1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

4583 Commits

Author SHA1 Message Date
Simo Sorce
01319b6e65 Revert "Use "localhost" to be ipv6 only friendly"
This reverts commit 54548f6dde3cf74f0e90ef577a55fd720dca6d93.
2018-03-19 15:34:32 +01:00
Simo Sorce
3e8c50901c Use "localhost" to be ipv6 only friendly
Signed-off-by: Simo Sorce <idra@samba.org>
2018-03-19 15:34:32 +01:00
Stefan Metzmacher
0ee9a55094 s3:rpc_server: make use of make_session_info_anonymous()
For unauthenticated connections we should default to a
session info with an anonymous nt token.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-03-15 21:54:17 +01:00
Jeremy Allison
c41895be82 CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11343

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Mar 13 16:06:10 CET 2018 on sn-devel-144
2018-03-13 16:06:10 +01:00
Andreas Schneider
d4ccca2d66 s3:spoolss: Remove incorrect fall through comment in srv_spoolss_nt.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:44 +01:00
Andreas Schneider
cafe8ac965 s3:lsa: Add FALL_THROUGH statements in srv_lsa_nt.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:43 +01:00
Andreas Schneider
d17cb7cebf s3:rpc_server: Add FALL_THROUGH statements in rpc_server.c
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-03-01 04:37:42 +01:00
Volker Lendecke
9d7701c923 srvsvc: Avoid a dependency on share_mode_entry->id
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
fc424b28cd smbd: Pass "file_id" explicitly into share_mode_entry_to_message()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
c1079e3d2a srvsvc: Use the passed-in file_id
The one in share_mode_entry will go

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
9487510e9e smbd: Pass in "file_id" into share_mode_str()
This used to directly access share_entry->id, which will go

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
786e307fd4 srvsvc: Use the passed-in file id, not the one from share_mode_entry
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
f519162657 smbd: Pass "file_id" through share_entry_forall
It's also in the share_entry, but that is redundant and will go

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-02-13 00:26:43 +01:00
Volker Lendecke
a63aafb05d srcctl3: Improve debug messages
A customer's syslog was filled with

_svcctl_OpenServiceW: Failed to get a valid security descriptor

messages. This improves the messages to give info about which service failed
with which error code. Also, it makes OpenServiceW fail with the same error
message Windows fails with for unknown services.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jan 16 02:43:03 CET 2018 on sn-devel-144
2018-01-16 02:43:03 +01:00
Volker Lendecke
6aa0cc2570 rpc_server: Improve a debug message
A client sending us a bind with an unknown interface should not spam
syslog by default. Also, show what interface the client tried to connect
to.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-01-15 22:17:08 +01:00
Gary Lockyer
3a504d48c3 source3/rpc_server/rpc_server.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept.  This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-12-18 04:38:20 +01:00
Volker Lendecke
41cfc737df lib: Remove unused serverid.tdb
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Dec  5 04:58:26 CET 2017 on sn-devel-144
2017-12-05 04:58:26 +01:00
Volker Lendecke
6423ca4bf2 lib: Use messaging_send_all instead of message_send_all
Just a global search&replace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-12-05 00:56:13 +01:00
Volker Lendecke
fc2f0023a0 messaging: Remove the "n_sent" arg from message_send_all
The only user of this is an informative message in smbcontrol. I don't think
that's worth the effort.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-12-05 00:56:12 +01:00
Uri Simchoni
80b4b53fba s3-rpc-server: fix type of enum in lsa server
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-11-22 10:20:21 +01:00
Marc Muehlfeld
36cbb4ad49 Updated error message text and reduced its debug level
Previously, "net rpc share add|remove" commands failed if no
"add|delete share command" parameter was set in smb.conf. However,
the error was only logged at level 10 and not very clear.
This patch updates the error message text and sets the log level of this
error to 1 to make it more obvious what is missing.

Signed-off-by: Marc Muehlfeld <mmuehlfeld@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-10-12 21:14:13 +02:00
Samuel Cabrero
fc03049ca1 s3: spoolss: Fix GUID string format on GetPrinter info
Fix regression introduced by commit a4157e7c5d which removed the braces
around the printer GUID in the printer info level 7 structure.

MS-RPRN section 2.2 says this protocol uses curly-braced GUIDs so printers
are deleted from the directory by the domain controller's pruning service.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12993

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct  6 05:21:25 CEST 2017 on sn-devel-144
2017-10-06 05:21:25 +02:00
Ralph Boehme
7b58c8f544 s3/mdssvc: missing assignment in sl_pack_float
Spotted by -Werror=maybe-uninitialized:

../source3/rpc_server/mdssvc/marshalling.c: In function ‘sl_pack_float’:
../source3/rpc_server/mdssvc/marshalling.c:171:11: error:
‘ieee_fp_union.w’ may be used uninitialized in this function
[-Werror=maybe-uninitialized]
  offset = sl_push_uint64_val(buf, offset, bufsize, ieee_fp_union.w);

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12991

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-08-29 01:00:34 +02:00
Andreas Schneider
f9c0a8e3e0 s3:spoolss: Set timeout values to the one which Windows uses by default
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2017-08-24 09:30:33 +02:00
Gary Lockyer
1898096c7e rpc: use symbolic constant to replace /root/ncalrpc_as_system
Modified to use constant AS_SYSTEM_MAGIC_PATH_TOKEN instead of string literal
"/root/ncalrpc_as_system"

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2017-07-24 23:29:22 +02:00
Andrew Bartlett
fca8536a82 samr: Disable NTLM-based password changes on the server if NTLM is disabled
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-07-04 06:57:21 +02:00
Andrew Bartlett
e23e8d9ff9 s3-rpc_server: Disable the NETLOGON server by default
The NETLOGON server is only needed when the classic/NT4 DC is enabled
and has been the source of security issues in the past.  Therefore
reduce the attack surface.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-07-04 06:57:20 +02:00
Stefan Metzmacher
1f5a297b51 s3:rpc_server: wrap make_auth4_context() into {become,unbecome}_root()
This need to create a temporary messaging context in order to do
the auth logging. This can only be done as root.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12850

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Jul  3 08:15:29 CEST 2017 on sn-devel-144
2017-07-03 08:15:29 +02:00
Jeremy Allison
6acb0d6ca0 s3: VFS: Change SMB_VFS_CHDIR to use const struct smb_filename * instead of const char *.
We need to migrate all pathname based VFS calls to use a struct
to finish modernising the VFS with extra timestamp and flags parameters.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
2017-07-01 03:07:11 +02:00
Stefan Metzmacher
5f6f4ea01a s3:rpc_server/spoolss: allow spoolss_connect_to_client() to use SMB2
It's just required that we can run DCERPC over the connection.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-06-22 13:07:39 +02:00
Andreas Schneider
cbf67123e0 s3:smbd: Pass down remote and local address to get_referred_path()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12687

Pair-Programmed-With: Ralph Boehme <slow@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2017-05-31 02:24:18 +02:00
Garming Sam
fd29e28d52 netlogon: Implement SendToSam along with its winbind forwarding
This allows you to forward bad password count resets to 0. Currently,
there is a missing access check for the RODC to ensure it only applies
to cached users (msDS-Allowed-Password-Replication-Group).

(further patches still need to address forcing a RWDC contact)

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-05-30 08:06:07 +02:00
Volker Lendecke
02a76d86db CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Wed May 24 14:34:30 CEST 2017 on sn-devel-144
2017-05-24 14:34:30 +02:00
Jeremy Allison
f2f936a961 s3: smbd: We can now remove the 'bool dfs_path' parameter from filename_convert().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2017-05-22 18:41:16 +02:00
Stefan Metzmacher
e217c2e30a s3:rpc_server: move gensec_update() out of auth_generic_server_authtype_start*()
We let the caller use auth_generic_server_step() instead.
This allows us to request GENSEC_FEATURE_SIGN_PKT_HEADER before
starting the gensec_update() dance.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-05-21 21:05:09 +02:00
Günther Deschner
02b4275e6d s3-rpc_server: remove some dead prototypes
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-10 15:53:20 +02:00
Günther Deschner
cb17fcc5f5 s3-spoolss: add winreg_del_driver_package_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue May  9 20:44:17 CEST 2017 on sn-devel-144
2017-05-09 20:44:17 +02:00
Günther Deschner
1e81178e2b s3-spoolss: add winreg_get_driver_package_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 16:43:13 +02:00
Günther Deschner
5a3b99b7ce s3-spoolss: add winreg_add_driver_package_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 16:43:13 +02:00
Günther Deschner
48e65a15ac s3-spoolss: add winreg_add_core_driver_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 16:43:13 +02:00
Günther Deschner
5eeb178fe8 s3-spoolss: add winreg_get_core_driver_internal()
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-05-09 16:43:13 +02:00
Jeremy Allison
306783d6f5 lib: modules: Change XXX_init interface from XXX_init(void) to XXX_init(TALLOC_CTX *)
Not currently used - no logic changes inside.

This will make it possible to pass down a long-lived talloc
context from the loading function for modules to use instead
of having them internally all use talloc_autofree_context()
which is a hidden global.

Updated all known module interface numbers, and added a
WHATSNEW.

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Böhme <slow@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Apr 22 01:17:00 CEST 2017 on sn-devel-144
2017-04-22 01:17:00 +02:00
Alexander Bokovoy
ff4fb6935a _netr_ServerPasswordSet2: use info level 26 to set plain text machine password
To support password change for machine or trusted domain accounts in Active
Directory environment we need to pass down actual plain text password
instead of NT hashes. This would allow a backend like ipasam to update
Kerberos keys as well as NT hashes.

By calling samr_SetUserInfo2 info level 26 we ensure PASSDB layer can
actually get the plain text password. If PASSDB backend implements
pdb_update_sam_account() callback, it then gets the plain text password
from samr_SetUserInfo2.

A plain text password is a data blob represented as up to 256 WCHARs. It
is UTF-16 coded on wire and we have its length from the buffer.
SetUserInfo2 SAMR call chain in decode_pw_buffer() does explicitly
expect 512+4 bytes in the buffer. It then calls convert_string_talloc()
to convert it to UNIX charset passing the correct value of the plaintext
password length. However, convert_string_talloc() expects the length of
input string *including* the terminating null and we pass just the
string length.

convert_string_talloc() then explicitly null-terminates the resulting
string by adding two nulls. In most cases UNIX charset is UTF-8, so we
get null-terminated UTF-8 string down to PASSDB layer.

MS-SAMR does not limit what does the password should contain.  It says
it is 'userPassword' value. Either 'userPassword' or 'unicodePwd' cannot
contain null characters according to MS-ADTS 3.1.1.3.1.5 because they
must be proper UTF-8 and UTF-16 strings accordingly.

We are talking to our own SAMR service here.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-04-18 22:54:17 +02:00
Gary Lockyer
f1603598d6 rpc_server: Re-order and rename remote and local address in np_open()
We use this order and name consistently eleswhere.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2017-03-29 02:37:29 +02:00
Andrew Bartlett
7cbe1c844e s3-rpc_server: Provide hooks required for JSON message logging for the no-auth case
This is triggered in the ncacn_np pass-though case in particular

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2017-03-29 02:37:28 +02:00
Andrew Bartlett
e9611b4bd0 s3-rpc_server: Re-order and rename remote and local address in make_external_rpc_pipe{,_p}()
We use this order and name consistently eleswhere.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2017-03-29 02:37:28 +02:00
Andrew Bartlett
7505ae043d s3-rpc_server: pass remote and local address to rpc_pipe_open_external
We want the real client address here for audit purposes, if possible.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2017-03-29 02:37:28 +02:00
Gary Lockyer
3d99831ec9 s3-rpc_server: Rename client -> remote_client and server -> local_server
This changes struct dcerpc_ncacn_conn

While these names may have been clear, much of Samba uses
remote_address and local_address, and this difference has hidden bugs.

By using both names we avoid a little of this.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:28 +02:00
Gary Lockyer
7bb21df258 s3-rpc_server: Re-order local and remote address in make_server_pipes_struct()
The rest of the code uses remote before local, and this
often causes bugs

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:28 +02:00
Gary Lockyer
689e251056 s3-named_pipe_auth: Rename client -> remote_client and server -> local_server
This brings the callers of named_pipe_auth in line with that subsystem.

Much of Samba uses remote_address and local_address, and this difference
has hidden bugs

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:28 +02:00