sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

CVE-2017-12150: s3:popt_common: don't turn a guessed username into a specified one

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12997

Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Stefan Metzmacher 2017-08-29 17:06:21 +02:00 committed by Karolin Seeger
parent 3d1c488c81
commit 44b47f2bae
3 changed files with 31 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
source3/include/auth_info.h
View File

@ -29,6 +29,7 @@ void set_cmdline_auth_info_from_file(struct user_auth_info *auth_info,
const char *get_cmdline_auth_info_username(const struct user_auth_info *auth_info);
void set_cmdline_auth_info_username(struct user_auth_info *auth_info,
const char *username);
void reset_cmdline_auth_info_username(struct user_auth_info *auth_info);
const char *get_cmdline_auth_info_domain(const struct user_auth_info *auth_info);
void set_cmdline_auth_info_domain(struct user_auth_info *auth_info,
const char *domain);

7
source3/lib/popt_common.c
View File

@ -247,8 +247,6 @@ void popt_common_credentials_set_delay_post(void)
void popt_common_credentials_post(void)
{
const char *username = NULL;
if (get_cmdline_auth_info_use_machine_account(cmdline_auth_info) &&
!set_cmdline_auth_info_machine_account_creds(cmdline_auth_info))
{
@ -268,10 +266,7 @@ void popt_common_credentials_post(void)
* correctly parsed yet. If we have a username we need to set it again
* to run the string parser for the username correctly.
*/
username = get_cmdline_auth_info_username(cmdline_auth_info);
if (username != NULL && username[0] != '\0') {
set_cmdline_auth_info_username(cmdline_auth_info, username);
}
reset_cmdline_auth_info_username(cmdline_auth_info);
}
static void popt_common_credentials_callback(poptContext con,

29
source3/lib/util_cmdline.c
View File

@ -37,6 +37,7 @@
struct user_auth_info {
struct cli_credentials *creds;
struct loadparm_context *lp_ctx;
bool got_username;
bool got_pass;
int signing_state;
bool smb_encrypt;
@ -93,6 +94,7 @@ void set_cmdline_auth_info_from_file(struct user_auth_info *auth_info,
if (!ok) {
exit(EIO);
}
auth_info->got_username = true;
}
const char *get_cmdline_auth_info_username(const struct user_auth_info *auth_info)
@ -123,11 +125,38 @@ void set_cmdline_auth_info_username(struct user_auth_info *auth_info,
exit(ENOMEM);
}
auth_info->got_username = true;
if (strchr_m(username, '%') != NULL) {
auth_info->got_pass = true;
}
}
void reset_cmdline_auth_info_username(struct user_auth_info *auth_info)
{
const char *username = NULL;
const char *new_val = NULL;
if (!auth_info->got_username) {
return;
}
username = cli_credentials_get_username(auth_info->creds);
if (username == NULL) {
return;
}
if (username[0] == '\0') {
return;
}
cli_credentials_parse_string(auth_info->creds,
username,
CRED_SPECIFIED);
new_val = cli_credentials_get_username(auth_info->creds);
if (new_val == NULL) {
exit(ENOMEM);
}
}
const char *get_cmdline_auth_info_domain(const struct user_auth_info *auth_info)
{
const char *domain = NULL;