1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/selftest/knownfail.d
Stefan Metzmacher f3ddfb828e s3:smbd: allow anonymous encryption after one authenticated session setup
I have captures where a client tries smb3 encryption on an anonymous session,
we used to allow that before commit da7dcc443f
was released with samba-4.15.0rc1.

Testing against Windows Server 2022 revealed that anonymous signing is always
allowed (with the session key derived from 16 zero bytes) and
anonymous encryption is allowed after one authenticated session setup on
the tcp connection.

https://bugzilla.samba.org/show_bug.cgi?id=15412

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2024-05-23 12:35:37 +00:00
..
bug-14810 CVE-2020-25720 s4:dsdb/descriptor: Validate owner SIDs written to security descriptors 2022-09-16 02:32:36 +00:00
claims-client-tool netcmd: claims: rename claims and silo tests 2023-10-26 23:32:34 +00:00
complex_expressions
conditional_ace_claims libcli/security: claim_v1_to_ace_token(): avoid unnecessary re-sort 2023-11-27 22:37:32 +00:00
dfs_paths s3: smbd: Fix dumb typos that meant smb1.SMB1-DFS-* tests were running against an SMB2-only fileserver. 2023-03-31 06:07:01 +00:00
dirsync CVE-2023-4154: Unimplement the original DirSync behaviour without LDAP_DIRSYNC_OBJECT_SECURITY 2023-10-10 14:49:39 +00:00
dns selftest: Fix code spelling 2023-07-05 06:34:32 +00:00
dns-aging
durable-v2-delay
empty-domain-name
getncchanges s4-rpc_server/drsupai: Avoid looping with Azure AD Connect by not incrementing temp_highest_usn for the NC root 2023-08-13 21:59:29 +00:00
gkdi s4-dsdb: Populate new GKDI root keys from the server configuration object 2024-03-28 01:50:41 +00:00
gmsa s4:kdc: Merge current and previous gMSA keys during period when both are valid 2024-05-22 20:33:36 +00:00
initshutdown
kdc-salt
kinit_trust
krb5-no-preauth selftest: knownfail updates after Heimdal Upgrade 2022-01-19 20:50:35 +00:00
ldap
ldap_spn CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-added to an object 2022-01-31 15:27:37 +00:00
lm-hash-support-gone torture: Allow Samba as an AD DC to use zeros for LM key 2022-03-17 02:47:13 +00:00
modify-order
multichannel
netlogon
nt-hash-support-gone samba-tool user: Accomodate missing unicodePwd in getpassword command 2022-06-26 22:10:29 +00:00
ntlmv2-restrictions
oneway
priv_attr
protected_users s4:auth: Disable NTLM authentication for Protected Users 2022-03-18 11:55:30 +00:00
pyldb-segfaults pyldb: py_ldb_dn_add_child() uses PyErr_LDB_DN_OR_RAISE 2024-04-10 05:13:32 +00:00
python-segfaults
quota1
README selftest/knownfail.d: README memntions expectedfail.d 2023-12-10 21:24:38 +00:00
reparse smbd: Return reparse tag as of MS-FSCC 2.4.6 2024-05-14 22:29:36 +00:00
replica_sync
rpc-dfs s3:rpc_server: Fix double blackslash issue in dfs path 2023-07-05 20:24:35 +00:00
rpc-netlogon-zerologon
rw-invalid
s3-logging tests: adapt logging test for s3. 2022-06-17 01:28:30 +00:00
s3-lsa-server
samba3.rpc.samr lib/torture: Don't overwrite test outcomes 2023-04-12 13:52:32 +00:00
samba3.vfs.fruit
samba4.ldap.confidential_attr CVE-2018-14628: s4:setup: set the correct nTSecurityDescriptor on the CN=Deleted Objects container 2023-10-16 14:39:33 +00:00
samba4.rpc.netlogon-s3 lib/torture: Don't overwrite test outcomes 2023-04-12 13:52:32 +00:00
samba4.rpc.samr lib/torture: Don't overwrite test outcomes 2023-04-12 13:52:32 +00:00
samba-tool-user-get-kerberos-ticket s4:dsdb: Set up passwords and password IDs of new gMSAs 2024-04-16 03:58:31 +00:00
security-descriptors libcli/security/tests: remove duplicate TX-integer tests from oversized-ACLs 2023-11-27 01:12:40 +00:00
sid-strings ldb-samba: simplify extended_dn_read_SID() 2024-05-07 23:25:35 +00:00
silo-client-tool netcmd: claims: rename claims and silo tests 2023-10-26 23:32:34 +00:00
smb1-tests Add test smbclient 'delree' of dir (on DFS share) 2022-06-17 16:20:35 +00:00
smb2.replay
smb2.session
smbclient_machine_auth.plain s3:tests: Correctly implement tests for forceuser/forcegroup 2023-04-06 12:51:30 +00:00
smbclient-smb3 s3/client: fix dfs deltree, resolve dfs path 2022-06-17 17:12:07 +00:00
source3-epmapper
srvsvc
symlink libsmb: Fix parsing symlink reparse points 2023-09-08 17:24:19 +00:00
uac_objectclass_restrict
upn_handling
usage s4:scripting: Generate HRESULT definitions as part of the build process 2024-01-15 00:48:40 +00:00
user_getpassword_gmsa s4:dsdb: Implement msDS-ManagedPassword attribute 2024-04-16 05:02:30 +00:00
vlv
wkssvc

# Files in this directory contain lists of regular expressions
# matching the names of tests that are temporarily expected to fail.
#
# Tests that are intended to *always* fail (e.g. to prove that the
# test can't succeed under certain conditions) should be added under
# selftest/expectedfail.d instead.
#
# "make test" will not report failures for tests listed here and will consider
# a successful run for any of these tests an error.
#
# Empty lines and lines beginning with '#' are ignored.
# Please don't add tests to this README!