Joseph Sutton 15eac7676b CVE-2023-0614 s4-dsdb: Treat confidential attributes as unindexed ...

In the unlikely case that someone adds a confidential indexed attribute
to the schema, LDAP search expressions on that attribute could disclose
information via timing differences. Let's not use the index for searches
on confidential attributes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

2023-04-05 02:10:35 +00:00

..

tests

dsdb/schema/tests: let samba4.local.dsdb.syntax call the validate_dn() hook

2022-01-12 02:20:27 +00:00

dsdb_dn.c

ldb: use #include <ldb.h> for ldb

2011-02-10 06:51:07 +01:00

prefixmap.h

s4-attid: Uppercase ATTID type constants

2010-11-08 23:06:41 +00:00

schema_convert_to_ol.c

lib/util: remove extra safe_string.h file

2020-08-28 02:18:40 +00:00

schema_description.c

CVE-2023-0614 s4-dsdb: Treat confidential attributes as unindexed

2023-04-05 02:10:35 +00:00

schema_filtered.c

Fix a comment typo copied around

2020-08-17 19:35:38 +00:00

schema_inferiors.c

dsdb-schema: schema_fill_possible_inferiors() should rebuild everthing

2013-05-23 20:25:59 +10:00

schema_info_attr.c

s4/dsdb/schema: Fix Access to field results in deference of null pointer

2019-07-08 09:30:10 +00:00

schema_init.c

CVE-2023-0614 s4-dsdb: Treat confidential attributes as unindexed

2023-04-05 02:10:35 +00:00

schema_prefixmap.c

lib: relicense smb_strtoul(l) under LGPLv3

2020-08-03 22:21:02 +00:00

schema_query.c

s4:dsdb/schema: Add dsdb_attribute_by_cn_ldb_val()

2023-03-31 08:29:32 +00:00

schema_set.c

CVE-2023-0614 s4-dsdb: Treat confidential attributes as unindexed

2023-04-05 02:10:35 +00:00

schema_syntax.c

dsdb/schema: let dsdb_syntax_DN_BINARY_drsuapi_to_ldb return WERR_DS_INVALID_ATTRIBUTE_SYNTAX

2022-01-12 03:09:52 +00:00

schema.h

s4:dsdb/schema: Add dsdb_attribute_by_cn_ldb_val()

2023-03-31 08:29:32 +00:00