1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

437 Commits

Author SHA1 Message Date
Samuel Cabrero
04172e966b s3:rpc_server: Remove s3 rpc server loop
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:36 +00:00
Samuel Cabrero
06a913a269 s3:rpc_server: Retrieve dcesrv_context from parent context to open NP
Get the dcesrv_context from parent context and use it to search the
endpoint serving the named pipe. Once we have the endpoint pass it to
the make_internal_rpc_pipe_socketpair function.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:35 +00:00
Douglas Bagnall
e737988641 dcerpc: developer option to save ndr_fuzz_X seeds
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 07:50:28 +00:00
Mathieu Parent
fbecbe4d9b Spelling fixes s/negotatie/negotiate/
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2019-09-01 22:21:25 +00:00
Samuel Cabrero
dde08e8f26 s3:rpc_server: Return NTSTATUS in is_known_pipename function
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-07-22 16:49:16 +00:00
Volker Lendecke
7841c62ae4 rpc_server3: Add a \n to a DEBUG message
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 22 19:02:32 UTC 2019 on sn-devel-144
2019-03-22 19:02:32 +00:00
Volker Lendecke
6aa0cc2570 rpc_server: Improve a debug message
A client sending us a bind with an unknown interface should not spam
syslog by default. Also, show what interface the client tried to connect
to.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-01-15 22:17:08 +01:00
Stefan Metzmacher
1f5a297b51 s3:rpc_server: wrap make_auth4_context() into {become,unbecome}_root()
This need to create a temporary messaging context in order to do
the auth logging. This can only be done as root.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12850

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Autobuild-User(master): Garming Sam <garming@samba.org>
Autobuild-Date(master): Mon Jul  3 08:15:29 CEST 2017 on sn-devel-144
2017-07-03 08:15:29 +02:00
Volker Lendecke
02a76d86db CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Wed May 24 14:34:30 CEST 2017 on sn-devel-144
2017-05-24 14:34:30 +02:00
Stefan Metzmacher
e217c2e30a s3:rpc_server: move gensec_update() out of auth_generic_server_authtype_start*()
We let the caller use auth_generic_server_step() instead.
This allows us to request GENSEC_FEATURE_SIGN_PKT_HEADER before
starting the gensec_update() dance.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-05-21 21:05:09 +02:00
Andrew Bartlett
7cbe1c844e s3-rpc_server: Provide hooks required for JSON message logging for the no-auth case
This is triggered in the ncacn_np pass-though case in particular

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2017-03-29 02:37:28 +02:00
Andrew Bartlett
d004196036 auth: Add hooks for notification of authentication events over the message bus
This will allow tests to be written to confirm the correct events are triggered.

We pass in a messaging context from the callers

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2017-03-29 02:37:28 +02:00
Andrew Bartlett
366f8cf090 auth: Log the transport connection for the authorization
We also log if a simple bind was over TLS, as this particular case matters to a lot of folks

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2017-03-29 02:37:27 +02:00
Andrew Bartlett
2028b84c16 s3-rpc_server: Log authorization to DCE/RPC for anonymous and ncacn_np pass-though
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:27 +02:00
Andrew Bartlett
85536c1ff3 auth: Always supply both the remote and local address to the auth subsystem
This ensures that gensec, and then the NTLM auth subsystem under it, always gets the
remote and local address pointers for potential logging.

The local address allows us to know which interface an authentication is on

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:26 +02:00
Andrew Bartlett
d82ac32eb7 s3-auth: Pass service_description into gensec via auth_generic_prepare()
This allows the GENSEC service description to be set from the various callers
that go via this function.

The RPC service description is the name of the interface from the IDL.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:25 +02:00
Günther Deschner
567465546f s3-rpc_server: setup secondary address for tcp transport in bind_ack packet.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-06 12:28:18 +01:00
Günther Deschner
3e084ea6ce s3-rpc_server: enforce packet level authentication for iremotewinspool server
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-06 12:28:18 +01:00
Günther Deschner
1ec825b28a s3-rpc_server: allow to set minimal auth level for a DCE/RPC service
Guenther

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-06 12:28:18 +01:00
Stefan Metzmacher
3b82d6cc2e s3:rpc_server: add support for DCERPC_AUTH_LEVEL_PACKET
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:16 +02:00
Stefan Metzmacher
4464896167 dcerpc.idl: split the padding from a possible fault buffer in dcerpc_fault
The 4 bytes of padding are always present and part of the header.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:12 +02:00
Stefan Metzmacher
65d9ab0540 CVE-2015-5370: s3:rpc_server: verify auth_context_id in api_pipe_{bind_auth3,alter_context}
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:32 +02:00
Stefan Metzmacher
1c0f927a4e CVE-2015-5370: s3:rpc_server: make use of pipe_auth_data->auth_context_id
This is better than using hardcoded values.
We need to use the value the client used in the BIND request.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:32 +02:00
Stefan Metzmacher
dc91d35257 CVE-2015-5370: s3:rpc_server: don't allow an existing context to be changed in check_bind_req()
An alter context can't change the syntax of an existing context,
a new context_id will be used for that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:32 +02:00
Stefan Metzmacher
3fdc4de983 CVE-2015-5370: s3:rpc_server: check the transfer syntax in check_bind_req() first
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:32 +02:00
Stefan Metzmacher
28661caa9f CVE-2015-5370: s3:rpc_server: use DCERPC_NCA_S_PROTO_ERROR FAULTs for protocol errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:32 +02:00
Stefan Metzmacher
6c9a2d3894 CVE-2015-5370: s3:rpc_server: let a failing BIND mark the connection as broken
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:32 +02:00
Stefan Metzmacher
a18a811ce4 CVE-2015-5370: s3:rpc_server: make use of dcerpc_verify_ncacn_packet_header() to verify incoming pdus
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:32 +02:00
Stefan Metzmacher
ab29002ddc CVE-2015-5370: s3:rpc_server: verify presentation context arrays
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
e4fa243aa3 CVE-2015-5370: s3:rpc_server: use 'alter' instead of 'bind' for variables in api_pipe_alter_context()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Jeremy Allison
f74c4c8335 CVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violate the spec
The first pdu is always a BIND.

REQUEST pdus are only allowed once the authentication
is finished.

A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
302d927ac2 CVE-2015-5370: s3:rpc_server: make sure auth_level isn't changed by alter_context or auth3
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
46436d01da CVE-2015-5370: s3:rpc_server: let a failing auth3 mark the authentication as invalid
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
f8aa62d697 CVE-2015-5370: s3:rpc_server: don't allow auth3 if the authentication was already finished
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
b4e38e29e8 CVE-2015-5370: s3:rpc_server: don't ignore failures of dcerpc_push_ncacn_packet()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
84027af3ab CVE-2015-5370: s3:rpc_server: just call pipe_auth_generic_bind() in api_pipe_bind_req()
pipe_auth_generic_bind() does all the required checks already
and an explicit DCERPC_AUTH_TYPE_NONE is not supported.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
ca96d57816 CVE-2015-5370: s3:rpc_server: let a failing sec_verification_trailer mark the connection as broken
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
3f02e04221 CVE-2015-5370: s3:rpc_server: make use of dcerpc_pull_auth_trailer() in api_pipe_{bind_req,alter_context,bind_auth3}()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
642fe0aa16 CVE-2015-5370: s3:librpc/rpc: remove auth trailer and possible padding within dcerpc_check_auth()
This simplifies the callers a lot.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:31 +02:00
Stefan Metzmacher
339e306672 CVE-2016-2118: s3:rpc_server/{epmapper,echo}: allow DCERPC_AUTH_LEVEL_CONNECT by default
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
41bccb5ae5 CVE-2016-2118: s3:rpc_server/{samr,lsa,netlogon}: reject DCERPC_AUTH_LEVEL_CONNECT by default
This prevents man in the middle downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Pair-Programmed-With: Günther Deschner <gd@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
7fab11e2eb CVE-2016-2118: s3:rpc_server: make use of "allow dcerpc auth level connect"
With this option turned off we only allow DCERPC_AUTH_LEVEL_{NONE,INTEGRITY,PRIVACY},
this means the reject any request with AUTH_LEVEL_CONNECT with ACCESS_DENIED.

We sadly need to keep this enabled by default for now.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Pair-Programmed-With: Günther Deschner <gd@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:27 +02:00
Stefan Metzmacher
a6a6795826 s3:rpc_server: remove pad handling from api_pipe_alter_context()
This is not needed and windows doesn't use it.
The padding is for the payload in request and response.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-06-23 14:38:53 +02:00
Stefan Metzmacher
b2e042ad96 s3:librpc/rpc: fix padding calculation in dcerpc_guess_sizes()
The padding needs to be relative to the payload start not to the pdu start.
We also need align the padding to DCERPC_AUTH_PAD_ALIGNMENT (16 bytes).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-06-23 14:38:53 +02:00
Richard Sharpe
a685404dce Convert all uses of uint32/16/8 to _t in source3/rpc_server.
Signed-off-by: Richard Sharpe <rsharpe@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-05-12 01:32:12 +02:00
Volker Lendecke
40a317f092 rpc_server: Fix CID 1035535 Uninitialized scalar variable
I believe this can't happen, but better be safe than sorry

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Mar  4 17:14:53 CET 2015 on sn-devel-104
2015-03-04 17:14:53 +01:00
Volker Lendecke
8f7bdc8194 rpc_server: Fix CID 1035534 Uninitialized scalar variable
I believe this can't happen, but better be safe than sorry

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-03-04 14:46:08 +01:00
Andrew Bartlett
d0a0af3550 librpc: gensec is our security provider abstraction, remove a void *
Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-09-27 01:35:36 +02:00
Andreas Schneider
6ede575fc4 s3-rpc_server: Use gensec for NCALRPC_AS_SYSTEM.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-24 11:21:05 +02:00
Stefan Metzmacher
1f4c20f2c3 s3:rpc_server: pass everything but AUTH_TYPE_{NONE,NCALRPC_AS_SYSTEM} to gensec
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-04-24 11:21:05 +02:00