[SCM] Samba Shared Repository - branch v4-17-test updated

Wed, 14 Dec 2022 06:47:12 -0800 

The branch, v4-17-test has been updated
       via  1c7d60ee090 s4:libnet: correctly handle gnutls_pbkdf2() errors
       via  77fb5b47621 s4:libnet: fix error string for failing 
samr_ChangePasswordUser4()
      from  5048d63c92e CVE-2022-37966 python:/tests/krb5: call 
sys.path.insert(0, "bin/python") before any other imports

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-17-test


- Log -----------------------------------------------------------------
commit 1c7d60ee090155e0222284e937dd553d1eccc929
Author: Stefan Metzmacher <me...@samba.org>
Date:   Wed Dec 14 10:37:41 2022 +0100

    s4:libnet: correctly handle gnutls_pbkdf2() errors
    
    We should not ignore the error nor should we map
    GNUTLS_E_UNWANTED_ALGORITHM to NT_STATUS_WRONG_PASSWORD,
    instead we use NT_STATUS_CRYPTO_SYSTEM_INVALID as in most other places
    in the same file.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Björn Baumbach <bbaumb...@samba.org>
    
    Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
    Autobuild-Date(master): Wed Dec 14 13:35:20 UTC 2022 on sn-devel-184
    
    (cherry picked from commit eb5df255faea7326a7b85c1e7ce5a66119a27c3a)
    
    Autobuild-User(v4-17-test): Stefan Metzmacher <me...@samba.org>
    Autobuild-Date(v4-17-test): Wed Dec 14 14:46:02 UTC 2022 on sn-devel-184

commit 77fb5b4762198d7fa1727b6e0b35cb172de1d627
Author: Stefan Metzmacher <me...@samba.org>
Date:   Wed Dec 14 10:32:31 2022 +0100

    s4:libnet: fix error string for failing samr_ChangePasswordUser4()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=15206
    
    Signed-off-by: Stefan Metzmacher <me...@samba.org>
    Reviewed-by: Björn Baumbach <bbaumb...@samba.org>
    (cherry picked from commit 53d558365161be1793dad78ebcce877c732f2419)

-----------------------------------------------------------------------

Summary of changes:
 source4/libnet/libnet_passwd.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c
index 8fc4715a209..d7e9400b559 100644
--- a/source4/libnet/libnet_passwd.c
+++ b/source4/libnet/libnet_passwd.c
@@ -81,7 +81,10 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX 
*mem_ctx,
                           cek.length);
        BURN_DATA(old_nt_key_data);
        if (rc < 0) {
-               status = gnutls_error_to_ntstatus(rc, NT_STATUS_WRONG_PASSWORD);
+               status = gnutls_error_to_ntstatus(rc, 
NT_STATUS_CRYPTO_SYSTEM_INVALID);
+               if (!NT_STATUS_IS_OK(status)) {
+                       goto done;
+               }
        }
 
        status = init_samr_CryptPasswordAES(mem_ctx,
@@ -105,13 +108,13 @@ static NTSTATUS libnet_ChangePassword_samr_aes(TALLOC_CTX 
*mem_ctx,
                goto done;
        }
        if (!NT_STATUS_IS_OK(r.out.result)) {
+               status = r.out.result;
                *error_string = talloc_asprintf(mem_ctx,
                                                "samr_ChangePasswordUser4 for "
                                                "'%s\\%s' failed: %s",
                                                server->string,
                                                account->string,
                                                nt_errstr(status));
-               status = r.out.result;
                goto done;
        }
 


-- 
Samba Shared Repository

Reply via email to