delta/samba.git - git.samba.org: samba.git

diff options

author	Stefan Metzmacher <metze@samba.org>	2021-10-05 18:11:57 +0200
committer	Jule Anger <janger@samba.org>	2021-11-09 19:45:33 +0000
commit	e2d271cb6bcd292f786664f055cde41c32002804 (patch)
tree	9a548397272cedebd473c26aaffb52b2e9141b64 /auth/gensec/schannel.c
parent	e2d5b4d709293b52112d078d6fcde95593d790c5 (diff)
download	samba-e2d271cb6bcd292f786664f055cde41c32002804.tar.gz

CVE-2020-25719 CVE-2020-25717: auth/gensec: always require a PAC in domain mode (DC or member)

AD domains always provide a PAC unless UF_NO_AUTH_DATA_REQUIRED is set on the service account, which can only be explicitly configured, but that's an invalid configuration! We still try to support standalone servers in an MIT realm, as legacy setup. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> [jsutton@samba.org Removed knownfail entries]

Diffstat (limited to 'auth/gensec/schannel.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: