1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

1938 Commits

Author SHA1 Message Date
Volker Lendecke
f60780c8b6 libcli/dns: Fix TCP fallback
A customer has come across a DNS server that really just cuts a SRV
reply if it's too long. This makes the packet invalid according to
ndr_pull and according to wireshark. DNS_FLAG_TRUNCATION is however
set. As this seems to be legal according to the DNS RFCs, we need to
hand-parse the first two uint16's and look whether DNS_FLAG_TRUNCATION
is set.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jan 20 18:01:41 UTC 2022 on sn-devel-184
2022-01-20 18:01:41 +00:00
Volker Lendecke
8732561396 lib: Remove unused tstream_npa_socketpair()
This was used in the pre samba-dcerpcd source3 rpc server.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-18 20:22:38 +00:00
Stefan Metzmacher
23bedd69b2 libcli/auth: let NTLMv2_RESPONSE_verify_netlogon_creds ignore invalid netapp requests
We should avoid spamming the logs with wellknown messages like:
ndr_pull_error(Buffer Size Error): Pull bytes 39016

They just confuse admins (and developers).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14932

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-04 20:07:28 +00:00
Stefan Metzmacher
f123c1a171 libcli/auth: let NTLMv2_RESPONSE_verify_netlogon_creds ignore BUFFER_TOO_SMALL
Windows doesn't complain about invalid av_pair blobs,
we need to do the same.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14932

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-04 20:07:28 +00:00
Volker Lendecke
00e41d198d librpc: Get transport out of tstream_npa_accept_existing_recv()
To be used by the RPC servers in the next commit

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-12-10 14:02:30 +00:00
Volker Lendecke
1bab76223c librpc: Add named_pipe_auth_req_info5->transport
This will serve as a check to make sure that in particular a SAMR
client is really root. This is for example used in get_user_info_18()
handing out a machine password.

The unix domain sockets for NCACN_NP can only be contacted by root,
the "np\" subdirectory for those sockets is root/root 0700.

Connecting to such a socket is done in two situations: First, local
real root processes connecting and smbd on behalf of SMB clients
connecting to \\pipe\name, smbd does become_root() there. Via the
named_pipe_auth_req_info4 smbd hands over the SMB session information
that the RPC server blindly trusts. The session information (i.e. the
NT token) is heavily influenced by external sources like the KDC. It
is highly unlikely that we get a system token via SMB, but who knows,
this is information not fully controlled by smbd.

This is where this additional field in named_pipe_auth_req_info5 makes
a difference: This field is set to NCACN_NP by smbd's code, not
directly controlled by the clients. Other clients directly connecting
to a socket in "np\" is root anyway (only smbd can do become_root())
and can set this field to NCALRPC.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-12-10 14:02:30 +00:00
Volker Lendecke
d1934e2331 named_pipe_auth: Bump info4 to info5
We'll add a field soon

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-12-10 14:02:30 +00:00
Andreas Schneider
d1ea9c5aab libcli:auth: Allow to connect to netlogon server offering only AES
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14912

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Dec  2 14:49:35 UTC 2021 on sn-devel-184
2021-12-02 14:49:35 +00:00
Stefan Metzmacher
04a79139a4 libcli/smb: split out smb2cli_raw_tcon* from smb2cli_tcon*
This will be used in tests in order to separate the tcon from
validate_negotiate_info.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14788

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-12-01 11:04:29 +00:00
Volker Lendecke
b7fc678107 libcli: Remove NT_STATUS_INACCESSIBLE_SYSTEM_SHORTCUT error code
This is the same as STATUS_STOPPED_ON_SYMLINK, and this is what also
wireshark displays. Avoid some confusion.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-11-11 19:08:37 +00:00
Volker Lendecke
d0759cb648 libsmb: move reparse_symlink to libcli/smb/
This will be useful for smbXcli_create to parse the symlink error

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-11-11 19:08:37 +00:00
Volker Lendecke
fadce102d4 libcli: "smb_util.h" needs "ntstatus.h"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-11-11 19:08:37 +00:00
Alexander Bokovoy
e2d5b4d709 CVE-2020-25717: Add FreeIPA domain controller role
As we want to reduce use of 'classic domain controller' role but FreeIPA
relies on it internally, add a separate role to mark FreeIPA domain
controller role.

It means that role won't result in ROLE_STANDALONE.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-11-09 19:45:33 +00:00
Stefan Metzmacher
8a607e7577 netlogon_creds_cli: add netlogon_creds_cli_SendToSam_recv() and don't ignore result
This is a low level function that should not ignore results.

If the caller doesn't care it's his choice.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 19 20:20:00 UTC 2021 on sn-devel-184
2021-10-19 20:20:00 +00:00
Stefan Metzmacher
dd07bb81bb libcli/smb: use MID=0 for SMB2 Cancel with ASYNC_ID and legacy signing algorithms
We can only assume that servers with support for AES-GMAC-128 signing
will except an SMB2 Cancel with ASYNC_ID and real MID.
This strategy is also used by Windows clients, because
some vendors don't cope otherwise.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14855

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 19 19:23:39 UTC 2021 on sn-devel-184
2021-10-19 19:23:39 +00:00
Volker Lendecke
e5b446fe11 libcli: Simplify get_sec_mask_str()
Use talloc_asprintf_addbuf()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:32 +00:00
Volker Lendecke
34c08da059 libcli: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:31 +00:00
Volker Lendecke
423e5726d2 libcli: Avoid an includes.h
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:31 +00:00
Volker Lendecke
f24b2163be libcli: Simplify security_session_user_level()
Use sid_compose(), use struct dom_sid on the stack.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:31 +00:00
Volker Lendecke
70b1260020 libcli: Introduce a helper variable in security_session_user_level()
Makes it easier to read for me

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:31 +00:00
Volker Lendecke
82281ca34f libcli: Remove unused security_token_has_sid_string()
This should have been removed in ef990008f2, I just was not aware
it's there...

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:31 +00:00
Volker Lendecke
e2256c99a6 smbd: Make SID_SAMBA_SMB3 a static SID
No need to parse it

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-10-08 19:28:31 +00:00
Matthew Grant
617a5a1d35 libcli/dns: smb.conf dns forwarder port support
Call new tsocket_address_inet_from_hostport_strings() instead of
tsocket_address_inet_from_strings() to implement setting a port to query
for a DNS forwarder.

Signed-off-by: Matthew Grant <grantma@mattgrant.net.nz>
Reviewed-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-09-28 09:44:35 +00:00
Volker Lendecke
ef990008f2 libcli: Remove unused security_token_is_sid_string()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-09-24 23:55:32 +00:00
Volker Lendecke
df4c03d524 lib: Add required #includes
dom_sid.h itself references talloc, and security.h references
DATA_BLOB.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-09-21 00:13:32 +00:00
Ralph Boehme
98c977f44b nmblookup: don't ignore unknown options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14828

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-09-10 15:10:30 +00:00
Stefan Metzmacher
867c6ff9f3 docs-xml: use upper case for "{client,server} smb3 {signing,encryption} algorithms" values
This matches what smbstatus prints out. Note there's also the removal of
an '-' in "hmac-sha-256" => HMAC-SHA256".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14825
RN: "{client,server} smb3 {signing,encryption} algorithms" should use the same strings as smbstatus output

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Sep  8 16:37:07 UTC 2021 on sn-devel-184
2021-09-08 16:37:07 +00:00
Joseph Sutton
ad3498ab16 libcli/smb: Don't call memcpy() with a NULL pointer
Doing so is undefined behaviour.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-09-04 00:10:37 +00:00
Jeremy Allison
62cd95096a s3: libcli: Add FSCTL_SMBTORTURE_FSP_ASYNC_SLEEP.
Prepare for async FSCTL tests on an fsp.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14769

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2021-08-11 19:16:29 +00:00
Andreas Schneider
d6c7a2a700 netlogon:schannel: If weak crypto is disabled, do not announce RC4 support.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-08-03 09:28:38 +00:00
Stefan Metzmacher
5512416a8f gnutls: allow gnutls_aead_cipher_encryptv2 with gcm before 3.6.15
The memory leak bug up to 3.6.14 was only related to ccm, but gcm was
fine.

This avoids talloc+memcpy on more systems, e.g. ubuntu 20.04,
and brings ~ 20% less cpu overhead, see:
https://hackmd.io/@asn/samba_crypto_benchmarks

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14764

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2021-07-20 15:25:37 +00:00
Stefan Metzmacher
155348cda6 libcli/smb: allow unexpected padding in SMB2 READ responses
Make use of smb2cli_parse_dyn_buffer() in smb2cli_read_done()
as it was exactly introduced for a similar problem see:

    commit 4c6c71e137
    Author:     Stefan Metzmacher <metze@samba.org>
    AuthorDate: Thu Jan 14 17:32:15 2021 +0100
    Commit:     Volker Lendecke <vl@samba.org>
    CommitDate: Fri Jan 15 08:36:34 2021 +0000

        libcli/smb: allow unexpected padding in SMB2 IOCTL responses

        A NetApp Ontap 7.3.7 SMB server add 8 padding bytes to an
        offset that's already 8 byte aligned.

        RN: Work around special SMB2 IOCTL response behavior of NetApp Ontap 7.3.7
        BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

        Pair-Programmed-With: Volker Lendecke <vl@samba.org>

        Signed-off-by: Stefan Metzmacher <metze@samba.org>
        Signed-off-by: Volker Lendecke <vl@samba.org>

        Autobuild-User(master): Volker Lendecke <vl@samba.org>
        Autobuild-Date(master): Fri Jan 15 08:36:34 UTC 2021 on sn-devel-184

RN: Work around special SMB2 READ response behavior of NetApp Ontap 7.3.7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 15 23:53:55 UTC 2021 on sn-devel-184
2021-07-15 23:53:55 +00:00
Stefan Metzmacher
1faf15b3d0 libcli/smb: make smb2cli_ioctl_parse_buffer() available as smb2cli_parse_dyn_buffer()
It will be used in smb2cli_read.c soon...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 23:04:34 +00:00
Stefan Metzmacher
b3c9823d90 s4:torture/smb2: add smb2.read.bug14607 test
This test will use a FSCTL_SMBTORTURE_GLOBAL_READ_RESPONSE_BODY_PADDING8
in order to change the server behavior of READ responses regarding
the data offset.

It will demonstrate the problem in smb2cli_read*() triggered
by NetApp Ontap servers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 23:04:34 +00:00
Stefan Metzmacher
3f843e56a8 libcli/smb: add support for SMB2_SIGNING_AES128_GMAC
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
982bdcf427 libcli/smb: actually make use of "client/server smb3 signing algorithms"
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
3706b27a3b libcli/smb: prepare support for SMB2_SIGNING_CAPABILITIES negotiation
For now client_sign_algos->num_algos will always be 0,
but that'll change in the next commits.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
4d33b08c0f libcli/smb: make sure smb2_signing_calc_signature() never generates a signature without a valid MID
This is important as AES-128-GMAC signing will derive the NONCE from the MID.

It also means a STATUS_PENDING response must never be signed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
89f0552c5e libcli/smb: make sure we always send a valid MID in cancel PDUs
This is important as with AES-128-GMAC signing, the nonce will be
derived from the MID.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
e720ce4fad libcli/smb: skip session setup signing for REQUEST_OUT_OF_SEQUENCE, NOT_SUPPORTED and ACCESS_DENIED
We should propagate these errors to the caller instead of masking them
with ACCESS_DENIED. And for ACCESS_DENIED we should not disconnect the
connection.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
eeb09dfa6d libcli/smb: add smb2cli_conn_server_{signing,encryption}_algo()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
6447ae60b0 libcli/smb: add SMB2_SIGNING_CAPABILITIES related defines to smb2_constants.h
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
6b775f030a libcli/smb: add SMB2_RDMA_TRANSFORM_CAPABILITIES related defines to smb2_constants.h
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
24142c3796 libcli/smb: add SMB2_TRANSPORT_CAPABILITIES related defines to smb2_constants.h
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
d10153c851 libcli/smb: add aes-256-{gcm,ccm} support to smb2_signing_[en|de]crypt_pdu()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
9e6d3df68d libcli/smb: add smb311_capabilities_check() helper
It checks that the resulting algorithms (most likely for
dialects < 3.1.1) are actually allowed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
cf1459f458 libcli/smb: let 'client smb3 encryption algorithms' disable aes-128-ccm for SMB3_0*
SMB 3.0 and 3.0.2 require aes-128-ccm, so we need to reject them unless
'client smb3 encryption algorithms' allows them.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
374f26aafa libcli/smb: add helpers to parse client/server smb3 encryption algorithms into struct smb311_capabilities
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
2a575dfd58 libcli/smb: remove unused PROTOCOL_SMB3_10 definition
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
cb86d58173 libcli/smb: replace PROTOCOL_SMB3_10 with PROTOCOL_SMB3_11
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
a12c4a7b52 libcli/smb: remove unused PROTOCOL_SMB2_24 definition
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
8a30ad66b8 libcli/smb: replace PROTOCOL_SMB2_24 with PROTOCOL_SMB3_00
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
8c05c97943 libcli/smb: remove unused PROTOCOL_SMB2_22 definition
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
3c8067a63f libcli/smb: replace PROTOCOL_SMB2_22 with PROTOCOL_SMB3_00
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
7816d70f69 libcli/smb: no longer use experimental dialects 2.2.2, 2.2.4, 3.1.0 on the wire
These were only used in Windows development versions but not in
production.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
147dd9d58a libcli/smb: let smb2_negotiate_context_parse() only parse the expected number of contexts
Any garbage at the end needs to be ignored.

This fixes the Negotiate_SMB311_ContextID_NetName test from:
https://github.com/microsoft/WindowsProtocolTestSuites/blob/main/TestSuites/FileServer/src/SMB2/TestSuite/Negotiate/Negotiation.cs#L730

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jul 12 21:25:21 UTC 2021 on sn-devel-184
2021-07-12 21:25:21 +00:00
Samuel Cabrero
2b8c73b549 libcli: Move map_errno_from_nt_status from s3 lib to common libcli
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-07-08 09:30:40 +00:00
Andreas Schneider
2e520feace libcli:nbt: Migrate nmblookup4 to new cmdline option parser
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-06-20 23:26:32 +00:00
Günther Deschner
0e1695df7f Fix gcc11 compiler issue "-Werror=maybe-uninitialized"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14699

../../source4/dsdb/common/util_links.c: In function ‘ndr_guid_compare’:
../../source4/dsdb/common/util_links.c:38:29: error: ‘v1_data’ may be used uninitialized [-Werror=maybe-uninitialized]
   38 |         struct ldb_val v1 = data_blob_const(v1_data, sizeof(v1_data));
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/dsdb/common/util_links.c:22:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/dsdb/common/util_links.c:37:17: note: ‘v1_data’ declared here
   37 |         uint8_t v1_data[16];
      |                 ^~~~~~~
cc1: all warnings being treated as errors

[1729/3991] Compiling source3/smbd/smbXsrv_open.c
../../libcli/auth/smbencrypt.c: In function ‘decode_wkssvc_join_password_buffer’:
../../libcli/auth/smbencrypt.c:1045:32: error: ‘_confounder’ may be used uninitialized [-Werror=maybe-uninitialized]
 1045 |         DATA_BLOB confounder = data_blob_const(_confounder, 8);
      |                                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../libcli/auth/smbencrypt.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../libcli/auth/smbencrypt.c:1044:17: note: ‘_confounder’ declared here
 1044 |         uint8_t _confounder[8];
      |                 ^~~~~~~~~~~
cc1: all warnings being treated as errors

[2624/3991] Compiling source4/torture/rpc/samr.c
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user2’:
../../source3/rpc_client/cli_samr.c:158:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
  158 |         DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
                 from ../../source3/include/includes.h:256,
                 from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:152:17: note: ‘old_nt_hash’ declared here
  152 |         uint8_t old_nt_hash[16];
      |                 ^~~~~~~~~~~
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user3’:
../../source3/rpc_client/cli_samr.c:365:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
  365 |         DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
      |                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
                 from ../../source3/include/includes.h:256,
                 from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:358:17: note: ‘old_nt_hash’ declared here
  358 |         uint8_t old_nt_hash[16];
      |                 ^~~~~~~~~~~
cc1: all warnings being treated as errors

[3399/3991] Compiling source3/rpcclient/cmd_spotlight.c
../../source3/smbd/smbXsrv_open.c: In function ‘smbXsrv_open_set_replay_cache’:
../../source3/smbd/smbXsrv_open.c:936:26: error: ‘data’ may be used uninitialized [-Werror=maybe-uninitialized]
  936 |         DATA_BLOB blob = data_blob_const(data, ARRAY_SIZE(data));
      |                          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
                 from ../../source3/include/includes.h:256,
                 from ../../source3/smbd/smbXsrv_open.c:21:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source3/smbd/smbXsrv_open.c:935:17: note: ‘data’ declared here
  935 |         uint8_t data[SMBXSRV_OPEN_REPLAY_CACHE_FIXED_SIZE];
      |                 ^~~~
cc1: all warnings being treated as errors

../../source3/rpcclient/cmd_spotlight.c: In function ‘cmd_mdssvc_fetch_properties’:
../../source3/rpcclient/cmd_spotlight.c:60:18: error: ‘share_path’ may be used uninitialized [-Werror=maybe-uninitialized]
   60 |         status = dcerpc_mdssvc_open(b, mem_ctx,
      |                  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   61 |                                     &device_id,
      |                                     ~~~~~~~~~~~
   62 |                                     &unkn1,
      |                                     ~~~~~~~
   63 |                                     &unkn2,
      |                                     ~~~~~~~
   64 |                                     argv[2],
      |                                     ~~~~~~~~
   65 |                                     argv[1],
      |                                     ~~~~~~~~
   66 |                                     share_path,
      |                                     ~~~~~~~~~~~
   67 |                                     &share_handle);
      |                                     ~~~~~~~~~~~~~~
In file included from ../../source3/rpcclient/cmd_spotlight.c:24:
source3/../librpc/gen_ndr/ndr_mdssvc_c.h:26:10: note: by argument 8 of type ‘const char *’ to ‘dcerpc_mdssvc_open’ declared here
   26 | NTSTATUS dcerpc_mdssvc_open(struct dcerpc_binding_handle *h,
      |          ^~~~~~~~~~~~~~~~~~
../../source3/rpcclient/cmd_spotlight.c:40:14: note: ‘share_path’ declared here
   40 |         char share_path[1025];
      |              ^~~~~~~~~~
cc1: all warnings being treated as errors

../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2’:
../../source4/torture/rpc/samr.c:2266:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
 2266 |                 = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2263:17: note: ‘old_nt_hash’ declared here
 2263 |         uint8_t old_nt_hash[16], new_nt_hash[16];
      |                 ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2_ntstatus’:
../../source4/torture/rpc/samr.c:2371:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
 2371 |                 = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2368:17: note: ‘old_nt_hash’ declared here
 2368 |         uint8_t old_nt_hash[16], new_nt_hash[16];
      |                 ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser3’:
../../source4/torture/rpc/samr.c:2478:38: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
 2478 |         DATA_BLOB old_nt_hash_blob = data_blob_const(old_nt_hash, 16);
      |                                      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2473:17: note: ‘old_nt_hash’ declared here
 2473 |         uint8_t old_nt_hash[16], new_nt_hash[16];
      |                 ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordRandomBytes’:
../../source4/torture/rpc/samr.c:2794:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
 2794 |                 = data_blob_const(old_nt_hash,
      |                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
 2795 |                                   sizeof(old_nt_hash));
      |                                   ~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
                 from ../../source4/include/includes.h:62,
                 from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
  116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
      |                    ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2792:17: note: ‘old_nt_hash’ declared here
 2792 |         uint8_t old_nt_hash[16], new_nt_hash[16];
      |                 ^~~~~~~~~~~
cc1: all warnings being treated as errors

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2021-05-07 06:23:32 +00:00
Andrew Bartlett
190e15dfb0 tests: Fix "-Werror=maybe-uninitialized" errors only seen with -O3 and --enable-coverage
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2021-04-28 03:43:34 +00:00
Volker Lendecke
58c6c031f5 libcli: Fix parsing access flags from multiple tables
We have to look at all available mappings for parsing sddl for each
special flag set. "GW" and "FX" come from two different tables, but
the previous code settled on one table and then expected both "GW" and
"FX" to come from that same table. Change the code to look at all
tables per special flag set.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Apr 21 00:04:36 UTC 2021 on sn-devel-184
2021-04-21 00:04:36 +00:00
Volker Lendecke
e030355643 libcli: Factor out sddl_map_flag()
We have to look at more than one map, "FRSD" is not correctly handled
right now for example. This factors out walking a map to make walking
multiple maps easier.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-04-20 23:19:28 +00:00
Volker Lendecke
dab8e9eb4a libcli: Simplify sddl_encode_ace()
Use GUID_buf_string() instead of GUID_string() for encoding objects,
no need to check for NULL anymore.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-04-19 18:18:32 +00:00
Volker Lendecke
4d3b6506d3 librpc: Remove the gensec dependency from library dcerpc-binding
This means yet another library, but having to depend on gensec just
for dcerpc_parse_binding() and basic packet parsing seems like a bit
overkill to me.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr  6 23:33:14 UTC 2021 on sn-devel-184
2021-04-06 23:33:14 +00:00
Volker Lendecke
e742661bd2 tstream: Add tstream_npa_existing_stream()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr  1 20:36:19 UTC 2021 on sn-devel-184
2021-04-01 20:36:19 +00:00
Volker Lendecke
1b47dd65a3 tstream_npa: Allow NULL output parameters
When reading the info4, the substructs might not be interesting for
you.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-04-01 19:32:36 +00:00
Volker Lendecke
bbfdf2708e tstream_npa: Return named_pipe_auth_req_info4 from accept_existing
Callers might want the full picture. We need to make
named_pipe_auth_req_info4 public for that.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-04-01 19:32:36 +00:00
Volker Lendecke
3a03c0a1ad tstream_npa: Keep "named_pipe_auth_req" around in tstream_npa_accept_existing_send()/recv()
This will make it simpler to return a copy of the struct
named_pipe_auth_req_info4 in the next commit.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-04-01 19:32:36 +00:00
Gary Lockyer
1432314f5c libcli smb smb2: Use correct enumeration type
Clang gives the following error:
../../libcli/smb/smb2_signing.c:547:48: error:
   implicit conversion from enumeration type 'gnutls_mac_algorithm_t'
   to different enumeration type 'gnutls_digest_algorithm_t'
   [-Werror,-Wenum-conversion]
   const size_t digest_len = gnutls_hash_get_len(GNUTLS_MAC_SHA256);
~~~~~~~~~~~~~~~~~~~ ^~~~~~~~~~~~~~~~~

Should be using GNUTLS_DIG_SHA256, which is set to GNUTLS_MAC_SHA256.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon Mar 29 23:19:24 UTC 2021 on sn-devel-184
2021-03-29 23:19:24 +00:00
Volker Lendecke
249b0e3202 libcli: Add file specific access flags to sddl
See

https://docs.microsoft.com/en-us/windows/win32/secauthz/ace-strings

for reference.

We can only use them for decoding, many of our tests depend on our
string representation of the flags.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-24 20:31:30 +00:00
Stefan Metzmacher
44e76fccf6 libcli/smb: make use of smb3_capabilities.encryption
This avoids a hardcoded list of possible ciphers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
c0868882c7 libcli/smb: introduce struct smb3_encryption_capabilities
This will allow us to control the offered ciphers from the callers
later.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
c34b86a34e libcli/smb: pass smb3_capabilities to smbXcli_conn_create()
Passing NULL means use none.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
a11dab1648 libcli/smb: introduce struct struct smb311_capabilities
This will be filled later with supported ciphers and other
things that can be negotiated in SMB >= 3.1.1.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
452f0cd19b libcli/smb: don't copy the key to a stack variable in smb2_signing_{encrypt,decrypt}_pdu()
The key size should always match now.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
f65e609fd1 libcli/smb: no longer pass protocol to smb2_signing_{encrypt,decrypt}_pdu()
The cipher algorithm is already passed via
smb2_signing_key->chipher_algo_id.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
7c8707613e libcli/smb: no longer pass protocol to smb2_signing_{sign,check}_pdu()
The signing algorithm is already passed via
smb2_signing_key->sign_algo_id.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
5d4c63d838 libcli/smb: make smb2_signing_key_destructor static
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
bba8d34a78 libcli/smb: make use of smb2_signing_key_{copy,sign_create,cipher_create}() in smbXcli_base.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
5b648fe960 libcli/smb: add smb2_signing_key_{copy,sign_create,cipher_create}() helpers
These will simplify the callers a lot.
In important part is to also remember the sign and cipher algo ids.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
3e43962f73 libcli/smb: maintain smbXcli_conn.smb2.server.sign_algo
This prepares the negotiation of signing algorithms in future.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
8e2f3e6558 libcli/smb: make use of smb2_signing_derivations_fill_const_stack() smb2cli_session_set_session_key()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
e4c1a00595 libcli/smb: add smb2_signing_derivations_fill_const_stack()
This will allow us to have the logic in one place only
in future.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
17b99809b3 libcli/smb: make use of smb2_signing_calc_signature() in smb2_signing_sign_pdu()
We only need to logic to calculate the signature once...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
f54fb82890 libcli/smb: assert that smb2_signing_{sign,check}_pdu() gets 2-4 iovec elements
We expect the following:

* SMB2 HDR
* SMB2 BODY FIXED
* (optional) SMB2 BODY DYN
* (optional) PADDING

Everything else is a bug.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
2a4ba7b6cd libcli/smb: split out smb2_signing_calc_signature() from smb2_signing_check_pdu()
We only need one function to calculate the signature of an SMB2 packet.
And that only need the logic based on a gnutls_mac_algorithm_t once.

The next step will convert smb2_signing_sign_pdu() to also use
smb2_signing_calc_signature(). Doing that in a separate commit
should make sure we don't introduce a symetric bug.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
3066a02b5d libcli/smb: pass the length of the resulting key to smb2_key_derivation()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Stefan Metzmacher
a9e7d0be3f libcli/smb: prepare smb2_key_derivation() for keys larger than 16-bytes
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14512

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-17 00:49:32 +00:00
Volker Lendecke
833fcdc024 libcli: Simplify tstream_npa_connect_readv_done()
tevent_req_error takes care of the ==0 case

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-09 22:36:28 +00:00
Volker Lendecke
9d656edffb libcli: Add a NULL check to tstream_npa
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-09 22:36:28 +00:00
Volker Lendecke
90ea83b754 libcli: make_sec_acl() copies the ace_list, make that const
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-22 19:54:38 +00:00
Andreas Schneider
6fd557974b libcli:smb: Fix a typo in a debug message
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Jan 19 16:15:21 UTC 2021 on sn-devel-184
2021-01-19 16:15:21 +00:00
Stefan Metzmacher
4c6c71e137 libcli/smb: allow unexpected padding in SMB2 IOCTL responses
A NetApp Ontap 7.3.7 SMB server add 8 padding bytes to an
offset that's already 8 byte aligned.

RN: Work around special SMB2 IOCTL response behavior of NetApp Ontap 7.3.7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Pair-Programmed-With: Volker Lendecke <vl@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jan 15 08:36:34 UTC 2021 on sn-devel-184
2021-01-15 08:36:34 +00:00
Stefan Metzmacher
3db566026b s4:torture/smb2: add samba3.smb2.ioctl.bug14607
FSCTL_SMBTORTURE_IOCTL_RESPONSE_BODY_PADDING8 will be used
to trigger an SMB2 IOCTL response with extra padding.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2021-01-15 07:26:29 +00:00
Stefan Metzmacher
508ed5b42c libcli/smb: split out smb2cli_ioctl_parse_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Pair-Programmed-With: Volker Lendecke <vl@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
2021-01-15 07:26:29 +00:00
Jeremy Allison
0abb5ca6b9 libcli/smb: Allow smb2cli_validate_negotiate_info_done() to ignore NT_STATUS_INVALID_PARAMETER.
This can be returned from NetApp Ontap 7.3.7 SMB server
implementations. Now we have ensured smb2_signing_check_pdu()
cannot return NT_STATUS_INVALID_PARAMETER on a signing error
it's safe to check this error code here. Windows 10
clients ignore this error from the NetApp.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-01-15 07:26:29 +00:00
Stefan Metzmacher
fdcdfceefd libcli/smb: Change some checks to SMB_ASSERTS
If we end up here, it's definitely a programming error in the basic
parsing layer of the SMB2 packet.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2021-01-15 07:26:29 +00:00
Stefan Metzmacher
560e4b1b32 libcli/smb: add smbXcli_conn_send_queue()
This is useful in order to test async requests
tevent_queue_wait_send/recv() can be used to block
the queue between requests or wait for the queue to be flushed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-17 13:59:38 +00:00
Volker Lendecke
f25248fe67 libcli: Add required #includes to libcli/dns/dns.h
Also, make it safe against being included twice

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-11 18:29:32 +00:00
Volker Lendecke
fce49f4ac2 libcli: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-30 22:24:37 +00:00
Volker Lendecke
a41112fcc9 libcli: Align a few integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-30 22:24:37 +00:00
Andreas Schneider
8d5d968dde libcli:smb: Check return code of set_blocking
Found by covscan.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-11-26 06:52:41 +00:00
Volker Lendecke
7aaefd6f46 lib: Remove unused security_descriptor_append()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-19 22:56:40 +00:00
Jeremy Allison
26ba04a4d1 libcli: smb2: Never print length if smb2_signing_key_valid() fails for crypto blob.
Blob could be NULL.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14210

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Nov 16 09:47:38 UTC 2020 on sn-devel-184
2020-11-16 09:47:38 +00:00
Björn Jacke
a4e90cfec4 http_conn.c: fix "void function cannot return value" error
this made the studio compiler build break

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-11-10 06:53:42 +00:00
Isaac Boukris
f0f8de9d4a Add smb2cli_session_get_encryption_cipher()
When 'session->smb2->should_encrypt' is true, the client MUST encrypt
all transport messages (see also MS-SMB2 3.2.4.1.8).

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2020-11-06 10:02:35 +00:00
Volker Lendecke
666d2a38fc libcli: Use GUID_to_ndr_buf() in smb2cli_validate_negotiate_info_send()
Avoid a talloc/free

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct  2 22:50:43 UTC 2020 on sn-devel-184
2020-10-02 22:50:43 +00:00
Volker Lendecke
63ab004e38 libcli: Use GUID_to_ndr_buf() in smbXcli_negprot_smb2_subreq()
Avoid a talloc/free

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 21:30:34 +00:00
Volker Lendecke
77877cfed1 libcli: Use GUID_to_ndr_buf() in ldap_encode_ndr_GUID()
Avoid a talloc/free

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 21:30:33 +00:00
Volker Lendecke
a61ed4df0e libcli: Align some integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 21:30:33 +00:00
Volker Lendecke
bb8d333070 libcli: Don't leave a pointer uninitialized
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 21:30:32 +00:00
Volker Lendecke
9b453f475f libcli: Remove a pointless if-expression
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 21:30:32 +00:00
Stefan Metzmacher
d3123858fb CVE-2020-1472(ZeroLogon): libcli/auth: reject weak client challenges in netlogon_creds_server_init()
This implements the note from MS-NRPC 3.1.4.1 Session-Key Negotiation:

 7. If none of the first 5 bytes of the client challenge is unique, the
    server MUST fail session-key negotiation without further processing of
    the following steps.

It lets ./zerologon_tester.py from
https://github.com/SecuraBV/CVE-2020-1472.git
report: "Attack failed. Target is probably patched."

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-09-18 12:48:38 +00:00
Stefan Metzmacher
53528c71ff CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_is_random_challenge() to avoid weak values
This is the check Windows is using, so we won't generate challenges,
which are rejected by Windows DCs (and future Samba DCs).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-09-18 12:48:38 +00:00
Stefan Metzmacher
46642fd32d CVE-2020-1472(ZeroLogon): libcli/auth: make use of netlogon_creds_random_challenge() in netlogon_creds_cli.c
This will avoid getting rejected by the server if we generate
a weak challenge.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-09-18 12:48:38 +00:00
Stefan Metzmacher
b813cdcac3 CVE-2020-1472(ZeroLogon): libcli/auth: add netlogon_creds_random_challenge()
It's good to have just a single isolated function that will generate
random challenges, in future we can add some logic in order to
avoid weak values, which are likely to be rejected by a server.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14497

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-09-18 12:48:38 +00:00
Jeremy Allison
e034072c96 libcli: nbt: Fix resolve_lmhosts_file_as_sockaddr() to return size_t * count of addresses.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2020-09-15 10:09:37 +00:00
Jeremy Allison
da9c7b1938 libcli: nbt: cleanup resolve_lmhosts_file_as_sockaddr() - don't change return values on fail.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2020-09-15 10:09:37 +00:00
Matthew DeVore
232054c09b lib/util: remove extra safe_string.h file
lib/util/safe_string.h is similar to source3/include/safe_string.h, but
the former has fewer checks. It is missing bcopy, strcasecmp, and
strncasecmp.

Add the missing elements to lib/util/safe_string.h remove the other
safe_string.h which is in the source3-specific path. To accomodate
existing uses of str(n?)casecmp, add #undef lines to source files where
they are used.

Signed-off-by: Matthew DeVore <matvore@google.com>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Aug 28 02:18:40 UTC 2020 on sn-devel-184
2020-08-28 02:18:40 +00:00
Andreas Schneider
4bf8a66731 libcli:smb: Add smb_encryption_setting_translate()
Add encryption enum and function to avoid confusion when reading the
code.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-19 16:22:40 +00:00
Andreas Schneider
e524719010 libcli:smb: Add smb_signing_setting_translate()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-19 16:22:40 +00:00
Andreas Schneider
f03bb8ad8a param: Create and use enum_smb_encryption_vals
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-19 16:22:40 +00:00
Andreas Schneider
46142d8398 libcli:smb2: Use talloc NULL context if we don't have a stackframe
If we execute this code from python we don't have a talloc stackframe
around and segfault with talloc_tos().

To fix the crash we use the NULL context as we take care for freeing the
memory as soon as possible.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-19 16:22:40 +00:00
Andreas Schneider
cf432bd452 libcli:smb2: Do not leak ptext on error
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-08-19 16:22:39 +00:00
Volker Lendecke
1b139de552 libcli/ldap: Fix CID 1462695 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-08-06 19:00:36 +00:00
Volker Lendecke
de2a7574e8 libcli/ldap: Fix CID 1462696 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-08-06 19:00:36 +00:00
Volker Lendecke
41beb510be libcli/ldap: Fix CID 1465278 Resource leak
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-08-06 19:00:36 +00:00
Jeremy Allison
7ad92b3702 s3/s4: Cleanup. Move TALLOC_CTX * parameter to be first in resolve_lmhosts_file_as_sockaddr() to match modern conventions.
No logic changes.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
2020-08-04 08:51:42 +00:00
Ralph Boehme
2327471756 lib: relicense smb_strtoul(l) under LGPLv3
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Swen Schillig <swen@linux.ibm.com>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug  3 22:21:04 UTC 2020 on sn-devel-184
2020-08-03 22:21:02 +00:00
Volker Lendecke
0bb1488d31 libcli/ldap: Fix decoding struct ldap_ExtendedResponse
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-07-09 20:16:40 +00:00
Volker Lendecke
60b0928945 libcli/ldap: Test decoding an exop response
ldap-starttls-response.dat is a reply to a starttls extended
operation. Right now ldap_decode() does not handle this correctly.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-07-09 20:16:40 +00:00
Stefan Metzmacher
0d2566210a libcli/smb: define FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
This will be used by smbtorture in order to simulate channel failures
without relying on iptables.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2020-07-08 15:54:38 +00:00
Gary Lockyer
3cc0f1eeda CVE-2020-14303: s4 nbt: fix busy loop on empty UDP packet
An empty UDP packet put the nbt server into a busy loop that consumes
100% of a cpu.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14417

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Thu Jul  2 10:26:24 UTC 2020 on sn-devel-184
2020-07-02 10:26:24 +00:00
Gary Lockyer
d701bc1518 libcli ldap tests: remove use of zero length array
libcli/ldap/tests/ldap_message_test.c defines a zero length array
(uint8_t buf[0]), which is a GCC extension and breaks the build with
some strict compilers like xlc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14387

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 23 02:15:35 UTC 2020 on sn-devel-184
2020-06-23 02:15:35 +00:00
Christof Schmitt
e1335efa16 libcli: Remove define STATUS_EA_LIST_INCONSISTENT
The auto-generated define NT_STATUS_EA_LIST_INCONSISTENT is still
available.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jun 22 13:30:51 UTC 2020 on sn-devel-184
2020-06-22 13:30:51 +00:00
Christof Schmitt
b467f86a4a libcli: Remove define STATUS_STOPPED_ON_SYMLINK
The auto-generated define NT_STATUS_STOPPED_ON_SYMLINK is still
available.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
1dbb2752c9 libcli: Remove define for STATUS_PENDING
The auto-generated define NT_STATUS_PENDING is still available.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
37a51b105b libcli: Use NT_STATUS_PENDING instead of STATUS_PENDING
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
6c2b1981da libcli: Remove define for STATUS_NOTIFY_ENUM_DIR
The auto-generated define NT_STATUS_NOTIFY_ENUM_DIR is still available.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
d5f29c0765 libcli: Remove define for STATUS_NOTIFY_CLEANUP
The auto-generated NT_STATUS_NOTIFY_CLEANUP is still available.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:38 +00:00
Christof Schmitt
b7062251bc libcli: Remove define for STATUS_INVALID_EA_FLAG
The auto-generated define NT_STATUS_INVALID_EA_FLAG is still available.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:37 +00:00
Christof Schmitt
172ae564ce libcli: Remove define STATUS_NO_MORE_EAS
The auto-generated define NT_STATUS_NO_MORE_EAS is still available.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:37 +00:00
Christof Schmitt
e4e65d0268 libcli: Remove define for ERROR_INVALID_DATATYPE
The auto-generated define WERR_INVALID_DATATYPE is still available.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-06-22 12:07:37 +00:00
Volker Lendecke
10d883105a libcli: Add tevent_req_received() calls to smb2cli_create_recv()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-06-15 17:59:39 +00:00
Volker Lendecke
c751c71062 libcli: Move IO_REPARSE_TAG definitions to smb_constants.h
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-06-15 17:59:39 +00:00
Volker Lendecke
7e73527ad3 libcli: Slightly simplify smb2cli_req_recv() with an early return
One if-condition less

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-06-15 17:59:39 +00:00
Ralph Boehme
0b9ddce90c libcli: simplify an if condition
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-30 01:17:36 +00:00
Björn Jacke
799387963c add some missing FSCTL defines
as dodumented in

https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/a64e55aa-1152-48e4-8206-edd96444e7f7

FSCTL_SET_OBJECT_ID_EXTENDED
FSCTL_READ_FILE_USN_DATA
FSCTL_WRITE_USN_CLOSE_RECORD
FSCTL_QUERY_ON_DISK_VOLUME_INFO
FSCTL_QUERY_SPARING_INFO
FSCTL_DUPLICATE_EXTENTS_TO_FILE_EX
FSCTL_STORAGE_QOS_CONTROL

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Tue May 19 15:57:08 UTC 2020 on sn-devel-184
2020-05-19 15:57:08 +00:00
Gary Lockyer
13a2f70a4d Fix clang 9 missing-field-initializer warnings
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-05-08 09:31:31 +00:00
Gary Lockyer
bac809348a CVE-2020-10704 libcli ldap: Check search request lengths.
Check the search request lengths against the limits passed to
ldap_decode.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon May  4 04:40:10 UTC 2020 on sn-devel-184
2020-05-04 04:40:10 +00:00
Gary Lockyer
3149ea0a8a CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode
Add search request size limits to ldap_decode calls.

The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:32 +00:00
Gary Lockyer
b0832d2016 CVE-2020-10704: libcli ldap: test recursion depth in ldap_decode_filter_tree
Add tests to check that ASN.1 ldap requests with deeply nested elements
are rejected.  Previously there was no check on the on the depth of
nesting and excessive nesting could cause a stack overflow.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:32 +00:00
Gary Lockyer
f467727db5 CVE-2020-10704: lib util asn1: Add ASN.1 max tree depth
Add maximum parse tree depth to the call to asn1_init, which will be
used to limit the depth of the ASN.1 parse tree.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:31 +00:00
Volker Lendecke
3d9d984944 libcli: Use ARRAY_DEL_ELEMENT() in security_descriptor_acl_del()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-03-26 14:43:31 +00:00
Volker Lendecke
0e50ed1936 libsmb: Make sure that the TCP socket is non-blocking
All traffic goes through smbXcli_base.c, and that is prepared to deal
with short writes via the conn->outgoing queue. Instead of making sure
that all callers properly set the socket nonblocking, do it here, so
that we can later optimize sending out data to the server.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-03-25 09:04:28 +00:00
Andrew Bartlett
5c1867ba45 py3: Remove #define PyInt_FromLong PyLong_FromLong
This allows us to end the use of Python 2/3 compatability macros.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power
2020-03-23 19:12:43 +00:00
Andrew Bartlett
4764e8b4c7 py3: Remove #define PyInt_AsLong PyLong_AsLong
This allows us to end the use of Python 2/3 compatability macros.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2020-03-23 19:12:43 +00:00
Andrew Bartlett
3aea3b1538 py3: Remove #define PyInt_Check PyLong_Check
This will allow us to remove some unused code in the PIDL-generated
python bindings.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2020-03-23 19:12:43 +00:00
Volker Lendecke
12596a3a8d libcli: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 10 23:08:20 UTC 2020 on sn-devel-184
2020-03-10 23:08:19 +00:00
Volker Lendecke
8047876f4a smbd: Add make_smb2_posix_create_ctx()
Will be used internally to pass an artificial posix create context
into VFS_CREATE_FILE from the SMB1 unix extension calls

Pair programmed with: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
2020-02-07 21:01:31 +00:00
Volker Lendecke
f6fe7c39cd libsmb: Add smb2_create_blob_remove()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-02-07 21:01:31 +00:00
Volker Lendecke
23db731593 libsmb: Allow passing in NULL to smb2_create_blob_find()
Will simplify callers a bit, and it does not change semantics
significantly. Zero create blobs won't find anything anyway.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-02-07 21:01:30 +00:00
Volker Lendecke
d33d43f38c libsmb: Add posix create context definition
Pair programmed with: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
2020-02-07 21:01:30 +00:00
Volker Lendecke
76803ecccc libsmb: Add required #includes to smb_util.h
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-02-07 21:01:30 +00:00
Volker Lendecke
298dbc5332 libsmb: Add required includes to smb2_create_blob.h
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-02-07 21:01:30 +00:00
Volker Lendecke
149217ce56 libsmb: Remove "const" from smb_create_blob->tag
I want to TALLOC_FREE that soon, and we do a talloc_strdup into this anyway.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-02-07 21:01:30 +00:00
Stefan Metzmacher
3894f87818 libcli:smb: Don't use forward declartions for GnuTLS typedefs
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14271

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Feb  7 13:48:27 UTC 2020 on sn-devel-184
2020-02-07 13:48:27 +00:00
Stefan Metzmacher
c80a51c69d libcli/nbt: avoid talloc_reference() in nbt_name_*_send()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-02-05 08:46:39 +00:00
Andreas Schneider
d459ca04fc libcli:smb: Improve check for gnutls_aead_cipher_(en|de)cryptv2
This is available since version 3.6.10, but 3.6.10 has a bug which got fixed
in 3.6.11, see:

    https://gitlab.com/gnutls/gnutls/-/merge_requests/1085

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14250

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb  4 06:44:00 UTC 2020 on sn-devel-184
2020-02-04 06:43:59 +00:00
Volker Lendecke
168c6d9b8f libsmb: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-01-30 12:27:40 +00:00
Volker Lendecke
bf531c249d libcli: Align integer types
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-01-30 12:27:40 +00:00
Volker Lendecke
e4ad001378 auth: Avoid casts in ntlm_check.c
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon Jan  6 03:12:20 UTC 2020 on sn-devel-184
2020-01-06 03:12:19 +00:00
Volker Lendecke
e02d24c087 auth: Check for talloc failure in smb_sess_key_ntlmv2()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-01-06 01:47:30 +00:00
Volker Lendecke
4014d91b9a auth: Slightly simplify smb_pwd_check_ntlmv1()
Do an early return for the failure case

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-01-06 01:47:30 +00:00
Volker Lendecke
2bd941cc12 auth: Check for talloc failure in smb_pwd_check_ntlmv1()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-01-06 01:47:30 +00:00
Volker Lendecke
b78cc8210d auth: Slightly simplify smb_pwd_check_ntlmv2()
Do an early return for the failure case

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-01-06 01:47:30 +00:00
Volker Lendecke
8ec4e4b668 auth: Check for talloc failure in smb_pwd_check_ntlmv2()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2020-01-06 01:47:30 +00:00
Volker Lendecke
ba97f408d8 lib: Remove an unused variable from security_token_debug()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2020-01-03 00:04:43 +00:00
Isaac Boukris
fe2577a40c smbdes: remove old unused DES builtin-crypto
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
b5d8f1f78a sess_crypt_blob can only crypt blobs whose size divides by 8
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
a75ca8d5d5 session: convert sess_crypt_blob to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
dcc33103d5 smbdes: convert des_crypt112_16 to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
254739137b smbdes: convert des_crypt112 to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
dce944e8a1 smbdes: convert E_old_pw_hash to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
c57f429574 smbdes: convert des_crypt128() to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
a5548af018 smbdes: convert E_P24() and SMBOWFencrypt to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
2eef12904f smbdes: remove D_P16() (not used)
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
9fb6361a8b smbdes: convert E_P16() to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
ecee199803 smbdes: convert sam_rid_crypt() to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
bbcf568f31 SMBsesskeygen_lm_sess_key: use gnutls and return NTSTATUS
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
38189f76d8 netlogon_creds_des_encrypt/decrypt_LMKey: use gnutls and return NTSTATUS
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
0f855f1ab9 smbdes: add des_crypt56_gnutls() using DES-CBC with zeroed IV
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
2c470c8035 selftest: test sess_crypt_blob
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
6c5f153e47 selftest: test SMBsesskeygen_lm_sess_key
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
a4ec427e54 selftest: test des_crypt112_16
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
394debac6b selftest: test des_crypt112 and fix (unused) decryption
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
e2f8f686d1 selftest: test des_crypt128
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Isaac Boukris
8f042ba532 selftest: test E_old_pw_hash
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Isaac Boukris
dfad082596 selftest: test E_P24 and SMBOWFencrypt
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00
Isaac Boukris
0923f94bdc selftest: test sam_rid_crypt
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:29 +00:00