samba.git/source4/auth/tests, branch talloc-2.4.0 Unnamed repository; edit this file 'description' to name the repository. s4-auth: fix sam test binary ntstatus include path 2022-12-16T21:35:45+00:00 Günther Deschner gd@samba.org 2022-11-09T15:21:16+00:00 07617a344e1a6864401ace0b42083985131c480f Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Dec 16 21:35:45 UTC 2022 on sn-devel-184 
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Dec 16 21:35:45 UTC 2022 on sn-devel-184
CVE-2021-20251: s4:auth: fix use after free in authsam_logon_success_accounting() 2022-11-24T11:01:37+00:00 Stefan Metzmacher metze@samba.org 2022-11-07T16:21:44+00:00 1414269dccfd7cb831889cc92df35920b034457c This fixes a use after free problem introduced by commit 7b8e32efc336fb728e0c7e3dd6fbe2ed54122124, which has msg = current; which means the lifetime of the 'msg' memory is no longer in the scope of th caller. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15253 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
This fixes a use after free problem introduced by
commit 7b8e32efc336fb728e0c7e3dd6fbe2ed54122124,
which has msg = current; which means the lifetime
of the 'msg' memory is no longer in the scope of th
caller.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15253

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
CVE-2022-3437 s4/auth/tests: Add unit tests for unwrap_des3() 2022-10-25T10:31:33+00:00 Joseph Sutton josephsutton@catalyst.net.nz 2022-10-12T00:55:39+00:00 c8e85295c988d653c3c425e0c4b8900f30fa1bba BUG: https://bugzilla.samba.org/show_bug.cgi?id=15134 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15134

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
CVE-2021-20251 s4 auth test: Unit tests for source4/auth/sam.c 2022-09-12T23:07:37+00:00 Gary Lockyer gary@catalyst.net.nz 2021-02-08T22:59:05+00:00 d6cf245b96fb02edb3bcc52733d040d5f03fb918 cmocka unit tests for the authsam_reread_user_logon_data in source4/auth/sam.c BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
cmocka unit tests for the authsam_reread_user_logon_data in
source4/auth/sam.c

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
auth:creds: Remove unused credentials autoproto header 2020-08-19T16:22:40+00:00 Andreas Schneider asn@samba.org 2020-07-23T05:47:18+00:00 59a1272a6c8f53ebfa1749ba26edfd40a11b6383 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
s4-auth-tests: Fix test_kerberos with MIT krb 2018-11-10T11:48:02+00:00 Justin Stephenson jstephen@redhat.com 2018-11-08T15:57:48+00:00 899d00e6be5af48b93c15beb43f7383eeb8508b1 When a keytab of type MEMORY is used, the MIT kerberos krb5_kt_add_entry() library function adds a keytab entry to the beginning of the keytab table, instead of the end. This adds a MIT kerberos conditional to reverse iterate through the keytable entries to address this. Signed-off-by: Justin Stephenson <jstephen@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Sat Nov 10 12:48:02 CET 2018 on sn-devel-144 
When a keytab of type MEMORY is used, the MIT kerberos krb5_kt_add_entry()
library function adds a keytab entry to the beginning of the keytab table,
instead of the end.

This adds a MIT kerberos conditional to reverse iterate through
the keytable entries to address this.

Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Sat Nov 10 12:48:02 CET 2018 on sn-devel-144
s4/auth/tests: Fix kerberos test string size 2018-10-05T11:08:25+00:00 Alexander Bokovoy ab@samba.org 2018-10-03T19:48:00+00:00 54207bb3b2e18cf36c2a5585f9847326930b33ed >>> len("user0@samba.example.com") 23 But the string definition does not take a final '\0' into account. As per Volker's suggestion, use compiler's support to allocate the string properly. Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> 
>>> len("user0@samba.example.com")
23

But the string definition does not take a final '\0' into account.
As per Volker's suggestion, use compiler's support to allocate
the string properly.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
auth: keytab invalidation test 2018-05-15T10:41:55+00:00 Aaron Haslett aaronhaslett@catalyst.net.nz 2018-04-30T23:10:24+00:00 a3d6fdd5355d366f3d23915cecc10c6f039daa44 chgtdcpass should add a new DC password and delete the old ones but the bug exposed by this test causes the tool to remove only a single record from the old entries, leaving the old passwords functional. Since the tool is used by administrators who may have disclosed their domain join password and want to invalidate it, this is a security concern. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13415 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
chgtdcpass should add a new DC password and delete the old ones but the bug
exposed by this test causes the tool to remove only a single record from
the old entries, leaving the old passwords functional.  Since the tool is
used by administrators who may have disclosed their domain join password and
want to invalidate it, this is a security concern.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13415

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
s4-selftest: Move more tests to scripting/python, simplifies running of tests. 2010-09-22T05:54:38+00:00 Jelmer Vernooij jelmer@samba.org 2010-09-22T05:54:10+00:00 e12e661f35983dfab3e7d869df7770f519b49e48 






s4:auth Remove system_session_anon() from python bindings
2010-08-17T23:50:44+00:00

Andrew Bartlett
abartlet@samba.org

2010-08-14T07:45:57+00:00

ba52834dd97d4c855ab98c2cbab1d6ed8d189de8