| commit | 0f7bb07a825db7739bbe5f549811ef86514b5697 | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Sat, 27 Jun 2015 08:31:48 +0000 (27 10:31 +0200) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Wed, 30 Mar 2016 02:10:05 +0000 (30 04:10 +0200) | ||
| tree | e533dd811e4b7373ebd74d33dbcca0aaf4838496 | treesnapshot (tar.gz zip) |
| parent | 84d86924f736204ddf50c6aeaa7d978551c7dc3b | commitdiff |
CVE-2015-5370: s4:librpc/rpc: avoid using dcecli_security->auth_info and use per request values
We now avoid reusing the same auth_info structure for incoming and outgoing
values. We need to make sure that the remote server doesn't overwrite our own
values.
This will trigger some failures with our currently broken server,
which will be fixed in the next commits.
The broken server requires an dcerpc_auth structure with no credentials
in order to do an alter_context request that just creates a presentation
context without doing authentication.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
We now avoid reusing the same auth_info structure for incoming and outgoing
values. We need to make sure that the remote server doesn't overwrite our own
values.
This will trigger some failures with our currently broken server,
which will be fixed in the next commits.
The broken server requires an dcerpc_auth structure with no credentials
in order to do an alter_context request that just creates a presentation
context without doing authentication.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
| selftest/knownfail | diffblobblamehistory | |
| source4/librpc/rpc/dcerpc.c | diffblobblamehistory | |
| source4/librpc/rpc/dcerpc.h | diffblobblamehistory | |
| source4/librpc/rpc/dcerpc_auth.c | diffblobblamehistory |