The branch, master has been updated via 84d4270 nmblookup: Warn user if netbios name is too long. via a782ae1 nss-wins: Do not lookup invalid netbios names via a5e3a19 libsmb: Do not lookup invalid netbios names. via eb05766 Revert "s3: smbd: signing. Ensure we respond correctly to an SMB2 negprot with SMB2_NEGOTIATE_SIGNING_REQUIRED." from c0a463d waf: Only build the wrappers if we enable selftest
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 84d4270c8e4ec18e9f83722d6df1a07f70acaade Author: Andreas Schneider <a...@samba.org> Date: Fri Jan 30 14:37:06 2015 +0100 nmblookup: Warn user if netbios name is too long. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Feb 24 01:01:10 CET 2015 on sn-devel-104 commit a782ae1da463433b6f5199acd0d093583780dd20 Author: Andreas Schneider <a...@samba.org> Date: Fri Jan 30 14:29:26 2015 +0100 nss-wins: Do not lookup invalid netbios names Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a5e3a198d0a1c36a3798935595e4844588caba68 Author: Andreas Schneider <a...@samba.org> Date: Fri Jan 30 14:28:48 2015 +0100 libsmb: Do not lookup invalid netbios names. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit eb05766a8c539b1b7d8de8481686556f6bdcc6db Author: Jeremy Allison <j...@samba.org> Date: Mon Feb 23 10:15:05 2015 -0800 Revert "s3: smbd: signing. Ensure we respond correctly to an SMB2 negprot with SMB2_NEGOTIATE_SIGNING_REQUIRED." Even though the MS-SMB2 spec says so, Windows doesn't behave like this. This reverts commit 1cea6e5b6f8c0e28d5ba2d296c831c4878fca304. Signed-off-by: Jeremy Allison <j...@samba.org> Reviewed-by: "Stefan (metze) Metzmacher" <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: libcli/nbt/tools/nmblookup.c | 13 +++++++++++++ nsswitch/wins.c | 14 +++++++++++++- source3/libsmb/namequery.c | 17 ++++++++++++++--- source3/smbd/smb2_negprot.c | 3 +-- source3/smbd/smb2_sesssetup.c | 4 +--- source3/utils/nmblookup.c | 9 +++++++++ 6 files changed, 51 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/nbt/tools/nmblookup.c b/libcli/nbt/tools/nmblookup.c index 9b875b0..afb81c7 100644 --- a/libcli/nbt/tools/nmblookup.c +++ b/libcli/nbt/tools/nmblookup.c @@ -32,6 +32,10 @@ #include "../libcli/nbt/libnbt.h" #include "param/param.h" +#include <string.h> + +#define MAX_NETBIOSNAME_LEN 16 + /* command line options */ static struct { const char *broadcast_address; @@ -190,6 +194,7 @@ static bool process_one(struct loadparm_context *lp_ctx, struct tevent_context * struct socket_address *all_zero_addr; struct nbt_name_socket *nbtsock; NTSTATUS status = NT_STATUS_OK; + size_t nbt_len; bool ret = true; if (!options.case_sensitive) { @@ -212,6 +217,14 @@ static bool process_one(struct loadparm_context *lp_ctx, struct tevent_context * node_name = talloc_strdup(tmp_ctx, name); } + nbt_len = strlen(node_name); + if (nbt_len > MAX_NETBIOSNAME_LEN - 1) { + printf("The specified netbios name [%s] is too long.\n", + node_name); + talloc_free(tmp_ctx); + return false; + } + nbtsock = nbt_name_socket_init(tmp_ctx, ev); if (options.root_port) { diff --git a/nsswitch/wins.c b/nsswitch/wins.c index d63968b..5127ee4 100644 --- a/nsswitch/wins.c +++ b/nsswitch/wins.c @@ -59,10 +59,12 @@ static void nss_wins_init(void) static struct in_addr *lookup_byname_backend(const char *name, int *count) { - TALLOC_CTX *frame = talloc_stackframe(); + TALLOC_CTX *frame; struct sockaddr_storage *address = NULL; struct in_addr *ret = NULL; NTSTATUS status; + const char *p; + size_t nbt_len; int j; if (!initialised) { @@ -71,6 +73,16 @@ static struct in_addr *lookup_byname_backend(const char *name, int *count) *count = 0; + nbt_len = strlen(name); + if (nbt_len > MAX_NETBIOSNAME_LEN - 1) { + return NULL; + } + p = strchr(name, '.'); + if (p != NULL) { + return NULL; + } + + frame = talloc_stackframe(); /* always try with wins first */ status = resolve_wins(name, 0x00, talloc_tos(), &address, count); diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index c80e255..85af6ed 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -2566,6 +2566,8 @@ NTSTATUS internal_resolve_name(const char *name, NTSTATUS status = NT_STATUS_UNSUCCESSFUL; int i; TALLOC_CTX *frame = NULL; + bool do_nbt_lookup = true; + size_t nbt_len; *return_iplist = NULL; *return_count = 0; @@ -2626,6 +2628,15 @@ NTSTATUS internal_resolve_name(const char *name, } /* iterate through the name resolution backends */ + nbt_len = strlen(name); + if (nbt_len > MAX_NETBIOSNAME_LEN - 1) { + do_nbt_lookup = false; + } else { + const char *p = strchr(name, '.'); + if (p != NULL) { + do_nbt_lookup = false; + } + } frame = talloc_stackframe(); for (i=0; resolve_order[i]; i++) { @@ -2656,13 +2667,13 @@ NTSTATUS internal_resolve_name(const char *name, if (NT_STATUS_IS_OK(status)) { goto done; } - } else if(strequal( tok, "lmhosts")) { + } else if (do_nbt_lookup && strequal(tok, "lmhosts")) { status = resolve_lmhosts(name, name_type, return_iplist, return_count); if (NT_STATUS_IS_OK(status)) { goto done; } - } else if(strequal( tok, "wins")) { + } else if (do_nbt_lookup && strequal(tok, "wins")) { /* don't resolve 1D via WINS */ struct sockaddr_storage *ss_list; if (name_type != 0x1D) { @@ -2679,7 +2690,7 @@ NTSTATUS internal_resolve_name(const char *name, goto done; } } - } else if(strequal( tok, "bcast")) { + } else if (do_nbt_lookup && strequal(tok, "bcast")) { struct sockaddr_storage *ss_list; status = name_resolve_bcast( name, name_type, talloc_tos(), diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c index 02f6882..9a1ca9c 100644 --- a/source3/smbd/smb2_negprot.c +++ b/source3/smbd/smb2_negprot.c @@ -221,8 +221,7 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) } security_mode = SMB2_NEGOTIATE_SIGNING_ENABLED; - if (lp_server_signing() == SMB_SIGNING_REQUIRED || - (in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED)) { + if (lp_server_signing() == SMB_SIGNING_REQUIRED) { security_mode |= SMB2_NEGOTIATE_SIGNING_REQUIRED; } diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index f918328..2f58e44 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -186,9 +186,7 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session, struct smbXsrv_connection *xconn = smb2req->xconn; if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) || - lp_server_signing() == SMB_SIGNING_REQUIRED || - (xconn->smb2.server.security_mode & - SMB2_NEGOTIATE_SIGNING_REQUIRED)) { + lp_server_signing() == SMB_SIGNING_REQUIRED) { x->global->signing_required = true; } diff --git a/source3/utils/nmblookup.c b/source3/utils/nmblookup.c index 78548e9..a119b3e 100644 --- a/source3/utils/nmblookup.c +++ b/source3/utils/nmblookup.c @@ -320,6 +320,7 @@ int main(int argc, const char *argv[]) while(poptPeekArg(pc)) { char *p; struct in_addr ip; + size_t nbt_len; fstrcpy(lookup,poptGetArg(pc)); @@ -349,6 +350,14 @@ int main(int argc, const char *argv[]) sscanf(++p,"%x",&lookup_type); } + nbt_len = strlen(lookup); + if (nbt_len > MAX_NETBIOSNAME_LEN - 1) { + d_printf("The specified netbios name [%s] is too long!\n", + lookup); + continue; + } + + if (!query_one(lookup, lookup_type)) { rc = 1; d_printf( "name_query failed to find name %s", lookup ); -- Samba Shared Repository