From: Luke Howard Date: Tue, 31 Aug 2021 05:38:16 +0000 (+1200) Subject: kdc: KRB5KDC_ERR_{C,S}_PRINCIPAL_UNKNOWN if missing field X-Git-Tag: ldb-2.5.0~795 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b0f4455e524cbbfb13202220e7095f466b083a2f;p=thirdparty%2Fsamba.git kdc: KRB5KDC_ERR_{C,S}_PRINCIPAL_UNKNOWN if missing field If missing cname or sname in AS-REQ, return KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN and KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN. This matches MIT behaviour. [abartlet@samba.org Backported from Heimdal commit 892a1ffcaad98157e945c540b81f65edb14d29bd and knownfail added] BUG: https://bugzilla.samba.org/show_bug.cgi?id=14770 Signed-off-by: Andrew Bartlett Reviewed-by: Andreas Schneider --- diff --git a/selftest/knownfail_heimdal_kdc b/selftest/knownfail_heimdal_kdc index a55357b7537..2c63707fff3 100644 --- a/selftest/knownfail_heimdal_kdc +++ b/selftest/knownfail_heimdal_kdc @@ -72,3 +72,4 @@ ^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_simple_tgs_no_sname.ad_dc ^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_inner_no_sname.ad_dc ^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_fast_tgs_inner_no_sname.ad_dc +^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_simple_no_sname.ad_dc \ No newline at end of file diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index 27d38ad84b7..0fa336e871c 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -996,7 +996,7 @@ _kdc_as_rep(krb5_context context, flags |= HDB_F_CANON; if(b->sname == NULL){ - ret = KRB5KRB_ERR_GENERIC; + ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN; e_text = "No server in request"; } else{ ret = _krb5_principalname2krb5_principal (context, @@ -1012,7 +1012,7 @@ _kdc_as_rep(krb5_context context, goto out; } if(b->cname == NULL){ - ret = KRB5KRB_ERR_GENERIC; + ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN; e_text = "No client in request"; } else { ret = _krb5_principalname2krb5_principal (context,