Bug 14968 - smb2_signing_decrypt_pdu() may not decrypt with gnutls_aead_cipher_decrypt() from gnutls before 3.5.2
Summary: smb2_signing_decrypt_pdu() may not decrypt with gnutls_aead_cipher_decrypt() ...
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services (show other bugs)
Version: 4.15.5
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jule Anger
QA Contact: Samba QA Contact
URL: https://gitlab.com/samba-team/samba/-...
Keywords:
Depends on:
Blocks:
 
Reported: 2022-02-01 09:10 UTC by Stefan Metzmacher
Modified: 2022-04-04 12:50 UTC (History)
3 users (show)

See Also:

Attachments
Patches for v4-16-test (5.08 KB, patch)
2022-02-03 09:55 UTC, Stefan Metzmacher 		asn: review+
Details
Patches for v4-15-test (5.08 KB, patch)
2022-02-03 09:55 UTC, Stefan Metzmacher 		asn: review+
Details
Patches for v4-14-test (5.15 KB, patch)
2022-02-03 09:56 UTC, Stefan Metzmacher 		asn: review+
Details
Patches for v4-14-test (5.17 KB, patch)
2022-02-14 09:27 UTC, Stefan Metzmacher 		janger: review+
Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Metzmacher 2022-02-01 09:10:37 UTC 
With gnutls_aead_cipher_decrypt() before gnutls 3.5.2 we always fail
the ptext_size != m_total check and status = gnutls_error_to_ntstatus(rc, NT_STATUS_INTERNAL_ERROR) will just return NT_STATUS_OK without placing
the decrypted data into the callers buffers.
Comment 1 Samba QA Contact 2022-02-02 18:30:04 UTC 
This bug was referenced in samba master:

68e62962b08497da8359ddbe4324443818c05cd1
99182af4ab5a3413311e27c2a193e09babceb01c
735f3d7dde3daf5d0af2e8a1de60422b88663992
Comment 2 Stefan Metzmacher 2022-02-03 09:55:32 UTC 
Created attachment 17144 [details]
Patches for v4-16-test
Comment 3 Stefan Metzmacher 2022-02-03 09:55:54 UTC 
Created attachment 17145 [details]
Patches for v4-15-test
Comment 4 Stefan Metzmacher 2022-02-03 09:56:16 UTC 
Created attachment 17146 [details]
Patches for v4-14-test
Comment 5 Andreas Schneider 2022-02-11 08:27:01 UTC 
Jule, please apply the patches to the corresponding branches. Thank you!
Comment 6 Jule Anger 2022-02-13 09:10:08 UTC 
Pushed to autobuild-v4-{16,15,14}-test.
Comment 7 Samba QA Contact 2022-02-13 10:13:03 UTC 
This bug was referenced in samba v4-15-test:

d623b454aa8e28408dd4d74c32c82560b75414ba
8cf62b3f86f1899e180964b736f3abbe5e5aafd5
62d33564f7328c0a6d9e8aa21fc5e13a014cad3c
Comment 8 Samba QA Contact 2022-02-13 10:19:03 UTC 
This bug was referenced in samba v4-16-test:

8deee49cda04907202e3b0ce1fda5211bed7154e
f400eef07a4e844e04affc0078c116b64cce897b
fe8bf1d8aa61fddf853e60f23750cc240ed8dcc6
Comment 9 Stefan Metzmacher 2022-02-14 09:27:30 UTC 
Created attachment 17164 [details]
Patches for v4-14-test

4.14 needs an additional parse_version() in the configure check ...
Comment 10 Jule Anger 2022-02-14 09:56:18 UTC 
New patches pushed to autobuild-v4-14-test.
Comment 11 Samba QA Contact 2022-02-14 10:35:05 UTC 
This bug was referenced in samba v4-14-test:

f75a05885123a05dc191b2271e161ee7c505160d
bbd4cd045ad8ac0519180f302832663c81551427
77fac5ed243d7cc1b5f288ba7d4c7bbe2685789e
Comment 12 Jule Anger 2022-02-14 10:35:54 UTC 
Closing out bug report.

Thanks!
Comment 13 Samba QA Contact 2022-02-15 07:55:48 UTC 
This bug was referenced in samba v4-16-stable (Release samba-4.16.0rc3):

8deee49cda04907202e3b0ce1fda5211bed7154e
f400eef07a4e844e04affc0078c116b64cce897b
fe8bf1d8aa61fddf853e60f23750cc240ed8dcc6
Comment 14 Samba QA Contact 2022-03-15 13:26:41 UTC 
This bug was referenced in samba v4-15-stable (Release samba-4.15.6):

d623b454aa8e28408dd4d74c32c82560b75414ba
8cf62b3f86f1899e180964b736f3abbe5e5aafd5
62d33564f7328c0a6d9e8aa21fc5e13a014cad3c
Comment 15 Samba QA Contact 2022-04-04 12:50:02 UTC 
This bug was referenced in samba v4-14-stable (Release samba-4.14.13):

f75a05885123a05dc191b2271e161ee7c505160d
bbd4cd045ad8ac0519180f302832663c81551427
77fac5ed243d7cc1b5f288ba7d4c7bbe2685789e