1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
Go to file
Joseph Sutton e0c135e6c1 CVE-2022-2031 s4:kpasswd: Return a kpasswd error code in KRB-ERROR
If we attempt to return an error code outside of Heimdal's allowed range
[KRB5KDC_ERR_NONE, KRB5_ERR_RCSID), it will be replaced with a GENERIC
error, and the error text will be set to the meaningless result of
krb5_get_error_message(). Avoid this by ensuring the error code is in
the correct range.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15047
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15049
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15074

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-07-27 10:52:36 +00:00
.github Added redirect from GitHub to GitLab 2018-12-05 16:35:33 +01:00
auth auth/credentials: Add get_aes256_key() 2022-06-26 22:10:29 +00:00
bootstrap bootstrap: Use quay.io to download fedora images 2022-06-26 23:08:03 +00:00
buildtools third_party: Update socket_wrapper to version 1.3.4 2022-07-22 04:36:30 +00:00
coverity
ctdb ctdb-build: Add missing dependency on talloc 2022-07-22 17:01:00 +00:00
dfs_server lib/util: remove extra safe_string.h file 2020-08-28 02:18:40 +00:00
docs-xml docs-xml:manpages: update vfs_fileid.8.xml for the recent changes 2022-07-05 16:01:10 +00:00
dynconfig dynconfig: Introduce and expose SAMBA_LIBEXECDIR 2021-04-01 19:32:36 +00:00
examples examples: Update winbind.stp 2022-05-19 17:51:33 +00:00
file_server s3: Remove --log-stdout from daemons 2021-04-29 03:58:37 +00:00
include
lib CVE-2022-2031 lib:krb5_wrap: Generate valid error codes in smb_krb5_mk_error() 2022-07-27 10:52:36 +00:00
libcli libcli: Modernize a few DEBUG statements 2022-07-25 12:04:33 +00:00
libds/common CVE-2020-25717: Add FreeIPA domain controller role 2021-11-09 19:45:33 +00:00
libgpo s3:libads: Allocate ads->auth.user_name under ADS_STRUCT talloc context 2022-06-27 15:50:30 +00:00
librpc librpc:ndr: Update ndr_print_debug() and add macro NDR_PRINT_DEBUG_LEVEL 2022-07-15 14:25:37 +00:00
nsswitch s3:winbind: Convert InitConnection from struct based to NDR based 2022-05-19 17:51:33 +00:00
packaging ctdb-scripts: Drop uses of ctdbd_wrapper 2022-04-06 06:34:37 +00:00
pidl rpc_server3: Remove pipes_struct->auth 2022-01-05 00:11:38 +00:00
python CVE-2022-2031 tests/krb5: Add tests for kpasswd service 2022-07-27 10:52:36 +00:00
release-scripts release-scripts: Reformat shell scripts 2022-03-03 00:59:34 +00:00
script lib/util: Prefer backtrace_symbols() for internal backtraces 2022-06-09 22:49:29 +00:00
selftest CVE-2022-2031 s4:kpasswd: Return a kpasswd error code in KRB-ERROR 2022-07-27 10:52:36 +00:00
source3 CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-27 10:52:36 +00:00
source4 CVE-2022-2031 s4:kpasswd: Return a kpasswd error code in KRB-ERROR 2022-07-27 10:52:36 +00:00
testdata pytest/source_char: check for mixed direction text 2021-12-03 18:53:43 +00:00
testprogs testprogs: Reformat common_test_fns.inc 2022-07-20 11:59:26 +00:00
tests readlink test: inverse return code 2022-02-18 22:17:33 +00:00
testsuite s3:rpc_server: Activate samba-dcerpcd 2021-12-10 14:02:30 +00:00
third_party CVE-2022-2031 third_party/heimdal: Check generate_pac() return code 2022-07-27 10:52:36 +00:00
wintest wintest: Remove unreachable return statement 2022-05-10 05:19:34 +00:00
.bzrignore
.clang-format Add a .clang-format file 2022-07-20 18:23:49 +00:00
.editorconfig editorconfig: We always inserted a new line so keep doing that 2022-02-28 10:22:34 +00:00
.gitattributes gitattributes: Ignore .SAMBABACKUP files 2018-08-16 23:42:22 +02:00
.gitignore gitignore: Add .ropeproject for pylsp-rope plugin 2022-05-11 00:04:55 +00:00
.gitlab-ci-coverage-runners.yml add .gitlab-ci-coverage.yml for a scheduled build 2021-04-13 09:33:14 +00:00
.gitlab-ci-coverage.yml add .gitlab-ci-coverage.yml for a scheduled build 2021-04-13 09:33:14 +00:00
.gitlab-ci-default-runners.yml .gitlab-ci*.yml: only use gitlab.org shared runners if possible 2021-04-13 08:23:35 +00:00
.gitlab-ci-default.yml .gitlab-ci.yml: Honour AUTOBUILD_SKIP_SAMBA_O3 in GitLab CI 2021-10-13 11:10:44 +00:00
.gitlab-ci-main.yml bootstrap: Use quay.io to download fedora images 2022-06-26 23:08:03 +00:00
.gitlab-ci-private.yml .gitlab-ci.yml: move the content to .gitlab-ci-main.yml 2021-04-13 08:23:35 +00:00
.gitlab-ci.yml .gitlab-ci.yml: move the content to .gitlab-ci-main.yml 2021-04-13 08:23:35 +00:00
.testr.conf
.ycm_extra_conf.py PEP8: fix E302: expected 2 blank lines, found 1 2018-08-24 07:49:29 +02:00
callcatcher-exceptions.grep
configure configure/Makefile: export PYTHONHASHSEED=1 in all 'configure/Makefile' scripts 2022-03-29 22:32:32 +00:00
configure.developer
COPYING
GPG_AA99442FB680B620_replaces_6F33915B6568B7EA.txt ReleaseKey: add GnuPG key transition statement for the Samba release key 2021-01-21 13:57:45 +01:00
Makefile Makefile: add support for 'make testonly' 2021-01-27 09:56:29 +00:00
PFIF.txt docs: protocolfreedom.org is no longer 2020-06-12 22:11:43 +00:00
README.cifs-utils
README.Coding.md README.Coding: PRINT format specifiers PRIuxx 2022-07-21 13:47:31 +00:00
README.contributing Rename Samba's DCO to Samba Developer's Declaration 2020-10-20 22:54:01 +00:00
README.md Update README.md with more up to date information 2020-06-12 22:11:43 +00:00
SECURITY.md Update SECURITY.md to point to security releases 2020-06-03 15:55:10 +00:00
setup.cfg pep8 tidy up config 2020-12-17 00:54:51 +00:00
VERSION VERSION: Bump version up to 4.17.0pre1... 2022-01-24 11:21:32 +00:00
VFS-License-clarification.txt VFS-License-clarification: minor improvements aligning w/ GPLv3 text 2020-11-04 21:29:40 +00:00
WHATSNEW.txt WHATSNEW: Announce support for dropping the NT hash 2022-06-26 22:10:29 +00:00
wscript configure: Fail smbd w/o smb1 if selftest when configured with ad_dc 2022-04-07 17:37:30 +00:00
wscript_build s4:lib: Remove obsolete popt cmdline parser 2021-06-20 23:26:32 +00:00
wscript_build_embedded_heimdal wafsamba: Remove clangdb code which doesn't work 2022-01-21 23:33:36 +00:00
wscript_build_system_heimdal wafsamba: Remove clangdb code which doesn't work 2022-01-21 23:33:36 +00:00
wscript_build_system_mitkrb5 wafsamba: Remove clangdb code which doesn't work 2022-01-21 23:33:36 +00:00
wscript_configure_embedded_heimdal HEIMDAL: move code from source4/heimdal* to third_party/heimdal* 2022-01-19 21:41:59 +00:00
wscript_configure_system_gnutls waf: Import Logs in wscript_configure_system_gnutls 2022-04-04 18:38:36 +00:00
wscript_configure_system_heimdal HEIMDAL: move code from source4/heimdal* to third_party/heimdal* 2022-01-19 21:41:59 +00:00
wscript_configure_system_mitkrb5 s4:mitkdc: Add support for MIT Kerberos 1.20 2022-03-04 14:05:31 +00:00

About Samba

Samba is the standard Windows interoperability suite of programs for Linux and Unix. Samba is Free Software licensed under the GNU General Public License and the Samba project is a member of the Software Freedom Conservancy. Since 1992, Samba has provided secure, stable and fast file and print services for all clients using the SMB/CIFS protocol, such as all versions of DOS and Windows, OS/2, Linux and many others. Samba is an important component to seamlessly integrate Linux/Unix Servers and Desktops into Active Directory environments. It can function both as a domain controller or as a regular domain member.

For the AD DC implementation a full HOWTO is provided at: https://wiki.samba.org/index.php/Samba4/HOWTO

Community guidelines can be read at: https://wiki.samba.org/index.php/How_to_do_Samba:_Nicely

This software is freely distributable under the GNU public license, a copy of which you should have received with this software (in a file called COPYING).

CONTRIBUTIONS

Please see https://wiki.samba.org/index.php/Contribute for detailed set-by-step instructions on how to submit a patch for Samba via GitLab.

Samba's GitLab mirror is at https://gitlab.com/samba-team/samba

OUR CONTRIBUTORS

See https://www.samba.org/samba/team/ for details of the Samba Team, as well as details of all those currently active in Samba development.

If you like a particular feature then look through the git change-log (on the web at https://gitweb.samba.org/?p=samba.git;a=summary) and see who added it, then send them an email.

Remember that free software of this kind lives or dies by the response we get. If no one tells us they like it then we'll probably move onto something else.

MORE INFO

DOCUMENTATION

There is quite a bit of documentation included with the package, including man pages and the wiki at https://wiki.samba.org

If you would like to help with our documentation, please contribute that improved content to the wiki, we are moving as much content there as possible.

MAILING LIST

Please do NOT send subscription/unsubscription requests to the lists!

There is a mailing list for discussion of Samba. For details go to https://lists.samba.org/ or send mail to samba-subscribe@lists.samba.org

There is also an announcement mailing list where new versions are announced. To subscribe go to https://lists.samba.org/ or send mail to samba-announce-subscribe@lists.samba.org. All announcements also go to the samba list, so you only need to be on one.

For details of other Samba mailing lists and for access to archives, see https://lists.samba.org/

MAILING LIST ETIQUETTE

A few tips when submitting to this or any mailing list.

  1. Make your subject short and descriptive. Avoid the words "help" or "Samba" in the subject. The readers of this list already know that a) you need help, and b) you are writing about samba (of course, you may need to distinguish between Samba PDC and other file sharing software). Avoid phrases such as "what is" and "how do i". Some good subject lines might look like "Slow response with Excel files" or "Migrating from Samba PDC to NT PDC".

  2. If you include the original message in your reply, trim it so that only the relevant lines, enough to establish context, are included. Chances are (since this is a mailing list) we've already read the original message.

  3. Trim irrelevant headers from the original message in your reply. All we need to see is a) From, b) Date, and c) Subject. We don't even really need the Subject, if you haven't changed it. Better yet is to just preface the original message with "On [date] [someone] wrote:".

  4. Please don't reply to or argue about spam, spam filters or viruses on any Samba lists. We do have a spam filtering system that is working quite well thank you very much but occasionally unwanted messages slip through. Deal with it.

  5. Never say "Me too." It doesn't help anyone solve the problem. Instead, if you ARE having the same problem, give more information. Have you seen something that the other writer hasn't mentioned, which may be helpful?

  6. If you ask about a problem, then come up with the solution on your own or through another source, by all means post it. Someone else may have the same problem and is waiting for an answer, but never hears of it.

  7. Give as much relevant information as possible such as Samba release number, OS, kernel version, etc...

  8. RTFM. Google.

WEBSITE

A Samba website has been setup with lots of useful info. Connect to:

https://www.samba.org/

As well as general information and documentation, this also has searchable archives of the mailing list and links to other useful resources such as the wiki.