Commit de3fa5d6 authored by Isaac Boukris's avatar Isaac Boukris Committed by Karolin Seeger

CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum

BUG: 's avatarIsaac Boukris <>
Reviewed-by: 's avatarAndrew Bartlett <>
Signed-off-by: 's avatarAndrew Bartlett <>
parent 52200468
This diff is collapsed.
......@@ -1925,6 +1925,13 @@ server_lookup:
goto out;
if (!krb5_checksum_is_keyed(context, self.cksum.cksumtype)) {
kdc_log(context, config, 0, "Reject PA-S4U2Self with unkeyed checksum");
goto out;
ret = _krb5_s4u2self_to_checksumdata(context, &self, &datack);
if (ret)
goto out;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment