| commit | 1c5a0ef89c947545ae63ac67413e29a5f86e8987 | |
| author | Andrew Bartlett <abartlet@samba.org> | |
| Tue, 2 Nov 2021 01:52:22 +0000 (2 14:52 +1300) | ||
| committer | Jule Anger <janger@samba.org> | |
| Mon, 8 Nov 2021 09:52:12 +0000 (8 10:52 +0100) | ||
| tree | db9c48bd14337ce434da4a9daa9a427a86ba8355 | treesnapshot (tar.gz zip) |
| parent | a803247a1dcea41c31c06f8e5fb1c5d7a58d6317 | commitdiff |
Revert "CVE-2020-25719 heimdal:kdc: Require authdata to be present"
This reverts an earlier commit that was incorrect.
It is not Samba practice to include a revert, but at this point in
the patch preperation the ripple though the knownfail files is
more trouble than can be justified.
It is not correct to refuse to parse all tickets with no authorization
data, only for the KDC to require that a PAC is found, which is done
in "heimdal:kdc: Require PAC to be present"
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This reverts an earlier commit that was incorrect.
It is not Samba practice to include a revert, but at this point in
the patch preperation the ripple though the knownfail files is
more trouble than can be justified.
It is not correct to refuse to parse all tickets with no authorization
data, only for the KDC to require that a PAC is found, which is done
in "heimdal:kdc: Require PAC to be present"
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
| source4/heimdal/lib/krb5/pac.c | diffblobblamehistory |