| commit | 061c125c6129634d220c1074fa8ed5eaa8b0e09c | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Thu, 5 Aug 2021 11:31:29 +0000 (5 13:31 +0200) | ||
| committer | Jule Anger <janger@samba.org> | |
| Mon, 8 Nov 2021 09:52:13 +0000 (8 10:52 +0100) | ||
| tree | 089008c29298848d1fee21952592803ba7bb847f | treesnapshot (tar.gz zip) |
| parent | 7c3b037600077ade1d0ee97f5707e1c5061c1b28 | commitdiff |
CVE-2021-3738 s4:rpc_server/drsuapi: make use of assoc_group aware dcesrv_samdb_connect_as_*() helpers
This avoids a crash that's triggered by windows clients using
DsCrackNames across multiple connections within an association group
on the same DsBind context(policy) handle.
It also improves the auditing for the dcesrv_samdb_connect_as_system() case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This avoids a crash that's triggered by windows clients using
DsCrackNames across multiple connections within an association group
on the same DsBind context(policy) handle.
It also improves the auditing for the dcesrv_samdb_connect_as_system() case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
| selftest/knownfail.d/drsuapi.DsBindAssocGroupWS | [deleted file] | blobblamehistory |
| source4/rpc_server/drsuapi/dcesrv_drsuapi.c | diffblobblamehistory |