1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

71 Commits

Author SHA1 Message Date
Gary Lockyer
f467727db5 CVE-2020-10704: lib util asn1: Add ASN.1 max tree depth
Add maximum parse tree depth to the call to asn1_init, which will be
used to limit the depth of the ASN.1 parse tree.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-04 02:59:31 +00:00
Gary Lockyer
01fab30a97 samdb: Add transaction id control
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-10 20:02:23 +02:00
Ralph Boehme
ab7dc210e9 CVE-2018-1057: s4:dsdb/samdb: define DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control
Will be used to pass "user password change" vs "password reset" from the
ACL to the password_hash module, ensuring both modules treat the request
identical.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13272

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-03-13 10:24:27 +01:00
Garming Sam
38e08d7174 typo: mplementation => implementation
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2016-05-06 05:03:16 +02:00
Garming Sam
fe2bcf9d41 ldap VLV: correct ASN1 parsing of VLV requests
As with the encoding, the ASN1_CONTEXT tag isn't followed by an
ASN1_SEQUENCE, though you wouldn't think that from reading the
specification.

Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-09 10:32:16 +01:00
Garming Sam
8b650a5ab3 ldap: fix search control rule identifiers ASN.1 type
Wireshark and Windows both expect matching rule identifiers to be
given the ContextSimple type identifier instead of the Octet String.

As far as we can tell this is not formally specified anywhere.

Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-09 10:32:16 +01:00
Douglas Bagnall
d2c6f7624b ldap VLV: memdup, not strdup VLV context_id
The context ID is not a text string, it is an opaque binary field.

Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2016-03-09 10:32:16 +01:00
Garming Sam
5421d7070a ldap VLV: use correct ASN.1 encoding for requests
The search reference points (either an integer index or a string
for comparison) are  supposed to use ASN1_CONTEXT or ASN1_CONTEXT_SIMPLE
(respectively) ASN.1 types. We were using these types, but we also put
extra ones in too, which nobody else likes.

Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-03-09 10:32:16 +01:00
Andreas Schneider
3f428caed4 s4-libcli: Add missing ldb header
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2016-02-19 15:58:22 +01:00
Stefan Metzmacher
d104d6e04f s4:libcli/ldap: add support for LDB_CONTROL_DIRSYNC_EX_OID
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-02-17 03:43:23 +01:00
Volker Lendecke
a93946b2fe lib: Use asn1_extract_blob()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-01-06 00:54:18 +01:00
Jeremy Allison
69a7e3cfdc s4: libcli: ldap message - Ensure all asn1_XX returns are checked.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 26 03:15:00 CEST 2014 on sn-devel-104
2014-09-26 03:15:00 +02:00
Jeremy Allison
b1a1f691c8 s4: libcli: ldap controls - Ensure all asn1_XX returns are checked.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
2014-09-26 00:51:16 +02:00
Matthieu Patou
f110f2d63f s4-ldap: handle VERIFY_NAME control encoding/decoding 2012-06-22 23:22:02 -07:00
Michael Adam
9e9887d323 s4:samdb:rootdse: implement the schemaUpgradeInProgress operation in ldap modify
This is preliminary in that it is implemented as a no-op for a start
just to be able to successfully answer the request, which seems to be
sufficient in order to e.g. survive the exchange schema extensions.

Signed-off-by: Matthieu Patou <mat@matws.net>

Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Wed Apr 18 02:48:28 CEST 2012 on sn-devel-104
2012-04-18 02:48:28 +02:00
Andrew Tridgell
7244e254cc s4-ldap: added DSDB_CONTROL_NO_GLOBAL_CATALOG to ldap encoding list
also remove all the duplicated comments

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-10-04 15:08:58 +11:00
Stefan Metzmacher
a762e9cab7 s4:ldap_controls: allow DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID over sockets.
The DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID control has to data attached to it.
So we can allow it to be send over LDAP.

We'll accept this control over the privileged ldapi socket only.

metze
2010-12-13 15:32:04 +01:00
Nadezhda Ivanova
3003bd4037 s4-ldb: Changes the aclread module to use LDB_HANDLE_FLAG_UNTRUSTED to determine the source of the request
The aclread module used to use a control to make sure the request comes from the ldap server,
but now the rootdse filters out any unregistered controls comming from ldap, so the control is
lost. Using the LDB_HANDLE_FLAG_UNTRUSTED is a much more elegant solution.

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Oct 27 11:55:11 UTC 2010 on sn-devel-104
2010-10-27 11:55:11 +00:00
Matthias Dieter Wallnöfer
f9a6ff482c s4/ldb:introduce the LDB_CONTROL_PROVISION_OID control
This control is exactly thought for the actions which previously were performed
using the RELAX one.

We agreed that the RELAX control will only remain for interactions with OpenLDAP.
2010-10-23 16:37:29 +02:00
Matthias Dieter Wallnöfer
89c42a96fc ldb:rename LDB_CONTROL_BYPASSOPERATIONAL_OID into LDB_CONTROL_BYPASS_OPERATIONAL_OID
It's nicer to have this consistent with "BYPASS_PASSWORD_HASH".
2010-10-23 16:37:29 +02:00
Andrew Bartlett
dab426476f Revert "s4:dsdb - make the RELAX control private"
This must be available to the OpenLDAP backend, to set the GUID values
in some situations.  We need a proper ACL mechanism to control the use
or abuse of this control.

This reverts commit 10adee8936.
2010-10-18 00:16:17 +00:00
Matthias Dieter Wallnöfer
10adee8936 s4:dsdb - make the RELAX control private
This makes our LDAP much more secure and less error-prone.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Oct 16 19:43:36 UTC 2010 on sn-devel-104
2010-10-16 19:43:36 +00:00
Matthias Dieter Wallnöfer
02d9d8eeaf s4:libcli/ldap/ldap_controls.c - fix up the controls list
- add missing private controls and comments
- use control defines rather than hardcoded values -> easier to comprehend
- reorder controls
2010-10-16 20:48:01 +02:00
Nadezhda Ivanova
3d0e36bc87 s4-ldap: Added a control to apply the access checks on read via LDAP 2010-09-26 15:36:09 -07:00
Andrew Tridgell
191d632e23 s4-dsdb: added support for LDB_CONTROL_RODC_DCPROMO_OID
this control adds a unique msDS-SecondaryKrbTgtNumber attribute to a
user object.

There is some 'interesting' interaction with the rangeLower and
rangeUpper attributes and this add. We don't implementat
rangeLower/rangeUpper yet, but when we do we'll need an override for
this control (or be careful about module ordering).

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17 21:21:49 +10:00
Andrew Tridgell
dcd9fcc7b3 s4-ldap: use common functions for ldap flag controls encode/decode
many controls are simple present/not-present flags, and don't need
their own parsers

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-08-17 21:21:49 +10:00
Endi S. Dewata
5bee3efaca s4/libcli: Register LDB_CONTROL_REVEAL_INTERNALS and DSDB_CONTROL_PASSWORD_CHANGE_STATUS_OID controls.
Signed-off-by: Matthias Dieter Wallnöfer <mdw@samba.org>
2010-06-28 19:33:46 +02:00
Matthias Dieter Wallnöfer
ad5e19f29e ldb:controls - add the "TREE_DELETE" control for allowing subtree deletes 2010-06-20 18:52:29 +02:00
Matthias Dieter Wallnöfer
4cc49d365f s4:ldap_controls.c - remove encoding functions for private recalculate SD control 2010-06-20 18:52:26 +02:00
Matthieu Patou
315aeef0f9 s4: Remove an uselessly exposed control 2010-06-07 11:43:32 +02:00
Andrew Bartlett
c8a23147fe s4:libcli/ldap Rename ldap.h to libcli_ldap.h
It is a problem if a samba header is called ldap.h if we also want
to use OpenLDAP's ldap.h

Andrew Bartlett
2010-05-21 17:39:15 +10:00
Endi S. Dewata
07669b0704 s4-libcli: Added NULL handlers for DSDB_CONTROL_DN_STORAGE_FORMAT_OID and LDB_CONTROL_AS_SYSTEM_OID
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-03-02 14:06:52 +11:00
Matthieu Patou
db41a0afc6 s4: fix SD update and password change in upgrade script
- reserve a new Samba OID for recalculate SD control
- fix the update SD function
- fix handling of kvno in the update_machine_account_password function
- fix handling of handles in RPC winreg server

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-11-28 09:56:06 +11:00
Endi S. Dewata
3a8393c8aa s4:ldbcli - Added encoder/decoder for relax control. 2009-11-19 13:04:47 +11:00
Andrew Bartlett
68639bfd64 s4:libcli/ldap Add 'relax' OID to known network representations
This patch, inspired by a patche by Endi S. Dewata
<edewata@redhat.com>, allows this control to be passed to the LDAP
backend.

Andrew Bartlett
2009-11-12 22:23:22 +11:00
Matthias Dieter Wallnöfer
44df2488e3 s4: fix various warnings (not "const" related ones) 2009-10-02 15:33:48 +02:00
Stefan Metzmacher
c4274e3480 s4:libcli/ldap: add support for new Recycle Bin Feature LDAP Controls
LDAP_SERVER_SHOW_RECYCLED_OID         1.2.840.113556.1.4.2064
LDAP_SERVER_SHOW_DEACTIVATED_LINK_OID 1.2.840.113556.1.4.2065

metze
2009-07-23 18:04:31 +02:00
Andrew Tridgell
a5003de56b fixed the encoding/decoding of the reverse attribute for server side sort 2009-06-10 11:45:53 +10:00
Stefan Metzmacher
f6b0a99cef libcli/ldap: move generic ldap control encoding code to ldap_message.c
As they can we static there, we pass the specific handlers as parameter
where we need to support controls.

metze
2009-02-24 17:55:41 +01:00
Stefan Metzmacher
7b1c5c94f6 s4:libcli/ldap: don't use 'void **out' as arguments as the behavior is not defined in C.
metze
2009-02-24 17:55:41 +01:00
Andrew Bartlett
30ae74d399 s4:dsdb: add support for DSDB_OPENLDAP_DEREFERENCE_CONTROL
Encode and decode the OpenLDAP dereference control (draft-masarati-ldap-deref-00)

At this time, the ldb_controls infrustructure does not handle request
and reply controls having different formats, so this is purely the
client implementation (ie, there is no decode of the client->server
packet, and no encode of the server->client packet).

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-12-17 12:29:24 +11:00
Jelmer Vernooij
87ec1d2532 Make sure prototypes are always included, make some functions static and
remove some unused functions.
2008-10-20 18:59:51 +02:00
Jelmer Vernooij
9565999755 Fix include paths to new location of libutil. 2008-10-11 21:31:42 +02:00
Jelmer Vernooij
939edd0eb7 util: Move asn1 to lib/util to trim down the number of subsystems.
(This used to be commit 44e1cfd2d0)
2008-01-15 01:04:38 +01:00
Andrew Bartlett
364266e22a r26192: Handle, test and implement the style of extended_dn requiest that MMC uses.
It appears that the control value is optional, implying type 0 responses.

Failing to parse this was causing LDAP disconnects with 'unavailable
critical extension'.

Andrew Bartlett
(This used to be commit 833dfc2f2a)
2007-12-21 05:46:44 +01:00
Jelmer Vernooij
2151cde580 r25554: Convert last instances of BOOL, True and False to the standard types.
(This used to be commit 566aa14139)
2007-10-10 15:07:55 -05:00
Andrew Bartlett
210971d092 r24248: Attempt to fix bug #4830 by <mwallnoefer@yahoo.de>. If there is no
payload to the control, we still need to inialise *value, as otherwise
we read uninitialised data later.

Andrew Bartlett
(This used to be commit f6566480b7)
2007-10-10 15:01:30 -05:00
Andrew Tridgell
0479a2f1cb r23792: convert Samba4 to GPLv3
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac)
2007-10-10 14:59:12 -05:00
Andrew Tridgell
931f594cf1 r23036: error checking on asn1_init() failure
(This used to be commit 26cf849408)
2007-10-10 14:52:43 -05:00
Andrew Tridgell
7bb939b1cb r23030: finally fixed up our asn1 code to use better memory allocation. This
should allow us to fix some long standing memory leaks.
(This used to be commit 3db49c2ec9)
2007-10-10 14:52:42 -05:00