summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* VERSION: Disable GIT_SNAPSHOT for the 4.15.13 release.samba-4.15.13v4-15-stableJule Anger2022-12-151-1/+1
* WHATSNEW: Add release notes for Samba 4.15.13.Jule Anger2022-12-151-2/+150
* kdc: avoid re-encoding KDC-REQ-BODYLuke Howard2022-12-154-38/+5
* tests/krb5: Add test requesting a TGT expiring post-2038Joseph Sutton2022-12-141-2/+11
* tests/krb5: Add test requesting a service ticket expiring post-2038Joseph Sutton2022-12-142-0/+16
* CVE-2022-37966 python:/tests/krb5: call sys.path.insert(0, "bin/python") befo...Stefan Metzmacher2022-12-1416-48/+55
* CVE-2022-37966 samba-tool: add 'domain trust modify' commandStefan Metzmacher2022-12-142-0/+126
* CVE-2022-37966 s4:kdc: apply restrictions of "kdc supported enctypes"Stefan Metzmacher2022-12-141-2/+10
* CVE-2022-37966 param: Add support for new option "kdc supported enctypes"Stefan Metzmacher2022-12-142-0/+109
* CVE-2022-37966 param: let "kdc default domain supportedenctypes = 0" mean the...Stefan Metzmacher2022-12-146-10/+13
* CVE-2022-37966 param: don't explicitly initialize "kdc force enable rc4 weak ...Stefan Metzmacher2022-12-142-5/+0
* CVE-2022-37966 s4:kdc: announce PA-SUPPORTED-ETYPES like windows.Stefan Metzmacher2022-12-145-3050/+768
* CVE-2022-37966 python:tests/krb5: test much more etype combinationsStefan Metzmacher2022-12-143-515/+4046
* CVE-2022-37966 python:tests/krb5: add better PADATA_SUPPORTED_ETYPES assert m...Stefan Metzmacher2022-12-141-2/+2
* CVE-2022-37966 python:tests/krb5: add 'force_nt4_hash' for account creation o...Stefan Metzmacher2022-12-141-6/+32
* CVE-2022-37966 python:tests/krb5: ignore empty supplementalCredentials attrib...Stefan Metzmacher2022-12-141-0/+2
* CVE-2022-37966 python:tests/krb5: allow ticket/supported_etypes to be passed ...Stefan Metzmacher2022-12-141-3/+8
* CVE-2022-37966 python:tests/krb5: fix some tests running against Windows 2022Stefan Metzmacher2022-12-143-8/+33
* CVE-2022-37966 s4:libnet: allow python bindings to force setting an nthash vi...Stefan Metzmacher2022-12-141-3/+15
* CVE-2022-37966 s4:libnet: add support LIBNET_SET_PASSWORD_SAMR_HANDLE_18 to s...Stefan Metzmacher2022-12-142-0/+76
* CVE-2022-37966 s4:libnet: initialize libnet_SetPassword() arguments explicitl...Stefan Metzmacher2022-12-142-2/+4
* CVE-2022-37966 drsuapi.idl: add trustedDomain related ATTID valuesStefan Metzmacher2022-12-141-0/+9
* CVE-2022-37966 s4:kdc: use the strongest possible keysStefan Metzmacher2022-12-141-15/+8
* CVE-2022-37966 s4:pydsdb: add ENC_HMAC_SHA1_96_AES256_SKStefan Metzmacher2022-12-141-0/+1
* CVE-2022-37966 s3:net_ads: let 'net ads enctypes list' pretty print AES256-SK...Stefan Metzmacher2022-12-141-0/+6
* CVE-2022-37966 s3:net_ads: no longer reference des encryption typesStefan Metzmacher2022-12-141-1/+2
* CVE-2022-37966 s3:libnet: no longer reference des encryption typesStefan Metzmacher2022-12-141-3/+2
* CVE-2022-37966 s3:libads: no longer reference des encryption typesStefan Metzmacher2022-12-141-1/+1
* CVE-2022-37966 lib/krb5_wrap: no longer reference des encryption typesStefan Metzmacher2022-12-141-2/+0
* CVE-2022-37966 s3:net_ads: remove unused ifdef HAVE_ENCTYPE_AES*Stefan Metzmacher2022-12-141-4/+0
* CVE-2022-37966 s3:libnet: remove unused ifdef HAVE_ENCTYPE_AES*Stefan Metzmacher2022-12-141-4/+0
* CVE-2022-37966 s3:libads: remove unused ifdef HAVE_ENCTYPE_AES*Stefan Metzmacher2022-12-142-8/+0
* CVE-2022-37966 lib/krb5_wrap: remove unused ifdef HAVE_ENCTYPE_AES*Stefan Metzmacher2022-12-141-4/+0
* CVE-2022-37966 system_mitkrb5: require support for aes enctypesStefan Metzmacher2022-12-141-2/+2
* CVE-2022-37966 wafsamba: add support for CHECK_VARIABLE(mandatory=True)Stefan Metzmacher2022-12-141-1/+3
* CVE-2022-37966 kdc: Assume trust objects support AES by defaultJoseph Sutton2022-12-142-7/+2
* CVE-2022-37966 kdc: Implement new Kerberos session key behaviour since ENC_HM...Andrew Bartlett2022-12-1411-622/+289
* CVE-2022-37966 s4:torture: Expect referral ticket enc-part encrypted with AES...Joseph Sutton2022-12-142-19/+37
* CVE-2022-37966 auth/credentials: Allow specifying password to cli_credentials...Joseph Sutton2022-12-142-6/+2
* CVE-2022-37966 auth/credentials: Add cli_credentials_get_aes256_key()Joseph Sutton2022-12-142-0/+70
* CVE-2022-37966 Fix enctype selection issues for PAC and other authz-data sign...Nicolas Williams2022-12-141-24/+33
* CVE-2022-37966 selftest: Run S4U tests against FL2003 DCJoseph Sutton2022-12-143-6/+71
* CVE-2022-37966 selftest: Add tests for Kerberos session key behaviour since E...Joseph Sutton2022-12-1410-141/+1549
* CVE-2022-37966 samba-tool: Declare explicitly RC4 support of trust objectsJoseph Sutton2022-12-141-2/+5
* CVE-2022-37966 samba-tool: Fix 'domain trust create' documentationJoseph Sutton2022-12-141-1/+1
* CVE-2022-37966 third_party/heimdal: Fix error message typoJoseph Sutton2022-12-141-1/+1
* CVE-2022-37966 param: Add support for new option "kdc force enable rc4 weak s...Andrew Bartlett2022-12-143-0/+29
* CVE-2022-37966 param: Add support for new option "kdc default domain supporte...Joseph Sutton2022-12-144-0/+125
* CVE-2022-37967 Add new PAC checksumJoseph Sutton2022-12-1414-54/+413
* CVE-2022-37966 HEIMDAL: Look up the server keys to combine with clients etype...Andrew Bartlett2022-12-142-6/+1