1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

120409 Commits

Author SHA1 Message Date
Douglas Bagnall
7b265830ad lib/fuzzing: add fuzz_ndr_X
This NDR fuzzer links with each "interface" in the IDL files to
create avsingle binary.  This tries to matches what the fuzzing
engines desire.

It started as a copy of ndrdump but very little of that remains
in place.

The fancy build rules try to avoid needing a lof of boilerplate
in the wscript_build files and ensure new fuzzers are generated
and run when new IDL is added automatically.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 07:50:28 +00:00
Douglas Bagnall
ef5d79e24b pidl/tests/samba-ndr.pl: remove duplicate import
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Dec 10 04:16:31 UTC 2019 on sn-devel-184
2019-12-10 04:16:31 +00:00
Douglas Bagnall
fbe402edf5 pidl s4::Python: silence warnings
- do not redeclare variables in the same scope.
- use $1 instead of \1, which perl just prefers.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 02:53:35 +00:00
Douglas Bagnall
51a11afecf pidl Parse::Pidl::NDR: silence two warnings about undefined strings
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 02:53:35 +00:00
Douglas Bagnall
3c90c9de6f pidl Parse::Pidl::NDR: add HRESULT alignment
this is a guess

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 02:53:35 +00:00
Douglas Bagnall
33255102ac pidl Parse::Pidl::NDR: warn of unknown scalar alignments
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 02:53:35 +00:00
Douglas Bagnall
4de002a0f7 pidl s4::NDR::Parser: silence a warning
At level 0 there is no previous level so $pl is undefined thus so is ->{TYPE}

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 02:53:35 +00:00
Douglas Bagnall
aefce8e7c0 pidl s4::NDR::Parser: correct has_fast_array logic
Here we fix two bugs that cancelled each other out completely, so this
patch leaves us with exactly the same functionally as before.

Bug 1: In perl, return is *syntactically* a function.

That means 'return X or Y' is read as 'return(X) or Y', as in the
'open(X) or die "..."' construct -- Y is only evaluated if return
returns false. But return never returns, so Y is dead code. If in
doubt, try these:

perl -e "sub x {return 0 or die;} x"
perl -e "sub x {return (0 or die);} x"

What we *meant* here is 'return (X or Y)', BUT it turns out we were
confused -- the Y case was bogus.

Bug 2: string arrays never had "fast array logic" in the first place.

The fast array logic is for arrays of bytes, and can be fast (i.e.
memcpy) because there is no endianness to worry about. A string array
is an array of pointers not bytes.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 02:53:35 +00:00
Douglas Bagnall
2765b5c1a2 pidl s4::NDR::Parser: read hex numbers as numbers for ranges
Hex numbers in IDL are not parsed as numbers, resulting in warnings
like

Argument 0x2000 isn't numeric in numeric lt (<) at /home/douglas/src/samba/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm line 981

not to mention problematic code. We add a utility function to convert
these numbers to numbers.

A typical difference this makes is:

 --- old/default/librpc/gen_ndr/ndr_dcerpc.c     2019-11-30 23:40:32.915816967 +1300
 +++ new/default/librpc/gen_ndr/ndr_dcerpc.c     2019-11-30 17:00:09.055733660 +1300
 @@ -1893,7 +1893,7 @@
         if (ndr_flags & NDR_SCALARS) {
                 NDR_CHECK(ndr_pull_align(ndr, 4));
                 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->ReceiveWindowSize));
 -               if (r->ReceiveWindowSize > 0x40000) {
 +               if (r->ReceiveWindowSize < 8192 || r->ReceiveWindowSize > 262144) {
                         return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range");
                 }
                 NDR_CHECK(ndr_pull_trailer_align(ndr, 4));

Where the minimum ("0x2000" == 8192) was read as a string, thus
treated as zero.

The treatment as zero was introduced in 142b2a61f8
accidentially, which shows why warnings are important.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 02:53:35 +00:00
Douglas Bagnall
efef4366f1 pidl: use perl warnings
Warnings are good. If we turn on warnings with 'use warnings', we will
see bugs that have lain latent for years.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 02:53:34 +00:00
Andrew Bartlett
b6913830bf librpc/ndr: Do not follow a client-supplied NULL pointer in _print_drsuapi_DsAttributeValue_attid()
This is not a security issue as it only happens when printing the structure
during debugging, not normal production.

Found by Michael Hanselmann using an NDR fuzzer and Hongfuzz.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2019-12-10 02:53:34 +00:00
Andrew Bartlett
f786cdf5e8 selftest: Add ndrdump tests for malformed drsuapi traffic
Thanks to Douglas Bagnall for the samples, produced from seeds
generated by Samba's make test traffic, fuzzed by ndr_fuzz_X
and Hongfuzz.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2019-12-10 02:53:34 +00:00
Andreas Schneider
83ffe6752d pidl: Remove Parse/Yapp/Driver.pm
This file is provided by Parse::Yapp and on install we overwrite the
orignal file.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Dec 10 01:54:02 UTC 2019 on sn-devel-184
2019-12-10 01:54:02 +00:00
Isaac Boukris
fe2577a40c smbdes: remove old unused DES builtin-crypto
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
b5d8f1f78a sess_crypt_blob can only crypt blobs whose size divides by 8
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
a75ca8d5d5 session: convert sess_crypt_blob to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
dcc33103d5 smbdes: convert des_crypt112_16 to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
254739137b smbdes: convert des_crypt112 to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
dce944e8a1 smbdes: convert E_old_pw_hash to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
c57f429574 smbdes: convert des_crypt128() to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
a5548af018 smbdes: convert E_P24() and SMBOWFencrypt to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
2eef12904f smbdes: remove D_P16() (not used)
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
9fb6361a8b smbdes: convert E_P16() to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
ecee199803 smbdes: convert sam_rid_crypt() to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
bbcf568f31 SMBsesskeygen_lm_sess_key: use gnutls and return NTSTATUS
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
38189f76d8 netlogon_creds_des_encrypt/decrypt_LMKey: use gnutls and return NTSTATUS
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
0f855f1ab9 smbdes: add des_crypt56_gnutls() using DES-CBC with zeroed IV
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
2c470c8035 selftest: test sess_crypt_blob
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
6c5f153e47 selftest: test SMBsesskeygen_lm_sess_key
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
a4ec427e54 selftest: test des_crypt112_16
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
394debac6b selftest: test des_crypt112 and fix (unused) decryption
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
e2f8f686d1 selftest: test des_crypt128
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
8f042ba532 selftest: test E_old_pw_hash
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Isaac Boukris
dfad082596 selftest: test E_P24 and SMBOWFencrypt
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Isaac Boukris
0923f94bdc selftest: test sam_rid_crypt
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Isaac Boukris
7044a41a30 selftest: test E_P16
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Isaac Boukris
07b4606f89 libcli/auth: test des_crypt56() and add test_gnutls to selftest
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Andreas Schneider
01f531ba6b auth:tests: Only enable torture_gnutls_aes_128_cfb() on GnuTLS >= 3.6.11
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Andreas Schneider
1c65f1fddb auth:tests: Improve debug output of test_gnutls
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Andreas Schneider
adfdcc4791 s3:lib: Move NULL check before messaging_dgm_out_rearm_idle_timer()
We dereference out in messaging_dgm_out_rearm_idle_timer().

Found by covscan.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Andreas Schneider
8753d5f456 s3:smbd: Fix possible NULL deref in smbd_do_qfilepathinfo()
Found by covscan.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Andreas Schneider
cfa0526100 s3:torture: Do not segfault if cli is NULL
This can happen if we fail early and cli hasn't been initialized yet.

Found by covscan.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Andreas Schneider
94c3c12df1 s3:rpc_server: Fix string compare for utmp entries
The members of struct utmp are marked as nonstring. This means they
might not be nil-terminated.

Found by covscan.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Andreas Schneider
c2e55821bc s4:lib: Make sure we close fd's in error path
Found by covscan.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Volker Lendecke
bb2296f68a build: Fix the build without system gssapi headers
source4/heimdal/lib/gssapi/gssapi/gssapi_krb5.h and gssapi_spnego.h
have an #include <gssapi.h> which they need to find via the -I paths

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Dec 10 00:29:55 UTC 2019 on sn-devel-184
2019-12-10 00:29:54 +00:00
Ralph Boehme
a5e3db5b51 lib: spelling fix
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Dec  9 19:23:10 UTC 2019 on sn-devel-184
2019-12-09 19:23:10 +00:00
Volker Lendecke
f2a91426b7 smbd: Give a better error message for non-existing share modes
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Dec  9 17:33:42 UTC 2019 on sn-devel-184
2019-12-09 17:33:42 +00:00
Volker Lendecke
b6ffbc7d92 net: Extend some debug information
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-12-09 16:10:38 +00:00
Volker Lendecke
37fa97b20e smbd: Call reopen_logs() in the notifyd
If you have per-process logfiles with %d, the notifyd will get its
own logfile

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-12-09 16:10:38 +00:00
Volker Lendecke
27c69b5892 smbd: Call reopen_logs() in the smbd scavenger
If you have per-process logfiles with %d, the scavenger will get its
own logfile

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-12-09 16:10:38 +00:00