sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Code
9235617c63
samba-mirror/source4
History
Douglas Bagnall 9235617c63 CVE-2020-25722 s4/dsdb/samldb: check for SPN uniqueness, including aliases 
Not only should it not be possible to add a servicePrincipalName that
is already present in the domain, it should not be possible to add one
that is implied by an entry in sPNMappings, unless the user is adding
an alias to another SPN and has rights to alter that one.

For example, with the default sPNMappings, cifs/ is an alias pointing to
host/, meaning if there is no cifs/example.com SPN, the host/example.com
one will be used instead. A user can add the cifs/example.com SPN only
if they can also change the host/example.com one (because adding the
cifs/ effectively changes the host/). The reverse is refused in all cases,
unless they happen to be on the same object. That is, if there is a
cifs/example.com SPN, there is no way to add host/example.com elsewhere.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14564

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-11-09 19:45:33 +00:00
..
auth CVE-2020-25719 CVE-2020-25717: s4:auth: remove unused auth_generate_session_info_principal() 2021-11-09 19:45:33 +00:00
build/pasn1
cldap_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
client s4/cifsdd: don't ignore unknown options 2021-09-10 15:10:30 +00:00
cluster dbwrap: Remove calls to loadparm 2018-04-24 01:53:19 +02:00
dns_server s4/dnsserver: Fix NULL check 2021-09-04 00:10:37 +00:00
dsdb CVE-2020-25722 s4/dsdb/samldb: check for SPN uniqueness, including aliases 2021-11-09 19:45:33 +00:00
echo_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
heimdal HEIMDAL:kdc: Fix transit path validation CVE-2017-6594 2021-10-20 10:58:37 +00:00
heimdal_build kdc: sign ticket using Windows PAC 2021-10-14 18:59:31 +00:00
include lib: Remove global xfile.h includes 2016-11-20 06:23:19 +01:00
kdc CVE-2020-25717: Add FreeIPA domain controller role 2021-11-09 19:45:33 +00:00
ldap_server s4:ldap_server: Use cli_credentials_init_server() 2021-04-09 10:46:28 +00:00
lib s4/regtree: don't ignore unknown options 2021-09-10 15:10:30 +00:00
libcli auth:creds: Add obtained arg to cli_credentials_set_gensec_features() 2021-04-28 03:43:34 +00:00
libnet s4:libnet: Allow libnet_SetPassword() for encrypted SMB connections 2021-08-03 09:28:38 +00:00
librpc CVE-2020-25721 ndrdump: Add tests for PAC with UPN_DNS_INFO 2021-11-09 19:45:32 +00:00
nbt_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntp_signd s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntvfs s4: ntvfs: Missed comma in 24c09f913d, string would be concatenated. 2021-08-25 18:02:05 +00:00
param libcli/smb: actually make use of "client/server smb3 signing algorithms" 2021-07-15 00:06:31 +00:00
rpc_server CVE-2020-25717: Add FreeIPA domain controller role 2021-11-09 19:45:33 +00:00
samba samba: Save a line with TALLOC_FREE 2021-10-08 19:28:31 +00:00
script python: remove all 'from __future__ import print_function' 2021-04-28 03:43:34 +00:00
scripting gp: Apply Firewalld Policy 2021-11-01 21:16:43 +00:00
selftest CVE-2020-25722 pytest: test setting servicePrincipalName over ldap 2021-11-09 19:45:33 +00:00
setup CVE-2020-25722 blackbox/upgrades tests: ignore SPN for ldapcmp 2021-11-09 19:45:33 +00:00
smb_server CVE-2020-25717: s4:smb_server: start with authoritative = 1 2021-11-09 19:45:32 +00:00
torture CVE-2020-25717: s4:torture: start with authoritative = 1 2021-11-09 19:45:32 +00:00
utils s4:utils: Migrate oLschema2ldif to new cmdline option parser 2021-06-20 23:26:32 +00:00
winbind s3: Remove --log-stdout from daemons 2021-04-29 03:58:37 +00:00
wrepl_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build s4:client: Migrate cifsdd to new cmdline option parser 2021-06-16 00:34:38 +00:00