1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
samba-mirror/source3/auth
Ralph Boehme 1e61de8306 CVE-2020-25717: s3-auth: fix MIT Realm regression
This looks like a regression introduced by the recent security fixes. This
commit should hopefully fixes it.

As a quick solution it might be possible to use the username map script based on
the example in https://bugzilla.samba.org/show_bug.cgi?id=14901#c0. We're not
sure this behaves identical, but it might work in the standalone server case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14922

Reported-at: https://lists.samba.org/archive/samba/2021-November/238720.html

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2021-12-03 12:05:42 +00:00
..
auth_builtin.c s3: safe_string: do not include string_wrappers.h 2020-08-28 00:56:34 +00:00
auth_generic.c source3: move lib/substitute.c functions out of proto.h 2021-11-11 13:49:32 +00:00
auth_ntlmssp.c source3: move lib/substitute.c functions out of proto.h 2021-11-11 13:49:32 +00:00
auth_sam.c CVE-2020-25717: Add FreeIPA domain controller role 2021-11-09 19:45:33 +00:00
auth_samba4.c CVE-2020-25717: s3:auth: start with authoritative = 1 2021-11-09 19:45:32 +00:00
auth_unix.c auth: Fix a typo 2021-09-07 18:26:33 +00:00
auth_util.c CVE-2020-25717: s3:auth: Fallback to a SID/UID based mapping if the named based lookup fails 2021-11-15 19:01:56 +00:00
auth_winbind.c auth: Remove the "typedef auth_methods" 2020-01-06 01:47:30 +00:00
auth.c CVE-2020-25717: Add FreeIPA domain controller role 2021-11-09 19:45:33 +00:00
check_samsec.c auth3: if (ret==False) just looks weird 2021-04-27 13:24:35 +00:00
pampass.c s3: safe_string: do not include string_wrappers.h 2020-08-28 00:56:34 +00:00
pass_check.c
proto.h CVE-2020-25717: s3:auth: simplify make_session_info_krb5() by removing unused arguments 2021-11-09 19:45:33 +00:00
server_info_sam.c s3: auth: Andrew noticed f585f01148 doesn't keep the same logic. 2021-09-08 06:38:21 +00:00
server_info.c auth3: Use talloc_move() instead of talloc_steal() 2021-04-19 18:18:31 +00:00
token_util.c auth3: Align integer types 2021-03-16 17:09:32 +00:00
user_info.c pdb: Reduce code duplication in make_user_info() 2018-10-09 01:22:53 +02:00
user_krb5.c CVE-2020-25717: s3-auth: fix MIT Realm regression 2021-12-03 12:05:42 +00:00
user_util.c s3:smbd: Remove NIS support 2021-04-22 17:57:30 +00:00
wscript_build s3:smbd: Remove NIS support 2021-04-22 17:57:30 +00:00