1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/source4/auth
Joseph Sutton 0d8995910f CVE-2022-2031 s4:auth: Use PAC to determine whether ticket is a TGT
We use the presence or absence of a REQUESTER_SID PAC buffer to
determine whether the ticket is a TGT. We will later use this to reject
TGTs where a service ticket is expected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-07-27 10:52:36 +00:00
..
gensec CVE-2022-2031 gensec_krb5: Add helper function to check if client sent an initial ticket 2022-07-27 10:52:36 +00:00
kerberos CVE-2022-2031 s4:auth: Use PAC to determine whether ticket is a TGT 2022-07-27 10:52:36 +00:00
ntlm CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info 2022-07-27 10:52:36 +00:00
tests auth:creds: Remove unused credentials autoproto header 2020-08-19 16:22:40 +00:00
auth.h CVE-2020-25719 CVE-2020-25717: s4:auth: remove unused auth_generate_session_info_principal() 2021-11-09 19:45:33 +00:00
pyauth.c pyauth: add python binding for auth_session_info_set_unix() 2020-06-05 10:32:31 +00:00
pyauth.h
sam.c CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info 2022-07-27 10:52:36 +00:00
samba_server_gensec.c s4:auth: use talloc_reparent() in samba_server_gensec_krb5_start() 2017-05-30 08:06:07 +02:00
session.c CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info 2022-07-27 10:52:36 +00:00
session.h
system_session.c CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_session_info 2022-07-27 10:52:36 +00:00
unix_token.c s4-auth/unix_token: add new function auth_session_info_set_unix() 2020-06-05 10:32:31 +00:00
wscript_build build: Do not build selftest binaries for builds without --enable-selftest 2019-11-22 11:48:59 +00:00
wscript_configure s4:auth/gensec: remove unused and untested cyrus_sasl module 2015-06-23 22:12:08 +02:00