sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00
Code
samba-mirror/source4
History
Stefan Metzmacher e31b6f6094 CVE-2020-25719 CVE-2020-25717 tests/krb5: Add tests for connecting to services anonymously and without a PAC 
At the end of the patchset we assume NT_STATUS_NO_IMPERSONATION_TOKEN if
no PAC is available.

For now we want to look for ACCESS_DENIED as this allows
the test to pass (showing that gensec:require_pac = true
is a useful partial mitigation).

This will also help others doing backports that do not
take the full patch set.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14799
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14561
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-11-08 10:46:43 +01:00
..
auth
CVE-2020-25717 auth4: Remove sync check_password from auth_operations
2021-11-08 10:46:42 +01:00
build/pasn1
cldap_server
s4: rename source4/smbd/ to source4/samba/
2020-11-27 10:07:18 +00:00
client
lib/util: remove extra safe_string.h file
2020-08-28 02:18:40 +00:00
cluster
dbwrap: Remove calls to loadparm
2018-04-24 01:53:19 +02:00
dns_server
dns_update.c: handle DNS_QTYPE_ALL
2020-12-19 18:20:30 +00:00
dsdb
CVE-2020-25722 selftest/user_account_control: more work to cope with UAC/objectclass defaults and lock
2021-11-08 10:46:43 +01:00
echo_server
s4: rename source4/smbd/ to source4/samba/
2020-11-27 10:07:18 +00:00
heimdal
HEIMDAL:kdc: Fix transit path validation CVE-2017-6594
2021-10-26 12:00:28 +00:00
heimdal_build
kdc: sign ticket using Windows PAC
2021-10-26 12:00:27 +00:00
include
lib: Remove global xfile.h includes
2016-11-20 06:23:19 +01:00
kdc
waf: Allow building with MIT KRB5 >= 1.20
2021-10-26 12:00:28 +00:00
ldap_server
s4: rename source4/smbd/ to source4/samba/
2020-11-27 10:07:18 +00:00
lib
auth:creds: Rename CRED_USE_KERBEROS values
2020-11-03 15:25:37 +00:00
libcli
smb: rename NTCREATEX_OPTIONS_PRIVATE_DENY_FCB to NTCREATEX_FLAG_DENY_FCB
2020-10-23 17:44:33 +00:00
libnet
s4:libnet:py_net - free event context in dealloc fn
2020-11-06 04:58:31 +00:00
librpc
CVE-2020-25721 ndrdump: Add tests for PAC with UPN_DNS_INFO
2021-11-08 10:46:43 +01:00
nbt_server
s4: rename source4/smbd/ to source4/samba/
2020-11-27 10:07:18 +00:00
ntp_signd
s4: rename source4/smbd/ to source4/samba/
2020-11-27 10:07:18 +00:00
ntvfs
python: Ensure reference counts are properly incremented
2021-09-16 06:50:11 +00:00
param
s4:param: Add 'weak crypto' getter to pyparam
2020-10-29 14:19:36 +00:00
rpc_server
s4-lsa: Cache sam.ldb handle in lsa_LookupSids3/LookupNames4
2021-09-13 07:50:09 +00:00
samba
Happy New Year 2021!
2021-01-01 11:56:23 +00:00
script
PY3: change shebang to python3 in source4/dsdb dir
2018-12-14 14:40:20 +01:00
scripting
gpo: Apply Group Policy Sudo Rights from VGP
2020-12-19 08:11:50 +00:00
selftest
CVE-2020-25719 CVE-2020-25717 tests/krb5: Add tests for connecting to services anonymously and without a PAC
2021-11-08 10:46:43 +01:00
setup
provision: Add support for BIND 9.16.x
2020-09-24 04:32:42 +00:00
smb_server
s4: rename source4/smbd/ to source4/samba/
2020-11-27 10:07:18 +00:00
torture
s4/torture/drs/python: Fix attribute existence check
2021-10-26 12:00:28 +00:00
utils
lib/util: remove extra safe_string.h file
2020-08-28 02:18:40 +00:00
winbind
s4: rename source4/smbd/ to source4/samba/
2020-11-27 10:07:18 +00:00
wrepl_server
s4: rename source4/smbd/ to source4/samba/
2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build
Do not install smbclient4 and nmblookup4
2014-04-15 03:25:13 +02:00