]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 75d1a7c) | patch
kdc: correctly generate PAC TGS signature
authorLuke Howard <lukeh@padl.com>
Thu, 23 Sep 2021 07:51:51 +0000 (17:51 +1000)
committerAndrew Bartlett <abartlet@samba.org>
Thu, 14 Oct 2021 18:59:31 +0000 (18:59 +0000)
commit91e684f5dcb48b76e6a322c15acb53cbce5c275a
tree79a619e2322cf9ac2f9ba7d6a3137cc1ce0f4d9etree
parent75d1a7cd14b134506061ed64ddb9b99856231d2ccommit | diff
kdc: correctly generate PAC TGS signature

When generating an AS-REQ, the TGS signature was incorrectly generated using
the server key, which would fail to validate if the server was not also the
TGS. Fix this.

Patch from Isaac Bourkis <iboukris@gmail.com>.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642

[jsutton@samba.org Backported from Heimdal commit
 e7863e2af922809dad25a2e948e98c408944d551
 - Samba's Heimdal version does not have the generate_pac() helper
 function.
 - Samba's Heimdal version does not use the 'r' context variable.
]

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source4/heimdal/kdc/kerberos5.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git