From 911750da81abc99ee57bcb0d6129fec85bf6b761 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 23 Nov 2022 15:16:51 +0100 Subject: [PATCH] CVE-2022-37966 lib/krb5_wrap: remove unused ifdef HAVE_ENCTYPE_AES* aes encryption types are always supported. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237 Signed-off-by: Stefan Metzmacher Reviewed-by: Joseph Sutton Reviewed-by: Andrew Bartlett (cherry picked from commit c9b10ee32c7e91521d024477a28fb7a622e4eb04) --- lib/krb5_wrap/krb5_samba.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c index 4321f07ca09..2b6fc6d713b 100644 --- a/lib/krb5_wrap/krb5_samba.c +++ b/lib/krb5_wrap/krb5_samba.c @@ -3580,12 +3580,8 @@ int ads_krb5_cli_get_ticket(TALLOC_CTX *mem_ctx, krb5_ccache ccdef = NULL; krb5_auth_context auth_context = NULL; krb5_enctype enc_types[] = { -#ifdef HAVE_ENCTYPE_AES256_CTS_HMAC_SHA1_96 ENCTYPE_AES256_CTS_HMAC_SHA1_96, -#endif -#ifdef HAVE_ENCTYPE_AES128_CTS_HMAC_SHA1_96 ENCTYPE_AES128_CTS_HMAC_SHA1_96, -#endif ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES_CBC_MD5, ENCTYPE_DES_CBC_CRC,