Commit 398a21c5 authored by Stefan Metzmacher's avatar Stefan Metzmacher

CVE-2016-2118: s4:rpc_server/samr: reject DCERPC_AUTH_LEVEL_CONNECT by default

This prevents man in the middle downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616Signed-off-by: default avatarStefan Metzmacher <metze@samba.org>
Reviewed-by: default avatarGünther Deschner <gd@samba.org>
parent fcdd15a9
......@@ -99,6 +99,8 @@
^samba4.rpc.netlogon.*.DatabaseRedo
^samba4.rpc.drsuapi.*ncacn_ip_tcp.*validate # should only work with seal
^samba4.rpc.drsuapi.*ncacn_ip_tcp.*bigendian # should only work with seal
^samba4.rpc.samr.passwords.validate.*ncacn_ip_tcp.*with.validate # should only work with seal
^samba4.rpc.samr.passwords.validate.*ncacn_ip_tcp.*with.bigendian # should only work with seal
^samba4.base.charset.*.Testing partial surrogate
^samba4.*.base.maximum_allowed # broken until we implement NTCREATEX_OPTIONS_BACKUP_INTENT
.*net.api.delshare.* # DelShare isn't implemented yet
......
......@@ -41,6 +41,14 @@
#include "lib/util/tsort.h"
#include "libds/common/flag_mapping.h"
#define DCESRV_INTERFACE_SAMR_BIND(call, iface) \
dcesrv_interface_samr_bind(call, iface)
static NTSTATUS dcesrv_interface_samr_bind(struct dcesrv_call_state *dce_call,
const struct dcesrv_interface *iface)
{
return dcesrv_interface_bind_reject_connect(dce_call, iface);
}
/* these query macros make samr_Query[User|Group|Alias]Info a bit easier to read */
#define QUERY_STRING(msg, field, attr) \
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment