_token->value = NULL;
 
-    if (input_token != GSS_C_NO_BUFFER) {
+    if (input_token != GSS_C_NO_BUFFER && input_token->length > 0) {
         code = iakerb_parse_token(ctx, 0, input_token, NULL, &cookie, &in);
         if (code != 0)
             goto cleanup;