[SCM] Samba Shared Repository - branch v4-19-test updated
Jule Anger
janger at samba.org
Tue Oct 10 15:59:25 UTC 2023
The branch, v4-19-test has been updated
via 6d875c29c3c VERSION: Bump version up to Samba 4.19.2...
via fe7adbfc2d1 Merge branch 'v4-19-stable' into v4-19-test
via 6872b662d0d Merge tag 'samba-4.19.1' into v4-19-stable
via d9e90993b40 VERSION: Disable GIT_SNAPSHOT for the 4.19.1 release.
via a4bdbfef0f0 WHATSNEW: Add release notes for Samba 4.19.1.
via 81b816c6489 CVE-2023-42670 s3-rpc_server: Remove cross-check with "samba" EPM lookup
via 338021c79ad CVE-2023-42670 s3-rpc_server: Strictly refuse to start RPC servers in conflict with AD DC
via 2cb41dd7c57 CVE-2023-42669 s3-rpc_server: Disable rpcecho for consistency with the AD DC
via 5609c68aa51 CVE-2023-42669 s4-rpc_server: Disable rpcecho server by default
via 1b321f4424a CVE-2023-4154: Unimplement the original DirSync behaviour without LDAP_DIRSYNC_OBJECT_SECURITY
via b55e2c328cd CVE-2023-4154 dsdb/tests: Extend attribute read DirSync tests
via c443a222ba7 CVE-2023-4154 dsdb/tests: Add test for SEARCH_FLAG_RODC_ATTRIBUTE behaviour
via 93424793e59 CVE-2023-4154 dsdb/tests: Speed up DirSync test by only checking positive matches once
via f7d30cf9df4 CVE-2023-4154 dsdb/tests: Check that secret attributes are not visible with DirSync ever.
via ad11a871806 CVE-2023-4154 dsdb/tests: Force the test attribute to be not-confidential at the start
via b398d8af51b CVE-2023-4154 dsdb/tests: Use self.addCleanup() and delete_force()
via c04ec1a2f7c CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests twice
via 52c633afa88 CVE-2023-4154 s4:dsdb:tests: Fix code spelling
via 9cd1ad18af0 CVE-2023-4091: smbd: use open_access_mask for access check in open_file()
via 2761477b76c CVE-2023-4091: smbtorture: test overwrite dispositions on read-only file
via 456a758f10c CVE-2023-3961:s3: smbd: Remove the SMB_ASSERT() that crashes on bad pipenames.
via 44d59c380af CVE-2023-3961:s3:torture: Add test SMB2-INVALID-PIPENAME to show we allow bad pipenames with unix separators through to the UNIX domain socket code.
via 67c6778534d CVE-2023-3961:s3:smbd: Catch any incoming pipe path that could exit socket_dir.
via cb9c352457e VERSION: Bump version up to Samba 4.19.1...
via 3e6d7e10b44 CVE-2023-42670 s3-rpc_server: Remove cross-check with "samba" EPM lookup
via 06a434bcc31 CVE-2023-42670 s3-rpc_server: Strictly refuse to start RPC servers in conflict with AD DC
via 88542d6d77d CVE-2023-42669 s3-rpc_server: Disable rpcecho for consistency with the AD DC
via 5eeba465a0e CVE-2023-42669 s4-rpc_server: Disable rpcecho server by default
via 72248a51335 CVE-2023-4154: Unimplement the original DirSync behaviour without LDAP_DIRSYNC_OBJECT_SECURITY
via 56c13448d21 CVE-2023-4154 dsdb/tests: Extend attribute read DirSync tests
via f70bdb46f85 CVE-2023-4154 dsdb/tests: Add test for SEARCH_FLAG_RODC_ATTRIBUTE behaviour
via 1eca806c13f CVE-2023-4154 dsdb/tests: Speed up DirSync test by only checking positive matches once
via e9cbf161261 CVE-2023-4154 dsdb/tests: Check that secret attributes are not visible with DirSync ever.
via e46a30aa1d2 CVE-2023-4154 dsdb/tests: Force the test attribute to be not-confidential at the start
via c284a9229c0 CVE-2023-4154 dsdb/tests: Use self.addCleanup() and delete_force()
via 937e50b1d67 CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests twice
via 05c370c4698 CVE-2023-4154 s4:dsdb:tests: Fix code spelling
via 6b6495c7125 CVE-2023-4091: smbd: use open_access_mask for access check in open_file()
via 2ff6cbcd3ac CVE-2023-4091: smbtorture: test overwrite dispositions on read-only file
via f17abf9c4a7 CVE-2023-3961:s3: smbd: Remove the SMB_ASSERT() that crashes on bad pipenames.
via 45d584532f8 CVE-2023-3961:s3:torture: Add test SMB2-INVALID-PIPENAME to show we allow bad pipenames with unix separators through to the UNIX domain socket code.
via 5dab2cfde7e CVE-2023-3961:s3:smbd: Catch any incoming pipe path that could exit socket_dir.
from 79101588626 smbd: Fix BZ15481
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-19-test
- Log -----------------------------------------------------------------
commit 6d875c29c3c3db92b21d0dadecf73b39b57d5b0b
Author: Jule Anger <janger at samba.org>
Date: Tue Oct 10 17:56:21 2023 +0200
VERSION: Bump version up to Samba 4.19.2...
Signed-off-by: Jule Anger <janger at samba.org>
commit fe7adbfc2d1ac36392fa90b4433646ef604f485c
Merge: 79101588626 6872b662d0d
Author: Jule Anger <janger at samba.org>
Date: Tue Oct 10 17:46:38 2023 +0200
Merge branch 'v4-19-stable' into v4-19-test
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 72 ++++
.../smbdotconf/protocol/dcerpcendpointservers.xml | 2 +-
lib/param/loadparm.c | 2 +-
selftest/knownfail | 2 +-
selftest/knownfail.d/dirsync | 13 +
selftest/target/Samba4.pm | 2 +-
source3/param/loadparm.c | 2 +-
source3/rpc_client/local_np.c | 13 +
source3/rpc_server/rpc_host.c | 154 +------
source3/rpc_server/rpcd_classic.c | 45 +-
source3/rpc_server/rpcd_epmapper.c | 33 +-
source3/rpc_server/rpcd_lsad.c | 21 +
source3/rpc_server/rpcd_rpcecho.c | 33 +-
source3/rpc_server/wscript_build | 1 +
source3/selftest/tests.py | 14 +
source3/smbd/open.c | 4 +-
source3/torture/proto.h | 1 +
source3/torture/test_smb2.c | 107 +++++
source3/torture/torture.c | 4 +
source4/dsdb/samdb/ldb_modules/dirsync.c | 22 +-
source4/dsdb/tests/python/acl.py | 12 +-
.../dsdb/tests/python/ad_dc_search_performance.py | 2 +-
source4/dsdb/tests/python/confidential_attr.py | 63 ++-
source4/dsdb/tests/python/dirsync.py | 473 ++++++++++++++++++---
source4/dsdb/tests/python/ldap.py | 14 +-
source4/dsdb/tests/python/ldap_modify_order.py | 4 +-
source4/dsdb/tests/python/ldap_syntaxes.py | 4 +-
source4/dsdb/tests/python/login_basics.py | 2 +-
source4/dsdb/tests/python/password_settings.py | 4 +-
source4/dsdb/tests/python/passwords.py | 4 +-
source4/dsdb/tests/python/sam.py | 2 +-
source4/dsdb/tests/python/sec_descriptor.py | 14 +-
source4/dsdb/tests/python/token_group.py | 4 +-
source4/dsdb/tests/python/user_account_control.py | 2 +-
source4/rpc_server/wscript_build | 3 +-
source4/torture/smb2/acls.c | 143 +++++++
37 files changed, 1012 insertions(+), 287 deletions(-)
create mode 100644 selftest/knownfail.d/dirsync
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 76d9d83bfbd..5bcb1be14ba 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=19
-SAMBA_VERSION_RELEASE=1
+SAMBA_VERSION_RELEASE=2
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 439556605ca..f6f6fabd42f 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,75 @@
+ ==============================
+ Release Notes for Samba 4.19.1
+ October 10, 2023
+ ==============================
+
+
+This is a security release in order to address the following defects:
+
+
+o CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
+ existing unix domain sockets on the file system.
+ https://www.samba.org/samba/security/CVE-2023-3961.html
+
+o CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
+ OVERWRITE disposition when using the acl_xattr Samba VFS
+ module with the smb.conf setting
+ "acl_xattr:ignore system acls = yes"
+ https://www.samba.org/samba/security/CVE-2023-4091.html
+
+o CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
+ attributes, including secrets and passwords. Additionally,
+ the access check fails open on error conditions.
+ https://www.samba.org/samba/security/CVE-2023-4154.html
+
+o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
+ server block for a user-defined amount of time, denying
+ service.
+ https://www.samba.org/samba/security/CVE-2023-42669.html
+
+o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
+ listeners, disrupting service on the AD DC.
+ https://www.samba.org/samba/security/CVE-2023-42670.html
+
+
+Changes since 4.19.0
+--------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 15422: CVE-2023-3961.
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 15424: CVE-2023-4154.
+ * BUG 15473: CVE-2023-42670.
+ * BUG 15474: CVE-2023-42669.
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 15439: CVE-2023-4091.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
==============================
Release Notes for Samba 4.19.0
September 04, 2023
diff --git a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
index 8a217cc7f11..c6642b795fd 100644
--- a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
+++ b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
@@ -6,6 +6,6 @@
<para>Specifies which DCE/RPC endpoint servers should be run.</para>
</description>
-<value type="default">epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver</value>
+<value type="default">epmapper, wkssvc, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver</value>
<value type="example">rpcecho</value>
</samba:parameter>
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 447087911b5..02eef6929d0 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2730,7 +2730,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
lpcfg_do_global_parameter(lp_ctx, "ntvfs handler", "unixuid default");
lpcfg_do_global_parameter(lp_ctx, "max connections", "0");
- lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver");
+ lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper wkssvc samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver");
lpcfg_do_global_parameter(lp_ctx, "server services", "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns");
lpcfg_do_global_parameter(lp_ctx, "kccsrv:samba_kcc", "true");
/* the winbind method for domain controllers is for both RODC
diff --git a/selftest/knownfail b/selftest/knownfail
index 37c75d7ca33..4e34effbbd1 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -151,7 +151,7 @@
^samba4.smb2.acls.*.inheritflags
^samba4.smb2.acls.*.owner
^samba4.smb2.acls.*.ACCESSBASED
-^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.test_dirsync_deleted_items
+^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.SimpleDirsyncTests.test_dirsync_deleted_items_OBJECT_SECURITY
#^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.*
^samba4.libsmbclient.opendir.(NT1|SMB3).opendir # This requires netbios browsing
^samba4.rpc.drsuapi.*.drsuapi.DsGetDomainControllerInfo\(.*\)$
diff --git a/selftest/knownfail.d/dirsync b/selftest/knownfail.d/dirsync
new file mode 100644
index 00000000000..fcf4d469d6e
--- /dev/null
+++ b/selftest/knownfail.d/dirsync
@@ -0,0 +1,13 @@
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_OBJECT_SECURITY_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_unicodePwd_OBJ_SEC_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_unicodePwd_with_GET_CHANGES_OBJ_SEC_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_unicodePwd_with_GET_CHANGES_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_with_GET_CHANGES_OBJECT_SECURITY_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_with_GET_CHANGES\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_OBJECT_SECURITY_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_OBJECT_SECURITY_with_GET_CHANGES_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_with_GET_CHANGES_attr\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_with_GET_CHANGES_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.FilteredDirsyncTests.test_dirsync_with_GET_CHANGES\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.FilteredDirsyncTests.test_dirsync_with_GET_CHANGES_attr\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.FilteredDirsyncTests.test_dirsync_with_GET_CHANGES_insist_on_empty_element\(.*\)
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 0bd77e906d5..a10c1313322 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -783,7 +783,7 @@ sub provision_raw_step1($$)
wins support = yes
server role = $ctx->{server_role}
server services = +echo $services
- dcerpc endpoint servers = +winreg +srvsvc
+ dcerpc endpoint servers = +winreg +srvsvc +rpcecho
notify:inotify = false
ldb:nosync = true
ldap server require strong auth = yes
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 68e20729661..306528d95b3 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -883,7 +883,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
- Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
+ Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
Globals.tls_enabled = true;
Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE;
diff --git a/source3/rpc_client/local_np.c b/source3/rpc_client/local_np.c
index 0b323404f06..791ded99a47 100644
--- a/source3/rpc_client/local_np.c
+++ b/source3/rpc_client/local_np.c
@@ -542,6 +542,19 @@ struct tevent_req *local_np_connect_send(
return tevent_req_post(req, ev);
}
+ /*
+ * Ensure we cannot process a path that exits
+ * the socket_dir.
+ */
+ if (ISDOTDOT(lower_case_pipename) ||
+ (strchr(lower_case_pipename, '/')!=NULL))
+ {
+ DBG_DEBUG("attempt to connect to invalid pipe pathname %s\n",
+ lower_case_pipename);
+ tevent_req_error(req, ENOENT);
+ return tevent_req_post(req, ev);
+ }
+
state->socketpath = talloc_asprintf(
state, "%s/np/%s", socket_dir, lower_case_pipename);
if (tevent_req_nomem(state->socketpath, req)) {
diff --git a/source3/rpc_server/rpc_host.c b/source3/rpc_server/rpc_host.c
index 2b9f05c1af3..1cb874569e2 100644
--- a/source3/rpc_server/rpc_host.c
+++ b/source3/rpc_server/rpc_host.c
@@ -214,7 +214,6 @@ struct rpc_server_get_endpoints_state {
char **argl;
char *ncalrpc_endpoint;
enum dcerpc_transport_t only_transport;
- struct dcerpc_binding **existing_bindings;
struct rpc_host_iface_name *iface_names;
struct rpc_host_endpoint **endpoints;
@@ -235,7 +234,6 @@ static void rpc_server_get_endpoints_done(struct tevent_req *subreq);
* @param[in] ev Event context to run this on
* @param[in] rpc_server_exe Binary to ask with --list-interfaces
* @param[in] only_transport Filter out anything but this
- * @param[in] existing_bindings Filter out endpoints served by "samba"
* @return The tevent_req representing this process
*/
@@ -243,8 +241,7 @@ static struct tevent_req *rpc_server_get_endpoints_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
const char *rpc_server_exe,
- enum dcerpc_transport_t only_transport,
- struct dcerpc_binding **existing_bindings)
+ enum dcerpc_transport_t only_transport)
{
struct tevent_req *req = NULL, *subreq = NULL;
struct rpc_server_get_endpoints_state *state = NULL;
@@ -256,7 +253,6 @@ static struct tevent_req *rpc_server_get_endpoints_send(
return NULL;
}
state->only_transport = only_transport;
- state->existing_bindings = existing_bindings;
progname = strrchr(rpc_server_exe, '/');
if (progname != NULL) {
@@ -417,37 +413,17 @@ static bool dcerpc_binding_same_endpoint(
* In member mode, we only serve named pipes. Indicated by NCACN_NP
* passed in via "only_transport".
*
- * In AD mode, the "samba" process already serves many endpoints,
- * passed in via "existing_binding". Don't serve those from
- * samba-dcerpcd.
- *
* @param[in] binding Which binding is in question?
* @param[in] only_transport Exclusive transport to serve
- * @param[in] existing_bindings Endpoints served by "samba" already
* @return Do we want to serve "binding" from samba-dcerpcd?
*/
static bool rpc_host_serve_endpoint(
struct dcerpc_binding *binding,
- enum dcerpc_transport_t only_transport,
- struct dcerpc_binding **existing_bindings)
+ enum dcerpc_transport_t only_transport)
{
enum dcerpc_transport_t transport =
dcerpc_binding_get_transport(binding);
- size_t i, num_existing_bindings;
-
- num_existing_bindings = talloc_array_length(existing_bindings);
-
- for (i=0; i<num_existing_bindings; i++) {
- bool same = dcerpc_binding_same_endpoint(
- binding, existing_bindings[i]);
- if (same) {
- DBG_DEBUG("%s served by samba\n",
- dcerpc_binding_get_string_option(
- binding, "endpoint"));
- return false;
- }
- }
if (only_transport == NCA_UNKNOWN) {
/* no filter around */
@@ -486,7 +462,7 @@ static struct rpc_host_endpoint *rpc_host_endpoint_find(
}
serve_this = rpc_host_serve_endpoint(
- ep->binding, state->only_transport, state->existing_bindings);
+ ep->binding, state->only_transport);
if (!serve_this) {
goto fail;
}
@@ -1607,7 +1583,6 @@ static struct tevent_req *rpc_server_setup_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct rpc_host *host,
- struct dcerpc_binding **existing_bindings,
const char *rpc_server_exe)
{
struct tevent_req *req = NULL, *subreq = NULL;
@@ -1639,8 +1614,7 @@ static struct tevent_req *rpc_server_setup_send(
state,
ev,
rpc_server_exe,
- host->np_helper ? NCACN_NP : NCA_UNKNOWN,
- existing_bindings);
+ host->np_helper ? NCACN_NP : NCA_UNKNOWN);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
@@ -2344,7 +2318,6 @@ static struct tevent_req *rpc_host_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct messaging_context *msg_ctx,
- struct dcerpc_binding **existing_bindings,
char *servers,
int ready_signal_fd,
const char *daemon_ready_progname,
@@ -2465,7 +2438,6 @@ static struct tevent_req *rpc_host_send(
state,
ev,
host,
- existing_bindings,
exe);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
@@ -2648,117 +2620,6 @@ static int rpc_host_pidfile_create(
return EAGAIN;
}
-/*
- * Find which interfaces are already being served by the samba AD
- * DC so we know not to serve them. Some interfaces like netlogon
- * are served by "samba", some like srvsvc will be served by the
- * source3 based RPC servers.
- */
-static NTSTATUS rpc_host_epm_lookup(
- TALLOC_CTX *mem_ctx,
- struct dcerpc_binding ***pbindings)
-{
- struct rpc_pipe_client *cli = NULL;
- struct pipe_auth_data *auth = NULL;
- struct policy_handle entry_handle = { .handle_type = 0 };
- struct dcerpc_binding **bindings = NULL;
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
-
- status = rpc_pipe_open_ncalrpc(mem_ctx, &ndr_table_epmapper, &cli);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("rpc_pipe_open_ncalrpc failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
- status = rpccli_ncalrpc_bind_data(cli, &auth);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("rpccli_ncalrpc_bind_data failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
- status = rpc_pipe_bind(cli, auth);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("rpc_pipe_bind failed: %s\n", nt_errstr(status));
- goto fail;
- }
-
- for (;;) {
- size_t num_bindings = talloc_array_length(bindings);
- struct dcerpc_binding **tmp = NULL;
- uint32_t num_entries = 0;
- struct epm_entry_t *entry = NULL;
- struct dcerpc_binding *binding = NULL;
- uint32_t result;
-
- entry = talloc(cli, struct epm_entry_t);
- if (entry == NULL) {
- goto fail;
- }
-
- status = dcerpc_epm_Lookup(
- cli->binding_handle, /* binding_handle */
- cli, /* mem_ctx */
- 0, /* rpc_c_ep_all */
- NULL, /* object */
- NULL, /* interface id */
- 0, /* rpc_c_vers_all */
- &entry_handle, /* entry_handle */
- 1, /* max_ents */
- &num_entries, /* num_ents */
- entry, /* entries */
- &result); /* result */
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("dcerpc_epm_Lookup failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
-
- if (result == EPMAPPER_STATUS_NO_MORE_ENTRIES) {
- break;
- }
-
- if (result != EPMAPPER_STATUS_OK) {
- DBG_DEBUG("dcerpc_epm_Lookup returned %"PRIu32"\n",
- result);
- break;
- }
-
- if (num_entries != 1) {
- DBG_DEBUG("epm_Lookup returned %"PRIu32" "
- "entries, expected one\n",
- num_entries);
- break;
- }
-
- status = dcerpc_binding_from_tower(
- mem_ctx, &entry->tower->tower, &binding);
- if (!NT_STATUS_IS_OK(status)) {
- break;
- }
-
- tmp = talloc_realloc(
- mem_ctx,
- bindings,
- struct dcerpc_binding *,
- num_bindings+1);
- if (tmp == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
- bindings = tmp;
-
- bindings[num_bindings] = talloc_move(bindings, &binding);
-
- TALLOC_FREE(entry);
- }
-
- *pbindings = bindings;
- status = NT_STATUS_OK;
-fail:
- TALLOC_FREE(cli);
- return status;
-}
-
static void samba_dcerpcd_stdin_handler(
struct tevent_context *ev,
struct tevent_fd *fde,
@@ -2788,7 +2649,6 @@ int main(int argc, const char *argv[])
struct tevent_context *ev_ctx = NULL;
struct messaging_context *msg_ctx = NULL;
struct tevent_req *req = NULL;
- struct dcerpc_binding **existing_bindings = NULL;
char *servers = NULL;
const char *arg = NULL;
size_t num_servers;
@@ -2995,11 +2855,6 @@ int main(int argc, const char *argv[])
exit(1);
}
- status = rpc_host_epm_lookup(frame, &existing_bindings);
- DBG_DEBUG("rpc_host_epm_lookup returned %s, %zu bindings\n",
- nt_errstr(status),
- talloc_array_length(existing_bindings));
-
ret = rpc_host_pidfile_create(msg_ctx, progname, ready_signal_fd);
if (ret != 0) {
DBG_DEBUG("rpc_host_pidfile_create failed: %s\n",
@@ -3013,7 +2868,6 @@ int main(int argc, const char *argv[])
ev_ctx,
ev_ctx,
msg_ctx,
- existing_bindings,
servers,
ready_signal_fd,
cmdline_daemon_cfg->fork ? NULL : progname,
diff --git a/source3/rpc_server/rpcd_classic.c b/source3/rpc_server/rpcd_classic.c
index 4f6164c814c..8494af575ec 100644
--- a/source3/rpc_server/rpcd_classic.c
+++ b/source3/rpc_server/rpcd_classic.c
@@ -42,14 +42,34 @@ static size_t classic_interfaces(
static const struct ndr_interface_table *ifaces[] = {
&ndr_table_srvsvc,
&ndr_table_netdfs,
- &ndr_table_wkssvc,
+ &ndr_table_initshutdown,
&ndr_table_svcctl,
&ndr_table_ntsvcs,
&ndr_table_eventlog,
- &ndr_table_initshutdown,
+ /*
+ * This last item is truncated from the list by the
+ * num_ifaces -= 1 below. Take care when adding new
+ * services.
+ */
+ &ndr_table_wkssvc,
};
+ size_t num_ifaces = ARRAY_SIZE(ifaces);
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC wkssvc is provided by the 'samba'
+ * binary from source4/
+ */
+ num_ifaces -= 1;
+ break;
+ default:
+ break;
+ }
--
Samba Shared Repository
More information about the samba-cvs
mailing list