sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-02 09:47:23 +03:00
Code

rpc: Remove named_pipe_auth_req_info6->need_idle_server

Browse Source 
Involves bumping up the version number

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit bdba027a33e35aab7bb322bc3167cdd7babfc059)
This commit is contained in:
Volker Lendecke 2023-04-18 12:29:34 +02:00 committed by Jule Anger
parent e92fb83763
commit ec0c93199b
7 changed files with 211 additions and 196 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
libcli/named_pipe_auth/npa_tstream.c
View File

@ -73,7 +73,7 @@ struct tevent_req *tstream_npa_connect_send(TALLOC_CTX *mem_ctx,
int ret; int ret;
enum ndr_err_code ndr_err; enum ndr_err_code ndr_err;
char *lower_case_npipe; char *lower_case_npipe;
struct named_pipe_auth_req_info6 *info6; struct named_pipe_auth_req_info7 *info7;
req = tevent_req_create(mem_ctx, &state, req = tevent_req_create(mem_ctx, &state,
struct tstream_npa_connect_state); struct tstream_npa_connect_state);
@ -119,39 +119,43 @@ struct tevent_req *tstream_npa_connect_send(TALLOC_CTX *mem_ctx,
goto post; goto post;
} }
state->auth_req.level = 6; state->auth_req.level = 7;
info6 = &state->auth_req.info.info6; info7 = &state->auth_req.info.info7;
info6->transport = transport; info7->transport = transport;
SMB_ASSERT(info6->transport == transport); /* Assert no overflow */ SMB_ASSERT(info7->transport == transport); /* Assert no overflow */
info6->remote_client_name = remote_client_name_in; info7->remote_client_name = remote_client_name_in;
info6->remote_client_addr = tsocket_address_inet_addr_string(remote_client_addr, info7->remote_client_addr =
state); tsocket_address_inet_addr_string(remote_client_addr, state);
if (!info6->remote_client_addr) { if (!info7->remote_client_addr) {
/* errno might be EINVAL */ /* errno might be EINVAL */
tevent_req_error(req, errno); tevent_req_error(req, errno);
goto post; goto post;
} }
info6->remote_client_port = tsocket_address_inet_port(remote_client_addr); info7->remote_client_port =
if (!info6->remote_client_name) { tsocket_address_inet_port(remote_client_addr);
info6->remote_client_name = info6->remote_client_addr; if (!info7->remote_client_name) {
info7->remote_client_name = info7->remote_client_addr;
} }
info6->local_server_name = local_server_name_in; info7->local_server_name = local_server_name_in;
info6->local_server_addr = tsocket_address_inet_addr_string(local_server_addr, info7->local_server_addr =
state); tsocket_address_inet_addr_string(local_server_addr, state);
if (!info6->local_server_addr) { if (!info7->local_server_addr) {
/* errno might be EINVAL */ /* errno might be EINVAL */
tevent_req_error(req, errno); tevent_req_error(req, errno);
goto post; goto post;
} }
info6->local_server_port = tsocket_address_inet_port(local_server_addr); info7->local_server_port =
if (!info6->local_server_name) { tsocket_address_inet_port(local_server_addr);
info6->local_server_name = info6->local_server_addr; if (!info7->local_server_name) {
info7->local_server_name = info7->local_server_addr;
} }
info6->session_info = discard_const_p(struct auth_session_info_transport, session_info); info7->session_info =
discard_const_p(struct auth_session_info_transport,
session_info);
if (DEBUGLVL(10)) { if (DEBUGLVL(10)) {
NDR_PRINT_DEBUG(named_pipe_auth_req, &state->auth_req); NDR_PRINT_DEBUG(named_pipe_auth_req, &state->auth_req);
@ -348,10 +352,10 @@ int _tstream_npa_connect_recv(struct tevent_req *req,
npas->unix_stream = talloc_move(stream, &state->unix_stream); npas->unix_stream = talloc_move(stream, &state->unix_stream);
switch (state->auth_rep.level) { switch (state->auth_rep.level) {
case 6: case 7:
npas->file_type = state->auth_rep.info.info6.file_type; npas->file_type = state->auth_rep.info.info7.file_type;
device_state = state->auth_rep.info.info6.device_state; device_state = state->auth_rep.info.info7.device_state;
allocation_size = state->auth_rep.info.info6.allocation_size; allocation_size = state->auth_rep.info.info7.allocation_size;
break; break;
} }
@ -1084,7 +1088,7 @@ static void tstream_npa_accept_existing_reply(struct tevent_req *subreq)
tevent_req_data(req, struct tstream_npa_accept_state); tevent_req_data(req, struct tstream_npa_accept_state);
struct named_pipe_auth_req *pipe_request; struct named_pipe_auth_req *pipe_request;
struct named_pipe_auth_rep pipe_reply; struct named_pipe_auth_rep pipe_reply;
struct named_pipe_auth_req_info6 i6; struct named_pipe_auth_req_info7 i7;
enum ndr_err_code ndr_err; enum ndr_err_code ndr_err;
DATA_BLOB in, out; DATA_BLOB in, out;
int err; int err;
@ -1147,52 +1151,58 @@ static void tstream_npa_accept_existing_reply(struct tevent_req *subreq)
NDR_PRINT_DEBUG(named_pipe_auth_req, pipe_request); NDR_PRINT_DEBUG(named_pipe_auth_req, pipe_request);
} }
ZERO_STRUCT(i6); ZERO_STRUCT(i7);
if (pipe_request->level != 6) { if (pipe_request->level != 7) {
DEBUG(0, ("Unknown level %u\n", pipe_request->level)); DEBUG(0, ("Unknown level %u\n", pipe_request->level));
pipe_reply.level = 0; pipe_reply.level = 0;
pipe_reply.status = NT_STATUS_INVALID_LEVEL; pipe_reply.status = NT_STATUS_INVALID_LEVEL;
goto reply; goto reply;
} }
pipe_reply.level = 6; pipe_reply.level = 7;
pipe_reply.status = NT_STATUS_OK; pipe_reply.status = NT_STATUS_OK;
pipe_reply.info.info6.file_type = state->file_type; pipe_reply.info.info7.file_type = state->file_type;
pipe_reply.info.info6.device_state = state->device_state; pipe_reply.info.info7.device_state = state->device_state;
pipe_reply.info.info6.allocation_size = state->alloc_size; pipe_reply.info.info7.allocation_size = state->alloc_size;
i6 = pipe_request->info.info6; i7 = pipe_request->info.info7;
if (i6.local_server_addr == NULL) { if (i7.local_server_addr == NULL) {
pipe_reply.status = NT_STATUS_INVALID_ADDRESS; pipe_reply.status = NT_STATUS_INVALID_ADDRESS;
DEBUG(2, ("Missing local server address\n")); DEBUG(2, ("Missing local server address\n"));
goto reply; goto reply;
} }
if (i6.remote_client_addr == NULL) { if (i7.remote_client_addr == NULL) {
pipe_reply.status = NT_STATUS_INVALID_ADDRESS; pipe_reply.status = NT_STATUS_INVALID_ADDRESS;
DEBUG(2, ("Missing remote client address\n")); DEBUG(2, ("Missing remote client address\n"));
goto reply; goto reply;
} }
ret = tsocket_address_inet_from_strings(state, "ip", ret = tsocket_address_inet_from_strings(state,
i6.local_server_addr, "ip",
i6.local_server_port, i7.local_server_addr,
i7.local_server_port,
&state->local_server_addr); &state->local_server_addr);
if (ret != 0) { if (ret != 0) {
DEBUG(2, ("Invalid local server address[%s:%u] - %s\n", DEBUG(2,
i6.local_server_addr, i6.local_server_port, ("Invalid local server address[%s:%u] - %s\n",
i7.local_server_addr,
i7.local_server_port,
strerror(errno))); strerror(errno)));
pipe_reply.status = NT_STATUS_INVALID_ADDRESS; pipe_reply.status = NT_STATUS_INVALID_ADDRESS;
goto reply; goto reply;
} }
ret = tsocket_address_inet_from_strings(state, "ip", ret = tsocket_address_inet_from_strings(state,
i6.remote_client_addr, "ip",
i6.remote_client_port, i7.remote_client_addr,
i7.remote_client_port,
&state->remote_client_addr); &state->remote_client_addr);
if (ret != 0) { if (ret != 0) {
DEBUG(2, ("Invalid remote client address[%s:%u] - %s\n", DEBUG(2,
i6.remote_client_addr, i6.remote_client_port, ("Invalid remote client address[%s:%u] - %s\n",
i7.remote_client_addr,
i7.remote_client_port,
strerror(errno))); strerror(errno)));
pipe_reply.status = NT_STATUS_INVALID_ADDRESS; pipe_reply.status = NT_STATUS_INVALID_ADDRESS;
goto reply; goto reply;
@ -1249,14 +1259,15 @@ static void tstream_npa_accept_existing_done(struct tevent_req *subreq)
tevent_req_done(req); tevent_req_done(req);
} }
static struct named_pipe_auth_req_info6 *copy_npa_info6( static struct named_pipe_auth_req_info7 *
TALLOC_CTX *mem_ctx, const struct named_pipe_auth_req_info6 *src) copy_npa_info7(TALLOC_CTX *mem_ctx,
const struct named_pipe_auth_req_info7 *src)
{ {
struct named_pipe_auth_req_info6 *dst = NULL; struct named_pipe_auth_req_info7 *dst = NULL;
DATA_BLOB blob; DATA_BLOB blob;
enum ndr_err_code ndr_err; enum ndr_err_code ndr_err;
dst = talloc_zero(mem_ctx, struct named_pipe_auth_req_info6); dst = talloc_zero(mem_ctx, struct named_pipe_auth_req_info7);
if (dst == NULL) { if (dst == NULL) {
return NULL; return NULL;
} }
@ -1265,9 +1276,9 @@ static struct named_pipe_auth_req_info6 *copy_npa_info6(
&blob, &blob,
dst, dst,
src, src,
(ndr_push_flags_fn_t)ndr_push_named_pipe_auth_req_info6); (ndr_push_flags_fn_t)ndr_push_named_pipe_auth_req_info7);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
DBG_WARNING("ndr_push_named_pipe_auth_req_info6 failed: %s\n", DBG_WARNING("ndr_push_named_pipe_auth_req_info7 failed: %s\n",
ndr_errstr(ndr_err)); ndr_errstr(ndr_err));
TALLOC_FREE(dst); TALLOC_FREE(dst);
return NULL; return NULL;
@ -1277,10 +1288,10 @@ static struct named_pipe_auth_req_info6 *copy_npa_info6(
&blob, &blob,
dst, dst,
dst, dst,
(ndr_pull_flags_fn_t)ndr_pull_named_pipe_auth_req_info6); (ndr_pull_flags_fn_t)ndr_pull_named_pipe_auth_req_info7);
TALLOC_FREE(blob.data); TALLOC_FREE(blob.data);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
DBG_WARNING("ndr_push_named_pipe_auth_req_info6 failed: %s\n", DBG_WARNING("ndr_push_named_pipe_auth_req_info7 failed: %s\n",
ndr_errstr(ndr_err)); ndr_errstr(ndr_err));
TALLOC_FREE(dst); TALLOC_FREE(dst);
return NULL; return NULL;
@ -1294,7 +1305,7 @@ int _tstream_npa_accept_existing_recv(
int *perrno, int *perrno,
TALLOC_CTX *mem_ctx, TALLOC_CTX *mem_ctx,
struct tstream_context **stream, struct tstream_context **stream,
struct named_pipe_auth_req_info6 **info6, struct named_pipe_auth_req_info7 **info7,
enum dcerpc_transport_t *transport, enum dcerpc_transport_t *transport,
struct tsocket_address **remote_client_addr, struct tsocket_address **remote_client_addr,
char **_remote_client_name, char **_remote_client_name,
@ -1305,7 +1316,8 @@ int _tstream_npa_accept_existing_recv(
{ {
struct tstream_npa_accept_state *state = struct tstream_npa_accept_state *state =
tevent_req_data(req, struct tstream_npa_accept_state); tevent_req_data(req, struct tstream_npa_accept_state);
struct named_pipe_auth_req_info6 *i6 = &state->pipe_request->info.info6; struct named_pipe_auth_req_info7 *i7 =
&state->pipe_request->info.info7;
struct tstream_npa *npas; struct tstream_npa *npas;
int ret; int ret;
@ -1346,24 +1358,24 @@ int _tstream_npa_accept_existing_recv(
npas->unix_stream = state->plain; npas->unix_stream = state->plain;
npas->file_type = state->file_type; npas->file_type = state->file_type;
if (info6 != NULL) { if (info7 != NULL) {
/* /*
* Make a full copy of "info6" because further down we * Make a full copy of "info7" because further down we
* talloc_move() away substructures from * talloc_move() away substructures from
* state->pipe_request. * state->pipe_request.
*/ */
struct named_pipe_auth_req_info6 *dst = copy_npa_info6( struct named_pipe_auth_req_info7 *dst =
mem_ctx, i6); copy_npa_info7(mem_ctx, i7);
if (dst == NULL) { if (dst == NULL) {
*perrno = ENOMEM; *perrno = ENOMEM;
tevent_req_received(req); tevent_req_received(req);
return -1; return -1;
} }
*info6 = dst; *info7 = dst;
} }
if (transport != NULL) { if (transport != NULL) {
*transport = i6->transport; *transport = i7->transport;
} }
if (remote_client_addr != NULL) { if (remote_client_addr != NULL) {
*remote_client_addr = talloc_move( *remote_client_addr = talloc_move(
@ -1371,7 +1383,8 @@ int _tstream_npa_accept_existing_recv(
} }
if (_remote_client_name != NULL) { if (_remote_client_name != NULL) {
*_remote_client_name = discard_const_p( *_remote_client_name = discard_const_p(
char, talloc_move(mem_ctx, &i6->remote_client_name)); char,
talloc_move(mem_ctx, &i7->remote_client_name));
} }
if (local_server_addr != NULL) { if (local_server_addr != NULL) {
*local_server_addr = talloc_move( *local_server_addr = talloc_move(
@ -1379,10 +1392,11 @@ int _tstream_npa_accept_existing_recv(
} }
if (local_server_name != NULL) { if (local_server_name != NULL) {
*local_server_name = discard_const_p( *local_server_name = discard_const_p(
char, talloc_move(mem_ctx, &i6->local_server_name)); char,
talloc_move(mem_ctx, &i7->local_server_name));
} }
if (session_info != NULL) { if (session_info != NULL) {
*session_info = talloc_move(mem_ctx, &i6->session_info); *session_info = talloc_move(mem_ctx, &i7->session_info);
} }
tevent_req_received(req); tevent_req_received(req);

4
libcli/named_pipe_auth/npa_tstream.h
View File

@ -27,7 +27,7 @@ struct tevent_req;
struct tevent_context; struct tevent_context;
struct auth_session_info_transport; struct auth_session_info_transport;
struct tsocket_address; struct tsocket_address;
struct named_pipe_auth_req_info6; struct named_pipe_auth_req_info7;
struct tevent_req *tstream_npa_connect_send(TALLOC_CTX *mem_ctx, struct tevent_req *tstream_npa_connect_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev, struct tevent_context *ev,
@ -114,7 +114,7 @@ int _tstream_npa_accept_existing_recv(
int *perrno, int *perrno,
TALLOC_CTX *mem_ctx, TALLOC_CTX *mem_ctx,
struct tstream_context **stream, struct tstream_context **stream,
struct named_pipe_auth_req_info6 **info6, struct named_pipe_auth_req_info7 **info7,
enum dcerpc_transport_t *transport, enum dcerpc_transport_t *transport,
struct tsocket_address **remote_client_addr, struct tsocket_address **remote_client_addr,
char **_remote_client_name, char **_remote_client_name,

9
librpc/idl/named_pipe_auth.idl
View File

@ -21,11 +21,10 @@ interface named_pipe_auth
[charset(DOS),string] uint8 *local_server_addr; [charset(DOS),string] uint8 *local_server_addr;
uint16 local_server_port; uint16 local_server_port;
auth_session_info_transport *session_info; auth_session_info_transport *session_info;
boolean8 need_idle_server; } named_pipe_auth_req_info7;
} named_pipe_auth_req_info6;
typedef [switch_type(uint32)] union { typedef [switch_type(uint32)] union {
[case(6)] named_pipe_auth_req_info6 info6; [case(7)] named_pipe_auth_req_info7 info7;
} named_pipe_auth_req_info; } named_pipe_auth_req_info;
typedef [public,gensize] struct { typedef [public,gensize] struct {
@ -41,10 +40,10 @@ interface named_pipe_auth
uint16 file_type; uint16 file_type;
uint16 device_state; uint16 device_state;
hyper allocation_size; hyper allocation_size;
} named_pipe_auth_rep_info6; } named_pipe_auth_rep_info7;
typedef [switch_type(uint32)] union { typedef [switch_type(uint32)] union {
[case(6)] named_pipe_auth_rep_info6 info6; [case(7)] named_pipe_auth_rep_info7 info7;
} named_pipe_auth_rep_info; } named_pipe_auth_rep_info;
typedef [public,gensize] struct { typedef [public,gensize] struct {

2
source3/librpc/idl/rpc_host.idl
View File

@ -31,7 +31,7 @@ interface rpc_host_msg
/** /**
* @brief Auth info inherited from SMB * @brief Auth info inherited from SMB
*/ */
named_pipe_auth_req_info6 *npa_info6; named_pipe_auth_req_info7 *npa_info7;
/** /**
* @brief Raw bind PDU * @brief Raw bind PDU

55
source3/rpc_client/local_np.c
View File

@ -274,17 +274,16 @@ static void np_sock_connect_read_done(struct tevent_req *subreq)
tevent_req_error(req, ndr_map_error2errno(ndr_err)); tevent_req_error(req, ndr_map_error2errno(ndr_err));
return; return;
} }
if (state->npa_rep->level != 6) { if (state->npa_rep->level != 7) {
DBG_DEBUG("npa level = %"PRIu32", expected 6\n", DBG_DEBUG("npa level = %" PRIu32 ", expected 7\n",
state->npa_rep->level); state->npa_rep->level);
tevent_req_error(req, EIO); tevent_req_error(req, EIO);
return; return;
} }
ret = tstream_npa_existing_stream( ret = tstream_npa_existing_stream(state,
state,
&state->transport, &state->transport,
state->npa_rep->info.info6.file_type, state->npa_rep->info.info7.file_type,
&state->npa_stream); &state->npa_stream);
if (ret == -1) { if (ret == -1) {
ret = errno; ret = errno;
@ -498,7 +497,7 @@ struct tevent_req *local_np_connect_send(
{ {
struct tevent_req *req = NULL, *subreq = NULL; struct tevent_req *req = NULL, *subreq = NULL;
struct local_np_connect_state *state = NULL; struct local_np_connect_state *state = NULL;
struct named_pipe_auth_req_info6 *i6 = NULL; struct named_pipe_auth_req_info7 *i7 = NULL;
const char *socket_dir = NULL; const char *socket_dir = NULL;
char *lower_case_pipename = NULL; char *lower_case_pipename = NULL;
struct dom_sid npa_sid = global_sid_Samba_NPA_Flags; struct dom_sid npa_sid = global_sid_Samba_NPA_Flags;
@ -553,14 +552,14 @@ struct tevent_req *local_np_connect_send(
if (tevent_req_nomem(state->npa_req, req)) { if (tevent_req_nomem(state->npa_req, req)) {
return tevent_req_post(req, ev); return tevent_req_post(req, ev);
} }
state->npa_req->level = 6; state->npa_req->level = 7;
i6 = &state->npa_req->info.info6; i7 = &state->npa_req->info.info7;
i6->transport = transport; i7->transport = transport;
/* we don't have "int" in IDL, make sure we don't overflow */ /* we don't have "int" in IDL, make sure we don't overflow */
SMB_ASSERT(i6->transport == transport); SMB_ASSERT(i7->transport == transport);
if (remote_client_name == NULL) { if (remote_client_name == NULL) {
remote_client_name = get_myname(state->npa_req); remote_client_name = get_myname(state->npa_req);
@ -569,7 +568,7 @@ struct tevent_req *local_np_connect_send(
return tevent_req_post(req, ev); return tevent_req_post(req, ev);
} }
} }
i6->remote_client_name = remote_client_name; i7->remote_client_name = remote_client_name;
if (remote_client_addr == NULL) { if (remote_client_addr == NULL) {
struct tsocket_address *addr = NULL; struct tsocket_address *addr = NULL;
@ -581,18 +580,19 @@ struct tevent_req *local_np_connect_send(
} }
remote_client_addr = addr; remote_client_addr = addr;
} }
i6->remote_client_addr = tsocket_address_inet_addr_string( i7->remote_client_addr =
remote_client_addr, state->npa_req); tsocket_address_inet_addr_string(remote_client_addr,
if (i6->remote_client_addr == NULL) { state->npa_req);
if (i7->remote_client_addr == NULL) {
tevent_req_error(req, errno); tevent_req_error(req, errno);
return tevent_req_post(req, ev); return tevent_req_post(req, ev);
} }
i6->remote_client_port = tsocket_address_inet_port(remote_client_addr); i7->remote_client_port = tsocket_address_inet_port(remote_client_addr);
if (local_server_name == NULL) { if (local_server_name == NULL) {
local_server_name = remote_client_name; local_server_name = remote_client_name;
} }
i6->local_server_name = local_server_name; i7->local_server_name = local_server_name;
if (local_server_addr == NULL) { if (local_server_addr == NULL) {
struct tsocket_address *addr = NULL; struct tsocket_address *addr = NULL;
@ -604,23 +604,24 @@ struct tevent_req *local_np_connect_send(
} }
local_server_addr = addr; local_server_addr = addr;
} }
i6->local_server_addr = tsocket_address_inet_addr_string( i7->local_server_addr =
local_server_addr, state->npa_req); tsocket_address_inet_addr_string(local_server_addr,
if (i6->local_server_addr == NULL) { state->npa_req);
if (i7->local_server_addr == NULL) {
tevent_req_error(req, errno); tevent_req_error(req, errno);
return tevent_req_post(req, ev); return tevent_req_post(req, ev);
} }
i6->local_server_port = tsocket_address_inet_port(local_server_addr); i7->local_server_port = tsocket_address_inet_port(local_server_addr);
i6->session_info = talloc_zero( i7->session_info = talloc_zero(state->npa_req,
state->npa_req, struct auth_session_info_transport); struct auth_session_info_transport);
if (tevent_req_nomem(i6->session_info, req)) { if (tevent_req_nomem(i7->session_info, req)) {
return tevent_req_post(req, ev); return tevent_req_post(req, ev);
} }
i6->session_info->session_info = copy_session_info( i7->session_info->session_info =
i6->session_info, session_info); copy_session_info(i7->session_info, session_info);
if (tevent_req_nomem(i6->session_info->session_info, req)) { if (tevent_req_nomem(i7->session_info->session_info, req)) {
return tevent_req_post(req, ev); return tevent_req_post(req, ev);
} }
@ -634,7 +635,7 @@ struct tevent_req *local_np_connect_send(
return tevent_req_post(req, ev); return tevent_req_post(req, ev);
} }
token = i6->session_info->session_info->security_token; token = i7->session_info->session_info->security_token;
status = add_sid_to_array_unique(token, status = add_sid_to_array_unique(token,
&npa_sid, &npa_sid,

86
source3/rpc_server/rpc_host.c
View File

@ -202,7 +202,7 @@ struct rpc_server {
* between RPC servers: netlogon requires samr, everybody * between RPC servers: netlogon requires samr, everybody
* requires winreg. And if a deep call in netlogon asks for a * requires winreg. And if a deep call in netlogon asks for a
* samr connection, this must never end up in the same * samr connection, this must never end up in the same
* process. named_pipe_auth_req_info6->need_idle_server is set * process. named_pipe_auth_req_info7->need_idle_server is set
* in those cases. * in those cases.
*/ */
struct rpc_work_process *workers; struct rpc_work_process *workers;
@ -730,14 +730,14 @@ static int rpc_server_get_endpoints_recv(
* anonymous session info. * anonymous session info.
*/ */
static NTSTATUS rpc_host_generate_npa_info6_from_sock( static NTSTATUS rpc_host_generate_npa_info7_from_sock(
TALLOC_CTX *mem_ctx, TALLOC_CTX *mem_ctx,
enum dcerpc_transport_t transport, enum dcerpc_transport_t transport,
int sock, int sock,
const struct samba_sockaddr *peer_addr, const struct samba_sockaddr *peer_addr,
struct named_pipe_auth_req_info6 **pinfo6) struct named_pipe_auth_req_info7 **pinfo7)
{ {
struct named_pipe_auth_req_info6 *info6 = NULL; struct named_pipe_auth_req_info7 *info7 = NULL;
struct samba_sockaddr local_addr = { struct samba_sockaddr local_addr = {
.sa_socklen = sizeof(struct sockaddr_storage), .sa_socklen = sizeof(struct sockaddr_storage),
}; };
@ -760,26 +760,28 @@ static NTSTATUS rpc_host_generate_npa_info6_from_sock(
tsocket_address_to_name_fn = (transport == NCACN_IP_TCP) ? tsocket_address_to_name_fn = (transport == NCACN_IP_TCP) ?
tsocket_address_inet_addr_string : tsocket_address_unix_path; tsocket_address_inet_addr_string : tsocket_address_unix_path;
info6 = talloc_zero(mem_ctx, struct named_pipe_auth_req_info6); info7 = talloc_zero(mem_ctx, struct named_pipe_auth_req_info7);
if (info6 == NULL) { if (info7 == NULL) {
goto fail; goto fail;
} }
info6->session_info = talloc_zero( info7->session_info =
info6, struct auth_session_info_transport); talloc_zero(info7, struct auth_session_info_transport);
if (info6->session_info == NULL) { if (info7->session_info == NULL) {
goto fail; goto fail;
} }
status = make_session_info_anonymous( status = make_session_info_anonymous(
info6->session_info, &info6->session_info->session_info); info7->session_info,
&info7->session_info->session_info);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
DBG_DEBUG("make_session_info_anonymous failed: %s\n", DBG_DEBUG("make_session_info_anonymous failed: %s\n",
nt_errstr(status)); nt_errstr(status));
goto fail; goto fail;
} }
ret = tsocket_address_bsd_from_samba_sockaddr( ret = tsocket_address_bsd_from_samba_sockaddr(info7,
info6, peer_addr, &taddr); peer_addr,
&taddr);
if (ret == -1) { if (ret == -1) {
status = map_nt_error_from_unix(errno); status = map_nt_error_from_unix(errno);
DBG_DEBUG("tsocket_address_bsd_from_samba_sockaddr failed: " DBG_DEBUG("tsocket_address_bsd_from_samba_sockaddr failed: "
@ -787,22 +789,22 @@ static NTSTATUS rpc_host_generate_npa_info6_from_sock(
strerror(errno)); strerror(errno));
goto fail; goto fail;
} }
remote_client_addr = tsocket_address_to_name_fn(taddr, info6); remote_client_addr = tsocket_address_to_name_fn(taddr, info7);
if (remote_client_addr == NULL) { if (remote_client_addr == NULL) {
DBG_DEBUG("tsocket_address_to_name_fn failed\n"); DBG_DEBUG("tsocket_address_to_name_fn failed\n");
goto nomem; goto nomem;
} }
TALLOC_FREE(taddr); TALLOC_FREE(taddr);
remote_client_name = talloc_strdup(info6, remote_client_addr); remote_client_name = talloc_strdup(info7, remote_client_addr);
if (remote_client_name == NULL) { if (remote_client_name == NULL) {
DBG_DEBUG("talloc_strdup failed\n"); DBG_DEBUG("talloc_strdup failed\n");
goto nomem; goto nomem;
} }
if (transport == NCACN_IP_TCP) { if (transport == NCACN_IP_TCP) {
bool ok = samba_sockaddr_get_port( bool ok = samba_sockaddr_get_port(peer_addr,
peer_addr, &info6->remote_client_port); &info7->remote_client_port);
if (!ok) { if (!ok) {
DBG_DEBUG("samba_sockaddr_get_port failed\n"); DBG_DEBUG("samba_sockaddr_get_port failed\n");
status = NT_STATUS_INVALID_PARAMETER; status = NT_STATUS_INVALID_PARAMETER;
@ -817,8 +819,9 @@ static NTSTATUS rpc_host_generate_npa_info6_from_sock(
goto fail; goto fail;
} }
ret = tsocket_address_bsd_from_samba_sockaddr( ret = tsocket_address_bsd_from_samba_sockaddr(info7,
info6, &local_addr, &taddr); &local_addr,
&taddr);
if (ret == -1) { if (ret == -1) {
status = map_nt_error_from_unix(errno); status = map_nt_error_from_unix(errno);
DBG_DEBUG("tsocket_address_bsd_from_samba_sockaddr failed: " DBG_DEBUG("tsocket_address_bsd_from_samba_sockaddr failed: "
@ -826,22 +829,22 @@ static NTSTATUS rpc_host_generate_npa_info6_from_sock(
strerror(errno)); strerror(errno));
goto fail; goto fail;
} }
local_server_addr = tsocket_address_to_name_fn(taddr, info6); local_server_addr = tsocket_address_to_name_fn(taddr, info7);
if (local_server_addr == NULL) { if (local_server_addr == NULL) {
DBG_DEBUG("tsocket_address_to_name_fn failed\n"); DBG_DEBUG("tsocket_address_to_name_fn failed\n");
goto nomem; goto nomem;
} }
TALLOC_FREE(taddr); TALLOC_FREE(taddr);
local_server_name = talloc_strdup(info6, local_server_addr); local_server_name = talloc_strdup(info7, local_server_addr);
if (local_server_name == NULL) { if (local_server_name == NULL) {
DBG_DEBUG("talloc_strdup failed\n"); DBG_DEBUG("talloc_strdup failed\n");
goto nomem; goto nomem;
} }
if (transport == NCACN_IP_TCP) { if (transport == NCACN_IP_TCP) {
bool ok = samba_sockaddr_get_port( bool ok = samba_sockaddr_get_port(&local_addr,
&local_addr, &info6->local_server_port); &info7->local_server_port);
if (!ok) { if (!ok) {
DBG_DEBUG("samba_sockaddr_get_port failed\n"); DBG_DEBUG("samba_sockaddr_get_port failed\n");
status = NT_STATUS_INVALID_PARAMETER; status = NT_STATUS_INVALID_PARAMETER;
@ -870,22 +873,24 @@ static NTSTATUS rpc_host_generate_npa_info6_from_sock(
TALLOC_FREE(remote_client_name); TALLOC_FREE(remote_client_name);
ret = tsocket_address_unix_from_path( ret = tsocket_address_unix_from_path(
info6, AS_SYSTEM_MAGIC_PATH_TOKEN, &taddr); info7,
AS_SYSTEM_MAGIC_PATH_TOKEN,
&taddr);
if (ret == -1) { if (ret == -1) {
DBG_DEBUG("tsocket_address_unix_from_path " DBG_DEBUG("tsocket_address_unix_from_path "
"failed\n"); "failed\n");
goto nomem; goto nomem;
} }
remote_client_addr = tsocket_address_unix_path( remote_client_addr =
taddr, info6); tsocket_address_unix_path(taddr, info7);
if (remote_client_addr == NULL) { if (remote_client_addr == NULL) {
DBG_DEBUG("tsocket_address_unix_path " DBG_DEBUG("tsocket_address_unix_path "
"failed\n"); "failed\n");
goto nomem; goto nomem;
} }
remote_client_name = talloc_strdup( remote_client_name =
info6, remote_client_addr); talloc_strdup(info7, remote_client_addr);
if (remote_client_name == NULL) { if (remote_client_name == NULL) {
DBG_DEBUG("talloc_strdup failed\n"); DBG_DEBUG("talloc_strdup failed\n");
goto nomem; goto nomem;
@ -893,18 +898,18 @@ static NTSTATUS rpc_host_generate_npa_info6_from_sock(
} }
} }
info6->remote_client_addr = remote_client_addr; info7->remote_client_addr = remote_client_addr;
info6->remote_client_name = remote_client_name; info7->remote_client_name = remote_client_name;
info6->local_server_addr = local_server_addr; info7->local_server_addr = local_server_addr;
info6->local_server_name = local_server_name; info7->local_server_name = local_server_name;
*pinfo6 = info6; *pinfo7 = info7;
return NT_STATUS_OK; return NT_STATUS_OK;
nomem: nomem:
status = NT_STATUS_NO_MEMORY; status = NT_STATUS_NO_MEMORY;
fail: fail:
TALLOC_FREE(info6); TALLOC_FREE(info7);
return status; return status;
} }
@ -993,12 +998,12 @@ static struct tevent_req *rpc_host_bind_read_send(
return req; return req;
} }
status = rpc_host_generate_npa_info6_from_sock( status = rpc_host_generate_npa_info7_from_sock(
state->client, state->client,
transport, transport,
state->sock, state->sock,
peer_addr, peer_addr,
&state->client->npa_info6); &state->client->npa_info7);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
tevent_req_oom(req); tevent_req_oom(req);
return tevent_req_post(req, ev); return tevent_req_post(req, ev);
@ -1030,15 +1035,14 @@ static void rpc_host_bind_read_got_npa(struct tevent_req *subreq)
subreq, struct tevent_req); subreq, struct tevent_req);
struct rpc_host_bind_read_state *state = tevent_req_data( struct rpc_host_bind_read_state *state = tevent_req_data(
req, struct rpc_host_bind_read_state); req, struct rpc_host_bind_read_state);
struct named_pipe_auth_req_info6 *info6 = NULL; struct named_pipe_auth_req_info7 *info7 = NULL;
int ret, err; int ret, err;
ret = tstream_npa_accept_existing_recv( ret = tstream_npa_accept_existing_recv(subreq,
subreq,
&err, &err,
state, state,
&state->npa_stream, &state->npa_stream,
&info6, &info7,
NULL, /* transport */ NULL, /* transport */
NULL, /* remote_client_addr */ NULL, /* remote_client_addr */
NULL, /* remote_client_name */ NULL, /* remote_client_name */
@ -1050,7 +1054,7 @@ static void rpc_host_bind_read_got_npa(struct tevent_req *subreq)
return; return;
} }
state->client->npa_info6 = talloc_move(state->client, &info6); state->client->npa_info7 = talloc_move(state->client, &info7);
subreq = dcerpc_read_ncacn_packet_send( subreq = dcerpc_read_ncacn_packet_send(
state, state->ev, state->npa_stream); state, state->ev, state->npa_stream);
@ -1324,7 +1328,7 @@ again:
} }
} else { } else {
struct auth_session_info_transport *session_info = struct auth_session_info_transport *session_info =
pending_client->client->npa_info6->session_info; pending_client->client->npa_info7->session_info;
uint32_t flags = 0; uint32_t flags = 0;
bool found; bool found;

67
source3/rpc_server/rpc_worker.c
View File

@ -170,7 +170,7 @@ static void rpc_worker_new_client(
int sock) int sock)
{ {
struct dcesrv_context *dce_ctx = worker->dce_ctx; struct dcesrv_context *dce_ctx = worker->dce_ctx;
struct named_pipe_auth_req_info6 *info6 = client->npa_info6; struct named_pipe_auth_req_info7 *info7 = client->npa_info7;
struct tsocket_address *remote_client_addr = NULL; struct tsocket_address *remote_client_addr = NULL;
struct tsocket_address *local_server_addr = NULL; struct tsocket_address *local_server_addr = NULL;
struct dcerpc_binding *b = NULL; struct dcerpc_binding *b = NULL;
@ -259,87 +259,85 @@ static void rpc_worker_new_client(
}; };
if (transport == NCALRPC) { if (transport == NCALRPC) {
ret = tsocket_address_unix_from_path( ret = tsocket_address_unix_from_path(ncacn_conn,
ncacn_conn, info7->remote_client_addr,
info6->remote_client_addr,
&remote_client_addr); &remote_client_addr);
if (ret == -1) { if (ret == -1) {
DBG_DEBUG("tsocket_address_unix_from_path" DBG_DEBUG("tsocket_address_unix_from_path"
"(%s) failed: %s\n", "(%s) failed: %s\n",
info6->remote_client_addr, info7->remote_client_addr,
strerror(errno)); strerror(errno));
goto fail; goto fail;
} }
ncacn_conn->remote_client_name = talloc_strdup( ncacn_conn->remote_client_name =
ncacn_conn, info6->remote_client_name); talloc_strdup(ncacn_conn, info7->remote_client_name);
if (ncacn_conn->remote_client_name == NULL) { if (ncacn_conn->remote_client_name == NULL) {
DBG_DEBUG("talloc_strdup(%s) failed\n", DBG_DEBUG("talloc_strdup(%s) failed\n",
info6->remote_client_name); info7->remote_client_name);
goto fail; goto fail;
} }
ret = tsocket_address_unix_from_path( ret = tsocket_address_unix_from_path(ncacn_conn,
ncacn_conn, info7->local_server_addr,
info6->local_server_addr,
&local_server_addr); &local_server_addr);
if (ret == -1) { if (ret == -1) {
DBG_DEBUG("tsocket_address_unix_from_path" DBG_DEBUG("tsocket_address_unix_from_path"
"(%s) failed: %s\n", "(%s) failed: %s\n",
info6->local_server_addr, info7->local_server_addr,
strerror(errno)); strerror(errno));
goto fail; goto fail;
} }
ncacn_conn->local_server_name = talloc_strdup( ncacn_conn->local_server_name =
ncacn_conn, info6->local_server_name); talloc_strdup(ncacn_conn, info7->local_server_name);
if (ncacn_conn->local_server_name == NULL) { if (ncacn_conn->local_server_name == NULL) {
DBG_DEBUG("talloc_strdup(%s) failed\n", DBG_DEBUG("talloc_strdup(%s) failed\n",
info6->local_server_name); info7->local_server_name);
goto fail; goto fail;
} }
} else { } else {
ret = tsocket_address_inet_from_strings( ret = tsocket_address_inet_from_strings(
ncacn_conn, ncacn_conn,
"ip", "ip",
info6->remote_client_addr, info7->remote_client_addr,
info6->remote_client_port, info7->remote_client_port,
&remote_client_addr); &remote_client_addr);
if (ret == -1) { if (ret == -1) {
DBG_DEBUG("tsocket_address_inet_from_strings" DBG_DEBUG("tsocket_address_inet_from_strings"
"(%s, %" PRIu16 ") failed: %s\n", "(%s, %" PRIu16 ") failed: %s\n",
info6->remote_client_addr, info7->remote_client_addr,
info6->remote_client_port, info7->remote_client_port,
strerror(errno)); strerror(errno));
goto fail; goto fail;
} }
ncacn_conn->remote_client_name = talloc_strdup( ncacn_conn->remote_client_name =
ncacn_conn, info6->remote_client_name); talloc_strdup(ncacn_conn, info7->remote_client_name);
if (ncacn_conn->remote_client_name == NULL) { if (ncacn_conn->remote_client_name == NULL) {
DBG_DEBUG("talloc_strdup(%s) failed\n", DBG_DEBUG("talloc_strdup(%s) failed\n",
info6->remote_client_name); info7->remote_client_name);
goto fail; goto fail;
} }
ret = tsocket_address_inet_from_strings( ret = tsocket_address_inet_from_strings(
ncacn_conn, ncacn_conn,
"ip", "ip",
info6->local_server_addr, info7->local_server_addr,
info6->local_server_port, info7->local_server_port,
&local_server_addr); &local_server_addr);
if (ret == -1) { if (ret == -1) {
DBG_DEBUG("tsocket_address_inet_from_strings" DBG_DEBUG("tsocket_address_inet_from_strings"
"(%s, %" PRIu16 ") failed: %s\n", "(%s, %" PRIu16 ") failed: %s\n",
info6->local_server_addr, info7->local_server_addr,
info6->local_server_port, info7->local_server_port,
strerror(errno)); strerror(errno));
goto fail; goto fail;
} }
ncacn_conn->local_server_name = talloc_strdup( ncacn_conn->local_server_name =
ncacn_conn, info6->local_server_name); talloc_strdup(ncacn_conn, info7->local_server_name);
if (ncacn_conn->local_server_name == NULL) { if (ncacn_conn->local_server_name == NULL) {
DBG_DEBUG("talloc_strdup(%s) failed\n", DBG_DEBUG("talloc_strdup(%s) failed\n",
info6->local_server_name); info7->local_server_name);
goto fail; goto fail;
} }
} }
@ -361,10 +359,10 @@ static void rpc_worker_new_client(
* socket that the client connected to, passed in from * socket that the client connected to, passed in from
* samba-dcerpcd via the binding. For NCACN_NP (root * samba-dcerpcd via the binding. For NCACN_NP (root
* only by unix permissions) we got a * only by unix permissions) we got a
* named_pipe_auth_req_info6 where the transport can * named_pipe_auth_req_info7 where the transport can
* be overridden. * be overridden.
*/ */
transport = info6->transport; transport = info7->transport;
} else { } else {
ret = tstream_bsd_existing_socket( ret = tstream_bsd_existing_socket(
ncacn_conn, sock, &tstream); ncacn_conn, sock, &tstream);
@ -377,7 +375,7 @@ static void rpc_worker_new_client(
sock = -1; sock = -1;
if (security_token_is_system( if (security_token_is_system(
info6->session_info->session_info->security_token) && info7->session_info->session_info->security_token) &&
(transport != NCALRPC)) { (transport != NCALRPC)) {
DBG_DEBUG("System token only allowed on NCALRPC\n"); DBG_DEBUG("System token only allowed on NCALRPC\n");
goto fail; goto fail;
@ -386,11 +384,10 @@ static void rpc_worker_new_client(
ncacn_conn->p.msg_ctx = global_messaging_context(); ncacn_conn->p.msg_ctx = global_messaging_context();
ncacn_conn->p.transport = transport; ncacn_conn->p.transport = transport;
status = dcesrv_endpoint_connect( status = dcesrv_endpoint_connect(dce_ctx,
dce_ctx,
ncacn_conn, ncacn_conn,
ep, ep,
info6->session_info->session_info, info7->session_info->session_info,
global_event_context(), global_event_context(),
DCESRV_CALL_STATE_FLAG_MAY_ASYNC, DCESRV_CALL_STATE_FLAG_MAY_ASYNC,
&dcesrv_conn); &dcesrv_conn);