svn commit: samba r5603 - in branches/SAMBA_4_0/source: build/pidl librpc/rpc torture/rpc

metze at samba.org metze at samba.org
Tue Mar 1 16:08:37 GMT 2005 

Author: metze
Date: 2005-03-01 16:08:36 +0000 (Tue, 01 Mar 2005)
New Revision: 5603

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=5603

Log:
add "authservice()" property to the interface property list
so we can specify allowed target service names in the idl file

the default is "host"

metze

Modified:
   branches/SAMBA_4_0/source/build/pidl/ndr.pm
   branches/SAMBA_4_0/source/librpc/rpc/dcerpc.h
   branches/SAMBA_4_0/source/librpc/rpc/dcerpc_auth.c
   branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c
   branches/SAMBA_4_0/source/torture/rpc/bind.c


Changeset:
Modified: branches/SAMBA_4_0/source/build/pidl/ndr.pm
===================================================================
--- branches/SAMBA_4_0/source/build/pidl/ndr.pm	2005-03-01 15:41:35 UTC (rev 5602)
+++ branches/SAMBA_4_0/source/build/pidl/ndr.pm	2005-03-01 16:08:36 UTC (rev 5603)
@@ -2008,18 +2008,40 @@
 	pidl "";
 
 	pidl "static const struct dcerpc_endpoint_list $interface->{NAME}\_endpoints = {";
-	pidl "\t$endpoint_count, $interface->{NAME}\_endpoint_strings";
+	pidl "\t.count\t= $endpoint_count,";
+	pidl "\t.names\t= $interface->{NAME}\_endpoint_strings";
 	pidl "};";
 	pidl "";
 
+	if (! defined $interface->{PROPERTIES}->{authservice}) {
+		$interface->{PROPERTIES}->{authservice} = "\"host\"";
+	}
+
+	my @a = split / /, $interface->{PROPERTIES}->{authservice};
+	my $authservice_count = $#a + 1;
+
+	pidl "static const char * const $interface->{NAME}\_authservice_strings[] = {";
+	foreach my $ap (@a) {
+		pidl "\t$ap, ";
+	}
+	pidl "};";
+	pidl "";
+
+	pidl "static const struct dcerpc_authservice_list $interface->{NAME}\_authservices = {";
+	pidl "\t.count\t= $endpoint_count,";
+	pidl "\t.names\t= $interface->{NAME}\_authservice_strings";
+	pidl "};";
+	pidl "";
+
 	pidl "\nconst struct dcerpc_interface_table dcerpc_table_$interface->{NAME} = {";
-	pidl "\t\"$interface->{NAME}\",";
-	pidl "\tDCERPC_$uname\_UUID,";
-	pidl "\tDCERPC_$uname\_VERSION,";
-	pidl "\tDCERPC_$uname\_HELPSTRING,";
-	pidl "\t$count,";
-	pidl "\t$interface->{NAME}\_calls,";
-	pidl "\t&$interface->{NAME}\_endpoints";
+	pidl "\t.name\t\t= \"$interface->{NAME}\",";
+	pidl "\t.uuid\t\t= DCERPC_$uname\_UUID,";
+	pidl "\t.if_version\t= DCERPC_$uname\_VERSION,";
+	pidl "\t.helpstring\t= DCERPC_$uname\_HELPSTRING,";
+	pidl "\t.num_calls\t= $count,";
+	pidl "\t.calls\t\t= $interface->{NAME}\_calls,";
+	pidl "\t.endpoints\t= &$interface->{NAME}\_endpoints,";
+	pidl "\t.authservices\t= &$interface->{NAME}\_authservices";
 	pidl "};";
 	pidl "";
 

Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc.h
===================================================================
--- branches/SAMBA_4_0/source/librpc/rpc/dcerpc.h	2005-03-01 15:41:35 UTC (rev 5602)
+++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc.h	2005-03-01 16:08:36 UTC (rev 5603)
@@ -153,6 +153,11 @@
 	const char * const *names;
 };
 
+struct dcerpc_authservice_list {
+	uint32_t count;
+	const char * const *names;
+};
+
 struct dcerpc_interface_table {
 	const char *name;
 	const char *uuid;
@@ -161,6 +166,7 @@
 	uint32_t num_calls;
 	const struct dcerpc_interface_call *calls;
 	const struct dcerpc_endpoint_list *endpoints;
+	const struct dcerpc_authservice_list *authservices;
 };
 
 struct dcerpc_interface_list {
@@ -175,6 +181,7 @@
 	uint16_t object_version;
 	const char *host;
 	const char *endpoint;
+	const char *authservice;
 	const char **options;
 	uint32_t flags;
 };

Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_auth.c
===================================================================
--- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_auth.c	2005-03-01 15:41:35 UTC (rev 5602)
+++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_auth.c	2005-03-01 16:08:36 UTC (rev 5603)
@@ -146,7 +146,8 @@
 				   const char *domain,
 				   const char *username,
 				   const char *password,
-				   uint8_t auth_type)
+				   uint8_t auth_type,
+				   const char *service)
 {
 	NTSTATUS status;
 
@@ -189,6 +190,15 @@
 		return status;
 	}
 
+	if (service) {
+		status = gensec_set_target_service(p->conn->security_state.generic_state, service);
+		if (!NT_STATUS_IS_OK(status)) {
+			DEBUG(1, ("Failed to start set GENSEC target service: %s\n", 
+				  nt_errstr(status)));
+			return status;
+		}
+	}
+
 	status = gensec_start_mech_by_authtype(p->conn->security_state.generic_state, 
 					       auth_type,
 					       dcerpc_auth_level(p->conn));

Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c
===================================================================
--- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c	2005-03-01 15:41:35 UTC (rev 5602)
+++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_util.c	2005-03-01 16:08:36 UTC (rev 5603)
@@ -789,13 +789,15 @@
 
 	if (table) {
 		struct dcerpc_binding default_binding;
-		
+
+		binding->authservice = talloc_strdup(mem_ctx, table->authservices->names[0]);
+
 		/* Find one of the default pipes for this interface */
 		for (i = 0; i < table->endpoints->count; i++) {
 			status = dcerpc_parse_binding(mem_ctx, table->endpoints->names[i], &default_binding);
 
 			if (NT_STATUS_IS_OK(status) && default_binding.transport == binding->transport && default_binding.endpoint) {
-				binding->endpoint = talloc_strdup(mem_ctx, default_binding.endpoint);	
+				binding->endpoint = talloc_strdup(mem_ctx, default_binding.endpoint);
 				return NT_STATUS_OK;
 			}
 		}
@@ -808,6 +810,7 @@
 	epmapper_binding.options = NULL;
 	epmapper_binding.flags = 0;
 	epmapper_binding.endpoint = NULL;
+	epmapper_binding.authservice = NULL;
 	
 	status = dcerpc_pipe_connect_b(&p,
 					&epmapper_binding,
@@ -903,8 +906,9 @@
 
 		status = dcerpc_bind_auth_password(p, pipe_uuid, pipe_version, 
 						   domain, username, password, 
-						   auth_type);
-	} else {    
+						   auth_type,
+						   binding->authservice);
+	} else {
 		status = dcerpc_bind_auth_none(p, pipe_uuid, pipe_version);
 	}
 

Modified: branches/SAMBA_4_0/source/torture/rpc/bind.c
===================================================================
--- branches/SAMBA_4_0/source/torture/rpc/bind.c	2005-03-01 15:41:35 UTC (rev 5602)
+++ branches/SAMBA_4_0/source/torture/rpc/bind.c	2005-03-01 16:08:36 UTC (rev 5603)
@@ -53,7 +53,7 @@
 
 	status = dcerpc_parse_binding(mem_ctx, binding_string, &b);
 	if (!NT_STATUS_IS_OK(status)) {
-		DEBUG(0,("Failed to parse dcerpc binding '%s'\n", binding_string));
+		printf("Failed to parse dcerpc binding '%s'\n", binding_string);
 		talloc_free(mem_ctx);
 		return False;
 	}
@@ -82,21 +82,21 @@
 
 		status = dcerpc_bind_auth_password(p, pipe_uuid, pipe_version, 
 						   domain, username, password, 
-						   auth_type);
-	} else {    
+						   auth_type,
+						   binding->authservice);
+	} else {
 		status = dcerpc_bind_auth_none(p, pipe_uuid, pipe_version);
 	}
 
 	if (NT_STATUS_IS_OK(status)) {
-		DEBUG(0,("(incorrectly) allowed re-bind to uuid %s - %s\n", 
-			 pipe_uuid, nt_errstr(status)));
+		printf("(incorrectly) allowed re-bind to uuid %s - %s\n", 
+			pipe_uuid, nt_errstr(status));
 		ret = False;
 	} else {
+		printf("\n");
 		ret = True;
 	}
 
-	printf("\n");
-	
 	talloc_free(mem_ctx);
 	torture_rpc_close(p);

More information about the samba-cvs mailing list