directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r154126 - incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
Date Thu, 17 Feb 2005 05:40:02 GMT
Author: erodriguez
Date: Wed Feb 16 21:39:59 2005
New Revision: 154126

URL: http://svn.apache.org/viewcvs?view=rev&rev=154126
Log:
Decrypting encrypted timestamps could yield an ASN.1 structure that was totally valid, yet
not the DERSequence we expected, resulting in a ClassCastException and temporary DoS of the
KDC.

Modified:
    incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java

Modified: incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
URL: http://svn.apache.org/viewcvs/incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java?view=diff&r1=154125&r2=154126
==============================================================================
--- incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
(original)
+++ incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
Wed Feb 16 21:39:59 2005
@@ -135,6 +135,10 @@
 			    		{
 			    		    throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
 			    		}
+			    		catch (ClassCastException cce)
+			    		{
+			    		    throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+			    		}
 			        }
 			    }
 			    



Mime
View raw message