summaryrefslogtreecommitdiff
path: root/source4
Commit message (Expand)AuthorAgeFilesLines
* CVE-2023-0225 s4-acl: Don't return early if dNSHostName element has no valuesJoseph Sutton2023-03-201-5/+7
* CVE-2023-0225 pytest/acl: test deleting dNSHostName as unprivileged userDouglas Bagnall2023-03-202-0/+237
* CVE-2023-0225 CVE-2020-25720 pydsdb: Add dsHeuristics constant definitionsJoseph Sutton2023-03-201-0/+30
* CVE-2023-0225 CVE-2020-25720 s4/dsdb/util: Add functions for dsHeuristics 28, 29Joseph Sutton2023-03-201-0/+40
* CVE-2023-0614 lib/ldb-samba: Add test for SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EV...Andrew Bartlett2023-03-201-0/+1
* CVE-2023-0614 dsdb: Add DSDB_MARK_REQ_UNTRUSTEDAndrew Bartlett2023-03-202-0/+5
* CVE-2023-0614 s4-dsdb: Treat confidential attributes as unindexedJoseph Sutton2023-03-204-4/+33
* CVE-2023-0614 ldb: Use binary search to check whether attribute is secretJoseph Sutton2023-03-201-21/+35
* CVE-2023-0614 s4-acl: Avoid calling dsdb_module_am_system() if we can help itJoseph Sutton2023-03-201-3/+8
* CVE-2023-0614 ldb: Prevent disclosure of confidential attributesJoseph Sutton2023-03-205-454/+581
* CVE-2023-0614 s4-acl: Split out function to set up access checking variablesJoseph Sutton2023-03-201-33/+80
* CVE-2023-0614 s4-dsdb: Add samdb_result_dom_sid_buf()Joseph Sutton2023-03-201-0/+20
* CVE-2023-0614 s4-acl: Split out logic to remove access checking attributesJoseph Sutton2023-03-201-23/+35
* CVE-2023-0614 tests/krb5: Add test for confidential attributes timing differe...Joseph Sutton2023-03-201-0/+162
* CVE-2023-0614 schema_samba4.ldif: Allocate previously added OIDJoseph Sutton2023-03-201-0/+1
* schema_samba4.ldif: Allocate previously added OIDsJoseph Sutton2023-03-201-0/+2
* CVE-2023-0614 s4:dsdb:tests: Fix <GUID={}> search in confidential attributes ...Joseph Sutton2023-03-201-3/+3
* CVE-2023-0614 s4:dsdb/extended_dn_in: Don't modify a search tree we don't ownJoseph Sutton2023-03-201-8/+32
* CVE-2023-0614 ldb: Make use of ldb_filter_attrs_in_place()Joseph Sutton2023-03-201-8/+4
* CVE-2023-0614 s4-acl: Use ldb functions for handling inaccessible message ele...Joseph Sutton2023-03-201-52/+10
* CVE-2023-0614 s4-acl: Make some parameters constJoseph Sutton2023-03-201-2/+2
* CVE-2023-0614 s4:dsdb: Use talloc_get_type_abort() more consistentlyJoseph Sutton2023-03-204-5/+5
* CVE-2023-0614 dsdb: Alter timeout test in large_ldap.py to be slower by match...Andrew Bartlett2023-03-201-2/+16
* CVE-2023-0614 selftest: Use setUpClass() to reduce "make test TESTS=large_lda...Andrew Bartlett2023-03-201-33/+36
* s4-drsuapi: Give an error that matches windows on destination_dsa_guid lookup...Andrew Bartlett2023-02-031-2/+12
* s4-drsuapi: Clarify role of drs_security_access_check_nc_root()Andrew Bartlett2023-02-031-1/+5
* s4-rpc_server: Pre-check destination_dsa_guid in GetNCChanges for validityAndrew Bartlett2023-02-031-3/+39
* s4-drsuapi: Use samdb_get_ntds_obj_by_guid() to find RODC in REPL_SECRETAndrew Bartlett2023-02-031-3/+9
* s4-dsdb: Require that the NTDS object is an nTDSDSA objectclassAndrew Bartlett2023-02-031-1/+1
* s4-dsdb: Split samdb_get_ntds_obj_by_guid() out of samdb_is_rodc()Andrew Bartlett2023-02-031-12/+47
* s4-rpc_server/drsuapi: Return correct error code for an invalid DN to EXOP_RE...Andrew Bartlett2023-02-031-0/+14
* s4-drs: Make drs_ObjectIdentifier_to_dn() safer and able to cope with DummyDN...Andrew Bartlett2023-02-033-29/+165
* s4-dsdb: rework drs_ObjectIdentifier_to_dn() into drs_ObjectIdentifier_to_dn_...Andrew Bartlett2023-02-034-30/+132
* s4-rpc_server/drsuapi: Use dsdb_normalise_dn_and_find_nc_root()Andrew Bartlett2023-02-031-3/+9
* s4-dsdb: Add dsdb_normalise_dn_and_find_nc_root() around dsdb_find_nc_root()Andrew Bartlett2023-02-031-2/+33
* s4-dsdb: Add better debugging to dsdb_objects_have_same_nc()Andrew Bartlett2023-02-031-4/+4
* s4-dsdb: Make dsdb_find_nc_root() first try and use DSDB_CONTROL_CURRENT_PART...Andrew Bartlett2023-02-031-3/+234
* s4-dsdb: Schedule SD propegation only after successful renameAndrew Bartlett2023-02-031-39/+95
* s4-selftest/drs: Confirm GetNCChanges REPL_SECRET works with a DummyDN and re...Andrew Bartlett2023-02-032-1/+49
* s4-selftest/drs: Confirm GetNCChanges full replication works with a DummyDN a...Andrew Bartlett2023-02-031-2/+50
* s4-selftest/drs: Confirm GetNCChanges REPL_OBJ works with a DummyDN and real ...Andrew Bartlett2023-02-031-6/+74
* s4-selftest/drs Allow re-run of DRS tests after failed cleanupAndrew Bartlett2023-02-031-1/+2
* s4-selftest/drs Allow some DRS tests to operate against an IPAndrew Bartlett2023-02-034-29/+18
* s4-selftest/drs Add test of expected return code for invaid DNs in GetNCChangesAndrew Bartlett2023-02-032-3/+83
* s3: smbd: Add test to show smbd crashes when doing an FSCTL on a named stream...Jeremy Allison2023-01-232-0/+76
* CVE-2022-38023 s4:rpc_server/netlogon: Move schannel and credentials check fu...Samuel Cabrero2023-01-232-546/+2
* CVE-2022-38023 s4:rpc_server:wscript: Reformat following pycodestyleSamuel Cabrero2023-01-231-122/+168
* s4: libcli: Ignore errors when getting A records after fetching AAAA records.Jeremy Allison2023-01-161-6/+8
* s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_FLUSH test to smb2.compound...Jeremy Allison2023-01-161-0/+115
* s4: torture: Add an async SMB2_OP_FLUSH + SMB2_OP_CLOSE test to smb2.compound...Jeremy Allison2023-01-162-0/+118