git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7f4f9a3) | patch
CVE-2022-38023 s3:rpc_server/netlogon: Check for global "server schannel require...
authorSamuel Cabrero <scabrero@suse.de>
Thu, 22 Dec 2022 10:05:33 +0000 (11:05 +0100)
committerJule Anger <janger@samba.org>
Mon, 23 Jan 2023 10:01:59 +0000 (10:01 +0000)
commit55900577757019bbdf16128cf0d7cee356770247
tree2072bdba99770a2786fa4440414c200e1f095635tree
parent7f4f9a3277b28b85c5d280775f9f3571c77f1c07commit | diff
CVE-2022-38023 s3:rpc_server/netlogon: Check for global "server schannel require seal"

By default we'll now require schannel connections with privacy/sealing/encryption.

But we allow exceptions for specific computer/trust accounts.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15240

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit a0b97e262318dc56fe663da89b0ee3172b2e7848)
source3/rpc_server/netlogon/srv_netlog_nt.c diff | blob | history
Samba Shared Repository