[SCM] Samba Shared Repository - branch master updated
Ralph Böhme
slow at samba.org
Fri Oct 25 09:05:02 UTC 2024
The branch, master has been updated
via 0e08e63ae8b cldap: Save a few lines in cldap_netlogon
via 5619633c9ed cldap: Simplify cldap_netlogon with tevent_req_poll_ntstatus
via e1f582965ba idl: nbt.idl references NTTIME
via 733d4609844 libads: Modernize DEBUGs
via 544278a3307 net_ads: Fix indentation in net_ads_cldap_netlogon_json
via 9e2b1c5f571 libads: Simplify get_kdc_ip_string with talloc_asprintf_addbuf
via a6389e14be3 libads: Init a variable to NULL
via 4d3c339c825 libads: Simplify cldap_multi_netlogon_send()
via 4b4bc70c3a3 nmbd: Remove the "nmbd proxy logon" feature
from c52244b7e0a s3:libsmb: Make parse_node_status() more robust
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 0e08e63ae8bf4507779d6109e7f55da9d716053f
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 24 13:59:42 2024 +0200
cldap: Save a few lines in cldap_netlogon
Follow recent convention to write sync wrappers
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Fri Oct 25 09:04:11 UTC 2024 on atb-devel-224
commit 5619633c9edcd496e4e343c20b0982a9ae753992
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 24 13:58:04 2024 +0200
cldap: Simplify cldap_netlogon with tevent_req_poll_ntstatus
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit e1f582965ba59a1ceb2e67a4b347505515f3e406
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 24 13:51:49 2024 +0200
idl: nbt.idl references NTTIME
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 733d4609844a1c26efca88fbfcfb737e94129990
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 24 12:10:42 2024 +0200
libads: Modernize DEBUGs
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 544278a3307414de4bd39735bfa0ea6d84350556
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 24 11:51:41 2024 +0200
net_ads: Fix indentation in net_ads_cldap_netlogon_json
This was not easy to read
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 9e2b1c5f5710517296203314fe9d6e59274beb25
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 24 11:37:55 2024 +0200
libads: Simplify get_kdc_ip_string with talloc_asprintf_addbuf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit a6389e14be3fd95c7e44319085b2969910b605e9
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 24 11:19:09 2024 +0200
libads: Init a variable to NULL
README.Coding
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 4d3c339c8259fd94c4aa7c1f30b5ad1a900832f3
Author: Volker Lendecke <vl at samba.org>
Date: Tue Oct 22 13:43:23 2024 +0200
libads: Simplify cldap_multi_netlogon_send()
Save a few lines with a struct initialization
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 4b4bc70c3a376557175cb4e74761b63e79c5055d
Author: Volker Lendecke <vl at samba.org>
Date: Thu Oct 24 13:43:09 2024 +0200
nmbd: Remove the "nmbd proxy logon" feature
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 3 +
libcli/cldap/cldap.c | 24 ++--
librpc/idl/nbt.idl | 1 +
source3/libads/cldap.c | 26 ++---
source3/libads/kerberos.c | 26 ++---
source3/nmbd/nmbd.c | 5 -
source3/nmbd/nmbd_processlogon.c | 234 ---------------------------------------
source3/nmbd/nmbd_proto.h | 2 -
source3/utils/net_ads.c | 11 +-
9 files changed, 37 insertions(+), 295 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index d034ce2ec84..a8933e08ef0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -20,6 +20,9 @@ NEW FEATURES/CHANGES
REMOVED FEATURES
================
+The "nmbd proxy logon" feature was removed. This was used before
+Samba4 acquired a NBT server.
+
smb.conf changes
================
diff --git a/libcli/cldap/cldap.c b/libcli/cldap/cldap.c
index 8176946e8b5..022bb2bfa21 100644
--- a/libcli/cldap/cldap.c
+++ b/libcli/cldap/cldap.c
@@ -1069,7 +1069,7 @@ NTSTATUS cldap_netlogon(struct cldap_socket *cldap,
TALLOC_CTX *frame;
struct tevent_req *req;
struct tevent_context *ev;
- NTSTATUS status;
+ NTSTATUS status = NT_STATUS_NO_MEMORY;
if (cldap->searches.list) {
return NT_STATUS_PIPE_BUSY;
@@ -1083,30 +1083,22 @@ NTSTATUS cldap_netlogon(struct cldap_socket *cldap,
ev = samba_tevent_context_init(frame);
if (ev == NULL) {
- TALLOC_FREE(frame);
- return NT_STATUS_NO_MEMORY;
+ goto done;
}
-
req = cldap_netlogon_send(mem_ctx, ev, cldap, io);
if (req == NULL) {
- TALLOC_FREE(frame);
- return NT_STATUS_NO_MEMORY;
+ goto done;
}
-
- if (!tevent_req_poll(req, ev)) {
- status = map_nt_error_from_unix_common(errno);
- TALLOC_FREE(frame);
- return status;
+ if (!tevent_req_poll_ntstatus(req, ev, &status)) {
+ goto done;
}
-
status = cldap_netlogon_recv(req, mem_ctx, io);
if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(frame);
- return status;
+ goto done;
}
-
+done:
TALLOC_FREE(frame);
- return NT_STATUS_OK;
+ return status;
}
diff --git a/librpc/idl/nbt.idl b/librpc/idl/nbt.idl
index 46be2eae7e2..29e733a7b8c 100644
--- a/librpc/idl/nbt.idl
+++ b/librpc/idl/nbt.idl
@@ -11,6 +11,7 @@
import "misc.idl", "security.idl";
[
helper("../librpc/ndr/ndr_nbt.h"),
+ headerhelper("lib/util/time.h"),
helpstring("NBT messages"),
uuid("6def41b6-86e4-4c32-997c-ed33af7bcd8e")
]
diff --git a/source3/libads/cldap.c b/source3/libads/cldap.c
index 56c2537ffa9..688fa759f94 100644
--- a/source3/libads/cldap.c
+++ b/source3/libads/cldap.c
@@ -157,9 +157,9 @@ struct tevent_req *cldap_multi_netlogon_send(
return tevent_req_post(req, ev);
}
- state->ios = talloc_zero_array(state->responses,
- struct cldap_netlogon,
- num_servers);
+ state->ios = talloc_array(state->responses,
+ struct cldap_netlogon,
+ num_servers);
if (tevent_req_nomem(state->ios, req)) {
return tevent_req_post(req, ev);
}
@@ -188,16 +188,8 @@ struct tevent_req *cldap_multi_netlogon_send(
nt_errstr(status));
}
- state->ios[i].in.dest_address = NULL;
- state->ios[i].in.dest_port = 0;
- state->ios[i].in.realm = domain;
- state->ios[i].in.host = NULL;
- state->ios[i].in.user = NULL;
- state->ios[i].in.domain_guid = NULL;
- state->ios[i].in.domain_sid = NULL;
- state->ios[i].in.acct_control = 0;
- state->ios[i].in.version = ntversion;
- state->ios[i].in.map_response = false;
+ state->ios[i] = (struct cldap_netlogon){
+ .in.realm = domain, .in.version = ntversion};
}
for (i=0; i<min_servers; i++) {
@@ -236,7 +228,7 @@ static void cldap_multi_netlogon_done(struct tevent_req *subreq)
struct cldap_multi_netlogon_state *state = tevent_req_data(
req, struct cldap_multi_netlogon_state);
NTSTATUS status;
- struct netlogon_samlogon_response *response;
+ struct netlogon_samlogon_response *response = NULL;
int i;
for (i=0; i<state->num_sent; i++) {
@@ -409,12 +401,12 @@ bool ads_cldap_netlogon(TALLOC_CTX *mem_ctx,
timeval_current_ofs(MAX(3,lp_ldap_timeout()/2), 0),
&responses);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(2, ("ads_cldap_netlogon: cldap_multi_netlogon "
- "failed: %s\n", nt_errstr(status)));
+ DBG_NOTICE("cldap_multi_netlogon failed: %s\n",
+ nt_errstr(status));
return false;
}
if (responses == NULL || responses[0] == NULL) {
- DEBUG(2, ("ads_cldap_netlogon: did not get a reply\n"));
+ DBG_NOTICE("did not get a reply\n");
TALLOC_FREE(responses);
return false;
}
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 72ce5b7bb34..291cb7b1e01 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -445,18 +445,17 @@ static char *get_kdc_ip_string(char *mem_ctx,
char *kdc_str = NULL;
char *canon_sockaddr = NULL;
+ kdc_str = talloc_strdup(frame, "");
+
if (pss != NULL) {
canon_sockaddr = print_canonical_sockaddr_with_port(frame, pss);
if (canon_sockaddr == NULL) {
goto out;
}
- kdc_str = talloc_asprintf(frame,
- "\t\tkdc = %s\n",
- canon_sockaddr);
- if (kdc_str == NULL) {
- goto out;
- }
+ talloc_asprintf_addbuf(&kdc_str,
+ "\t\tkdc = %s\n",
+ canon_sockaddr);
ok = sockaddr_storage_to_samba_sockaddr(&sa, pss);
if (!ok) {
@@ -579,22 +578,15 @@ static char *get_kdc_ip_string(char *mem_ctx,
}
for (i=0; i<num_dcs; i++) {
- char *new_kdc_str;
-
if (responses[i] == NULL) {
continue;
}
/* Append to the string - inefficient but not done often. */
- new_kdc_str = talloc_asprintf_append(
- kdc_str,
- "\t\tkdc = %s\n",
- print_canonical_sockaddr_with_port(
- mem_ctx, &dc_addrs[i]));
- if (new_kdc_str == NULL) {
- goto out;
- }
- kdc_str = new_kdc_str;
+ talloc_asprintf_addbuf(&kdc_str,
+ "\t\tkdc = %s\n",
+ print_canonical_sockaddr_with_port(
+ mem_ctx, &dc_addrs[i]));
}
result = talloc_move(mem_ctx, &kdc_str);
diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c
index 4bdf4b25560..fc8bd6c8078 100644
--- a/source3/nmbd/nmbd.c
+++ b/source3/nmbd/nmbd.c
@@ -1069,11 +1069,6 @@ static bool open_sockets(bool isdaemon, int port)
exit_daemon( "NMBD failed when creating my workgroup.", EACCES);
}
- if (!initialize_nmbd_proxy_logon()) {
- kill_async_dns_child();
- exit_daemon( "NMBD failed to setup nmbd_proxy_logon.", EACCES);
- }
-
if (!nmbd_init_packet_server()) {
kill_async_dns_child();
exit_daemon( "NMBD failed to setup packet server.", EACCES);
diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c
index 3e8628967c8..955afaf149a 100644
--- a/source3/nmbd/nmbd_processlogon.c
+++ b/source3/nmbd/nmbd_processlogon.c
@@ -71,234 +71,6 @@ static void delayed_init_logon_handler(struct tevent_context *event_ctx,
TALLOC_FREE(te);
}
-struct nmbd_proxy_logon_context {
- struct cldap_socket *cldap_sock;
-};
-
-static struct nmbd_proxy_logon_context *global_nmbd_proxy_logon;
-
-bool initialize_nmbd_proxy_logon(void)
-{
- const char *cldap_server = lp_parm_const_string(-1, "nmbd_proxy_logon",
- "cldap_server", NULL);
- struct nmbd_proxy_logon_context *ctx;
- NTSTATUS status;
- struct in_addr addr;
- char addrstr[INET_ADDRSTRLEN];
- const char *server_str;
- int ret;
- struct tsocket_address *server_addr;
-
- if (!cldap_server) {
- return true;
- }
-
- addr = interpret_addr2(cldap_server);
- server_str = inet_ntop(AF_INET, &addr,
- addrstr, sizeof(addrstr));
- if (!server_str || strcmp("0.0.0.0", server_str) == 0) {
- DEBUG(0,("Failed to resolve[%s] for nmbd_proxy_logon\n",
- cldap_server));
- return false;
- }
-
- ctx = talloc_zero(nmbd_event_context(),
- struct nmbd_proxy_logon_context);
- if (!ctx) {
- return false;
- }
-
- ret = tsocket_address_inet_from_strings(ctx, "ipv4",
- server_str, LDAP_PORT,
- &server_addr);
- if (ret != 0) {
- TALLOC_FREE(ctx);
- status = map_nt_error_from_unix(errno);
- DEBUG(0,("Failed to create cldap tsocket_address for %s - %s\n",
- server_str, nt_errstr(status)));
- return false;
- }
-
- /* we create a connected udp socket */
- status = cldap_socket_init(ctx, NULL, server_addr, &ctx->cldap_sock);
- TALLOC_FREE(server_addr);
- if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(ctx);
- DEBUG(0,("failed to create cldap socket for %s: %s\n",
- server_str, nt_errstr(status)));
- return false;
- }
-
- global_nmbd_proxy_logon = ctx;
- return true;
-}
-
-struct nmbd_proxy_logon_state {
- struct in_addr local_ip;
- struct packet_struct *p;
- const char *remote_name;
- uint8_t remote_name_type;
- const char *remote_mailslot;
- struct nbt_netlogon_packet req;
- struct nbt_netlogon_response resp;
- struct cldap_netlogon io;
-};
-
-static int nmbd_proxy_logon_state_destructor(struct nmbd_proxy_logon_state *s)
-{
- s->p->locked = false;
- free_packet(s->p);
- return 0;
-}
-
-static void nmbd_proxy_logon_done(struct tevent_req *subreq);
-
-static void nmbd_proxy_logon(struct nmbd_proxy_logon_context *ctx,
- struct in_addr local_ip,
- struct packet_struct *p,
- const uint8_t *buf,
- uint32_t len)
-{
- struct nmbd_proxy_logon_state *state;
- enum ndr_err_code ndr_err;
- DATA_BLOB blob = data_blob_const(buf, len);
- const char *computer_name = NULL;
- const char *mailslot_name = NULL;
- const char *user_name = NULL;
- const char *domain_sid = NULL;
- uint32_t acct_control = 0;
- uint32_t nt_version = 0;
- struct tevent_req *subreq;
- fstring source_name;
- struct dgram_packet *dgram = &p->packet.dgram;
-
- state = talloc_zero(ctx, struct nmbd_proxy_logon_state);
- if (!state) {
- DEBUG(0,("failed to allocate nmbd_proxy_logon_state\n"));
- return;
- }
-
- pull_ascii_nstring(source_name, sizeof(source_name), dgram->source_name.name);
- state->remote_name = talloc_strdup(state, source_name);
- state->remote_name_type = dgram->source_name.name_type,
- state->local_ip = local_ip;
- state->p = p;
-
- ndr_err = ndr_pull_struct_blob(
- &blob, state, &state->req,
- (ndr_pull_flags_fn_t)ndr_pull_nbt_netlogon_packet);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(0,("failed parse nbt_netlogon_packet: %s\n",
- nt_errstr(status)));
- TALLOC_FREE(state);
- return;
- }
-
- if (DEBUGLEVEL >= 10) {
- DEBUG(10, ("nmbd_proxy_logon:\n"));
- NDR_PRINT_DEBUG(nbt_netlogon_packet, &state->req);
- }
-
- switch (state->req.command) {
- case LOGON_SAM_LOGON_REQUEST:
- computer_name = state->req.req.logon.computer_name;
- user_name = state->req.req.logon.user_name;
- mailslot_name = state->req.req.logon.mailslot_name;
- acct_control = state->req.req.logon.acct_control;
- if (state->req.req.logon.sid_size > 0) {
- domain_sid = dom_sid_string(state,
- &state->req.req.logon.sid);
- if (!domain_sid) {
- DEBUG(0,("failed to get a string for sid\n"));
- TALLOC_FREE(state);
- return;
- }
- }
- nt_version = state->req.req.logon.nt_version;
- break;
-
- default:
- /* this can't happen as the caller already checks the command */
- break;
- }
-
- state->remote_mailslot = mailslot_name;
-
- if (user_name && strlen(user_name) == 0) {
- user_name = NULL;
- }
-
- if (computer_name && strlen(computer_name) == 0) {
- computer_name = NULL;
- }
-
- /*
- * as the socket is connected,
- * we don't need to specify the destination
- */
- state->io.in.dest_address = NULL;
- state->io.in.dest_port = 0;
- state->io.in.realm = NULL;
- state->io.in.host = computer_name;
- state->io.in.user = user_name;
- state->io.in.domain_guid = NULL;
- state->io.in.domain_sid = domain_sid;
- state->io.in.acct_control = acct_control;
- state->io.in.version = nt_version;
- state->io.in.map_response = false;
-
- subreq = cldap_netlogon_send(state, nmbd_event_context(),
- ctx->cldap_sock,
- &state->io);
- if (!subreq) {
- DEBUG(0,("failed to send cldap netlogon call\n"));
- TALLOC_FREE(state);
- return;
- }
- tevent_req_set_callback(subreq, nmbd_proxy_logon_done, state);
-
- /* we reply async */
- state->p->locked = true;
- talloc_set_destructor(state, nmbd_proxy_logon_state_destructor);
-}
-
-static void nmbd_proxy_logon_done(struct tevent_req *subreq)
-{
- struct nmbd_proxy_logon_state *state =
- tevent_req_callback_data(subreq,
- struct nmbd_proxy_logon_state);
- NTSTATUS status;
- DATA_BLOB response = data_blob_null;
-
- status = cldap_netlogon_recv(subreq, state, &state->io);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("failed to recv cldap netlogon call: %s\n",
- nt_errstr(status)));
- TALLOC_FREE(state);
- return;
- }
-
- status = push_netlogon_samlogon_response(&response, state,
- &state->io.out.netlogon);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("failed to push netlogon_samlogon_response: %s\n",
- nt_errstr(status)));
- TALLOC_FREE(state);
- return;
- }
-
- send_mailslot(true, state->remote_mailslot,
- (char *)response.data, response.length,
- lp_netbios_name(), 0x0,
- state->remote_name,
- state->remote_name_type,
- state->p->ip,
- state->local_ip,
- state->p->port);
- TALLOC_FREE(state);
-}
-
/****************************************************************************
Process a domain logon packet
**************************************************************************/
@@ -457,12 +229,6 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
struct netlogon_samlogon_response samlogon;
struct NETLOGON_SAM_LOGON_RESPONSE_NT40 nt4;
- if (global_nmbd_proxy_logon) {
- nmbd_proxy_logon(global_nmbd_proxy_logon,
- ip, p, (const uint8_t *)buf, len);
- return;
- }
-
source_addr = SMB_STRDUP(inet_ntoa(dgram->header.source_ip));
if (source_addr == NULL) {
DEBUG(3, ("out of memory copying client"
diff --git a/source3/nmbd/nmbd_proto.h b/source3/nmbd/nmbd_proto.h
index 4cfb58980f8..2404fabc701 100644
--- a/source3/nmbd/nmbd_proto.h
+++ b/source3/nmbd/nmbd_proto.h
@@ -274,8 +274,6 @@ bool send_mailslot(bool unique, const char *mailslot,char *buf, size_t len,
/* The following definitions come from nmbd/nmbd_processlogon.c */
-bool initialize_nmbd_proxy_logon(void);
-
void process_logon_packet(struct packet_struct *p, const char *buf,int len,
const char *mailslot);
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 0e5da492faf..a7a95509354 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -120,12 +120,15 @@ static int net_ads_cldap_netlogon_json
sizeof(response_type));
break;
case LOGON_SAM_LOGON_RESPONSE_EX:
- strncpy(response_type, "LOGON_SAM_LOGON_RESPONSE_EX",
- sizeof(response_type));
+ strncpy(response_type,
+ "LOGON_SAM_LOGON_RESPONSE_EX",
+ sizeof(response_type));
break;
default:
- snprintf(response_type, sizeof(response_type), "0x%x",
- reply->command);
+ snprintf(response_type,
+ sizeof(response_type),
+ "0x%x",
+ reply->command);
break;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list