sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Code
0e11fabbfa
samba-mirror/source4/auth/kerberos
History
Aaron Haslett 8bd67c593d auth: keytab invalidation fix 
chgtdcpass should add a new DC password and delete the old ones but the bug
exposed by this test causes the tool to remove only a single record from
the old entries, leaving the old passwords functional.  Since the tool is
used by administrators who may have disclosed their domain join password and
want to invalidate it, this is a security concern.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13415

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue May 15 15:45:08 CEST 2018 on sn-devel-144
2018-05-15 15:45:08 +02:00
..
kerberos_credentials.h s4-auth-krb: Move function into more appropriate header. 2012-04-12 12:06:41 +02:00
kerberos_pac.c krb5_wrap: Rename kerberos_free_data_contents() 2016-08-31 20:59:13 +02:00
kerberos_util.c auth: keytab invalidation fix 2018-05-15 15:45:08 +02:00
kerberos-notes.txt Fix spelling s/doens't/doesn't/ 2018-05-12 02:09:26 +02:00
kerberos-porting-to-mit-notes.txt Fix spelling s/doens't/doesn't/ 2018-05-12 02:09:26 +02:00
kerberos.h s4-kerberos: remove duplicate macros. 2014-08-08 06:02:34 +02:00
krb5_init_context.c libsocket: Add "mem_ctx" to socket_create() 2018-02-27 09:14:17 +01:00
krb5_init_context.h torture: Start a new testsuite for krb5 and KDC behaviour 2015-01-23 05:42:07 +01:00
srv_keytab.c doc: Add doxygen for functions in srv_keytab.c 2016-11-22 02:10:16 +01:00
wscript_build auth: Generate a human readable Authentication log message. 2017-03-29 02:37:26 +02:00