samba/backport-0003-CVE-2022-37966.patch

From 82b79af664af50d3dc52b5785c4febd82ed317c3 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Oct 2022 08:47:32 +0200
Subject: [PATCH 03/54] CVE-2022-37966 s3:utils: Fix old-style function
 definition

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit b787692b5e915031d4653bf375995320ed1aca07)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Conflict: NA
Reference: https://attachments.samba.org/attachment.cgi?id=17695
---
 source3/utils/ntlm_auth.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 7d17e33c9fe8..1306951c2a8d 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -367,7 +367,7 @@ const char *get_winbind_netbios_name(void)
 
 }
 
-DATA_BLOB get_challenge(void) 
+DATA_BLOB get_challenge(void)
 {
 	static DATA_BLOB chal;
 	if (opt_challenge.length)
@@ -443,7 +443,7 @@ static bool get_require_membership_sid(void) {
  * need to contact trusted domain
  */
 
-int get_pam_winbind_config()
+int get_pam_winbind_config(void)
 {
 	int ctrl = 0;
 	struct tiniparser_dictionary *d = NULL;
@@ -717,7 +717,7 @@ static NTSTATUS contact_winbind_change_pswd_auth_crap(const char *username,
 	nt_status = (NT_STATUS(response.data.auth.nt_status));
 	if (!NT_STATUS_IS_OK(nt_status))
 	{
-		if (error_string) 
+		if (error_string)
 			*error_string = smb_xstrdup(response.data.auth.error_string);
 		winbindd_free_response(&response);
 		return nt_status;
@@ -867,7 +867,7 @@ done:
 
 
 /**
- * Return the challenge as determined by the authentication subsystem 
+ * Return the challenge as determined by the authentication subsystem
  * @return an 8 byte random challenge
  */
 
@@ -875,7 +875,7 @@ static NTSTATUS ntlm_auth_get_challenge(struct auth4_context *auth_ctx,
 					uint8_t chal[8])
 {
 	if (auth_ctx->challenge.data.length == 8) {
-		DEBUG(5, ("auth_get_challenge: returning previous challenge by module %s (normal)\n", 
+		DEBUG(5, ("auth_get_challenge: returning previous challenge by module %s (normal)\n",
 			  auth_ctx->challenge.set_by));
 		memcpy(chal, auth_ctx->challenge.data.data, 8);
 		return NT_STATUS_OK;
@@ -1941,7 +1941,7 @@ static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mod
 
 				printf("Authenticated: Yes\n");
 
-				if (ntlm_server_1_lm_session_key 
+				if (ntlm_server_1_lm_session_key
 				    && (!all_zero(lm_key,
 						  sizeof(lm_key)))) {
 					hex_lm_key = hex_encode_talloc(NULL,
-- 
2.34.1
fix CVE-2022-38023 CVE-2022-37966 CVE-2022-37967 2022-12-29 07:17:40 +00:00			`From 82b79af664af50d3dc52b5785c4febd82ed317c3 Mon Sep 17 00:00:00 2001`
			`From: Andreas Schneider <asn@samba.org>`
			`Date: Thu, 27 Oct 2022 08:47:32 +0200`
			`Subject: [PATCH 03/54] CVE-2022-37966 s3:utils: Fix old-style function`
			`definition`

			`Signed-off-by: Andreas Schneider <asn@samba.org>`
			`Reviewed-by: Jeremy Allison <jra@samba.org>`
			`(cherry picked from commit b787692b5e915031d4653bf375995320ed1aca07)`

			`BUG: https://bugzilla.samba.org/show_bug.cgi?id=15237`
			`Signed-off-by: Stefan Metzmacher <metze@samba.org>`

			`Conflict: NA`
			`Reference: https://attachments.samba.org/attachment.cgi?id=17695`
			`---`
			`source3/utils/ntlm_auth.c \| 12 ++++++------`
			`1 file changed, 6 insertions(+), 6 deletions(-)`

			`diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c`
			`index 7d17e33c9fe8..1306951c2a8d 100644`
			`--- a/source3/utils/ntlm_auth.c`
			`+++ b/source3/utils/ntlm_auth.c`
			`@@ -367,7 +367,7 @@ const char *get_winbind_netbios_name(void)`

			`}`

			`-DATA_BLOB get_challenge(void)`
			`+DATA_BLOB get_challenge(void)`
			`{`
			`static DATA_BLOB chal;`
			`if (opt_challenge.length)`
			`@@ -443,7 +443,7 @@ static bool get_require_membership_sid(void) {`
			`* need to contact trusted domain`
			`*/`

			`-int get_pam_winbind_config()`
			`+int get_pam_winbind_config(void)`
			`{`
			`int ctrl = 0;`
			`struct tiniparser_dictionary *d = NULL;`
			`@@ -717,7 +717,7 @@ static NTSTATUS contact_winbind_change_pswd_auth_crap(const char *username,`
			`nt_status = (NT_STATUS(response.data.auth.nt_status));`
			`if (!NT_STATUS_IS_OK(nt_status))`
			`{`
			`- if (error_string)`
			`+ if (error_string)`
			`*error_string = smb_xstrdup(response.data.auth.error_string);`
			`winbindd_free_response(&response);`
			`return nt_status;`
			`@@ -867,7 +867,7 @@ done:`


			`/**`
			`- * Return the challenge as determined by the authentication subsystem`
			`+ * Return the challenge as determined by the authentication subsystem`
			`* @return an 8 byte random challenge`
			`*/`

			`@@ -875,7 +875,7 @@ static NTSTATUS ntlm_auth_get_challenge(struct auth4_context *auth_ctx,`
			`uint8_t chal[8])`
			`{`
			`if (auth_ctx->challenge.data.length == 8) {`
			`- DEBUG(5, ("auth_get_challenge: returning previous challenge by module %s (normal)\n",`
			`+ DEBUG(5, ("auth_get_challenge: returning previous challenge by module %s (normal)\n",`
			`auth_ctx->challenge.set_by));`
			`memcpy(chal, auth_ctx->challenge.data.data, 8);`
			`return NT_STATUS_OK;`
			`@@ -1941,7 +1941,7 @@ static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mod`

			`printf("Authenticated: Yes\n");`

			`- if (ntlm_server_1_lm_session_key`
			`+ if (ntlm_server_1_lm_session_key`
			`&& (!all_zero(lm_key,`
			`sizeof(lm_key)))) {`
			`hex_lm_key = hex_encode_talloc(NULL,`
			`--`
			`2.34.1`