IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Everything uses talloc in the rpc server nowadays, remove this ancient use of
malloc. This also allows us to remove the free fucntion and let talloc handle
it properly.
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Jul 28 17:41:08 CEST 2011 on sn-devel-104
Avoid code duplication and fix bug where a new pipe was not added to
InternalPipes upon creation in make_server_pipes_struct()
Signed-off-by: Andreas Schneider <asn@samba.org>
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Jul 21 19:50:02 CEST 2011 on sn-devel-104
Put InternalPipes related functions in rpc_handles.c and out of rpc_ncacn_np.c
rpc_handles.c is the only file that really uses them after all and ncacn_np.c
is the wrong place for that stuff.
While ther remove unnecessary wrapper functions now that the InternalPipes
static variable is directly accessible.
Also move all pipes_struct related header stuff in its own rpc_pipes.h header.
Signed-off-by: Andreas Schneider <asn@samba.org>
This is not required any more now that they are the same structure,
and shows the value in having a common structure across the codebase.
In particular, now any additional state that needs to be added to the
auth_session_info will be transparently available across the named
pipe proxy, without a need to modify the mapping layer.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.
This will allow of our session handling to be accomplished with common code.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This makes auth3_session_info identical to auth_session_info
The logic to convert the info3 to a struct auth_user_info is
essentially moved up the stack from the named pipe proxy in
source3/rpc_server to create_local_token().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This ensures that the exact same token is used on both sides of the
pipe, when a full token is passed (ie, source3 to source3, but not yet
source4 to to source3 as the unix info isn't calculated there yet).
If we do not have unix_token, we fall back to the old behaviour and go
via create_local_token(). (However, in this case the security_token
is now overwritten, as it is better to have it match the rest of the
session_info create_local_token() builds).
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)
The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
For me this fixes
==1950== Invalid read of size 4
==1950== at 0x81EBED5: GUID_equal (uuid.c:239)
==1950== by 0x81E51AB: ndr_syntax_id_equal (ndr_misc.c:35)
==1950== by 0x82EB0D1: get_iface_from_syntax (rpc_common.c:160)
==1950== by 0x82EB25E: get_pipe_name_from_syntax (rpc_common.c:179)
==1950== by 0x8509E4F: close_policy_by_pipe (rpc_handles.c:322)
==1950== by 0x8507941: close_internal_rpc_pipe_hnd (rpc_ncacn_np.c:109)
==1950== by 0x468270: _talloc_free_internal (talloc.c:826)
==1950== by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950== by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950== by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950== by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950== by 0x80E6487: sam_trusted_domains (winbindd_samr.c:406)
==1950== Address 0x687ea4 is 20 bytes inside a block of size 40 free'd
==1950== at 0x58CDC: free (in /usr/local/lib/valgrind/vgpreload_memcheck-x86-freebsd.so)
==1950== by 0x8507812: free_pipe_rpc_context_internal (rpc_ncacn_np.c:74)
==1950== by 0x8507936: close_internal_rpc_pipe_hnd (rpc_ncacn_np.c:106)
==1950== by 0x468270: _talloc_free_internal (talloc.c:826)
==1950== by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950== by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950== by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950== by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950== by 0x80E6487: sam_trusted_domains (winbindd_samr.c:406)
==1950== by 0x80C2F85: trusted_domains (winbindd_cache.c:2820)
==1950== by 0x80D5188: winbindd_dual_list_trusted_domains (winbindd_misc.c:162)
==1950== by 0x80E987F: wb_child_request_trigger (winbindd_dual.c:437)
==1950==
Andreas, Guenther, please check!
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Jun 5 13:19:39 CEST 2011 on sn-devel-104
This way we can configure which rpc service we actually want to connect to.
By default it uses an "embedded" interface and calls rpc_pipe_open_internal()
Signed-off-by: Günther Deschner <gd@samba.org>
Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri May 13 14:40:26 CEST 2011 on sn-devel-104
This changes auth_session_info_transport to just be a wrapper, rather
than a copy that has to be kept in sync.
As auth_session_info was already wrapped in python, this required
changes to the existing pyauth wrapper and it's users.
Andrew Bartlett
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.
The structure is also not ideal for it's current purpose. Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session. This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.
(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
This will allow the auth_serversupplied_info struct to be migrated
to auth_session_info easier.
Adnrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
This changes the structure being used to convey the current user state
from the netlogon-derived 'netr_SamInfo3' structure to a purpose-built
structure that matches the internals of the Samba auth subsystem and
contains the final group list, as well as the final privilege set and
session key.
These previously had to be re-created on the server side of the pipe
each time.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
They are needed for the callers in rpc_server/srv_pipe_hnd.c.
It seems I only looked at the caller in rpc_server/rpc_ncacn_np.c
when I've done the change of commit e55426fe79.
Thanks Volker for finding this :-)
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Feb 7 11:40:20 CET 2011 on sn-devel-104