CVE-2022-45141 source4/heimdal: Fix TGS ticket enc-part key selection
authorNicolas Williams <nico@cryptonector.com>
Wed, 12 Oct 2011 04:57:58 +0000 (23:57 -0500)
committerStefan Metzmacher <metze@samba.org>
Wed, 7 Dec 2022 18:35:14 +0000 (19:35 +0100)
commit2be27ec1d7f3bfcdcac65bca1db53772535fe7bf
tree631597498f7fefe25113132053a45cd9350e71ad
parent73c7c6ec9bc3a1993e766f119e9e29905ded5e28
CVE-2022-45141 source4/heimdal: Fix TGS ticket enc-part key selection

    When I added support for configuring how the KDC selects session,
    reply, and ticket enc-part keys I accidentally had the KDC use the
    session key selection algorithm for selecting the ticket enc-part
    key.  This becomes a problem when using a Heimdal KDC with an MIT
    KDB as the HDB backend and when the krbtgt keys are not in
    strongest-to-weakest order, in which case forwardable tickets minted
    by the Heimdal KDC will not be accepted by MIT KDCs with the same
    KDB.

(cherry picked from Heimdal commit 12cd2c9cbd1ca027a3ef9ac7ab3e79526b1348ae)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15214
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
source4/heimdal/kdc/krb5tgs.c