git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4212037) | patch
CVE-2022-2031 tests/krb5: Consider kadmin/* principals as TGS for MIT KRB5 >= 1.20
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Tue, 31 May 2022 07:23:06 +0000 (19:23 +1200)
committerJule Anger <janger@samba.org>
Wed, 27 Jul 2022 10:52:36 +0000 (10:52 +0000)
commit192d597c2f2025845c3cd478fab9d72299c075bd
tree83b7f7a2ac73580d230ae32752f12149f1f4343ftree
parent4212037a6a37080206c8459920087b1a113c3fb5commit | diff
CVE-2022-2031 tests/krb5: Consider kadmin/* principals as TGS for MIT KRB5 >= 1.20

With MIT Kerberos >= 1.20, we should not expect a ticket checksum in
tickets to principals such as kpasswd/changepw, as they are encrypted
with the krbtgt's key.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
python/samba/tests/krb5/kdc_base_test.py diff | blob | history
python/samba/tests/krb5/raw_testcase.py diff | blob | history
source4/selftest/tests.py diff | blob | history
Samba Shared Repository