dcesrv_core: disconnect after a fault with non AUTH_LEVEL_CONNECT bind

author Stefan Metzmacher <metze@samba.org>

Mon, 23 Sep 2024 14:09:39 +0000 (16:09 +0200)

committer Andreas Schneider <asn@cryptomilk.org>

Thu, 10 Oct 2024 14:01:04 +0000 (14:01 +0000)
author Stefan Metzmacher <metze@samba.org>
Mon, 23 Sep 2024 14:09:39 +0000 (16:09 +0200)
committer Andreas Schneider <asn@cryptomilk.org>
Thu, 10 Oct 2024 14:01:04 +0000 (14:01 +0000)
diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c

index c0a4150e3b3c02b13e9af4928149e9399c9d4788..16063299d83f4ed1bd214f0c56ee43627970f1a1 100644 (file)
--- a/librpc/rpc/dcesrv_core.c
+++ b/librpc/rpc/dcesrv_core.c
@@ -2006,6 +2006,16 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call)
                                   auth->auth_level,
                                   derpc_transport_string_by_transport(transport),
                                   addr));
+                       if (!call->conn->got_explicit_auth_level_non_connect) {
+                               /*
+                                * If there was is no auth context with
+                                * a level higher than DCERPC_AUTH_LEVEL_CONNECT,
+                                * the connection should be disconnected
+                                * after sending the fault.
+                                */
+                               return dcesrv_fault_disconnect0(call,
+                                               DCERPC_FAULT_ACCESS_DENIED);
+                       }
                         return dcesrv_fault(call, DCERPC_FAULT_ACCESS_DENIED);
                 }
                 break;
@@ -2026,6 +2036,16 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call)
                           auth->auth_level,
                           derpc_transport_string_by_transport(transport),
                           addr));
+               if (!call->conn->got_explicit_auth_level_non_connect) {
+                       /*
+                        * If there was is no auth context with
+                        * a level higher than DCERPC_AUTH_LEVEL_CONNECT,
+                        * the connection should be disconnected
+                        * after sending the fault.
+                        */
+                       return dcesrv_fault_disconnect0(call,
+                                       DCERPC_FAULT_ACCESS_DENIED);
+               }
                 return dcesrv_fault(call, DCERPC_FAULT_ACCESS_DENIED);
         }
  
@@ -2197,6 +2217,8 @@ static NTSTATUS dcesrv_process_ncacn_packet(struct dcesrv_connection *dce_conn,
                         dce_conn->default_auth_level_connect = NULL;
                         if (auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
                                 dce_conn->got_explicit_auth_level_connect = true;
+                       } else if (auth_level >= DCERPC_AUTH_LEVEL_PACKET) {
+                               dce_conn->got_explicit_auth_level_non_connect = true;
                         }
                 }
  
diff --git a/librpc/rpc/dcesrv_core.h b/librpc/rpc/dcesrv_core.h

index 3758c8d7de2efb9d14d0a8b78e3dd40998a99224..1a002d889c5145a0ec5c5469b52fd3508a71d45a 100644 (file)
--- a/librpc/rpc/dcesrv_core.h
+++ b/librpc/rpc/dcesrv_core.h
@@ -305,6 +305,7 @@ struct dcesrv_connection {
         struct dcesrv_auth *default_auth_state;
         size_t max_auth_states;
         struct dcesrv_auth *auth_states;
+       bool got_explicit_auth_level_non_connect;
         bool got_explicit_auth_level_connect;
         struct dcesrv_auth *default_auth_level_connect;
         bool client_hdr_signing;
diff --git a/selftest/expectedfail.d/samba4.rpc.backupkey b/selftest/expectedfail.d/samba4.rpc.backupkey

new file mode 100644 (file)

index 0000000..86170ee
--- /dev/null
+++ b/selftest/expectedfail.d/samba4.rpc.backupkey
@@ -0,0 +1,28 @@
+# We require seal and the test also runs differently against Windows 2022 with sign
+^samba4.rpc.backupkey.with.sign.backupkey.restore_guid\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.restore_guid.version.3\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.restore_guid_2nd\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.unable_to_decrypt_secret\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.wrong_user_restore_guid\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.wrong_version_restore_guid\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.empty_request_restore_guid\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_empty_request\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
+^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
diff --git a/selftest/knownfail.d/samba4.rpc.backupkey b/selftest/knownfail.d/samba4.rpc.backupkey

deleted file mode 100644 (file)

index f48d358..0000000
--- a/selftest/knownfail.d/samba4.rpc.backupkey
+++ /dev/null
@@ -1,108 +0,0 @@
-^samba4.rpc.backupkey.with..backupkey.restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.restore_guid.version.3\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.restore_guid_2nd\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.unable_to_decrypt_secret\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.wrong_user_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.wrong_version_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.empty_request_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_empty_request\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
-^samba4.rpc.backupkey.with..backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.restore_guid.version.3\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.restore_guid_2nd\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.unable_to_decrypt_secret\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.wrong_user_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.wrong_version_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.empty_request_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_empty_request\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
-^samba4.rpc.backupkey.with.validate.backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.restore_guid.version.3\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.restore_guid_2nd\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.unable_to_decrypt_secret\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.wrong_user_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.wrong_version_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.empty_request_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_empty_request\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
-^samba4.rpc.backupkey.with.bigendian.backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.restore_guid.version.3\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.restore_guid_2nd\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.unable_to_decrypt_secret\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.wrong_user_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.wrong_version_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_secret_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.bad_hash_on_secret_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.bad_magic_on_accesscheck_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.bad_cert_guid_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.empty_request_restore_guid\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.retreive_backup_key_guid_validate\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_keyGUID\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_empty_request\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_request\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_magic\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_r2\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_payload_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_wrong_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_short_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_decrypt_zero_ciphertext_length\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_remote_key\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_key\(ad_dc_default\)
-^samba4.rpc.backupkey.with.sign.backupkey.server_wrap_encrypt_decrypt_wrong_sid\(ad_dc_default\)
diff --git a/selftest/knownfail.d/test_lsa_multi_auth_connect b/selftest/knownfail.d/test_lsa_multi_auth_connect

deleted file mode 100644 (file)

index 0cd69dc..0000000
--- a/selftest/knownfail.d/test_lsa_multi_auth_connect
+++ /dev/null
@@ -1 +0,0 @@
-^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_lsa_multi_auth_connect...chgdcpass
author	Stefan Metzmacher <metze@samba.org>
	Mon, 23 Sep 2024 14:09:39 +0000 (16:09 +0200)
committer	Andreas Schneider <asn@cryptomilk.org>
	Thu, 10 Oct 2024 14:01:04 +0000 (14:01 +0000)
librpc/rpc/dcesrv_core.c		patch \| blob \| blame \| history
librpc/rpc/dcesrv_core.h		patch \| blob \| blame \| history
selftest/expectedfail.d/samba4.rpc.backupkey	[new file with mode: 0644]	patch \| blob
selftest/knownfail.d/samba4.rpc.backupkey	[deleted file]	patch \| blob \| blame \| history
selftest/knownfail.d/test_lsa_multi_auth_connect	[deleted file]	patch \| blob \| blame \| history