1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

2440 Commits

Author SHA1 Message Date
Stefan Metzmacher
9263ce5752 dcesrv_core: better fault codes dcesrv_auth_prepare_auth3()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Oct 10 15:17:46 UTC 2024 on atb-devel-224
2024-10-10 15:17:46 +00:00
Stefan Metzmacher
8b8e4ff1b1 dcesrv_core: fix the auth3 for large ntlmssp messages
I know finding any real logic in reading the patch,
doesn't really show what's going on. I tried hard
to simplify it, but this is the only way I found
that fixed the test_auth_pad_ntlm_2889_auth3 test
without breaking other tests...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
31a422b7e5 dcesrv_core: alter_context logon failures should result in DCERPC_FAULT_ACCESS_DENIED
We should use DCERPC_FAULT_ACCESS_DENIED as default for
gensec status results of e.g. NT_STATUS_LOGON_FAILURE or
NT_STATUS_INVALID_PARAMTER.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
97545873eb dcesrv_core: a failure from gensec_update results in NAK_REASON_INVALID_CHECKSUM
We already report that for gensec_start_mech_by_authtype() failures,
but we also need to do that for any invalid authentication.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
85b2dcd938 dcerpc_util: let dcerpc_pull_auth_trailer() ignore data_and_pad for bind, alter, auth3
Sometimes Windows sends 3 presentation contexts (NDR32, NDR64,
BindTimeFeatureNegotiation) in the first BIND of an association.

Binding an additional connection to the association seems to
reuse the BIND buffer and just changes the num_contexts field from
3 to 2 and leaves the BindTimeFeatureNegotiation context as padding
in places.

Note, the auth_pad_length field is send as 0 in that case,
which means we need to ignore it completely, as well as any
padding before the auth header.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
7a6a1aae6f dcerpc_util: let dcerpc_pull_auth_trailer() expose the reject reason
If dcerpc_pull_auth_trailer() returns NT_STATUS_RPC_PROTOCOL_ERROR
it will return the BIND reject code in auth->auth_context_id.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
890fff1ca0 dcerpc_util: let dcerpc_pull_auth_trailer() check that auth_offset is 4 bytes aligned
That what Windows also asserts.

It also makes sure that ndr_pull_dcerpc_auth() will
start with ndr->offset = 0 and don't tries to eat
possible padding.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
09e8dd23ce dcesrv_core: introduce dcesrv_connection->transport_max_recv_frag
The max fragment size depends on the transport.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
ac5818f2dd dcesrv_core: add more verbose debugging for missing association groups
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
0acbbeab4d s4:librpc: provide py_schannel bindings
This will be used in the dcerpc.raw_protocol test.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
be02d4077d dcerpc_util: don't allow auth_padding for BIND, ALTER_CONTEXT and AUTH3 pdus
This is how Windows 2022 (and 2025 preview) behaves...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
8e6696b2ac dcesrv_core: return NAK_REASON_PROTOCOL_VERSION_NOT_SUPPORTED for binds without contexts
This is the error Windows 2022 (and 2025 preview) return.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Stefan Metzmacher
31c2f35bba dcesrv_core: disconnect after a fault with non AUTH_LEVEL_CONNECT bind
Without an auth context using DCERPC_AUTH_LEVEL_PACKET or higher
the fault to reject requests with an invalid auth level
should trigger a disconnect after sending the fault to
the client.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-10-10 14:01:04 +00:00
Volker Lendecke
5a3fd9c0f5 idl: Rename smb3_posix_cc_info.posix_perms to posix_mode
We'll stash the file type in there soon

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:46 +00:00
Volker Lendecke
bad2646ff0 libsmb: Move UNIX constants to smb3posix.idl
Make them available to python

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:46 +00:00
Volker Lendecke
57e23c92de idl: smb3posix.idl references NTTIME
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:46 +00:00
Stefan Metzmacher
9fe85a9353 librpc/rpc: un-const dcerpc_default_transport_endpoint()
It returns an alloced string so it should not be marked as
const...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
0e751215b3 librpc/rpc: add dcerpc_binding_handle_get_transport() helper function
This will allow callers to avoid the dcerpc_binding_handle_get_binding()
dcerpc_binding_get_transport() dance...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
a038e7d8cf librpc/rpc: add dcerpc_binding_handle_get_binding()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
1adf226e74 librpc/rpc: add get_binding() to dcerpc_binding_handle_ops
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
5e34173041 librpc/rpc: add dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
3dc3f9cf1b librpc/rpc: add dcerpc_binding_handle_transport_{encrypted,session_key}()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
492f6a0eef librpc/rpc: map DCERPC_NCA_S_UNSUPPORTED_TYPE to NT_STATUS_RPC_UNSUPPORTED_TYPE
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Stefan Metzmacher
722e93e4d9 librpc/rpc: map DCERPC_NCA_S_SERVER_TOO_BUSY to NT_STATUS_RPC_SERVER_TOO_BUSY
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-09-26 15:22:45 +00:00
Volker Lendecke
9d4a7a448e libndr: Use TALLOC_FREE instead of talloc_free
All the existing calls are right before returns, so they don't really
matter. But you never know when the code will change, and any compiler
will wipe the NULL assignment.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
2024-09-20 17:13:37 +00:00
Volker Lendecke
ae3bb10905 libndr: Apply endianness flags to subndr
We're creating a fresh subcontext for a "[MS-RPCE] 2.2.6 Type
Serialization Version 1". Probably nobody has tested a big endian
subcontext yet.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Sep 10 23:04:19 UTC 2024 on atb-devel-224
2024-09-10 23:04:19 +00:00
Volker Lendecke
10df1b9600 libndr: Align an integer type
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2024-09-10 21:54:36 +00:00
Volker Lendecke
eb882c1306 libndr: Use UINT32_MAX -- no need to count F's
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2024-09-10 21:54:36 +00:00
Volker Lendecke
b8064a77ee libndr: Remove duplicate prototype
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2024-09-10 21:54:36 +00:00
Volker Lendecke
4539a6048e libndr: We don't need "../" in includes, -I has what is needed
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2024-09-10 21:54:36 +00:00
Noel Power
3df816fcb8 librpc/ndr: Fix fuzz CI on latest tumbleweed
running samba-fuzz CI job on latest tumbleweed docker image results in;

../../librpc/ndr/ndr_orpc.c: In function ‘ndr_print_DUALSTRINGARRAY’:
../../librpc/ndr/ndr_orpc.c:97:49: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
   97 |                 snprintf(idx, sizeof(idx), "[%d]", i);
      |                                                 ^
../../librpc/ndr/ndr_orpc.c:97:17: note: ‘snprintf’ output between 4 and 14 bytes into a destination of size 13
   97 |                 snprintf(idx, sizeof(idx), "[%d]", i);
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../librpc/ndr/ndr_orpc.c:105:49: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
  105 |                 snprintf(idx, sizeof(idx), "[%d]", i);
      |                                                 ^
../../librpc/ndr/ndr_orpc.c:105:17: note: ‘snprintf’ output between 4 and 14 bytes into a destination of size 13
  105 |                 snprintf(idx, sizeof(idx), "[%d]", i);
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../librpc/ndr/ndr_orpc.c: In function ‘ndr_print_STRINGARRAY’:
../../librpc/ndr/ndr_orpc.c:159:49: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
  159 |                 snprintf(idx, sizeof(idx), "[%d]", i);
      |                                                 ^
../../librpc/ndr/ndr_orpc.c:159:17: note: ‘snprintf’ output between 4 and 14 bytes into a destination of size 13
  159 |                 snprintf(idx, sizeof(idx), "[%d]", i);
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Tue Sep 10 01:22:28 UTC 2024 on atb-devel-224
2024-09-10 01:22:28 +00:00
Volker Lendecke
5ad8536ec7 libsecurity: Simplify struct ace_condition_script
We only need the stack temporarily, no reason to put it in the struct

Signed-off-by: Volker Lendecke <vl@samba.org>
Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Sep  6 14:23:58 UTC 2024 on atb-devel-224
2024-09-06 14:23:58 +00:00
Stefan Metzmacher
d73c0e0d48 librpc/ndr: remove unused NDR_PUSH_ALLOC_SIZE()
Pair-Programmed-With: Volker Lendecke <vl@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-08-29 18:25:28 +00:00
Stefan Metzmacher
664eb19343 librpc/ndr: avoid alignment allocation in ndr_push_DATA_BLOB()
Pair-Programmed-With: Volker Lendecke <vl@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2024-08-29 18:25:28 +00:00
Volker Lendecke
df103890f9 libndr: Streamline ndr_token_retrieve_cmp_fn
Rename the public function to ndr_token_peek_cmp_fn, the only user
does not remove the token. Factor out ndr_token_find to move the
token-removing logic to ndr_token_retrieve, the only caller that does
remove the token.

Keep libndr at 6.0.0, this has not been released yet.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Aug 29 08:40:52 UTC 2024 on atb-devel-224
2024-08-29 08:40:52 +00:00
Volker Lendecke
f43ae1ab1a libndr: Simplify ndr_token_retrieve_cmp_fn()
Avoid an if-statement inside by passing a pointer-comparing function

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-29 07:22:34 +00:00
Douglas Bagnall
e2174dde74 ndr:dnsp: avoid theoretical int overflow (CID 1609418)
Coverity points out that if the string is longer than INT_MAX, the int
will overflow and the cast to uint8_t will discard bits.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Jo Sutton
09655e13ea librpc: Speed up GUID_buf_string()
This is faster than calling snprintf().

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2024-08-28 04:24:39 +00:00
Volker Lendecke
fab7416a3d idl: dnsp.h references NTTIME
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Aug 27 08:36:11 UTC 2024 on atb-devel-224
2024-08-27 08:36:11 +00:00
Volker Lendecke
50c7373f44 idl: misc.idl references DATA_BLOB
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
9b0fe3e66a idl: Remove unused KRB5_EDATA_NTSTATUS
I think the last user went away with e2028837b9 in 2017

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
99e4dc2ee1 idl: security.idl compiles with only secace.h
It does not need all of security.h

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
8291eb5f9b libndr: Use _talloc_array() to benefit from overflow protection
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
4a20037076 libndr: Remove 368 bytes from R/W data into R/O text segment
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jennifer Sutton <jsutton@samba.org>
2024-08-27 07:19:32 +00:00
Volker Lendecke
a32f52e573 librpc: Make NDR_PRINT_DEBUG call just one DEBUG
Give debug.c the chance to use just one write call (right now it
doesn't yet)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2024-06-28 13:26:24 +00:00
Douglas Bagnall
64003d8677 spelling: fix spelling of privilege.ldb in comments
'privileges' is a word, but the ldb referred to is privilege.ldb

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-05-22 04:23:29 +00:00
Stefan Metzmacher
0cc0970d35 dcesrv_reply: we don't need to call dcerpc_set_frag_length() in dcesrv_fault_with_flags()
dcerpc_ncacn_push_auth() already calls dcerpc_set_frag_length().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-23 16:23:38 +00:00
Volker Lendecke
0baae61e42 lib: Give lib/util/util_file.c its own header file
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
2024-04-16 23:51:45 +00:00
Vinit Agnihotri
644b50b05b messaging: Add new SMBD message
Signed-off-by: Vinit Agnihotri <vagnihotri@ddn.com>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-16 23:51:45 +00:00
Andreas Schneider
84d5150363 librpc:rpc: Add dcerpc_lsa.h
This adds AES constants by MS.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2024-04-09 22:52:38 +00:00