summaryrefslogtreecommitdiff
path: root/selftest/knownfail_heimdal_kdc
Commit message (Expand)AuthorAgeFilesLines
* s4:kdc: Enforce TGT lifetime authentication policyJoseph Sutton2023-05-181-21/+0
* tests/krb5: Add tests for authentication policiesJoseph Sutton2023-05-181-0/+84
* tests/krb5: Test that NT_STATUS_ACCOUNT_LOCKED_OUT is returned in KDC reply e...Joseph Sutton2023-05-181-0/+7
* s4:kdc: Add support for AD device claimsJoseph Sutton2023-03-311-37/+0
* s4:kdc: Add support for AD client claimsJoseph Sutton2023-03-311-94/+0
* tests/krb5: Test that denied attributes are still issued in claimsJoseph Sutton2023-03-201-0/+2
* tests/krb5: Test that claims are generated even if PAC-OPTIONS are not setJoseph Sutton2023-03-201-0/+3
* tests/krb5: Test that RODC-issued device groups are regeneratedJoseph Sutton2023-03-201-0/+1
* tests/krb5: Test that RODC-issued claims are regeneratedJoseph Sutton2023-03-201-0/+8
* tests/krb5: Add tests for constrained delegation with RODC-issued ticketsJoseph Sutton2023-03-201-0/+1
* tests/krb5: Add simple resource-based constrained delegation testJoseph Sutton2023-03-201-0/+1
* tests/krb5: Remove old device info and device claims testsJoseph Sutton2023-03-081-3/+0
* tests/krb5: Add tests for device claimsJoseph Sutton2023-03-081-0/+2
* tests/krb5: Add tests for device infoJoseph Sutton2023-03-081-0/+35
* tests/krb5: Add test for compressed claimJoseph Sutton2023-03-081-0/+2
* tests/krb5: Test we get correct values for integer syntax claimsJoseph Sutton2023-03-081-0/+2
* tests/krb5: Document and tidy up existing claims testsJoseph Sutton2023-03-081-2/+2
* tests/krb5: Add tests adding a user to a group prior to a TGS-REQJoseph Sutton2023-03-031-0/+8
* auth: Discard non-base SIDs when creating SamInfo2Joseph Sutton2023-02-081-4/+0
* tests/krb5: Test groups returned by SamLogonJoseph Sutton2023-02-081-0/+4
* s4/dsdb/samldb: Disallow setting a domain-local group as a primary groupJoseph Sutton2023-02-081-4/+0
* auth: Correct primary group handlingJoseph Sutton2023-02-081-6/+0
* tests/krb5: Add tests for the primary groupJoseph Sutton2023-02-081-0/+10
* s4:kdc: Add resource SID compressionJoseph Sutton2023-02-081-16/+0
* auth: Pass through entire PAC flags value in auth_user_infoJoseph Sutton2023-02-081-1/+0
* tests/krb5: Add tests of NETLOGON_RESOURCE_GROUPS flag handlingJoseph Sutton2023-02-081-0/+2
* tests/krb5: Add group tests simulating PACs from a trusted domainJoseph Sutton2023-02-081-0/+3
* tests/krb5: Add some more test cases for PAC group handlingJoseph Sutton2023-02-081-0/+2
* tests/krb5: Remove tests of KDCs without resource SID compression supportJoseph Sutton2023-02-081-2/+1
* auth: Exclude resource groups from a TGTJoseph Sutton2023-02-081-11/+0
* auth: Store group attributes in auth_user_info_dcJoseph Sutton2023-02-081-0/+1
* CVE-2022-37966 kdc: Implement new Kerberos session key behaviour since ENC_HM...Andrew Bartlett2022-12-131-516/+0
* CVE-2022-37966 selftest: Add tests for Kerberos session key behaviour since E...Joseph Sutton2022-12-131-0/+516
* CVE-2022-37966 HEIMDAL: Look up the server keys to combine with clients etype...Andrew Bartlett2022-12-131-5/+0
* CVE-2022-37966 tests/krb5: Add a test requesting tickets with various encrypt...Joseph Sutton2022-12-131-0/+5
* tests/krb5: Add tests of PAC group handlingJoseph Sutton2022-11-081-0/+21
* CVE-2021-20251 s4:kdc: Check badPwdCount update return statusJoseph Sutton2022-09-121-4/+0
* CVE-2021-20251 s4-auth: Pass through error code from badPwdCount updateJoseph Sutton2022-09-121-1/+0
* CVE-2021-20251 s4 auth: make bad password count increment atomicAndrew Bartlett2022-09-121-5/+0
* CVE-2021-20251 tests/krb5: Add tests for password lockout raceJoseph Sutton2022-09-121-0/+10
* tests/krb5: Add claims testsJoseph Sutton2022-09-091-0/+88
* CVE-2022-2031 s4:kpasswd: Do not accept TGTs as kpasswd ticketsJoseph Sutton2022-07-271-4/+0
* CVE-2022-2031 tests/krb5: Add test that we cannot provide a TGT to kpasswdJoseph Sutton2022-07-271-0/+4
* CVE-2022-32744 s4:kdc: Modify HDB plugin to only look up kpasswd principalJoseph Sutton2022-07-271-6/+0
* CVE-2022-2031 s4:kdc: Don't use strncmp to compare principal componentsJoseph Sutton2022-07-271-4/+0
* CVE-2022-2031 tests/krb5: Test truncated forms of server principalsJoseph Sutton2022-07-271-0/+4
* CVE-2022-32744 s4:kdc: Don't allow HDB keytab iterationJoseph Sutton2022-07-271-1/+0
* CVE-2022-2031 s4:kdc: Reject tickets during the last two minutes of their lifeJoseph Sutton2022-07-271-1/+0
* CVE-2022-2031 s4:kdc: Limit kpasswd ticket lifetime to two minutes or lessJoseph Sutton2022-07-271-1/+0
* CVE-2022-2031 s4:kdc: Fix canonicalisation of kadmin/changepw principalJoseph Sutton2022-07-271-2/+0
View Lorry Controller Status