From 43dc72537228ac7c4819ac70b9737c25ceb9f75a Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Mon, 27 Sep 2010 13:24:02 +0200
Subject: Validate challenge to AUTH[ENTICATE] GSSAPI and warn if malformed.

---
 gssapi.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/gssapi.c b/gssapi.c
index 2d6315e0..9f366f27 100644
--- a/gssapi.c
+++ b/gssapi.c
@@ -153,6 +153,13 @@ int do_gssauth(int sock, const char *command, const char *service,
     if (result)
 	return result;
 
+    if (strcmp(buf1, "+ ")) {
+	if (outlevel >= O_VERBOSE) {
+	    report(stdout, GT_("Warning: received malformed challenge to \"%s GSSAPI\"!"), command);
+	}
+    }
+
+
     /* now start the security context initialisation loop... */
     sec_token = GSS_C_NO_BUFFER;
     context = GSS_C_NO_CONTEXT;
-- 
cgit v1.2.3