summaryrefslogtreecommitdiff
path: root/source4
Commit message (Expand)AuthorAgeFilesLines
* CVE-2022-32742: s4: torture: Add raw.write.bad-write test.Jeremy Allison2022-07-241-0/+89
* CVE-2022-2031 s4:kpasswd: Do not accept TGTs as kpasswd ticketsJoseph Sutton2022-07-244-0/+48
* CVE-2022-2031 s4:auth: Use PAC to determine whether ticket is a TGTJoseph Sutton2022-07-241-0/+44
* CVE-2022-2031 auth: Add ticket type field to auth_user_info_dc and auth_sessi...Joseph Sutton2022-07-244-5/+7
* CVE-2022-32744 s4:kpasswd: Ensure we pass the kpasswd server principal into k...Joseph Sutton2022-07-241-0/+30
* CVE-2022-32744 s4:kdc: Modify HDB plugin to only look up kpasswd principalJoseph Sutton2022-07-243-1/+70
* s4:kdc: Remove kadmin mode from HDB pluginJoseph Sutton2022-07-241-28/+7
* CVE-2022-32744 s4:kdc: Rename keytab_name -> kpasswd_keytab_nameJoseph Sutton2022-07-244-6/+6
* CVE-2022-2031 s4:kdc: Don't use strncmp to compare principal componentsJoseph Sutton2022-07-241-5/+22
* CVE-2022-2031 s4:kdc: Reject tickets during the last two minutes of their lifeJoseph Sutton2022-07-241-1/+18
* CVE-2022-2031 s4:kdc: Limit kpasswd ticket lifetime to two minutes or lessJoseph Sutton2022-07-243-1/+8
* CVE-2022-2031 s4:kdc: Fix canonicalisation of kadmin/changepw principalJoseph Sutton2022-07-241-38/+46
* CVE-2022-2031 s4:kdc: Refactor samba_kdc_get_entry_principal()Joseph Sutton2022-07-241-61/+55
* CVE-2022-2031 s4:kdc: Split out a samba_kdc_get_entry_principal() functionJoseph Sutton2022-07-241-85/+107
* CVE-2022-2031 s4:kdc: Implement is_kadmin_changepw() helper functionAndreas Schneider2022-07-241-5/+11
* s4:kpasswd: Restructure code for clarityJoseph Sutton2022-07-241-24/+22
* CVE-2022-2031 s4:kpasswd: Require an initial ticketJoseph Sutton2022-07-243-0/+35
* CVE-2022-2031 gensec_krb5: Add helper function to check if client sent an ini...Joseph Sutton2022-07-245-18/+157
* CVE-2022-2031 s4:kpasswd: Return a kpasswd error code in KRB-ERRORJoseph Sutton2022-07-241-1/+1
* CVE-2022-2031 s4:kpasswd: Don't return AP-REP on failureJoseph Sutton2022-07-241-0/+2
* CVE-2022-2031 s4:kpasswd: Correctly generate error stringsJoseph Sutton2022-07-241-7/+6
* CVE-2022-2031 tests/krb5: Add tests for kpasswd serviceJoseph Sutton2022-07-241-0/+4
* CVE-2022-32744 selftest: Specify Administrator kvno for Python krb5 testsJoseph Sutton2022-07-241-0/+1
* CVE-2022-2031 s4:kpasswd: Add MIT fallback for decoding setpw structureJoseph Sutton2022-07-241-15/+79
* CVE-2022-2031 s4:kpasswd: Account for missing target principalJoseph Sutton2022-07-241-10/+12
* heimdal:kdc: Accommodate NULL data parameter in krb5_pac_get_buffer()Joseph Sutton2022-07-241-4/+6
* CVE-2022-2031 s4:kdc: Add MIT support for ATTRIBUTES_INFO and REQUESTER_SID P...Joseph Sutton2022-07-243-5/+94
* selftest: Simplify krb5 test environmentsJoseph Sutton2022-07-241-156/+35
* kdc: Canonicalize realm for enterprise principalsJoseph Sutton2022-07-241-13/+11
* kdc: Require that PAC_REQUESTER_SID buffer is present for TGTsJoseph Sutton2022-07-241-0/+6
* heimdal:kdc: Do not generate extra PAC buffers for S4U2Self service ticketJoseph Sutton2022-07-245-7/+16
* selftest: Properly check extra PAC buffers with HeimdalJoseph Sutton2022-07-241-1/+1
* heimdal:kdc: Always generate a PAC for S4U2SelfJoseph Sutton2022-07-241-6/+7
* kdc: Remove PAC_TYPE_ATTRIBUTES_INFO from RODC-issued ticketsJoseph Sutton2022-07-241-1/+1
* kdc: Don't include extra PAC buffers in service ticketsJoseph Sutton2022-07-241-10/+21
* Revert "CVE-2020-25719 s4/torture: Expect additional PAC buffers"Joseph Sutton2022-07-241-22/+2
* kdc: Always add the PAC if the header TGT is from an RODCJoseph Sutton2022-07-241-1/+1
* kdc: Match Windows error code for mismatching snameJoseph Sutton2022-07-241-1/+1
* kdc: Adjust SID mismatch error code to match WindowsJoseph Sutton2022-07-241-5/+1
* heimdal:kdc: Adjust no-PAC error code to match WindowsJoseph Sutton2022-07-241-1/+1
* s4:torture: Fix typoJoseph Sutton2022-07-241-1/+1
* heimdal:kdc: Fix error message for user-to-userJoseph Sutton2022-07-241-1/+1
* tests/krb5: Align PAC buffer checking to more closely match Windows with PacR...Joseph Sutton2022-07-241-19/+39
* selftest: Check received LDB error code when STRICT_CHECKING=0Joseph Sutton2022-07-241-1/+1
* s4:kdc: Also cannoicalize krbtgt principals when enforcing canonicalizationAndreas Schneider2022-07-241-1/+1
* s4:mit-kdb: Force canonicalization for looking up principalsIsaac Boukris2022-07-244-1/+16
* CVE-2022-32745 s4/dsdb/util: Correctly copy values into message elementJoseph Sutton2022-07-241-1/+1
* CVE-2022-32745 s4/dsdb/util: Don't call memcpy() with a NULL pointerJoseph Sutton2022-07-241-4/+8
* CVE-2022-32745 s4/dsdb/util: Use correct value for loop count limitJoseph Sutton2022-07-241-1/+1
* CVE-2022-32745 s4/dsdb/samldb: Check for empty values arrayJoseph Sutton2022-07-241-2/+2
View Lorry Controller Status