[SCM] Samba Shared Repository - branch master updated

Anatoliy Atanasov anatoliy at samba.org
Mon Sep 27 12:13:35 MDT 2010 

The branch, master has been updated
       via  2cf0525 s4/irpc: Add security token to the binding handle when doing irp call forwarding
       via  ed7bbc9 s4/irpc: Add function to add security token to the binding handle
       via  d9d4ded s4:irpc: optionaly pass the security_token via IRPC requests.
      from  3235f44 s3: Make file_fnum static

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 2cf0525b2382d22b3497f49eb58b9fd8f0c837e1
Author: Anatoliy Atanasov <anatoliy.atanasov at postpath.com>
Date:   Sun Sep 26 17:05:13 2010 -0700

    s4/irpc: Add security token to the binding handle when doing irp call forwarding

commit ed7bbc993d4fd080303611a64fefc2b47d786176
Author: Anatoliy Atanasov <anatoliy.atanasov at postpath.com>
Date:   Sun Sep 26 17:04:43 2010 -0700

    s4/irpc: Add function to add security token to the binding handle

commit d9d4ded71a9214917d9999da0a16aa82eeac0afb
Author: Stefan Metzmacher <metze at samba.org>
Date:   Mon Sep 27 01:42:26 2010 +0200

    s4:irpc: optionaly pass the security_token via IRPC requests.
    
    metze

-----------------------------------------------------------------------

Summary of changes:
 source4/lib/messaging/irpc.h        |    2 ++
 source4/lib/messaging/messaging.c   |   13 +++++++++++++
 source4/librpc/idl/irpc.idl         |    5 +++++
 source4/rpc_server/common/forward.c |    7 +++++++
 4 files changed, 27 insertions(+), 0 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/lib/messaging/irpc.h b/source4/lib/messaging/irpc.h
index 3c7edcc..5236021 100644
--- a/source4/lib/messaging/irpc.h
+++ b/source4/lib/messaging/irpc.h
@@ -71,6 +71,8 @@ struct dcerpc_binding_handle *irpc_binding_handle_by_name(TALLOC_CTX *mem_ctx,
 					struct messaging_context *msg_ctx,
 					const char *dest_task,
 					const struct ndr_interface_table *table);
+void irpc_binding_handle_add_security_token(struct dcerpc_binding_handle *h,
+					    struct security_token *token);
 
 NTSTATUS irpc_add_name(struct messaging_context *msg_ctx, const char *name);
 struct server_id *irpc_servers_byname(struct messaging_context *msg_ctx, TALLOC_CTX *mem_ctx, const char *name);
diff --git a/source4/lib/messaging/messaging.c b/source4/lib/messaging/messaging.c
index 724d66a..c61bb7a 100644
--- a/source4/lib/messaging/messaging.c
+++ b/source4/lib/messaging/messaging.c
@@ -717,6 +717,7 @@ NTSTATUS irpc_send_reply(struct irpc_message *m, NTSTATUS status)
 	}
 
 	m->header.flags |= IRPC_FLAG_REPLY;
+	m->header.creds.token= NULL;
 
 	/* construct the packet */
 	ndr_err = ndr_push_irpc_header(push, NDR_SCALARS|NDR_BUFFERS, &m->header);
@@ -1014,6 +1015,7 @@ struct irpc_bh_state {
 	struct server_id server_id;
 	const struct ndr_interface_table *table;
 	uint32_t timeout;
+	struct security_token *token;
 };
 
 static bool irpc_bh_is_connected(struct dcerpc_binding_handle *h)
@@ -1111,6 +1113,7 @@ static struct tevent_req *irpc_bh_raw_call_send(TALLOC_CTX *mem_ctx,
 	header.callnum    = state->opnum;
 	header.flags      = 0;
 	header.status     = NT_STATUS_OK;
+	header.creds.token= hs->token;
 
 	/* construct the irpc packet */
 	ndr = ndr_push_init_ctx(state->irpc);
@@ -1325,3 +1328,13 @@ struct dcerpc_binding_handle *irpc_binding_handle_by_name(TALLOC_CTX *mem_ctx,
 
 	return h;
 }
+
+void irpc_binding_handle_add_security_token(struct dcerpc_binding_handle *h,
+					    struct security_token *token)
+{
+	struct irpc_bh_state *hs =
+		dcerpc_binding_handle_data(h,
+		struct irpc_bh_state);
+
+	hs->token = token;
+}
diff --git a/source4/librpc/idl/irpc.idl b/source4/librpc/idl/irpc.idl
index 2070d3d..6e2c73d 100644
--- a/source4/librpc/idl/irpc.idl
+++ b/source4/librpc/idl/irpc.idl
@@ -14,6 +14,10 @@ import "misc.idl", "security.idl", "nbt.idl";
 		IRPC_FLAG_REPLY    = 0x0001
 	} irpc_flags;
 
+	typedef struct {
+		security_token *token;
+	} irpc_creds;
+
 	typedef [public] struct {
 		GUID uuid;
 		uint32 if_version;
@@ -21,6 +25,7 @@ import "misc.idl", "security.idl", "nbt.idl";
 		uint32 callid;
 		irpc_flags flags;
 		NTSTATUS status;
+		[subcontext(4)] irpc_creds creds;
 		[flag(NDR_ALIGN8)] DATA_BLOB _pad;
 	} irpc_header;
 
diff --git a/source4/rpc_server/common/forward.c b/source4/rpc_server/common/forward.c
index c983ac3..113ac5f 100644
--- a/source4/rpc_server/common/forward.c
+++ b/source4/rpc_server/common/forward.c
@@ -24,6 +24,8 @@
 #include "rpc_server/dcerpc_server.h"
 #include "rpc_server/common/common.h"
 #include "messaging/irpc.h"
+#include "auth/auth.h"
+
 
 struct dcesrv_forward_state {
 	const char *opname;
@@ -69,6 +71,7 @@ void dcesrv_irpc_forward_rpc_call(struct dcesrv_call_state *dce_call, TALLOC_CTX
 	struct dcesrv_forward_state *st;
 	struct dcerpc_binding_handle *binding_handle;
 	struct tevent_req *subreq;
+	struct security_token *token;
 
 	st = talloc(mem_ctx, struct dcesrv_forward_state);
 	if (st == NULL) {
@@ -100,6 +103,10 @@ void dcesrv_irpc_forward_rpc_call(struct dcesrv_call_state *dce_call, TALLOC_CTX
 	/* reset timeout for the handle */
 	dcerpc_binding_handle_set_timeout(binding_handle, timeout);
 
+	/* add security token to the handle*/
+	token = dce_call->conn->auth_state.session_info->security_token;
+	irpc_binding_handle_add_security_token(binding_handle, token);
+
 	/* forward the call */
 	subreq = dcerpc_binding_handle_call_send(st, dce_call->event_ctx,
 						 binding_handle,


-- 
Samba Shared Repository

More information about the samba-cvs mailing list