-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathcups-CVE-2010-2432.patch
35 lines (33 loc) · 1.1 KB
/
cups-CVE-2010-2432.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
diff -up cups-1.4.2/cups/auth.c.CVE-2010-2432 cups-1.4.2/cups/auth.c
--- cups-1.4.2/cups/auth.c.CVE-2010-2432 2009-05-18 23:03:04.000000000 +0100
+++ cups-1.4.2/cups/auth.c 2010-06-23 15:59:28.867563467 +0100
@@ -181,6 +181,15 @@ cupsDoAuthentication(
else if (http->status == HTTP_UNAUTHORIZED)
http->digest_tries ++;
+ if (http->status == HTTP_UNAUTHORIZED && http->digest_tries >= 3)
+ {
+ DEBUG_printf(("1cupsDoAuthentication: Too many authentication tries (%d)",
+ http->digest_tries));
+
+ http->status = HTTP_AUTHORIZATION_CANCELED;
+ return (-1);
+ }
+
/*
* Got a password; encode it for the server...
*/
@@ -222,15 +231,6 @@ cupsDoAuthentication(
}
# endif /* __APPLE__ */
- if (http->status == HTTP_UNAUTHORIZED && http->digest_tries >= 3)
- {
- DEBUG_printf(("1cupsDoAuthentication: too many Negotiate tries (%d)",
- http->digest_tries));
- http->status = HTTP_AUTHORIZATION_CANCELED;
-
- return (-1);
- }
-
if (http->gssname == GSS_C_NO_NAME)
{
if ((gss_service_name = getenv("CUPS_GSSSERVICENAME")) == NULL)