sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code
2d0766a48b
samba-mirror/source4/rpc_server
History
Tim Beale 2d0766a48b s4-drsuapi: Set getnc_state *after* we've checked request is valid 
We were creating the getnc_state (and storing it on the connection)
before we had done some basic checks that the request was valid. If the
request was not valid and we returned early with an error, then the
partially-initialized getnc_state was left hanging on the connection.
The next request that got sent on the connection would try to use this,
rather than creating a new getnc_state from scratch.

The main side-effect of this was if you sent an invalid GetNCChanges
request twice, then it could be rejected the first time and accepted the
second time.

Note that although an invalid request was accepted, it would typically
not return any objects, so it would not actually leak any secure
information.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-08-29 07:23:28 +02:00
..
backupkey s4:rpc_server:backupkey: Move variable into scope 2017-08-11 18:21:22 +02:00
browser werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source4/rpc_server/ 2016-09-28 00:04:35 +02:00
common rpc_server: Move SID helpers into common 2017-05-30 08:06:07 +02:00
dnsserver dnsserver: Stop dns_name_equal doing OOB read 2017-06-01 19:34:38 +02:00
drsuapi s4-drsuapi: Set getnc_state *after* we've checked request is valid 2017-08-29 07:23:28 +02:00
echo CVE-2016-2118: s4:rpc_server/rpcecho: allow DCERPC_AUTH_LEVEL_CONNECT by default 2016-04-12 19:25:27 +02:00
epmapper CVE-2016-2118: s4:rpc_server/epmapper: allow DCERPC_AUTH_LEVEL_CONNECT by default 2016-04-12 19:25:27 +02:00
eventlog s4-eventlog: fixed dcerpc handle return 2010-11-16 07:16:04 +00:00
lsa s4:dsdb/samdb: pass an existing 'struct ldb_context' to crack_name_to_nt4_name() 2017-06-26 08:47:15 +02:00
netlogon s4:rpc_server/netlogon: make use of auth_check_password_send/recv() 2017-08-07 15:20:03 +02:00
remote s4: modules. Fix missing TALLOC_CTX in module init function. 2017-07-26 21:35:21 +02:00
samr samr: Disable NTLM-based password changes on the server if NTLM is disabled 2017-07-04 06:57:21 +02:00
srvsvc werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source4/rpc_server/ 2016-09-28 00:04:35 +02:00
unixinfo wbclient: "ev" is no longer used in wbc_xids_to_sids 2016-09-28 00:04:36 +02:00
winreg werror: replace WERR_INVALID_PARAM with WERR_INVALID_PARAMETER in source4/rpc_server/ 2016-09-28 00:04:23 +02:00
wkssvc werror: replace WERR_UNKNOWN_LEVEL with WERR_INVALID_LEVEL in source4/rpc_server/ 2016-09-28 00:04:35 +02:00
dcerpc_server.c s4-rpc_server: Improve debug of new endpoints 2017-07-28 04:12:08 +02:00
dcerpc_server.h s4:rpc_server: add wait_send/recv infrastructure 2017-05-21 21:05:12 +02:00
dcerpc_server.pc.in dcerpc_server: Add 'modulesdir' variable to pkg-config file. 2012-02-23 16:26:25 +01:00
dcesrv_auth.c s4:rpc_server: remove unused dcesrv_auth_{bind_ack,auth3,alter_ack}() 2017-05-21 21:05:13 +02:00
dcesrv_mgmt.c s4-rpc_server: Allow each interface to declare if it uses handles 2016-12-20 01:11:23 +01:00
handles.c s4-rpc_server: Allow each interface to declare if it uses handles 2016-12-20 01:11:23 +01:00
service_rpc.c s4-rpc_server: Improve debug of new endpoints 2017-07-28 04:12:08 +02:00
wscript_build s4-netlogon: Provide logs for machine account success and failures 2017-06-27 16:57:42 +02:00