samba.git/source3/libads, branch v3-5-test Unnamed repository; edit this file 'description' to name the repository. s3-libads: Use a reducing page size to try and cope with a slow LDAP server 2012-05-28T19:27:27+00:00 Andrew Bartlett abartlet@samba.org 2012-05-18T12:01:14+00:00 8572ce0e5ff17bfe0df2823078119be9182a0378 If we cannot get 1000 users downloaded in 15seconds, try with 500, 250 and then 125 users at a time. Andrew Bartlett 
If we cannot get 1000 users downloaded in 15seconds, try with 500, 250
and then 125 users at a time.

Andrew Bartlett
s3-libads: Map LDAP_TIMELIMIT_EXCEEDED as NT_STATUS_IO_TIMEOUT 2012-05-28T19:27:23+00:00 Andrew Bartlett abartlet@samba.org 2012-05-18T07:38:48+00:00 d113c69edb57c7a3d72e3ab122cec44858a5313e This allows Samba to then handle this error in the same way it would for RPC connections Andrew Bartlett 
This allows Samba to then handle this error in the same way it would for RPC connections

Andrew Bartlett
s3-libads: fix malloc/talloc mismatch in ads_keytab_verify_ticket(). 2012-01-10T20:08:05+00:00 Günther Deschner gd@samba.org 2012-01-06T15:10:55+00:00 aa217fb42c124800c0e1327768a45b4b07f63e6e Guenther Fix big #8692 (ads_keytab_verify_ticket mixes talloc allocation with malloc free). (cherry picked from commit 6da7abe87db15d260db807643a25a96fc05e5ad9) 
Guenther

Fix big #8692 (ads_keytab_verify_ticket mixes talloc allocation with malloc
free).
(cherry picked from commit 6da7abe87db15d260db807643a25a96fc05e5ad9)
s3-libads Default to NOT using the server-supplied principal from SPNEGO 2011-05-13T19:37:38+00:00 Andrew Bartlett abartlet@samba.org 2010-12-04T02:48:37+00:00 e962852687f539678b7c38ed21f1b76c328821f2 This principal is not supplied by later versions of windows, and using it opens up some oportunities for man in the middle attacks. (Becuase it isn't the name being contacted that is verified with the KDC). This adds the option 'client use spnego principal' to the smb.conf (as used in Samba4) to control this behaivour. As in Samba4, this defaults to false. Against 2008 servers, this will not change behaviour. Against earlier servers, it may cause a downgrade to NTLMSSP more often, in environments where server names are not registered with the KDC as servicePrincipalName values. Andrew Bartlett (cherry picked from commit bb7806283e71f3b8029aae0eed326b5847a36d83) 
This principal is not supplied by later versions of windows, and using
it opens up some oportunities for man in the middle attacks.  (Becuase
it isn't the name being contacted that is verified with the KDC).

This adds the option 'client use spnego principal' to the smb.conf (as
used in Samba4) to control this behaivour.  As in Samba4, this
defaults to false.

Against 2008 servers, this will not change behaviour.  Against earlier
servers, it may cause a downgrade to NTLMSSP more often, in
environments where server names are not registered with the KDC as
servicePrincipalName values.

Andrew Bartlett
(cherry picked from commit bb7806283e71f3b8029aae0eed326b5847a36d83)
Fix bug 7694 - Crash bug with invalid SPNEGO token. 2010-10-07T15:43:58+00:00 Jeremy Allison jra@samba.org 2010-09-26T11:59:31+00:00 5e7e402320ebce06957e85f35d478615b2210a87 Found by the CodeNomicon test suites at the SNIA plugfest. http://www.codenomicon.com/ If an invalid SPNEGO packet contains no OIDs we crash in the SMB1/SMB2 server as we indirect the first returned value OIDs[0], which is returned as NULL. Modified for 3.5.x. Jeremy. 
Found by the CodeNomicon test suites at the SNIA plugfest.

http://www.codenomicon.com/

If an invalid SPNEGO packet contains no OIDs we crash in the SMB1/SMB2 server
as we indirect the first returned value OIDs[0], which is returned as NULL.

Modified for 3.5.x.

Jeremy.
Fix bug #7669. 2010-09-15T18:53:08+00:00 Jeremy Allison jra@samba.org 2010-09-09T13:54:23+00:00 462e5f7b139e294016ecefefed20dda107816622 Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in Samba4). CVE-2010-3069: =========== Description =========== All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sid_parse() function (and related dom_sid_parse() function in the source4 code) do not correctly check their input lengths when reading a binary representation of a Windows SID (Security ID). This allows a malicious client to send a sid that can overflow the stack variable that is being used to store the SID in the Samba smbd server. A connection to a file share is needed to exploit this vulnerability, either authenticated or unauthenticated (guest connection). (cherry picked from commit a34c3e999bb1ea61da31c5b3e845b19663039358) 
Fix bug #7669 (buffer overflow in sid_parse() in Samba3 and dom_sid_parse in
Samba4).

CVE-2010-3069:

===========
Description
===========

All current released versions of Samba are vulnerable to
a buffer overrun vulnerability. The sid_parse() function
(and related dom_sid_parse() function in the source4 code)
do not correctly check their input lengths when reading a
binary representation of a Windows SID (Security ID). This
allows a malicious client to send a sid that can overflow
the stack variable that is being used to store the SID in the
Samba smbd server.

A connection to a file share is needed to exploit this
vulnerability, either authenticated or unauthenticated
(guest connection).
(cherry picked from commit a34c3e999bb1ea61da31c5b3e845b19663039358)
s3: Allow previous password to be stored and use it to check tickets 2010-06-03T13:33:09+00:00 Matthieu Patou mat@matws.net 2010-05-21T07:57:29+00:00 89eea1fa9154c67ae4d3e729a8db7ad17ec9b9d7 This patch is to fix bug 7099. It stores the current password in the previous password key when the password is changed. It also check the user ticket against previous password. Signed-off-by: Günther Deschner <gd@samba.org> Fix bug #7099 (Every Thursday at 11:08-11:15am Windows Client Connections break with Kerberos errors). 
This patch is to fix bug 7099. It stores the current password in the
 previous password key when the password is changed. It also check the
 user ticket against previous password.

Signed-off-by: Günther Deschner <gd@samba.org>

Fix bug #7099 (Every Thursday at 11:08-11:15am Windows Client
Connections break with Kerberos errors).
s3-kerberos: temporary fix for ipv6 in print_kdc_line(). 2010-05-19T10:53:09+00:00 Günther Deschner gd@samba.org 2010-05-14T22:34:35+00:00 5ab33bec40739c7c86b17536fd6cdc04fc0f91b2 Currently no krb5 lib supports "kdc = ipv6 address" at all, so for now just fill in just the kdc_name if we have it and let the krb5 lib figure out the appropriate ipv6 address ipv6 gurus, please check. Guenther (cherry picked from commit dd5a4e23f8c24564d3fd21bb8d01172321087362) The last 3 patches fix bug #7341 (winbind not working over IPv6). 
Currently no krb5 lib supports "kdc = ipv6 address" at all, so for now just fill
in just the kdc_name if we have it and let the krb5 lib figure out the
appropriate ipv6 address

ipv6 gurus, please check.

Guenther
(cherry picked from commit dd5a4e23f8c24564d3fd21bb8d01172321087362)

The last 3 patches fix bug #7341 (winbind not working over IPv6).
s3-kerberos: pass down kdc_name to create_local_private_krb5_conf_for_domain(). 2010-05-19T10:52:58+00:00 Günther Deschner gd@samba.org 2010-05-14T21:23:34+00:00 2ce299f16cb2ff292755186894284d6efb296d08 Guenther (cherry picked from commit e3bdff3d67b46277ee59685218bd90f3788b487d) 
Guenther
(cherry picked from commit e3bdff3d67b46277ee59685218bd90f3788b487d)
s3-libads: fix get_remote_printer_publishing_data after spoolss_EnumPrinterDataEx IDL change. 2010-03-11T09:29:55+00:00 Günther Deschner gd@samba.org 2010-03-04T16:58:49+00:00 6c01c8108b6d196415d056e185458a1bf0be592d Guenther (cherry picked from commit 8e6dd25391d77b69859a3b622a1b116fa8000a40) 
Guenther
(cherry picked from commit 8e6dd25391d77b69859a3b622a1b116fa8000a40)