samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00

History

Noel Power 0fd7b13ebc s4:lib:tls: Don't negotiate session resumption with session tickets tls_tstream can't properly handle 'New Session Ticket' messages sent 'after' the client sends the 'Finished' message. This is needed because some servers (at least elasticsearch) wait till they get 'Finished' messgage from the client before sending the "New Ticket" message. Without this patch what typcially happens is when the application code sends data it then tries to read the response, but, instead of the response to the request it actually recieves the "New Session Ticket" instead. The "New Session Ticket" message gets processed by the upper layer logic e.g. tstream_tls_readv_send ->tstream_tls_readv_crypt_next ->tstream_tls_retry_read ->gnutls_record_recv instead of the core gnutls routines. This results in the response processing failing due to the currently 'unexpected' New Ticket message. In order to avoid this scenario we can ensure the client doesn't negotiate resumption with session tickets. Signed-off-by: Noel Power <noel.power@suse.com> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Nov 16 09:58:45 UTC 2022 on sn-devel-184		2022-11-16 09:58:44 +00:00
..
auth	s4-auth: Make PAC parameters const	2022-11-08 02:39:37 +00:00
cldap_server	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
client	s4:client: Fix shellcheck errors in test_smbclient.sh	2022-08-22 14:20:36 +00:00
cluster	dbwrap: Remove calls to loadparm	2018-04-24 01:53:19 +02:00
dns_server	CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message	2022-07-27 10:52:36 +00:00
dsdb	s4-join: Fix typos in recent GET_ANC patch set	2022-10-21 03:57:33 +00:00
echo_server	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
include	lib: Remove smb_threads from includes.h	2022-04-26 21:41:29 +00:00
kdc	s4:kdc: add initial support for compound claims	2022-11-08 02:39:37 +00:00
ldap_server	s4:ldap_server: let ldapsrv_call_writev_start use conn_idle_time to limit the time	2022-10-19 17:13:39 +00:00
lib	s4:lib:tls: Don't negotiate session resumption with session tickets	2022-11-16 09:58:44 +00:00
libcli	s4: libcli: Ignore errors when getting A records after fetching AAAA records.	2022-11-09 20:34:07 +00:00
libnet	lib/krb5_wrap: remove unused keep_old_entries argument from smb_krb5_kt_add_entry()	2022-10-27 21:14:43 +00:00
librpc	librpc: Avoid an else	2022-10-27 18:18:36 +00:00
nbt_server	CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message	2022-07-27 10:52:36 +00:00
ntp_signd	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
ntvfs	ntvfs: Remove orphans from 2006	2022-10-27 18:18:36 +00:00
param	python: whitespace fixes	2022-10-03 20:03:32 +00:00
rpc_server	rpc_server: Remove an unneeded #include	2022-10-27 18:18:36 +00:00
samba	s4/server: stop suggesting ntvfs in error message	2022-09-16 05:46:35 +00:00
script	s4:script: Fix shellcheck errors in find_unused_options.sh	2022-08-22 14:20:36 +00:00
scripting	samba-tool: binary uses samba_tool function	2022-09-08 22:34:36 +00:00
selftest	tests/krb5: Add tests of PAC group handling	2022-11-08 03:37:37 +00:00
setup	python:tests: Allocate OID range for testing to avoid collisions	2022-08-25 13:55:47 +00:00
smb_server	s4:smb_server: don't set mapped_state explicitly in auth_usersupplied_info	2022-03-10 03:16:35 +00:00
torture	s3: smbd: Add test to show smbd crashes when doing an FSCTL on a named stream handle.	2022-11-14 17:13:36 +00:00
utils	s4:utils: Fix shellcheck errors in test_samba_tool.sh	2022-08-22 20:35:36 +00:00
winbind	CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message	2022-07-27 10:52:36 +00:00
wrepl_server	s4: rename source4/smbd/ to source4/samba/	2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build	s4:client: Migrate cifsdd to new cmdline option parser	2021-06-16 00:34:38 +00:00