1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

CVE-2016-2118: s4:rpc_server/samr: reject DCERPC_AUTH_LEVEL_CONNECT by default

This prevents man in the middle downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This commit is contained in:
Stefan Metzmacher 2015-08-07 09:50:30 +02:00
parent fcdd15a93f
commit 398a21c57c
2 changed files with 10 additions and 0 deletions

View File

@ -99,6 +99,8 @@
^samba4.rpc.netlogon.*.DatabaseRedo ^samba4.rpc.netlogon.*.DatabaseRedo
^samba4.rpc.drsuapi.*ncacn_ip_tcp.*validate # should only work with seal ^samba4.rpc.drsuapi.*ncacn_ip_tcp.*validate # should only work with seal
^samba4.rpc.drsuapi.*ncacn_ip_tcp.*bigendian # should only work with seal ^samba4.rpc.drsuapi.*ncacn_ip_tcp.*bigendian # should only work with seal
^samba4.rpc.samr.passwords.validate.*ncacn_ip_tcp.*with.validate # should only work with seal
^samba4.rpc.samr.passwords.validate.*ncacn_ip_tcp.*with.bigendian # should only work with seal
^samba4.base.charset.*.Testing partial surrogate ^samba4.base.charset.*.Testing partial surrogate
^samba4.*.base.maximum_allowed # broken until we implement NTCREATEX_OPTIONS_BACKUP_INTENT ^samba4.*.base.maximum_allowed # broken until we implement NTCREATEX_OPTIONS_BACKUP_INTENT
.*net.api.delshare.* # DelShare isn't implemented yet .*net.api.delshare.* # DelShare isn't implemented yet

View File

@ -41,6 +41,14 @@
#include "lib/util/tsort.h" #include "lib/util/tsort.h"
#include "libds/common/flag_mapping.h" #include "libds/common/flag_mapping.h"
#define DCESRV_INTERFACE_SAMR_BIND(call, iface) \
dcesrv_interface_samr_bind(call, iface)
static NTSTATUS dcesrv_interface_samr_bind(struct dcesrv_call_state *dce_call,
const struct dcesrv_interface *iface)
{
return dcesrv_interface_bind_reject_connect(dce_call, iface);
}
/* these query macros make samr_Query[User|Group|Alias]Info a bit easier to read */ /* these query macros make samr_Query[User|Group|Alias]Info a bit easier to read */
#define QUERY_STRING(msg, field, attr) \ #define QUERY_STRING(msg, field, attr) \