diff options
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2021-11-23 20:00:07 +1300 |
|---|---|---|
| committer | Jule Anger <janger@samba.org> | 2022-07-24 11:42:01 +0200 |
| commit | 46b05cbf803c54cf56dca228fe95a3454027d0cc (patch) | |
| tree | 33ad289550fa362ce75bc8a9ddf0e895045d6364 | |
| parent | c62a2b7a218e2c4bdbd476a055049e78b8c0f4ce (diff) | |
| download | samba-46b05cbf803c54cf56dca228fe95a3454027d0cc.tar.gz | |
kdc: Match Windows error code for mismatching sname
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit b6a25f5f016aef39c3b1d7be8b3ecfe021c03c83)
| -rw-r--r-- | selftest/knownfail_heimdal_kdc | 3 | ||||
| -rw-r--r-- | source4/kdc/db-glue.c | 2 |
2 files changed, 1 insertions, 4 deletions
diff --git a/selftest/knownfail_heimdal_kdc b/selftest/knownfail_heimdal_kdc index 483145f1473..981d7894158 100644 --- a/selftest/knownfail_heimdal_kdc +++ b/selftest/knownfail_heimdal_kdc @@ -243,7 +243,6 @@ ^samba.tests.krb5.s4u_tests.samba.tests.krb5.s4u_tests.S4UKerberosTests.test_rbcd_zeroed_service_checksum ^samba.tests.krb5.s4u_tests.samba.tests.krb5.s4u_tests.S4UKerberosTests.test_s4u2self_forwardable ^samba.tests.krb5.s4u_tests.samba.tests.krb5.s4u_tests.S4UKerberosTests.test_s4u2self_not_trusted_empty_allowed -^samba.tests.krb5.s4u_tests.samba.tests.krb5.s4u_tests.S4UKerberosTests.test_s4u2self_wrong_sname # ^samba.tests.krb5.s4u_tests.samba.tests.krb5.s4u_tests.S4UKerberosTests.test_constrained_delegation_no_auth_data_required ^samba.tests.krb5.s4u_tests.samba.tests.krb5.s4u_tests.S4UKerberosTests.test_rbcd_no_auth_data_required @@ -292,6 +291,4 @@ ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_tgs_requester_sid_rodc_renew ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_tgs_requester_sid_rodc_validate ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_tgs_rodc_pac_request_false -^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_wrong_sname -^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_wrong_sname_krbtgt ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_validate_rodc_revealed diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c index d017741e30a..bed0ff773f9 100644 --- a/source4/kdc/db-glue.c +++ b/source4/kdc/db-glue.c @@ -2599,7 +2599,7 @@ samba_kdc_check_s4u2self(krb5_context context, */ if (!(orig_sid && target_sid && dom_sid_equal(orig_sid, target_sid))) { talloc_free(frame); - return KRB5KDC_ERR_BADOPTION; + return KRB5KRB_AP_ERR_BADMATCH; } talloc_free(frame); |