sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-06 13:18:07 +03:00
Code

dcesrv_core: fix the auth3 for large ntlmssp messages

Browse Source 
I know finding any real logic in reading the patch,
doesn't really show what's going on. I tried hard
to simplify it, but this is the only way I found
that fixed the test_auth_pad_ntlm_2889_auth3 test
without breaking other tests...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 8b8e4ff1b1)
This commit is contained in:
Stefan Metzmacher 2020-11-13 10:55:43 +01:00 committed by Jule Anger
parent dae81f45a3
commit 4b60c66a9e
3 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
librpc/rpc/dcesrv_auth.c
View File

@ -130,6 +130,12 @@ static bool dcesrv_auth_prepare_gensec(struct dcesrv_call_state *call)
auth->auth_level = call->in_auth_info.auth_level;
auth->auth_context_id = call->in_auth_info.auth_context_id;
if (auth->auth_level == DCERPC_AUTH_LEVEL_CONNECT &&
!call->conn->got_explicit_auth_level_connect)
{
call->conn->default_auth_level_connect = auth;
}
cb->auth.become_root();
status = cb->auth.gensec_prepare(
auth,
@ -379,12 +385,6 @@ NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status)
}
auth->auth_finished = true;
if (auth->auth_level == DCERPC_AUTH_LEVEL_CONNECT &&
!call->conn->got_explicit_auth_level_connect)
{
call->conn->default_auth_level_connect = auth;
}
if (call->pkt.ptype != DCERPC_PKT_AUTH3) {
return NT_STATUS_OK;
}
@ -620,12 +620,12 @@ bool dcesrv_auth_pkt_pull(struct dcesrv_call_state *call,
return false;
}
if (!auth->auth_finished) {
call->fault_code = DCERPC_NCA_S_PROTO_ERROR;
if (auth->auth_invalid) {
return false;
}
if (auth->auth_invalid) {
if (!auth->auth_finished) {
call->fault_code = DCERPC_NCA_S_PROTO_ERROR;
return false;
}

6
librpc/rpc/dcesrv_core.c
View File

@ -2338,7 +2338,13 @@ static NTSTATUS dcesrv_process_ncacn_packet(struct dcesrv_connection *dce_conn,
dcesrv_default_auth_state_prepare_request(call);
if (call->auth_state->auth_started &&
!call->auth_state->auth_invalid &&
!call->auth_state->auth_finished) {
/*
* We have this check here instead of
* relying on the check in dcesrv_auth_pkt_pull()
* because the fault should have context_id=0
*/
return dcesrv_fault_disconnect(call,
DCERPC_NCA_S_PROTO_ERROR);
}

1
selftest/knownfail.d/dcerpc-auth-pad
View File

@ -1,4 +1,3 @@
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_ntlm
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_auth3_align2_spnego
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_pad_ntlm_2889_auth3
^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_spnego_auth3