openwrtv4/package/network/services/samba36/patches/120-add_missing_ifdef.patch
Hauke Mehrtens 1414f1647d samba: fix some security problems
This fixes the following security problems:
* CVE-2015-7560
* CVE-2015-5370
* CVE-2016-2110
* CVE-2016-2111
* CVE-2016-2112
* CVE-2016-2115
* CVE-2016-2118

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49175
2016-04-16 20:06:34 +00:00

41 lines
1.1 KiB
Diff

--- a/source3/librpc/rpc/rpc_common.c
+++ b/source3/librpc/rpc/rpc_common.c
@@ -119,9 +119,11 @@ static bool initialize_interfaces(void)
if (!smb_register_ndr_interface(&ndr_table_netdfs)) {
return false;
}
+#ifdef DEVELOPER
if (!smb_register_ndr_interface(&ndr_table_rpcecho)) {
return false;
}
+#endif
if (!smb_register_ndr_interface(&ndr_table_initshutdown)) {
return false;
}
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -628,7 +628,9 @@ static struct cmd_set *rpcclient_command
netlogon_commands,
srvsvc_commands,
dfs_commands,
+#ifdef DEVELOPER
echo_commands,
+#endif
epmapper_commands,
shutdown_commands,
test_commands,
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -433,10 +433,12 @@ static bool check_bind_req(struct pipes_
if (ok) {
context_fns->allow_connect = true;
}
+#ifdef DEVELOPER
ok = ndr_syntax_id_equal(abstract, &ndr_table_rpcecho.syntax_id);
if (ok) {
context_fns->allow_connect = true;
}
+#endif
/*
* every interface can be modified to allow "connect" auth_level by
* using a parametric option like: