From owner-svn-src-stable@FreeBSD.ORG  Mon Dec 16 04:01:28 2013
Return-Path: <owner-svn-src-stable@FreeBSD.ORG>
Delivered-To: svn-src-stable@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id DFDB9312;
 Mon, 16 Dec 2013 04:01:27 +0000 (UTC)
Received: from mail.allbsd.org (gatekeeper.allbsd.org
 [IPv6:2001:2f0:104:e001::32])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 682AF1EA0;
 Mon, 16 Dec 2013 04:01:20 +0000 (UTC)
Received: from alph.d.allbsd.org (p2106-ipbf2009funabasi.chiba.ocn.ne.jp
 [114.146.169.106]) (authenticated bits=128)
 by mail.allbsd.org (8.14.5/8.14.5) with ESMTP id rBG410UO087427
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
 Mon, 16 Dec 2013 13:01:11 +0900 (JST) (envelope-from hrs@FreeBSD.org)
Received: from localhost (localhost [IPv6:::1]) (authenticated bits=0)
 by alph.d.allbsd.org (8.14.7/8.14.5) with ESMTP id rBG40wvA059710;
 Mon, 16 Dec 2013 13:00:59 +0900 (JST) (envelope-from hrs@FreeBSD.org)
Date: Mon, 16 Dec 2013 13:00:52 +0900 (JST)
Message-Id: <20131216.130052.128049839311409145.hrs@allbsd.org>
To: bjk@FreeBSD.org
Subject: Re: svn commit: r259449 - in stable/8: .
 crypto/heimdal/lib/gssapi/krb5 sys/sys
From: Hiroki Sato <hrs@FreeBSD.org>
In-Reply-To: <alpine.GSO.1.10.1312152248100.27579@multics.mit.edu>
References: <201312160230.rBG2UvH5008664@svn.freebsd.org>
 <20131216034043.GK1446@glenbarber.us>
 <alpine.GSO.1.10.1312152248100.27579@multics.mit.edu>
X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530  FFD7 4F2C D3D8 2793 CF2D
X-Mailer: Mew version 6.5 on Emacs 24.3 / Mule 6.0 (HANACHIRUSATO)
Mime-Version: 1.0
Content-Type: Multipart/Signed; protocol="application/pgp-signature";
 micalg=pgp-sha1;
 boundary="--Security_Multipart(Mon_Dec_16_13_00_52_2013_160)--"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 0.97.4 at gatekeeper.allbsd.org
X-Virus-Status: Clean
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7
 (mail.allbsd.org [133.31.130.32]); Mon, 16 Dec 2013 13:01:11 +0900 (JST)
X-Spam-Status: No, score=-95.6 required=13.0 tests=CONTENT_TYPE_PRESENT,
 RCVD_IN_PBL,SPF_SOFTFAIL,USER_IN_WHITELIST autolearn=no version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
 gatekeeper.allbsd.org
Cc: gjb@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org,
 svn-src-stable-8@FreeBSD.org, svn-src-stable@FreeBSD.org
X-BeenThere: svn-src-stable@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SVN commit messages for all the -stable branches of the src tree
 <svn-src-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-stable>,
 <mailto:svn-src-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable/>
List-Post: <mailto:svn-src-stable@freebsd.org>
List-Help: <mailto:svn-src-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-stable>,
 <mailto:svn-src-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Dec 2013 04:01:28 -0000

----Security_Multipart(Mon_Dec_16_13_00_52_2013_160)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Benjamin Kaduk <bjk@FreeBSD.org> wrote
  in <alpine.GSO.1.10.1312152248100.27579@multics.mit.edu>:

bj> On Sun, 15 Dec 2013, Glen Barber wrote:
bj>
bj> > On Mon, Dec 16, 2013 at 02:30:57AM +0000, Benjamin Kaduk wrote:
bj> >> Author: bjk (doc committer)
bj> >> Date: Mon Dec 16 02:30:56 2013
bj> >> New Revision: 259449
bj> >> URL: http://svnweb.freebsd.org/changeset/base/259449
bj> >>
bj> >> Log:
bj> >>   MFC r259286,259424,259425:
bj> >>     Apply patch from upstream Heimdal for encoding fix
bj> >>
bj> >>     RFC 4402 specifies the implementation of the gss_pseudo_random()
bj> >>     function for the krb5 mechanism (and the C bindings therein).
bj> >>     The implementation uses a PRF+ function that concatenates the output
bj> >>     of individual krb5 pseudo-random operations produced with a counter
bj> >>     and seed.  The original implementation of this function in Heimdal
bj> >>     incorrectly encoded the counter as a little-endian integer, but the
bj> >>     RFC specifies the counter encoding as big-endian.  The implementation
bj> >>     initializes the counter to zero, so the first block of output (16
bj> >>     octets,
bj> >>     for the modern AES enctypes 17 and 18) is unchanged.  (RFC 4402
bj> >>     specifies
bj> >>     that the counter should begin at 1, but both existing implementations
bj> >>     begin with zero and it looks like the standard will be re-issued, with
bj> >>     test vectors, to begin at zero.)
bj> >>
bj> >
bj> > This breaks stable/8 build.
bj>
bj> Looking...

 It seems tsize = min(desired_output_len, output.length) and
 /output.length/tsize/ just after the p+= line are missing for
 stable/9 and /8.

-- Hiroki

----Security_Multipart(Mon_Dec_16_13_00_52_2013_160)--
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (FreeBSD)

iEYEABECAAYFAlKuevQACgkQTyzT2CeTzy3rUwCcD/fYpZHzXBhncLeRiV9a3D11
yjQAn1zP4JtqBMdibYjtE51yYzAkzfuh
=YZOy
-----END PGP SIGNATURE-----

----Security_Multipart(Mon_Dec_16_13_00_52_2013_160)----