[SCM] Samba Shared Repository - branch master updated - c5265ea3bf493035385fdc9a2bc59a9b0a0bb8f3

Andrew Bartlett abartlet at samba.org
Tue Sep 23 07:02:51 GMT 2008


The branch, master has been updated
       via  c5265ea3bf493035385fdc9a2bc59a9b0a0bb8f3 (commit)
       via  c39d1b829b02d275ea1052afec58ab40f22267a3 (commit)
       via  aaa45c832596d8f1b75f09f1de8fbee7483f6977 (commit)
       via  3b5060fdbaee5ffdfcb304179772d5e89dc8cff0 (commit)
       via  7831169af5a909b614c8e34ef505f3565b4e2a0a (commit)
      from  6660ac5d0ab882e1fd70a72af96b1b1e815b4b14 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit c5265ea3bf493035385fdc9a2bc59a9b0a0bb8f3
Merge: c39d1b829b02d275ea1052afec58ab40f22267a3 6660ac5d0ab882e1fd70a72af96b1b1e815b4b14
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Sep 22 21:48:49 2008 -0700

    Merge branch 'master' of ssh://git.samba.org/data/git/samba into abartlet-devel

commit c39d1b829b02d275ea1052afec58ab40f22267a3
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Sep 22 17:50:43 2008 -0700

    Remove unused parameter from decode_pw_buffer and fail on invalid
    UTF-16 input
    
    The input checking is important, as otherwise we could set the wrong
    password.
    
    Andrew Bartlett

commit aaa45c832596d8f1b75f09f1de8fbee7483f6977
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Sep 22 17:24:57 2008 -0700

    Remove unused variable

commit 3b5060fdbaee5ffdfcb304179772d5e89dc8cff0
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Sep 22 16:32:04 2008 -0700

    Explain why we use signing for DCs, but not file servers

commit 7831169af5a909b614c8e34ef505f3565b4e2a0a
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Sep 22 15:37:16 2008 -0700

    Test re-setting the challenge after an auth3 in RPC-NETLOGON

-----------------------------------------------------------------------

Summary of changes:
 source4/libcli/auth/smbencrypt.c              |   14 +++++++++-----
 source4/rpc_server/netlogon/dcerpc_netlogon.c |    3 +--
 source4/rpc_server/samr/samr_password.c       |   10 ++++------
 source4/smb_server/smb/signing.c              |    9 +++++++++
 source4/torture/rpc/netlogon.c                |    4 ++++
 source4/torture/rpc/remote_pac.c              |    2 --
 6 files changed, 27 insertions(+), 15 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/libcli/auth/smbencrypt.c b/source4/libcli/auth/smbencrypt.c
index 7de9627..b50f003 100644
--- a/source4/libcli/auth/smbencrypt.c
+++ b/source4/libcli/auth/smbencrypt.c
@@ -497,10 +497,10 @@ bool encode_pw_buffer(uint8_t buffer[516], const char *password, int string_flag
  returned password including termination.
 ************************************************************/
 bool decode_pw_buffer(uint8_t in_buffer[516], char *new_pwrd,
-		      int new_pwrd_size, uint32_t *new_pw_len,
-		      int string_flags)
+		      int new_pwrd_size, int string_flags)
 {
 	int byte_len=0;
+	ssize_t converted_pw_len;
 
 	/* the incoming buffer can be any alignment. */
 	string_flags |= STR_NOALIGN;
@@ -526,13 +526,17 @@ bool decode_pw_buffer(uint8_t in_buffer[516], char *new_pwrd,
 	}
 
 	/* decode into the return buffer.  Buffer length supplied */
- 	*new_pw_len = pull_string(lp_iconv_convenience(global_loadparm), new_pwrd, &in_buffer[512 - byte_len], new_pwrd_size, 
+ 	converted_pw_len = pull_string(lp_iconv_convenience(global_loadparm), new_pwrd, &in_buffer[512 - byte_len], new_pwrd_size, 
 				  byte_len, string_flags);
 
+	if (converted_pw_len == -1) {
+		return false;
+	}
+
 #ifdef DEBUG_PASSWORD
 	DEBUG(100,("decode_pw_buffer: new_pwrd: "));
-	dump_data(100, (const uint8_t *)new_pwrd, *new_pw_len);
-	DEBUG(100,("multibyte len:%d\n", *new_pw_len));
+	dump_data(100, (const uint8_t *)new_pwrd, converted_pw_len);
+	DEBUG(100,("multibyte len:%d\n", converted_pw_len));
 	DEBUG(100,("original char len:%d\n", byte_len/2));
 #endif
 	
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 6f4287f..cceb2a6 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -337,7 +337,6 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_cal
 	struct ldb_context *sam_ctx;
 	NTSTATUS nt_status;
 	char new_pass[512];
-	uint32_t new_pass_len;
 	bool ret;
 
 	struct samr_CryptPassword password_buf;
@@ -358,7 +357,7 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_cal
 	creds_arcfour_crypt(creds, password_buf.data, 516);
 
 	ret = decode_pw_buffer(password_buf.data, new_pass, sizeof(new_pass),
-			       &new_pass_len, STR_UNICODE);
+			       STR_UNICODE);
 	if (!ret) {
 		DEBUG(3,("netr_ServerPasswordSet2: failed to decode password buffer\n"));
 		return NT_STATUS_ACCESS_DENIED;
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index b78a9ce..5b8e925 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -243,7 +243,7 @@ NTSTATUS dcesrv_samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call,
 	data_blob_free(&lm_pwd_blob);
 	
 	if (!decode_pw_buffer(pwbuf->data, new_pass, sizeof(new_pass),
-			      &new_pass_len, STR_ASCII)) {
+			      STR_ASCII)) {
 		ldb_transaction_cancel(sam_ctx);
 		DEBUG(3,("samr: failed to decode password buffer\n"));
 		return NT_STATUS_WRONG_PASSWORD;
@@ -321,7 +321,6 @@ NTSTATUS dcesrv_samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call,
 {	
 	NTSTATUS status;
 	char new_pass[512];
-	uint32_t new_pass_len;
 	struct ldb_context *sam_ctx = NULL;
 	struct ldb_dn *user_dn;
 	int ret;
@@ -386,7 +385,7 @@ NTSTATUS dcesrv_samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call,
 	data_blob_free(&nt_pwd_blob);
 
 	if (!decode_pw_buffer(r->in.nt_password->data, new_pass, sizeof(new_pass),
-			      &new_pass_len, STR_UNICODE)) {
+			      STR_UNICODE)) {
 		DEBUG(3,("samr: failed to decode password buffer\n"));
 		status = NT_STATUS_WRONG_PASSWORD;
 		goto failed;
@@ -519,7 +518,6 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call,
 {
 	NTSTATUS nt_status;
 	char new_pass[512];
-	uint32_t new_pass_len;
 	DATA_BLOB session_key = data_blob(NULL, 0);
 
 	nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key);
@@ -530,7 +528,7 @@ NTSTATUS samr_set_password(struct dcesrv_call_state *dce_call,
 	arcfour_crypt_blob(pwbuf->data, 516, &session_key);
 
 	if (!decode_pw_buffer(pwbuf->data, new_pass, sizeof(new_pass),
-			      &new_pass_len, STR_UNICODE)) {
+			      STR_UNICODE)) {
 		DEBUG(3,("samr: failed to decode password buffer\n"));
 		return NT_STATUS_WRONG_PASSWORD;
 	}
@@ -583,7 +581,7 @@ NTSTATUS samr_set_password_ex(struct dcesrv_call_state *dce_call,
 	arcfour_crypt_blob(pwbuf->data, 516, &co_session_key);
 
 	if (!decode_pw_buffer(pwbuf->data, new_pass, sizeof(new_pass),
-			      &new_pass_len, STR_UNICODE)) {
+			      STR_UNICODE)) {
 		DEBUG(3,("samr: failed to decode password buffer\n"));
 		return NT_STATUS_WRONG_PASSWORD;
 	}
diff --git a/source4/smb_server/smb/signing.c b/source4/smb_server/smb/signing.c
index ee4531c..21dc99b 100644
--- a/source4/smb_server/smb/signing.c
+++ b/source4/smb_server/smb/signing.c
@@ -118,10 +118,19 @@ bool smbsrv_init_signing(struct smbsrv_connection *smb_conn)
 		smb_conn->signing.mandatory_signing = true;
 		break;
 	case SMB_SIGNING_AUTO:
+		/* If we are a domain controller, SMB signing is
+		 * really important, as it can prevent a number of
+		 * attacks on communications between us and the
+		 * clients */
+
 		if (lp_server_role(smb_conn->lp_ctx) == ROLE_DOMAIN_CONTROLLER) {
 			smb_conn->signing.allow_smb_signing = true;
 			smb_conn->signing.mandatory_signing = true;
 		} else {
+			/* However, it really sucks (no sendfile, CPU
+			 * overhead) performance-wise when used on a
+			 * file server, so disable it by default (auto
+			 * is the default) on non-DCs */
 			smb_conn->signing.allow_smb_signing = false;
 		}
 		break;
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 5ec2c29..2522062 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -250,6 +250,10 @@ static bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context
 	torture_assert(tctx, creds_client_check(creds, &credentials3), "Credential chaining failed");
 
 	torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags);
+	
+	/* Prove that requesting a challenge again won't break it */
+	status = dcerpc_netr_ServerReqChallenge(p, tctx, &r);
+	torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge");
 
 	*creds_out = creds;
 	return true;
diff --git a/source4/torture/rpc/remote_pac.c b/source4/torture/rpc/remote_pac.c
index b32881c..25368d2 100644
--- a/source4/torture/rpc/remote_pac.c
+++ b/source4/torture/rpc/remote_pac.c
@@ -68,8 +68,6 @@ static bool test_PACVerify(struct torture_context *tctx,
 
 	TALLOC_CTX *tmp_ctx = talloc_new(tctx);
 	
-	int i;
-
 	torture_assert(tctx, tmp_ctx != NULL, "talloc_new() failed");
 
 	if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, 


-- 
Samba Shared Repository


More information about the samba-cvs mailing list