代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/samba 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From 4eba269b1ba4ce6e9f71efed9f537249d1bd2c5d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 12 Sep 2023 12:28:49 +1200
Subject: [PATCH 27/28] CVE-2023-42670 s3-rpc_server: Strictly refuse to start
RPC servers in conflict with AD DC
Just as we refuse to start NETLOGON except on the DC, we must refuse
to start all of the RPC services that are provided by the AD DC.
Most critically of course this applies to netlogon, lsa and samr.
This avoids the supression of these services being the result of a
runtime epmapper lookup, as if that fails these services can disrupt
service to end users by listening on the same socket as the AD DC
servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15473
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Conflict: NA
Reference: https://download.samba.org/pub/samba/patches/security/samba-4.18.8-security-2023-10-10.patch
[PATCH 27/28] CVE-2023-42670 s3-rpc_server: Strictly refuse to start
RPC servers in conflict with AD DC
---
source3/rpc_server/rpcd_classic.c | 45 ++++++++++++++++++++++++++----
source3/rpc_server/rpcd_epmapper.c | 33 ++++++++++++++++++++--
source3/rpc_server/rpcd_lsad.c | 21 ++++++++++++++
source3/rpc_server/rpcd_rpcecho.c | 33 ++++++++++++++++++++--
4 files changed, 122 insertions(+), 10 deletions(-)
diff --git a/source3/rpc_server/rpcd_classic.c b/source3/rpc_server/rpcd_classic.c
index 4f6164c814c..8494af575ec 100644
--- a/source3/rpc_server/rpcd_classic.c
+++ b/source3/rpc_server/rpcd_classic.c
@@ -42,14 +42,34 @@ static size_t classic_interfaces(
static const struct ndr_interface_table *ifaces[] = {
&ndr_table_srvsvc,
&ndr_table_netdfs,
- &ndr_table_wkssvc,
+ &ndr_table_initshutdown,
&ndr_table_svcctl,
&ndr_table_ntsvcs,
&ndr_table_eventlog,
- &ndr_table_initshutdown,
+ /*
+ * This last item is truncated from the list by the
+ * num_ifaces -= 1 below. Take care when adding new
+ * services.
+ */
+ &ndr_table_wkssvc,
};
+ size_t num_ifaces = ARRAY_SIZE(ifaces);
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC wkssvc is provided by the 'samba'
+ * binary from source4/
+ */
+ num_ifaces -= 1;
+ break;
+ default:
+ break;
+ }
+
*pifaces = ifaces;
- return ARRAY_SIZE(ifaces);
+ return num_ifaces;
+
}
static size_t classic_servers(
@@ -58,15 +78,28 @@ static size_t classic_servers(
void *private_data)
{
static const struct dcesrv_endpoint_server *ep_servers[7] = { NULL };
+ size_t num_servers = ARRAY_SIZE(ep_servers);
bool ok;
ep_servers[0] = srvsvc_get_ep_server();
ep_servers[1] = netdfs_get_ep_server();
- ep_servers[2] = wkssvc_get_ep_server();
+ ep_servers[2] = initshutdown_get_ep_server();
ep_servers[3] = svcctl_get_ep_server();
ep_servers[4] = ntsvcs_get_ep_server();
ep_servers[5] = eventlog_get_ep_server();
- ep_servers[6] = initshutdown_get_ep_server();
+ ep_servers[6] = wkssvc_get_ep_server();
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC wkssvc is provided by the 'samba'
+ * binary from source4/
+ */
+ num_servers -= 1;
+ break;
+ default:
+ break;
+ }
ok = secrets_init();
if (!ok) {
@@ -85,7 +118,7 @@ static size_t classic_servers(
mangle_reset_cache();
*_ep_servers = ep_servers;
- return ARRAY_SIZE(ep_servers);
+ return num_servers;
}
int main(int argc, const char *argv[])
diff --git a/source3/rpc_server/rpcd_epmapper.c b/source3/rpc_server/rpcd_epmapper.c
index 950ba7ec12a..455179ccfba 100644
--- a/source3/rpc_server/rpcd_epmapper.c
+++ b/source3/rpc_server/rpcd_epmapper.c
@@ -19,6 +19,8 @@
#include "rpc_worker.h"
#include "librpc/gen_ndr/ndr_epmapper.h"
#include "librpc/gen_ndr/ndr_epmapper_scompat.h"
+#include "param/loadparm.h"
+#include "libds/common/roles.h"
static size_t epmapper_interfaces(
const struct ndr_interface_table ***pifaces,
@@ -27,8 +29,22 @@ static size_t epmapper_interfaces(
static const struct ndr_interface_table *ifaces[] = {
&ndr_table_epmapper,
};
+ size_t num_ifaces = ARRAY_SIZE(ifaces);
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC epmapper is provided by the 'samba'
+ * binary from source4/
+ */
+ num_ifaces = 0;
+ break;
+ default:
+ break;
+ }
+
*pifaces = ifaces;
- return ARRAY_SIZE(ifaces);
+ return num_ifaces;
}
static size_t epmapper_servers(
@@ -37,11 +53,24 @@ static size_t epmapper_servers(
void *private_data)
{
static const struct dcesrv_endpoint_server *ep_servers[] = { NULL };
+ size_t num_servers = ARRAY_SIZE(ep_servers);
ep_servers[0] = epmapper_get_ep_server();
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC epmapper is provided by the 'samba'
+ * binary from source4/
+ */
+ num_servers = 0;
+ break;
+ default:
+ break;
+ }
+
*_ep_servers = ep_servers;
- return ARRAY_SIZE(ep_servers);
+ return num_servers;
}
int main(int argc, const char *argv[])
diff --git a/source3/rpc_server/rpcd_lsad.c b/source3/rpc_server/rpcd_lsad.c
index 3ca0ed43fdd..b0e021493e7 100644
--- a/source3/rpc_server/rpcd_lsad.c
+++ b/source3/rpc_server/rpcd_lsad.c
@@ -36,6 +36,11 @@ static size_t lsad_interfaces(
&ndr_table_lsarpc,
&ndr_table_samr,
&ndr_table_dssetup,
+ /*
+ * This last item is truncated from the list by the
+ * num_ifaces -= 1 below for the fileserver. Take
+ * care when adding new services.
+ */
&ndr_table_netlogon,
};
size_t num_ifaces = ARRAY_SIZE(ifaces);
@@ -46,6 +51,14 @@ static size_t lsad_interfaces(
/* no netlogon for non-dc */
num_ifaces -= 1;
break;
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * All these services are provided by the 'samba'
+ * binary from source4, not this code which is the
+ * source3 / NT4-like "classic" DC implementation
+ */
+ num_ifaces = 0;
+ break;
default:
break;
}
@@ -80,6 +93,14 @@ static size_t lsad_servers(
/* no netlogon for non-dc */
num_servers -= 1;
break;
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * All these services are provided by the 'samba'
+ * binary from source4, not this code which is the
+ * source3 / NT4-like "classic" DC implementation
+ */
+ num_servers = 0;
+ break;
default:
break;
}
diff --git a/source3/rpc_server/rpcd_rpcecho.c b/source3/rpc_server/rpcd_rpcecho.c
index 9176039819f..37391f563db 100644
--- a/source3/rpc_server/rpcd_rpcecho.c
+++ b/source3/rpc_server/rpcd_rpcecho.c
@@ -19,6 +19,8 @@
#include "rpc_worker.h"
#include "librpc/gen_ndr/ndr_echo.h"
#include "librpc/gen_ndr/ndr_echo_scompat.h"
+#include "param/loadparm.h"
+#include "libds/common/roles.h"
static size_t rpcecho_interfaces(
const struct ndr_interface_table ***pifaces,
@@ -27,8 +29,22 @@ static size_t rpcecho_interfaces(
static const struct ndr_interface_table *ifaces[] = {
&ndr_table_rpcecho,
};
+ size_t num_ifaces = ARRAY_SIZE(ifaces);
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC rpcecho is provided by the 'samba'
+ * binary from source4/
+ */
+ num_ifaces = 0;
+ break;
+ default:
+ break;
+ }
+
*pifaces = ifaces;
- return ARRAY_SIZE(ifaces);
+ return num_ifaces;
}
static size_t rpcecho_servers(
@@ -37,11 +53,24 @@ static size_t rpcecho_servers(
void *private_data)
{
static const struct dcesrv_endpoint_server *ep_servers[1] = { NULL };
+ size_t num_servers = ARRAY_SIZE(ep_servers);
ep_servers[0] = rpcecho_get_ep_server();
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC rpcecho is provided by the 'samba'
+ * binary from source4/
+ */
+ num_servers = 0;
+ break;
+ default:
+ break;
+ }
+
*_ep_servers = ep_servers;
- return ARRAY_SIZE(ep_servers);
+ return num_servers;
}
int main(int argc, const char *argv[])
--
2.34.1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手