/[smeserver]/rpms/samba/sme10/CVE-2017-12151.patch
ViewVC logotype

Annotation of /rpms/samba/sme10/CVE-2017-12151.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Tue May 8 16:37:53 2018 UTC (6 years, 5 months ago) by jpp
Branch: MAIN
CVS Tags: samba-4_6_2-12_el7_4, samba--, samba-4_6_2-12_3_el7_sme, samba-4_6_2-12_4_el7_sme, samba-4_6_2-12_2_el7_sme
upgrade to samba-4.6.2-12

1 jpp 1.1 From be03c9118e812f93d50c71294fbf9f12bcf2a7f1 Mon Sep 17 00:00:00 2001
2     From: Stefan Metzmacher <metze@samba.org>
3     Date: Mon, 14 Aug 2017 12:13:18 +0200
4     Subject: [PATCH 1/2] CVE-2017-12151: s3:libsmb: add
5     cli_state_is_encryption_on() helper function
6    
7     This allows to check if the current cli_state uses encryption
8     (either via unix extentions or via SMB3).
9    
10     BUG: https://bugzilla.samba.org/show_bug.cgi?id=12996
11    
12     Signed-off-by: Stefan Metzmacher <metze@samba.org>
13     ---
14     source3/libsmb/clientgen.c | 13 +++++++++++++
15     source3/libsmb/proto.h | 1 +
16     2 files changed, 14 insertions(+)
17    
18     diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
19     index bc5c1b1ce3c..3e8523e5ce8 100644
20     --- a/source3/libsmb/clientgen.c
21     +++ b/source3/libsmb/clientgen.c
22     @@ -339,6 +339,19 @@ uint32_t cli_getpid(struct cli_state *cli)
23     return cli->smb1.pid;
24     }
25    
26     +bool cli_state_is_encryption_on(struct cli_state *cli)
27     +{
28     + if (smbXcli_conn_protocol(cli->conn) < PROTOCOL_SMB2_02) {
29     + return smb1cli_conn_encryption_on(cli->conn);
30     + }
31     +
32     + if (cli->smb2.tcon == NULL) {
33     + return false;
34     + }
35     +
36     + return smb2cli_tcon_is_encryption_on(cli->smb2.tcon);
37     +}
38     +
39     bool cli_state_has_tcon(struct cli_state *cli)
40     {
41     uint16_t tid = cli_state_get_tid(cli);
42     diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h
43     index 764f3fc1b12..67fa43e4e4a 100644
44     --- a/source3/libsmb/proto.h
45     +++ b/source3/libsmb/proto.h
46     @@ -195,6 +195,7 @@ const char *cli_state_remote_realm(struct cli_state *cli);
47     uint16_t cli_state_get_vc_num(struct cli_state *cli);
48     uint32_t cli_setpid(struct cli_state *cli, uint32_t pid);
49     uint32_t cli_getpid(struct cli_state *cli);
50     +bool cli_state_is_encryption_on(struct cli_state *cli);
51     bool cli_state_has_tcon(struct cli_state *cli);
52     uint16_t cli_state_get_tid(struct cli_state *cli);
53     uint16_t cli_state_set_tid(struct cli_state *cli, uint16_t tid);
54     --
55     2.13.5
56    
57    
58     From 16d3c8288ae78a686715c242293691c00ec6d7a5 Mon Sep 17 00:00:00 2001
59     From: Stefan Metzmacher <metze@samba.org>
60     Date: Sat, 17 Dec 2016 10:36:49 +0100
61     Subject: [PATCH 2/2] CVE-2017-12151: s3:libsmb: make use of
62     cli_state_is_encryption_on()
63    
64     This will keep enforced encryption across dfs referrals.
65    
66     BUG: https://bugzilla.samba.org/show_bug.cgi?id=12996
67    
68     Signed-off-by: Stefan Metzmacher <metze@samba.org>
69     ---
70     source3/libsmb/clidfs.c | 4 ++--
71     source3/libsmb/libsmb_context.c | 2 +-
72     2 files changed, 3 insertions(+), 3 deletions(-)
73    
74     diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c
75     index c477d7c6a46..99818a681e3 100644
76     --- a/source3/libsmb/clidfs.c
77     +++ b/source3/libsmb/clidfs.c
78     @@ -980,7 +980,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
79     "IPC$",
80     dfs_auth_info,
81     false,
82     - smb1cli_conn_encryption_on(rootcli->conn),
83     + cli_state_is_encryption_on(rootcli),
84     smbXcli_conn_protocol(rootcli->conn),
85     0,
86     0x20,
87     @@ -1038,7 +1038,7 @@ NTSTATUS cli_resolve_path(TALLOC_CTX *ctx,
88     dfs_refs[count].share,
89     dfs_auth_info,
90     false,
91     - smb1cli_conn_encryption_on(rootcli->conn),
92     + cli_state_is_encryption_on(rootcli),
93     smbXcli_conn_protocol(rootcli->conn),
94     0,
95     0x20,
96     diff --git a/source3/libsmb/libsmb_context.c b/source3/libsmb/libsmb_context.c
97     index ed6ca2b1b9f..b55cf1e2d15 100644
98     --- a/source3/libsmb/libsmb_context.c
99     +++ b/source3/libsmb/libsmb_context.c
100     @@ -486,7 +486,7 @@ smbc_option_get(SMBCCTX *context,
101    
102     for (s = context->internal->servers; s; s = s->next) {
103     num_servers++;
104     - if (!smb1cli_conn_encryption_on(s->cli->conn)) {
105     + if (!cli_state_is_encryption_on(s->cli)) {
106     return (void *)false;
107     }
108     }
109     --
110     2.13.5
111    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed