samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00

History

Ralph Boehme 3e6621fe58 CVE-2018-1057: s4/dsdb: correctly detect password resets This change ensures we correctly treat the following LDIF dn: cn=testuser,cn=users,... changetype: modify delete: userPassword add: userPassword userPassword: thatsAcomplPASS1 as a password reset. Because delete and add element counts are both one, the ACL module wrongly treated this as a password change request. For a password change we need at least one value to delete and one value to add. This patch ensures we correctly check attributes and their values. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>		2018-03-13 10:24:27 +01:00
..
ldb_modules	CVE-2018-1057: s4/dsdb: correctly detect password resets	2018-03-13 10:24:27 +01:00
cracknames.c	s4:samdb: Add FALL_THROUGH statements in cracknames.c	2018-03-01 04:37:42 +01:00
samdb_privilege.c	s4-auth Remove event context from privilage database handling	2010-12-21 15:10:38 +11:00
samdb.c	samdb: Rework samdb_connect_url() to return LDB error code and an error string	2017-09-20 02:25:30 +02:00
samdb.h	dsdb encrypted secrets module	2017-12-18 00:10:16 +01:00