mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s3:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid netr_LogonGetCapabilities levels
This is important as Windows clients with KB5028166 seem to call netr_LogonGetCapabilities with query_level=2 after a call with query_level=1. An unpatched Windows Server returns DCERPC_NCA_S_FAULT_INVALID_TAG for query_level values other than 1. While Samba tries to return NT_STATUS_NOT_SUPPORTED, but later fails to marshall the response, which results in DCERPC_FAULT_BAD_STUB_DATA instead. Because we don't have any documentation for level 2 yet, we just try to behave like an unpatched server and generate DCERPC_NCA_S_FAULT_INVALID_TAG instead of DCERPC_FAULT_BAD_STUB_DATA. Which allows patched Windows clients to keep working against a Samba DC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15418 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Mon Jul 17 07:35:09 UTC 2023 on atb-devel-224
This commit is contained in:
Stefan Metzmacher
parent
d5f1097b62
commit
dfeabce44f
@ -1 +0,0 @@
|
||||
^samba3.rpc.schannel.*\.schannel\(nt4_dc
|
||||
@ -2284,6 +2284,31 @@ NTSTATUS _netr_LogonGetCapabilities(struct pipes_struct *p,
|
||||
struct netlogon_creds_CredentialState *creds;
|
||||
NTSTATUS status;
|
||||
|
||||
switch (r->in.query_level) {
|
||||
case 1:
|
||||
break;
|
||||
case 2:
|
||||
/*
|
||||
* Until we know the details behind KB5028166
|
||||
* just return DCERPC_NCA_S_FAULT_INVALID_TAG
|
||||
* like an unpatched Windows Server.
|
||||
*/
|
||||
FALL_THROUGH;
|
||||
default:
|
||||
/*
|
||||
* There would not be a way to marshall the
|
||||
* the response. Which would mean our final
|
||||
* ndr_push would fail an we would return
|
||||
* an RPC-level fault with DCERPC_FAULT_BAD_STUB_DATA.
|
||||
*
|
||||
* But it's important to match a Windows server
|
||||
* especially before KB5028166, see also our bug #15418
|
||||
* Otherwise Windows client would stop talking to us.
|
||||
*/
|
||||
p->fault_state = DCERPC_NCA_S_FAULT_INVALID_TAG;
|
||||
return NT_STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
become_root();
|
||||
status = dcesrv_netr_creds_server_step_check(p->dce_call,
|
||||
p->mem_ctx,
|
||||
@ -2296,10 +2321,6 @@ NTSTATUS _netr_LogonGetCapabilities(struct pipes_struct *p,
|
||||
return status;
|
||||
}
|
||||
|
||||
if (r->in.query_level != 1) {
|
||||
return NT_STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
r->out.capabilities->server_capabilities = creds->negotiate_flags;
|
||||
|
||||
return NT_STATUS_OK;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user