[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Wed Mar 7 06:28:03 MST 2012
The branch, master has been updated
via 54d3609 s3-rpc_server: Do not register embedded ncacn_np endpoints by default
via 78f85b2 s3-rpc_server: Register embedded RPC services after starting lsasd and spoolssd
via 781bb36 s4-smb_server: Put error from share_get_config() into the logs
via 8466b3c s3-rpc_server: Do not setup ncalrpc pipes and TCP for embedded rpc servers
via 716a6c3 selftest: Only run s3dc with a forked lsasd
via 008648a s3-smbd make change_to_user_by_session static
from 0eaf91f selftest: mark samba4.smb2.getinfo.getinfo as knownfail
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 54d36099ec0c4e2739a954fb712a48fe2fbb7d1b
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Mar 7 21:39:14 2012 +1100
s3-rpc_server: Do not register embedded ncacn_np endpoints by default
The end point mapper is primarily in support of lsasd, and the key
SAMR, LSA and NETLOGON services being accessed over TCP/IP. The end
point mapper does not appear to be used for the well-known mappings to
named pipes, and we have a problem with how to safely register the
embedded pipes. For now, disable this to avoid re-registration storms
in production, until we sort out a better way.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet at samba.org>
Autobuild-Date: Wed Mar 7 14:27:38 CET 2012 on sn-devel-104
commit 78f85b282ec52a320d0605c58cc51b7133bc0774
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Mar 7 21:24:01 2012 +1100
s3-rpc_server: Register embedded RPC services after starting lsasd and spoolssd
This ensures that these services are not accidentally registered in
these child processes.
Andrew Bartlett
commit 781bb3617b9cf28dd001b919f970e60e74aac91d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 6 07:34:16 2012 +1100
s4-smb_server: Put error from share_get_config() into the logs
commit 8466b3c85e4b835e57e41776853093f4a0edc8b8
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 6 22:11:06 2012 +1100
s3-rpc_server: Do not setup ncalrpc pipes and TCP for embedded rpc servers
Embedded RPC services are those not launched in the preforked lsasd
and spoolssd children.
The reason that these child processes were created is that is is not
possible to correctly listen for ncalrpc and TCP connections without
creating a child process. Therefore, we should not have these
embedded RPC services to listen on these sockets just because the
endpoint mapper has been enabled.
Andrew Bartlett
commit 716a6c314c1d855b6e80850ffe7a8ca1ea4096d5
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 6 22:04:55 2012 +1100
selftest: Only run s3dc with a forked lsasd
This ensures that we run ktest, member and s3member in the default
configuration, to try and cover both code paths.
(This does not change the tests being run, but at least the
initialisation code will be checked, plus whatever the rpcclient test
can cover).
Andrew Bartlett
commit 008648a034755d30900cce1ec04fba9ea18381c5
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 6 22:25:50 2012 +1100
s3-smbd make change_to_user_by_session static
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba3.pm | 22 +++---
source3/rpc_server/rpc_service_setup.c | 155 ++++++++++----------------------
source3/smbd/proto.h | 2 -
source3/smbd/server.c | 8 +-
source3/smbd/uid.c | 4 +-
source4/smb_server/smb/service.c | 2 +-
6 files changed, 64 insertions(+), 129 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 797ae71..7e4e601 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -188,6 +188,17 @@ sub setup_s3dc($$)
domain master = yes
domain logons = yes
lanman auth = yes
+
+ rpc_server:epmapper = external
+ rpc_server:spoolss = external
+ rpc_server:lsarpc = external
+ rpc_server:samr = external
+ rpc_server:netlogon = external
+ rpc_server:register_embedded_np = yes
+
+ rpc_daemon:epmd = fork
+ rpc_daemon:spoolssd = fork
+ rpc_daemon:lsasd = fork
";
my $vars = $self->provision($path,
@@ -943,17 +954,6 @@ sub provision($$$$$$)
lpq cache time = 0
ncalrpc dir = $prefix_abs/ncalrpc
- rpc_server:epmapper = external
- rpc_server:spoolss = external
- rpc_server:lsarpc = external
- rpc_server:samr = external
- rpc_server:netlogon = external
- rpc_server:tcpip = yes
-
- rpc_daemon:epmd = fork
- rpc_daemon:spoolssd = fork
- rpc_daemon:lsasd = fork
-
resolv:host file = $dns_host_file
# The samba3.blackbox.smbclient_s3 test uses this to test that
diff --git a/source3/rpc_server/rpc_service_setup.c b/source3/rpc_server/rpc_service_setup.c
index 203eeb1..9fc12f2 100644
--- a/source3/rpc_server/rpc_service_setup.c
+++ b/source3/rpc_server/rpc_service_setup.c
@@ -56,57 +56,35 @@
/* Common routine for embedded RPC servers */
static bool rpc_setup_embedded(struct tevent_context *ev_ctx,
struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v,
const struct ndr_interface_table *t,
const char *pipe_name)
{
- struct dcerpc_binding_vector *v2;
+ struct dcerpc_binding_vector *v;
enum rpc_service_mode_e epm_mode = rpc_epmapper_mode();
NTSTATUS status;
- bool ok;
-
- if (epm_mode != RPC_SERVICE_MODE_DISABLED) {
- if (v) {
- v2 = dcerpc_binding_vector_dup(talloc_tos(), v);
- if (v2 == NULL) {
- return false;
- }
- status = dcerpc_binding_vector_replace_iface(t, v2);
- if (!NT_STATUS_IS_OK(status)) {
- return false;
- }
-
- } else {
- status = dcerpc_binding_vector_new(talloc_tos(), &v2);
- if (!NT_STATUS_IS_OK(status)) {
- return false;
- }
- }
- status = dcerpc_binding_vector_add_np_default(t, v2);
+ /* Registration of ncacn_np services is problematic. The
+ * ev_ctx passed in here is passed down to all children of the
+ * smbd process, and if the end point mapper ever goes away,
+ * they will all attempt to re-register. But we want to test
+ * the code for now, so it is enabled in on environment in
+ * make test */
+ if (epm_mode != RPC_SERVICE_MODE_DISABLED &&
+ (lp_parm_bool(-1, "rpc_server", "register_embedded_np", false))) {
+ status = dcerpc_binding_vector_new(talloc_tos(), &v);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
- if (pipe_name) {
- ok = setup_dcerpc_ncalrpc_socket(ev_ctx,
- msg_ctx,
- pipe_name,
- NULL);
- if (!ok) {
- return false;
- }
-
- status = dcerpc_binding_vector_add_unix(t, v2, pipe_name);
- if (!NT_STATUS_IS_OK(status)) {
- return false;
- }
+ status = dcerpc_binding_vector_add_np_default(t, v);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
}
status = rpc_ep_register(ev_ctx,
msg_ctx,
t,
- v2);
+ v);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
@@ -116,8 +94,7 @@ static bool rpc_setup_embedded(struct tevent_context *ev_ctx,
}
static bool rpc_setup_winreg(struct tevent_context *ev_ctx,
- struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v)
+ struct messaging_context *msg_ctx)
{
const struct ndr_interface_table *t = &ndr_table_winreg;
const char *pipe_name = "winreg";
@@ -132,12 +109,11 @@ static bool rpc_setup_winreg(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, v, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
static bool rpc_setup_srvsvc(struct tevent_context *ev_ctx,
- struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v)
+ struct messaging_context *msg_ctx)
{
const struct ndr_interface_table *t = &ndr_table_srvsvc;
const char *pipe_name = "srvsvc";
@@ -152,12 +128,11 @@ static bool rpc_setup_srvsvc(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, v, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
static bool rpc_setup_lsarpc(struct tevent_context *ev_ctx,
- struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v)
+ struct messaging_context *msg_ctx)
{
const struct ndr_interface_table *t = &ndr_table_lsarpc;
const char *pipe_name = "lsarpc";
@@ -173,12 +148,11 @@ static bool rpc_setup_lsarpc(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, v, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
static bool rpc_setup_samr(struct tevent_context *ev_ctx,
- struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v)
+ struct messaging_context *msg_ctx)
{
const struct ndr_interface_table *t = &ndr_table_samr;
const char *pipe_name = "samr";
@@ -194,12 +168,11 @@ static bool rpc_setup_samr(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, v, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
static bool rpc_setup_netlogon(struct tevent_context *ev_ctx,
- struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v)
+ struct messaging_context *msg_ctx)
{
const struct ndr_interface_table *t = &ndr_table_netlogon;
const char *pipe_name = "netlogon";
@@ -215,12 +188,11 @@ static bool rpc_setup_netlogon(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, v, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
static bool rpc_setup_netdfs(struct tevent_context *ev_ctx,
- struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v)
+ struct messaging_context *msg_ctx)
{
const struct ndr_interface_table *t = &ndr_table_netdfs;
const char *pipe_name = "netdfs";
@@ -235,13 +207,12 @@ static bool rpc_setup_netdfs(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, v, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
#ifdef DEVELOPER
static bool rpc_setup_rpcecho(struct tevent_context *ev_ctx,
- struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v)
+ struct messaging_context *msg_ctx)
{
const struct ndr_interface_table *t = &ndr_table_rpcecho;
const char *pipe_name = "rpcecho";
@@ -256,13 +227,12 @@ static bool rpc_setup_rpcecho(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, v, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
#endif
static bool rpc_setup_dssetup(struct tevent_context *ev_ctx,
- struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v)
+ struct messaging_context *msg_ctx)
{
const struct ndr_interface_table *t = &ndr_table_dssetup;
const char *pipe_name = "dssetup";
@@ -277,12 +247,11 @@ static bool rpc_setup_dssetup(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, v, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
static bool rpc_setup_wkssvc(struct tevent_context *ev_ctx,
- struct messaging_context *msg_ctx,
- const struct dcerpc_binding_vector *v)
+ struct messaging_context *msg_ctx)
{
const struct ndr_interface_table *t = &ndr_table_wkssvc;
const char *pipe_name = "wkssvc";
@@ -297,7 +266,7 @@ static bool rpc_setup_wkssvc(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, v, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
static bool spoolss_init_cb(void *ptr)
@@ -350,7 +319,7 @@ static bool rpc_setup_spoolss(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, NULL, t, NULL);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, NULL);
}
static bool svcctl_init_cb(void *ptr)
@@ -398,7 +367,7 @@ static bool rpc_setup_svcctl(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, NULL, t, pipe_name);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, pipe_name);
}
static bool rpc_setup_ntsvcs(struct tevent_context *ev_ctx,
@@ -416,9 +385,7 @@ static bool rpc_setup_ntsvcs(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, NULL, t, NULL);
-
- return true;
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, NULL);
}
static bool eventlog_init_cb(void *ptr)
@@ -455,7 +422,7 @@ static bool rpc_setup_eventlog(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, NULL, t, NULL);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, NULL);
}
static bool rpc_setup_initshutdown(struct tevent_context *ev_ctx,
@@ -473,17 +440,13 @@ static bool rpc_setup_initshutdown(struct tevent_context *ev_ctx,
return false;
}
- return rpc_setup_embedded(ev_ctx, msg_ctx, NULL, t, NULL);
+ return rpc_setup_embedded(ev_ctx, msg_ctx, t, NULL);
}
bool dcesrv_ep_setup(struct tevent_context *ev_ctx,
struct messaging_context *msg_ctx)
{
- enum rpc_service_mode_e epm_mode = rpc_epmapper_mode();
- struct dcerpc_binding_vector *v;
- const char *rpcsrv_type;
TALLOC_CTX *tmp_ctx;
- NTSTATUS status;
bool ok;
tmp_ctx = talloc_stackframe();
@@ -491,75 +454,49 @@ bool dcesrv_ep_setup(struct tevent_context *ev_ctx,
return false;
}
- status = dcerpc_binding_vector_new(tmp_ctx,
- &v);
- if (!NT_STATUS_IS_OK(status)) {
- ok = false;
- goto done;
- }
-
- rpcsrv_type = lp_parm_const_string(GLOBAL_SECTION_SNUM,
- "rpc_server",
- "tcpip",
- "no");
-
- if ((strcasecmp_m(rpcsrv_type, "yes") == 0 ||
- strcasecmp_m(rpcsrv_type, "true") == 0)
- && epm_mode != RPC_SERVICE_MODE_DISABLED) {
- status = rpc_setup_tcpip_sockets(ev_ctx,
- msg_ctx,
- &ndr_table_winreg,
- v,
- 0);
- if (!NT_STATUS_IS_OK(status)) {
- ok = false;
- goto done;
- }
- }
-
- ok = rpc_setup_winreg(ev_ctx, msg_ctx, v);
+ ok = rpc_setup_winreg(ev_ctx, msg_ctx);
if (!ok) {
goto done;
}
- ok = rpc_setup_srvsvc(ev_ctx, msg_ctx, v);
+ ok = rpc_setup_srvsvc(ev_ctx, msg_ctx);
if (!ok) {
goto done;
}
- ok = rpc_setup_lsarpc(ev_ctx, msg_ctx, v);
+ ok = rpc_setup_lsarpc(ev_ctx, msg_ctx);
if (!ok) {
goto done;
}
- ok = rpc_setup_samr(ev_ctx, msg_ctx, v);
+ ok = rpc_setup_samr(ev_ctx, msg_ctx);
if (!ok) {
goto done;
}
- ok = rpc_setup_netlogon(ev_ctx, msg_ctx, v);
+ ok = rpc_setup_netlogon(ev_ctx, msg_ctx);
if (!ok) {
goto done;
}
- ok = rpc_setup_netdfs(ev_ctx, msg_ctx, v);
+ ok = rpc_setup_netdfs(ev_ctx, msg_ctx);
if (!ok) {
goto done;
}
#ifdef DEVELOPER
- ok = rpc_setup_rpcecho(ev_ctx, msg_ctx, v);
+ ok = rpc_setup_rpcecho(ev_ctx, msg_ctx);
if (!ok) {
goto done;
}
#endif
- ok = rpc_setup_dssetup(ev_ctx, msg_ctx, v);
+ ok = rpc_setup_dssetup(ev_ctx, msg_ctx);
if (!ok) {
goto done;
}
- ok = rpc_setup_wkssvc(ev_ctx, msg_ctx, v);
+ ok = rpc_setup_wkssvc(ev_ctx, msg_ctx);
if (!ok) {
goto done;
}
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 7321ca6..e97a85d 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -1092,8 +1092,6 @@ void reply_transs2(struct smb_request *req);
bool change_to_guest(void);
bool change_to_user(connection_struct *conn, uint16 vuid);
-bool change_to_user_by_session(connection_struct *conn,
- const struct auth_session_info *session_info);
bool change_to_root_user(void);
bool smbd_change_to_root_user(void);
bool become_authenticated_pipe_user(struct auth_session_info *session_info);
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index cab23bc..e348e0b 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1354,10 +1354,6 @@ extern void build_options(bool screen);
}
}
- if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) {
- exit(1);
- }
-
/* only start other daemons if we are running as a daemon
* -- bad things will happen if smbd is launched via inetd
* and we fork a copy of ourselves here */
@@ -1382,6 +1378,10 @@ extern void build_options(bool screen);
}
}
+ if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) {
+ exit(1);
+ }
+
if (!is_daemon) {
/* inetd mode */
TALLOC_FREE(frame);
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 84cb61c..abafd36 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -314,8 +314,8 @@ bool change_to_user(connection_struct *conn, uint16_t vuid)
return change_to_user_internal(conn, session_info, vuid);
}
-bool change_to_user_by_session(connection_struct *conn,
- const struct auth_session_info *session_info)
+static bool change_to_user_by_session(connection_struct *conn,
+ const struct auth_session_info *session_info)
{
SMB_ASSERT(conn != NULL);
SMB_ASSERT(session_info != NULL);
diff --git a/source4/smb_server/smb/service.c b/source4/smb_server/smb/service.c
index 7be21c1..9ad0f38 100644
--- a/source4/smb_server/smb/service.c
+++ b/source4/smb_server/smb/service.c
@@ -124,7 +124,7 @@ static NTSTATUS make_connection(struct smbsrv_request *req,
status = share_get_config(req, req->smb_conn->share_context, service, &scfg);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("make_connection: couldn't find service %s\n", service));
+ DEBUG(0,("make_connection: couldn't find service %s: %s\n", service, nt_errstr(status)));
return NT_STATUS_BAD_NETWORK_NAME;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list