rpms / samba

Clone
Source Code
GIT

Blame SOURCES/0106-s4-rpc_server-backupkey-consistently-check-error-cod.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c7-sig-storage-samba-411 c8 c8-beta c8-sig-storage-samba-411 c8-sig-storage-samba-412 c8-sig-storage-samba-413 c8-sig-storage-samba-414 c8-sig-storage-samba-415 c8s c8s-sig-storage-samba-413 c8s-sig-storage-samba-414 c8s-sig-storage-samba-415 c8s-sig-storage-samba-416 c8s-sig-storage-samba-417 c8s-sig-storage-samba-418 c8s-sig-storage-samba-419 c8s-sig-storage-samba-420 c9 c9-beta c9s-sig-storage-samba-414 c9s-sig-storage-samba-415 c9s-sig-storage-samba-416 c9s-sig-storage-samba-417 c9s-sig-storage-samba-418 c9s-sig-storage-samba-419 c9s-sig-storage-samba-420
  1.   1524bce68237a310d30890f913d121753a7d972c
  2.   SOURCES
  3.   0106-s4-rpc_server-backupkey-consistently-check-error-cod.patch
Blob History Raw
1524bc 
From ac505bb247d1f63d6c22d380e4db5a5f84cd2ff1 Mon Sep 17 00:00:00 2001
1524bc 
From: Andrew Bartlett <abartlet@samba.org>
1524bc 
Date: Fri, 16 Aug 2019 16:08:57 +1200
1524bc 
Subject: [PATCH 106/187] s4-rpc_server/backupkey: consistently check error
1524bc 
 codes from GnuTLS
1524bc
1524bc 
This uses the new gnutls_error_to_werror()
1524bc
1524bc 
This should resolve Coverity 1452111 as forwarded by Volker.
1524bc
1524bc 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
1524bc 
Reviewed-by: Andreas Schneider <asn@samba.org>
1524bc 
(cherry picked from commit 2d54559aad9af81cf21d223dad28b48184c59f44)
1524bc 
---
1524bc 
 .../rpc_server/backupkey/dcesrv_backupkey.c   | 146 +++++++++++-------
1524bc 
 source4/rpc_server/wscript_build              |   2 +-
1524bc 
 2 files changed, 92 insertions(+), 56 deletions(-)
1524bc
1524bc 
diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c
1524bc 
index a826ae083f4..cea6a28e4e2 100644
1524bc 
--- a/source4/rpc_server/backupkey/dcesrv_backupkey.c
1524bc 
+++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c
1524bc 
@@ -42,6 +42,8 @@
1524bc 
 #include <gnutls/crypto.h>
1524bc 
 #include <gnutls/abstract.h>
1524bc
1524bc 
+#include "lib/crypto/gnutls_helpers.h"
1524bc 
+
1524bc 
 #define DCESRV_INTERFACE_BACKUPKEY_BIND(context, iface) \
1524bc 
 	dcesrv_interface_backupkey_bind(context, iface)
1524bc 
 static NTSTATUS dcesrv_interface_backupkey_bind(struct dcesrv_connection_context *context,
1524bc 
@@ -1439,15 +1441,23 @@ static WERROR bkrp_server_wrap_decrypt_data(struct dcesrv_call_state *dce_call,
1524bc 
 	 * BACKUPKEY_BACKUP_GUID, it really is the whole key
1524bc 
 	 */
1524bc
1524bc 
-	gnutls_hmac_init(&hmac_hnd,
1524bc 
-			 GNUTLS_MAC_SHA1,
1524bc 
-			 server_key.key,
1524bc 
-			 sizeof(server_key.key));
1524bc 
-	gnutls_hmac(hmac_hnd,
1524bc 
+	rc = gnutls_hmac_init(&hmac_hnd,
1524bc 
+			      GNUTLS_MAC_SHA1,
1524bc 
+			      server_key.key,
1524bc 
+			      sizeof(server_key.key));
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc 
+
1524bc 
+	rc = gnutls_hmac(hmac_hnd,
1524bc 
 		    decrypt_request.r2,
1524bc 
 		    sizeof(decrypt_request.r2));
1524bc 
-	gnutls_hmac_output(hmac_hnd, symkey);
1524bc
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc 
+
1524bc 
+	gnutls_hmac_output(hmac_hnd, symkey);
1524bc 
 	dump_data_pw("symkey: \n", symkey, sizeof(symkey));
1524bc
1524bc 
 	/* rc4 decrypt sid and secret using sym key */
1524bc 
@@ -1462,9 +1472,7 @@ static WERROR bkrp_server_wrap_decrypt_data(struct dcesrv_call_state *dce_call,
1524bc 
 				&cipher_key,
1524bc 
 				NULL);
1524bc 
 	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
-		DBG_ERR("gnutls_cipher_init failed - %s\n",
1524bc 
-			gnutls_strerror(rc));
1524bc 
-		return WERR_INVALID_PARAMETER;
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
 	}
1524bc 
 	rc = gnutls_cipher_encrypt2(cipher_hnd,
1524bc 
 				    encrypted_blob.data,
1524bc 
@@ -1473,9 +1481,7 @@ static WERROR bkrp_server_wrap_decrypt_data(struct dcesrv_call_state *dce_call,
1524bc 
 				    encrypted_blob.length);
1524bc 
 	gnutls_cipher_deinit(cipher_hnd);
1524bc 
 	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
-		DBG_ERR("gnutls_cipher_encrypt2 failed - %s\n",
1524bc 
-			gnutls_strerror(rc));
1524bc 
-		return WERR_INVALID_PARAMETER;
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
 	}
1524bc
1524bc 
 	ndr_err = ndr_pull_struct_blob_all(&encrypted_blob, mem_ctx, &rc4payload,
1524bc 
@@ -1494,9 +1500,13 @@ static WERROR bkrp_server_wrap_decrypt_data(struct dcesrv_call_state *dce_call,
1524bc 
 	 * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1
1524bc 
 	 * BACKUPKEY_BACKUP_GUID, it really is the whole key
1524bc 
 	 */
1524bc 
-	gnutls_hmac(hmac_hnd,
1524bc 
-		    rc4payload.r3,
1524bc 
-		    sizeof(rc4payload.r3));
1524bc 
+	rc = gnutls_hmac(hmac_hnd,
1524bc 
+			 rc4payload.r3,
1524bc 
+			 sizeof(rc4payload.r3));
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc 
+
1524bc 
 	gnutls_hmac_deinit(hmac_hnd, mackey);
1524bc
1524bc 
 	dump_data_pw("mackey: \n", mackey, sizeof(mackey));
1524bc 
@@ -1507,20 +1517,31 @@ static WERROR bkrp_server_wrap_decrypt_data(struct dcesrv_call_state *dce_call,
1524bc 
 		return WERR_INTERNAL_ERROR;
1524bc 
 	}
1524bc
1524bc 
-	gnutls_hmac_init(&hmac_hnd,
1524bc 
-			 GNUTLS_MAC_SHA1,
1524bc 
-			 mackey,
1524bc 
-			 sizeof(mackey));
1524bc 
+	rc = gnutls_hmac_init(&hmac_hnd,
1524bc 
+			      GNUTLS_MAC_SHA1,
1524bc 
+			      mackey,
1524bc 
+			      sizeof(mackey));
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc 
+
1524bc 
 	/* SID field */
1524bc 
-	gnutls_hmac(hmac_hnd,
1524bc 
-		    sid_blob.data,
1524bc 
-		    sid_blob.length);
1524bc 
+	rc = gnutls_hmac(hmac_hnd,
1524bc 
+			 sid_blob.data,
1524bc 
+			 sid_blob.length);
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc 
+
1524bc 
 	/* Secret field */
1524bc 
-	gnutls_hmac(hmac_hnd,
1524bc 
-		    rc4payload.secret_data.data,
1524bc 
-		    rc4payload.secret_data.length);
1524bc 
-	gnutls_hmac_deinit(hmac_hnd, mac);
1524bc 
+	rc = gnutls_hmac(hmac_hnd,
1524bc 
+			 rc4payload.secret_data.data,
1524bc 
+			 rc4payload.secret_data.length);
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc
1524bc 
+	gnutls_hmac_deinit(hmac_hnd, mac);
1524bc 
 	dump_data_pw("mac: \n", mac, sizeof(mac));
1524bc 
 	dump_data_pw("rc4payload.mac: \n", rc4payload.mac, sizeof(rc4payload.mac));
1524bc
1524bc 
@@ -1657,26 +1678,34 @@ static WERROR bkrp_server_wrap_encrypt_data(struct dcesrv_call_state *dce_call,
1524bc 
 	 * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1
1524bc 
 	 * BACKUPKEY_BACKUP_GUID, it really is the whole key
1524bc 
 	 */
1524bc 
-	gnutls_hmac_init(&hmac_hnd,
1524bc 
-			 GNUTLS_MAC_SHA1,
1524bc 
-			 server_key.key,
1524bc 
-			 sizeof(server_key.key));
1524bc 
-	gnutls_hmac(hmac_hnd,
1524bc 
-		    server_side_wrapped.r2,
1524bc 
-		    sizeof(server_side_wrapped.r2));
1524bc 
-	gnutls_hmac_output(hmac_hnd, symkey);
1524bc 
+	rc = gnutls_hmac_init(&hmac_hnd,
1524bc 
+			      GNUTLS_MAC_SHA1,
1524bc 
+			      server_key.key,
1524bc 
+			      sizeof(server_key.key));
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc
1524bc 
+	rc = gnutls_hmac(hmac_hnd,
1524bc 
+			 server_side_wrapped.r2,
1524bc 
+			 sizeof(server_side_wrapped.r2));
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc 
+	gnutls_hmac_output(hmac_hnd, symkey);
1524bc 
 	dump_data_pw("symkey: \n", symkey, sizeof(symkey));
1524bc
1524bc 
 	/*
1524bc 
 	 * This is *not* the leading 64 bytes, as indicated in MS-BKRP 3.1.4.1.1
1524bc 
 	 * BACKUPKEY_BACKUP_GUID, it really is the whole key
1524bc 
 	 */
1524bc 
-	gnutls_hmac(hmac_hnd,
1524bc 
-		    rc4payload.r3,
1524bc 
-		    sizeof(rc4payload.r3));
1524bc 
+	rc = gnutls_hmac(hmac_hnd,
1524bc 
+			 rc4payload.r3,
1524bc 
+			 sizeof(rc4payload.r3));
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc 
 	gnutls_hmac_deinit(hmac_hnd, mackey);
1524bc 
-
1524bc 
 	dump_data_pw("mackey: \n", mackey, sizeof(mackey));
1524bc
1524bc 
 	ndr_err = ndr_push_struct_blob(&sid_blob, mem_ctx, caller_sid,
1524bc 
@@ -1688,20 +1717,31 @@ static WERROR bkrp_server_wrap_encrypt_data(struct dcesrv_call_state *dce_call,
1524bc 
 	rc4payload.secret_data.data = r->in.data_in;
1524bc 
 	rc4payload.secret_data.length = r->in.data_in_len;
1524bc
1524bc 
-	gnutls_hmac_init(&hmac_hnd,
1524bc 
-			 GNUTLS_MAC_SHA1,
1524bc 
-			 mackey,
1524bc 
-			 sizeof(mackey));
1524bc 
+	rc = gnutls_hmac_init(&hmac_hnd,
1524bc 
+			      GNUTLS_MAC_SHA1,
1524bc 
+			      mackey,
1524bc 
+			      sizeof(mackey));
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc 
+
1524bc 
 	/* SID field */
1524bc 
-	gnutls_hmac(hmac_hnd,
1524bc 
-		    sid_blob.data,
1524bc 
-		    sid_blob.length);
1524bc 
+	rc = gnutls_hmac(hmac_hnd,
1524bc 
+			 sid_blob.data,
1524bc 
+			 sid_blob.length);
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc 
+
1524bc 
 	/* Secret field */
1524bc 
-	gnutls_hmac(hmac_hnd,
1524bc 
-		    rc4payload.secret_data.data,
1524bc 
-		    rc4payload.secret_data.length);
1524bc 
-	gnutls_hmac_deinit(hmac_hnd, rc4payload.mac);
1524bc 
+	rc = gnutls_hmac(hmac_hnd,
1524bc 
+			 rc4payload.secret_data.data,
1524bc 
+			 rc4payload.secret_data.length);
1524bc 
+	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
+	}
1524bc
1524bc 
+	gnutls_hmac_deinit(hmac_hnd, rc4payload.mac);
1524bc 
 	dump_data_pw("rc4payload.mac: \n", rc4payload.mac, sizeof(rc4payload.mac));
1524bc
1524bc 
 	rc4payload.sid = *caller_sid;
1524bc 
@@ -1721,9 +1761,7 @@ static WERROR bkrp_server_wrap_encrypt_data(struct dcesrv_call_state *dce_call,
1524bc 
 				&cipher_key,
1524bc 
 				NULL);
1524bc 
 	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
-		DBG_ERR("gnutls_cipher_init failed - %s\n",
1524bc 
-			gnutls_strerror(rc));
1524bc 
-		return WERR_INVALID_PARAMETER;
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
 	}
1524bc 
 	rc = gnutls_cipher_encrypt2(cipher_hnd,
1524bc 
 				    encrypted_blob.data,
1524bc 
@@ -1732,9 +1770,7 @@ static WERROR bkrp_server_wrap_encrypt_data(struct dcesrv_call_state *dce_call,
1524bc 
 				    encrypted_blob.length);
1524bc 
 	gnutls_cipher_deinit(cipher_hnd);
1524bc 
 	if (rc != GNUTLS_E_SUCCESS) {
1524bc 
-		DBG_ERR("gnutls_cipher_encrypt2 failed - %s\n",
1524bc 
-			gnutls_strerror(rc));
1524bc 
-		return WERR_INVALID_PARAMETER;
1524bc 
+		return gnutls_error_to_werror(rc, WERR_INTERNAL_ERROR);
1524bc 
 	}
1524bc
1524bc 
 	/* create server wrap structure */
1524bc 
diff --git a/source4/rpc_server/wscript_build b/source4/rpc_server/wscript_build
1524bc 
index a5c1c1d9a2c..18ec5aef894 100644
1524bc 
--- a/source4/rpc_server/wscript_build
1524bc 
+++ b/source4/rpc_server/wscript_build
1524bc 
@@ -124,7 +124,7 @@ bld.SAMBA_MODULE('dcerpc_backupkey',
1524bc 
 		 autoproto='backupkey/proto.h',
1524bc 
 		 subsystem='dcerpc_server',
1524bc 
 		 init_function='dcerpc_server_backupkey_init',
1524bc 
-		 deps='samdb DCERPC_COMMON NDR_BACKUPKEY RPC_NDR_BACKUPKEY gnutls',
1524bc 
+		 deps='samdb DCERPC_COMMON NDR_BACKUPKEY RPC_NDR_BACKUPKEY gnutls GNUTLS_HELPERS',
1524bc 
 		 )
1524bc
1524bc
1524bc 
--
1524bc 
2.23.0
1524bc

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation