git: 140f65a20533 - releng/13.1 - pam_krb5: Add missing patch
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 01 Aug 2023 20:04:34 UTC
The branch releng/13.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=140f65a205334682c4868708fcabfaaf237b5b3f commit 140f65a205334682c4868708fcabfaaf237b5b3f Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2023-07-08 03:09:18 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2023-08-01 19:48:09 +0000 pam_krb5: Add missing patch Include a portion of the patch that was missed in 813847e49e35. Reported by: markj Fixes: 813847e49e35 (cherry picked from commit bfa51318dee8afd9307f15e49a6a521938dccd06) (cherry picked from commit d295e418ae7e60d87af6576ecdfad41a98d7442c) Approved by: so Security: FreeBSD-SA-23:09.pam_krb5 Security: CVE-2023-3326 --- lib/libpam/modules/pam_krb5/pam_krb5.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/lib/libpam/modules/pam_krb5/pam_krb5.c b/lib/libpam/modules/pam_krb5/pam_krb5.c index 3972479a581f..3c7976297ed2 100644 --- a/lib/libpam/modules/pam_krb5/pam_krb5.c +++ b/lib/libpam/modules/pam_krb5/pam_krb5.c @@ -938,18 +938,6 @@ verify_krb_v5_tgt_begin(krb5_context context, char *pam_service, int debug, continue; break; } - if (retval != 0) { /* failed to find key */ - /* Keytab or service key does not exist */ - if (debug) { - const char *msg = krb5_get_error_message(context, - retval); - syslog(LOG_DEBUG, - "pam_krb5: verify_krb_v5_tgt(): %s: %s", - "krb5_kt_read_service_key()", msg); - krb5_free_error_message(context, msg); - } - retval = 0; - } if (keyblock) krb5_free_keyblock(context, keyblock);