packages/samba
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
samba/backport-0012-CVE-2022-37966.patch

55 lines
2.3 KiB
Diff
Raw Blame History

From 3f55dbf520b77338bea1ef7ba8e4af70768a1f7d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 1 Nov 2022 14:47:12 +1300
Subject: [PATCH 12/54] CVE-2022-37966 HEIMDAL: Look up the server keys to
combine with clients etype list to select a session key
We need to select server, not client, to compare client etypes against.
(It is not useful to compare the client-supplied encryption types with
the client's own long-term keys.)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(similar to commit 538315a2aa6d03b7639b49eb1576efa8755fefec)
[jsutton@samba.org Fixed knownfail conflicts]
Conflict: NA
Reference: https://attachments.samba.org/attachment.cgi?id=17695
---
selftest/knownfail_heimdal_kdc | 5 -----
third_party/heimdal/kdc/kerberos5.c | 2 +-
2 files changed, 1 insertion(+), 6 deletions(-)
diff --git a/selftest/knownfail_heimdal_kdc b/selftest/knownfail_heimdal_kdc
index 4abacafe03a0..4ae27eacb091 100644
--- a/selftest/knownfail_heimdal_kdc
+++ b/selftest/knownfail_heimdal_kdc
@@ -54,8 +54,3 @@
^samba.tests.krb5.protected_users_tests.samba.tests.krb5.protected_users_tests.ProtectedUsersTests.test_proxiable_as_protected.ad_dc
#
^samba.tests.krb5.protected_users_tests.samba.tests.krb5.protected_users_tests.ProtectedUsersTests.test_samr_change_password_protected.ad_dc
-#
-# Encryption type tests
-#
-^samba.tests.krb5.etype_tests.samba.tests.krb5.etype_tests.EtypeTests.test_as_aes_requested.ad_dc
-^samba.tests.krb5.etype_tests.samba.tests.krb5.etype_tests.EtypeTests.test_as_rc4_supported_aes_requested.ad_dc
diff --git a/third_party/heimdal/kdc/kerberos5.c b/third_party/heimdal/kdc/kerberos5.c
index 0a7934310cca..3e0f2dbd6b63 100644
--- a/third_party/heimdal/kdc/kerberos5.c
+++ b/third_party/heimdal/kdc/kerberos5.c
@@ -2212,7 +2212,7 @@ _kdc_as_rep(astgs_request_t r)
* intersection of the client's requested enctypes and the server's (like a
* root krbtgt, but not necessarily) etypes from its HDB entry.
*/
- ret = _kdc_find_etype(r, (is_tgs ? KFE_IS_TGS:0) | KFE_USE_CLIENT,
+ ret = _kdc_find_etype(r, (is_tgs ? KFE_IS_TGS:0),
b->etype.val, b->etype.len,
&r->sessionetype, NULL, NULL);
if (ret) {
--
2.34.1
Reference in New Issue View Git Blame Copy Permalink