mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
dcesrv_core: disconnect after a fault with non AUTH_LEVEL_CONNECT bind
Without an auth context using DCERPC_AUTH_LEVEL_PACKET or higher the fault to reject requests with an invalid auth level should trigger a disconnect after sending the fault to the client. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
parent
93bd5ba609
commit
31c2f35bba
@ -2006,6 +2006,16 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call)
|
||||
auth->auth_level,
|
||||
derpc_transport_string_by_transport(transport),
|
||||
addr));
|
||||
if (!call->conn->got_explicit_auth_level_non_connect) {
|
||||
/*
|
||||
* If there was is no auth context with
|
||||
* a level higher than DCERPC_AUTH_LEVEL_CONNECT,
|
||||
* the connection should be disconnected
|
||||
* after sending the fault.
|
||||
*/
|
||||
return dcesrv_fault_disconnect0(call,
|
||||
DCERPC_FAULT_ACCESS_DENIED);
|
||||
}
|
||||
return dcesrv_fault(call, DCERPC_FAULT_ACCESS_DENIED);
|
||||
}
|
||||
break;
|
||||
@ -2026,6 +2036,16 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call)
|
||||
auth->auth_level,
|
||||
derpc_transport_string_by_transport(transport),
|
||||
addr));
|
||||
if (!call->conn->got_explicit_auth_level_non_connect) {
|
||||
/*
|
||||
* If there was is no auth context with
|
||||
* a level higher than DCERPC_AUTH_LEVEL_CONNECT,
|
||||
* the connection should be disconnected
|
||||
* after sending the fault.
|
||||
*/
|
||||
return dcesrv_fault_disconnect0(call,
|
||||
DCERPC_FAULT_ACCESS_DENIED);
|
||||
}
|
||||
return dcesrv_fault(call, DCERPC_FAULT_ACCESS_DENIED);
|
||||
}
|
||||
|
||||
@ -2197,6 +2217,8 @@ static NTSTATUS dcesrv_process_ncacn_packet(struct dcesrv_connection *dce_conn,
|
||||
dce_conn->default_auth_level_connect = NULL;
|
||||
if (auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
|
||||
dce_conn->got_explicit_auth_level_connect = true;
|
||||
} else if (auth_level >= DCERPC_AUTH_LEVEL_PACKET) {
|
||||
dce_conn->got_explicit_auth_level_non_connect = true;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -305,6 +305,7 @@ struct dcesrv_connection {
|
||||
struct dcesrv_auth *default_auth_state;
|
||||
size_t max_auth_states;
|
||||
struct dcesrv_auth *auth_states;
|
||||
bool got_explicit_auth_level_non_connect;
|
||||
bool got_explicit_auth_level_connect;
|
||||
struct dcesrv_auth *default_auth_level_connect;
|
||||
bool client_hdr_signing;
|
||||
|
28
selftest/expectedfail.d/samba4.rpc.backupkey
Normal file
28
selftest/expectedfail.d/samba4.rpc.backupkey
Normal file
@ -0,0 +1,28 @@
|
||||
# We require seal and the test also runs differently against Windows 2022 with sign
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.restore_guid.version.3\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.restore_guid_2nd\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.unable_to_decrypt_secret\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.wrong_user_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.wrong_version_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.empty_request_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_empty_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
|
@ -1,108 +0,0 @@
|
||||
^samba4.rpc.backupkey.with..backupkey.restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.restore_guid.version.3\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.restore_guid_2nd\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.unable_to_decrypt_secret\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.wrong_user_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.wrong_version_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.empty_request_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_empty_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with..backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.restore_guid.version.3\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.restore_guid_2nd\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.unable_to_decrypt_secret\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.wrong_user_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.wrong_version_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.empty_request_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_empty_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.restore_guid.version.3\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.restore_guid_2nd\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.unable_to_decrypt_secret\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.wrong_user_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.wrong_version_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.empty_request_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_empty_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.restore_guid.version.3\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.restore_guid_2nd\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.unable_to_decrypt_secret\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.wrong_user_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.wrong_version_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.empty_request_restore_guid\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_empty_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
|
||||
^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
|
@ -1 +0,0 @@
|
||||
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_lsa_multi_auth_connect...chgdcpass
|
Loading…
Reference in New Issue
Block a user