Changeset 920 for trunk/server/source3/rpc_server/netlogon

Timestamp:

Jun 9, 2016, 2:23:12 PM (9 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: apply latest security patches to trunk

Location:

trunk/server

Files:

• . (modified) (1 prop)
• source3/rpc_server/netlogon/srv_netlog_nt.c (modified) (35 diffs)

trunk/server/source3/rpc_server/netlogon/srv_netlog_nt.c

@@ -1509 +1509 @@
         {
                 const char *wksname = nt_workstation;
+                const char *workgroup = lp_workgroup();
 
                 status = make_auth_context_fixed(talloc_tos(), &auth_context,
@@ -1533 +1534 @@
                         status = NT_STATUS_NO_MEMORY;
                 }
+
+                if (NT_STATUS_IS_OK(status)) {
+                        status = NTLMv2_RESPONSE_verify_netlogon_creds(
+                                                user_info->client.account_name,
+                                                user_info->client.domain_name,
+                                                user_info->password.response.nt,
+                                                creds, workgroup);
+                }
                 break;
         }
@@ -1637 +1646 @@
                 break;
         case 6:
+                /* Only allow this if the pipe is protected. */
+                if (p->auth.auth_level < DCERPC_AUTH_LEVEL_PRIVACY) {
+                        DEBUG(0,("netr_Validation6: client %s not using privacy for netlogon\n",
+                                get_remote_machine_name()));
+                        status = NT_STATUS_INVALID_PARAMETER;
+                        break;
+                }
+
                 status = serverinfo_to_SamInfo6(server_info, pipe_session_key, 16,
                                                 r->out.validation->sam6);
@@ -1788 +1805 @@
                            struct netr_LogonUasLogon *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -1798 +1815 @@
                             struct netr_LogonUasLogoff *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -1808 +1825 @@
                               struct netr_DatabaseDeltas *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1818 +1835 @@
                             struct netr_DatabaseSync *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1828 +1845 @@
                              struct netr_AccountDeltas *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1838 +1855 @@
                            struct netr_AccountSync *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1979 +1996 @@
                              struct netr_DatabaseSync2 *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1989 +2006 @@
                             struct netr_DatabaseRedo *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1999 +2016 @@
                           struct netr_DsRGetDCName *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2018 +2035 @@
                                      struct netr_NETRLOGONSETSERVICEBITS *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2028 +2045 @@
                               struct netr_LogonGetTrustRid *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2038 +2055 @@
                                           struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2048 +2065 @@
                                           struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2058 +2075 @@
                             struct netr_DsRGetDCNameEx *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2068 +2085 @@
                             struct netr_DsRGetSiteName *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2078 +2095 @@
                                   struct netr_LogonGetDomainInfo *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -2088 +2105 @@
                                struct netr_ServerPasswordGet *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2098 +2115 @@
                                 struct netr_NETRLOGONSENDTOSAM *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2108 +2125 @@
                                     struct netr_DsRAddressToSitenamesW *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2118 +2135 @@
                              struct netr_DsRGetDCNameEx2 *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2128 +2145 @@
                                                  struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2138 +2155 @@
                                            struct netr_NetrEnumerateTrustedDomainsEx *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2148 +2165 @@
                                       struct netr_DsRAddressToSitenamesExW *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2158 +2175 @@
                                    struct netr_DsrGetDcSiteCoverageW *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2168 +2185 @@
                                       struct netr_DsrEnumerateDomainTrusts *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2178 +2195 @@
                                          struct netr_DsrDeregisterDNSHostRecords *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2188 +2205 @@
                                        struct netr_ServerTrustPasswordsGet *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -2198 +2215 @@
                                           struct netr_DsRGetForestTrustInformation *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return WERR_NOT_SUPPORTED;
 }
@@ -2272 +2289 @@
         /* TODO: check server name */
 
-        status = schannel_check_creds_state(p->mem_ctx, lp_private_dir(),
-                                            r->in.computer_name,
-                                            r->in.credential,
-                                            r->out.return_authenticator,
-                                            &creds);
+        become_root();
+        status = netr_creds_server_step_check(p, p->mem_ctx,
+                                              r->in.computer_name,
+                                              r->in.credential,
+                                              r->out.return_authenticator,
+                                              &creds);
+        unbecome_root();
         if (!NT_STATUS_IS_OK(status)) {
                 return status;
@@ -2372 +2391 @@
         /* TODO: check server name */
 
-        status = schannel_check_creds_state(p->mem_ctx, lp_private_dir(),
-                                            r->in.computer_name,
-                                            r->in.credential,
-                                            r->out.return_authenticator,
-                                            &creds);
+        become_root();
+        status = netr_creds_server_step_check(p, p->mem_ctx,
+                                              r->in.computer_name,
+                                              r->in.credential,
+                                              r->out.return_authenticator,
+                                              &creds);
+        unbecome_root();
         if (!NT_STATUS_IS_OK(status)) {
                 return status;
@@ -2477 +2498 @@
                         struct netr_Unused47 *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -2487 +2508 @@
                                                  struct netr_DsrUpdateReadOnlyServerDnsRecords *r)
 {
-        p->rng_fault_state = true;
+        p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
         return NT_STATUS_NOT_IMPLEMENTED;
 }