git.samba.org - samba.git/commit

author	Stefan Metzmacher <metze@samba.org>
	Mon, 4 Oct 2021 15:29:34 +0000 (17:29 +0200)
committer	Jule Anger <janger@samba.org>
	Tue, 9 Nov 2021 19:45:32 +0000 (19:45 +0000)
commit	0e23000f27823243ad797eb39581f83c3ad50b2b
tree	168249ac9d933ee384a0f96f634a9c617d027f3e	tree
parent	05587361498ae8131435aca2d8c860e98f605581	commit \| diff

CVE-2020-25717: s4:auth/ntlm: make sure auth_check_password() defaults to r->out.authoritative = true

We need to make sure that temporary failures don't trigger a fallback
to the local SAM that silently ignores the domain name part for users.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

source4/auth/ntlm/auth.c

diff | blob | history

Samba Shared Repository

RSS Atom