sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Code
eba81f7fa9
samba-mirror/source4/rpc_server
History
Andrew Bartlett 28e2a518ff dns_server: Avoid ldb_dn_add_child_fmt() on untrusted input 
By using the new ldb_dn_add_child_val() we ensure that the user-controlled values are
not parsed as DN seperators.

Additionally, the casefold DN is obtained before the search to trigger
a full parse of the DN before being handled to the LDB search.

This is not normally required but is done here due to the nature
of the untrusted input.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13466

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-08-15 07:08:24 +02:00
..
backupkey rpc_server backupkey: pass remote connection data 2018-05-31 12:35:15 +02:00
browser werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source4/rpc_server/ 2016-09-28 00:04:35 +02:00
common dsdb: add defines for sessionInfo and networkSessionInfo 2018-06-09 15:02:11 +02:00
dnsserver dns_server: Avoid ldb_dn_add_child_fmt() on untrusted input 2018-08-15 07:08:24 +02:00
drsuapi s4-drsuapi: Call security_token_debug() with DBGC_DRS_REPL and a proper log level 2018-05-21 23:48:18 +02:00
echo CVE-2016-2118: s4:rpc_server/rpcecho: allow DCERPC_AUTH_LEVEL_CONNECT by default 2016-04-12 19:25:27 +02:00
epmapper CVE-2016-2118: s4:rpc_server/epmapper: allow DCERPC_AUTH_LEVEL_CONNECT by default 2016-04-12 19:25:27 +02:00
eventlog s4-eventlog: fixed dcerpc handle return 2010-11-16 07:16:04 +00:00
lsa rpc_server lsa: pass remote connection data 2018-05-31 09:54:18 +02:00
netlogon auth: For NTLM and KDC authentication, log the authentication duration 2018-06-25 08:32:14 +02:00
remote s4: modules. Fix missing TALLOC_CTX in module init function. 2017-07-26 21:35:21 +02:00
samr auth: For NTLM and KDC authentication, log the authentication duration 2018-06-25 08:32:14 +02:00
srvsvc s4:rpc_server: Add FALL_THROUGH statements in dcesrv_srvsvc.c 2018-03-01 04:37:43 +01:00
unixinfo wbclient: "ev" is no longer used in wbc_xids_to_sids 2016-09-28 00:04:36 +02:00
winreg werror: replace WERR_INVALID_PARAM with WERR_INVALID_PARAMETER in source4/rpc_server/ 2016-09-28 00:04:23 +02:00
wkssvc werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source4/rpc_server/ 2016-09-28 00:04:35 +02:00
dcerpc_server.c Fix spelling s/woks/works 2018-05-12 02:09:29 +02:00
dcerpc_server.h docs: Remove prog_guide4.txt 2018-01-21 11:48:01 +01:00
dcerpc_server.pc.in dcerpc_server: Add 'modulesdir' variable to pkg-config file. 2012-02-23 16:26:25 +01:00
dcesrv_auth.c s4:rpc_server: remove unused dcesrv_auth_{bind_ack,auth3,alter_ack}() 2017-05-21 21:05:13 +02:00
dcesrv_mgmt.c s4-rpc_server: Allow each interface to declare if it uses handles 2016-12-20 01:11:23 +01:00
handles.c s4-rpc_server: Allow each interface to declare if it uses handles 2016-12-20 01:11:23 +01:00
service_rpc.c source4/smbd: refactor the process model for prefork 2017-10-19 05:33:09 +02:00
wscript_build rpc_server backupkey: pass remote connection data 2018-05-31 12:35:15 +02:00