1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-14 19:24:43 +03:00

1776 Commits

Author SHA1 Message Date
Stefan Metzmacher
9722f064e7 librpc/ndr: add support for NDR_ALIGN* to ndr_push_short_relative_ptr2()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-27 05:00:15 +02:00
Stefan Metzmacher
582f506655 librpc/tools: correctly validate relative pointers in ndrdump
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-27 05:00:15 +02:00
Andrew Bartlett
4304eac854 librpc: Avoid talloc in GUID_from_data_blob()
This is often found in inner loops in the dsdb code, because LDB DNs often contain a GUID string

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-06-27 00:18:17 +02:00
Stefan Metzmacher
aef0323028 librpc/rpc: ignore invalid auth_pad_length values in BIND, ALTER and AUTH3 pdus
This is a workarround for a bug in old Samba releases.
For BIND_ACK <= 3.5.x and for ALTER_RESP <= 4.2.x (see bug #11061).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11982

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-06-24 14:09:02 +02:00
Stefan Metzmacher
3f7e3ed8a2 librpc/rpc: let dcerpc_pull_auth_trailer() check that auth_pad_length fits within the whole pdu.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11982

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-06-24 14:09:02 +02:00
Stefan Metzmacher
f386e81b98 librpc/rpc: let dcerpc_pull_auth_trailer() only accept auth_length!=NULL or auth_data_only=true
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11982

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-06-24 14:09:02 +02:00
Stefan Metzmacher
d9e242e903 dcerpc.idl: remove unused DCERPC_NCACN_PAYLOAD_MAX_SIZE
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11948

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-06-24 14:09:01 +02:00
Stefan Metzmacher
281e11b53f dcerpc.idl: add DCERPC_NCACN_{REQUEST,RESPONSE}_DEFAULT_MAX_SIZE
This will replace DCERPC_NCACN_PAYLOAD_MAX_SIZE (4 MByte),
this limit is too strict for some workloads, e.g. DRSUAPI replication
with large objects.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11948

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-06-23 00:50:17 +02:00
Garming Sam
e37af464e1 drsuapi.idl: Add attid used in testing in idl
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11960
2016-06-16 04:40:13 +02:00
Ralph Boehme
bea4aec521 librpc/dns: remove original_id from dns_fake_tsig_rec
Cf RFC2845, 3.4.2. "TSIG Variables", the request id (original_id) is not
used in the MAC calculation. This also explains the mysterious 2 bytes
padding.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11520

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-06-16 00:06:27 +02:00
Ralph Boehme
a51f998956 librpc/dns: don't compress strings in TKEY and TSIG responses
Certain DNS clients fail TSIG record MAC validation if the TSIG record
contains compressed strings.

Windows DNS server behaviour seems to be to not send compressed names in
TKEY and TSIG records.

This patch ensures we conform to this behaviour.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11520

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-06-16 00:06:27 +02:00
Ralph Boehme
df079962ef librpc/ndr: add flag LIBNDR_FLAG_NO_COMPRESSION
This flag can be used to change marshalling behaviour with regard to
compression.

Example: DNS packets make use of so called DNS name compression which
means that for identical strings in a DNS packet, the second string is
replaced with a reference (an offset) to the first.

Setting this flag requests to turns off the marshalling compression.

This will be used in the next commit to prevent name compression in DNS
TSIG records.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11520

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-06-16 00:06:27 +02:00
Andrew Bartlett
98712e9bda libndr: Add ndr_pull_struct_blob_all_noalloc
This allows us to remove talloc() calls from GUID_from_ndr_blob().

To do this the struct ndr_pull is placed on the stack, and filled in there.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-05-03 08:10:10 +02:00
Garming Sam
89f5bbc971 dns: remove double talloc for strings
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-05-03 08:10:09 +02:00
Stefan Metzmacher
5108d26add CVE-2015-5370: librpc/rpc: don't allow pkt->auth_length == 0 in dcerpc_pull_auth_trailer()
All callers should have already checked that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
0fa8378fc5 CVE-2015-5370: librpc/rpc: add a dcerpc_verify_ncacn_packet_header() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:29 +02:00
Stefan Metzmacher
8e19ce76da CVE-2015-5370: librpc/rpc: simplify and harden dcerpc_pull_auth_trailer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
63a7d05d8c CVE-2015-5370: dcerpc.idl: add DCERPC_{NCACN_PAYLOAD,FRAG}_MAX_SIZE defines
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
d1c2ad4e16 CVE-2016-2118: librpc: change the default auth level from DCERPC_AUTH_LEVEL_CONNECT to DCERPC_AUTH_LEVEL_INTEGRITY
ncacn_ip_tcp:server should get the same protection as ncacn_np:server
if authentication and smb signing is used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
8b76b05fe7 CVE-2016-2110: ntlmssp.idl: add NTLMSSP_MIC_{OFFSET,SIZE}
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:23 +02:00
Volker Lendecke
bfc1d073b5 winbind: Pass down the domain name to xids2sids
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-03-30 14:27:23 +02:00
Douglas Bagnall
a3ffac33f2 ndrdump: add quiet flag
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-22 08:00:31 +01:00
Douglas Bagnall
c20e7b8c01 ndr: inline search for ndr_token_peek()
This is often a hot path, particularly with complex structures like
nt-acls.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-22 08:00:31 +01:00
Douglas Bagnall
7261433fe1 librpc ndr: add ndr_pull_steal_switch_value()
Switch values currently only have a peek variant, instead of a retrieve
variant for getting their values. This can create performance issues
with complex structures as the token list simply grows longer.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-22 08:00:31 +01:00
Stefan Metzmacher
c1e2a1f0a7 librpc/ndr: add ndr_ntlmssp_find_av() helper function
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-10 06:52:29 +01:00
Stefan Metzmacher
f4ff351016 ntlmssp.idl: make AV_PAIR_LIST public
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-10 06:52:29 +01:00
Stefan Metzmacher
ab54e0fd70 ntlmssp.idl: MsAvRestrictions is MsvAvSingleHost now
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-10 06:52:29 +01:00
Stefan Metzmacher
1f88812316 security.idl: add LSAP_TOKEN_INFO_INTEGRITY
This is used in [MS-KILE] and implicit in [MS-NLMP].

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-10 06:52:29 +01:00
Stefan Metzmacher
e9e9ba7eae librpc/rpc: add error mappings for NO_CALL_ACTIVE, OUT_OF_RESOURCES and BAD_STUB_DATA
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-10 06:52:26 +01:00
Stefan Metzmacher
5afc2d85b3 dcerpc.idl: make WERROR RPC faults available in ndr_print output
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-03-10 06:52:26 +01:00
Stefan Metzmacher
2e71f5d935 epmapper.idl: make epm_twr_t available in python bindings
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10 06:52:26 +01:00
Garming Sam
8e056caa8b CVE-2016-0771: dnsserver: don't force UTF-8 for TXT
While using a charset is not entirely logical, it allows testing of non
UTF-8 data (like inserting 0xFF into the TXT string).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10 06:52:25 +01:00
Stefan Metzmacher
d22a9f427c CVE-2016-0771: dns.idl: make use of dnsp_hinfo
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10 06:52:24 +01:00
Stefan Metzmacher
ee8d777bbf CVE-2016-0771: s4:dns_server: fix idl for dns_txt_record
From RFC 1035:

    3.3.14. TXT RDATA format

        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
        /                   TXT-DATA                    /
        +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+

    where:

    TXT-DATA        One or more <character-string>s.

    TXT RRs are used to hold descriptive text.  The semantics of the text
    depends on the domain where it is found.

Each record contains an array of strings instead of just one string.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10 06:52:24 +01:00
Stefan Metzmacher
1cc57a98d4 CVE-2016-0771: librpc: add ndr_dnsp_string_list_copy() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10 06:52:23 +01:00
Stefan Metzmacher
63b1fb06cf CVE-2016-0771: librpc: add RPC_NDR_DNSSERVER to dcerpc-samba library
RPC_NDR_DNSSERVER is the client interface NDR_DNSP contains just
marshalling helpers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10 06:52:23 +01:00
Stefan Metzmacher
42524c20a8 CVE-2016-0771: s4:librpc: python_dns and python_dcerpc_dnsp doesn't require client bindings
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-10 06:52:23 +01:00
Volker Lendecke
eeb0f3b075 winbind: Remove unused wbint_Gid2Sid
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-02-22 20:29:15 +01:00
Volker Lendecke
708df7e85c winbind: Remove unused wbint_Uid2Sid
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-02-22 20:29:15 +01:00
Volker Lendecke
24929ee081 winbind: Add wbint_UnixIDs2Sids
The idmap backend function is doing multiple conversions in one run, but this
is not used so far. First step in exposing plural xid2sid. This is a fake
routine in that it does the one-element calls, but you have to start somewhere.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2016-02-22 20:29:15 +01:00
Günther Deschner
ded0f3c8b7 ntlmssp: properly document version defines in IDL (from MS-NLMP).
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-02-04 09:29:16 +01:00
Günther Deschner
4be7451d9a ntlmssp: fix copy/paste typo in CHALLENGE_MESSAGE in IDL.
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-02-04 09:29:16 +01:00
Günther Deschner
feb4ee62c5 ntlmssp: add some missing defines from MS-NLMP to our IDL.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-02-04 09:29:16 +01:00
Volker Lendecke
88c4687945 idl: Rename "principle" to "principal_name"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2016-02-02 08:42:09 +01:00
Stefan Metzmacher
9c09911338 drsuapi.idl: add DRSUAPI_ATTID_objectGUID and DRSUAPI_ATTID_replPropertyMetaData
These might be usefull in future if we want to fast check
against dsdb_attribute->attributeID_id, instead of an expensive
ldb_attr_cmp(). They will never appear in replPropertyMetaData.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2016-02-01 09:53:10 +01:00
Stefan Metzmacher
5e91bf0337 idl:messagaing: add MSG_SMBXSRV_CONNECTION_PASS
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
2016-01-26 15:58:10 +01:00
Michael Adam
bc9e1fc70c librpc:idl: define FSCTL_NET_IFACE_NONE_CAPABLE in ioctl.idl
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-01-26 07:33:16 +01:00
Günther Deschner
cf163ac359 security: Add Asserted Identity sids (S-1-18)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11677

definitions taken from [MS-DTYP]: Windows Data Types,
2.4.2.4 Well-Known SID Structures.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-15 22:19:07 +01:00
Jelmer Vernooij
da8674c72a Rename 'errors' to 'samba-errors' and make it public.
This is necessary because it has public headers.

Signed-off-by: Jelmer Vernooij <jelmer@jelmer.uk>
Reviewed-By: Andrew Bartlett <abartlet@samba.org>
Reviewed-By: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date(master): Wed Jan 13 07:47:04 CET 2016 on sn-devel-144
2016-01-13 07:47:04 +01:00
Jelmer Vernooij
ffbd9c4584 Add a new header file for functions in lib/util/util.c.
This allows public headers to not include samba_util.h, but rather
specific header files under lib/util.

Signed-Off-By: Jelmer Vernooij <jelmer@samba.org>
Reviewed-By: Andrew Bartlett <abartlet@samba.org>
Reviewed-By: Stefan Metzmacher <metze@samba.org>
2016-01-13 04:43:23 +01:00