From: Andreas Schneider <asn@samba.org>
Date: Mon, 12 Jul 2021 11:12:00 +0000 (+0200)
Subject: CVE-2020-25719 mit-samba: Add mit_samba_princ_needs_pac()
X-Git-Tag: samba-4.13.14~65
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0e09aaa3e6410ba6963099a3504c70603180a66d;p=thirdparty%2Fsamba.git

CVE-2020-25719 mit-samba: Add mit_samba_princ_needs_pac()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14561

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c
index 689e14e1c38..6aed3134544 100644
--- a/source4/kdc/mit_samba.c
+++ b/source4/kdc/mit_samba.c
@@ -1153,3 +1153,11 @@ void mit_samba_update_bad_password_count(krb5_db_entry *db_entry)
 				     p->msg,
 				     ldb_get_default_basedn(p->kdc_db_ctx->samdb));
 }
+
+bool mit_samba_princ_needs_pac(krb5_db_entry *db_entry)
+{
+	struct samba_kdc_entry *skdc_entry =
+		talloc_get_type_abort(db_entry->e_data, struct samba_kdc_entry);
+
+	return samba_princ_needs_pac(skdc_entry);
+}
diff --git a/source4/kdc/mit_samba.h b/source4/kdc/mit_samba.h
index ba824557bd5..636c77ec97c 100644
--- a/source4/kdc/mit_samba.h
+++ b/source4/kdc/mit_samba.h
@@ -85,4 +85,6 @@ void mit_samba_zero_bad_password_count(krb5_db_entry *db_entry);
 
 void mit_samba_update_bad_password_count(krb5_db_entry *db_entry);
 
+bool mit_samba_princ_needs_pac(krb5_db_entry *db_entry);
+
 #endif /* _MIT_SAMBA_H */