git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 80d72b5) | patch
s4:kdc: strictly have 2 16-bit parts in krbtgt kvnos
authorStefan Metzmacher <metze@samba.org>
Wed, 16 Feb 2022 13:11:10 +0000 (14:11 +0100)
committerStefan Metzmacher <metze@samba.org>
Thu, 24 Mar 2022 09:19:33 +0000 (09:19 +0000)
commitab0946a75d51b8f4826d98c61c3ad503615009fe
treecbb8a73892113399bd36d27a1fef73fb36849e7atree
parent80d72b532f6c17acc045fcdada71dbbc0adb977acommit | diff
s4:kdc: strictly have 2 16-bit parts in krbtgt kvnos

Even if the msDS-KeyVersionNumber of the main krbtgt
account if larger than 65535, we need to have
the 16 upper bits all zero in order to avoid
mixing the keys with an RODC.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14951

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source4/kdc/db-glue.c diff | blob | history
Samba Shared Repository