git.ipfire.org Git - thirdparty/samba.git/commit

author	Jeremy Allison <jra@samba.org>
	Tue, 7 Jul 2015 07:15:39 +0000 (09:15 +0200)
committer	Stefan Metzmacher <metze@samba.org>
	Wed, 30 Mar 2016 02:10:14 +0000 (04:10 +0200)
commit	0239bfa562ee303c4ac204375b3c66ca287f6cb0
tree	09a26aa0bc156417a2e0297c0cac528dacf0410f	tree
parent	63d21d2546a1064be73582a499ec15b0e11e2708	commit \| diff

CVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violate the spec

The first pdu is always a BIND.

REQUEST pdus are only allowed once the authentication
is finished.

A simple anonymous authentication is finished after the BIND.
Real authentication may need additional ALTER or AUTH3 exchanges.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

source3/rpc_server/rpc_handles.c		diff \| blob \| blame \| history
source3/rpc_server/rpc_pipes.h		diff \| blob \| blame \| history
source3/rpc_server/srv_pipe.c		diff \| blob \| blame \| history