packages/samba
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
samba/backport-0003-CVE-2021-3738-s4-rpc_server-dnsserver-make-use-of-dc.patch
haochenstar 8378df4821 fix CVE-2020-25717,CVE-2020-25718,CVE-2020-25719,CVE-2020-25721,CVE-2020-25722,CVE-2016-2124,CVE-2021-3738 
(cherry picked from commit aee849c6c0708056f62f6445e3b5274d1cec6408)
2022-01-19 11:41:35 +08:00

61 lines
2.2 KiB
Diff
Raw Blame History

From caf3d32f68f91ea83c7f601577dd1f7c98f030e5 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 5 Aug 2021 14:22:47 +0200
Subject: [PATCH 263/266] CVE-2021-3738 s4:rpc_server/dnsserver: make use of
Conflict: NA
Reference: https://git.samba.org/samba.git/?p=samba.git;a=patch;h=caf3d32f68f91ea83c7f601577dd1f7c98f030e5
dcesrv_samdb_connect_as_user() helper
This is not strictly required, but it makes it easier to audit that
source4/rpc_server no longer calls samdb_connect() directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
source4/rpc_server/dnsserver/dcerpc_dnsserver.c | 11 ++---------
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
index 88efc01f154..b84b737d0b8 100644
--- a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
+++ b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "talloc.h"
#include "rpc_server/dcerpc_server.h"
+#include "rpc_server/common/common.h"
#include "dsdb/samdb/samdb.h"
#include "lib/util/dlinklist.h"
#include "librpc/gen_ndr/ndr_dnsserver.h"
@@ -104,8 +105,6 @@ static void dnsserver_reload_zones(struct dnsserver_state *dsstate)
static struct dnsserver_state *dnsserver_connect(struct dcesrv_call_state *dce_call)
{
- struct auth_session_info *session_info =
- dcesrv_call_session_info(dce_call);
struct dnsserver_state *dsstate;
struct dnsserver_zone *zones, *z, *znext;
struct dnsserver_partition *partitions, *p;
@@ -125,13 +124,7 @@ static struct dnsserver_state *dnsserver_connect(struct dcesrv_call_state *dce_c
dsstate->lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
- /* FIXME: create correct auth_session_info for connecting user */
- dsstate->samdb = samdb_connect(dsstate,
- dce_call->event_ctx,
- dsstate->lp_ctx,
- session_info,
- dce_call->conn->remote_address,
- 0);
+ dsstate->samdb = dcesrv_samdb_connect_as_user(dsstate, dce_call);
if (dsstate->samdb == NULL) {
DEBUG(0,("dnsserver: Failed to open samdb"));
goto failed;
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink