git.samba.org - samba.git/commit

author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Fri, 10 Jun 2022 07:18:35 +0000 (19:18 +1200)
committer	Jule Anger <janger@samba.org>
	Sun, 24 Jul 2022 09:42:02 +0000 (11:42 +0200)
commit	89c6e36938c27b572573b06d1b35db210bfda99b
tree	185017600b7a92b51d9c9ab9bfe9d4749a21bc66	tree
parent	4b61092459b403b2945daa9082052366f3508b69	commit \| diff

CVE-2022-2031 s4:auth: Use PAC to determine whether ticket is a TGT

We use the presence or absence of a REQUESTER_SID PAC buffer to
determine whether the ticket is a TGT. We will later use this to reject
TGTs where a service ticket is expected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

source4/auth/kerberos/kerberos_pac.c

diff | blob | history

Samba Shared Repository

RSS Atom