heimdal/kdc/default_config.c at a9c6bc2bf2a4f485dbbcf5261e570b87b8c17690

Files

Joseph Sutton b8c58191dc kdc: Optionally require that PAC be be present

This is from Samba's patches for CVE-2020-25719.

This allows Heimdal to match AD behaviour, when configured,
for the behaviour after Microsoft's CVE-2021-42287 when
PacRequestorEnforcement is set to 2.

Samba BUG: https://bugzilla.samba.org/show_bug.cgi?id=14686
REF: https://support.microsoft.com/en-au/topic/kb5008380-authentication-updates-cve-2021-42287-9dafac11-e0d0-4cb8-959a-143bd0201041

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

[abarlet@samba.org based on Samba commit
 756934f14cc87dc1adfd9315672ae5d49cb24d95
 and f7a2fef8f49a86f63c3dc2f6a2d7d979fb53238a]

2021-12-16 14:41:10 +11:00

13 KiB

Raw Blame History

View Raw

13 KiB Raw Blame History

13 KiB

Raw Blame History