The branch, master has been updated via d50c007 s3-rpc_server: Remove ncalrpc_as_system from make_server_pipes_struct(). via 76a89a3 s3-rpc_server: Remove ncalrpc_as_system from pipes_struct. via 6ede575 s3-rpc_server: Use gensec for NCALRPC_AS_SYSTEM. via 000168b s3-rpc_server: Add special tsocket address for ncalrpc_as_system. via 6a5cd18 s3:rpc_client: Use gensec for NCALRPC_AS_SYSTEM. via 8729d99 s3-auth: Register ncalrpc_as_system gensec module. via 788f72f gensec: add DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM backend via 1f4c20f s3:rpc_server: pass everything but AUTH_TYPE_{NONE,NCALRPC_AS_SYSTEM} to gensec via 06922f9 s3-rpc_server: Call pipe_auth_verify_final() if needed. via bfdd22b s3-rpc_server: Return the status code from gensec. via 2c5ed10 s3:rpc_server: let auth_generic_server_step() handle gensec_security == NULL via 5d3bb56 s3:rpc_server: make sure we have a unix token via 054ef13 s3:rpc_server: handle everything but AUTH_TYPE_NONE as gensec in verify_final via 2ed1789 s3:rpc_client: pass everything to gensec by default via fc59cc3 auth/gensec: use auth_ctx->generate_session_info() for schannel via 169c6d4 s3:auth: allow special SYSTEM and ANONYMOUS handling in auth3_generate_session_info() from ea27382 s3: torture - Fix racy assumption in original messaging test.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit d50c0077deefbb32af1a15205b32d928807d86a3 Author: Andreas Schneider <a...@samba.org> Date: Thu Apr 17 14:25:48 2014 +0200 s3-rpc_server: Remove ncalrpc_as_system from make_server_pipes_struct(). Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Autobuild-User(master): Stefan Metzmacher <me...@samba.org> Autobuild-Date(master): Thu Apr 24 13:39:10 CEST 2014 on sn-devel-104 commit 76a89a38fe5b2062e49779518ab0c9d0e1240403 Author: Andreas Schneider <a...@samba.org> Date: Thu Apr 17 14:22:17 2014 +0200 s3-rpc_server: Remove ncalrpc_as_system from pipes_struct. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 6ede575fc40b3157385076e09379d4e0a8830acd Author: Andreas Schneider <a...@samba.org> Date: Thu Apr 17 13:46:07 2014 +0200 s3-rpc_server: Use gensec for NCALRPC_AS_SYSTEM. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 000168b002c4687c4c742847b263be1d31cb4d11 Author: Andreas Schneider <a...@samba.org> Date: Thu Apr 17 11:00:54 2014 +0200 s3-rpc_server: Add special tsocket address for ncalrpc_as_system. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 6a5cd1857f6f237f27cec116a041989fb0ddea2c Author: Stefan Metzmacher <me...@samba.org> Date: Wed Apr 23 14:45:45 2014 +0200 s3:rpc_client: Use gensec for NCALRPC_AS_SYSTEM. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 8729d990a32aa2bd59ef176e33ce3966c0f98f9f Author: Andreas Schneider <a...@samba.org> Date: Thu Apr 17 12:02:45 2014 +0200 s3-auth: Register ncalrpc_as_system gensec module. Signed-off-by: Andreas Schneider <a...@samba.org> Signed-off-by: Stefan Metzmacher <me...@samba.org> commit 788f72f8ebf8e300237cae3c4863586e38301a62 Author: Andreas Schneider <a...@samba.org> Date: Wed Apr 16 15:21:40 2014 +0200 gensec: add DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM backend Signed-off-by: Andreas Schneider <a...@samba.org> Signed-off-by: Stefan Metzmacher <me...@samba.org> commit 1f4c20f2c3506390834552d0102083d2b5b61f48 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Apr 23 13:07:15 2014 +0200 s3:rpc_server: pass everything but AUTH_TYPE_{NONE,NCALRPC_AS_SYSTEM} to gensec Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 06922f92e4ce885947000651491c17a0fea14294 Author: Andreas Schneider <a...@samba.org> Date: Wed Apr 23 10:42:12 2014 +0200 s3-rpc_server: Call pipe_auth_verify_final() if needed. Signed-off-by: Andreas Schneider <a...@samba.org> Signed-off-by: Stefan Metzmacher <me...@samba.org> commit bfdd22b3166377200f5395ef7384908d49d81ef1 Author: Andreas Schneider <a...@samba.org> Date: Wed Apr 23 10:40:27 2014 +0200 s3-rpc_server: Return the status code from gensec. We need to know the difference between NT_STATUS_OK and NT_STATUS_MORE_PROCESSING_REQUIRED. Signed-off-by: Andreas Schneider <a...@samba.org> Signed-off-by: Stefan Metzmacher <me...@samba.org> commit 2c5ed102b7dfa9a53ece24d048f71fd5e3d59ae7 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Apr 23 13:02:35 2014 +0200 s3:rpc_server: let auth_generic_server_step() handle gensec_security == NULL This simplifies the caller, we don't need to look at the auth_type anymore. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 5d3bb5671e26d21473563cdccc42c0ee31e1311f Author: Stefan Metzmacher <me...@samba.org> Date: Wed Apr 23 18:13:04 2014 +0200 s3:rpc_server: make sure we have a unix token Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 054ef133afa98cf02e80b6398a3a719f26bbf44b Author: Stefan Metzmacher <me...@samba.org> Date: Wed Apr 23 13:01:00 2014 +0200 s3:rpc_server: handle everything but AUTH_TYPE_NONE as gensec in verify_final The NCALRPC_AS_SYSTEM doesn't use pipe_auth_verify_final() yet, so it's fine for now. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 2ed1789e4d8ac09ed78e5ecccf0eb97d1dfa8f65 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Apr 23 14:35:15 2014 +0200 s3:rpc_client: pass everything to gensec by default Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit fc59cc31024598599a2f1c9d73b8fa43a408ced2 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Apr 23 18:59:52 2014 +0200 auth/gensec: use auth_ctx->generate_session_info() for schannel This way we generate a correct session info for the s3 rpc_server, including a unix token. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 169c6d409f9c1b50b25bc59bcf12515d9a286c56 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Apr 23 19:00:26 2014 +0200 s3:auth: allow special SYSTEM and ANONYMOUS handling in auth3_generate_session_info() auth_ctx->generate_session_info() will be used by the SCHANNEL and NCALRPC_AS_SYSTEM gensec modules in future. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> ----------------------------------------------------------------------- Summary of changes: auth/gensec/ncalrpc.c | 286 ++++++++++++++++++++++++++++++ auth/gensec/schannel.c | 49 +++++- auth/gensec/wscript_build | 7 + source3/auth/auth_generic.c | 4 +- source3/auth/auth_ntlmssp.c | 45 +++++- source3/librpc/rpc/dcerpc_helpers.c | 36 ++--- source3/libsmb/auth_generic.c | 3 +- source3/rpc_client/cli_pipe.c | 103 +++-------- source3/rpc_server/dcesrv_auth_generic.c | 6 +- source3/rpc_server/rpc_handles.c | 3 +- source3/rpc_server/rpc_ncacn_np.c | 3 +- source3/rpc_server/rpc_pipes.h | 4 +- source3/rpc_server/rpc_server.c | 32 +++- source3/rpc_server/rpc_server.h | 1 - source3/rpc_server/srv_pipe.c | 154 ++++++----------- 15 files changed, 513 insertions(+), 223 deletions(-) create mode 100644 auth/gensec/ncalrpc.c Changeset truncated at 500 lines: diff --git a/auth/gensec/ncalrpc.c b/auth/gensec/ncalrpc.c new file mode 100644 index 0000000..d5537a4 --- /dev/null +++ b/auth/gensec/ncalrpc.c @@ -0,0 +1,286 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc ncalrpc as system operations + + Copyright (C) 2014 Andreas Schneider <a...@samba.org> + Copyright (C) 2014 Stefan Metzmacher <me...@samba.org> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "auth/auth.h" +#include "auth/gensec/gensec.h" +#include "auth/gensec/gensec_internal.h" +#include "librpc/gen_ndr/dcerpc.h" +#include "lib/param/param.h" +#include "tsocket.h" + +_PUBLIC_ NTSTATUS gensec_ncalrpc_as_system_init(void); + +struct gensec_ncalrpc_state { + enum { + GENSEC_NCALRPC_START, + GENSEC_NCALRPC_MORE, + GENSEC_NCALRPC_DONE, + GENSEC_NCALRPC_ERROR, + } step; + + struct auth_user_info_dc *user_info_dc; +}; + +static NTSTATUS gensec_ncalrpc_client_start(struct gensec_security *gensec_security) +{ + struct gensec_ncalrpc_state *state; + + state = talloc_zero(gensec_security, + struct gensec_ncalrpc_state); + if (state == NULL) { + return NT_STATUS_NO_MEMORY; + } + gensec_security->private_data = state; + + state->step = GENSEC_NCALRPC_START; + return NT_STATUS_OK; +} + +static NTSTATUS gensec_ncalrpc_server_start(struct gensec_security *gensec_security) +{ + struct gensec_ncalrpc_state *state; + + state = talloc_zero(gensec_security, + struct gensec_ncalrpc_state); + if (state == NULL) { + return NT_STATUS_NO_MEMORY; + } + gensec_security->private_data = state; + + state->step = GENSEC_NCALRPC_START; + return NT_STATUS_OK; +} + +static NTSTATUS gensec_ncalrpc_update(struct gensec_security *gensec_security, + TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + const DATA_BLOB in, + DATA_BLOB *out) +{ + struct gensec_ncalrpc_state *state = + talloc_get_type_abort(gensec_security->private_data, + struct gensec_ncalrpc_state); + DATA_BLOB magic_req = data_blob_string_const("NCALRPC_AUTH_TOKEN"); + DATA_BLOB magic_ok = data_blob_string_const("NCALRPC_AUTH_OK"); + DATA_BLOB magic_fail = data_blob_string_const("NCALRPC_AUTH_FAIL"); + char *unix_path = NULL; + int cmp; + NTSTATUS status; + + *out = data_blob_null; + + if (state->step >= GENSEC_NCALRPC_DONE) { + return NT_STATUS_INVALID_PARAMETER; + } + + switch (gensec_security->gensec_role) { + case GENSEC_CLIENT: + switch (state->step) { + case GENSEC_NCALRPC_START: + *out = data_blob_dup_talloc(mem_ctx, magic_req); + if (out->data == NULL) { + state->step = GENSEC_NCALRPC_ERROR; + return NT_STATUS_NO_MEMORY; + } + + state->step = GENSEC_NCALRPC_MORE; + return NT_STATUS_MORE_PROCESSING_REQUIRED; + + case GENSEC_NCALRPC_MORE: + cmp = data_blob_cmp(&in, &magic_ok); + if (cmp != 0) { + state->step = GENSEC_NCALRPC_ERROR; + return NT_STATUS_LOGON_FAILURE; + } + + state->step = GENSEC_NCALRPC_DONE; + return NT_STATUS_OK; + + case GENSEC_NCALRPC_DONE: + case GENSEC_NCALRPC_ERROR: + break; + } + + state->step = GENSEC_NCALRPC_ERROR; + return NT_STATUS_INTERNAL_ERROR; + + case GENSEC_SERVER: + if (state->step != GENSEC_NCALRPC_START) { + state->step = GENSEC_NCALRPC_ERROR; + return NT_STATUS_INTERNAL_ERROR; + } + + cmp = data_blob_cmp(&in, &magic_req); + if (cmp != 0) { + state->step = GENSEC_NCALRPC_ERROR; + *out = data_blob_dup_talloc(mem_ctx, magic_fail); + if (out->data == NULL) { + return NT_STATUS_NO_MEMORY; + } + return NT_STATUS_LOGON_FAILURE; + } + + if (gensec_security->remote_addr == NULL) { + state->step = GENSEC_NCALRPC_ERROR; + *out = data_blob_dup_talloc(mem_ctx, magic_fail); + if (out->data == NULL) { + return NT_STATUS_NO_MEMORY; + } + return NT_STATUS_LOGON_FAILURE; + } + + unix_path = tsocket_address_unix_path(gensec_security->remote_addr, + state); + if (unix_path == NULL) { + state->step = GENSEC_NCALRPC_ERROR; + *out = data_blob_dup_talloc(mem_ctx, magic_fail); + if (out->data == NULL) { + return NT_STATUS_NO_MEMORY; + } + return NT_STATUS_LOGON_FAILURE; + } + + cmp = strcmp(unix_path, "/root/ncalrpc_as_system"); + TALLOC_FREE(unix_path); + if (cmp != 0) { + state->step = GENSEC_NCALRPC_ERROR; + *out = data_blob_dup_talloc(mem_ctx, magic_fail); + if (out->data == NULL) { + return NT_STATUS_NO_MEMORY; + } + return NT_STATUS_LOGON_FAILURE; + } + + status = auth_system_user_info_dc(state, + lpcfg_netbios_name(gensec_security->settings->lp_ctx), + &state->user_info_dc); + if (!NT_STATUS_IS_OK(status)) { + state->step = GENSEC_NCALRPC_ERROR; + *out = data_blob_dup_talloc(mem_ctx, magic_fail); + if (out->data == NULL) { + return NT_STATUS_NO_MEMORY; + } + return status; + } + + *out = data_blob_dup_talloc(mem_ctx, magic_ok); + if (out->data == NULL) { + state->step = GENSEC_NCALRPC_ERROR; + return NT_STATUS_NO_MEMORY; + } + + state->step = GENSEC_NCALRPC_DONE; + return NT_STATUS_OK; + } + + state->step = GENSEC_NCALRPC_ERROR; + return NT_STATUS_INTERNAL_ERROR; +} + +static NTSTATUS gensec_ncalrpc_session_info(struct gensec_security *gensec_security, + TALLOC_CTX *mem_ctx, + struct auth_session_info **psession_info) +{ + struct gensec_ncalrpc_state *state = + talloc_get_type_abort(gensec_security->private_data, + struct gensec_ncalrpc_state); + struct auth4_context *auth_ctx = gensec_security->auth_context; + struct auth_session_info *session_info = NULL; + uint32_t session_info_flags = 0; + NTSTATUS status; + + if (gensec_security->gensec_role != GENSEC_SERVER) { + return NT_STATUS_INVALID_PARAMETER; + } + + if (state->step != GENSEC_NCALRPC_DONE) { + return NT_STATUS_INVALID_PARAMETER; + } + + if (auth_ctx == NULL) { + DEBUG(0, ("Cannot generate a session_info without the auth_context\n")); + return NT_STATUS_INTERNAL_ERROR; + } + + if (auth_ctx->generate_session_info == NULL) { + DEBUG(0, ("Cannot generate a session_info without the generate_session_info hook\n")); + return NT_STATUS_INTERNAL_ERROR; + } + + if (gensec_security->want_features & GENSEC_FEATURE_UNIX_TOKEN) { + session_info_flags |= AUTH_SESSION_INFO_UNIX_TOKEN; + } + + session_info_flags |= AUTH_SESSION_INFO_SIMPLE_PRIVILEGES; + + status = auth_ctx->generate_session_info( + auth_ctx, + mem_ctx, + state->user_info_dc, + state->user_info_dc->info->account_name, + session_info_flags, + &session_info); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + *psession_info = session_info; + return NT_STATUS_OK; +} + +/* We have no features */ +static bool gensec_ncalrpc_have_feature(struct gensec_security *gensec_security, + uint32_t feature) +{ + if (feature & GENSEC_FEATURE_DCE_STYLE) { + return true; + } + + return false; +} + +static const struct gensec_security_ops gensec_ncalrpc_security_ops = { + .name = "naclrpc_as_system", + .auth_type = DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM, + .client_start = gensec_ncalrpc_client_start, + .server_start = gensec_ncalrpc_server_start, + .update = gensec_ncalrpc_update, + .session_info = gensec_ncalrpc_session_info, + .have_feature = gensec_ncalrpc_have_feature, + .enabled = true, + .priority = GENSEC_EXTERNAL, +}; + +_PUBLIC_ NTSTATUS gensec_ncalrpc_as_system_init(void) +{ + NTSTATUS status; + + status = gensec_register(&gensec_ncalrpc_security_ops); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("Failed to register '%s' gensec backend!\n", + gensec_ncalrpc_security_ops.name)); + return status; + } + + return status; +} diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c index 3d30e83..ee23e77 100644 --- a/auth/gensec/schannel.c +++ b/auth/gensec/schannel.c @@ -38,6 +38,7 @@ struct schannel_state { uint64_t seq_num; bool initiator; struct netlogon_creds_CredentialState *creds; + struct auth_user_info_dc *user_info_dc; }; #define SETUP_SEQNUM(state, buf, initiator) do { \ @@ -58,14 +59,13 @@ static struct schannel_state *netsec_create_state( { struct schannel_state *state; - state = talloc(gensec, struct schannel_state); + state = talloc_zero(gensec, struct schannel_state); if (state == NULL) { return NULL; } state->gensec = gensec; state->initiator = initiator; - state->seq_num = 0; state->creds = netlogon_creds_copy(state, creds); if (state->creds == NULL) { talloc_free(state); @@ -580,6 +580,13 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_ return NT_STATUS_NO_MEMORY; } + status = auth_anonymous_user_info_dc(state, + lpcfg_netbios_name(gensec_security->settings->lp_ctx), + &state->user_info_dc); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + bind_schannel_ack.MessageType = NL_NEGOTIATE_RESPONSE; bind_schannel_ack.Flags = 0; bind_schannel_ack.Buffer.dummy = 0x6c0000; /* actually I think @@ -610,7 +617,43 @@ static NTSTATUS schannel_session_info(struct gensec_security *gensec_security, TALLOC_CTX *mem_ctx, struct auth_session_info **_session_info) { - return auth_anonymous_session_info(mem_ctx, gensec_security->settings->lp_ctx, _session_info); + struct schannel_state *state = + talloc_get_type(gensec_security->private_data, + struct schannel_state); + struct auth4_context *auth_ctx = gensec_security->auth_context; + struct auth_session_info *session_info = NULL; + uint32_t session_info_flags = 0; + NTSTATUS status; + + if (auth_ctx == NULL) { + DEBUG(0, ("Cannot generate a session_info without the auth_context\n")); + return NT_STATUS_INTERNAL_ERROR; + } + + if (auth_ctx->generate_session_info == NULL) { + DEBUG(0, ("Cannot generate a session_info without the generate_session_info hook\n")); + return NT_STATUS_INTERNAL_ERROR; + } + + if (gensec_security->want_features & GENSEC_FEATURE_UNIX_TOKEN) { + session_info_flags |= AUTH_SESSION_INFO_UNIX_TOKEN; + } + + session_info_flags |= AUTH_SESSION_INFO_SIMPLE_PRIVILEGES; + + status = auth_ctx->generate_session_info( + auth_ctx, + mem_ctx, + state->user_info_dc, + state->user_info_dc->info->account_name, + session_info_flags, + &session_info); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + *_session_info = session_info; + return NT_STATUS_OK; } static NTSTATUS schannel_server_start(struct gensec_security *gensec_security) diff --git a/auth/gensec/wscript_build b/auth/gensec/wscript_build index 7329eec..b2f6033 100755 --- a/auth/gensec/wscript_build +++ b/auth/gensec/wscript_build @@ -25,6 +25,13 @@ bld.SAMBA_MODULE('gensec_schannel', deps='COMMON_SCHANNEL NDR_SCHANNEL samba-credentials auth_session' ) +bld.SAMBA_MODULE('gensec_ncalrpc', + source='ncalrpc.c', + subsystem='gensec', + init_function='gensec_ncalrpc_as_system_init', + deps='samba-util auth_session' + ) + bld.SAMBA_MODULE('gensec_external', source='external.c', autoproto='external_proto.h', diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c index e07d3b7..e1c6475 100644 --- a/source3/auth/auth_generic.c +++ b/source3/auth/auth_generic.c @@ -262,7 +262,7 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx, } backends = talloc_zero_array(gensec_settings, - const struct gensec_security_ops *, 5); + const struct gensec_security_ops *, 6); if (backends == NULL) { TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; @@ -282,6 +282,8 @@ NTSTATUS auth_generic_prepare(TALLOC_CTX *mem_ctx, backends[idx++] = gensec_security_by_auth_type(NULL, DCERPC_AUTH_TYPE_SCHANNEL); + backends[idx++] = gensec_security_by_auth_type(NULL, DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM); + /* * This is anonymous for now, because we just use it * to set the kerberos state at the moment diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c index 45166c0..14bce62 100644 --- a/source3/auth/auth_ntlmssp.c +++ b/source3/auth/auth_ntlmssp.c @@ -23,6 +23,7 @@ #include "includes.h" #include "auth.h" +#include "libcli/security/security.h" NTSTATUS auth3_generate_session_info(struct auth4_context *auth_context, TALLOC_CTX *mem_ctx, @@ -31,10 +32,50 @@ NTSTATUS auth3_generate_session_info(struct auth4_context *auth_context, uint32_t session_info_flags, struct auth_session_info **session_info) { - struct auth_serversupplied_info *server_info = talloc_get_type_abort(server_returned_info, - struct auth_serversupplied_info); + struct auth_user_info_dc *user_info = NULL; + struct auth_serversupplied_info *server_info = NULL; NTSTATUS nt_status; + /* + * This is a hack, some callers... + * + * Some callers pass auth_user_info_dc, the SCHANNEL and + * NCALRPC_AS_SYSTEM gensec modules. + * + * While the reset passes auth3_check_password() returned. + */ + user_info = talloc_get_type(server_returned_info, + struct auth_user_info_dc); + if (user_info != NULL) { + const struct dom_sid *sid; + int cmp; + + /* + * This should only be called from SCHANNEL or NCALRPC_AS_SYSTEM + */ + if (user_info->num_sids != 1) { + return NT_STATUS_INTERNAL_ERROR; + } + sid = &user_info->sids[PRIMARY_USER_SID_INDEX]; + + cmp = dom_sid_compare(sid, &global_sid_System); + if (cmp == 0) { + return make_session_info_system(mem_ctx, session_info); + } + + cmp = dom_sid_compare(sid, &global_sid_Anonymous); + if (cmp == 0) { + /* + * TODO: use auth_anonymous_session_info() here? + */ + return make_session_info_guest(mem_ctx, session_info); + } + + return NT_STATUS_INTERNAL_ERROR; + } + + server_info = talloc_get_type_abort(server_returned_info, + struct auth_serversupplied_info); nt_status = create_local_token(mem_ctx, server_info, NULL, diff --git a/source3/librpc/rpc/dcerpc_helpers.c b/source3/librpc/rpc/dcerpc_helpers.c index 2400bfd..62358d5 100644 --- a/source3/librpc/rpc/dcerpc_helpers.c +++ b/source3/librpc/rpc/dcerpc_helpers.c @@ -382,6 +382,10 @@ static NTSTATUS get_generic_auth_footer(struct gensec_security *gensec_security, DATA_BLOB *data, DATA_BLOB *full_pkt, DATA_BLOB *auth_token) { + if (gensec_security == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + switch (auth_level) { case DCERPC_AUTH_LEVEL_PRIVACY: /* Data portion is encrypted. */ @@ -424,8 +428,7 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth, -- Samba Shared Repository