mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
r2627: use the new talloc capabilities in a bunch more places in the rpc
server code. This fixes a number of memory leaks I found when testing with valgrind and smbtorture, as the cascading effect of a talloc_free() ensures that anything derived from the top level object is destroyed on disconnect.
This commit is contained in:
parent
458f853288
commit
76d0b8206c
@ -249,7 +249,7 @@ static NTSTATUS ipc_open_generic(struct smbsrv_request *req, const char *fname,
|
||||
session_info = req->session->session_info;
|
||||
}
|
||||
|
||||
status = dcesrv_endpoint_search_connect(&req->smb_conn->dcesrv,
|
||||
status = dcesrv_endpoint_search_connect(req->smb_conn->dcesrv,
|
||||
&ep_description,
|
||||
session_info,
|
||||
&p->dce_conn);
|
||||
|
@ -27,7 +27,7 @@
|
||||
see if two endpoints match
|
||||
*/
|
||||
static BOOL endpoints_match(const struct dcesrv_ep_description *ep1,
|
||||
const struct dcesrv_ep_description *ep2)
|
||||
const struct dcesrv_ep_description *ep2)
|
||||
{
|
||||
if (ep1->type != ep2->type) {
|
||||
return False;
|
||||
@ -53,7 +53,7 @@ static BOOL endpoints_match(const struct dcesrv_ep_description *ep1,
|
||||
find an endpoint in the dcesrv_context
|
||||
*/
|
||||
static struct dcesrv_endpoint *find_endpoint(struct dcesrv_context *dce_ctx,
|
||||
const struct dcesrv_ep_description *ep_description)
|
||||
const struct dcesrv_ep_description *ep_description)
|
||||
{
|
||||
struct dcesrv_endpoint *ep;
|
||||
for (ep=dce_ctx->endpoint_list; ep; ep=ep->next) {
|
||||
@ -169,7 +169,7 @@ NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx,
|
||||
/* check if this endpoint exists
|
||||
*/
|
||||
if ((ep=find_endpoint(dce_ctx, &ep_description))==NULL) {
|
||||
ep = talloc(dce_ctx->mem_ctx, sizeof(*ep));
|
||||
ep = talloc_p(dce_ctx, struct dcesrv_endpoint);
|
||||
if (!ep) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -192,7 +192,7 @@ NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx,
|
||||
}
|
||||
|
||||
/* talloc a new interface list element */
|
||||
ifl = talloc(dce_ctx->mem_ctx, sizeof(*ifl));
|
||||
ifl = talloc_p(dce_ctx, struct dcesrv_if_list);
|
||||
if (!ifl) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -208,7 +208,7 @@ NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx,
|
||||
* we try to set it
|
||||
*/
|
||||
if (ep->sd == NULL) {
|
||||
ep->sd = copy_security_descriptor(dce_ctx->mem_ctx, sd);
|
||||
ep->sd = copy_security_descriptor(dce_ctx, sd);
|
||||
}
|
||||
|
||||
/* if now there's no security descriptor given on the endpoint
|
||||
@ -275,21 +275,12 @@ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
|
||||
const struct dcesrv_endpoint *ep,
|
||||
struct dcesrv_connection **p)
|
||||
{
|
||||
TALLOC_CTX *mem_ctx;
|
||||
|
||||
mem_ctx = talloc_init("dcesrv_endpoint_connect");
|
||||
if (!mem_ctx) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
*p = talloc_p(mem_ctx, struct dcesrv_connection);
|
||||
*p = talloc_p(dce_ctx, struct dcesrv_connection);
|
||||
if (! *p) {
|
||||
talloc_free(mem_ctx);
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
(*p)->dce_ctx = dce_ctx;
|
||||
(*p)->mem_ctx = mem_ctx;
|
||||
(*p)->endpoint = ep;
|
||||
(*p)->iface = NULL;
|
||||
(*p)->private = NULL;
|
||||
@ -363,7 +354,7 @@ void dcesrv_endpoint_disconnect(struct dcesrv_connection *p)
|
||||
free_session_info(&p->auth_state.session_info);
|
||||
}
|
||||
|
||||
talloc_free(p->mem_ctx);
|
||||
talloc_free(p);
|
||||
}
|
||||
|
||||
static void dcesrv_init_hdr(struct dcerpc_packet *pkt)
|
||||
@ -400,12 +391,12 @@ static NTSTATUS dcesrv_fault(struct dcesrv_call_state *call, uint32_t fault_code
|
||||
pkt.u.fault.cancel_count = 0;
|
||||
pkt.u.fault.status = fault_code;
|
||||
|
||||
rep = talloc_p(call->mem_ctx, struct dcesrv_call_reply);
|
||||
rep = talloc_p(call, struct dcesrv_call_reply);
|
||||
if (!rep) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
status = dcerpc_push_auth(&rep->data, call->mem_ctx, &pkt, NULL);
|
||||
status = dcerpc_push_auth(&rep->data, call, &pkt, NULL);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
@ -437,12 +428,12 @@ static NTSTATUS dcesrv_bind_nak(struct dcesrv_call_state *call, uint32_t reason)
|
||||
pkt.u.bind_nak.reject_reason = reason;
|
||||
pkt.u.bind_nak.num_versions = 0;
|
||||
|
||||
rep = talloc_p(call->mem_ctx, struct dcesrv_call_reply);
|
||||
rep = talloc_p(call, struct dcesrv_call_reply);
|
||||
if (!rep) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
status = dcerpc_push_auth(&rep->data, call->mem_ctx, &pkt, NULL);
|
||||
status = dcerpc_push_auth(&rep->data, call, &pkt, NULL);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
@ -474,13 +465,13 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
|
||||
}
|
||||
|
||||
if_version = call->pkt.u.bind.ctx_list[0].abstract_syntax.if_version;
|
||||
uuid = GUID_string(call->mem_ctx, &call->pkt.u.bind.ctx_list[0].abstract_syntax.uuid);
|
||||
uuid = GUID_string(call, &call->pkt.u.bind.ctx_list[0].abstract_syntax.uuid);
|
||||
if (!uuid) {
|
||||
return dcesrv_bind_nak(call, 0);
|
||||
}
|
||||
|
||||
transfer_syntax_version = call->pkt.u.bind.ctx_list[0].transfer_syntaxes[0].if_version;
|
||||
transfer_syntax = GUID_string(call->mem_ctx,
|
||||
transfer_syntax = GUID_string(call,
|
||||
&call->pkt.u.bind.ctx_list[0].transfer_syntaxes[0].uuid);
|
||||
if (!transfer_syntax ||
|
||||
strcasecmp(NDR_GUID, transfer_syntax) != 0 ||
|
||||
@ -517,13 +508,13 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
|
||||
pkt.u.bind_ack.max_recv_frag = 0x2000;
|
||||
pkt.u.bind_ack.assoc_group_id = call->pkt.u.bind.assoc_group_id;
|
||||
if (call->conn->iface && call->conn->iface->ndr) {
|
||||
pkt.u.bind_ack.secondary_address = talloc_asprintf(call->mem_ctx, "\\PIPE\\%s",
|
||||
pkt.u.bind_ack.secondary_address = talloc_asprintf(call, "\\PIPE\\%s",
|
||||
call->conn->iface->ndr->name);
|
||||
} else {
|
||||
pkt.u.bind_ack.secondary_address = "";
|
||||
}
|
||||
pkt.u.bind_ack.num_results = 1;
|
||||
pkt.u.bind_ack.ctx_list = talloc_p(call->mem_ctx, struct dcerpc_ack_ctx);
|
||||
pkt.u.bind_ack.ctx_list = talloc_p(call, struct dcerpc_ack_ctx);
|
||||
if (!pkt.u.bind_ack.ctx_list) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -545,12 +536,12 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
|
||||
}
|
||||
}
|
||||
|
||||
rep = talloc_p(call->mem_ctx, struct dcesrv_call_reply);
|
||||
rep = talloc_p(call, struct dcesrv_call_reply);
|
||||
if (!rep) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
status = dcerpc_push_auth(&rep->data, call->mem_ctx, &pkt,
|
||||
status = dcerpc_push_auth(&rep->data, call, &pkt,
|
||||
call->conn->auth_state.auth_info);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
@ -575,7 +566,7 @@ static NTSTATUS dcesrv_auth3(struct dcesrv_call_state *call)
|
||||
return dcesrv_fault(call, DCERPC_FAULT_OTHER);
|
||||
}
|
||||
|
||||
talloc_free(call->mem_ctx);
|
||||
talloc_free(call);
|
||||
|
||||
/* we don't send a reply to a auth3 request, except by a
|
||||
fault */
|
||||
@ -607,12 +598,12 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call)
|
||||
return dcesrv_fault(call, DCERPC_FAULT_OP_RNG_ERROR);
|
||||
}
|
||||
|
||||
pull = ndr_pull_init_blob(&call->pkt.u.request.stub_and_verifier, call->mem_ctx);
|
||||
pull = ndr_pull_init_blob(&call->pkt.u.request.stub_and_verifier, call);
|
||||
if (!pull) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
r = talloc(call->mem_ctx, call->conn->iface->ndr->calls[opnum].struct_size);
|
||||
r = talloc(call, call->conn->iface->ndr->calls[opnum].struct_size);
|
||||
if (!r) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -638,7 +629,7 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call)
|
||||
call->fault_code = 0;
|
||||
|
||||
/* call the dispatch function */
|
||||
status = call->conn->iface->dispatch(call, call->mem_ctx, r);
|
||||
status = call->conn->iface->dispatch(call, call, r);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
dcerpc_log_packet(call->conn->iface->ndr, opnum, NDR_IN,
|
||||
&call->pkt.u.request.stub_and_verifier);
|
||||
@ -646,7 +637,7 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call)
|
||||
}
|
||||
|
||||
/* form the reply NDR */
|
||||
push = ndr_push_init_ctx(call->mem_ctx);
|
||||
push = ndr_push_init_ctx(call);
|
||||
if (!push) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -674,7 +665,7 @@ static NTSTATUS dcesrv_request(struct dcesrv_call_state *call)
|
||||
struct dcesrv_call_reply *rep;
|
||||
struct dcerpc_packet pkt;
|
||||
|
||||
rep = talloc_p(call->mem_ctx, struct dcesrv_call_reply);
|
||||
rep = talloc_p(call, struct dcesrv_call_reply);
|
||||
if (!rep) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -760,32 +751,25 @@ static void dce_partial_advance(struct dcesrv_connection *dce_conn, uint32_t off
|
||||
NTSTATUS dcesrv_input_process(struct dcesrv_connection *dce_conn)
|
||||
{
|
||||
struct ndr_pull *ndr;
|
||||
TALLOC_CTX *mem_ctx;
|
||||
NTSTATUS status;
|
||||
struct dcesrv_call_state *call;
|
||||
DATA_BLOB blob;
|
||||
|
||||
mem_ctx = talloc_init("dcesrv_input");
|
||||
if (!mem_ctx) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
call = talloc_p(mem_ctx, struct dcesrv_call_state);
|
||||
call = talloc_p(dce_conn, struct dcesrv_call_state);
|
||||
if (!call) {
|
||||
talloc_free(dce_conn->partial_input.data);
|
||||
talloc_free(mem_ctx);
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
call->mem_ctx = mem_ctx;
|
||||
call->conn = dce_conn;
|
||||
call->replies = NULL;
|
||||
|
||||
blob = dce_conn->partial_input;
|
||||
blob.length = dcerpc_get_frag_length(&blob);
|
||||
|
||||
ndr = ndr_pull_init_blob(&blob, mem_ctx);
|
||||
ndr = ndr_pull_init_blob(&blob, call);
|
||||
if (!ndr) {
|
||||
talloc_free(dce_conn->partial_input.data);
|
||||
talloc_free(mem_ctx);
|
||||
talloc_free(call);
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
@ -796,7 +780,7 @@ NTSTATUS dcesrv_input_process(struct dcesrv_connection *dce_conn)
|
||||
status = ndr_pull_dcerpc_packet(ndr, NDR_SCALARS|NDR_BUFFERS, &call->pkt);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
talloc_free(dce_conn->partial_input.data);
|
||||
talloc_free(mem_ctx);
|
||||
talloc_free(call);
|
||||
return status;
|
||||
}
|
||||
|
||||
@ -879,7 +863,7 @@ NTSTATUS dcesrv_input_process(struct dcesrv_connection *dce_conn)
|
||||
it to the list of pending calls. We add it to the end to keep the call
|
||||
list in the order we will answer */
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
talloc_free(mem_ctx);
|
||||
talloc_free(call);
|
||||
}
|
||||
|
||||
return status;
|
||||
@ -962,7 +946,7 @@ NTSTATUS dcesrv_output(struct dcesrv_connection *dce_conn,
|
||||
if (call->replies == NULL) {
|
||||
/* we're done with the whole call */
|
||||
DLIST_REMOVE(dce_conn->call_list, call);
|
||||
talloc_free(call->mem_ctx);
|
||||
talloc_free(call);
|
||||
}
|
||||
|
||||
return status;
|
||||
@ -995,18 +979,18 @@ NTSTATUS dcesrv_output_blob(struct dcesrv_connection *dce_conn,
|
||||
/*
|
||||
initialise the dcerpc server context
|
||||
*/
|
||||
NTSTATUS dcesrv_init_context(struct dcesrv_context *dce_ctx)
|
||||
NTSTATUS dcesrv_init_context(TALLOC_CTX *mem_ctx, struct dcesrv_context **dce_ctx)
|
||||
{
|
||||
int i;
|
||||
const char **endpoint_servers = lp_dcerpc_endpoint_servers();
|
||||
|
||||
dce_ctx->mem_ctx = talloc_init("struct dcesrv_context");
|
||||
if (!dce_ctx->mem_ctx) {
|
||||
DEBUG(3,("dcesrv_init_context: talloc_init failed\n"));
|
||||
(*dce_ctx) = talloc_p(mem_ctx, struct dcesrv_context);
|
||||
if (! *dce_ctx) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
talloc_set_name(*dce_ctx, "struct dcesrv_context");
|
||||
|
||||
dce_ctx->endpoint_list = NULL;
|
||||
(*dce_ctx)->endpoint_list = NULL;
|
||||
|
||||
if (!endpoint_servers) {
|
||||
DEBUG(3,("dcesrv_init_context: no endpoint servers configured\n"));
|
||||
@ -1023,7 +1007,7 @@ NTSTATUS dcesrv_init_context(struct dcesrv_context *dce_ctx)
|
||||
return NT_STATUS_UNSUCCESSFUL;
|
||||
}
|
||||
|
||||
ret = ep_server->init_server(dce_ctx, ep_server);
|
||||
ret = ep_server->init_server(*dce_ctx, ep_server);
|
||||
if (!NT_STATUS_IS_OK(ret)) {
|
||||
DEBUG(0,("dcesrv_init_context: failed to init endpoint server = '%s'\n", endpoint_servers[i]));
|
||||
return ret;
|
||||
@ -1035,7 +1019,6 @@ NTSTATUS dcesrv_init_context(struct dcesrv_context *dce_ctx)
|
||||
|
||||
static void dcesrv_init(struct server_service *service, const struct model_ops *model_ops)
|
||||
{
|
||||
TALLOC_CTX *mem_ctx;
|
||||
struct dcesrv_context *dce_ctx;
|
||||
int i;
|
||||
const char **endpoint_servers = lp_dcerpc_endpoint_servers();
|
||||
@ -1047,16 +1030,14 @@ static void dcesrv_init(struct server_service *service, const struct model_ops *
|
||||
return;
|
||||
}
|
||||
|
||||
mem_ctx = talloc_init("struct dcesrv_context");
|
||||
|
||||
dce_ctx = talloc_p(mem_ctx, struct dcesrv_context);
|
||||
dce_ctx = talloc_p(NULL, struct dcesrv_context);
|
||||
if (!dce_ctx) {
|
||||
DEBUG(0,("talloc_p(mem_ctx, struct dcesrv_context) failed\n"));
|
||||
return;
|
||||
}
|
||||
talloc_set_name(dce_ctx, "dcesrv_init");
|
||||
|
||||
ZERO_STRUCTP(dce_ctx);
|
||||
dce_ctx->mem_ctx = mem_ctx;
|
||||
dce_ctx->endpoint_list = NULL;
|
||||
|
||||
for (i=0;endpoint_servers[i];i++) {
|
||||
|
@ -69,7 +69,6 @@ struct dcesrv_interface {
|
||||
struct dcesrv_call_state {
|
||||
struct dcesrv_call_state *next, *prev;
|
||||
struct dcesrv_connection *conn;
|
||||
TALLOC_CTX *mem_ctx;
|
||||
struct dcerpc_packet pkt;
|
||||
|
||||
DATA_BLOB input;
|
||||
@ -89,7 +88,6 @@ struct dcesrv_call_state {
|
||||
struct dcesrv_handle {
|
||||
struct dcesrv_handle *next, *prev;
|
||||
struct policy_handle wire_handle;
|
||||
TALLOC_CTX *mem_ctx;
|
||||
void *data;
|
||||
void (*destroy)(struct dcesrv_connection *, struct dcesrv_handle *);
|
||||
};
|
||||
@ -108,8 +106,6 @@ struct dcesrv_connection {
|
||||
/* the top level context for this server */
|
||||
struct dcesrv_context *dce_ctx;
|
||||
|
||||
TALLOC_CTX *mem_ctx;
|
||||
|
||||
/* the endpoint that was opened */
|
||||
const struct dcesrv_endpoint *endpoint;
|
||||
|
||||
@ -166,8 +162,6 @@ struct dcesrv_endpoint_server {
|
||||
|
||||
/* server-wide context information for the dcerpc server */
|
||||
struct dcesrv_context {
|
||||
TALLOC_CTX *mem_ctx;
|
||||
|
||||
/* the list of endpoints that have registered
|
||||
* by the configured endpoint servers
|
||||
*/
|
||||
|
@ -208,7 +208,7 @@ void dcesrv_tcp_close(struct server_connection *conn, const char *reason)
|
||||
|
||||
DEBUG(5,("dcesrv_tcp_close: %s\n",reason));
|
||||
|
||||
talloc_destroy(dce_conn->mem_ctx);
|
||||
talloc_free(dce_conn);
|
||||
|
||||
return;
|
||||
}
|
||||
|
@ -83,13 +83,13 @@ BOOL dcesrv_auth_bind(struct dcesrv_call_state *call)
|
||||
return True;
|
||||
}
|
||||
|
||||
dce_conn->auth_state.auth_info = talloc_p(dce_conn->mem_ctx, struct dcerpc_auth);
|
||||
dce_conn->auth_state.auth_info = talloc_p(dce_conn, struct dcerpc_auth);
|
||||
if (!dce_conn->auth_state.auth_info) {
|
||||
return False;
|
||||
}
|
||||
|
||||
status = ndr_pull_struct_blob(&pkt->u.bind.auth_info,
|
||||
call->mem_ctx,
|
||||
call,
|
||||
dce_conn->auth_state.auth_info,
|
||||
(ndr_pull_flags_fn_t)ndr_pull_dcerpc_auth);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
@ -118,7 +118,7 @@ BOOL dcesrv_auth_bind_ack(struct dcesrv_call_state *call, struct dcerpc_packet *
|
||||
}
|
||||
|
||||
status = gensec_update(dce_conn->auth_state.gensec_security,
|
||||
call->mem_ctx,
|
||||
call,
|
||||
dce_conn->auth_state.auth_info->credentials,
|
||||
&dce_conn->auth_state.auth_info->credentials);
|
||||
|
||||
@ -161,7 +161,7 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call)
|
||||
}
|
||||
|
||||
status = ndr_pull_struct_blob(&pkt->u.auth.auth_info,
|
||||
call->mem_ctx,
|
||||
call,
|
||||
dce_conn->auth_state.auth_info,
|
||||
(ndr_pull_flags_fn_t)ndr_pull_dcerpc_auth);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
@ -170,7 +170,7 @@ BOOL dcesrv_auth_auth3(struct dcesrv_call_state *call)
|
||||
|
||||
/* Pass the extra data we got from the client down to gensec for processing */
|
||||
status = gensec_update(dce_conn->auth_state.gensec_security,
|
||||
call->mem_ctx,
|
||||
call,
|
||||
dce_conn->auth_state.auth_info->credentials,
|
||||
&dce_conn->auth_state.auth_info->credentials);
|
||||
if (NT_STATUS_IS_OK(status)) {
|
||||
@ -250,7 +250,7 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet)
|
||||
pkt->u.request.stub_and_verifier.length -= auth_blob.length;
|
||||
|
||||
/* pull the auth structure */
|
||||
ndr = ndr_pull_init_blob(&auth_blob, call->mem_ctx);
|
||||
ndr = ndr_pull_init_blob(&auth_blob, call);
|
||||
if (!ndr) {
|
||||
return False;
|
||||
}
|
||||
@ -261,6 +261,7 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet)
|
||||
|
||||
status = ndr_pull_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, &auth);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
talloc_free(ndr);
|
||||
return False;
|
||||
}
|
||||
|
||||
@ -268,7 +269,7 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet)
|
||||
switch (dce_conn->auth_state.auth_info->auth_level) {
|
||||
case DCERPC_AUTH_LEVEL_PRIVACY:
|
||||
status = gensec_unseal_packet(dce_conn->auth_state.gensec_security,
|
||||
call->mem_ctx,
|
||||
call,
|
||||
full_packet->data + DCERPC_REQUEST_LENGTH,
|
||||
pkt->u.request.stub_and_verifier.length,
|
||||
full_packet->data,
|
||||
@ -281,7 +282,7 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet)
|
||||
|
||||
case DCERPC_AUTH_LEVEL_INTEGRITY:
|
||||
status = gensec_check_packet(dce_conn->auth_state.gensec_security,
|
||||
call->mem_ctx,
|
||||
call,
|
||||
pkt->u.request.stub_and_verifier.data,
|
||||
pkt->u.request.stub_and_verifier.length,
|
||||
full_packet->data,
|
||||
@ -300,9 +301,11 @@ BOOL dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet)
|
||||
|
||||
/* remove the indicated amount of padding */
|
||||
if (pkt->u.request.stub_and_verifier.length < auth.auth_pad_length) {
|
||||
talloc_free(ndr);
|
||||
return False;
|
||||
}
|
||||
pkt->u.request.stub_and_verifier.length -= auth.auth_pad_length;
|
||||
talloc_free(ndr);
|
||||
|
||||
return NT_STATUS_IS_OK(status);
|
||||
}
|
||||
@ -321,11 +324,11 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
|
||||
|
||||
/* non-signed packets are simple */
|
||||
if (!dce_conn->auth_state.auth_info || !dce_conn->auth_state.gensec_security) {
|
||||
status = dcerpc_push_auth(blob, call->mem_ctx, pkt, NULL);
|
||||
status = dcerpc_push_auth(blob, call, pkt, NULL);
|
||||
return NT_STATUS_IS_OK(status);
|
||||
}
|
||||
|
||||
ndr = ndr_push_init_ctx(call->mem_ctx);
|
||||
ndr = ndr_push_init_ctx(call);
|
||||
if (!ndr) {
|
||||
return False;
|
||||
}
|
||||
@ -346,14 +349,14 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
|
||||
payload_length = ndr->offset - DCERPC_REQUEST_LENGTH;
|
||||
|
||||
if (dce_conn->auth_state.auth_info->auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
|
||||
status = dcesrv_connect_verifier(call->mem_ctx,
|
||||
status = dcesrv_connect_verifier(call,
|
||||
&dce_conn->auth_state.auth_info->credentials);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return False;
|
||||
}
|
||||
} else {
|
||||
dce_conn->auth_state.auth_info->credentials
|
||||
= data_blob_talloc(call->mem_ctx, NULL,
|
||||
= data_blob_talloc(call, NULL,
|
||||
gensec_sig_size(dce_conn->auth_state.gensec_security));
|
||||
}
|
||||
|
||||
@ -376,7 +379,7 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
|
||||
switch (dce_conn->auth_state.auth_info->auth_level) {
|
||||
case DCERPC_AUTH_LEVEL_PRIVACY:
|
||||
status = gensec_seal_packet(dce_conn->auth_state.gensec_security,
|
||||
call->mem_ctx,
|
||||
call,
|
||||
ndr->data + DCERPC_REQUEST_LENGTH,
|
||||
payload_length,
|
||||
blob->data,
|
||||
@ -386,7 +389,7 @@ BOOL dcesrv_auth_response(struct dcesrv_call_state *call,
|
||||
|
||||
case DCERPC_AUTH_LEVEL_INTEGRITY:
|
||||
status = gensec_sign_packet(dce_conn->auth_state.gensec_security,
|
||||
call->mem_ctx,
|
||||
call,
|
||||
ndr->data + DCERPC_REQUEST_LENGTH,
|
||||
payload_length,
|
||||
blob->data,
|
||||
|
@ -183,13 +183,13 @@ static error_status_t epm_Lookup(struct dcesrv_call_state *dce_call, TALLOC_CTX
|
||||
if (!eps) {
|
||||
/* this is the first call - fill the list. Subsequent calls
|
||||
will feed from this list, stored in the handle */
|
||||
eps = talloc_p(h->mem_ctx, struct rpc_eps);
|
||||
eps = talloc_p(h, struct rpc_eps);
|
||||
if (!eps) {
|
||||
return EPMAPPER_STATUS_NO_MEMORY;
|
||||
}
|
||||
h->data = eps;
|
||||
|
||||
eps->count = build_ep_list(h->mem_ctx, dce_call->conn->dce_ctx->endpoint_list, &eps->e);
|
||||
eps->count = build_ep_list(h, dce_call->conn->dce_ctx->endpoint_list, &eps->e);
|
||||
}
|
||||
|
||||
/* return the next N elements */
|
||||
|
@ -28,19 +28,12 @@
|
||||
struct dcesrv_handle *dcesrv_handle_new(struct dcesrv_connection *dce_conn,
|
||||
uint8_t handle_type)
|
||||
{
|
||||
TALLOC_CTX *mem_ctx;
|
||||
struct dcesrv_handle *h;
|
||||
|
||||
mem_ctx = talloc_init("rpc handle type %d\n", handle_type);
|
||||
if (!mem_ctx) {
|
||||
return NULL;
|
||||
}
|
||||
h = talloc(mem_ctx, sizeof(*h));
|
||||
h = talloc_p(dce_conn, struct dcesrv_handle);
|
||||
if (!h) {
|
||||
talloc_destroy(mem_ctx);
|
||||
return NULL;
|
||||
}
|
||||
h->mem_ctx = mem_ctx;
|
||||
h->data = NULL;
|
||||
h->destroy = NULL;
|
||||
|
||||
@ -62,7 +55,7 @@ void dcesrv_handle_destroy(struct dcesrv_connection *dce_conn,
|
||||
h->destroy(dce_conn, h);
|
||||
}
|
||||
DLIST_REMOVE(dce_conn->handles, h);
|
||||
talloc_destroy(h->mem_ctx);
|
||||
talloc_free(h);
|
||||
}
|
||||
|
||||
|
||||
|
@ -37,7 +37,7 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
private = talloc_p(dce_call->conn->mem_ctx, struct dcesrv_remote_private);
|
||||
private = talloc_p(dce_call->conn, struct dcesrv_remote_private);
|
||||
if (!private) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
@ -51,7 +51,7 @@ static NTSTATUS winreg_bind(struct dcesrv_call_state *dc, const struct dcesrv_in
|
||||
{
|
||||
struct _privatedata *data;
|
||||
WERROR error;
|
||||
data = talloc(dc->conn->mem_ctx, sizeof(struct _privatedata));
|
||||
data = talloc_p(dc->conn, struct _privatedata);
|
||||
error = reg_open(&data->registry, "dir", "/tmp/reg", "");
|
||||
if(!W_ERROR_IS_OK(error)) return werror_to_ntstatus(error);
|
||||
dc->conn->private = data;
|
||||
|
@ -824,7 +824,6 @@ void smbd_process_async(struct smbsrv_connection *smb_conn)
|
||||
void smbsrv_accept(struct server_connection *conn)
|
||||
{
|
||||
struct smbsrv_connection *smb_conn;
|
||||
char *socket_addr;
|
||||
int fd;
|
||||
|
||||
DEBUG(5,("smbsrv_accept\n"));
|
||||
@ -861,7 +860,7 @@ void smbsrv_accept(struct server_connection *conn)
|
||||
set_blocking(fd, True);
|
||||
|
||||
/* setup the DCERPC server subsystem */
|
||||
dcesrv_init_context(&smb_conn->dcesrv);
|
||||
dcesrv_init_context(smb_conn, &smb_conn->dcesrv);
|
||||
|
||||
return;
|
||||
}
|
||||
|
@ -293,7 +293,7 @@ struct smbsrv_connection {
|
||||
|
||||
struct substitute_context substitute;
|
||||
|
||||
struct dcesrv_context dcesrv;
|
||||
struct dcesrv_context *dcesrv;
|
||||
|
||||
/* the pid of the process handling this session */
|
||||
pid_t pid;
|
||||
|
Loading…
Reference in New Issue
Block a user