1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
samba-mirror/source4
Joseph Sutton 3bd5df466c CVE-2022-2031 s4:kpasswd: Add MIT fallback for decoding setpw structure
The target principal and realm fields of the setpw structure are
supposed to be optional, but in MIT Kerberos they are mandatory. For
better compatibility and ease of testing, fall back to parsing the
simpler (containing only the new password) structure if the MIT function
fails to decode it.

Although the target principal and realm fields should be optional, one
is not supposed to specified without the other, so we don't have to deal
with the case where only one is specified.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-07-24 09:23:55 +02:00
..
auth s4:auth: let authenticate_ldap_simple_bind() pass down the mapped nt4names 2022-03-16 14:40:08 +00:00
cldap_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
client s4/cifsdd: don't ignore unknown options 2021-09-10 15:10:30 +00:00
cluster dbwrap: Remove calls to loadparm 2018-04-24 01:53:19 +02:00
dns_server CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-24 09:20:21 +02:00
dsdb CVE-2022-32745 s4/dsdb/util: Correctly copy values into message element 2022-07-24 09:20:22 +02:00
echo_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
include
kdc CVE-2022-2031 s4:kpasswd: Add MIT fallback for decoding setpw structure 2022-07-24 09:23:55 +02:00
ldap_server CVE-2021-3670 ldap_server: Clearly log LDAP queries and timeouts 2021-11-25 02:30:42 +00:00
lib CVE-2022-32746 s4/registry: Use LDB_FLAG_MOD_TYPE() for flags equality check 2022-07-24 09:20:21 +02:00
libcli s4: libcli: smbcli_unlink() is no longer used with wildcard patterns. 2021-12-09 18:06:35 +00:00
libnet s4:libnet: Allow libnet_SetPassword() for encrypted SMB connections 2021-08-03 09:28:38 +00:00
librpc blackbox.ndrdump: fix test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test 2022-01-30 11:52:27 +00:00
nbt_server CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-24 09:20:21 +02:00
ntp_signd s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntvfs librpc: Add named_pipe_auth_req_info5->transport 2021-12-10 14:02:30 +00:00
param libcli/smb: actually make use of "client/server smb3 signing algorithms" 2021-07-15 00:06:31 +00:00
rpc_server CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-24 09:20:21 +02:00
samba Happy New Year 2022! 2022-01-01 01:24:21 +00:00
script python: remove all 'from __future__ import print_function' 2021-04-28 03:43:34 +00:00
scripting gp: Apply Firewalld Policy 2021-11-01 21:16:43 +00:00
selftest selftest: Simplify krb5 test environments 2022-07-24 09:23:55 +02:00
setup s4/dlz: add support for bind 9.18 2022-06-18 08:47:17 +00:00
smb_server s4:smb_server: don't set mapped_state explicitly in auth_usersupplied_info 2022-03-16 13:41:14 +00:00
torture CVE-2022-32746 s4:torture: Fix LDB flags comparison 2022-07-24 09:20:21 +02:00
utils s4:utils: Migrate oLschema2ldif to new cmdline option parser 2021-06-20 23:26:32 +00:00
winbind CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-24 09:20:21 +02:00
wrepl_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build s4:client: Migrate cifsdd to new cmdline option parser 2021-06-16 00:34:38 +00:00