1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

97 Commits

Author SHA1 Message Date
Andreas Schneider
c6a21e1897 s3:rpc_server: Allow to use RC4 for setting passwords
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2020-10-29 14:19:36 +00:00
Andreas Schneider
c57276cae6 s3:samr: Add missing NULL pointer check
Found by Coverity.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
2020-06-16 09:08:34 +00:00
Samuel Cabrero
6edcf6801d s3: rpc_server: Avoid casts calling to find_policy_by_hnd()
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:37 +00:00
Samuel Cabrero
be024932ef s3: rpc_server: Remove SAMR specific policy_handle_find() function
The generic function already checks the handle type.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:36 +00:00
Samuel Cabrero
7273b4bcc7 s3: rpc_server: Move SAMR handle based access check to a wrapper function
Now that the type associated to the handle is the same for all handle
types we can wrap the access check.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:36 +00:00
Samuel Cabrero
2bde40762a s3: rpc_server: Remove SAMR specific policy_handle_create() function
Now that we pass the handle type to the generic handle creation and find
functions we can drop the specific SAMR ones.

The policy_handle_create() function labeled the talloc chunk used to
allocate the handle's associated data, and the policy_handle_find() is
checking the name matches with the expected data. The check is performed
now by the generic functions based on the handle type so we can drop
these SAMR specific functions.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:36 +00:00
Samuel Cabrero
da9749acb3 s3: rpc_server: pass DCE/RPC handle type to find_policy_handle
Following changes in commit c7a4578d06
pass the handle type to the handle search functions. The handle type will
be verified unless passing DCESRV_HANDLE_ANY to find functions.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:36 +00:00
Samuel Cabrero
711ca4fab5 s3: rpc_server: Strip out access check field from s3 handles implementation
The handle based security model is a SAMR specific feature. The access
granted is stored in the handle's associated data after creating it and
the access is verified after searching the handle.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:36 +00:00
Alexander Bokovoy
c7a4578d06 s3: pass DCE RPC handle type to create_policy_hnd
Various RPC services expect policy handles of a specific type.

s3 RPC server did not allow to create policy handles with a specific
type while actually requiring that policy handle type itself in some
places.

Make sure we are able to specify the policy on-wire handle type when
creating the policy handle. The changes follow s4 DCE RPC server
implementation.

The original logic to always set on-wire handle type to 0 can be tracked
down to commit fdeea341ed when we didn't
really know about differences in on-wire handle types.

All but LSA trusted domain RPC calls do not check the on-wire handle
type in s3 RPC server.

Fixes trusted domain operations when Samba RPC client attempts to call
s3 RPC server to perform lsa_lsaRSetForestTrustInformation in FreeIPA.
This fix is a pre-requisite for FreeIPA-FreeIPA forest trust.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 28 22:55:29 UTC 2020 on sn-devel-184
2020-04-28 22:55:29 +00:00
Samuel Cabrero
4c09839ec9 s3:rpc_server: Do not include s3 autogenerated headers
Prototype is generated by the server compat parser.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:36 +00:00
Samuel Cabrero
dc1d34d388 s3:rpc_server: Include generated boilerplate code
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:31 +00:00
Isaac Boukris
a75ca8d5d5 session: convert sess_crypt_blob to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Isaac Boukris
dce944e8a1 smbdes: convert E_old_pw_hash to use gnutls
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:31 +00:00
Ralph Boehme
7dc7b9e554 smbdotconf: mark "server string" with substitution="1"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-11-27 10:25:36 +00:00
Ralph Boehme
1743ff48ba smbdotconf: mark "passwd program" with substitution="1"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-11-27 10:25:35 +00:00
Ralph Boehme
4551dd2784 smbdotconf: mark "passwd chat" with substitution="1"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-11-27 10:25:35 +00:00
Ralph Boehme
12e97ee3e8 smbdotconf: mark "check password script" with substitution="1"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-11-27 10:25:34 +00:00
Andreas Schneider
a377214dce s3:rpc_server: Replace E_md5hash() with GnuTLS calls
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-11-19 04:48:29 +00:00
Andreas Schneider
1f923e067d s3:rpc_server: Only dump passwords in developer builds
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Jul 26 03:05:01 UTC 2019 on sn-devel-184
2019-07-26 03:05:01 +00:00
Andreas Schneider
cd0b5e5d93 s3:rpc_server: Use GnuTLS RC4 to decrypt samr password buffers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:24 +00:00
Andreas Schneider
d31f6a6803 s3:rpc_server: Use GnuTLS RC4 in samr password check
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:24 +00:00
Andreas Schneider
79ca72ec3d libcli:auth: Pass samr_CryptPasswordEx to decode_rc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:23 +00:00
Andreas Schneider
89f8b028e2 libcli:auth: Rename encode_or_decode_arc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:23 +00:00
Andreas Schneider
57dd415ba4 libcli:auth: Return NTSTATUS for encode_or_decode_arc4_passwd_buffer()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-26 01:48:22 +00:00
Stefan Metzmacher
cef1d2ab8c s3:srv_samr_chgpasswd: export SAMBA_CPS_{ACCOUNT,USER_PRINCIPAL,FULL}_NAME for check password script
This is keep compatibility with the AD DC usage.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-11 07:43:32 +01:00
Volker Lendecke
fc51f82407 samr: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-12-20 23:40:26 +01:00
Christof Schmitt
ae7db3e543 s3: Rename server_event_context() to global_event_context()
This reflects that the event context is also used outside of the server
processes.

The command used for the rename:
find . -name '*.[hc]' -print0 | xargs -0 sed -i 's/server_event_context/global_event_context/'

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2018-09-07 17:26:17 +02:00
Andrew Bartlett
fca8536a82 samr: Disable NTLM-based password changes on the server if NTLM is disabled
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-07-04 06:57:21 +02:00
Volker Lendecke
80bb18d896 samr3: Use "all_zero" where appropriate
... Saves a few bytes of footprint

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2017-01-03 16:04:28 +01:00
Stefan Metzmacher
86dbdce378 s3:rpc_server/samr: simplify the logic in get_user_info_18()
We only allow SetUserInformation(level=18) via NCALRPC.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 12 14:02:27 CEST 2016 on sn-devel-144
2016-05-12 14:02:27 +02:00
Volker Lendecke
93b982faad lib: Give base64.c its own .h
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-05-04 01:28:23 +02:00
Volker Lendecke
cf5a81013d lib: Make callers of base64_encode_data_blob check for success
Quite a few callers already did check for !=NULL. With the current code this is
pointless due to a SMB_ASSERT in base64_encode_data_blob() itself. Make the
callers consistently check, so that we can remove SMB_ASSERT from base64.c.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-05-04 01:28:23 +02:00
Stefan Metzmacher
14e5f9a25e CVE-2016-2118: s3:rpc_server/samr: allow _samr_ValidatePassword only with PRIVACY...
This requires transport encryption.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2016-04-12 19:25:28 +02:00
Stefan Metzmacher
0906d61bb2 s3:rpc_server/samr: correctly handle session_extract_session_key() failures
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-03-22 15:50:15 +01:00
Volker Lendecke
8338fe6ac8 lib: Remove sys_waitpid
We have waitpid in libreplace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2016-02-23 22:03:16 +01:00
Volker Lendecke
258ce91f31 lib: Move sys_rw* to lib/util
genrand.c will require it soon

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-10-13 01:23:07 +02:00
Richard Sharpe
0dde2106bb Covert all uint32/16/8 to _t in source3/rpc_server.
This can be committed regardless of the state of the PIDL changes.

Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-05-15 19:31:24 +02:00
Andrew Bartlett
c8c2c850d4 Update mailing list references to point at lists.samba.org
The mailing lists are on lists.samba.org, but there are many references that use the shorthand of samba.org

Some references to samba@ have been changed to samba-technical@ where this make more sense.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Feb 10 07:08:28 CET 2015 on sn-devel-104
2015-02-10 07:08:28 +01:00
Volker Lendecke
97b2570a5e lib: Split out sys_[read|write] & friends
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-07 00:12:07 +01:00
Jeremy Allison
93e81d423d s3: lib: Signal handling - ensure smbrun and change password code save and restore existing SIGCHLD handlers.
Bug #10831 - SIGCLD Signal handler not correctly reinstalled on old library code use - smbrun etc.

https://bugzilla.samba.org/show_bug.cgi?id=10831

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2014-09-30 20:40:16 +02:00
Andreas Schneider
6118c2ec2c s3: Use root_mode() to get uid_wrapper working correctly.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-17 14:56:06 +02:00
Andrew Bartlett
44a624d6ce s3-samr: Refuse to set lockout_duration < lockout_window per rpc.samr.passwords.lockout
This was not noticed previously because the test was not run.

Andrew Bartlett

Change-Id: I88701b6c3057ec26f44b3ccab4134ac9aabe552a
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-02 17:12:45 +02:00
Andrew Bartlett
9f53b61f06 CVE-2013-4496:samr: Remove ChangePasswordUser
This old password change mechanism does not provide the plaintext to
validate against password complexity, and it is not used by modern
clients.  It also has quite difficult semantics to handle regarding
password lockout.

The missing features in both implementations (by design) were:

 - the password complexity checks (no plaintext)
 - the minimum password length (no plaintext)

Additionally, the source3 version did not check:

 - the minimum password age
 - pdb_get_pass_can_change() which checks the security
   descriptor for the 'user cannot change password' setting.
 - the password history
 - the output of the 'passwd program' if 'unix passwd sync = yes'.

Finally, the mechanism was almost useless, as it was incorrectly
only made available to administrative users with permission
to reset the password.  It is removed here so that it is not
mistakenly reinstated in the future.

Andrew Bartlett

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Change-Id: If2edd3183c177e5ff37c9511b0d0ad0dd9038c66
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://gerrit.samba.org/37
2014-03-13 10:26:03 +01:00
Andrew Bartlett
824add8aaf CVE-2013-4496:s3-samr: Block attempts to crack passwords via repeated password changes
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Change-Id: Ic31774275f07e003e7c2682a856ccb2d5a7939de
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-on: https://gerrit.samba.org/162
2014-03-13 10:21:16 +01:00
Garming Sam
2ca2ab3550 param: rename lp function and variable from "serverstring" to "server_string"
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-02-07 16:19:11 -08:00
Stefan Metzmacher
98660d54a8 s3:rpc_server: s/event_add_timed/tevent_add_timer
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-19 23:48:02 +01:00
Stefan Metzmacher
7f41a62e75 s3:rpc_server: s/struct timed_event/struct tevent_timer
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-19 23:47:57 +01:00
Stefan Metzmacher
cf1f993c05 s3:rpc_server: s/struct event_context/struct tevent_context
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-19 23:47:52 +01:00
Volker Lendecke
d87ad906df samr: Make use of posix_openpt
Reviewed by: Jeremy Allison <jra@samba.org>
2013-01-14 09:01:37 -08:00
Volker Lendecke
bef944166a samr: Split up an assignment from an if condition
Reviewed by: Jeremy Allison <jra@samba.org>
2013-01-14 09:01:26 -08:00