[openssh-commits] [openssh] 02/03: upstream: clamp max number of GSSAPI mechanisms to 2048; ok dtucker

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 8ba2d4764bb6a4701cd447d8b52604622ffe65f4
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Mar 31 04:22:27 2023 +0000

    upstream: clamp max number of GSSAPI mechanisms to 2048; ok dtucker
    
    OpenBSD-Commit-ID: ce66db603a913d3dd57063e330cb5494d70722c4
---
 auth2-gss.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/auth2-gss.c b/auth2-gss.c
index 2062609d..f72a3899 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-gss.c,v 1.33 2021/12/19 22:12:07 djm Exp $ */
+/* $OpenBSD: auth2-gss.c,v 1.34 2023/03/31 04:22:27 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -48,6 +48,8 @@
 #include "ssh-gss.h"
 #include "monitor_wrap.h"
 
+#define SSH_GSSAPI_MAX_MECHS	2048
+
 extern ServerOptions options;
 
 static int input_gssapi_token(int type, u_int32_t plen, struct ssh *ssh);
@@ -75,7 +77,11 @@ userauth_gssapi(struct ssh *ssh, const char *method)
 		fatal_fr(r, "parse packet");
 
 	if (mechs == 0) {
-		debug("Mechanism negotiation is not supported");
+		logit_f("mechanism negotiation is not supported");
+		return (0);
+	} else if (mechs > SSH_GSSAPI_MAX_MECHS) {
+		logit_f("too many mechanisms requested %u > %u", mechs,
+		    SSH_GSSAPI_MAX_MECHS);
 		return (0);
 	}
 
@@ -94,7 +100,7 @@ userauth_gssapi(struct ssh *ssh, const char *method)
 			goid.length   = len - 2;
 			ssh_gssapi_test_oid_supported(&ms, &goid, &present);
 		} else {
-			logit("Badly formed OID received");
+			logit_f("badly formed OID received");
 		}
 	} while (mechs > 0 && !present);
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.