samba.git/source3/auth/check_samsec.c, branch talloc-2.4.4 Unnamed repository; edit this file 'description' to name the repository. s3:auth: let check_sam_security() add NETLOGON_NTLMV2_ENABLED 2025-01-15T13:03:34+00:00 Stefan Metzmacher metze@samba.org 2025-01-15T11:41:21+00:00 10f38aff7c23dc20bc98cf0e02a430f8b0d7b1ad BUG: https://bugzilla.samba.org/show_bug.cgi?id=15783 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15783

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
s3:auth: Fix code spelling 2023-07-05T06:34:32+00:00 Andreas Schneider asn@samba.org 2023-06-30T10:06:01+00:00 e57f034f013bda65618898f22f3fb0cb903f0d94 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz> 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 auth: Return status code if configuration prohibits NTLM 2023-05-16T23:29:32+00:00 Joseph Sutton josephsutton@catalyst.net.nz 2022-05-19T04:45:55+00:00 2a8db072934f2b75b992b57c9133afba446b74f5 Currently, we rely on ‘stored_nt’ being NULL to give an NT_STATUS_WRONG_PASSWORD error. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Currently, we rely on ‘stored_nt’ being NULL to give an
NT_STATUS_WRONG_PASSWORD error.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
s3:auth: Flush the GETPWSID in memory cache for NTLM auth 2022-09-16T20:30:31+00:00 Andreas Schneider asn@samba.org 2022-09-12T14:31:05+00:00 9ef2f7345f0d387567fca598cc7008af95598903 Example valgrind output: ==22502== 22,747,002 bytes in 21,049 blocks are possibly lost in loss record 1,075 of 1,075 ==22502== at 0x4C29F73: malloc (vg_replace_malloc.c:309) ==22502== by 0x11D7089C: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.16) ==22502== by 0x9027834: tcopy_passwd (in /usr/lib64/libsmbconf.so.0) ==22502== by 0x6A1E1A3: pdb_copy_sam_account (in /usr/lib64/libsamba-passdb.so.0.27.2) ==22502== by 0x6A28AB7: pdb_getsampwnam (in /usr/lib64/libsamba-passdb.so.0.27.2) ==22502== by 0x65D0BC4: check_sam_security (in /usr/lib64/samba/libauth-samba4.so) ==22502== by 0x65C70F0: ??? (in /usr/lib64/samba/libauth-samba4.so) ==22502== by 0x65C781A: auth_check_ntlm_password (in /usr/lib64/samba/libauth-samba4.so) ==22502== by 0x14E464: ??? (in /usr/sbin/winbindd) ==22502== by 0x151CED: winbind_dual_SamLogon (in /usr/sbin/winbindd) ==22502== by 0x152072: winbindd_dual_pam_auth_crap (in /usr/sbin/winbindd) ==22502== by 0x167DE0: ??? (in /usr/sbin/winbindd) ==22502== by 0x12F29B12: tevent_common_invoke_fd_handler (in /usr/lib64/libtevent.so.0.9.39) ==22502== by 0x12F30086: ??? (in /usr/lib64/libtevent.so.0.9.39) ==22502== by 0x12F2E056: ??? (in /usr/lib64/libtevent.so.0.9.39) ==22502== by 0x12F2925C: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.39) ==22502== by 0x16A243: ??? (in /usr/sbin/winbindd) ==22502== by 0x16AA04: ??? (in /usr/sbin/winbindd) ==22502== by 0x12F29F68: tevent_common_invoke_immediate_handler (in /usr/lib64/libtevent.so.0.9.39) ==22502== by 0x12F29F8F: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.39) ==22502== by 0x12F2FE3C: ??? (in /usr/lib64/libtevent.so.0.9.39) ==22502== by 0x12F2E056: ??? (in /usr/lib64/libtevent.so.0.9.39) ==22502== by 0x12F2925C: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.39) ==22502== by 0x12F4C7: main (in /usr/sbin/winbindd) You can find one for each string in pdb_copy_sam_account(), in total this already has 67 MB in total for this valgrind run. pdb_getsampwnam() -> memcache_add_talloc(NULL, PDB_GETPWSID_CACHE, ...) BUG: https://bugzilla.samba.org/show_bug.cgi?id=15169 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Sep 16 20:30:31 UTC 2022 on sn-devel-184 
Example valgrind output:

==22502== 22,747,002 bytes in 21,049 blocks are possibly lost in loss record 1,075 of 1,075
==22502==    at 0x4C29F73: malloc (vg_replace_malloc.c:309)
==22502==    by 0x11D7089C: _talloc_pooled_object (in /usr/lib64/libtalloc.so.2.1.16)
==22502==    by 0x9027834: tcopy_passwd (in /usr/lib64/libsmbconf.so.0)
==22502==    by 0x6A1E1A3: pdb_copy_sam_account (in /usr/lib64/libsamba-passdb.so.0.27.2)
==22502==    by 0x6A28AB7: pdb_getsampwnam (in /usr/lib64/libsamba-passdb.so.0.27.2)
==22502==    by 0x65D0BC4: check_sam_security (in /usr/lib64/samba/libauth-samba4.so)
==22502==    by 0x65C70F0: ??? (in /usr/lib64/samba/libauth-samba4.so)
==22502==    by 0x65C781A: auth_check_ntlm_password (in /usr/lib64/samba/libauth-samba4.so)
==22502==    by 0x14E464: ??? (in /usr/sbin/winbindd)
==22502==    by 0x151CED: winbind_dual_SamLogon (in /usr/sbin/winbindd)
==22502==    by 0x152072: winbindd_dual_pam_auth_crap (in /usr/sbin/winbindd)
==22502==    by 0x167DE0: ??? (in /usr/sbin/winbindd)
==22502==    by 0x12F29B12: tevent_common_invoke_fd_handler (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F30086: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2E056: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2925C: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x16A243: ??? (in /usr/sbin/winbindd)
==22502==    by 0x16AA04: ??? (in /usr/sbin/winbindd)
==22502==    by 0x12F29F68: tevent_common_invoke_immediate_handler (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F29F8F: tevent_common_loop_immediate (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2FE3C: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2E056: ??? (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F2925C: _tevent_loop_once (in /usr/lib64/libtevent.so.0.9.39)
==22502==    by 0x12F4C7: main (in /usr/sbin/winbindd)

You can find one for each string in pdb_copy_sam_account(), in total
this already has 67 MB in total for this valgrind run.

pdb_getsampwnam() -> memcache_add_talloc(NULL, PDB_GETPWSID_CACHE, ...)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15169

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep 16 20:30:31 UTC 2022 on sn-devel-184
CVE-2021-20251 s3: ensure bad password count atomic updates 2022-09-12T23:07:38+00:00 Jeremy Allison jra@samba.org 2021-01-11T20:11:35+00:00 8587734bf989aeaafa9d09d78d0f381caf52d285 The bad password count is supposed to limit the number of failed login attempt a user can make before being temporarily locked out, but race conditions between processes have allowed determined attackers to make many more than the specified number of attempts. This is especially bad on constrained or overcommitted hardware. To fix this, once a bad password is detected, we reload the sam account information under a user-specific mutex, ensuring we have an up to date bad password count. Discovered by Nathaniel W. Turner. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
The bad password count is supposed to limit the number of failed login
attempt a user can make before being temporarily locked out, but race
conditions between processes have allowed determined attackers to make
many more than the specified number of attempts.  This is especially
bad on constrained or overcommitted hardware.

To fix this, once a bad password is detected, we reload the sam account
information under a user-specific mutex, ensuring we have an up to
date bad password count.

Discovered by Nathaniel W. Turner.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
s3:auth: Zero memory in sam_password_ok() 2022-08-26T07:59:32+00:00 Pavel Filipenský pfilipensky@samba.org 2022-08-08T13:23:05+00:00 ccae2a4ab5478acea7c37134d486c3562ff5c3dc Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 auth3: if (ret==False) just looks weird 2021-04-27T13:24:35+00:00 Volker Lendecke vl@samba.org 2021-04-21T19:30:30+00:00 4e034e8f8fcd5e63dc4afe5a210ccea347bfa523 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 auth3: Fix a typo 2020-01-30T12:27:40+00:00 Volker Lendecke vl@samba.org 2020-01-27T15:43:24+00:00 9f2b131c5700e0f44db01e8c458d018258aee8ba Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 auth: Use "all_zero" where appropriate 2017-01-03T15:04:28+00:00 Volker Lendecke vl@samba.org 2016-12-31T12:45:51+00:00 f5847b6e3484f7660535e60ba2d5df2fc8dad096 ... Saves a few bytes of footprint Signed-off-by: Volker Lendecke <vl@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> 
... Saves a few bytes of footprint

Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Convert all uses of uint32/16/8 to _t in source3/auth. 2015-05-13T17:11:24+00:00 Richard Sharpe rsharpe@samba.org 2015-05-11T01:17:56+00:00 0f9f5bab27e61e5498530195c923616c017cf5b7 Signed-off-by: Richard Sharpe <rsharpe@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 
Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>