samba.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Joseph Sutton <josephsutton@catalyst.net.nz>	2022-05-30 19:17:41 +1200
committer	Jule Anger <janger@samba.org>	2022-07-27 10:52:36 +0000
commit	714cadfc4049454d76e37932377cfa3d9a6f464d (patch)
tree	787606eb1aa4a51f94b5291679a7a70f62340f1e /python
parent	b423c370b9b0f2350f0cc46f0bcb9a3ad57a0fe6 (diff)
download	samba-714cadfc4049454d76e37932377cfa3d9a6f464d.tar.gz samba-714cadfc4049454d76e37932377cfa3d9a6f464d.tar.bz2 samba-714cadfc4049454d76e37932377cfa3d9a6f464d.zip

CVE-2022-2031 s4:kpasswd: Add MIT fallback for decoding setpw structure

The target principal and realm fields of the setpw structure are supposed to be optional, but in MIT Kerberos they are mandatory. For better compatibility and ease of testing, fall back to parsing the simpler (containing only the new password) structure if the MIT function fails to decode it. Although the target principal and realm fields should be optional, one is not supposed to specified without the other, so we don't have to deal with the case where only one is specified. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>

Diffstat (limited to 'python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: