You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2005/02/17 06:40:02 UTC
svn commit: r154126 -
incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
Author: erodriguez
Date: Wed Feb 16 21:39:59 2005
New Revision: 154126
URL: http://svn.apache.org/viewcvs?view=rev&rev=154126
Log:
Decrypting encrypted timestamps could yield an ASN.1 structure that was totally valid, yet not the DERSequence we expected, resulting in a ClassCastException and temporary DoS of the KDC.
Modified:
incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
Modified: incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
URL: http://svn.apache.org/viewcvs/incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java?view=diff&r1=154125&r2=154126
==============================================================================
--- incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java (original)
+++ incubator/directory/protocols/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java Wed Feb 16 21:39:59 2005
@@ -135,6 +135,10 @@
{
throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
}
+ catch (ClassCastException cce)
+ {
+ throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+ }
}
}