1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/lib/ldb-samba
Andrew Bartlett dfe7b05730 CVE-2023-0614 lib/ldb-samba Ensure ACLs are evaluated on SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN
Setting the LDB_HANDLE_FLAG_UNTRUSTED tells the acl_read module to operate on this request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-04-05 02:10:35 +00:00
..
tests CVE-2023-0614 lib/ldb-samba: Add test for SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN with and ACL hidden attributes 2023-04-05 02:10:35 +00:00
ldb_ildap.c lib:ldb-samba: Correctly handle search scope 2023-02-06 22:51:31 +00:00
ldb_matching_rules.c CVE-2023-0614 lib/ldb-samba Ensure ACLs are evaluated on SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN 2023-04-05 02:10:35 +00:00
ldb_matching_rules.h dns: custom match rule for DNS records to be tombstoned 2018-07-12 04:31:54 +02:00
ldb_wrap.c lib:ldb-samba: Use debug level defines 2021-06-23 09:03:42 +00:00
ldb_wrap.h
ldif_handlers.c lib/ldb-samba: let ldif_read_ntSecurityDescriptor() only try sddl if isupper() 2023-03-22 15:01:32 +00:00
ldif_handlers.h dsdb: Introduce LDB_SYNTAX_SAMBA_OCTET_STRING 2016-03-09 10:32:16 +01:00
pyldb.c pyldb: Fix typos in function names 2022-10-05 05:23:50 +00:00
README
samba_extensions.c lib:ldb-samba: Migrate samba extensions to new cmdline option parser 2021-06-16 01:25:28 +00:00
wscript_build lib:ldb-samba: Migrate samba extensions to new cmdline option parser 2021-06-16 01:25:28 +00:00

This directory contains Samba specific extensions to ldb. It also
serves as example code on how to extend ldb for your own application.

The main extension Samba uses is to provide ldif encode/decode
routines for specific attributes, so users can get nice pretty
printing of attributes in ldbedit, while the attributes are stored in
the standard NDR format in the database.