Projects
openEuler:20.03:LTS:SP3
samba
_service:tar_scm_kernel_repo:backport-0022-CVE-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-0022-CVE-2022-2031-CVE-2022-32744.patch of Package samba
From 49aafce0a705d47ffd4753ce6c6f452c4f7aa882 Mon Sep 17 00:00:00 2001 From: Joseph Sutton <josephsutton@catalyst.net.nz> Date: Wed, 24 Nov 2021 20:41:54 +1300 Subject: [PATCH 50/99] kdc: Require that PAC_REQUESTER_SID buffer is present for TGTs Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Nov 30 03:33:26 UTC 2021 on sn-devel-184 (cherry picked from commit 38c5bad4a853b19fe9a51fb059e150b153c4632a) Conflict: remove selftest/knownfail_heimdal_kdc --- source4/kdc/wdc-samba4.c | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c index b1d011c09a9..d7ce34fb3a9 100644 --- a/source4/kdc/wdc-samba4.c +++ b/source4/kdc/wdc-samba4.c @@ -459,6 +459,12 @@ static krb5_error_code samba_wdc_reget_pac2(krb5_context context, talloc_free(mem_ctx); return EINVAL; } + if (delegated_proxy_principal == NULL && requester_sid_idx == -1) { + DEBUG(1, ("PAC_TYPE_REQUESTER_SID missing\n")); + SAFE_FREE(types); + talloc_free(mem_ctx); + return KRB5KDC_ERR_TGT_REVOKED; + } /* * The server account may be set not to want the PAC. -- 2.25.1
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.