1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/source4
Andrew Bartlett 3507e96b3d CVE-2021-3670 ldap_server: Clearly log LDAP queries and timeouts
This puts all the detail on one line so it can be searched
by IP address and connecting SID.

This relies on the anr handling as otherwise this log
becomes the expanded query, not the original one.

RN: Provide clear logs of the LDAP search and who made it, including
a warning (at log level 3) for queries that are 1/4 of the hard timeout.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14694

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Nov 25 02:30:42 UTC 2021 on sn-devel-184
2021-11-25 02:30:42 +00:00
..
auth s4/auth/gensec/gensec_krb5_heimdal: use utf-8 2021-11-17 04:36:37 +00:00
build/pasn1
cldap_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
client s4/cifsdd: don't ignore unknown options 2021-09-10 15:10:30 +00:00
cluster dbwrap: Remove calls to loadparm 2018-04-24 01:53:19 +02:00
dns_server s4/dnsserver: Fix NULL check 2021-09-04 00:10:37 +00:00
dsdb CVE-2021-3670 dsdb/anr: Do a copy of the potentially anr query before starting to modify it 2021-11-25 01:41:30 +00:00
echo_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
heimdal Revert "CVE-2020-25719 heimdal:kdc: Require authdata to be present" 2021-11-09 19:45:34 +00:00
heimdal_build kdc: sign ticket using Windows PAC 2021-10-14 18:59:31 +00:00
include lib: Remove global xfile.h includes 2016-11-20 06:23:19 +01:00
kdc CVE-2020-25722 kdc: Do not honour a request for a 3-part SPN (ending in our domain/realm) unless a DC 2021-11-09 19:45:34 +00:00
ldap_server CVE-2021-3670 ldap_server: Clearly log LDAP queries and timeouts 2021-11-25 02:30:42 +00:00
lib s4/regtree: don't ignore unknown options 2021-09-10 15:10:30 +00:00
libcli libcli4: Remove outdated README file 2021-11-11 19:08:37 +00:00
libnet s4:libnet: Allow libnet_SetPassword() for encrypted SMB connections 2021-08-03 09:28:38 +00:00
librpc CVE-2021-23192: dcesrv_core: only the first fragment specifies the auth_contexts 2021-11-09 19:45:34 +00:00
nbt_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntp_signd s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntvfs s4: ntvfs: Missed comma in 24c09f913d, string would be concatenated. 2021-08-25 18:02:05 +00:00
param libcli/smb: actually make use of "client/server smb3 signing algorithms" 2021-07-15 00:06:31 +00:00
rpc_server CVE-2021-3738 s4:rpc_server/samr: make use of dcesrv_samdb_connect_as_*() helper 2021-11-09 20:37:30 +00:00
samba samba: Save a line with TALLOC_FREE 2021-10-08 19:28:31 +00:00
script python: remove all 'from __future__ import print_function' 2021-04-28 03:43:34 +00:00
scripting gp: Apply Firewalld Policy 2021-11-01 21:16:43 +00:00
selftest CVE-2020-25717: tests/krb5: Add a test for idmap_nss mapping users to SIDs 2021-11-15 18:10:28 +00:00
setup CVE-2020-25722 blackbox/upgrades tests: ignore SPN for ldapcmp 2021-11-09 19:45:33 +00:00
smb_server CVE-2020-25717: s4:smb_server: start with authoritative = 1 2021-11-09 19:45:32 +00:00
torture CVE-2021-3738 s4:torture/drsuapi: DsBindAssocGroup* tests 2021-11-09 19:45:34 +00:00
utils s4:utils: Migrate oLschema2ldif to new cmdline option parser 2021-06-20 23:26:32 +00:00
winbind s3: Remove --log-stdout from daemons 2021-04-29 03:58:37 +00:00
wrepl_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build s4:client: Migrate cifsdd to new cmdline option parser 2021-06-16 00:34:38 +00:00