diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-09-06 19:23:13 +1200 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2023-03-20 10:04:29 +0100 |
commit | 307b2e65d51903f6805460a2633ebe809d4052ab (patch) | |
tree | 043353b21ae0ec9e77943f9e83a5aacea6031c21 | |
parent | b7af8aa2552e0690aac58fb98e3134b71f678ece (diff) | |
download | samba-307b2e65d51903f6805460a2633ebe809d4052ab.tar.gz |
CVE-2023-0225 CVE-2020-25720 pydsdb: Add dsHeuristics constant definitions
We want to be able to use these values in Python tests.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14810
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15276
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit cc709077822a39227174b91ed2345c2bd603f61f)
[abartlet@samba.org This patch is needed for a clean backport of
CVE-2023-0225 as these constants are used in the acl_modify test
even when this behaviour is not itself used.]
-rw-r--r-- | source4/dsdb/pydsdb.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c index bcfc7e95478..626d849a561 100644 --- a/source4/dsdb/pydsdb.c +++ b/source4/dsdb/pydsdb.c @@ -1665,6 +1665,36 @@ MODULE_INIT_FUNC(dsdb) ADD_DSDB_FLAG(DS_NTDSDSA_OPT_DISABLE_NTDSCONN_XLATE); ADD_DSDB_FLAG(DS_NTDSDSA_OPT_DISABLE_SPN_REGISTRATION); + /* dsHeuristics character indexes (see MS-ADTS 7.1.1.2.4.1.2) */ + ADD_DSDB_FLAG(DS_HR_SUPFIRSTLASTANR); + ADD_DSDB_FLAG(DS_HR_SUPLASTFIRSTANR); + ADD_DSDB_FLAG(DS_HR_DOLISTOBJECT); + ADD_DSDB_FLAG(DS_HR_DONICKRES); + ADD_DSDB_FLAG(DS_HR_LDAP_USEPERMMOD); + ADD_DSDB_FLAG(DS_HR_HIDEDSID); + ADD_DSDB_FLAG(DS_HR_BLOCK_ANONYMOUS_OPS); + ADD_DSDB_FLAG(DS_HR_ALLOW_ANON_NSPI); + ADD_DSDB_FLAG(DS_HR_USER_PASSWORD_SUPPORT); + ADD_DSDB_FLAG(DS_HR_TENTH_CHAR); + ADD_DSDB_FLAG(DS_HR_SPECIFY_GUID_ON_ADD); + ADD_DSDB_FLAG(DS_HR_NO_STANDARD_SD); + ADD_DSDB_FLAG(DS_HR_ALLOW_NONSECURE_PWD_OPS); + ADD_DSDB_FLAG(DS_HR_NO_PROPAGATE_ON_NOCHANGE); + ADD_DSDB_FLAG(DS_HR_COMPUTE_ANR_STATS); + ADD_DSDB_FLAG(DS_HR_ADMINSDEXMASK); + ADD_DSDB_FLAG(DS_HR_KVNOEMUW2K); + + ADD_DSDB_FLAG(DS_HR_TWENTIETH_CHAR); + ADD_DSDB_FLAG(DS_HR_ATTR_AUTHZ_ON_LDAP_ADD); + ADD_DSDB_FLAG(DS_HR_BLOCK_OWNER_IMPLICIT_RIGHTS); + ADD_DSDB_FLAG(DS_HR_THIRTIETH_CHAR); + ADD_DSDB_FLAG(DS_HR_FOURTIETH_CHAR); + ADD_DSDB_FLAG(DS_HR_FIFTIETH_CHAR); + ADD_DSDB_FLAG(DS_HR_SIXTIETH_CHAR); + ADD_DSDB_FLAG(DS_HR_SEVENTIETH_CHAR); + ADD_DSDB_FLAG(DS_HR_EIGHTIETH_CHAR); + ADD_DSDB_FLAG(DS_HR_NINETIETH_CHAR); + ADD_DSDB_FLAG(NTDSCONN_KCC_GC_TOPOLOGY); ADD_DSDB_FLAG(NTDSCONN_KCC_RING_TOPOLOGY); ADD_DSDB_FLAG(NTDSCONN_KCC_MINIMIZE_HOPS_TOPOLOGY); |