| commit | 57abb7f8f8884f52f1d194c5c74e067aecd0d3dd | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Mon, 4 Oct 2021 16:03:55 +0000 (4 18:03 +0200) | ||
| committer | Jule Anger <janger@samba.org> | |
| Tue, 9 Nov 2021 19:45:33 +0000 (9 19:45 +0000) | ||
| tree | b27fe35278718bc3ec38d44bc396002fe0af14f2 | treesnapshot (tar.gz zip) |
| parent | 52190982de134fb55abce76def0609651e45012e | commitdiff |
CVE-2020-25717: s3:auth: don't let create_local_token depend on !winbind_ping()
We always require a running winbindd on a domain member, so
we should better fail a request instead of silently alter
the behaviour, which results in a different unix token, just
because winbindd might be restarted.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We always require a running winbindd on a domain member, so
we should better fail a request instead of silently alter
the behaviour, which results in a different unix token, just
because winbindd might be restarted.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
| source3/auth/auth_util.c | diffblobblamehistory |