packages/samba
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
samba/backport-0008-CVE-2020-25717-winbindd-call-wb_parent_idmap_setup_s.patch
haochenstar 8378df4821 fix CVE-2020-25717,CVE-2020-25718,CVE-2020-25719,CVE-2020-25721,CVE-2020-25722,CVE-2016-2124,CVE-2021-3738 
(cherry picked from commit aee849c6c0708056f62f6445e3b5274d1cec6408)
2022-01-19 11:41:35 +08:00

82 lines
2.6 KiB
Diff
Raw Blame History

From 4a68c748e47e906f0d812a1572168e677afc1eb4 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow@samba.org>
Date: Tue, 31 Aug 2021 17:04:56 +0200
Subject: [PATCH 030/266] CVE-2020-25717 winbindd: call
wb_parent_idmap_setup_send() in wb_queryuser_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14804
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 39c2ec72cb77945c3eb611fb1d7d7e9aad52bdfd)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
(cherry picked from commit 7d1dd87a6538f8c7f1e4938b0ff52cbd231fff90)
---
source3/winbindd/wb_queryuser.c | 30 +++++++++++++++++++++++++++---
1 file changed, 27 insertions(+), 3 deletions(-)
Conflict:NA
Reference:https://git.samba.org/samba.git/?p=samba.git;a=patch;h=4a68c748e47e906f0d812a1572168e677afc1eb4
diff --git a/source3/winbindd/wb_queryuser.c b/source3/winbindd/wb_queryuser.c
index 9db51909c02..f5bc96f03f6 100644
--- a/source3/winbindd/wb_queryuser.c
+++ b/source3/winbindd/wb_queryuser.c
@@ -25,10 +25,12 @@
struct wb_queryuser_state {
struct tevent_context *ev;
- struct wbint_userinfo *info;
+ struct wbint_userinfo *info;
+ const struct wb_parent_idmap_config *idmap_cfg;
bool tried_dclookup;
};
+static void wb_queryuser_idmap_setup_done(struct tevent_req *subreq);
static void wb_queryuser_got_uid(struct tevent_req *subreq);
static void wb_queryuser_got_domain(struct tevent_req *subreq);
static void wb_queryuser_got_dc(struct tevent_req *subreq);
@@ -60,13 +62,35 @@ struct tevent_req *wb_queryuser_send(TALLOC_CTX *mem_ctx,
sid_copy(&info->user_sid, user_sid);
+ subreq = wb_parent_idmap_setup_send(state, state->ev);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, wb_queryuser_idmap_setup_done, req);
+ return req;
+}
+
+static void wb_queryuser_idmap_setup_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
+ subreq, struct tevent_req);
+ struct wb_queryuser_state *state = tevent_req_data(
+ req, struct wb_queryuser_state);
+ NTSTATUS status;
+
+ status = wb_parent_idmap_setup_recv(subreq, &state->idmap_cfg);
+ TALLOC_FREE(subreq);
+ if (tevent_req_nterror(req, status)) {
+ return;
+ }
+
subreq = wb_sids2xids_send(
state, state->ev, &state->info->user_sid, 1);
if (tevent_req_nomem(subreq, req)) {
- return tevent_req_post(req, ev);
+ return;
}
tevent_req_set_callback(subreq, wb_queryuser_got_uid, req);
- return req;
+ return;
}
static void wb_queryuser_got_uid(struct tevent_req *subreq)
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink