From 2ee9129c6fe36cb0e363677dee43a2940aa81810 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 29 Jan 2016 23:33:37 +0100 Subject: [PATCH 2/6] CVE-2018-14628: python:provision: make DELETEDOBJECTS_DESCRIPTOR available in the ldif files BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett (cherry picked from commit 0c329a0fda37d87ed737e4b579b6d04ec907604c) Conflict: NA Reference: https://attachments.samba.org/attachment.cgi?id=18168 [PATCH 2/6] CVE-2018-14628: python:provision: make DELETEDOBJECTS_DESCRIPTOR available in the ldif files --- python/samba/provision/__init__.py | 5 +++++ python/samba/provision/sambadns.py | 4 ++++ 2 files changed, 9 insertions(+) diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py index ff9b8fac916a..f7d7468e4faf 100644 --- a/python/samba/provision/__init__.py +++ b/python/samba/provision/__init__.py @@ -78,6 +78,7 @@ from samba.provision.backend import ( LDBBackend, ) from samba.descriptor import ( + get_deletedobjects_descriptor, get_empty_descriptor, get_config_descriptor, get_config_partitions_descriptor, @@ -1441,6 +1442,8 @@ def fill_samdb(samdb, lp, names, logger, policyguid, msg["subRefs"] = ldb.MessageElement(names.configdn, ldb.FLAG_MOD_ADD, "subRefs") + deletedobjects_descr = b64encode(get_deletedobjects_descriptor(names.domainsid)).decode('utf8') + samdb.invocation_id = invocationid # If we are setting up a subdomain, then this has been replicated in, so we don't need to add it @@ -1472,6 +1475,7 @@ def fill_samdb(samdb, lp, names, logger, policyguid, "FOREST_FUNCTIONALITY": str(forestFunctionality), "DOMAIN_FUNCTIONALITY": str(domainFunctionality), "NTDSQUOTAS_DESCRIPTOR": ntdsquotas_descr, + "DELETEDOBJECTS_DESCRIPTOR": deletedobjects_descr, "LOSTANDFOUND_DESCRIPTOR": protected1wd_descr, "SERVICES_DESCRIPTOR": protected1_descr, "PHYSICALLOCATIONS_DESCRIPTOR": protected1wd_descr, @@ -1536,6 +1540,7 @@ def fill_samdb(samdb, lp, names, logger, policyguid, "RIDAVAILABLESTART": str(next_rid + 600), "POLICYGUID_DC": policyguid_dc, "INFRASTRUCTURE_DESCRIPTOR": infrastructure_desc, + "DELETEDOBJECTS_DESCRIPTOR": deletedobjects_descr, "LOSTANDFOUND_DESCRIPTOR": lostandfound_desc, "SYSTEM_DESCRIPTOR": system_desc, "BUILTIN_DESCRIPTOR": builtin_desc, diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py index 9184711a7645..d057b7830ada 100644 --- a/python/samba/provision/sambadns.py +++ b/python/samba/provision/sambadns.py @@ -42,6 +42,7 @@ from samba.dsdb import ( DS_GUID_USERS_CONTAINER ) from samba.descriptor import ( + get_deletedobjects_descriptor, get_domain_descriptor, get_domain_delete_protected1_descriptor, get_domain_delete_protected2_descriptor, @@ -256,6 +257,7 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn, domainzone_dn = "DC=DomainDnsZones,%s" % domaindn forestzone_dn = "DC=ForestDnsZones,%s" % forestdn descriptor = get_dns_partition_descriptor(domainsid) + deletedobjects_desc = get_deletedobjects_descriptor(domainsid) setup_add_ldif(samdb, setup_path("provision_dnszones_partitions.ldif"), { "ZONE_DN": domainzone_dn, @@ -278,6 +280,7 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn, "ZONE_DNS": domainzone_dns, "CONFIGDN": configdn, "SERVERDN": serverdn, + "DELETEDOBJECTS_DESCRIPTOR": b64encode(deletedobjects_desc).decode('utf8'), "LOSTANDFOUND_DESCRIPTOR": b64encode(protected2_desc).decode('utf8'), "INFRASTRUCTURE_DESCRIPTOR": b64encode(protected1_desc).decode('utf8'), }) @@ -297,6 +300,7 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn, "ZONE_DNS": forestzone_dns, "CONFIGDN": configdn, "SERVERDN": serverdn, + "DELETEDOBJECTS_DESCRIPTOR": b64encode(deletedobjects_desc).decode('utf8'), "LOSTANDFOUND_DESCRIPTOR": b64encode(protected2_desc).decode('utf8'), "INFRASTRUCTURE_DESCRIPTOR": b64encode(protected1_desc).decode('utf8'), }) -- 2.34.1