| commit | 5befe31c651419cfae9ff31e25290e2952441670 | |
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | |
| Sat, 9 Jul 2022 03:54:52 +0000 (9 15:54 +1200) | ||
| committer | Jule Anger <janger@samba.org> | |
| Mon, 19 Sep 2022 04:02:12 +0000 (19 04:02 +0000) | ||
| tree | d760309725cdb51add870611a890a4afd4b5f388 | treesnapshot (tar.gz zip) |
| parent | 4adcada4104294d2b7e30617fee2f959e93e908e | commitdiff |
CVE-2021-20251 s4:kdc: Check badPwdCount update return status
If the account has been locked out in the meantime (indicated by
NT_STATUS_ACCOUNT_LOCKED_OUT), we should return the appropriate error
code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit bdfc9d96f8fe5070ab8a189bbf42ccb7e77afb73)
[jsutton@samba.org Fixed knownfail conflicts due to not having claims
tests]
If the account has been locked out in the meantime (indicated by
NT_STATUS_ACCOUNT_LOCKED_OUT), we should return the appropriate error
code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit bdfc9d96f8fe5070ab8a189bbf42ccb7e77afb73)
[jsutton@samba.org Fixed knownfail conflicts due to not having claims
tests]
| selftest/knownfail_heimdal_kdc | diffblobblamehistory | |
| source4/kdc/hdb-samba4.c | diffblobblamehistory |