From 5ed800f4c4d709acdeb21efa3a3c303cc75b912e Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 22 Nov 2016 17:08:46 +0100
Subject: [PATCH] CVE-2016-2126: auth/kerberos: only allow known checksum types
 in check_pac_checksum()

aes based checksums can only be checked with the
corresponding aes based keytype.

Otherwise we may trigger an undefined code path
deep in the kerberos libraries, which can leed to
segmentation faults.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12446

Signed-off-by: Stefan Metzmacher <metze@samba.org>
---
 auth/kerberos/kerberos_pac.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/auth/kerberos/kerberos_pac.c b/auth/kerberos/kerberos_pac.c
index 32d9d7fad0e..7b6efdc8db0 100644
--- a/auth/kerberos/kerberos_pac.c
+++ b/auth/kerberos/kerberos_pac.c
@@ -39,6 +39,28 @@ krb5_error_code check_pac_checksum(DATA_BLOB pac_data,
 	krb5_boolean checksum_valid = false;
 	krb5_data input;
 
+	switch (sig->type) {
+	case CKSUMTYPE_HMAC_MD5:
+		/* ignores the key type */
+		break;
+	case CKSUMTYPE_HMAC_SHA1_96_AES_256:
+		if (KRB5_KEY_TYPE(keyblock) != ENCTYPE_AES256_CTS_HMAC_SHA1_96) {
+			return EINVAL;
+		}
+		/* ok */
+		break;
+	case CKSUMTYPE_HMAC_SHA1_96_AES_128:
+		if (KRB5_KEY_TYPE(keyblock) != ENCTYPE_AES128_CTS_HMAC_SHA1_96) {
+			return EINVAL;
+		}
+		/* ok */
+		break;
+	default:
+		DEBUG(2,("check_pac_checksum: Checksum Type %d is not supported\n",
+			(int)sig->type));
+		return EINVAL;
+	}
+
 #ifdef HAVE_CHECKSUM_IN_KRB5_CHECKSUM /* Heimdal */
 	cksum.cksumtype	= (krb5_cksumtype)sig->type;
 	cksum.checksum.length	= sig->signature.length;
-- 
2.47.2