summaryrefslogtreecommitdiff
path: root/source4/ldap_server
Commit message (Collapse)AuthorAgeFilesLines
* CVE-2018-16851 ldap_server: Check ret before manipulating blobGarming Sam2018-11-281-2/+2
| | | | | | | | | | | | | | In the case of hitting the talloc ~256MB limit, this causes a crash in the server. Note that you would actually need to load >256MB of data into the LDAP. Although there is some generated/hidden data which would help you reach that limit (descriptors and RMD blobs). BUG: https://bugzilla.samba.org/show_bug.cgi?id=13674 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* source4 smdb: Add a post fork hook to the service APIGary Lockyer2018-11-011-11/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | Add a post fork hook to the service API this will be called: - standard process model immediately after the task_init. - single process model immediately after the task_init - prefork process model, inhibit_pre_fork = true immediately after the task_init - prefork process model, inhibit_pre_fork = false after each service worker has forked. It is not run on the service master process. The post fork hook is not called in the standard model if a new process is forked on a new connection. It is instead called immediately after the task_init. The task_init hook has been changed to return an error code. This ensures the post_fork code is only run if the task_init code completed successfully. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* source4 smbd: Make the service_details structure constant.Gary Lockyer2018-11-011-1/+1
| | | | | | Make the service_details structure a static const. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* ldap_server: Fix CID 1435721 Unchecked return valueVolker Lendecke2018-05-241-3/+10
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu May 24 03:35:00 CEST 2018 on sn-devel-144
* ldap_server: Fix CID 1435731 Unchecked return valueVolker Lendecke2018-05-241-3/+11
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* samdb: Add remote address to connectGary Lockyer2018-05-101-2/+6
| | | | | Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb: pass the remote address to samdb connectGary Lockyer2018-05-101-4/+5
| | | | | Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: Fix size typesAndreas Schneider2018-03-201-2/+2
| | | | | | | This fixes compilation with -Wstrict-overflow=2 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* source4/smbd: Do not overstamp the process model with "single"Gary Lockyer2017-10-191-12/+6
| | | | | | | | | Instead, except in RPC which is a special SNOWFLAKE, we rely on the struct service_details in the init function. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* source4/smbd: refactor the process model for preforkGary Lockyer2017-10-191-7/+16
| | | | | | | | | | | | | | | | | | Refactor the process model code to allow the addition of a prefork process model. - Add a process context to contain process model specific state - Add a service details structure to allow service to indicate which process model options they can support. In the new code the services advertise the features they support to the process model. The process model context is plumbed through to allow the process model to keep track of the supported options, and any state the process model may require. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* ldap_server: Plumb ldb error string from a failed connect to ↵Andrew Bartlett2017-09-203-26/+42
| | | | | | | | | ldapsrv_terminate_connection() However, do not plumb it to the client-seen error string, as it could contain server paths. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* ldap: Run the LDAP server with the default (typically standard) process modelAndrew Bartlett2017-07-021-3/+6
| | | | | | | | | | | This allows one LDAP socket to proceed if another fails, and reduces the impact of a crash becoming a DoS bug, as it only impacts one socket. This may mean we have a lot of idle tasks, but this should not be a big issue Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s4:ldap_server: implement async BindSASLStefan Metzmacher2017-06-151-8/+69
| | | | | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Jun 15 13:18:47 CEST 2017 on sn-devel-144
* s4:ldap_server: set result = LDAP_SUCCESS at the end, when we're really doneStefan Metzmacher2017-06-151-3/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: avoid using talloc_reference()Stefan Metzmacher2017-06-151-5/+9
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: remove useless NT_STATUS_IS_OK(status) checkStefan Metzmacher2017-06-151-1/+1
| | | | | | | | We checked a few lines above already, check with: git show -U10 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: remove useless indentation level arround ldapsrv_backend_Init()Stefan Metzmacher2017-06-151-15/+15
| | | | | | | Check with git show -w Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: remove useless indentation level arround gensec_session_info()Stefan Metzmacher2017-06-151-23/+21
| | | | | | | Check with git show -w Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: make the gensec_create_tstream() error checking more clearStefan Metzmacher2017-06-151-12/+11
| | | | | | | Check with 'git show -w'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: only touch conn->session_info on success in ldapsrv_BindSASL()Stefan Metzmacher2017-06-151-6/+4
| | | | | | | | The old conn->session_info (as well as conn->ldb) should only be changed after a successful Bind(). Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: terminate the connection if talloc_reference failsStefan Metzmacher2017-06-151-1/+1
| | | | | | | talloc_reference will be removed completely in the next commits... Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: remove pointless (result != LDAP_SUCCESS) checkStefan Metzmacher2017-06-151-2/+1
| | | | | | | | We set result = LDAP_SUCCESS above and have goto do_reply; in all cases where we overwrite 'result'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: do the transport validation before calling ↵Stefan Metzmacher2017-06-151-12/+14
| | | | | | | gensec_create_tstream() Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: use talloc_zero for ldapsrv_sasl_postprocess_contextStefan Metzmacher2017-06-151-1/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: drop the connection if we fail to allocate ↵Stefan Metzmacher2017-06-151-3/+2
| | | | | | | ldapsrv_sasl_postprocess_context Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: only set *resp->SASL.secblob = output for OK or ↵Stefan Metzmacher2017-06-151-1/+3
| | | | | | | MORE_PROCESSING_REQUIRED Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: remove indentation level for the valid credential caseStefan Metzmacher2017-06-151-92/+89
| | | | | | | Check with git show -w. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: make sure we destroy the gensec context on errorStefan Metzmacher2017-06-151-2/+12
| | | | | | | If the client tries a new bind we need to start with a fresh context. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: avoid pointless check arround LDAP_INVALID_CREDENTIALSStefan Metzmacher2017-06-151-5/+3
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: move invalid credential handling before the success handling.Stefan Metzmacher2017-06-151-11/+15
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: remove an useless indentation level from gensec_update_ev()Stefan Metzmacher2017-06-151-12/+8
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: always allocate resp->SASL.secblobStefan Metzmacher2017-06-151-6/+6
| | | | | | | | The code path with resp->SASL.secblob = NULL was completely untested (and wrong) as ldapsrv_setup_gensec() is very unlikely to ever fail. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: add use goto do_reply; to make the logic in ↵Stefan Metzmacher2017-06-151-2/+12
| | | | | | | | | | ldapsrv_BindSASL() more sane The following patches will simplify the logic by avoiding else branches by using early returns. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: implement async BindSimpleStefan Metzmacher2017-06-151-20/+149
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: improve ldapsrv_UnbindRequest implementationStefan Metzmacher2017-06-151-1/+67
| | | | | | | We should abandon outstanding requests and disconnect the connection. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: add call->wait_send/recv infrastructureStefan Metzmacher2017-06-152-2/+63
| | | | | | | | | | | | If it is set by the dispatch functions, the core server will use call->wait_send() and wait for it to finally return frim call->wait_recv() before it asks for the next incoming pdu. This can be used to implement bind as async operations. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: don't log Unbind and Abandon requests.Stefan Metzmacher2017-06-151-0/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: introduce a ldapsrv_call_destructor()Stefan Metzmacher2017-06-151-0/+13
| | | | | | | | This makes sure that a call doesn't become an stale member of the conn->pending_calls list. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:ldap_server: use talloc_zero() in ldapsrv_init_reply()Stefan Metzmacher2017-06-151-2/+2
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4: Add TALLOC_CTX * to register_server_service().Jeremy Allison2017-05-111-1/+1
| | | | | | | | Use the passed in context from callers. Remove one talloc_autofree_context(). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* lib: modules: Change XXX_init interface from XXX_init(void) to ↵Jeremy Allison2017-04-221-1/+1
| | | | | | | | | | | | | | | | | | | | XXX_init(TALLOC_CTX *) Not currently used - no logic changes inside. This will make it possible to pass down a long-lived talloc context from the loading function for modules to use instead of having them internally all use talloc_autofree_context() which is a hidden global. Updated all known module interface numbers, and added a WHATSNEW. Signed-off-by: Jeremy Allison <jra@samba.org> Signed-off-by: Ralph Böhme <slow@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Apr 22 01:17:00 CEST 2017 on sn-devel-144
* ldap_server: Move a variable into a smaller scopeGarming Sam2017-03-291-1/+1
| | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz>
* auth: Add hooks for notification of authentication events over the message busAndrew Bartlett2017-03-291-1/+3
| | | | | | | | This will allow tests to be written to confirm the correct events are triggered. We pass in a messaging context from the callers Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* auth: Log the transport connection for the authorizationAndrew Bartlett2017-03-292-1/+14
| | | | | | | We also log if a simple bind was over TLS, as this particular case matters to a lot of folks Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* ldap_server: Log access without a bindAndrew Bartlett2017-03-294-2/+59
| | | | | | | | | | This can be over the privileged ldapi socket, or just as the implicit anonymous access However, do not log for setting up StartTLS, or a rootDSE search. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* ldap_server: Log authorization for simple bindsAndrew Bartlett2017-03-291-0/+6
| | | | | | | | Existing comment is no longer relevant. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* ldap_server: Move code into authenticate_ldap_simple_bind()Andrew Bartlett2017-03-291-13/+9
| | | | | | | | | | | | | This function is only called for simple binds, and by moving the mapping into the function call we allow the unmapped values to be included in the user_info and so logged. We also include the local address and the remote address of the client for future logging Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* s4-ldap_server: Do not set conn->session_info to NULL, keep valid at all timesAndrew Bartlett2017-03-291-2/+0
| | | | | | | | | | | | We need this to be valid, right up until a new session_info is created and it is replaced. We need this to have a valid value at all times, and we are still anonymous until the new bind completes Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* s4-ldap_server: Set remote and local address values into GENSECAndrew Bartlett2017-03-291-0/+12
| | | | | | | | | This will allow channel bindings and logging of the address values used during authentication Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* s4-ldap_server: Split gensec setup into a helper functionAndrew Bartlett2017-03-291-22/+37
| | | | | | | | | This makes the error handling simpler when we set more details onto the gensec context. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
View Lorry Controller Status