git.samba.org - amitay/samba.git/commit

git.samba.org / amitay / samba.git / commit

author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Fri, 10 Jun 2022 07:18:35 +0000 (19:18 +1200)
committer	Jule Anger <janger@samba.org>
	Wed, 27 Jul 2022 10:52:36 +0000 (10:52 +0000)
commit	0d8995910f9846d38f705abcaa19dede98294f58
tree	093261aa3cccfda452e643e50f544cad7c29bd6b	tree
parent	6a10e890a086b4dc05d460ef3e0c2cd9cd8f1f42	commit \| diff

CVE-2022-2031 s4:auth: Use PAC to determine whether ticket is a TGT

We use the presence or absence of a REQUESTER_SID PAC buffer to
determine whether the ticket is a TGT. We will later use this to reject
TGTs where a service ticket is expected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

source4/auth/kerberos/kerberos_pac.c

diff | blob | history

Amitay's Samba development tree

RSS Atom