CVE-2026-4408: s3:samr-server: make check_password_complexity_internal() non-static...

author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Sat, 2 May 2026 10:12:38 +0000 (22:12 +1200)

committer Stefan Metzmacher <metze@samba.org>

Tue, 26 May 2026 12:51:32 +0000 (12:51 +0000)
author Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Sat, 2 May 2026 10:12:38 +0000 (22:12 +1200)
committer Stefan Metzmacher <metze@samba.org>
Tue, 26 May 2026 12:51:32 +0000 (12:51 +0000)
diff --git a/source3/rpc_server/samr/srv_samr_chgpasswd.c b/source3/rpc_server/samr/srv_samr_chgpasswd.c

index 3ab050f66600fed97bd1636ac30bee8838603340..95c706ef6aea6ee7746252028db4cac003e5b3c4 100644 (file)
--- a/source3/rpc_server/samr/srv_samr_chgpasswd.c
+++ b/source3/rpc_server/samr/srv_samr_chgpasswd.c
@@ -1009,10 +1009,10 @@ static bool check_passwd_history(struct samu *sampass, const char *plaintext)
  /***********************************************************
  ************************************************************/
  
-static NTSTATUS check_password_complexity_internal(TALLOC_CTX *tosctx,
-                                                  const char *orig_cmd,
-                                                  const char *username,
-                                                  char **cmd_out)
+NTSTATUS check_password_complexity_internal(TALLOC_CTX *tosctx,
+                                           const char *orig_cmd,
+                                           const char *username,
+                                           char **cmd_out)
  {
         const char *fallback_username = "__CVE-2026-4408_FallbackUsername__";
         const char *inv = NULL;
diff --git a/source3/rpc_server/samr/srv_samr_util.h b/source3/rpc_server/samr/srv_samr_util.h

index 5e839ac77c011a8735a00fb245ada5ac366356e7..a3a22012858b874156d56a4e2a04401631b0cd02 100644 (file)
--- a/source3/rpc_server/samr/srv_samr_util.h
+++ b/source3/rpc_server/samr/srv_samr_util.h
@@ -79,6 +79,11 @@ NTSTATUS pass_oem_change(char *user, const char *rhost,
                          uchar password_encrypted_with_nt_hash[516],
                          const uchar old_nt_hash_encrypted[16],
                          enum samPwdChangeReason *reject_reason);
+
+NTSTATUS check_password_complexity_internal(TALLOC_CTX *mem_ctx,
+                                           const char *_orig_cmd,
+                                           const char *username,
+                                           char **cmd_out);
  NTSTATUS check_password_complexity(const char *username,
                                    const char *fullname,
                                    const char *password,
author	Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
	Sat, 2 May 2026 10:12:38 +0000 (22:12 +1200)
committer	Stefan Metzmacher <metze@samba.org>
	Tue, 26 May 2026 12:51:32 +0000 (12:51 +0000)
source3/rpc_server/samr/srv_samr_chgpasswd.c		patch \| blob \| blame \| history
source3/rpc_server/samr/srv_samr_util.h		patch \| blob \| blame \| history