git.samba.org
/
samba.git
/ search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
CVE-2022-2031 s4:kpasswd: Do not accept TGTs as kpasswd tickets
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kpasswd: Do not accept TGTs as kpasswd...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:auth: Use PAC to determine whether...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 auth: Add ticket type field to auth_user_info_...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Add test that we cannot provide...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32744 s4:kpasswd: Ensure we pass the kpasswd...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32744 s4:kdc: Modify HDB plugin to only look...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
s4:kdc: Remove kadmin mode from HDB plugin
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32744 s4:kdc: Rename keytab_name -> kpasswd_keytab_name
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kdc: Don't use strncmp to compare...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Test truncated forms of server...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kdc: Reject tickets during the last...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kdc: Limit kpasswd ticket lifetime...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kdc: Fix canonicalisation of kadmin...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kdc: Refactor samba_kdc_get_entry_principal()
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kdc: Split out a samba_kdc_get_entry_princi...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
s4:kpasswd: Restructure code for clarity
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kpasswd: Require an initial ticket
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 gensec_krb5: Add helper function to check...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kpasswd: Return a kpasswd error code...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 lib:krb5_wrap: Generate valid error codes...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kpasswd: Don't return AP-REP on failure
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kpasswd: Correctly generate error...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Add tests for kpasswd service
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32744 selftest: Specify Administrator kvno...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Add kpasswd_exchange() method
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Allow requesting a TGT to...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add option for creating accounts with expired...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Fix enum typo
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Add methods to send and receive...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Add 'port' parameter to connect()
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Add methods to create ASN1...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Add new definitions for kpasswd
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32744 tests/krb5: Correctly calculate salt...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 tests/krb5: Split out _make_tgs_request()
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32744 tests/krb5: Correctly handle specifying...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kpasswd: Add MIT fallback for decoding...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kpasswd: Account for missing target...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
heimdal:kdc: Accommodate NULL data parameter in krb5_pac_get...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-2031 s4:kdc: Add MIT support for ATTRIBUTES_INFO...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
selftest: Simplify krb5 test environments
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add helper function to modify ticket flags
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Correctly determine whether tickets are...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
kdc: Canonicalize realm for enterprise principals
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
kdc: Require that PAC_REQUESTER_SID buffer is present...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
heimdal:kdc: Do not generate extra PAC buffers for...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
selftest: Properly check extra PAC buffers with Heimdal
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
heimdal:kdc: Always generate a PAC for S4U2Self
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add a test for S4U2Self with no authorization...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
kdc: Remove PAC_TYPE_ATTRIBUTES_INFO from RODC-issued...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
kdc: Don't include extra PAC buffers in service tickets
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
Revert "CVE-2020-25719 s4/torture: Expect additional...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add tests for renewal and validation of...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
kdc: Always add the PAC if the header TGT is from an...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
kdc: Match Windows error code for mismatching sname
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add test for S4U2Self with wrong sname
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
kdc: Adjust SID mismatch error code to match Windows
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
heimdal:kdc: Adjust no-PAC error code to match Windows
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
s4:torture: Fix typo
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
heimdal:kdc: Fix error message for user-to-user
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add comments for tests that fail against...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add tests for validation with requester...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Align PAC buffer checking to more closely...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add TGS-REQ tests with FAST
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add tests for TGS requests with a non-TGT
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Add tests for invalid TGTs
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Remove unnecessary expect_pac arguments
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Adjust error codes to better match Windows...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Split out methods to create renewable or...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Allow PasswordKey_create() to use s2kparams
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Run test_rpc against member server
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Deduplicate AS-REQ tests
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
tests/krb5: Remove unused variable
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
selftest: Check received LDB error code when STRICT_CHECKING=0
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32745 s4/dsdb/util: Correctly copy values...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32745 s4/dsdb/util: Don't call memcpy() with...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32745 s4/dsdb/util: Use correct value for...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32745 s4/dsdb/samldb: Check for empty values...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 ldb: Make use of functions for appending...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 ldb: Add functions for appending to...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 ldb: Ensure shallow copy modifications...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 ldb: Add flag to mark message element...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 s4/registry: Use LDB_FLAG_MOD_TYPE(...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 s4/dsdb/tombstone_reanimate: Use LDB_FLAG_MOD...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 s4/dsdb/repl_meta_data: Use LDB_FLAG_MOD_TYPE...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 ldb:rdn_name: Use LDB_FLAG_MOD_TYPE...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 s4/dsdb/acl: Fix LDB flags comparison
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 s4:torture: Fix LDB flags comparison
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 s4/dsdb/partition: Fix LDB flags comparison
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 s4:dsdb:tests: Add test for deleting...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-07-24
Joseph Sutton
CVE-2022-32746 s4/dsdb/objectclass_attrs: Fix typo
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-03-07
Joseph Sutton
provision: Decrease the length of random machine passwords
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-01-31
Joseph Sutton
CVE-2022-0336: s4/dsdb/samldb: Don't return early when...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2022-01-31
Joseph Sutton
CVE-2022-0336: pytest: Add a test for an SPN conflict...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2021-12-02
Joseph Sutton
CVE-2021-3670 ldap_server: Ensure value of MaxQueryDuration...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2021-12-02
Joseph Sutton
CVE-2021-3670 ldap_server: Set timeout on requests...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2021-12-02
Joseph Sutton
CVE-2021-3670 tests/krb5/test_ldap.py: Add test for...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2021-11-18
Joseph Sutton
CVE-2020-25717: tests/krb5: Add a test for idmap_nss...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2021-11-18
Joseph Sutton
CVE-2020-25717: selftest: turn ad_member_no_nss_wb...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2021-11-18
Joseph Sutton
CVE-2020-25717: nsswitch/nsstest.c: Lower 'non existent...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
2021-11-18
Joseph Sutton
CVE-2020-25717: tests/krb5: Add method to automatically...
Signed-off-by: Joseph Sutton <
josephsutton@catalyst.net.nz
>
commit
|
commitdiff
|
tree
next