summaryrefslogtreecommitdiff
path: root/selftest
Commit message (Expand)AuthorAgeFilesLines
* CVE-2020-25717: s3:auth: Fallback to a SID/UID based mapping if the named bas...Andrew Bartlett2021-11-171-2/+0
* CVE-2020-25717: tests/krb5: Add a test for idmap_nss mapping users to SIDsJoseph Sutton2021-11-171-0/+2
* CVE-2020-25717: selftest: turn ad_member_no_nss_wb into ad_member_idmap_nssJoseph Sutton2021-11-172-5/+21
* CVE-2021-3738 s4:rpc_server/drsuapi: make use of assoc_group aware dcesrv_sam...Stefan Metzmacher2021-11-081-1/+0
* CVE-2021-3738 s4:torture/drsuapi: DsBindAssocGroup* testsStefan Metzmacher2021-11-081-0/+1
* CVE-2021-23192: dcesrv_core: only the first fragment specifies the auth_contextsStefan Metzmacher2021-11-081-20/+0
* CVE-2021-23192: python/tests/dcerpc: add tests to check how security contexts...Stefan Metzmacher2021-11-081-0/+20
* CVE-2020-25722 selftest: Ensure check for duplicate servicePrincipalNames is ...Joseph Sutton2021-11-081-2/+0
* CVE-2020-25722 selftest: Add test for duplicate servicePrincipalNames on an a...Joseph Sutton2021-11-081-0/+2
* CVE-2020-25718 heimdal:kdc: Add comment about tests for tickets of users not ...Joseph Sutton2021-11-081-1/+3
* CVE-2020-25719 tests/krb5: Add tests for using a ticket with a renamed accountJoseph Sutton2021-11-081-0/+1
* CVE-2020-25719 heimdal:kdc: Require PAC to be presentJoseph Sutton2021-11-081-4/+0
* CVE-2020-25722 kdc: Do not honour a request for a 3-part SPN (ending in our d...Andrew Bartlett2021-11-082-12/+0
* CVE-2020-25719 heimdal:kdc: Verify PAC in TGT provided for user-to-user authe...Joseph Sutton2021-11-081-11/+0
* CVE-2020-25719 heimdal:kdc: Check name in request against name in user-to-use...Joseph Sutton2021-11-081-3/+0
* CVE-2020-25719 heimdal:kdc: Use sname from request rather than user-to-user T...Joseph Sutton2021-11-081-20/+0
* CVE-2020-25719 s4:kdc: Add KDC support for PAC_REQUESTER_SID PAC bufferJoseph Sutton2021-11-081-57/+0
* CVE-2020-25722 Ensure the structural objectclass cannot be changedAndrew Bartlett2021-11-084-34/+1
* CVE-2020-25721 auth: Fill in the new HAS_SAM_NAME_AND_SID valuesAndrew Bartlett2021-11-082-14/+0
* CVE-2020-25718 kdc: Return ERR_POLICY if RODC krbtgt account is invalidJoseph Sutton2021-11-081-8/+0
* CVE-2020-25718 kdc: Confirm the RODC was allowed to issue a particular ticketAndrew Bartlett2021-11-081-12/+0
* CVE-2020-25719 heimdal:kdc: Require authdata to be presentJoseph Sutton2021-11-081-11/+0
* CVE-2020-25719 s4:kdc: Add KDC support for PAC_ATTRIBUTES_INFO PAC bufferJoseph Sutton2021-11-081-23/+0
* CVE-2020-25719 s4:kdc: Check if the pac is valid before updating itAndreas Schneider2021-11-082-35/+6
* CVE-2020-25719 mit-samba: Rework PAC handling in kdb_samba_db_sign_auth_data()Andreas Schneider2021-11-081-4/+2
* CVE-2020-25719 s4/torture: Expect additional PAC buffersJoseph Sutton2021-11-081-0/+39
* CVE-2020-25719 tests/krb5: Add tests for mismatched names with user-to-userJoseph Sutton2021-11-082-0/+16
* CVE-2020-25719 tests/krb5: Add test for user-to-user with no snameJoseph Sutton2021-11-082-0/+2
* CVE-2020-25719 tests/krb5: Add tests for requester SID PAC bufferJoseph Sutton2021-11-082-0/+38
* CVE-2020-25719 tests/krb5: Add tests for PAC-REQUEST padataJoseph Sutton2021-11-082-0/+27
* CVE-2020-25719 tests/krb5: Add tests for PAC attributes bufferJoseph Sutton2021-11-082-0/+43
* CVE-2020-25719 tests/krb5: Adjust PAC tests to prepare for new PAC_ATTRIBUTES...Joseph Sutton2021-11-082-2/+0
* CVE-2020-25719 tests/krb5: Use correct credentials for user-to-user testsJoseph Sutton2021-11-082-2/+0
* CVE-2020-25722 selftest: Adapt ldap.py tests to new objectClass restrictionsJoseph Sutton2021-11-081-0/+1
* CVE-2020-25722 s4/dsdb/samldb: reject SPN with too few/many componentsDouglas Bagnall2021-11-081-2/+0
* CVE-2020-25722 s4/dsdb/samldb: check for SPN uniqueness, including aliasesDouglas Bagnall2021-11-081-23/+0
* CVE-2020-25722 s4/dsdb/samldb: check sAMAccountName for illegal charactersDouglas Bagnall2021-11-081-1/+0
* CVE-2020-25722 s4/dsdb/samldb: check for clashes in UPNs/samaccountnamesDouglas Bagnall2021-11-081-15/+0
* CVE-2020-25722 pytest: test setting servicePrincipalName over ldapDouglas Bagnall2021-11-081-0/+26
* CVE-2020-25722 pytest: test sAMAccountName/userPrincipalName over ldapDouglas Bagnall2021-11-081-0/+16
* CVE-2020-25722 blackbox/upgrades tests: ignore SPN for ldapcmpDouglas Bagnall2021-11-081-4/+0
* CVE-2020-25722 s4/provision: add host/ SPNs at the startDouglas Bagnall2021-11-081-0/+4
* CVE-2020-25722 Check all elements in acl_check_spn() not just the first oneAndrew Bartlett2021-11-081-1/+0
* CVE-2020-25722: s4-acl: Make sure Control Access Rights honor the Applies-to ...Nadezhda Ivanova2021-11-081-1/+0
* CVE-2020-25722: s4-acl: test Control Access Rights honor the Applies-to attri...Nadezhda Ivanova2021-11-081-0/+1
* CVE-2020-25722 Add test for SPN deletion followed by additionJoseph Sutton2021-11-081-0/+1
* CVE-2020-25717: selftest: configure 'ktest' env with winbindd and idmap_autoridStefan Metzmacher2021-11-082-33/+5
* CVE-2020-25719 CVE-2020-25717: auth/gensec: always require a PAC in domain mo...Stefan Metzmacher2021-11-081-4/+0
* CVE-2020-25717: s3:auth: remove fallbacks in smb_getpwnam()Ralph Boehme2021-11-081-0/+26
* CVE-2020-25717: s3:auth: Check minimum domain uidSamuel Cabrero2021-11-081-1/+0
View Lorry Controller Status