mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-27 17:18:59 +00:00
1414f1647d
This fixes the following security problems: * CVE-2015-7560 * CVE-2015-5370 * CVE-2016-2110 * CVE-2016-2111 * CVE-2016-2112 * CVE-2016-2115 * CVE-2016-2118 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49175
163 lines
4.0 KiB
Diff
163 lines
4.0 KiB
Diff
--- a/source3/rpc_server/rpc_handles.c
|
|
+++ b/source3/rpc_server/rpc_handles.c
|
|
@@ -59,8 +59,11 @@ struct handle_list {
|
|
|
|
static bool is_samr_lsa_pipe(const struct ndr_syntax_id *syntax)
|
|
{
|
|
- return (ndr_syntax_id_equal(syntax, &ndr_table_samr.syntax_id)
|
|
- || ndr_syntax_id_equal(syntax, &ndr_table_lsarpc.syntax_id));
|
|
+ return
|
|
+#ifdef SAMR_SUPPORT
|
|
+ ndr_syntax_id_equal(syntax, &ndr_table_samr.syntax_id) ||
|
|
+#endif
|
|
+ ndr_syntax_id_equal(syntax, &ndr_table_lsarpc.syntax_id);
|
|
}
|
|
|
|
size_t num_pipe_handles(struct pipes_struct *p)
|
|
--- a/source3/librpc/rpc/rpc_common.c
|
|
+++ b/source3/librpc/rpc/rpc_common.c
|
|
@@ -100,9 +100,11 @@ static bool initialize_interfaces(void)
|
|
return false;
|
|
}
|
|
#endif
|
|
+#ifdef SAMR_SUPPORT
|
|
if (!smb_register_ndr_interface(&ndr_table_samr)) {
|
|
return false;
|
|
}
|
|
+#endif
|
|
#ifdef NETLOGON_SUPPORT
|
|
if (!smb_register_ndr_interface(&ndr_table_netlogon)) {
|
|
return false;
|
|
--- a/source3/rpc_server/rpc_ep_setup.c
|
|
+++ b/source3/rpc_server/rpc_ep_setup.c
|
|
@@ -557,6 +557,7 @@ static bool lsarpc_init_cb(void *ptr)
|
|
return true;
|
|
}
|
|
|
|
+#ifdef SAMR_SUPPORT
|
|
static bool samr_init_cb(void *ptr)
|
|
{
|
|
struct dcesrv_ep_context *ep_ctx =
|
|
@@ -605,6 +606,7 @@ static bool samr_init_cb(void *ptr)
|
|
|
|
return true;
|
|
}
|
|
+#endif
|
|
|
|
#ifdef NETLOGON_SUPPORT
|
|
static bool netlogon_init_cb(void *ptr)
|
|
@@ -1111,12 +1113,14 @@ bool dcesrv_ep_setup(struct tevent_conte
|
|
return false;
|
|
}
|
|
|
|
+#ifdef SAMR_SUPPORT
|
|
samr_cb.init = samr_init_cb;
|
|
samr_cb.shutdown = NULL;
|
|
samr_cb.private_data = ep_ctx;
|
|
if (!NT_STATUS_IS_OK(rpc_samr_init(&samr_cb))) {
|
|
return false;
|
|
}
|
|
+#endif
|
|
|
|
#ifdef NETLOGON_SUPPORT
|
|
netlogon_cb.init = netlogon_init_cb;
|
|
--- a/source3/smbd/server_exit.c
|
|
+++ b/source3/smbd/server_exit.c
|
|
@@ -159,7 +159,9 @@ static void exit_server_common(enum serv
|
|
#ifdef NETLOGON_SUPPORT
|
|
rpc_netlogon_shutdown();
|
|
#endif
|
|
+#ifdef SAMR_SUPPORT
|
|
rpc_samr_shutdown();
|
|
+#endif
|
|
rpc_lsarpc_shutdown();
|
|
}
|
|
|
|
--- a/source3/rpcclient/rpcclient.c
|
|
+++ b/source3/rpcclient/rpcclient.c
|
|
@@ -623,7 +623,9 @@ static struct cmd_set *rpcclient_command
|
|
rpcclient_commands,
|
|
lsarpc_commands,
|
|
ds_commands,
|
|
+#ifdef SAMR_SUPPORT
|
|
samr_commands,
|
|
+#endif
|
|
#ifdef PRINTER_SUPPORT
|
|
spoolss_commands,
|
|
#endif
|
|
--- a/source3/smbd/lanman.c
|
|
+++ b/source3/smbd/lanman.c
|
|
@@ -2353,6 +2353,10 @@ static bool api_RNetGroupEnum(struct smb
|
|
NTSTATUS status, result;
|
|
struct dcerpc_binding_handle *b;
|
|
|
|
+#ifndef SAMR_SUPPORT
|
|
+ return False;
|
|
+#endif
|
|
+
|
|
if (!str1 || !str2 || !p) {
|
|
return False;
|
|
}
|
|
@@ -2541,6 +2545,10 @@ static bool api_NetUserGetGroups(struct
|
|
NTSTATUS status, result;
|
|
struct dcerpc_binding_handle *b;
|
|
|
|
+#ifndef SAMR_SUPPORT
|
|
+ return False;
|
|
+#endif
|
|
+
|
|
if (!str1 || !str2 || !UserName || !p) {
|
|
return False;
|
|
}
|
|
@@ -2741,6 +2749,10 @@ static bool api_RNetUserEnum(struct smbd
|
|
|
|
struct dcerpc_binding_handle *b;
|
|
|
|
+#ifndef SAMR_SUPPORT
|
|
+ return False;
|
|
+#endif
|
|
+
|
|
if (!str1 || !str2 || !p) {
|
|
return False;
|
|
}
|
|
@@ -2979,6 +2991,10 @@ static bool api_SamOEMChangePassword(str
|
|
int bufsize;
|
|
struct dcerpc_binding_handle *b;
|
|
|
|
+#ifndef SAMR_SUPPORT
|
|
+ return False;
|
|
+#endif
|
|
+
|
|
*rparam_len = 4;
|
|
*rparam = smb_realloc_limit(*rparam,*rparam_len);
|
|
if (!*rparam) {
|
|
@@ -4020,6 +4036,10 @@ static bool api_RNetUserGetInfo(struct s
|
|
union samr_UserInfo *info;
|
|
struct dcerpc_binding_handle *b = NULL;
|
|
|
|
+#ifndef SAMR_SUPPORT
|
|
+ return False;
|
|
+#endif
|
|
+
|
|
if (!str1 || !str2 || !UserName || !p) {
|
|
return False;
|
|
}
|
|
--- a/source3/rpc_server/srv_pipe.c
|
|
+++ b/source3/rpc_server/srv_pipe.c
|
|
@@ -409,6 +409,7 @@ static bool check_bind_req(struct pipes_
|
|
context_fns->syntax = *abstract;
|
|
|
|
context_fns->allow_connect = lp_allow_dcerpc_auth_level_connect();
|
|
+#ifdef SAMR_SUPPORT
|
|
/*
|
|
* for the samr and the lsarpc interfaces we don't allow "connect"
|
|
* auth_level by default.
|
|
@@ -417,6 +418,7 @@ static bool check_bind_req(struct pipes_
|
|
if (ok) {
|
|
context_fns->allow_connect = false;
|
|
}
|
|
+#endif
|
|
ok = ndr_syntax_id_equal(abstract, &ndr_table_lsarpc.syntax_id);
|
|
if (ok) {
|
|
context_fns->allow_connect = false;
|