49 lines
1.7 KiB
Diff
49 lines
1.7 KiB
Diff
From e8e0bea9b333315ec1ff9eb1d36d4e810ca95941 Mon Sep 17 00:00:00 2001
|
|
From: Stefan Metzmacher <metze@samba.org>
|
|
Date: Mon, 4 Oct 2021 18:03:55 +0200
|
|
Subject: [PATCH 122/266] CVE-2020-25717: s3:auth: don't let create_local_token
|
|
depend on !winbind_ping()
|
|
|
|
We always require a running winbindd on a domain member, so
|
|
we should better fail a request instead of silently alter
|
|
the behaviour, which results in a different unix token, just
|
|
because winbindd might be restarted.
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
|
|
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
---
|
|
source3/auth/auth_util.c | 10 ++++------
|
|
1 file changed, 4 insertions(+), 6 deletions(-)
|
|
|
|
Conflict:NA
|
|
Reference:https://git.samba.org/samba.git/?p=samba.git;a=patch;h=e8e0bea9b333315ec1ff9eb1d36d4e810ca95941
|
|
|
|
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
|
|
index d81313a0495..065b525500f 100644
|
|
--- a/source3/auth/auth_util.c
|
|
+++ b/source3/auth/auth_util.c
|
|
@@ -576,13 +576,11 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
|
|
}
|
|
|
|
/*
|
|
- * If winbind is not around, we can not make much use of the SIDs the
|
|
- * domain controller provided us with. Likewise if the user name was
|
|
- * mapped to some local unix user.
|
|
+ * If the user name was mapped to some local unix user,
|
|
+ * we can not make much use of the SIDs the
|
|
+ * domain controller provided us with.
|
|
*/
|
|
-
|
|
- if (((lp_server_role() == ROLE_DOMAIN_MEMBER) && !winbind_ping()) ||
|
|
- (server_info->nss_token)) {
|
|
+ if (server_info->nss_token) {
|
|
char *found_username = NULL;
|
|
status = create_token_from_username(session_info,
|
|
server_info->unix_name,
|
|
--
|
|
2.23.0
|
|
|