From 85f30bcf0b621356fcfb39b447dce6ff7d6eb5fc Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 9 Aug 2023 12:18:05 +0200 Subject: [PATCH] s3:rpc_server: add basic rpcd_witness template MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Stefan Metzmacher Reviewed-by: Günther Deschner --- source3/rpc_server/rpcd_witness.c | 120 ++++++++++++++++++++ source3/rpc_server/witness/srv_witness_nt.c | 82 +++++++++++++ source3/rpc_server/wscript_build | 15 +++ 3 files changed, 217 insertions(+) create mode 100644 source3/rpc_server/rpcd_witness.c create mode 100644 source3/rpc_server/witness/srv_witness_nt.c diff --git a/source3/rpc_server/rpcd_witness.c b/source3/rpc_server/rpcd_witness.c new file mode 100644 index 00000000000..9dcf180c548 --- /dev/null +++ b/source3/rpc_server/rpcd_witness.c @@ -0,0 +1,120 @@ +/* + * Unix SMB/CIFS implementation. + * + * Copyright (C) 2023 Stefan Metzmacher + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include "includes.h" +#include "rpc_worker.h" +#include "librpc/gen_ndr/ndr_witness.h" +#include "librpc/gen_ndr/ndr_witness_scompat.h" + +static size_t witness_interfaces( + const struct ndr_interface_table ***pifaces, + void *private_data) +{ + static const struct ndr_interface_table *ifaces[] = { + &ndr_table_witness, + }; + + if (!lp_clustering()) { + /* + * Without clustering there's no need for witness. + */ + *pifaces = NULL; + return 0; + } + + *pifaces = ifaces; + return ARRAY_SIZE(ifaces); +} + +static NTSTATUS witness_servers( + struct dcesrv_context *dce_ctx, + const struct dcesrv_endpoint_server ***_ep_servers, + size_t *_num_ep_servers, + void *private_data) +{ + static const struct dcesrv_endpoint_server *ep_servers[1] = { NULL }; + char *principal = NULL; + NTSTATUS status; + + if (!lp_clustering()) { + /* + * Without clustering there's no need for witness. + */ + *_ep_servers = NULL; + *_num_ep_servers = 0; + return NT_STATUS_OK; + } + + principal = talloc_asprintf(talloc_tos(), + "cifs/%s", + lp_netbios_name()); + if (principal == NULL) { + return NT_STATUS_NO_MEMORY; + } + + status = dcesrv_auth_type_principal_register(dce_ctx, + DCERPC_AUTH_TYPE_NTLMSSP, + principal); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + status = dcesrv_auth_type_principal_register(dce_ctx, + DCERPC_AUTH_TYPE_SPNEGO, + principal); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + if (lp_security() == SEC_ADS) { + status = dcesrv_auth_type_principal_register(dce_ctx, + DCERPC_AUTH_TYPE_KRB5, + principal); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + } + + TALLOC_FREE(principal); + + /* + * We prefer NDR64 for witness, + * as it's a very simple protocol and + * we support it from the beginning, + * which means it's well tested. + */ + dce_ctx->preferred_transfer = &ndr_transfer_syntax_ndr64; + + ep_servers[0] = witness_get_ep_server(); + + *_ep_servers = ep_servers; + *_num_ep_servers = ARRAY_SIZE(ep_servers); + return NT_STATUS_OK; +} + +int main(int argc, const char *argv[]) +{ + return rpc_worker_main( + argc, + argv, + "rpcd_witness", + 5, + 60, + witness_interfaces, + witness_servers, + NULL); +} diff --git a/source3/rpc_server/witness/srv_witness_nt.c b/source3/rpc_server/witness/srv_witness_nt.c new file mode 100644 index 00000000000..21bdae3a188 --- /dev/null +++ b/source3/rpc_server/witness/srv_witness_nt.c @@ -0,0 +1,82 @@ +/* + * Unix SMB/CIFS implementation. + * + * Copyright (C) 2023 Stefan Metzmacher + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include "includes.h" +#include "librpc/rpc/dcesrv_core.h" +#include "librpc/gen_ndr/ndr_witness_scompat.h" +#include "rpc_server/rpc_server.h" + +/**************************************************************** + _witness_GetInterfaceList +****************************************************************/ + +WERROR _witness_GetInterfaceList(struct pipes_struct *p, + struct witness_GetInterfaceList *r) +{ + p->fault_state = DCERPC_FAULT_OP_RNG_ERROR; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** + _witness_Register +****************************************************************/ + +WERROR _witness_Register(struct pipes_struct *p, + struct witness_Register *r) +{ + p->fault_state = DCERPC_FAULT_OP_RNG_ERROR; + return WERR_NOT_SUPPORTED; +} + + +/**************************************************************** + _witness_UnRegister +****************************************************************/ + +WERROR _witness_UnRegister(struct pipes_struct *p, + struct witness_UnRegister *r) +{ + p->fault_state = DCERPC_FAULT_OP_RNG_ERROR; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** + _witness_AsyncNotify +****************************************************************/ + +WERROR _witness_AsyncNotify(struct pipes_struct *p, + struct witness_AsyncNotify *r) +{ + p->fault_state = DCERPC_FAULT_OP_RNG_ERROR; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** + _witness_RegisterEx +****************************************************************/ + +WERROR _witness_RegisterEx(struct pipes_struct *p, + struct witness_RegisterEx *r) +{ + p->fault_state = DCERPC_FAULT_OP_RNG_ERROR; + return WERR_NOT_SUPPORTED; +} + +/* include the generated boilerplate */ +#include "librpc/gen_ndr/ndr_witness_scompat.c" diff --git a/source3/rpc_server/wscript_build b/source3/rpc_server/wscript_build index f50e5ff0432..904311a53b3 100644 --- a/source3/rpc_server/wscript_build +++ b/source3/rpc_server/wscript_build @@ -106,6 +106,16 @@ bld.SAMBA3_BINARY('rpcd_fsrvp', ''', install_path='${SAMBA_LIBEXECDIR}') +bld.SAMBA3_BINARY('rpcd_witness', + source='rpcd_witness.c', + deps=''' + CMDLINE_S3 + RPC_WORKER + RPC_WITNESS + ''', + install_path='${SAMBA_LIBEXECDIR}', + enabled=bld.env.with_ctdb) + bld.SAMBA3_SUBSYSTEM('RPC_CONFIG', source='rpc_config.c', deps='talloc') @@ -221,6 +231,11 @@ bld.SAMBA3_SUBSYSTEM('RPC_WKSSVC', source='''wkssvc/srv_wkssvc_nt.c''', deps='LIBNET') +bld.SAMBA3_SUBSYSTEM('RPC_WITNESS', + source='''witness/srv_witness_nt.c''', + deps='samba-util samba-cluster-support samba3core', + enabled=bld.env.with_ctdb) + bld.SAMBA3_SUBSYSTEM('mdssvc', source=''' mdssvc/dalloc.c