| commit | bf79979f847de36db9da9646a396cdfe6b0e1c6f | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Wed, 11 Oct 2023 13:58:22 +0000 (11 15:58 +0200) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Mon, 16 Oct 2023 15:38:12 +0000 (16 15:38 +0000) | ||
| tree | d03d2d702e0ef0706a7e9b3700359a1bc3592b43 | treesnapshot (tar.gz zip) |
| parent | cbb8145d0c58b34b76a579afd81f0e19ec7106b6 | commitdiff |
s4:kdc: fix user2user tgs-requests for normal user accounts
User2User tgs requests use the session key of the additional
ticket instead of the long term keys based on the password.
In addition User2User also asserts that client and server
are the same account (cecked based on the sid).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15492
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Oct 16 15:38:12 UTC 2023 on atb-devel-224
User2User tgs requests use the session key of the additional
ticket instead of the long term keys based on the password.
In addition User2User also asserts that client and server
are the same account (cecked based on the sid).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15492
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Oct 16 15:38:12 UTC 2023 on atb-devel-224
| selftest/knownfail.d/krb5_user2user | [deleted file] | blobblamehistory |
| source4/kdc/db-glue.c | diffblobblamehistory | |
| source4/kdc/sdb.h | diffblobblamehistory |