[SCM] Samba Shared Repository - branch v4-15-test updated
Jule Anger
janger at samba.org
Sun Feb 13 10:13:01 UTC 2022
The branch, v4-15-test has been updated
via 62d33564f73 libcli/smb: let smb2_signing_decrypt_pdu() cope with gnutls_aead_cipher_decrypt() ptext_len bug
via 8cf62b3f86f libcli/smb: fix error checking in smb2_signing_decrypt_pdu() invalid ptext_len
via d623b454aa8 selftest/quick: add smb2.session
from ca94bad07bc s3/libads: ensure a sockaddr variable is correctly zero initialized
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-15-test
- Log -----------------------------------------------------------------
commit 62d33564f7328c0a6d9e8aa21fc5e13a014cad3c
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jan 31 20:33:43 2022 +0100
libcli/smb: let smb2_signing_decrypt_pdu() cope with gnutls_aead_cipher_decrypt() ptext_len bug
The initial implementation of gnutls_aead_cipher_decrypt() had a bug and
used:
*ptext_len = ctext_len;
instead of:
*ptext_len = ctext_len - tag_size;
This got fixed with gnutls 3.5.2.
As we only require gnutls 3.4.7 we need to cope with this...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14968
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Feb 2 18:29:08 UTC 2022 on sn-devel-184
(cherry picked from commit 735f3d7dde3daf5d0af2e8a1de60422b88663992)
Autobuild-User(v4-15-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-15-test): Sun Feb 13 10:12:22 UTC 2022 on sn-devel-184
commit 8cf62b3f86f1899e180964b736f3abbe5e5aafd5
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jan 31 20:33:43 2022 +0100
libcli/smb: fix error checking in smb2_signing_decrypt_pdu() invalid ptext_len
When the ptext_size != m_total check fails, we call this:
status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR);
goto out;
As rc is 0 at that point we'll exit smb2_signing_decrypt_pdu()
with NT_STATUS_OK, but without copying the decrypted data
back into the callers buffer. Which leads to strange errors
in the caller.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14968
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 99182af4ab5a3413311e27c2a193e09babceb01c)
commit d623b454aa8e28408dd4d74c32c82560b75414ba
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 1 10:52:27 2022 +0100
selftest/quick: add smb2.session
We run the quicktest on each linux distro as part of samba-o3 builds.
We should make sure smb2 signing/enctyption works on all of them
and all different system libraries.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14968
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 68e62962b08497da8359ddbe4324443818c05cd1)
-----------------------------------------------------------------------
Summary of changes:
libcli/smb/smb2_signing.c | 24 +++++++++++++++++++++++-
selftest/quick | 1 +
wscript_configure_system_gnutls | 3 +++
3 files changed, 27 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
index 29ddfe71a24..938c9ecdf29 100644
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -1247,9 +1247,31 @@ NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key,
ctext_size,
ptext,
&ptext_size);
- if (rc < 0 || ptext_size != m_total) {
+ if (rc < 0) {
+ TALLOC_FREE(ptext);
+ TALLOC_FREE(ctext);
+ status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR);
+ goto out;
+ }
+#ifdef HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG
+ /*
+ * Note that gnutls before 3.5.2 had a bug and returned
+ * *ptext_len = ctext_len, instead of
+ * *ptext_len = ctext_len - tag_size
+ */
+ if (ptext_size != ctext_size) {
+ TALLOC_FREE(ptext);
+ TALLOC_FREE(ctext);
+ rc = GNUTLS_E_SHORT_MEMORY_BUFFER;
+ status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR);
+ goto out;
+ }
+ ptext_size -= tag_size;
+#endif /* HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG */
+ if (ptext_size != m_total) {
TALLOC_FREE(ptext);
TALLOC_FREE(ctext);
+ rc = GNUTLS_E_SHORT_MEMORY_BUFFER;
status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR);
goto out;
}
diff --git a/selftest/quick b/selftest/quick
index 0e79f1020bf..6700180c2c2 100644
--- a/selftest/quick
+++ b/selftest/quick
@@ -33,6 +33,7 @@ rpc.join
rpc.handles
rpc.echo
smb.signing
+smb2.session
drs.unit
samba4.blackbox.dbcheck.dc
# This needs to be here to get testing of crypt_r()
diff --git a/wscript_configure_system_gnutls b/wscript_configure_system_gnutls
index 9864235d17e..4cdd61f79bb 100644
--- a/wscript_configure_system_gnutls
+++ b/wscript_configure_system_gnutls
@@ -40,6 +40,9 @@ if (gnutls_version > parse_version('3.6.10')):
if (gnutls_version > parse_version('3.6.14')):
conf.DEFINE('ALLOW_GNUTLS_AEAD_CIPHER_ENCRYPTV2_AES_CCM', 1)
+if (gnutls_version < parse_version('3.5.2')):
+ conf.DEFINE('HAVE_GNUTLS_AEAD_CIPHER_DECRYPT_PTEXT_LEN_BUG', 1)
+
# Check if gnutls has fips mode support
# gnutls_fips140_mode_enabled() is available since 3.3.0
fragment = '''
--
Samba Shared Repository
More information about the samba-cvs
mailing list