1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

Revert "CVE-2020-25719 heimdal:kdc: Require authdata to be present"

This reverts an earlier commit that was incorrect.

It is not Samba practice to include a revert, but at this point in
the patch preperation the ripple though the knownfail files is
more trouble than can be justified.

It is not correct to refuse to parse all tickets with no authorization
data, only for the KDC to require that a PAC is found, which is done
in "heimdal:kdc: Require PAC to be present"

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This commit is contained in:
Andrew Bartlett 2021-11-02 14:52:22 +13:00 committed by Jule Anger
parent 4dbe9d5b8c
commit 3a4326f2b5

View File

@ -1369,7 +1369,7 @@ _krb5_kdc_pac_ticket_parse(krb5_context context,
*ppac = NULL;
if (ad == NULL || ad->len == 0)
return KRB5KDC_ERR_BADOPTION;
return 0;
for (i = 0; i < ad->len; i++) {
AuthorizationData child;