[SCM] Samba Shared Repository - branch v4-14-test updated
Jule Anger
janger at samba.org
Sun Jan 30 10:22:02 UTC 2022
The branch, v4-14-test has been updated
via 96f88613a5e blackbox.ndrdump: fix test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test
via 0544a3a3c9c librpc/ndr: let ndr_push_string() let s_len == 0 result in d_len = 0
via 1d7e27ffa68 s4:torture/ndr: demonstrate the ndr_push_string(STR_NOTERM|REMAINING) of "" is wrong
via 56ccaafb032 blackbox.ndrdump: adjust example files to the usage of dump_data_diff output.
via 2f0a433811a ndrdump: make use of dump_data_file_diff() in order to show differences
via 7b96fe7e12b lib/util: add dump_data_diff*() helpers
via 7b844ab490c blackbox.ndrdump: adjust example files to changed dump_data() output.
via ec8b2ae38a9 lib/util: split out a dump_data_block16() helper
via 9e3c363030d dcesrv_core: wrap gensec_*() calls in [un]become_root() calls
from cefad52c90b s4:dsdb/vlv_pagination: fix segfault in vlv_results()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-14-test
- Log -----------------------------------------------------------------
commit 96f88613a5e8279aebb734ba5b41a474ff5f5db1
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jan 21 20:42:45 2022 +0100
blackbox.ndrdump: fix test_ndrdump_fuzzed_NULL_struct_ntlmssp_CHALLENGE_MESSAGE test
This actually reveals that ndr_push_string() for TargetName="" was
failing before because it resulted in 1 byte for a subcontext with
TargetLen=0.
This is fixed now and we no longer expect ndrdump to exit with 1.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Mon Jan 24 16:18:34 UTC 2022 on sn-devel-184
(cherry picked from commit 12464bd4c222d996aac6d6250b7945d63f20f4bc)
Autobuild-User(v4-14-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-14-test): Sun Jan 30 10:21:21 UTC 2022 on sn-devel-184
commit 0544a3a3c9c7e51c80428965a6f37cc486d2538d
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Nov 3 13:57:50 2021 +0100
librpc/ndr: let ndr_push_string() let s_len == 0 result in d_len = 0
convert_string_talloc_handle() tries to play an the safe side
and always returns a null terminated array.
But for NDR we need to be correct on the wire...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 43648e95a514020da4c7efa62df55d0882e3db85)
commit 1d7e27ffa68013d4bdf879b25f3d3570d1873326
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jan 21 01:09:23 2022 +0100
s4:torture/ndr: demonstrate the ndr_push_string(STR_NOTERM|REMAINING) of "" is wrong
convert_string_talloc() never returns a string with len=0 and always
implies zero termination byte(s).
For ndr_push_string this is unexpected as we need to be compatible on
the wire and push 0 bytes for an empty string.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 8da26cb6725b5d853ab481a348a3a672966715b5)
commit 56ccaafb0322539d3e6cda40bc14aa9cad7a5884
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jan 21 20:28:59 2022 +0100
blackbox.ndrdump: adjust example files to the usage of dump_data_diff output.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 1dc385cb648f0c37b04f4ede6b1c96916e379b23)
commit 2f0a433811ac0021b6e4a443e016133eb1241d35
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Nov 3 13:32:48 2021 +0100
ndrdump: make use of dump_data_file_diff() in order to show differences
This makes it much easier to detect differences in the given and
generated buffers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit d1a7f392a8ceef111a5d6c3d2a3bdb9dcb90db5e)
commit 7b96fe7e12bbe509a0343b2fe50ea2c844864ce2
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Nov 3 11:40:13 2021 +0100
lib/util: add dump_data_diff*() helpers
That will make it easy to see the difference
between two memory buffers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit b489b7feda19b3c0f0fe2300f2c76d416776355b)
commit 7b844ab490c0093fee3e0baaae2f7d77043ee409
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jan 21 20:06:40 2022 +0100
blackbox.ndrdump: adjust example files to changed dump_data() output.
The cleanup using dump_data_block16() fixed the space handling.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 9110a8854a518befa2908c26076e17a085c5ec48)
commit ec8b2ae38a99a0e914e9f5764ff881587546a655
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Nov 3 11:05:52 2021 +0100
lib/util: split out a dump_data_block16() helper
This simplifies the logic a lot for me.
It also fixes some corner cases regarding whitespaces in the
output, that's why we have to mark a few tests as knownfail,
they will be fixed in the next commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14956
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 58b09e107cadd7fb8191822d4e7e42657b1ed4c7)
commit 9e3c363030dd3108d9658e87f7c4101d0b470c47
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat Jan 22 01:08:26 2022 +0100
dcesrv_core: wrap gensec_*() calls in [un]become_root() calls
This is important for the source3/rpc_server code as it might
be called embedded in smbd and may not run as root with access
to our private tdb/ldb files.
Note this is only really needed for 4.15 and older, as
we no longer run the rpc_server embedded in smbd,
but we better be consistent for now.
This should be able to fix the problem the printing no longer works
on Windows 7 with 2021-10 monthly rollup patch (KB5006743).
Windows uses NTLMSSP with privacy at the DCERPC layer on top
of NCACN_NP (smb).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14867
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(similar to commit 0651fa474cd68b18d8eb9bdc7c4ba5b847ba9ad9)
-----------------------------------------------------------------------
Summary of changes:
lib/util/util.c | 203 +++++++++-----
lib/util/util.h | 28 ++
librpc/ndr/ndr_string.c | 5 +-
librpc/rpc/dcesrv_auth.c | 6 +
librpc/rpc/dcesrv_core.c | 18 ++
librpc/rpc/dcesrv_core.h | 2 +
librpc/tools/ndrdump.c | 10 +
python/samba/tests/blackbox/ndrdump.py | 19 +-
source3/rpc_server/rpc_config.c | 2 +
source3/selftest/ktest-krb5_ccache-2.txt | 4 +-
source3/selftest/ktest-krb5_ccache-3.txt | 4 +-
.../tests/dns-decode_dns_name_packet-hex.txt | 2 +-
.../librpc/tests/fuzzed_drsuapi_DsAddEntry_1.txt | 297 ++++++++++++++++++++-
.../librpc/tests/fuzzed_drsuapi_DsGetNCChanges.txt | 2 +-
.../tests/fuzzed_drsuapi_DsReplicaAttribute.txt | 31 ++-
.../tests/fuzzed_ntlmssp-AUTHENTICATE_MESSAGE.txt | 33 +++
.../tests/fuzzed_ntlmssp-CHALLENGE_MESSAGE.txt | 52 +++-
source4/librpc/tests/krb5pac_upn_dns_info_ex.txt | 61 +++++
.../krb5pac_upn_dns_info_ex_not_supported.txt | 69 +++++
source4/rpc_server/service_rpc.c | 10 +
source4/torture/ndr/string.c | 30 ++-
21 files changed, 796 insertions(+), 92 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/util.c b/lib/util/util.c
index 3ca6b61df32..06977f23229 100644
--- a/lib/util/util.c
+++ b/lib/util/util.c
@@ -481,6 +481,48 @@ void print_asc(int level, const uint8_t *buf,int len)
print_asc_cb(buf, len, debugadd_cb, &level);
}
+static void dump_data_block16(const char *prefix, size_t idx,
+ const uint8_t *buf, size_t len,
+ void (*cb)(const char *buf, void *private_data),
+ void *private_data)
+{
+ char tmp[16];
+ size_t i;
+
+ SMB_ASSERT(len >= 0 && len <= 16);
+
+ snprintf(tmp, sizeof(tmp), "%s[%04zX]", prefix, idx);
+ cb(tmp, private_data);
+
+ for (i=0; i<16; i++) {
+ if (i == 8) {
+ cb(" ", private_data);
+ }
+ if (i < len) {
+ snprintf(tmp, sizeof(tmp), " %02X", (int)buf[i]);
+ } else {
+ snprintf(tmp, sizeof(tmp), " ");
+ }
+ cb(tmp, private_data);
+ }
+
+ cb(" ", private_data);
+
+ if (len == 0) {
+ cb("EMPTY BLOCK\n", private_data);
+ return;
+ }
+
+ for (i=0; i<len; i++) {
+ if (i == 8) {
+ cb(" ", private_data);
+ }
+ print_asc_cb(&buf[i], 1, cb, private_data);
+ }
+
+ cb("\n", private_data);
+}
+
/**
* Write dump of binary data to a callback
*/
@@ -491,73 +533,30 @@ void dump_data_cb(const uint8_t *buf, int len,
{
int i=0;
bool skipped = false;
- char tmp[16];
if (len<=0) return;
- for (i=0;i<len;) {
-
- if (i%16 == 0) {
- if ((omit_zero_bytes == true) &&
- (i > 0) &&
- (len > i+16) &&
- all_zero(&buf[i], 16))
- {
- i +=16;
- continue;
- }
-
- if (i<len) {
- snprintf(tmp, sizeof(tmp), "[%04X] ", i);
- cb(tmp, private_data);
+ for (i=0;i<len;i+=16) {
+ size_t remaining_len = len - i;
+ size_t this_len = MIN(remaining_len, 16);
+ const uint8_t *this_buf = &buf[i];
+
+ if ((omit_zero_bytes == true) &&
+ (i > 0) && (remaining_len > 16) &&
+ (this_len == 16) && all_zero(this_buf, 16))
+ {
+ if (!skipped) {
+ cb("skipping zero buffer bytes\n",
+ private_data);
+ skipped = true;
}
+ continue;
}
- snprintf(tmp, sizeof(tmp), "%02X ", (int)buf[i]);
- cb(tmp, private_data);
- i++;
- if (i%8 == 0) {
- cb(" ", private_data);
- }
- if (i%16 == 0) {
-
- print_asc_cb(&buf[i-16], 8, cb, private_data);
- cb(" ", private_data);
- print_asc_cb(&buf[i-8], 8, cb, private_data);
- cb("\n", private_data);
-
- if ((omit_zero_bytes == true) &&
- (len > i+16) &&
- all_zero(&buf[i], 16)) {
- if (!skipped) {
- cb("skipping zero buffer bytes\n",
- private_data);
- skipped = true;
- }
- }
- }
+ skipped = false;
+ dump_data_block16("", i, this_buf, this_len,
+ cb, private_data);
}
-
- if (i%16) {
- int n;
- n = 16 - (i%16);
- cb(" ", private_data);
- if (n>8) {
- cb(" ", private_data);
- }
- while (n--) {
- cb(" ", private_data);
- }
- n = MIN(8,i%16);
- print_asc_cb(&buf[i-(i%16)], n, cb, private_data);
- cb(" ", private_data);
- n = (i%16) - n;
- if (n>0) {
- print_asc_cb(&buf[i-n], n, cb, private_data);
- }
- cb("\n", private_data);
- }
-
}
/**
@@ -615,6 +614,90 @@ void dump_data_file(const uint8_t *buf, int len, bool omit_zero_bytes,
dump_data_cb(buf, len, omit_zero_bytes, fprintf_cb, f);
}
+/**
+ * Write dump of compared binary data to a callback
+ */
+void dump_data_diff_cb(const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2,
+ bool omit_zero_bytes,
+ void (*cb)(const char *buf, void *private_data),
+ void *private_data)
+{
+ size_t len = MAX(len1, len2);
+ size_t i;
+ bool skipped = false;
+
+ for (i=0; i<len; i+=16) {
+ size_t remaining_len = len - i;
+ size_t remaining_len1 = 0;
+ size_t this_len1 = 0;
+ const uint8_t *this_buf1 = NULL;
+ size_t remaining_len2 = 0;
+ size_t this_len2 = 0;
+ const uint8_t *this_buf2 = NULL;
+
+ if (i < len1) {
+ remaining_len1 = len1 - i;
+ this_len1 = MIN(remaining_len1, 16);
+ this_buf1 = &buf1[i];
+ }
+ if (i < len2) {
+ remaining_len2 = len2 - i;
+ this_len2 = MIN(remaining_len2, 16);
+ this_buf2 = &buf2[i];
+ }
+
+ if ((omit_zero_bytes == true) &&
+ (i > 0) && (remaining_len > 16) &&
+ (this_len1 == 16) && all_zero(this_buf1, 16) &&
+ (this_len2 == 16) && all_zero(this_buf2, 16))
+ {
+ if (!skipped) {
+ cb("skipping zero buffer bytes\n",
+ private_data);
+ skipped = true;
+ }
+ continue;
+ }
+
+ skipped = false;
+
+ if ((this_len1 == this_len2) &&
+ (memcmp(this_buf1, this_buf2, this_len1) == 0))
+ {
+ dump_data_block16(" ", i, this_buf1, this_len1,
+ cb, private_data);
+ continue;
+ }
+
+ dump_data_block16("-", i, this_buf1, this_len1,
+ cb, private_data);
+ dump_data_block16("+", i, this_buf2, this_len2,
+ cb, private_data);
+ }
+}
+
+_PUBLIC_ void dump_data_diff(int dbgc_class, int level,
+ bool omit_zero_bytes,
+ const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2)
+{
+ struct debug_channel_level dcl = { dbgc_class, level };
+
+ if (!DEBUGLVLC(dbgc_class, level)) {
+ return;
+ }
+ dump_data_diff_cb(buf1, len1, buf2, len2, true, debugadd_channel_cb, &dcl);
+}
+
+_PUBLIC_ void dump_data_file_diff(FILE *f,
+ bool omit_zero_bytes,
+ const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2)
+{
+ dump_data_diff_cb(buf1, len1, buf2, len2, omit_zero_bytes, fprintf_cb, f);
+}
+
/**
malloc that aborts with smb_panic on fail or zero size.
**/
diff --git a/lib/util/util.h b/lib/util/util.h
index a7acad56880..072f0486234 100644
--- a/lib/util/util.h
+++ b/lib/util/util.h
@@ -51,4 +51,32 @@ _PUBLIC_ void dump_data(int level, const uint8_t *buf,int len);
*/
_PUBLIC_ void dump_data_dbgc(int dbgc_class, int level, const uint8_t *buf, int len);
+/**
+ * Write dump of compared binary data to a callback
+ */
+void dump_data_diff_cb(const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2,
+ bool omit_zero_bytes,
+ void (*cb)(const char *buf, void *private_data),
+ void *private_data);
+
+/**
+ * Write dump of compared binary data to the log file.
+ *
+ * The data is only written if the log level is at least level for
+ * debug class dbgc_class.
+ */
+_PUBLIC_ void dump_data_diff(int dbgc_class, int level,
+ bool omit_zero_bytes,
+ const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2);
+
+/**
+ * Write dump of compared binary data to the given file handle
+ */
+_PUBLIC_ void dump_data_file_diff(FILE *f,
+ bool omit_zero_bytes,
+ const uint8_t *buf1, size_t len1,
+ const uint8_t *buf2, size_t len2);
+
#endif
diff --git a/librpc/ndr/ndr_string.c b/librpc/ndr/ndr_string.c
index 77efb3e9848..2b3737ce258 100644
--- a/librpc/ndr/ndr_string.c
+++ b/librpc/ndr/ndr_string.c
@@ -236,7 +236,10 @@ _PUBLIC_ enum ndr_err_code ndr_push_string(struct ndr_push *ndr, int ndr_flags,
s_len++;
}
- if (!do_convert) {
+ if (s_len == 0) {
+ d_len = 0;
+ dest = (uint8_t *)talloc_strdup(ndr, "");
+ } else if (!do_convert) {
d_len = s_len;
dest = (uint8_t *)talloc_strndup(ndr, s, s_len);
} else if (!convert_string_talloc(ndr, CH_UNIX, chset, s, s_len,
diff --git a/librpc/rpc/dcesrv_auth.c b/librpc/rpc/dcesrv_auth.c
index 9d8df6c42e2..b4a29ea9ab4 100644
--- a/librpc/rpc/dcesrv_auth.c
+++ b/librpc/rpc/dcesrv_auth.c
@@ -81,6 +81,7 @@ static bool dcesrv_auth_prepare_gensec(struct dcesrv_call_state *call)
{
struct dcesrv_connection *dce_conn = call->conn;
struct dcesrv_auth *auth = call->auth_state;
+ struct dcesrv_context_callbacks *cb = &call->conn->dce_ctx->callbacks;
NTSTATUS status;
if (auth->auth_started) {
@@ -129,9 +130,11 @@ static bool dcesrv_auth_prepare_gensec(struct dcesrv_call_state *call)
auth->auth_level = call->in_auth_info.auth_level;
auth->auth_context_id = call->in_auth_info.auth_context_id;
+ cb->auth.become_root();
status = call->conn->dce_ctx->callbacks.auth.gensec_prepare(auth,
call,
&auth->gensec_security);
+ cb->auth.unbecome_root();
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to call samba_server_gensec_start %s\n",
nt_errstr(status)));
@@ -324,6 +327,7 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status)
{
struct dcesrv_auth *auth = call->auth_state;
+ struct dcesrv_context_callbacks *cb = &call->conn->dce_ctx->callbacks;
const char *pdu = "<unknown>";
switch (call->pkt.ptype) {
@@ -354,9 +358,11 @@ NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status)
return status;
}
+ cb->auth.become_root();
status = gensec_session_info(auth->gensec_security,
auth,
&auth->session_info);
+ cb->auth.unbecome_root();
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to establish session_info: %s\n",
nt_errstr(status)));
diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c
index 0bab4c10641..3f7c72db584 100644
--- a/librpc/rpc/dcesrv_core.c
+++ b/librpc/rpc/dcesrv_core.c
@@ -951,6 +951,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
struct dcerpc_binding *ep_2nd_description = NULL;
const char *endpoint = NULL;
struct dcesrv_auth *auth = call->auth_state;
+ struct dcesrv_context_callbacks *cb = &call->conn->dce_ctx->callbacks;
struct dcerpc_ack_ctx *ack_ctx_list = NULL;
struct dcerpc_ack_ctx *ack_features = NULL;
struct tevent_req *subreq = NULL;
@@ -1155,9 +1156,11 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
return dcesrv_auth_reply(call);
}
+ cb->auth.become_root();
subreq = gensec_update_send(call, call->event_ctx,
auth->gensec_security,
call->in_auth_info.credentials);
+ cb->auth.unbecome_root();
if (subreq == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -1172,10 +1175,13 @@ static void dcesrv_bind_done(struct tevent_req *subreq)
tevent_req_callback_data(subreq,
struct dcesrv_call_state);
struct dcesrv_connection *conn = call->conn;
+ struct dcesrv_context_callbacks *cb = &call->conn->dce_ctx->callbacks;
NTSTATUS status;
+ cb->auth.become_root();
status = gensec_update_recv(subreq, call,
&call->out_auth_info->credentials);
+ cb->auth.unbecome_root();
TALLOC_FREE(subreq);
status = dcesrv_auth_complete(call, status);
@@ -1233,6 +1239,7 @@ static NTSTATUS dcesrv_auth3(struct dcesrv_call_state *call)
{
struct dcesrv_connection *conn = call->conn;
struct dcesrv_auth *auth = call->auth_state;
+ struct dcesrv_context_callbacks *cb = &call->conn->dce_ctx->callbacks;
struct tevent_req *subreq = NULL;
NTSTATUS status;
@@ -1277,9 +1284,11 @@ static NTSTATUS dcesrv_auth3(struct dcesrv_call_state *call)
return NT_STATUS_OK;
}
+ cb->auth.become_root();
subreq = gensec_update_send(call, call->event_ctx,
auth->gensec_security,
call->in_auth_info.credentials);
+ cb->auth.unbecome_root();
if (subreq == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -1295,10 +1304,13 @@ static void dcesrv_auth3_done(struct tevent_req *subreq)
struct dcesrv_call_state);
struct dcesrv_connection *conn = call->conn;
struct dcesrv_auth *auth = call->auth_state;
+ struct dcesrv_context_callbacks *cb = &call->conn->dce_ctx->callbacks;
NTSTATUS status;
+ cb->auth.become_root();
status = gensec_update_recv(subreq, call,
&call->out_auth_info->credentials);
+ cb->auth.unbecome_root();
TALLOC_FREE(subreq);
status = dcesrv_auth_complete(call, status);
@@ -1570,6 +1582,7 @@ static NTSTATUS dcesrv_alter(struct dcesrv_call_state *call)
struct ncacn_packet *pkt = &call->ack_pkt;
uint32_t extra_flags = 0;
struct dcesrv_auth *auth = call->auth_state;
+ struct dcesrv_context_callbacks *cb = &call->conn->dce_ctx->callbacks;
struct dcerpc_ack_ctx *ack_ctx_list = NULL;
struct tevent_req *subreq = NULL;
size_t i;
@@ -1681,9 +1694,11 @@ static NTSTATUS dcesrv_alter(struct dcesrv_call_state *call)
return dcesrv_auth_reply(call);
}
+ cb->auth.become_root();
subreq = gensec_update_send(call, call->event_ctx,
auth->gensec_security,
call->in_auth_info.credentials);
+ cb->auth.unbecome_root();
if (subreq == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -1698,10 +1713,13 @@ static void dcesrv_alter_done(struct tevent_req *subreq)
tevent_req_callback_data(subreq,
struct dcesrv_call_state);
struct dcesrv_connection *conn = call->conn;
+ struct dcesrv_context_callbacks *cb = &call->conn->dce_ctx->callbacks;
NTSTATUS status;
+ cb->auth.become_root();
status = gensec_update_recv(subreq, call,
&call->out_auth_info->credentials);
+ cb->auth.unbecome_root();
TALLOC_FREE(subreq);
status = dcesrv_auth_complete(call, status);
diff --git a/librpc/rpc/dcesrv_core.h b/librpc/rpc/dcesrv_core.h
index 41ae622ecfe..48adebe1b0a 100644
--- a/librpc/rpc/dcesrv_core.h
+++ b/librpc/rpc/dcesrv_core.h
@@ -386,6 +386,8 @@ struct dcesrv_context_callbacks {
NTSTATUS (*gensec_prepare)(TALLOC_CTX *mem_ctx,
struct dcesrv_call_state *call,
struct gensec_security **out);
+ void (*become_root)(void);
+ void (*unbecome_root)(void);
} auth;
struct {
NTSTATUS (*find)(struct dcesrv_call_state *);
diff --git a/librpc/tools/ndrdump.c b/librpc/tools/ndrdump.c
index 2872a85b621..ef92de1ecaa 100644
--- a/librpc/tools/ndrdump.c
+++ b/librpc/tools/ndrdump.c
@@ -189,6 +189,13 @@ static void ndrdump_data(uint8_t *d, uint32_t l, bool force)
dump_data_file(d, l, !force, stdout);
}
+static void ndrdump_data_diff(const uint8_t *d1, size_t l1,
+ const uint8_t *d2, size_t l2,
+ bool force)
+{
+ dump_data_file_diff(stdout, !force, d1, l1, d2, l2);
+}
+
static NTSTATUS ndrdump_pull_and_print_pipes(const char *function,
struct ndr_pull *ndr_pull,
struct ndr_print *ndr_print,
@@ -753,6 +760,9 @@ static void ndr_print_dummy(struct ndr_print *ndr, const char *format, ...)
printf("WARNING! orig and validated differ at byte 0x%02X (%u)\n", i, i);
printf("WARNING! orig byte[0x%02X] = 0x%02X validated byte[0x%02X] = 0x%02X\n",
i, byte_a, i, byte_b);
+ ndrdump_data_diff(blob.data, blob.length,
+ v_blob.data, v_blob.length,
+ dumpdata);
}
}
diff --git a/python/samba/tests/blackbox/ndrdump.py b/python/samba/tests/blackbox/ndrdump.py
index 9a4e6cabe8b..7214ea5bb93 100644
--- a/python/samba/tests/blackbox/ndrdump.py
+++ b/python/samba/tests/blackbox/ndrdump.py
@@ -171,7 +171,7 @@ dump OK
def test_ndrdump_input_cmdline_short_struct_name_dump(self):
expected = '''pull returned Buffer Size Error
6 bytes consumed
-[0000] 61 62 63 64 65 66 67 abcdefg ''' \
+[0000] 61 62 63 64 65 66 67 abcdefg''' \
'''
'''
try:
@@ -187,10 +187,10 @@ dump OK
def test_ndrdump_input_cmdline_short_struct_name_print_fail(self):
expected = '''pull returned Buffer Size Error
6 bytes consumed
-[0000] 61 62 63 64 65 66 67 abcdefg ''' \
+[0000] 61 62 63 64 65 66 67 abcdefg''' \
'''
WARNING! 1 unread bytes
--
Samba Shared Repository
More information about the samba-cvs
mailing list