Remove incorrect KDC assertion

The assertion in return_enc_padata() is reachable because
kdc_make_s4u2self_rep() may have previously added encrypted padata.
It is no longer necessary because the code uses add_pa_data_element()
instead of allocating a new list.

CVE-2018-20217:

In MIT krb5 1.8 or later, an authenticated user who can obtain a TGT
using an older encryption type (DES, DES3, or RC4) can cause an
assertion failure in the KDC by sending an S4U2Self request.

[ghudson@mit.edu: rewrote commit message with CVE description]

(cherry picked from commit 94e5eda5bb94d1d44733a49c3d9b6d1e42c74def)

ticket: 8767
version_fixed: 1.15.5

2 files changed, 7 insertions, 1 deletions

diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index 605fcb7..0708f4d 100644
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -1609,7 +1609,6 @@ return_enc_padata(krb5_context context, krb5_data *req_pkt,
     krb5_error_code code = 0;
     /* This should be initialized and only used for Win2K compat and other
      * specific standardized uses such as FAST negotiation. */
-    assert(reply_encpart->enc_padata == NULL);
     if (is_referral) {
         code = return_referral_enc_padata(context, reply_encpart, server);
         if (code)
diff --git a/src/tests/gssapi/t_s4u.py b/src/tests/gssapi/t_s4u.py
index 07e6d5a..c1a585a 100755
--- a/src/tests/gssapi/t_s4u.py
+++ b/src/tests/gssapi/t_s4u.py
@@ -144,6 +144,13 @@ if 'auth1: user@' not in out or 'auth2: user@' not in out:
 
 realm.stop()
 
+for realm in multipass_realms(create_host=False, get_creds=False):
+    service1 = 'service/1@%s' % realm.realm
+    realm.addprinc(service1)
+    realm.extract_keytab(service1, realm.keytab)
+    realm.kinit(service1, None, ['-k'])
+    realm.run(['./t_s4u', 'p:user', '-'])
+
 # Exercise cross-realm S4U2Self.  The query in the foreign realm will
 # fail, but we can check that the right server principal was used.
 # Include a regression test for #8741 by unsetting the default realm.