sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-26 21:57:41 +03:00
Code

CVE-2021-3738 s4:rpc_server/dnsserver: make use of dcesrv_samdb_connect_as_user() helper

Browse Source 
This is not strictly required, but it makes it easier to audit that
source4/rpc_server no longer calls samdb_connect() directly.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Stefan Metzmacher 2021-08-05 14:22:47 +02:00 committed by Jule Anger
parent af6151ef12
commit 965fe0e906
1 changed files with 2 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
source4/rpc_server/dnsserver/dcerpc_dnsserver.c
View File

@ -22,6 +22,7 @@
#include "includes.h"
#include "talloc.h"
#include "rpc_server/dcerpc_server.h"
#include "rpc_server/common/common.h"
#include "dsdb/samdb/samdb.h"
#include "lib/util/dlinklist.h"
#include "librpc/gen_ndr/ndr_dnsserver.h"
@ -106,8 +107,6 @@ static void dnsserver_reload_zones(struct dnsserver_state *dsstate)
static struct dnsserver_state *dnsserver_connect(struct dcesrv_call_state *dce_call)
{
struct auth_session_info *session_info =
dcesrv_call_session_info(dce_call);
struct dnsserver_state *dsstate;
struct dnsserver_zone *zones, *z, *znext;
struct dnsserver_partition *partitions, *p;
@ -127,13 +126,7 @@ static struct dnsserver_state *dnsserver_connect(struct dcesrv_call_state *dce_c
dsstate->lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
/* FIXME: create correct auth_session_info for connecting user */
dsstate->samdb = samdb_connect(dsstate,
dce_call->event_ctx,
dsstate->lp_ctx,
session_info,
dce_call->conn->remote_address,
0);
dsstate->samdb = dcesrv_samdb_connect_as_user(dsstate, dce_call);
if (dsstate->samdb == NULL) {
DEBUG(0,("dnsserver: Failed to open samdb"));
goto failed;