Age | Commit message (Collapse) | Author | Files | Lines |
|
Parts of the Samba RPC client and server code misinterpret authenticated
packets.
DCE authenticated packets actually look like this :
+--------------------------+
|header |
| ... frag_len (packet len)|
| ... auth_len |
+--------------------------+
| |
| Data payload |
... ....
| |
+--------------------------+
| |
| auth_pad_len bytes |
+--------------------------+
| |
| Auth footer |
| auth_pad_len value |
+--------------------------+
| |
| Auth payload |
| (auth_len bytes long) |
+--------------------------+
That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).
The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).
Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.
This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).
This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.
Jeremy
|
|
Andrew Bartlett
|
|
Guenther
|
|
This reverts commit 9621306351cdb469ef393a6d8cbeea456bc4bd9f.
|
|
This reverts commit 494b2aff8826947e3bd556aecb175746163da485.
|
|
|
|
|
|
|
|
|
|
Guenther
|
|
This prepares support for HMAC-SHA256/AES.
metze
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Found by RPC-SCHANNEL torture test.
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
netlogon server.
Guenther
|
|
|
|
|
|
|
|
Jeremy.
|
|
also check for an upper one (integer wrap).
Jeremy.
|
|
According to [MS-RPCE].pdf, section 2.2.2.11:
----
A client or a server that (during composing of a PDU) has allocated more space
for the authentication token than the security provider fills in SHOULD fill in
the rest of the allocated space with zero octets. These zero octets are still
considered to belong to the authentication token part of the PDU.<36>
----
RPC implementations are allowed to send padding bytes at the end of an auth
footer. Windows 7 makes use of this.
Thanks to Nick Meier <nmeier@microsoft.com>
Volker
|
|
Another 4k per open pipe
|
|
lp_use_kerberos_keytab parameter.
The first is "kerberos method" and replaces the "use kerberos keytab"
with an enum. Valid options are:
secrets only - use only the secrets for ticket verification (default)
system keytab - use only the system keytab for ticket verification
dedicated keytab - use a dedicated keytab for ticket verification.
secrets and keytab - use the secrets.tdb first, then the system keytab
For existing installs:
"use kerberos keytab = yes" corresponds to secrets and keytab
"use kerberos keytab = no" corresponds to secrets only
The major difference between "system keytab" and "dedicated keytab" is
that the latter method relies on kerberos to find the correct keytab
entry instead of filtering based on expected principals.
The second parameter is "dedicated keytab file", which is the keytab
to use when in "dedicated keytab" mode. This keytab is only used in
ads_verify_ticket.
|
|
This was mainly used for debugging output
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Guenther
|
|
(This used to be commit 256c93a8b3d4d9a4e52a656c91b89a043a087066)
|
|
This scans the list of pipes registered via rpc_pipe_register_commands instead
of using static tables.
(This used to be commit 283e6039989adea1c8921b3600b410cb67b6492a)
|
|
The per-server xxx_get_pipe_fns functions can go once all the RPC servers are
converted
(This used to be commit 6aa2391cbe1cbda8269ded767117f53d83b243e1)
|
|
This requires to store the rpc_interface in "struct rpc_table"
(This used to be commit 654f8de8497aff29f9b1f1822b6a8e734ff329e0)
|
|
(This used to be commit 8be41382ed9bb4fb44a1846fff2c7652388e4f28)
|
|
(This used to be commit aefad64e3a5c86d2f988d47e6215ed2085b8fc47)
|
|
(This used to be commit 41d2daeaa5a87da82a0debc4c9cfe14976215bd8)
|
|
(This used to be commit d621867bb8767e1c4236d28dd9294a61db6cbb10)
|
|
(This used to be commit 829b1ad4697f2f1ea008377d591456722dccd025)
|
|
No functional change, this is a preparation for more current_user ref removal
(This used to be commit dcaedf345e62ab74ea87f0a3fa1e3199c75c5445)
|
|
duplication.
(This used to be commit 428654b473ba44b2f5340eefef0d4fcd51aff558)
|