1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
samba-mirror/source4
Stefan Metzmacher d5f1097b62 s4:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid netr_LogonGetCapabilities levels
This is important as Windows clients with KB5028166 seem to
call netr_LogonGetCapabilities with query_level=2 after
a call with query_level=1.

An unpatched Windows Server returns DCERPC_NCA_S_FAULT_INVALID_TAG
for query_level values other than 1.
While Samba tries to return NT_STATUS_NOT_SUPPORTED, but
later fails to marshall the response, which results
in DCERPC_FAULT_BAD_STUB_DATA instead.

Because we don't have any documentation for level 2 yet,
we just try to behave like an unpatched server and
generate DCERPC_NCA_S_FAULT_INVALID_TAG instead of
DCERPC_FAULT_BAD_STUB_DATA.
Which allows patched Windows clients to keep working
against a Samba DC.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15418

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-07-17 06:37:31 +00:00
..
auth s4:auth: Log authentication policies for NTLM authentication 2023-06-25 23:29:32 +00:00
cldap_server cldap_server: Align integer types 2022-12-12 21:16:33 +00:00
client s4:client: Fix shellcheck errors in test_smbclient.sh 2022-08-22 14:20:36 +00:00
cluster
dns_server dns_update.c: use DBG* macros instead of static log level numbers 2023-06-16 20:28:29 +00:00
dsdb garbage_collect_tombstone.c: use DBG* macros instead of static numeric log levels 2023-07-02 16:50:36 +00:00
echo_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
include lib: Remove smb_threads from includes.h 2022-04-26 21:41:29 +00:00
kdc s4:kdc: don't log an error if msDS-AllowedToActOnBehalfOfOtherIdentity is missing 2023-06-27 06:39:08 +00:00
ldap_server auth: Add functionality to log client and server policy information 2023-06-25 23:29:32 +00:00
lib lib: Add a few required #includes 2023-06-16 16:14:30 +00:00
libcli s3-librpc: add ads.idl and convert ads_struct to talloc. 2022-12-16 20:38:32 +00:00
libnet crypto: Rely on GnuTLS 3.6.13 and gnutls_pbkdf2() 2023-06-30 14:00:38 +00:00
librpc netlogon:schannel: Fix NULL pointer dereference 2023-05-18 01:03:37 +00:00
nbt_server librpc/nbt: Avoid reading invalid member of union 2023-07-07 01:14:06 +00:00
ntp_signd s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
ntvfs s4:ntvfs:posix: avoid parsing empty blob in posix_eadb_add_list() 2023-05-09 01:59:32 +00:00
param python: whitespace fixes 2022-10-03 20:03:32 +00:00
rpc_server s4:rpc_server:netlogon: generate FAULT_INVALID_TAG for invalid netr_LogonGetCapabilities levels 2023-07-17 06:37:31 +00:00
samba s4-server: Call dsdb_check_and_update_fl() during startup transaction. 2023-06-14 22:57:34 +00:00
script s4:script: Fix shellcheck errors in find_unused_options.sh 2022-08-22 14:20:36 +00:00
scripting s4/scripting/bin: Add NT_STATUS_OK to list of definitions 2023-06-14 22:57:35 +00:00
selftest python: Fix code spelling 2023-07-13 05:41:36 +00:00
setup CVE-2023-0614 ldb: Prevent disclosure of confidential attributes 2023-04-05 02:10:35 +00:00
smb_server auth: Add functionality to log client and server policy information 2023-06-25 23:29:32 +00:00
torture s4:torture/rpc: let rpc.schannel also check netr_LogonGetCapabilities with different levels 2023-07-17 06:37:31 +00:00
utils s4:utils: Fix shellcheck errors in test_samba_tool.sh 2022-08-22 20:35:36 +00:00
winbind CVE-2022-32746 ldb: Make use of functions for appending to an ldb_message 2022-07-27 10:52:36 +00:00
wrepl_server s4: rename source4/smbd/ to source4/samba/ 2020-11-27 10:07:18 +00:00
.clang_complete
.valgrind_suppressions
wscript_build s4:client: Migrate cifsdd to new cmdline option parser 2021-06-16 00:34:38 +00:00