[SCM] Samba Shared Repository - branch v4-17-test updated
Stefan Metzmacher
metze at samba.org
Wed Dec 14 14:47:01 UTC 2022
The branch, v4-17-test has been updated
via 1c7d60ee090 s4:libnet: correctly handle gnutls_pbkdf2() errors
via 77fb5b47621 s4:libnet: fix error string for failing samr_ChangePasswordUser4()
from 5048d63c92e CVE-2022-37966 python:/tests/krb5: call sys.path.insert(0, "bin/python") before any other imports
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-17-test
- Log -----------------------------------------------------------------
commit 1c7d60ee090155e0222284e937dd553d1eccc929
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Dec 14 10:37:41 2022 +0100
s4:libnet: correctly handle gnutls_pbkdf2() errors
We should not ignore the error nor should we map
GNUTLS_E_UNWANTED_ALGORITHM to NT_STATUS_WRONG_PASSWORD,
instead we use NT_STATUS_CRYPTO_SYSTEM_INVALID as in most other places
in the same file.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Baumbach <bbaumbach at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Dec 14 13:35:20 UTC 2022 on sn-devel-184
(cherry picked from commit eb5df255faea7326a7b85c1e7ce5a66119a27c3a)
Autobuild-User(v4-17-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-17-test): Wed Dec 14 14:46:02 UTC 2022 on sn-devel-184
commit 77fb5b4762198d7fa1727b6e0b35cb172de1d627
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Dec 14 10:32:31 2022 +0100
s4:libnet: fix error string for failing samr_ChangePasswordUser4()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Björn Baumbach <bbaumbach at samba.org>
(cherry picked from commit 53d558365161be1793dad78ebcce877c732f2419)
-----------------------------------------------------------------------
Summary of changes:
source4/libnet/libnet_passwd.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c
index 8fc4715a209..d7e9400b559 100644
--- a/source4/libnet/libnet_passwd.c
+++ b/source4/libnet/libnet_passwd.c
@@ -81,7 +81,10 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX *mem_ctx,
cek.length);
BURN_DATA(old_nt_key_data);
if (rc < 0) {
- status = gnutls_error_to_ntstatus(rc, NT_STATUS_WRONG_PASSWORD);
+ status = gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
}
status = init_samr_CryptPasswordAES(mem_ctx,
@@ -105,13 +108,13 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX *mem_ctx,
goto done;
}
if (!NT_STATUS_IS_OK(r.out.result)) {
+ status = r.out.result;
*error_string = talloc_asprintf(mem_ctx,
"samr_ChangePasswordUser4 for "
"'%s\\%s' failed: %s",
server->string,
account->string,
nt_errstr(status));
- status = r.out.result;
goto done;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list