[SCM] Samba Shared Repository - branch master updated
Jule Anger
janger at samba.org
Tue Oct 10 15:48:02 UTC 2023
The branch, master has been updated
via 1fbf08e8120 CVE-2023-42670 s3-rpc_server: Remove cross-check with "samba" EPM lookup
via 11ece30afa1 CVE-2023-42670 s3-rpc_server: Strictly refuse to start RPC servers in conflict with AD DC
via 2e87c9d8658 s4-echo: Remove the "echo" server (port 7, RFC 862) in production builds
via a9c32f929b7 CVE-2023-42669 s3-rpc_server: Disable rpcecho for consistency with the AD DC
via 3cf1beed5df CVE-2023-42669 s4-rpc_server: Disable rpcecho server by default
via cfeb9fe50e4 CVE-2023-4154: Unimplement the original DirSync behaviour without LDAP_DIRSYNC_OBJECT_SECURITY
via d3d83a8f2e5 CVE-2023-4154 dsdb/tests: Extend attribute read DirSync tests
via 0a79ed2c0b1 CVE-2023-4154 dsdb/tests: Add test for SEARCH_FLAG_RODC_ATTRIBUTE behaviour
via d4a71fbece8 CVE-2023-4154 dsdb/tests: Speed up DirSync test by only checking positive matches once
via 76b8d3edce1 CVE-2023-4154 dsdb/tests: Check that secret attributes are not visible with DirSync ever.
via b644bb06650 CVE-2023-4154 dsdb/tests: Force the test attribute to be not-confidential at the start
via 07d2b28fb35 CVE-2023-4154 dsdb/tests: Use self.addCleanup() and delete_force()
via 6578a65ed7b CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests twice
via b70f4f8681c CVE-2023-4091: smbd: use open_access_mask for access check in open_file()
via b1fd6569418 CVE-2023-4091: smbtorture: test overwrite dispositions on read-only file
via 5ed25efb073 CVE-2023-3961:s3: smbd: Remove the SMB_ASSERT() that crashes on bad pipenames.
via c39f90a1249 CVE-2023-3961:s3:torture: Add test SMB2-INVALID-PIPENAME to show we allow bad pipenames with unix separators through to the UNIX domain socket code.
via ae476e1c28b CVE-2023-3961:s3:smbd: Catch any incoming pipe path that could exit socket_dir.
from a6b66661c75 ctdb: Add "home_nodes" file to deterministic IP allocation
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1fbf08e8120b27783c32f599b64d3b2c5c70dce7
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 12 16:23:49 2023 +1200
CVE-2023-42670 s3-rpc_server: Remove cross-check with "samba" EPM lookup
We now have ensured that no conflicting services attempt to start
so we do not need the runtime lookup and so avoid the risk that
the lookup may fail.
This means that any duplicates will be noticed early not just
in a race condition.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15473
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Jule Anger <janger at samba.org>
Autobuild-Date(master): Tue Oct 10 15:47:04 UTC 2023 on atb-devel-224
commit 11ece30afa1a7204b93ab60a05f011d8fa24e5cd
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 12 12:28:49 2023 +1200
CVE-2023-42670 s3-rpc_server: Strictly refuse to start RPC servers in conflict with AD DC
Just as we refuse to start NETLOGON except on the DC, we must refuse
to start all of the RPC services that are provided by the AD DC.
Most critically of course this applies to netlogon, lsa and samr.
This avoids the supression of these services being the result of a
runtime epmapper lookup, as if that fails these services can disrupt
service to end users by listening on the same socket as the AD DC
servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15473
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 2e87c9d865828079f0023ff59b71db8ca455ad25
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 12 19:03:10 2023 +1200
s4-echo: Remove the "echo" server (port 7, RFC 862) in production builds
This demonstration should never be enabled in production, if
echo service is required other software is far better positioned
to provide it. Reflection attacks on echo are a known issue.
This is removed for consistency with the removal of rpcecho, but was
never enabled in the default smb.conf so is mostly harmless.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit a9c32f929b7901b4ca230cc7a725b42c8916540d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 12 19:01:03 2023 +1200
CVE-2023-42669 s3-rpc_server: Disable rpcecho for consistency with the AD DC
The rpcecho server in source3 does have samba the sleep() feature that
the s4 version has, but the task architecture is different, so there
is not the same impact. Hoever equally this is not something that
should be enabled on production builds of Samba, so restrict to
selftest builds.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15474
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 3cf1beed5df7d8b5d854517de7de322c6a5bc7fa
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Sep 12 18:59:44 2023 +1200
CVE-2023-42669 s4-rpc_server: Disable rpcecho server by default
The rpcecho server is useful in development and testing, but should never
have been allowed into production, as it includes the facility to
do a blocking sleep() in the single-threaded rpc worker.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15474
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit cfeb9fe50e4b76063a3cddebd4190f420f1c4aca
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 8 17:58:27 2023 +1200
CVE-2023-4154: Unimplement the original DirSync behaviour without LDAP_DIRSYNC_OBJECT_SECURITY
This makes LDAP_DIRSYNC_OBJECT_SECURITY the only behaviour provided by
Samba.
Having a second access control system withing the LDAP stack is unsafe
and this layer is incomplete.
The current system gives all accounts that have been given the
GUID_DRS_GET_CHANGES extended right SYSTEM access. Currently in Samba
this equates to full access to passwords as well as "RODC Filtered
attributes" (often used with confidential attributes).
Rather than attempting to correctly filter for secrets (passwords) and
these filtered attributes, as well as preventing search expressions for
both, we leave this complexity to the acl_read module which has this
facility already well tested.
The implication is that callers will only see and filter by attribute
in DirSync that they could without DirSync.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit d3d83a8f2e5367c7cb6cbb0c04ccd6e6e6d24236
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 22 15:08:17 2023 +1200
CVE-2023-4154 dsdb/tests: Extend attribute read DirSync tests
The aim here is to document the expected (even if not implemented)
SEARCH_FLAG_RODC_ATTRIBUTE vs SEARCH_FLAG_CONFIDENTIAL, behaviour, so
that any change once CVE-2023-4154 is fixed can be noted.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 0a79ed2c0b1315986b33cf3dac81f9206d4b6e1e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 8 14:30:19 2023 +1200
CVE-2023-4154 dsdb/tests: Add test for SEARCH_FLAG_RODC_ATTRIBUTE behaviour
SEARCH_FLAG_RODC_ATTRIBUTE should be like SEARCH_FLAG_CONFIDENTIAL,
but for DirSync and DRS replication. Accounts with
GUID_DRS_GET_CHANGES rights should not be able to read this
attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit d4a71fbece8693c8522c429f462cecfb18b607a4
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 8 11:18:46 2023 +1200
CVE-2023-4154 dsdb/tests: Speed up DirSync test by only checking positive matches once
When we (expect to) get back a result, do not waste time against a potentially
slow server confirming we also get back results for all the other attribute
combinations.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 76b8d3edce1f4e1a3da725b72ebc5b9508d9a120
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 7 11:56:56 2023 +1200
CVE-2023-4154 dsdb/tests: Check that secret attributes are not visible with DirSync ever.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit b644bb066509b4890b6e1db48160960835f53bac
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 7 14:44:28 2023 +1200
CVE-2023-4154 dsdb/tests: Force the test attribute to be not-confidential at the start
Rather than fail, if the last run failed to reset things, just force
the DC into the required state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 07d2b28fb3585c4d5366b0a8ddac9cd299aadf92
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 7 13:15:40 2023 +1200
CVE-2023-4154 dsdb/tests: Use self.addCleanup() and delete_force()
Thie helps ensure this test is reliable even in spite of errors while
running.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 6578a65ed7bb8740671a10e2fcf36c48fd524c07
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Aug 7 11:55:55 2023 +1200
CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests twice
To re-use setup code, the super-class must have no test_*() methods
otherwise these will be run as well as the class-local tests.
We rename tests that would otherwise have duplicate names
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit b70f4f8681ca1b0818d42f600fd8bbdd74c29346
Author: Ralph Boehme <slow at samba.org>
Date: Tue Aug 1 13:04:36 2023 +0200
CVE-2023-4091: smbd: use open_access_mask for access check in open_file()
If the client requested FILE_OVERWRITE[_IF], we're implicitly adding
FILE_WRITE_DATA to the open_access_mask in open_file_ntcreate(), but for the
access check we're using access_mask which doesn't contain the additional
right, which means we can end up truncating a file for which the user has
only read-only access via an SD.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15439
Signed-off-by: Ralph Boehme <slow at samba.org>
commit b1fd65694185c26f1e196d84ee8756300e631bd5
Author: Ralph Boehme <slow at samba.org>
Date: Tue Aug 1 12:30:00 2023 +0200
CVE-2023-4091: smbtorture: test overwrite dispositions on read-only file
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15439
Signed-off-by: Ralph Boehme <slow at samba.org>
commit 5ed25efb0731de2062cd1d9e109dcf9e3eb5c356
Author: Jeremy Allison <jra at samba.org>
Date: Tue Jul 25 17:54:41 2023 -0700
CVE-2023-3961:s3: smbd: Remove the SMB_ASSERT() that crashes on bad pipenames.
We correctly handle this and just return ENOENT (NT_STATUS_OBJECT_NAME_NOT_FOUND).
Remove knowfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15422
Signed-off-by: Jeremy Allison <jra at samba.org>
commit c39f90a12496fea74a11cbd8b34ad4074d2529db
Author: Jeremy Allison <jra at samba.org>
Date: Tue Jul 25 17:49:21 2023 -0700
CVE-2023-3961:s3:torture: Add test SMB2-INVALID-PIPENAME to show we allow bad pipenames with unix separators through to the UNIX domain socket code.
The raw SMB2-INVALID-PIPENAME test passes against Windows 2022,
as it just returns NT_STATUS_OBJECT_NAME_NOT_FOUND.
Add the knownfail.
BUG:https://bugzilla.samba.org/show_bug.cgi?id=15422
Signed-off-by: Jeremy Allison <jra at samba.org>
commit ae476e1c28b797fe221172ed1066bf8efa476d8d
Author: Jeremy Allison <jra at samba.org>
Date: Tue Jul 25 17:41:04 2023 -0700
CVE-2023-3961:s3:smbd: Catch any incoming pipe path that could exit socket_dir.
For now, SMB_ASSERT() to exit the server. We will remove
this once the test code is in place.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15422
Signed-off-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
.../smbdotconf/protocol/dcerpcendpointservers.xml | 2 +-
lib/param/loadparm.c | 2 +-
selftest/knownfail | 2 +-
selftest/knownfail.d/dirsync | 13 +
selftest/target/Samba4.pm | 2 +-
source3/param/loadparm.c | 2 +-
source3/rpc_client/local_np.c | 13 +
source3/rpc_server/rpc_host.c | 154 +------
source3/rpc_server/rpcd_classic.c | 45 +-
source3/rpc_server/rpcd_epmapper.c | 33 +-
source3/rpc_server/rpcd_lsad.c | 21 +
source3/rpc_server/rpcd_rpcecho.c | 33 +-
source3/rpc_server/wscript_build | 1 +
source3/selftest/tests.py | 14 +
source3/smbd/open.c | 4 +-
source3/torture/proto.h | 1 +
source3/torture/test_smb2.c | 110 +++++
source3/torture/torture.c | 4 +
source4/dsdb/samdb/ldb_modules/dirsync.c | 22 +-
source4/dsdb/tests/python/confidential_attr.py | 61 ++-
source4/dsdb/tests/python/dirsync.py | 465 ++++++++++++++++++---
source4/echo_server/wscript_build | 2 +-
source4/rpc_server/wscript_build | 3 +-
source4/torture/smb2/acls.c | 143 +++++++
24 files changed, 904 insertions(+), 248 deletions(-)
create mode 100644 selftest/knownfail.d/dirsync
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
index 8a217cc7f11..c6642b795fd 100644
--- a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
+++ b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
@@ -6,6 +6,6 @@
<para>Specifies which DCE/RPC endpoint servers should be run.</para>
</description>
-<value type="default">epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver</value>
+<value type="default">epmapper, wkssvc, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver</value>
<value type="example">rpcecho</value>
</samba:parameter>
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 9a7ae4f95fe..673b913e6e5 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2730,7 +2730,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
lpcfg_do_global_parameter(lp_ctx, "ntvfs handler", "unixuid default");
lpcfg_do_global_parameter(lp_ctx, "max connections", "0");
- lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver");
+ lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper wkssvc samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver");
lpcfg_do_global_parameter(lp_ctx, "server services", "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns");
lpcfg_do_global_parameter(lp_ctx, "kccsrv:samba_kcc", "true");
/* the winbind method for domain controllers is for both RODC
diff --git a/selftest/knownfail b/selftest/knownfail
index 37c75d7ca33..4e34effbbd1 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -151,7 +151,7 @@
^samba4.smb2.acls.*.inheritflags
^samba4.smb2.acls.*.owner
^samba4.smb2.acls.*.ACCESSBASED
-^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.test_dirsync_deleted_items
+^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.SimpleDirsyncTests.test_dirsync_deleted_items_OBJECT_SECURITY
#^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.*
^samba4.libsmbclient.opendir.(NT1|SMB3).opendir # This requires netbios browsing
^samba4.rpc.drsuapi.*.drsuapi.DsGetDomainControllerInfo\(.*\)$
diff --git a/selftest/knownfail.d/dirsync b/selftest/knownfail.d/dirsync
new file mode 100644
index 00000000000..fcf4d469d6e
--- /dev/null
+++ b/selftest/knownfail.d/dirsync
@@ -0,0 +1,13 @@
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_OBJECT_SECURITY_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_unicodePwd_OBJ_SEC_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_unicodePwd_with_GET_CHANGES_OBJ_SEC_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_unicodePwd_with_GET_CHANGES_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_with_GET_CHANGES_OBJECT_SECURITY_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_with_GET_CHANGES\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_OBJECT_SECURITY_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_OBJECT_SECURITY_with_GET_CHANGES_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_with_GET_CHANGES_attr\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_with_GET_CHANGES_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.FilteredDirsyncTests.test_dirsync_with_GET_CHANGES\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.FilteredDirsyncTests.test_dirsync_with_GET_CHANGES_attr\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.FilteredDirsyncTests.test_dirsync_with_GET_CHANGES_insist_on_empty_element\(.*\)
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 49e3c174b07..5f1f1bfffad 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -783,7 +783,7 @@ sub provision_raw_step1($$)
wins support = yes
server role = $ctx->{server_role}
server services = +echo $services
- dcerpc endpoint servers = +winreg +srvsvc
+ dcerpc endpoint servers = +winreg +srvsvc +rpcecho
notify:inotify = false
ldb:nosync = true
ldap server require strong auth = yes
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 1c364458912..e7f4bbe3995 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -883,7 +883,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
- Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
+ Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
Globals.tls_enabled = true;
Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE;
diff --git a/source3/rpc_client/local_np.c b/source3/rpc_client/local_np.c
index 0e912d0e35a..2e9d1b4febe 100644
--- a/source3/rpc_client/local_np.c
+++ b/source3/rpc_client/local_np.c
@@ -542,6 +542,19 @@ struct tevent_req *local_np_connect_send(
return tevent_req_post(req, ev);
}
+ /*
+ * Ensure we cannot process a path that exits
+ * the socket_dir.
+ */
+ if (ISDOTDOT(lower_case_pipename) ||
+ (strchr(lower_case_pipename, '/')!=NULL))
+ {
+ DBG_DEBUG("attempt to connect to invalid pipe pathname %s\n",
+ lower_case_pipename);
+ tevent_req_error(req, ENOENT);
+ return tevent_req_post(req, ev);
+ }
+
state->socketpath = talloc_asprintf(
state, "%s/np/%s", socket_dir, lower_case_pipename);
if (tevent_req_nomem(state->socketpath, req)) {
diff --git a/source3/rpc_server/rpc_host.c b/source3/rpc_server/rpc_host.c
index f29658a87de..1a1c31cf7fa 100644
--- a/source3/rpc_server/rpc_host.c
+++ b/source3/rpc_server/rpc_host.c
@@ -214,7 +214,6 @@ struct rpc_server_get_endpoints_state {
char **argl;
char *ncalrpc_endpoint;
enum dcerpc_transport_t only_transport;
- struct dcerpc_binding **existing_bindings;
struct rpc_host_iface_name *iface_names;
struct rpc_host_endpoint **endpoints;
@@ -235,7 +234,6 @@ static void rpc_server_get_endpoints_done(struct tevent_req *subreq);
* @param[in] ev Event context to run this on
* @param[in] rpc_server_exe Binary to ask with --list-interfaces
* @param[in] only_transport Filter out anything but this
- * @param[in] existing_bindings Filter out endpoints served by "samba"
* @return The tevent_req representing this process
*/
@@ -243,8 +241,7 @@ static struct tevent_req *rpc_server_get_endpoints_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
const char *rpc_server_exe,
- enum dcerpc_transport_t only_transport,
- struct dcerpc_binding **existing_bindings)
+ enum dcerpc_transport_t only_transport)
{
struct tevent_req *req = NULL, *subreq = NULL;
struct rpc_server_get_endpoints_state *state = NULL;
@@ -256,7 +253,6 @@ static struct tevent_req *rpc_server_get_endpoints_send(
return NULL;
}
state->only_transport = only_transport;
- state->existing_bindings = existing_bindings;
progname = strrchr(rpc_server_exe, '/');
if (progname != NULL) {
@@ -417,37 +413,17 @@ static bool dcerpc_binding_same_endpoint(
* In member mode, we only serve named pipes. Indicated by NCACN_NP
* passed in via "only_transport".
*
- * In AD mode, the "samba" process already serves many endpoints,
- * passed in via "existing_binding". Don't serve those from
- * samba-dcerpcd.
- *
* @param[in] binding Which binding is in question?
* @param[in] only_transport Exclusive transport to serve
- * @param[in] existing_bindings Endpoints served by "samba" already
* @return Do we want to serve "binding" from samba-dcerpcd?
*/
static bool rpc_host_serve_endpoint(
struct dcerpc_binding *binding,
- enum dcerpc_transport_t only_transport,
- struct dcerpc_binding **existing_bindings)
+ enum dcerpc_transport_t only_transport)
{
enum dcerpc_transport_t transport =
dcerpc_binding_get_transport(binding);
- size_t i, num_existing_bindings;
-
- num_existing_bindings = talloc_array_length(existing_bindings);
-
- for (i=0; i<num_existing_bindings; i++) {
- bool same = dcerpc_binding_same_endpoint(
- binding, existing_bindings[i]);
- if (same) {
- DBG_DEBUG("%s served by samba\n",
- dcerpc_binding_get_string_option(
- binding, "endpoint"));
- return false;
- }
- }
if (only_transport == NCA_UNKNOWN) {
/* no filter around */
@@ -486,7 +462,7 @@ static struct rpc_host_endpoint *rpc_host_endpoint_find(
}
serve_this = rpc_host_serve_endpoint(
- ep->binding, state->only_transport, state->existing_bindings);
+ ep->binding, state->only_transport);
if (!serve_this) {
goto fail;
}
@@ -1607,7 +1583,6 @@ static struct tevent_req *rpc_server_setup_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct rpc_host *host,
- struct dcerpc_binding **existing_bindings,
const char *rpc_server_exe)
{
struct tevent_req *req = NULL, *subreq = NULL;
@@ -1639,8 +1614,7 @@ static struct tevent_req *rpc_server_setup_send(
state,
ev,
rpc_server_exe,
- host->np_helper ? NCACN_NP : NCA_UNKNOWN,
- existing_bindings);
+ host->np_helper ? NCACN_NP : NCA_UNKNOWN);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
@@ -2344,7 +2318,6 @@ static struct tevent_req *rpc_host_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct messaging_context *msg_ctx,
- struct dcerpc_binding **existing_bindings,
char *servers,
int ready_signal_fd,
const char *daemon_ready_progname,
@@ -2465,7 +2438,6 @@ static struct tevent_req *rpc_host_send(
state,
ev,
host,
- existing_bindings,
exe);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
@@ -2648,117 +2620,6 @@ static int rpc_host_pidfile_create(
return EAGAIN;
}
-/*
- * Find which interfaces are already being served by the samba AD
- * DC so we know not to serve them. Some interfaces like netlogon
- * are served by "samba", some like srvsvc will be served by the
- * source3 based RPC servers.
- */
-static NTSTATUS rpc_host_epm_lookup(
- TALLOC_CTX *mem_ctx,
- struct dcerpc_binding ***pbindings)
-{
- struct rpc_pipe_client *cli = NULL;
- struct pipe_auth_data *auth = NULL;
- struct policy_handle entry_handle = { .handle_type = 0 };
- struct dcerpc_binding **bindings = NULL;
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
-
- status = rpc_pipe_open_ncalrpc(mem_ctx, &ndr_table_epmapper, &cli);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("rpc_pipe_open_ncalrpc failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
- status = rpccli_ncalrpc_bind_data(cli, &auth);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("rpccli_ncalrpc_bind_data failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
- status = rpc_pipe_bind(cli, auth);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("rpc_pipe_bind failed: %s\n", nt_errstr(status));
- goto fail;
- }
-
- for (;;) {
- size_t num_bindings = talloc_array_length(bindings);
- struct dcerpc_binding **tmp = NULL;
- uint32_t num_entries = 0;
- struct epm_entry_t *entry = NULL;
- struct dcerpc_binding *binding = NULL;
- uint32_t result;
-
- entry = talloc(cli, struct epm_entry_t);
- if (entry == NULL) {
- goto fail;
- }
-
- status = dcerpc_epm_Lookup(
- cli->binding_handle, /* binding_handle */
- cli, /* mem_ctx */
- 0, /* rpc_c_ep_all */
- NULL, /* object */
- NULL, /* interface id */
- 0, /* rpc_c_vers_all */
- &entry_handle, /* entry_handle */
- 1, /* max_ents */
- &num_entries, /* num_ents */
- entry, /* entries */
- &result); /* result */
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("dcerpc_epm_Lookup failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
-
- if (result == EPMAPPER_STATUS_NO_MORE_ENTRIES) {
- break;
- }
-
- if (result != EPMAPPER_STATUS_OK) {
- DBG_DEBUG("dcerpc_epm_Lookup returned %"PRIu32"\n",
- result);
- break;
- }
-
- if (num_entries != 1) {
- DBG_DEBUG("epm_Lookup returned %"PRIu32" "
- "entries, expected one\n",
- num_entries);
- break;
- }
-
- status = dcerpc_binding_from_tower(
- mem_ctx, &entry->tower->tower, &binding);
- if (!NT_STATUS_IS_OK(status)) {
- break;
- }
-
- tmp = talloc_realloc(
- mem_ctx,
- bindings,
- struct dcerpc_binding *,
- num_bindings+1);
- if (tmp == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
- bindings = tmp;
-
- bindings[num_bindings] = talloc_move(bindings, &binding);
-
- TALLOC_FREE(entry);
- }
-
- *pbindings = bindings;
- status = NT_STATUS_OK;
-fail:
- TALLOC_FREE(cli);
- return status;
-}
-
static void samba_dcerpcd_stdin_handler(
struct tevent_context *ev,
struct tevent_fd *fde,
@@ -2788,7 +2649,6 @@ int main(int argc, const char *argv[])
struct tevent_context *ev_ctx = NULL;
struct messaging_context *msg_ctx = NULL;
struct tevent_req *req = NULL;
- struct dcerpc_binding **existing_bindings = NULL;
char *servers = NULL;
const char *arg = NULL;
size_t num_servers;
@@ -2995,11 +2855,6 @@ int main(int argc, const char *argv[])
exit(1);
}
- status = rpc_host_epm_lookup(frame, &existing_bindings);
- DBG_DEBUG("rpc_host_epm_lookup returned %s, %zu bindings\n",
- nt_errstr(status),
- talloc_array_length(existing_bindings));
-
ret = rpc_host_pidfile_create(msg_ctx, progname, ready_signal_fd);
if (ret != 0) {
DBG_DEBUG("rpc_host_pidfile_create failed: %s\n",
@@ -3013,7 +2868,6 @@ int main(int argc, const char *argv[])
ev_ctx,
ev_ctx,
msg_ctx,
- existing_bindings,
servers,
ready_signal_fd,
cmdline_daemon_cfg->fork ? NULL : progname,
diff --git a/source3/rpc_server/rpcd_classic.c b/source3/rpc_server/rpcd_classic.c
index 4f6164c814c..8494af575ec 100644
--- a/source3/rpc_server/rpcd_classic.c
+++ b/source3/rpc_server/rpcd_classic.c
@@ -42,14 +42,34 @@ static size_t classic_interfaces(
static const struct ndr_interface_table *ifaces[] = {
&ndr_table_srvsvc,
&ndr_table_netdfs,
- &ndr_table_wkssvc,
+ &ndr_table_initshutdown,
&ndr_table_svcctl,
&ndr_table_ntsvcs,
&ndr_table_eventlog,
- &ndr_table_initshutdown,
+ /*
+ * This last item is truncated from the list by the
+ * num_ifaces -= 1 below. Take care when adding new
+ * services.
+ */
+ &ndr_table_wkssvc,
};
+ size_t num_ifaces = ARRAY_SIZE(ifaces);
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC wkssvc is provided by the 'samba'
+ * binary from source4/
+ */
+ num_ifaces -= 1;
+ break;
+ default:
+ break;
+ }
+
*pifaces = ifaces;
- return ARRAY_SIZE(ifaces);
+ return num_ifaces;
+
}
static size_t classic_servers(
@@ -58,15 +78,28 @@ static size_t classic_servers(
void *private_data)
{
static const struct dcesrv_endpoint_server *ep_servers[7] = { NULL };
+ size_t num_servers = ARRAY_SIZE(ep_servers);
bool ok;
ep_servers[0] = srvsvc_get_ep_server();
ep_servers[1] = netdfs_get_ep_server();
- ep_servers[2] = wkssvc_get_ep_server();
+ ep_servers[2] = initshutdown_get_ep_server();
ep_servers[3] = svcctl_get_ep_server();
ep_servers[4] = ntsvcs_get_ep_server();
ep_servers[5] = eventlog_get_ep_server();
- ep_servers[6] = initshutdown_get_ep_server();
+ ep_servers[6] = wkssvc_get_ep_server();
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC wkssvc is provided by the 'samba'
+ * binary from source4/
+ */
+ num_servers -= 1;
+ break;
+ default:
+ break;
+ }
ok = secrets_init();
if (!ok) {
@@ -85,7 +118,7 @@ static size_t classic_servers(
mangle_reset_cache();
*_ep_servers = ep_servers;
- return ARRAY_SIZE(ep_servers);
+ return num_servers;
}
int main(int argc, const char *argv[])
diff --git a/source3/rpc_server/rpcd_epmapper.c b/source3/rpc_server/rpcd_epmapper.c
index 950ba7ec12a..455179ccfba 100644
--- a/source3/rpc_server/rpcd_epmapper.c
+++ b/source3/rpc_server/rpcd_epmapper.c
@@ -19,6 +19,8 @@
#include "rpc_worker.h"
#include "librpc/gen_ndr/ndr_epmapper.h"
#include "librpc/gen_ndr/ndr_epmapper_scompat.h"
+#include "param/loadparm.h"
+#include "libds/common/roles.h"
static size_t epmapper_interfaces(
const struct ndr_interface_table ***pifaces,
@@ -27,8 +29,22 @@ static size_t epmapper_interfaces(
static const struct ndr_interface_table *ifaces[] = {
&ndr_table_epmapper,
};
+ size_t num_ifaces = ARRAY_SIZE(ifaces);
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC epmapper is provided by the 'samba'
+ * binary from source4/
+ */
+ num_ifaces = 0;
+ break;
+ default:
+ break;
+ }
+
*pifaces = ifaces;
- return ARRAY_SIZE(ifaces);
+ return num_ifaces;
}
static size_t epmapper_servers(
@@ -37,11 +53,24 @@ static size_t epmapper_servers(
void *private_data)
{
static const struct dcesrv_endpoint_server *ep_servers[] = { NULL };
+ size_t num_servers = ARRAY_SIZE(ep_servers);
ep_servers[0] = epmapper_get_ep_server();
--
Samba Shared Repository
More information about the samba-cvs
mailing list