blob: b04a77de251f5562818d031c4626850f1322c117 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
From cb49e67303dbafbab1cebf4086e3ec15b7d56ee5 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 10 Mar 2023 09:22:43 +0100
Subject: [PATCH] url: only reuse connections with same GSS delegation
Reported-by: Harry Sintonen
Closes #10731
Upstream-Status: Backport [https://github.com/curl/curl/commit/cb49e67303dbafbab1cebf4086e3ec15b7d56ee5]
CVE: CVE-2023-27536
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
lib/url.c | 6 ++++++
lib/urldata.h | 1 +
2 files changed, 7 insertions(+)
diff --git a/lib/url.c b/lib/url.c
index f84375c..87f4eb0 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1257,6 +1257,11 @@ ConnectionExists(struct Curl_easy *data,
}
}
+ /* GSS delegation differences do not actually affect every connection
+ and auth method, but this check takes precaution before efficiency */
+ if(needle->gssapi_delegation != check->gssapi_delegation)
+ continue;
+
#ifdef USE_SSH
else if(get_protocol_family(needle->handler->protocol) & PROTO_FAMILY_SSH) {
if(!ssh_config_matches(needle, check))
@@ -1708,6 +1713,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
conn->fclosesocket = data->set.fclosesocket;
conn->closesocket_client = data->set.closesocket_client;
conn->lastused = Curl_now(); /* used now */
+ conn->gssapi_delegation = data->set.gssapi_delegation;
return conn;
error:
diff --git a/lib/urldata.h b/lib/urldata.h
index 51b793b..b8a611b 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -1118,6 +1118,7 @@ struct connectdata {
handle */
BIT(sock_accepted); /* TRUE if the SECONDARYSOCKET was created with
accept() */
+ long gssapi_delegation; /* inherited from set.gssapi_delegation */
};
/* The end of connectdata. */
--
2.25.1
|
