diff options
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-05-26 16:36:30 +1200 |
|---|---|---|
| committer | Jule Anger <janger@samba.org> | 2022-07-24 11:42:02 +0200 |
| commit | 42ba919c06c24c42ef123304de0c2ca8c689591a (patch) | |
| tree | 445e81a68eb4a0f9186fa7a5d9c3772dc5712d0d | |
| parent | d40593be83144713cfc43e4eb1c7bc2d925a0da0 (diff) | |
| download | samba-42ba919c06c24c42ef123304de0c2ca8c689591a.tar.gz | |
CVE-2022-32744 s4:kdc: Rename keytab_name -> kpasswd_keytab_name
This makes explicitly clear the purpose of this keytab.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
[jsutton@samba.org Fixed conflicts due to lacking HDBGET support]
| -rw-r--r-- | source4/kdc/kdc-heimdal.c | 4 | ||||
| -rw-r--r-- | source4/kdc/kdc-server.h | 2 | ||||
| -rw-r--r-- | source4/kdc/kdc-service-mit.c | 4 | ||||
| -rw-r--r-- | source4/kdc/kpasswd-service.c | 2 |
4 files changed, 6 insertions, 6 deletions
diff --git a/source4/kdc/kdc-heimdal.c b/source4/kdc/kdc-heimdal.c index ba74df4f2ec..a4c845b62f8 100644 --- a/source4/kdc/kdc-heimdal.c +++ b/source4/kdc/kdc-heimdal.c @@ -444,8 +444,8 @@ static void kdc_post_fork(struct task_server *task, struct process_details *pd) return; } - kdc->keytab_name = talloc_asprintf(kdc, "HDB:samba4&%p", kdc->base_ctx); - if (kdc->keytab_name == NULL) { + kdc->kpasswd_keytab_name = talloc_asprintf(kdc, "HDB:samba4&%p", kdc->base_ctx); + if (kdc->kpasswd_keytab_name == NULL) { task_server_terminate(task, "kdc: Failed to set keytab name", true); diff --git a/source4/kdc/kdc-server.h b/source4/kdc/kdc-server.h index fd883c2e4b4..89b30f122f5 100644 --- a/source4/kdc/kdc-server.h +++ b/source4/kdc/kdc-server.h @@ -40,7 +40,7 @@ struct kdc_server { struct ldb_context *samdb; bool am_rodc; uint32_t proxy_timeout; - const char *keytab_name; + const char *kpasswd_keytab_name; void *private_data; }; diff --git a/source4/kdc/kdc-service-mit.c b/source4/kdc/kdc-service-mit.c index 5d4180aa7cc..22663b6ecc8 100644 --- a/source4/kdc/kdc-service-mit.c +++ b/source4/kdc/kdc-service-mit.c @@ -291,8 +291,8 @@ NTSTATUS mitkdc_task_init(struct task_server *task) return NT_STATUS_INTERNAL_ERROR; } - kdc->keytab_name = talloc_asprintf(kdc, "KDB:"); - if (kdc->keytab_name == NULL) { + kdc->kpasswd_keytab_name = talloc_asprintf(kdc, "KDB:"); + if (kdc->kpasswd_keytab_name == NULL) { task_server_terminate(task, "KDC: Out of memory", true); diff --git a/source4/kdc/kpasswd-service.c b/source4/kdc/kpasswd-service.c index b4706de1ad7..0d2acd8d9e8 100644 --- a/source4/kdc/kpasswd-service.c +++ b/source4/kdc/kpasswd-service.c @@ -167,7 +167,7 @@ kdc_code kpasswd_process(struct kdc_server *kdc, rv = cli_credentials_set_keytab_name(server_credentials, kdc->task->lp_ctx, - kdc->keytab_name, + kdc->kpasswd_keytab_name, CRED_SPECIFIED); if (rv != 0) { DBG_ERR("Failed to set credentials keytab name\n"); |