sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-25 06:04:04 +03:00
Code
samba-mirror/libcli
History
Stefan Metzmacher 54c6cf8666 libcli/smb: allow SMB2 Negotiate responses with security_offset = 0 and security_length = 0 
This fixes connections against the Azure SMB3 server.

It's not possible to demonstrate the bug with a test and a knownfail
entry, because it fails to even startup the test environments,
but the following change to our server demonstrates the problem
and shows the fix works:

    diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
    index da567951c0bf..25fdaea2df7b 100644
    --- a/source3/smbd/smb2_negprot.c
    +++ b/source3/smbd/smb2_negprot.c
    @@ -711,6 +711,8 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
                    }
            }

    +       security_buffer = data_blob_null;
    +
            if (out_negotiate_context_blob.length != 0) {
                    static const uint8_t zeros[8];
                    size_t pad = 0;
    @@ -759,6 +761,8 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
                    return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
            }

    +       security_offset = 0;
    +
            SSVAL(outbody.data, 0x00, 0x40 + 1);    /* struct size */
            SSVAL(outbody.data, 0x02,
                  security_mode);                   /* security mode */

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15050

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon May  2 20:13:10 UTC 2022 on sn-devel-184
2022-05-02 20:13:10 +00:00
..
auth
libcli/auth: let NTLMv2_RESPONSE_verify_netlogon_creds ignore invalid netapp requests
2022-01-04 20:07:28 +00:00
cldap
CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode
2020-05-04 02:59:32 +00:00
dns
libcli/dns: Fix TCP fallback
2022-01-20 18:01:41 +00:00
drsuapi
tests: Fix "-Werror=maybe-uninitialized" errors only seen with -O3 and --enable-coverage
2021-04-28 03:43:34 +00:00
echo
s4: torture: Change torture_register_suite() to add a TALLOC_CTX *.
2017-05-05 15:52:11 +02:00
http
http_conn.c: fix "void function cannot return value" error
2020-11-10 06:53:42 +00:00
ldap
libcli: Use GUID_to_ndr_buf() in ldap_encode_ndr_GUID()
2020-10-02 21:30:33 +00:00
lsarpc
libcli/lsarpc: add struct trustAuthInOutBlob; forward declaration
2014-04-02 09:03:42 +02:00
named_pipe_auth
lib: Remove unused tstream_npa_socketpair()
2022-01-18 20:22:38 +00:00
nbt
nmblookup: don't ignore unknown options
2021-09-10 15:10:30 +00:00
netlogon
CVE-2020-25717: Add FreeIPA domain controller role
2021-11-09 19:45:33 +00:00
registry
build: Make util_reg subsystem in libcli/registry a library
2011-05-18 16:12:08 +02:00
samsync
smbdes: convert sam_rid_crypt() to use gnutls
2019-12-10 00:30:30 +00:00
security
sddl: Remove SDDL SID strings unsupported by Windows
2022-03-17 23:11:37 +00:00
smb
libcli/smb: allow SMB2 Negotiate responses with security_offset = 0 and security_length = 0
2022-05-02 20:13:10 +00:00
smbreadline
libcli:smbreadline: Use #ifdef instead of #if for config.h definitions
2018-11-28 23:19:22 +01:00
util
libcli: Remove NT_STATUS_INACCESSIBLE_SYSTEM_SHORTCUT error code
2021-11-11 19:08:37 +00:00