sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code

s4:rpc_server: add support for DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM

Browse Source 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Jan 26 14:23:50 CET 2015 on sn-devel-104
This commit is contained in:
Stefan Metzmacher 2015-01-22 11:24:31 +00:00
parent efebf3c80c
commit 9ee5887a36
2 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
source4/rpc_server/dcerpc_server.c
View File

@ -1198,6 +1198,7 @@ _PUBLIC_ NTSTATUS dcesrv_init_context(TALLOC_CTX *mem_ctx,
dce_ctx = talloc(mem_ctx, struct dcesrv_context);
NT_STATUS_HAVE_NO_MEMORY(dce_ctx);
dce_ctx->initial_euid = geteuid();
dce_ctx->endpoint_list = NULL;
dce_ctx->lp_ctx = lp_ctx;
dce_ctx->assoc_groups_idr = idr_init(dce_ctx);
@ -1547,6 +1548,37 @@ static void dcesrv_sock_accept(struct stream_connection *srv_conn)
dcesrv_conn->local_address = srv_conn->local_address;
dcesrv_conn->remote_address = srv_conn->remote_address;
if (transport == NCALRPC) {
uid_t uid;
gid_t gid;
ret = getpeereid(socket_get_fd(srv_conn->socket), &uid, &gid);
if (ret == -1) {
status = map_nt_error_from_unix_common(errno);
DEBUG(0, ("dcesrv_sock_accept: "
"getpeereid() failed for NCALRPC: %s\n",
nt_errstr(status)));
stream_terminate_connection(srv_conn, nt_errstr(status));
return;
}
if (uid == dcesrv_conn->dce_ctx->initial_euid) {
struct tsocket_address *r = NULL;
ret = tsocket_address_unix_from_path(dcesrv_conn,
"/root/ncalrpc_as_system",
&r);
if (ret == -1) {
status = map_nt_error_from_unix_common(errno);
DEBUG(0, ("dcesrv_sock_accept: "
"tsocket_address_unix_from_path() failed for NCALRPC: %s\n",
nt_errstr(status)));
stream_terminate_connection(srv_conn, nt_errstr(status));
return;
}
dcesrv_conn->remote_address = r;
}
}
srv_conn->private_data = dcesrv_conn;
irpc_add_name(srv_conn->msg_ctx, "rpc_server");

7
source4/rpc_server/dcerpc_server.h
View File

@ -273,6 +273,13 @@ struct dcesrv_assoc_group {
/* server-wide context information for the dcerpc server */
struct dcesrv_context {
/*
* The euid at startup time.
*
* This is required for DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM
*/
uid_t initial_euid;
/* the list of endpoints that have registered
* by the configured endpoint servers
*/