diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2014-09-05 17:00:31 +1200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2014-09-30 12:32:05 +0200 |
| commit | e2cd3257141bd4a88cda1fff5bde9df60b253a97 (patch) | |
| tree | 966c4149fa1aaf989840879ee77fea0dc0d89bda /source3 | |
| parent | b9701a0a79dd15dd6f53075638fba9a2a3d92e19 (diff) | |
| download | samba-e2cd3257141bd4a88cda1fff5bde9df60b253a97.tar.gz | |
winbindd: Do not make anonymous connections by default
The requirement is that we have "winbind sealed pipes = false" and
"require strong key = false" before we make anonymous connections.
These are a security risk as we cannot prevent MITM attacks.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/winbindd/winbindd_cm.c | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 05e9692faf4..3a9780ebedb 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2578,6 +2578,15 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, anonymous: /* Finally fall back to anonymous. */ + if (lp_winbind_sealed_pipes() || lp_require_strong_key()) { + status = NT_STATUS_DOWNGRADE_DETECTED; + DEBUG(1, ("Unwilling to make SAMR connection to domain %s" + "without connection level security, " + "must set 'winbind sealed pipes = false' and " + "'require strong key = false' to proceed: %s\n", + domain->name, nt_errstr(status))); + goto done; + } status = cli_rpc_pipe_open_noauth(conn->cli, &ndr_table_samr, &conn->samr_pipe); @@ -2802,6 +2811,16 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, anonymous: + if (lp_winbind_sealed_pipes() || lp_require_strong_key()) { + result = NT_STATUS_DOWNGRADE_DETECTED; + DEBUG(1, ("Unwilling to make LSA connection to domain %s" + "without connection level security, " + "must set 'winbind sealed pipes = false' and " + "'require strong key = false' to proceed: %s\n", + domain->name, nt_errstr(result))); + goto done; + } + result = cli_rpc_pipe_open_noauth(conn->cli, &ndr_table_lsarpc, &conn->lsa_pipe); @@ -2959,6 +2978,16 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, no_schannel: if (!(conn->netlogon_flags & NETLOGON_NEG_AUTHENTICATED_RPC)) { + if (lp_winbind_sealed_pipes() || lp_require_strong_key()) { + result = NT_STATUS_DOWNGRADE_DETECTED; + DEBUG(1, ("Unwilling to make connection to domain %s" + "without connection level security, " + "must set 'winbind sealed pipes = false' and " + "'require strong key = false' to proceed: %s\n", + domain->name, nt_errstr(result))); + invalidate_cm_connection(conn); + return result; + } result = cli_rpc_pipe_open_noauth(conn->cli, &ndr_table_netlogon, &conn->netlogon_pipe); |