[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Fri Oct 18 17:31:05 UTC 2019
The branch, master has been updated
via 50f69b60549 librpc:core: Make dcesrv_find_endpoint public
via e10028a0500 librpc:core: Return NTSTATUS for dcesrv_find_endpoint
via 08c663828c9 librpc:core: Rename find_endpoint to dcesrv_find_endpoint
via 73948df2f1a librpc:core: Initialize static variable
via 6a6546b5657 librpc:core: Allocate struct dcesrv_interface with talloc
via 52727543b05 librpc:core: Set debug class
via 491102b5b2c s4:rpc_server: Move core functions to core library
via 076ec9173ef s4:rpc_server: Move core structures and prototypes to core library
via 3f33fdf2e36 librpc: Add new dcerpc server core library
via 480dd6163b2 s4:rpc_server: Make functions public
via 0523f0b4d28 s4:rpc_server: Add public function dcesrv_connection_loop_start
via 85de73354d9 s4:rpc_server: Add transport termination function pointer
via 55ad4ae7ffc s4:rpc_server: Find association groups through context callbacks
via b0ecc8ef55d s4:rpc_server: inline the dcesrv_assoc_group_find function
via 6fe23fa071d s4:rpc_server: Hide gensec prepare behind function pointer
via bf097719534 s4:rpc_server: Add dcesrv_context_callbacks to dcesrv_context
via 6fcf8038e49 s4:rpc_server: Do not include s4 librpc headers in dcerpc core
via 63b78894618 librpc: Move dcerpc_log_packet from s4 librpc to common librpc
via ae9956a65e6 librpc: Move dcerpc_ncacn_push_auth from s4 librpc to common librpc
via b6c8afa98c5 s4:librpc: Rename ncacn_push_auth to dcerpc_ncacn_push_auth
via 83def9a945f s4:rpc_server: Split dcerpc_generic_session_key for server and client
via f402b937f48 s4:rpc_server: Remove server_id from dcerpc core structs
via 3d7167f4f43 s4:rpc_server: Remove imessaging_context from dcerpc core structs
via 3d529762df4 s4:rpc_server: Rename common/reply.c to dcesrv_reply.c
via 4d7a916189c s4:rpc_server: Cleanup includes
via d572219e1bf s4:rpc_server: Fix debug string printing duplicated function name
via 61aaebaa356 s4:torture: Assert connection
via e4b1354066f s4:torture: Fix torture comment
via f43e08259c0 s4:torture: Add braces
via 27b01d0aa36 tstream_npa: Set local server name in auth requests
via e70dbe7d8aa s3:printing: Add spoolssd header file
via 8b761b126c1 s3:printing: Add header inclusion guards in queue_process.h
via 8bc228900e8 s3:smbd: Add header inclusion guards in globals.h
via 9a02c31deb1 lib: Explicitly refuse to truncate unix domain socket paths
via 8e55a856295 s3: torture: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number.
via d495074ee27 s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number.
from 7c83b1ade7a dsdb: Change LDB_TYPESAFE_QSORT() to TYPESAFE_QSORT() in operational module
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 50f69b60549b5d963e83a96315953e074517c096
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 19:53:32 2019 +0200
librpc:core: Make dcesrv_find_endpoint public
Will be used from s3 implementation when a connection is passed to other
process where a particular association group was created.
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Oct 18 17:30:39 UTC 2019 on sn-devel-184
commit e10028a05000f6b7a2a8252352ad5f720ad23e86
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 19:51:53 2019 +0200
librpc:core: Return NTSTATUS for dcesrv_find_endpoint
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 08c663828c9482767b5128820f8204fd0fe4654e
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 19:46:59 2019 +0200
librpc:core: Rename find_endpoint to dcesrv_find_endpoint
This function will be public and available for s3 and s4 implementations.
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 73948df2f1a5dbef0f073933be549e4320013913
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 19:44:10 2019 +0200
librpc:core: Initialize static variable
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 6a6546b565793341f3be6a6fcf30a40a186f9ae9
Author: Samuel Cabrero <scabrero at samba.org>
Date: Tue Oct 1 16:48:01 2019 +0200
librpc:core: Allocate struct dcesrv_interface with talloc
The S3 implementation needs to reinit the dcesrv_context and free the
endpoints list with their registered interfaces.
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 52727543b05c80742e187014ce1048fe7b104bdc
Author: Samuel Cabrero <scabrero at suse.de>
Date: Mon Feb 4 17:37:01 2019 +0100
librpc:core: Set debug class
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 491102b5b2ca56375d5a58e98f1c037298aa89f3
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 19:38:31 2019 +0200
s4:rpc_server: Move core functions to core library
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 076ec9173efc2b666be36630e38beab4624638a8
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 18:39:58 2019 +0200
s4:rpc_server: Move core structures and prototypes to core library
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3f33fdf2e36742ec98e3406f2ecaaa4758ce2a51
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 18:05:04 2019 +0200
librpc: Add new dcerpc server core library
Next commits will move the core of s4 rpc server to this library.
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 480dd6163b28d97ba89ceccbf84d7a730d7017aa
Author: Samuel Cabrero <scabrero at suse.de>
Date: Thu Jan 24 20:55:27 2019 +0100
s4:rpc_server: Make functions public
These functions will be moved to core dcerpc library and called from
s4 and s3 implementations.
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 0523f0b4d28ca125c207448167608d170b9c0909
Author: Samuel Cabrero <scabrero at suse.de>
Date: Thu Jan 24 15:59:04 2019 +0100
s4:rpc_server: Add public function dcesrv_connection_loop_start
This function starts the server loop and will be called from s3 and s4
implementations.
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 85de73354d982861cc863b4682a8043c22797faa
Author: Samuel Cabrero <scabrero at suse.de>
Date: Thu Jan 24 20:25:58 2019 +0100
s4:rpc_server: Add transport termination function pointer
As the dcesrv_terminate_connection function will be moved to the shared
rpc server core library, hide the stream_terminate_connection call behind
a function pointer.
The s3 implementation will define its own termination function.
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 55ad4ae7ffcb3221675070b9cb939c29e00f25f4
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 17:35:03 2019 +0200
s4:rpc_server: Find association groups through context callbacks
Split the association group management from the server code, the s3 and
s4 implementation will handle differently.
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit b0ecc8ef55dc7e8c7ce9f7f3ca325358f62debfb
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 17:26:54 2019 +0200
s4:rpc_server: inline the dcesrv_assoc_group_find function
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 6fe23fa071d2dc6e348b175b514c99a6ce82b6f4
Author: Samuel Cabrero <scabrero at suse.de>
Date: Thu Jan 24 20:34:03 2019 +0100
s4:rpc_server: Hide gensec prepare behind function pointer
This function will be different for s3 and s4
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit bf097719534be55abaab931ca03b8be23ef1fe0a
Author: Samuel Cabrero <scabrero at suse.de>
Date: Thu Jan 24 20:03:44 2019 +0100
s4:rpc_server: Add dcesrv_context_callbacks to dcesrv_context
Add a new struct dcesrv_context_callbacks in dcesrv_context to hold pointers
to functions whose implementation will differ between S3 and S4.
The log_successful_dcesrv_authz_event implementation will differ as it
requires an imessaging_context.
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 6fcf8038e49ed7f0996ad21fb9f516de30131df7
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 16:59:49 2019 +0200
s4:rpc_server: Do not include s4 librpc headers in dcerpc core
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 63b78894618a9badac595fbc59cea0f097feeded
Author: Samuel Cabrero <scabrero at suse.de>
Date: Thu Jan 24 12:03:45 2019 +0100
librpc: Move dcerpc_log_packet from s4 librpc to common librpc
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit ae9956a65e6913a73dfa68e2b5deebfeaf52c0e5
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 16:44:36 2019 +0200
librpc: Move dcerpc_ncacn_push_auth from s4 librpc to common librpc
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit b6c8afa98c5c1f9853b09fd83b039aacc79700db
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Oct 3 16:40:53 2019 +0200
s4:librpc: Rename ncacn_push_auth to dcerpc_ncacn_push_auth
Next commit will move this function to common librpc
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 83def9a945f40892aaf0e4ea6ea7845d74bbaf7c
Author: Samuel Cabrero <scabrero at suse.de>
Date: Wed Jan 23 20:52:50 2019 +0100
s4:rpc_server: Split dcerpc_generic_session_key for server and client
Split the common bits of dcerpc_generic_session_key to librpc and rename
client the specific part to dcecli_generic_session_key.
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit f402b937f4862843015686b8e28504fe588d0c5f
Author: Samuel Cabrero <scabrero at suse.de>
Date: Wed Jan 23 20:41:54 2019 +0100
s4:rpc_server: Remove server_id from dcerpc core structs
Add a helper function to retrieve it from the stream connection.
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3d7167f4f43f5cf8ca4393d8d852bd146bf05cde
Author: Samuel Cabrero <scabrero at suse.de>
Date: Wed Jan 23 20:37:21 2019 +0100
s4:rpc_server: Remove imessaging_context from dcerpc core structs
Add a helper function to retrieve the imessaging_context from the
stream connection.
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 3d529762df48205f91e4089178f7aeae240d0da8
Author: Samuel Cabrero <scabrero at suse.de>
Date: Thu Jan 24 13:38:29 2019 +0100
s4:rpc_server: Rename common/reply.c to dcesrv_reply.c
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 4d7a916189c8d910c22eb46c9fe0f061d83cab59
Author: Samuel Cabrero <scabrero at samba.org>
Date: Mon Sep 30 23:35:55 2019 +0200
s4:rpc_server: Cleanup includes
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit d572219e1bfcd9342f0841b4faa446fd41bbb42d
Author: Samuel Cabrero <scabrero at suse.de>
Date: Fri Jan 25 09:54:03 2019 +0100
s4:rpc_server: Fix debug string printing duplicated function name
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 61aaebaa356102eccd996b6c6cd2641354caa2d3
Author: Samuel Cabrero <scabrero at suse.de>
Date: Tue Feb 19 12:43:02 2019 +0100
s4:torture: Assert connection
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit e4b1354066f302475975006f5dfa8736ca34396e
Author: Samuel Cabrero <scabrero at suse.de>
Date: Tue Feb 19 12:42:11 2019 +0100
s4:torture: Fix torture comment
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit f43e08259c0f41d598f6c7632195e67f80a1f82b
Author: Samuel Cabrero <scabrero at suse.de>
Date: Tue Feb 19 12:41:38 2019 +0100
s4:torture: Add braces
Signed-off-by: Samuel Cabrero <scabrero at suse.de>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 27b01d0aa362b3b226696b9ab7df855fe6fd1ab9
Author: Samuel Cabrero <scabrero at samba.org>
Date: Mon Sep 30 23:33:09 2019 +0200
tstream_npa: Set local server name in auth requests
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit e70dbe7d8aad650c6f14e7d78dca522d1ac9d898
Author: Samuel Cabrero <scabrero at samba.org>
Date: Tue Oct 1 17:21:00 2019 +0200
s3:printing: Add spoolssd header file
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 8b761b126c1a476a2ac36c90c87d0183ba34f4a8
Author: Samuel Cabrero <scabrero at samba.org>
Date: Tue Oct 1 17:14:04 2019 +0200
s3:printing: Add header inclusion guards in queue_process.h
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 8bc228900e8cbc271543add56a2fc98002548a55
Author: Samuel Cabrero <scabrero at samba.org>
Date: Thu Sep 12 19:05:57 2019 +0200
s3:smbd: Add header inclusion guards in globals.h
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 9a02c31deb1a295a5cf403aba378057dfcd44268
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Oct 18 21:11:13 2019 +1300
lib: Explicitly refuse to truncate unix domain socket paths
This avoids creating a socket like:
.../winbindd_privileged/p
instead of
.../winbindd_privileged/pipe
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 8e55a8562951924e4b1aad5a6d67fc8b309590c1
Author: Jeremy Allison <jra at samba.org>
Date: Thu Oct 17 12:41:08 2019 -0700
s3: torture: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number.
Piggyback on existing tests, ensure we don't regress on:
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14161
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit d495074ee27a5f528d5156a69800ee58d799b1eb
Author: Jeremy Allison <jra at samba.org>
Date: Thu Oct 17 11:39:02 2019 -0700
s3: libsmb: Ensure SMB1 cli_qpathinfo2() doesn't return an inode number.
The info level it uses doesn't return that, previously we
were using the field that is returned as the EA size as
the inode number (which is usually zero, so the code in
libsmbclient would then synthesize an inode number from
a hash of the pathname, which is all it can do for SMB1).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14161
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
libcli/named_pipe_auth/npa_tstream.c | 3 +-
libcli/named_pipe_auth/npa_tstream.h | 2 +-
librpc/rpc/dcerpc_util.c | 101 +
{source4/rpc_server => librpc/rpc}/dcesrv_auth.c | 82 +-
.../dcerpc_server.c => librpc/rpc/dcesrv_core.c | 790 +----
.../dcerpc_server.h => librpc/rpc/dcesrv_core.h | 94 +-
{source4/rpc_server => librpc/rpc}/dcesrv_mgmt.c | 38 +-
.../common/reply.c => librpc/rpc/dcesrv_reply.c | 22 +-
librpc/rpc/rpc_common.h | 12 +
librpc/wscript_build | 13 +
source3/lib/util_sock.c | 13 +-
source3/libsmb/clirap.c | 10 +-
source3/printing/queue_process.c | 4 +-
source3/printing/queue_process.h | 5 +
source3/printing/spoolssd.c | 4 +-
lib/util/select.h => source3/printing/spoolssd.h | 18 +-
source3/smbd/globals.h | 5 +
source3/torture/torture.c | 49 +-
source4/librpc/rpc/dcerpc.c | 20 +-
source4/librpc/rpc/dcerpc_auth.c | 2 +-
source4/librpc/rpc/dcerpc_util.c | 103 +-
source4/rpc_server/common/forward.c | 8 +-
source4/rpc_server/dcerpc_server.c | 3020 ++------------------
source4/rpc_server/dcerpc_server.h | 551 +---
source4/rpc_server/drsuapi/getncchanges.c | 11 +-
source4/rpc_server/drsuapi/updaterefs.c | 9 +-
source4/rpc_server/epmapper/rpc_epmapper.c | 9 +-
source4/rpc_server/handles.c | 4 +-
source4/rpc_server/lsa/dcesrv_lsa.c | 26 +-
source4/rpc_server/lsa/lsa_lookup.c | 16 +-
source4/rpc_server/netlogon/dcerpc_netlogon.c | 31 +-
source4/rpc_server/remote/dcesrv_remote.c | 1 +
source4/rpc_server/samr/samr_password.c | 8 +-
source4/rpc_server/service_rpc.c | 9 +
source4/rpc_server/srvsvc/srvsvc_ntvfs.c | 7 +-
source4/rpc_server/wscript_build | 4 +-
source4/torture/rpc/lsa.c | 10 +-
source4/torture/rpc/rpc.c | 8 +-
source4/torture/rpc/spoolss_notify.c | 10 +-
39 files changed, 735 insertions(+), 4397 deletions(-)
rename {source4/rpc_server => librpc/rpc}/dcesrv_auth.c (89%)
copy source4/rpc_server/dcerpc_server.c => librpc/rpc/dcesrv_core.c (78%)
copy source4/rpc_server/dcerpc_server.h => librpc/rpc/dcesrv_core.h (89%)
rename {source4/rpc_server => librpc/rpc}/dcesrv_mgmt.c (89%)
rename source4/rpc_server/common/reply.c => librpc/rpc/dcesrv_reply.c (91%)
copy lib/util/select.h => source3/printing/spoolssd.h (67%)
Changeset truncated at 500 lines:
diff --git a/libcli/named_pipe_auth/npa_tstream.c b/libcli/named_pipe_auth/npa_tstream.c
index 8fc03371a50..bc9d1ecb187 100644
--- a/libcli/named_pipe_auth/npa_tstream.c
+++ b/libcli/named_pipe_auth/npa_tstream.c
@@ -63,7 +63,7 @@ struct tevent_req *tstream_npa_connect_send(TALLOC_CTX *mem_ctx,
const struct tsocket_address *remote_client_addr,
const char *remote_client_name_in,
const struct tsocket_address *local_server_addr,
- const char *local_server_name,
+ const char *local_server_name_in,
const struct auth_session_info_transport *session_info)
{
struct tevent_req *req;
@@ -134,6 +134,7 @@ struct tevent_req *tstream_npa_connect_send(TALLOC_CTX *mem_ctx,
info4->remote_client_name = info4->remote_client_addr;
}
+ info4->local_server_name = local_server_name_in;
info4->local_server_addr = tsocket_address_inet_addr_string(local_server_addr,
state);
if (!info4->local_server_addr) {
diff --git a/libcli/named_pipe_auth/npa_tstream.h b/libcli/named_pipe_auth/npa_tstream.h
index 261fe2b5dfb..b7d11dea6d3 100644
--- a/libcli/named_pipe_auth/npa_tstream.h
+++ b/libcli/named_pipe_auth/npa_tstream.h
@@ -32,7 +32,7 @@ struct tevent_req *tstream_npa_connect_send(TALLOC_CTX *mem_ctx,
const struct tsocket_address *remote_client_addr,
const char *remote_client_name_in,
const struct tsocket_address *local_server_addr,
- const char *local_server_name,
+ const char *local_server_name_in,
const struct auth_session_info_transport *session_info);
int _tstream_npa_connect_recv(struct tevent_req *req,
int *perrno,
diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c
index 6bc97f7e7d8..01dc2e7061d 100644
--- a/librpc/rpc/dcerpc_util.c
+++ b/librpc/rpc/dcerpc_util.c
@@ -1340,3 +1340,104 @@ struct ndr_syntax_id dcerpc_construct_bind_time_features(uint64_t features)
return s;
}
+
+NTSTATUS dcerpc_generic_session_key(DATA_BLOB *session_key)
+{
+ *session_key = data_blob_null;
+
+ /* this took quite a few CPU cycles to find ... */
+ session_key->data = discard_const_p(unsigned char, "SystemLibraryDTC");
+ session_key->length = 16;
+ return NT_STATUS_OK;
+}
+
+/*
+ push a ncacn_packet into a blob, potentially with auth info
+*/
+NTSTATUS dcerpc_ncacn_push_auth(DATA_BLOB *blob,
+ TALLOC_CTX *mem_ctx,
+ struct ncacn_packet *pkt,
+ struct dcerpc_auth *auth_info)
+{
+ struct ndr_push *ndr;
+ enum ndr_err_code ndr_err;
+
+ ndr = ndr_push_init_ctx(mem_ctx);
+ if (!ndr) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (auth_info) {
+ pkt->auth_length = auth_info->credentials.length;
+ } else {
+ pkt->auth_length = 0;
+ }
+
+ ndr_err = ndr_push_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, pkt);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return ndr_map_error2ntstatus(ndr_err);
+ }
+
+ if (auth_info) {
+#if 0
+ /* the s3 rpc server doesn't handle auth padding in
+ bind requests. Use zero auth padding to keep us
+ working with old servers */
+ uint32_t offset = ndr->offset;
+ ndr_err = ndr_push_align(ndr, 16);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return ndr_map_error2ntstatus(ndr_err);
+ }
+ auth_info->auth_pad_length = ndr->offset - offset;
+#else
+ auth_info->auth_pad_length = 0;
+#endif
+ ndr_err = ndr_push_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, auth_info);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return ndr_map_error2ntstatus(ndr_err);
+ }
+ }
+
+ *blob = ndr_push_blob(ndr);
+
+ /* fill in the frag length */
+ dcerpc_set_frag_length(blob, blob->length);
+
+ return NT_STATUS_OK;
+}
+
+/*
+ log a rpc packet in a format suitable for ndrdump. This is especially useful
+ for sealed packets, where ethereal cannot easily see the contents
+
+ this triggers on a debug level of >= 10
+*/
+void dcerpc_log_packet(const char *lockdir,
+ const struct ndr_interface_table *ndr,
+ uint32_t opnum, uint32_t flags,
+ const DATA_BLOB *pkt)
+{
+ const int num_examples = 20;
+ int i;
+
+ if (lockdir == NULL) return;
+
+ for (i=0;i<num_examples;i++) {
+ char *name=NULL;
+ int ret;
+ ret = asprintf(&name, "%s/rpclog/%s-%u.%d.%s",
+ lockdir, ndr->name, opnum, i,
+ (flags&NDR_IN)?"in":"out");
+ if (ret == -1) {
+ return;
+ }
+ if (!file_exist(name)) {
+ if (file_save(name, pkt->data, pkt->length)) {
+ DEBUG(10,("Logged rpc packet to %s\n", name));
+ }
+ free(name);
+ break;
+ }
+ free(name);
+ }
+}
diff --git a/source4/rpc_server/dcesrv_auth.c b/librpc/rpc/dcesrv_auth.c
similarity index 89%
rename from source4/rpc_server/dcesrv_auth.c
rename to librpc/rpc/dcesrv_auth.c
index c71e4868436..8ac90f2a2bd 100644
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/librpc/rpc/dcesrv_auth.c
@@ -1,4 +1,4 @@
-/*
+/*
Unix SMB/CIFS implementation.
server side dcerpc authentication code
@@ -10,27 +10,24 @@
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
-#include "rpc_server/dcerpc_server.h"
-#include "rpc_server/dcerpc_server_proto.h"
-#include "rpc_server/common/proto.h"
-#include "librpc/rpc/dcerpc_proto.h"
+#include "librpc/rpc/dcesrv_core.h"
+#include "librpc/rpc/dcesrv_core_proto.h"
#include "librpc/gen_ndr/ndr_dcerpc.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
#include "auth/auth.h"
#include "param/param.h"
-#include "librpc/rpc/rpc_common.h"
static NTSTATUS dcesrv_auth_negotiate_hdr_signing(struct dcesrv_call_state *call,
struct ncacn_packet *pkt)
@@ -80,7 +77,6 @@ static NTSTATUS dcesrv_auth_negotiate_hdr_signing(struct dcesrv_call_state *call
static bool dcesrv_auth_prepare_gensec(struct dcesrv_call_state *call)
{
- struct cli_credentials *server_credentials = NULL;
struct dcesrv_connection *dce_conn = call->conn;
struct dcesrv_auth *auth = call->auth_state;
NTSTATUS status;
@@ -131,28 +127,9 @@ static bool dcesrv_auth_prepare_gensec(struct dcesrv_call_state *call)
auth->auth_level = call->in_auth_info.auth_level;
auth->auth_context_id = call->in_auth_info.auth_context_id;
- server_credentials
- = cli_credentials_init(auth);
- if (!server_credentials) {
- DEBUG(1, ("Failed to init server credentials\n"));
- return false;
- }
-
- cli_credentials_set_conf(server_credentials, call->conn->dce_ctx->lp_ctx);
- status = cli_credentials_set_machine_account(server_credentials, call->conn->dce_ctx->lp_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1, ("Failed to obtain server credentials: %s\n",
- nt_errstr(status)));
- return false;
- }
-
- status = samba_server_gensec_start(auth,
- call->event_ctx,
- call->msg_ctx,
- call->conn->dce_ctx->lp_ctx,
- server_credentials,
- NULL,
- &auth->gensec_security);
+ status = call->conn->dce_ctx->callbacks.auth.gensec_prepare(auth,
+ call,
+ &auth->gensec_security);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to call samba_server_gensec_start %s\n",
nt_errstr(status)));
@@ -233,35 +210,6 @@ static bool dcesrv_auth_prepare_gensec(struct dcesrv_call_state *call)
return true;
}
-static void log_successful_dcesrv_authz_event(struct dcesrv_call_state *call)
-{
- struct dcesrv_auth *auth = call->auth_state;
- enum dcerpc_transport_t transport =
- dcerpc_binding_get_transport(call->conn->endpoint->ep_description);
- const char *auth_type = derpc_transport_string_by_transport(transport);
- const char *transport_protection = AUTHZ_TRANSPORT_PROTECTION_NONE;
-
- if (transport == NCACN_NP) {
- transport_protection = AUTHZ_TRANSPORT_PROTECTION_SMB;
- }
-
- /*
- * Log the authorization to this RPC interface. This
- * covered ncacn_np pass-through auth, and anonymous
- * DCE/RPC (eg epmapper, netlogon etc)
- */
- log_successful_authz_event(call->conn->msg_ctx,
- call->conn->dce_ctx->lp_ctx,
- call->conn->remote_address,
- call->conn->local_address,
- "DCE/RPC",
- auth_type,
- transport_protection,
- auth->session_info);
-
- auth->auth_audited = true;
-}
-
static void dcesrv_default_auth_state_finish_bind(struct dcesrv_call_state *call)
{
SMB_ASSERT(call->pkt.ptype == DCERPC_PKT_BIND);
@@ -319,7 +267,11 @@ void dcesrv_default_auth_state_prepare_request(struct dcesrv_call_state *call)
return;
}
- log_successful_dcesrv_authz_event(call);
+ if (!call->conn->dce_ctx->callbacks.log.successful_authz) {
+ return;
+ }
+
+ call->conn->dce_ctx->callbacks.log.successful_authz(call);
}
/*
@@ -339,7 +291,9 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
auth->auth_context_id = 0;
auth->auth_started = true;
- log_successful_dcesrv_authz_event(call);
+ if (call->conn->dce_ctx->callbacks.log.successful_authz) {
+ call->conn->dce_ctx->callbacks.log.successful_authz(call);
+ }
return true;
}
@@ -522,7 +476,7 @@ bool dcesrv_auth_prepare_auth3(struct dcesrv_call_state *call)
/*
parse any auth information from a dcerpc alter request
- return false if we can't handle the auth request for some
+ return false if we can't handle the auth request for some
reason (in which case we send a bind_nak (is this true for here?))
*/
bool dcesrv_auth_alter(struct dcesrv_call_state *call)
@@ -682,7 +636,7 @@ bool dcesrv_auth_pkt_pull(struct dcesrv_call_state *call,
return true;
}
-/*
+/*
push a signed or sealed dcerpc request packet into a blob
*/
bool dcesrv_auth_pkt_push(struct dcesrv_call_state *call,
diff --git a/source4/rpc_server/dcerpc_server.c b/librpc/rpc/dcesrv_core.c
similarity index 78%
copy from source4/rpc_server/dcerpc_server.c
copy to librpc/rpc/dcesrv_core.c
index 3decc34451b..902e82887f7 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/librpc/rpc/dcesrv_core.c
@@ -1,145 +1,45 @@
-/*
+/*
Unix SMB/CIFS implementation.
server side dcerpc core code
Copyright (C) Andrew Tridgell 2003-2005
Copyright (C) Stefan (metze) Metzmacher 2004-2005
-
+ Copyright (C) Samuel Cabrero <scabrero at samba.org> 2019
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
-#include "auth/auth.h"
+#include "librpc/rpc/dcesrv_core.h"
+#include "librpc/rpc/dcesrv_core_proto.h"
+#include "librpc/gen_ndr/auth.h"
#include "auth/gensec/gensec.h"
-#include "../lib/util/dlinklist.h"
-#include "rpc_server/dcerpc_server.h"
-#include "rpc_server/dcerpc_server_proto.h"
-#include "rpc_server/common/proto.h"
-#include "librpc/rpc/dcerpc_proto.h"
-#include "system/filesys.h"
+#include "lib/util/dlinklist.h"
#include "libcli/security/security.h"
#include "param/param.h"
-#include "../lib/tsocket/tsocket.h"
-#include "../libcli/named_pipe_auth/npa_tstream.h"
-#include "smbd/service_stream.h"
-#include "../lib/tsocket/tsocket.h"
-#include "lib/socket/socket.h"
-#include "smbd/process_model.h"
-#include "lib/messaging/irpc.h"
-#include "librpc/rpc/rpc_common.h"
-#include "lib/util/samba_modules.h"
+#include "lib/tsocket/tsocket.h"
#include "librpc/gen_ndr/ndr_dcerpc.h"
-#include "../lib/util/tevent_ntstatus.h"
+#include "lib/util/tevent_ntstatus.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_RPC_SRV
static NTSTATUS dcesrv_negotiate_contexts(struct dcesrv_call_state *call,
const struct dcerpc_bind *b,
struct dcerpc_ack_ctx *ack_ctx_list);
-/*
- find an association group given a assoc_group_id
- */
-static struct dcesrv_assoc_group *dcesrv_assoc_group_find(struct dcesrv_context *dce_ctx,
- uint32_t id)
-{
- void *id_ptr;
-
- id_ptr = idr_find(dce_ctx->assoc_groups_idr, id);
- if (id_ptr == NULL) {
- return NULL;
- }
- return talloc_get_type_abort(id_ptr, struct dcesrv_assoc_group);
-}
-
-/*
- take a reference to an existing association group
- */
-static struct dcesrv_assoc_group *dcesrv_assoc_group_reference(struct dcesrv_connection *conn,
- uint32_t id)
-{
- const struct dcesrv_endpoint *endpoint = conn->endpoint;
- enum dcerpc_transport_t transport =
- dcerpc_binding_get_transport(endpoint->ep_description);
- struct dcesrv_assoc_group *assoc_group;
-
- assoc_group = dcesrv_assoc_group_find(conn->dce_ctx, id);
- if (assoc_group == NULL) {
- DBG_NOTICE("Failed to find assoc_group 0x%08x\n", id);
- return NULL;
- }
- if (assoc_group->transport != transport) {
- const char *at =
- derpc_transport_string_by_transport(
- assoc_group->transport);
- const char *ct =
- derpc_transport_string_by_transport(
- transport);
-
- DBG_NOTICE("assoc_group 0x%08x (transport %s) "
- "is not available on transport %s",
- id, at, ct);
- return NULL;
- }
-
- return talloc_reference(conn, assoc_group);
-}
-
-static int dcesrv_assoc_group_destructor(struct dcesrv_assoc_group *assoc_group)
-{
- int ret;
- ret = idr_remove(assoc_group->dce_ctx->assoc_groups_idr, assoc_group->id);
- if (ret != 0) {
- DEBUG(0,(__location__ ": Failed to remove assoc_group 0x%08x\n",
- assoc_group->id));
- }
- return 0;
-}
-
-/*
- allocate a new association group
- */
-static struct dcesrv_assoc_group *dcesrv_assoc_group_new(struct dcesrv_connection *conn)
-{
- struct dcesrv_context *dce_ctx = conn->dce_ctx;
- const struct dcesrv_endpoint *endpoint = conn->endpoint;
- enum dcerpc_transport_t transport =
- dcerpc_binding_get_transport(endpoint->ep_description);
- struct dcesrv_assoc_group *assoc_group;
- int id;
-
- assoc_group = talloc_zero(conn, struct dcesrv_assoc_group);
- if (assoc_group == NULL) {
- return NULL;
- }
-
- id = idr_get_new_random(dce_ctx->assoc_groups_idr, assoc_group, UINT16_MAX);
- if (id == -1) {
- talloc_free(assoc_group);
- DEBUG(0,(__location__ ": Out of association groups!\n"));
- return NULL;
- }
-
- assoc_group->transport = transport;
- assoc_group->id = id;
- assoc_group->dce_ctx = dce_ctx;
-
- talloc_set_destructor(assoc_group, dcesrv_assoc_group_destructor);
-
- return assoc_group;
-}
-
-
/*
see if two endpoints match
*/
@@ -175,22 +75,24 @@ static bool endpoints_match(const struct dcerpc_binding *ep1,
/*
find an endpoint in the dcesrv_context
*/
-static struct dcesrv_endpoint *find_endpoint(struct dcesrv_context *dce_ctx,
- const struct dcerpc_binding *ep_description)
+_PUBLIC_ NTSTATUS dcesrv_find_endpoint(struct dcesrv_context *dce_ctx,
+ const struct dcerpc_binding *ep_description,
+ struct dcesrv_endpoint **_out)
{
- struct dcesrv_endpoint *ep;
+ struct dcesrv_endpoint *ep = NULL;
for (ep=dce_ctx->endpoint_list; ep; ep=ep->next) {
if (endpoints_match(ep->ep_description, ep_description)) {
- return ep;
+ *_out = ep;
+ return NT_STATUS_OK;
}
}
- return NULL;
+ return NT_STATUS_NOT_FOUND;
}
/*
find a registered context_id from a bind or alter_context
*/
-static struct dcesrv_connection_context *dcesrv_find_context(struct dcesrv_connection *conn,
--
Samba Shared Repository
More information about the samba-cvs
mailing list