| commit | af6151ef122a4f452d486e541626c2a1feacb369 | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Thu, 5 Aug 2021 11:31:29 +0000 (5 13:31 +0200) | ||
| committer | Jule Anger <janger@samba.org> | |
| Tue, 9 Nov 2021 19:45:34 +0000 (9 19:45 +0000) | ||
| tree | 659709bb1eb9f038b009ba9d22004510c0185061 | treesnapshot (tar.gz zip) |
| parent | 897c0e8fc6fe9a9323f3ff657dc4245a7249c6fd | commitdiff |
CVE-2021-3738 s4:rpc_server/drsuapi: make use of assoc_group aware dcesrv_samdb_connect_as_*() helpers
This avoids a crash that's triggered by windows clients using
DsCrackNames across multiple connections within an association group
on the same DsBind context(policy) handle.
It also improves the auditing for the dcesrv_samdb_connect_as_system() case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This avoids a crash that's triggered by windows clients using
DsCrackNames across multiple connections within an association group
on the same DsBind context(policy) handle.
It also improves the auditing for the dcesrv_samdb_connect_as_system() case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
| selftest/knownfail.d/drsuapi.DsBindAssocGroupWS | [deleted file] | blobblamehistory |
| source4/rpc_server/drsuapi/dcesrv_drsuapi.c | diffblobblamehistory |