[SCM] Samba Shared Repository - branch master updated
Günther Deschner
gd at samba.org
Tue Mar 8 04:30:01 MST 2011
The branch, master has been updated
via 1605563 s3-selftest: add pattern test of dcerpc binding options (using rpc.lsa.lookupsids).
via 12f10a9 s3-waf: fix the build.
via 19117db s3-epmd: remove some unused variables.
via d92e060 s3-epmap: fix uninitialized variable in ep_register()
via b7c692b s3-selftest: no need to run rpc.samba3.netlogon twice.
via 794e0f5 s3-rpc_server: Added IPv6 support for epmapper.
via a955c53 s3-rpc_server: Free unused memory.
via bb201fa s3-winbind: Fixed the accept() for new_connection.
via 69a9b9b s3-rpc_server: Fixed the accept() for ncalrpc_listener.
via 07e8904 s3-rpc_server: Fixed the accept() for tcpip_listener.
via 9dc27cb s3-rpc_server: Fixed the accept() for named_pipe_listener.
via ce491ed s3-librpc: Register NCALRPC pipes.
via 50de209 s3-rpc_server: Create the ncalrpc endpoints.
via 4b8dd08 s3-rpc_server: Add server support for NCALRPC system user pipe.
via 5ce12e0 s3-rpc_server: Improved the dcerpc_ncacn_accept switch.
via 42e9dde s3-rpc_server: Remove unneeded ncacn wrappers.
via 0f97f78 s3-rpc_server: Fixed ncalrpc connection accept.
via 53018dc s3-rpc_server: Only allow epm insert and delete on NCALRPC.
via cc5b885 s3-rpc_server: Introduce transport in pipe_struct.
via bd66fc8 s3-rpc_server: Start the Endpoint Mapper Dameon if enabled.
via 55296ed s3-rpc_server: Created an Endpoint Mapper Daemon.
via 148ed2c s3-librpc: Register endpoints using ncalrpc.
via 0a2251d selftest: Added ncalrpc dir to config.
via d343409 s3-rpc_client: Added DCERPC_AUTH_TYPE_NCALRPC bind.
via 917a5ea s3-rpc_server: Added prototype to setup a ncalrpc socket.
via 1e69dad s3-epmap: add ncalrpc listener code
via 6ac34d5 sr-epmap: Minor cleanups and fixes
via aa777df s3-epmap: Return the correct ip address.
via 254c020 s3-rpc_server: Added server address to pipes struct.
via d14de8f s3-rpc_server: Set client and server connection info.
via ae67ccf s3-rpc_server: Added tcpip listener for each rpc service.
via c80e519 s3-librpc: Free memory we don't need.
via a45353b s3-librpc: Added tcpip support for dcerpc_binding_vector_create.
from 98443b8 s3-idmap: fix the build of idmap_tdb2.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1605563b147b0c6223d3aef39e9332faa55574cd
Author: Günther Deschner <gd at samba.org>
Date: Sat Mar 5 01:28:02 2011 +0100
s3-selftest: add pattern test of dcerpc binding options (using rpc.lsa.lookupsids).
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
Autobuild-User: Günther Deschner <gd at samba.org>
Autobuild-Date: Tue Mar 8 12:29:21 CET 2011 on sn-devel-104
commit 12f10a91824226af78e12c279dcf9b91e131f2fc
Author: Günther Deschner <gd at samba.org>
Date: Sat Mar 5 01:26:55 2011 +0100
s3-waf: fix the build.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 19117db52c54ed27c570f6f1f21fb4d5096fdc5f
Author: Günther Deschner <gd at samba.org>
Date: Sat Mar 5 01:26:13 2011 +0100
s3-epmd: remove some unused variables.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit d92e060dd9def776c3ef9916be4e6e979c4788ae
Author: Günther Deschner <gd at samba.org>
Date: Sat Mar 5 01:25:28 2011 +0100
s3-epmap: fix uninitialized variable in ep_register()
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit b7c692bae7439c5ea284acde4da5977eba8b4059
Author: Günther Deschner <gd at samba.org>
Date: Fri Mar 4 16:05:35 2011 +0100
s3-selftest: no need to run rpc.samba3.netlogon twice.
Guenther
Signed-off-by: Günther Deschner <gd at samba.org>
commit 794e0f5f0c015ddd210fc2277d6460dfc87022f8
Author: Andreas Schneider <asn at samba.org>
Date: Mon Mar 7 17:26:42 2011 +0100
s3-rpc_server: Added IPv6 support for epmapper.
Signed-off-by: Günther Deschner <gd at samba.org>
commit a955c53843fb96f931cdf6674f5a3dcf9fe56bd4
Author: Andreas Schneider <asn at samba.org>
Date: Mon Mar 7 13:12:47 2011 +0100
s3-rpc_server: Free unused memory.
Signed-off-by: Günther Deschner <gd at samba.org>
commit bb201fac2bc9233fcc00f48e88cc97e92181ca4e
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 3 15:31:04 2011 +0100
s3-winbind: Fixed the accept() for new_connection.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 69a9b9b8d0ea0d9566b306fca23bc241b8e35125
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 3 15:07:16 2011 +0100
s3-rpc_server: Fixed the accept() for ncalrpc_listener.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 07e8904a5b4e10b8c4424ab34a826573f52f0820
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 3 15:07:02 2011 +0100
s3-rpc_server: Fixed the accept() for tcpip_listener.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 9dc27cb5b24ea5c25cdd29d9334b55ed5617168c
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 3 15:06:45 2011 +0100
s3-rpc_server: Fixed the accept() for named_pipe_listener.
Signed-off-by: Günther Deschner <gd at samba.org>
commit ce491edcad120c5c9de4260ac60a2ec3b319161a
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 2 15:28:25 2011 +0100
s3-librpc: Register NCALRPC pipes.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 50de20979b35727cdfba9c7d711b7c0a438ddd98
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 2 15:07:27 2011 +0100
s3-rpc_server: Create the ncalrpc endpoints.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 4b8dd08a3859c0b7dd2085898266ef5bbdbc3420
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 2 10:56:46 2011 +0100
s3-rpc_server: Add server support for NCALRPC system user pipe.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 5ce12e0beb65765b7e4bcef7f8d9b1963bd53e52
Author: Andreas Schneider <asn at samba.org>
Date: Tue Mar 1 19:10:02 2011 +0100
s3-rpc_server: Improved the dcerpc_ncacn_accept switch.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 42e9dde6462fb6e96b7b5fa9a72b11e4c6007c9f
Author: Andreas Schneider <asn at samba.org>
Date: Fri Feb 25 13:50:37 2011 +0100
s3-rpc_server: Remove unneeded ncacn wrappers.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 0f97f789b2d675f2059f65383a573edb695ca8c6
Author: Andreas Schneider <asn at samba.org>
Date: Fri Feb 25 14:26:29 2011 +0100
s3-rpc_server: Fixed ncalrpc connection accept.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 53018dc37dffc1d2eba08347cac3f3db723f741d
Author: Andreas Schneider <asn at samba.org>
Date: Fri Feb 25 12:06:19 2011 +0100
s3-rpc_server: Only allow epm insert and delete on NCALRPC.
Signed-off-by: Günther Deschner <gd at samba.org>
commit cc5b88545de27ae37a8e8876490d0207c80fae6f
Author: Andreas Schneider <asn at samba.org>
Date: Thu Mar 3 14:20:26 2011 +0100
s3-rpc_server: Introduce transport in pipe_struct.
Signed-off-by: Günther Deschner <gd at samba.org>
commit bd66fc81b648eaa966522f78c03f5844d9019c44
Author: Andreas Schneider <asn at samba.org>
Date: Thu Feb 24 12:06:54 2011 +0100
s3-rpc_server: Start the Endpoint Mapper Dameon if enabled.
Endpoint Mapper is still disabled by default!
Signed-off-by: Günther Deschner <gd at samba.org>
commit 55296edb09e9e7d365cf45cae1f81204287662bb
Author: Andreas Schneider <asn at samba.org>
Date: Thu Feb 24 10:24:16 2011 +0100
s3-rpc_server: Created an Endpoint Mapper Daemon.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 148ed2c3f96810a19e8fc96196695028b6bec530
Author: Andreas Schneider <asn at samba.org>
Date: Wed Feb 23 15:39:33 2011 +0100
s3-librpc: Register endpoints using ncalrpc.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 0a2251da549b2cb1cff43116c9b3446c524345e2
Author: Andreas Schneider <asn at samba.org>
Date: Wed Mar 2 15:27:12 2011 +0100
selftest: Added ncalrpc dir to config.
Signed-off-by: Günther Deschner <gd at samba.org>
commit d343409d6b86a0b17f722287d1bc160372f0f7ef
Author: Andreas Schneider <asn at samba.org>
Date: Tue Mar 1 11:49:20 2011 +0100
s3-rpc_client: Added DCERPC_AUTH_TYPE_NCALRPC bind.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 917a5eaf18f9d0bbded617677b35b202a88d6687
Author: Andreas Schneider <asn at samba.org>
Date: Wed Feb 23 15:38:14 2011 +0100
s3-rpc_server: Added prototype to setup a ncalrpc socket.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 1e69dad4468aed909e05691c093275ba00f3ff78
Author: Simo Sorce <idra at samba.org>
Date: Tue Feb 22 20:40:54 2011 -0500
s3-epmap: add ncalrpc listener code
Signed-off-by: Günther Deschner <gd at samba.org>
commit 6ac34d58a995cb98456255c03bbb110015912531
Author: Simo Sorce <idra at samba.org>
Date: Tue Feb 22 20:40:24 2011 -0500
sr-epmap: Minor cleanups and fixes
Signed-off-by: Günther Deschner <gd at samba.org>
commit aa777df5571e874cb39ccdb20d6adb25fc8f5e13
Author: Andreas Schneider <asn at samba.org>
Date: Tue Feb 22 16:48:43 2011 +0100
s3-epmap: Return the correct ip address.
Signed-off-by: Günther Deschner <gd at samba.org>
commit 254c02041cf937a90343df760396bc6e2ac766c5
Author: Andreas Schneider <asn at samba.org>
Date: Tue Feb 22 16:48:15 2011 +0100
s3-rpc_server: Added server address to pipes struct.
Signed-off-by: Günther Deschner <gd at samba.org>
commit d14de8fd4dc1d37bfd244e62eae55555d393c9f9
Author: Andreas Schneider <asn at samba.org>
Date: Tue Feb 22 15:14:34 2011 +0100
s3-rpc_server: Set client and server connection info.
Signed-off-by: Günther Deschner <gd at samba.org>
commit ae67ccfb0dfea601a8bb3b5834fd9fdba18659b2
Author: Andreas Schneider <asn at samba.org>
Date: Tue Feb 22 13:06:54 2011 +0100
s3-rpc_server: Added tcpip listener for each rpc service.
Signed-off-by: Günther Deschner <gd at samba.org>
commit c80e519cdc5ed4db04d4102ce71436b16be648ea
Author: Andreas Schneider <asn at samba.org>
Date: Tue Feb 22 12:15:09 2011 +0100
s3-librpc: Free memory we don't need.
Signed-off-by: Günther Deschner <gd at samba.org>
commit a45353b3e2e0a8dd5f9055c50e0d38bce7dda22c
Author: Andreas Schneider <asn at samba.org>
Date: Tue Feb 22 11:53:35 2011 +0100
s3-librpc: Added tcpip support for dcerpc_binding_vector_create.
Signed-off-by: Günther Deschner <gd at samba.org>
-----------------------------------------------------------------------
Summary of changes:
librpc/idl/dcerpc.idl | 3 +-
selftest/target/Samba3.pm | 1 +
source3/Makefile.in | 1 +
source3/include/includes.h | 2 +-
source3/include/ntdomain.h | 5 +
source3/librpc/rpc/dcerpc.h | 1 +
source3/librpc/rpc/dcerpc_ep.c | 128 +++--
source3/librpc/rpc/dcerpc_ep.h | 2 +
source3/librpc/rpc/dcerpc_helpers.c | 5 +-
source3/rpc_client/cli_pipe.c | 33 ++
source3/rpc_client/cli_pipe.h | 3 +
source3/rpc_server/epmapper/srv_epmapper.c | 16 +-
source3/rpc_server/epmd.c | 282 ++++++++++
source3/rpc_server/rpc_ep_setup.c | 816 ++++++++++++++++++++++++----
source3/rpc_server/rpc_ncacn_np.c | 1 +
source3/rpc_server/rpc_server.c | 461 +++++++++++------
source3/rpc_server/rpc_server.h | 5 +
source3/rpc_server/srv_pipe.c | 24 +
source3/rpc_server/wscript_build | 3 +
source3/selftest/knownfail | 1 +
source3/selftest/tests.py | 21 +-
source3/smbd/server.c | 15 +
source3/winbindd/winbindd.c | 12 +-
source3/wscript_build | 2 +-
24 files changed, 1523 insertions(+), 320 deletions(-)
create mode 100644 source3/rpc_server/epmd.c
Changeset truncated at 500 lines:
diff --git a/librpc/idl/dcerpc.idl b/librpc/idl/dcerpc.idl
index b7ba432..86f22a4 100644
--- a/librpc/idl/dcerpc.idl
+++ b/librpc/idl/dcerpc.idl
@@ -179,7 +179,8 @@ interface dcerpc
DCERPC_AUTH_TYPE_MSN = 18,
DCERPC_AUTH_TYPE_DIGEST = 21,
DCERPC_AUTH_TYPE_SCHANNEL = 68,
- DCERPC_AUTH_TYPE_MSMQ = 100
+ DCERPC_AUTH_TYPE_MSMQ = 100,
+ DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM = 200
} dcerpc_AuthType;
typedef [enum8bit] enum {
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index b46a2df..adba749 100644
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -594,6 +594,7 @@ sub provision($$$$$$)
queue resume command = $bindir_abs/vlp tdbfile=$lockdir/vlp.tdb queueresume %p
lpq cache time = 0
+ ncalrpc dir = $lockdir/ncalrpc
rpc_server:epmapper = embedded
# Begin extra options
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 5ec4424..5b5a938 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -885,6 +885,7 @@ SMBD_OBJ_SRV = smbd/server_reload.o \
smbd/vfs.o smbd/perfcount.o smbd/statcache.o smbd/seal.o \
smbd/posix_acls.o lib/sysacls.o \
smbd/process.o smbd/service.o smbd/error.o \
+ rpc_server/epmd.o \
printing/printspoolss.o \
lib/sysquotas.o lib/sysquotas_linux.o \
lib/sysquotas_xfs.o lib/sysquotas_4A.o \
diff --git a/source3/include/includes.h b/source3/include/includes.h
index d715db6..c79c962 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -612,8 +612,8 @@ extern void *cmdline_lp_ctx;
#include "msdfs.h"
#include "auth.h"
-#include "ntdomain.h"
#include "librpc/rpc/dcerpc.h"
+#include "ntdomain.h"
#include "client.h"
#include "module.h"
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index 48ad876..ac06b25 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -118,6 +118,9 @@ struct pipes_struct {
struct pipes_struct *next, *prev;
struct client_address *client_id;
+ struct client_address *server_id;
+
+ enum dcerpc_transport_t transport;
struct auth_serversupplied_info *session_info;
struct messaging_context *msg_ctx;
@@ -131,6 +134,8 @@ struct pipes_struct {
struct pipe_auth_data auth;
+ bool system_user;
+
/*
* Set to true when an RPC bind has been done on this pipe.
*/
diff --git a/source3/librpc/rpc/dcerpc.h b/source3/librpc/rpc/dcerpc.h
index 0f90087..72a8ad5 100644
--- a/source3/librpc/rpc/dcerpc.h
+++ b/source3/librpc/rpc/dcerpc.h
@@ -120,6 +120,7 @@ _PUBLIC_ NTSTATUS dcerpc_binding_build_tower(TALLOC_CTX *mem_ctx,
struct epm_tower *tower);
struct NL_AUTH_MESSAGE;
+struct pipe_auth_data;
/* The following definitions come from librpc/rpc/dcerpc_helpers.c */
NTSTATUS dcerpc_push_ncacn_packet(TALLOC_CTX *mem_ctx,
diff --git a/source3/librpc/rpc/dcerpc_ep.c b/source3/librpc/rpc/dcerpc_ep.c
index 54db4cd..8cfd3b8 100644
--- a/source3/librpc/rpc/dcerpc_ep.c
+++ b/source3/librpc/rpc/dcerpc_ep.c
@@ -27,6 +27,8 @@
NTSTATUS dcerpc_binding_vector_create(TALLOC_CTX *mem_ctx,
const struct ndr_interface_table *iface,
+ uint16_t port,
+ const char *ncalrpc,
struct dcerpc_binding_vector **pbvec)
{
struct dcerpc_binding_vector *bvec;
@@ -81,10 +83,35 @@ NTSTATUS dcerpc_binding_vector_create(TALLOC_CTX *mem_ctx,
}
break;
case NCACN_IP_TCP:
- /* TODO */
+ if (port == 0) {
+ talloc_free(b);
+ continue;
+ }
+
+ b->endpoint = talloc_asprintf(b, "%u", port);
+ if (b->endpoint == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ break;
case NCALRPC:
- /* TODO */
+ if (ncalrpc == NULL) {
+ talloc_free(b);
+ continue;
+ }
+
+ b->endpoint = talloc_asprintf(b,
+ "%s/%s",
+ lp_ncalrpc_dir(),
+ ncalrpc);
+ if (b->endpoint == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+ break;
default:
+ talloc_free(b);
continue;
}
@@ -110,8 +137,11 @@ static NTSTATUS ep_register(const struct ndr_interface_table *iface,
uint32_t replace,
uint32_t unregister)
{
- struct dcerpc_binding_handle *h = NULL;
- static struct client_address client_id;
+ struct rpc_pipe_client *cli = NULL;
+ struct dcerpc_binding_handle *h;
+ struct pipe_auth_data *auth;
+ const char *ncalrpc_sock;
+ const char *rpcsrv_type;
struct epm_entry_t *entries;
uint32_t num_ents, i;
TALLOC_CTX *tmp_ctx;
@@ -131,43 +161,61 @@ static NTSTATUS ep_register(const struct ndr_interface_table *iface,
return NT_STATUS_NO_MEMORY;
}
-#if 0
- /* NOTE: Samba3 doesn't have a ncalrpc server component yet. As soon as
- * this is supported, we should talk to the endpoint mapper over the
- * local transport.
- */
-
- /* Connect to the endpoint mapper locally */
- ncalrpc_sock = talloc_asprintf(tmp_ctx,
- "%s/%s",
- get_dyn_NCALRPCDIR(),
- "epmapper");
- if (ncalrpc_sock == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto done;
- }
+ rpcsrv_type = lp_parm_const_string(GLOBAL_SECTION_SNUM,
+ "rpc_server", "epmapper",
+ "none");
- status = rpc_pipe_open_ncalrpc(tmp_ctx,
- ncalrpc_sock,
- &ndr_table_epmapper.syntax_id,
- &cli);
- if (!NT_STATUS_IS_OK(status)) {
- goto done;
- }
-#endif
+ if (StrCaseCmp(rpcsrv_type, "embedded") == 0) {
+ static struct client_address client_id;
- strlcpy(client_id.addr, "localhost", sizeof(client_id.addr));
- client_id.name = "localhost";
+ strlcpy(client_id.addr, "localhost", sizeof(client_id.addr));
+ client_id.name = "localhost";
- status = rpcint_binding_handle(tmp_ctx,
- &ndr_table_epmapper,
- &client_id,
- get_session_info_system(),
- server_messaging_context(),
- &h);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("dcerpc_ep_register: Could not connect to epmapper (%s)",
- nt_errstr(status)));
+ status = rpcint_binding_handle(tmp_ctx,
+ &ndr_table_epmapper,
+ &client_id,
+ get_session_info_system(),
+ server_messaging_context(),
+ &h);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("dcerpc_ep_register: Could not connect to "
+ "epmapper (%s)", nt_errstr(status)));
+ goto done;
+ }
+ } else if (StrCaseCmp(rpcsrv_type, "daemon") == 0) {
+ /* Connect to the endpoint mapper locally */
+ ncalrpc_sock = talloc_asprintf(tmp_ctx,
+ "%s/%s",
+ lp_ncalrpc_dir(),
+ "EPMAPPER");
+ if (ncalrpc_sock == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ status = rpc_pipe_open_ncalrpc(tmp_ctx,
+ ncalrpc_sock,
+ &ndr_table_epmapper.syntax_id,
+ &cli);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = rpccli_ncalrpc_bind_data(cli, &auth);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("Failed to initialize anonymous bind.\n"));
+ goto done;
+ }
+
+ status = rpc_pipe_bind(cli, auth);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(2, ("Failed to bind ncalrpc socket.\n"));
+ goto done;
+ }
+
+ h = cli->binding_handle;
+ } else {
+ status = NT_STATUS_INVALID_PARAMETER;
goto done;
}
diff --git a/source3/librpc/rpc/dcerpc_ep.h b/source3/librpc/rpc/dcerpc_ep.h
index 6da7f9b..99682be 100644
--- a/source3/librpc/rpc/dcerpc_ep.h
+++ b/source3/librpc/rpc/dcerpc_ep.h
@@ -27,6 +27,8 @@ struct dcerpc_binding_vector {
NTSTATUS dcerpc_binding_vector_create(TALLOC_CTX *mem_ctx,
const struct ndr_interface_table *iface,
+ uint16_t port,
+ const char *ncalrpc,
struct dcerpc_binding_vector **pbvec);
/**
diff --git a/source3/librpc/rpc/dcerpc_helpers.c b/source3/librpc/rpc/dcerpc_helpers.c
index f45ee94..7520d76 100644
--- a/source3/librpc/rpc/dcerpc_helpers.c
+++ b/source3/librpc/rpc/dcerpc_helpers.c
@@ -754,7 +754,8 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth,
DATA_BLOB auth_blob;
NTSTATUS status;
- if (auth->auth_type == DCERPC_AUTH_TYPE_NONE) {
+ if (auth->auth_type == DCERPC_AUTH_TYPE_NONE ||
+ auth->auth_type == DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM) {
return NT_STATUS_OK;
}
@@ -792,6 +793,7 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth,
/* Generate any auth sign/seal and add the auth footer. */
switch (auth->auth_type) {
case DCERPC_AUTH_TYPE_NONE:
+ case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
status = NT_STATUS_OK;
break;
case DCERPC_AUTH_TYPE_SPNEGO:
@@ -914,6 +916,7 @@ NTSTATUS dcerpc_check_auth(struct pipe_auth_data *auth,
switch (auth->auth_type) {
case DCERPC_AUTH_TYPE_NONE:
+ case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
return NT_STATUS_OK;
case DCERPC_AUTH_TYPE_SPNEGO:
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index aac47f3..26a0054 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1194,6 +1194,12 @@ static NTSTATUS create_rpc_bind_req(TALLOC_CTX *mem_ctx,
}
break;
+ case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
+ auth_token = data_blob_talloc(mem_ctx,
+ "NCALRPC_AUTH_TOKEN",
+ 18);
+ break;
+
case DCERPC_AUTH_TYPE_NONE:
break;
@@ -1721,6 +1727,7 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
switch(pauth->auth_type) {
case DCERPC_AUTH_TYPE_NONE:
+ case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
case DCERPC_AUTH_TYPE_SCHANNEL:
/* Bind complete. */
tevent_req_done(req);
@@ -1759,6 +1766,7 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
switch(pauth->auth_type) {
case DCERPC_AUTH_TYPE_NONE:
+ case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
case DCERPC_AUTH_TYPE_SCHANNEL:
/* Bind complete. */
tevent_req_done(req);
@@ -2243,6 +2251,30 @@ bool rpccli_get_pwd_hash(struct rpc_pipe_client *rpc_cli, uint8_t nt_hash[16])
return true;
}
+NTSTATUS rpccli_ncalrpc_bind_data(TALLOC_CTX *mem_ctx,
+ struct pipe_auth_data **presult)
+{
+ struct pipe_auth_data *result;
+
+ result = talloc(mem_ctx, struct pipe_auth_data);
+ if (result == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ result->auth_type = DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM;
+ result->auth_level = DCERPC_AUTH_LEVEL_NONE;
+
+ result->user_name = talloc_strdup(result, "");
+ result->domain = talloc_strdup(result, "");
+ if ((result->user_name == NULL) || (result->domain == NULL)) {
+ TALLOC_FREE(result);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ *presult = result;
+ return NT_STATUS_OK;
+}
+
NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx,
struct pipe_auth_data **presult)
{
@@ -3259,6 +3291,7 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx,
sk = gse_get_session_key(mem_ctx, gse_ctx);
make_dup = false;
break;
+ case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
case DCERPC_AUTH_TYPE_NONE:
sk = data_blob_const(a->user_session_key.data,
a->user_session_key.length);
diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h
index b627c0a..30c1bad 100644
--- a/source3/rpc_client/cli_pipe.h
+++ b/source3/rpc_client/cli_pipe.h
@@ -50,6 +50,9 @@ bool rpccli_is_connected(struct rpc_pipe_client *rpc_cli);
bool rpccli_get_pwd_hash(struct rpc_pipe_client *cli, uint8_t nt_hash[16]);
+NTSTATUS rpccli_ncalrpc_bind_data(TALLOC_CTX *mem_ctx,
+ struct pipe_auth_data **presult);
+
NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx,
struct pipe_auth_data **presult);
diff --git a/source3/rpc_server/epmapper/srv_epmapper.c b/source3/rpc_server/epmapper/srv_epmapper.c
index c364890..f0bd9c6 100644
--- a/source3/rpc_server/epmapper/srv_epmapper.c
+++ b/source3/rpc_server/epmapper/srv_epmapper.c
@@ -154,6 +154,7 @@ static struct dcesrv_endpoint *find_endpoint(struct dcesrv_endpoint *endpoint_li
static uint32_t build_ep_list(TALLOC_CTX *mem_ctx,
struct dcesrv_endpoint *endpoint_list,
const struct GUID *uuid,
+ const char *srv_addr,
struct dcesrv_ep_iface **peps)
{
struct dcesrv_ep_iface *eps = NULL;
@@ -185,6 +186,11 @@ static uint32_t build_ep_list(TALLOC_CTX *mem_ctx,
description = d->ep_description;
description->object = iface->iface->syntax_id;
+ if (description->transport == NCACN_IP_TCP &&
+ srv_addr != NULL &&
+ strequal(description->host, "0.0.0.0")) {
+ description->host = srv_addr;
+ }
status = dcerpc_binding_build_tower(eps,
description,
@@ -227,7 +233,8 @@ error_status_t _epm_Insert(struct pipes_struct *p,
uint32_t i;
/* If this is not a priviledged users, return */
- if (!is_priviledged_pipe(p->session_info)) {
+ if (p->transport != NCALRPC ||
+ !is_priviledged_pipe(p->session_info)) {
return EPMAPPER_STATUS_CANT_PERFORM_OP;
}
@@ -343,7 +350,8 @@ error_status_t _epm_Delete(struct pipes_struct *p,
r->in.num_ents));
/* If this is not a priviledged users, return */
- if (!is_priviledged_pipe(p->session_info)) {
+ if (p->transport != NCALRPC ||
+ !is_priviledged_pipe(p->session_info)) {
return EPMAPPER_STATUS_CANT_PERFORM_OP;
}
@@ -467,6 +475,7 @@ error_status_t _epm_Lookup(struct pipes_struct *p,
eps->count = build_ep_list(eps,
endpoint_table,
NULL,
+ p->server_id == NULL ? NULL : p->server_id->addr,
&eps->e);
break;
case RPC_C_EP_MATCH_BY_IF:
@@ -489,6 +498,7 @@ error_status_t _epm_Lookup(struct pipes_struct *p,
eps->count = build_ep_list(eps,
endpoint_table,
&r->in.interface_id->uuid,
+ p->server_id == NULL ? NULL : p->server_id->addr,
&eps->e);
break;
case RPC_C_EP_MATCH_BY_OBJ:
@@ -499,6 +509,7 @@ error_status_t _epm_Lookup(struct pipes_struct *p,
eps->count = build_ep_list(eps,
endpoint_table,
r->in.object,
+ p->server_id == NULL ? NULL : p->server_id->addr,
&eps->e);
break;
default:
@@ -850,6 +861,7 @@ error_status_t _epm_Map(struct pipes_struct *p,
eps->count = build_ep_list(eps,
endpoint_table,
obj,
+ p->server_id == NULL ? NULL : p->server_id->addr,
&eps->e);
if (eps->count == 0) {
rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
diff --git a/source3/rpc_server/epmd.c b/source3/rpc_server/epmd.c
new file mode 100644
index 0000000..159c04c
--- /dev/null
+++ b/source3/rpc_server/epmd.c
@@ -0,0 +1,282 @@
+/*
+ * Unix SMB/CIFS implementation.
+ *
+ * SMBD RPC service callbacks
+ *
+ * Copyright (c) 2011 Andreas Schneider <asn at samba.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+#include "serverid.h"
+#include "../librpc/gen_ndr/messaging.h"
+#include "../librpc/gen_ndr/srv_epmapper.h"
+#include "rpc_server/rpc_server.h"
+
+#define DAEMON_NAME "epmd"
+
+void start_epmd(struct tevent_context *ev_ctx,
+ struct messaging_context *msg_ctx);
+
+static bool epmd_open_sockets(struct tevent_context *ev_ctx,
+ struct messaging_context *msg_ctx)
+{
+ uint32_t num_ifs = iface_count();
+ uint16_t port;
+ uint32_t i;
+
+ if (lp_interfaces() && lp_bind_interfaces_only()) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list