]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 91e2e56) | patch
CVE-2021-20251 s4-rpc_server: Use authsam_search_account() to find the user
authorAndrew Bartlett <abartlet@samba.org>
Mon, 29 Mar 2021 21:51:26 +0000 (10:51 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Mon, 12 Sep 2022 23:07:37 +0000 (23:07 +0000)
commit439f96a2cfe77f6cbf331d965a387512c2db91c6
tree38547b1740df6ff803f7b0a3770135b9bc9dc4dbtree | snapshot
parent91e2e5616ccd507fcaf097533c5fc25974119c1ecommit | diff
CVE-2021-20251 s4-rpc_server: Use authsam_search_account() to find the user

This helps the bad password and audit log handling code as it
allows assumptions to be made about the attributes found in
the variable "msg", such as that DSDB_SEARCH_SHOW_EXTENDED_DN
was used.

This ensures we can re-search on the DN via the embedded GUID,
which in in turn rename-proof.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
source4/rpc_server/samr/samr_password.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git