summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2021-08-05 14:22:47 +0200
committerJule Anger <janger@samba.org>2021-11-08 10:46:45 +0100
commitf583cda95abba596b4cd0201b9cfee97287d29c7 (patch)
tree357b72f79af85d1cb455fa5b5acbded380ccc99e
parent215fb2275f0feb1bdaec3148e5d24f649a716ad3 (diff)
downloadsamba-f583cda95abba596b4cd0201b9cfee97287d29c7.tar.gz
CVE-2021-3738 s4:rpc_server/dnsserver: make use of dcesrv_samdb_connect_as_user() helper
This is not strictly required, but it makes it easier to audit that source4/rpc_server no longer calls samdb_connect() directly. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14468 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r--source4/rpc_server/dnsserver/dcerpc_dnsserver.c11
1 files changed, 2 insertions, 9 deletions
diff --git a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
index a5948c7969b..be56c7ad7a2 100644
--- a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
+++ b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "talloc.h"
#include "rpc_server/dcerpc_server.h"
+#include "rpc_server/common/common.h"
#include "dsdb/samdb/samdb.h"
#include "lib/util/dlinklist.h"
#include "librpc/gen_ndr/ndr_dnsserver.h"
@@ -106,8 +107,6 @@ static void dnsserver_reload_zones(struct dnsserver_state *dsstate)
static struct dnsserver_state *dnsserver_connect(struct dcesrv_call_state *dce_call)
{
- struct auth_session_info *session_info =
- dcesrv_call_session_info(dce_call);
struct dnsserver_state *dsstate;
struct dnsserver_zone *zones, *z, *znext;
struct dnsserver_partition *partitions, *p;
@@ -127,13 +126,7 @@ static struct dnsserver_state *dnsserver_connect(struct dcesrv_call_state *dce_c
dsstate->lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
- /* FIXME: create correct auth_session_info for connecting user */
- dsstate->samdb = samdb_connect(dsstate,
- dce_call->event_ctx,
- dsstate->lp_ctx,
- session_info,
- dce_call->conn->remote_address,
- 0);
+ dsstate->samdb = dcesrv_samdb_connect_as_user(dsstate, dce_call);
if (dsstate->samdb == NULL) {
DEBUG(0,("dnsserver: Failed to open samdb"));
goto failed;