39 lines
1.4 KiB
Diff
39 lines
1.4 KiB
Diff
From cf749fac346ef59c91a9ea87f5e7ddec2e5649c7 Mon Sep 17 00:00:00 2001
|
|
From: Joseph Sutton <josephsutton@catalyst.net.nz>
|
|
Date: Wed, 18 May 2022 16:49:43 +1200
|
|
Subject: [PATCH 75/99] CVE-2022-2031 s4:kpasswd: Return a kpasswd error code
|
|
in KRB-ERROR
|
|
|
|
If we attempt to return an error code outside of Heimdal's allowed range
|
|
[KRB5KDC_ERR_NONE, KRB5_ERR_RCSID), it will be replaced with a GENERIC
|
|
error, and the error text will be set to the meaningless result of
|
|
krb5_get_error_message(). Avoid this by ensuring the error code is in
|
|
the correct range.
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074
|
|
|
|
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
|
|
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
Conflict: remove selftest/knownfail_heimdal_kdc selftest/knownfail_mit_kdc
|
|
---
|
|
source4/kdc/kpasswd-service.c | 2 +-
|
|
3 files changed, 1 insertion(+), 7 deletions(-)
|
|
|
|
diff --git a/source4/kdc/kpasswd-service.c b/source4/kdc/kpasswd-service.c
|
|
index a3c57a67dd1..b4706de1ad7 100644
|
|
--- a/source4/kdc/kpasswd-service.c
|
|
+++ b/source4/kdc/kpasswd-service.c
|
|
@@ -312,7 +312,7 @@ reply:
|
|
}
|
|
|
|
code = smb_krb5_mk_error(kdc->smb_krb5_context->krb5_context,
|
|
- error_code,
|
|
+ KRB5KDC_ERR_NONE + error_code,
|
|
NULL, /* e_text */
|
|
&k_dec_data,
|
|
NULL, /* client */
|
|
--
|
|
2.25.1
|