git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 29ec8b2)
CVE-2022-2031 s4:kpasswd: Don't return AP-REP on failure
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Wed, 18 May 2022 04:48:59 +0000 (16:48 +1200)
committerJule Anger <janger@samba.org>
Sun, 24 Jul 2022 09:42:02 +0000 (11:42 +0200)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
[jsutton@samba.org Removed MIT KDC 1.20-specific knownfails]

selftest/knownfail_mit_kdc patch | blob | history
source4/kdc/kpasswd-service.c patch | blob | history

diff --git a/selftest/knownfail_mit_kdc b/selftest/knownfail_mit_kdc
index a914c4d3492caf755d15697025caf8b2614737d3..f64291e776dc755644524ae9606e2c0fdf764a33 100644 (file)
--- a/selftest/knownfail_mit_kdc
+++ b/selftest/knownfail_mit_kdc
@@ -579,7 +579,6 @@ samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_
 # Kpasswd tests
 #
 ^samba.tests.krb5.kpasswd_tests.samba.tests.krb5.kpasswd_tests.KpasswdTests.test_kpasswd_canonicalize_realm_case.ad_dc
-^samba.tests.krb5.kpasswd_tests.samba.tests.krb5.kpasswd_tests.KpasswdTests.test_kpasswd_empty.ad_dc
 ^samba.tests.krb5.kpasswd_tests.samba.tests.krb5.kpasswd_tests.KpasswdTests.test_kpasswd_no_canonicalize_realm_case.ad_dc
 ^samba.tests.krb5.kpasswd_tests.samba.tests.krb5.kpasswd_tests.KpasswdTests.test_kpasswd_non_initial.ad_dc
 ^samba.tests.krb5.kpasswd_tests.samba.tests.krb5.kpasswd_tests.KpasswdTests.test_kpasswd_ticket_lifetime.ad_dc
diff --git a/source4/kdc/kpasswd-service.c b/source4/kdc/kpasswd-service.c
index 8f1679e4a28aa5e4d9ce608a46e2c1282ea2c7c2..a3c57a67dd1882947fcac89a9f2331ec915ca571 100644 (file)
--- a/source4/kdc/kpasswd-service.c
+++ b/source4/kdc/kpasswd-service.c
@@ -253,6 +253,7 @@ kdc_code kpasswd_process(struct kdc_server *kdc,
                                      &kpasswd_dec_reply,
                                      &error_string);
        if (code != 0) {
+               ap_rep_blob = data_blob_null;
                error_code = code;
                goto reply;
        }
@@ -262,6 +263,7 @@ kdc_code kpasswd_process(struct kdc_server *kdc,
                             &kpasswd_dec_reply,
                             &enc_data_blob);
        if (!NT_STATUS_IS_OK(status)) {
+               ap_rep_blob = data_blob_null;
                error_code = KRB5_KPASSWD_HARDERROR;
                error_string = talloc_asprintf(tmp_ctx,
                                               "gensec_wrap failed - %s\n",
Samba Shared Repository