Assists Samba to address CVE-2022-2031
This allows the plugin to check the endtime of a ticket against the
KDC's current time, to see if the ticket will expire in the next two
minutes.
Samba BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
kdc_validate_token
krb5_kdc_plugin_init
krb5_kdc_get_config
+ krb5_kdc_get_time
krb5_kdc_pkinit_config
krb5_kdc_set_dbinfo
krb5_kdc_process_krb5_request
_kdc_now = *tv;
}
+KDC_LIB_FUNCTION struct timeval KDC_LIB_CALL
+krb5_kdc_get_time(void)
+{
+ return _kdc_now;
+}
+
#define EXTEND_REQUEST_T(LHS, RHS) do { \
RHS = realloc(LHS, sizeof(*RHS)); \
kdc_validate_token;
krb5_kdc_plugin_init;
krb5_kdc_get_config;
+ krb5_kdc_get_time;
krb5_kdc_pkinit_config;
krb5_kdc_set_dbinfo;
krb5_kdc_process_krb5_request;