summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorPatrick Monnerat <patrick@monnerat.net>2021-08-16 08:35:22 +0200
committerDaniel Stenberg <daniel@haxx.se>2021-08-16 08:36:10 +0200
commit7da2990b199225140bf1adea4caf7fa7b55e4f4b (patch)
treea8d49b6f420d3e71c67435a4642d6cbbf8cf88bd /lib
parent396a2d7fe3b9d10acfd69656490efd0dbbefc7b0 (diff)
downloadcurl-7da2990b199225140bf1adea4caf7fa7b55e4f4b.tar.gz
auth: do not append zero-terminator to authorisation id in kerberos
RFC4752 Section 3.1 states "The authorization identity is not terminated with a zero-valued (%x00) octet". Although a comment in code said it may be needed anyway, nothing confirms it. In addition, servers may consider it as part of the identity, causing a failure. Closes #7008
Diffstat (limited to 'lib')
-rw-r--r--lib/vauth/krb5_gssapi.c11
-rw-r--r--lib/vauth/krb5_sspi.c11
2 files changed, 8 insertions, 14 deletions
diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c
index 5c126eb59..67d43bd56 100644
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -247,8 +247,8 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
/* Allocate our message */
messagelen = 4;
- if(authzid && *authzid)
- messagelen += strlen(authzid) + 1;
+ if(authzid)
+ messagelen += strlen(authzid);
message = malloc(messagelen);
if(!message)
return CURLE_OUT_OF_MEMORY;
@@ -260,13 +260,10 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
message[2] = (max_size >> 8) & 0xFF;
message[3] = max_size & 0xFF;
- /* If given, append the authorization identity including the 0x00 based
- terminator. Note: Despite RFC4752 Section 3.1 stating "The authorization
- identity is not terminated with the zero-valued (%x00) octet." it seems
- necessary to include it. */
+ /* If given, append the authorization identity. */
if(authzid && *authzid)
- strcpy((char *) message + 4, authzid);
+ memcpy(message + 4, authzid, messagelen - 4);
/* Setup the "authentication data" security buffer */
input_token.value = message;
diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 2e6368871..c652fd736 100644
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -344,8 +344,8 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
/* Allocate our message */
messagelen = 4;
- if(authzid && *authzid)
- messagelen += strlen(authzid) + 1;
+ if(authzid)
+ messagelen += strlen(authzid);
message = malloc(messagelen);
if(!message) {
free(trailer);
@@ -360,13 +360,10 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
message[2] = (max_size >> 8) & 0xFF;
message[3] = max_size & 0xFF;
- /* If given, append the authorization identity including the 0x00 based
- terminator. Note: Despite RFC4752 Section 3.1 stating "The authorization
- identity is not terminated with the zero-valued (%x00) octet." it seems
- necessary to include it. */
+ /* If given, append the authorization identity. */
if(authzid && *authzid)
- strcpy((char *) message + 4, authzid);
+ memcpy(message + 4, authzid, messagelen - 4);
/* Allocate the padding */
padding = malloc(sizes.cbBlockSize);