1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

49 Commits

Author SHA1 Message Date
Andreas Schneider
fd6041a220 s3-rpc_server: Fix null pointer derefs in rpc_pipe_open_interface().
Found by Coverity and asn ;)

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2012-12-21 13:56:01 +01:00
Stefan Metzmacher
d18591c97e s3:rpc_server: avoid a level 0 DEBUG if tstream_npa_connect_recv fails (bug #9309)
metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat Oct 20 12:56:23 CEST 2012 on sn-devel-104
2012-10-20 12:56:23 +02:00
Andreas Schneider
fae6091f1d s3-rpc_server: Make it possible to use more rpc exceptions. 2012-07-06 10:00:56 +02:00
Jelmer Vernooij
95ca5fbadd libndr: Rename ndr64_transfer_syntax and null_ndr_syntax_id so they have a ndr_ prefix.
This makes the NDR namespace a bit clearer, in preparation of ABI checking.
2012-03-20 13:54:07 +01:00
Stefan Metzmacher
8602e8a536 s3:rpc_server: let rpcint handles return NT_STATUS_CONNECTION_DISCONNECTED
We should return the same in all places.

metze
2011-09-14 18:03:17 +02:00
Andreas Schneider
eb8a0c7672 s3-winbind: We need to use internal rpc connections in winbind.
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
2011-08-21 09:05:04 -04:00
Simo Sorce
ef24917b5a s3-rpc_server: Use rpc_service_mode() in rpc_pipe_open_interface()
Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Simo Sorce <idra@samba.org>
2011-08-21 09:05:03 -04:00
Simo Sorce
e84c7a2e26 s3-rpc_server: Use talloc for pipe_rpc_fns
Everything uses talloc in the rpc server nowadays, remove this ancient use of
malloc. This also allows us to remove the free fucntion and let talloc handle
it properly.

Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Jul 28 17:41:08 CEST 2011 on sn-devel-104
2011-07-28 17:41:08 +02:00
Simo Sorce
156a0ffe54 s3-rpc_server: Create common function to allocate pipes_struct
Avoid code duplication and fix bug where a new pipe was not added to
InternalPipes upon creation in make_server_pipes_struct()

Signed-off-by: Andreas Schneider <asn@samba.org>

Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Jul 21 19:50:02 CEST 2011 on sn-devel-104
2011-07-21 19:50:02 +02:00
Simo Sorce
759a04e58a s3-rpc_server: Move pipe/handles functions
Put InternalPipes related functions in rpc_handles.c and out of rpc_ncacn_np.c
rpc_handles.c is the only file that really uses them after all and ncacn_np.c
is the wrong place for that stuff.
While ther remove unnecessary wrapper functions now that the InternalPipes
static variable is directly accessible.

Also move all pipes_struct related header stuff in its own rpc_pipes.h header.

Signed-off-by: Andreas Schneider <asn@samba.org>
2011-07-21 18:40:23 +02:00
Andreas Schneider
4a6a588e44 s3-rpc_server: We need to copy the session_info for external pipes.
Andrew please check!
2011-07-21 18:40:23 +02:00
Andrew Bartlett
03b153ce54 s3-rpc_server remove per-element copies of auth_session_info
This is not required any more now that they are the same structure,
and shows the value in having a common structure across the codebase.

In particular, now any additional state that needs to be added to the
auth_session_info will be transparently available across the named
pipe proxy, without a need to modify the mapping layer.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:13 +10:00
Andrew Bartlett
9fcc617ff5 s3-auth Use the common auth_session_info
This patch finally has the same structure being used to describe the
authorization data of a user across the whole codebase.

This will allow of our session handling to be accomplished with common code.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:13 +10:00
Andrew Bartlett
128ae06a61 s3-auth use auth_user_info not netr_SamInfo3 in auth3_session_info
This makes auth3_session_info identical to auth_session_info

The logic to convert the info3 to a struct auth_user_info is
essentially moved up the stack from the named pipe proxy in
source3/rpc_server to create_local_token().

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:13 +10:00
Andrew Bartlett
8d72e612ac s3-rpc_server read and write the unix_token and unix_info across named_pipe_auth
This ensures that the exact same token is used on both sides of the
pipe, when a full token is passed (ie, source3 to source3, but not yet
source4 to to source3 as the unix info isn't calculated there yet).

If we do not have unix_token, we fall back to the old behaviour and go
via create_local_token().  (However, in this case the security_token
is now overwritten, as it is better to have it match the rest of the
session_info create_local_token() builds).

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:13 +10:00
Andrew Bartlett
f16d8f4eb8 s3-auth Use struct auth3_session_info outside the auth subsystem
This seperation between the structure used inside the auth modules and
in the wider codebase allows for a gradual migration from struct
auth_serversupplied_info -> struct auth_session_info (from auth.idl)

The idea here is that we keep a clear seperation between the structure
before and after the local groups, local user lookup and the session
key modifications have been processed, as the lack of this seperation
has caused issues in the past.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:10 +10:00
Andrew Bartlett
55ad1da888 Add my copyright
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-20 09:17:09 +10:00
Andreas Schneider
2bcbeea05e s3-rpc_server: Remove client_id and server_id from pipes struct.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-07-04 18:28:43 +10:00
Andreas Schneider
541f3cf639 s3-rpc_server: Migrate rpc function to tsocket_address.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2011-07-04 18:27:58 +10:00
Andrew Bartlett
ad0a07c531 s3-talloc Change TALLOC_ZERO_P() to talloc_zero()
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
2011-06-09 12:40:08 +02:00
Volker Lendecke
114fbc385c s3: Fix a valgrind error
For me this fixes

==1950== Invalid read of size 4
==1950==    at 0x81EBED5: GUID_equal (uuid.c:239)
==1950==    by 0x81E51AB: ndr_syntax_id_equal (ndr_misc.c:35)
==1950==    by 0x82EB0D1: get_iface_from_syntax (rpc_common.c:160)
==1950==    by 0x82EB25E: get_pipe_name_from_syntax (rpc_common.c:179)
==1950==    by 0x8509E4F: close_policy_by_pipe (rpc_handles.c:322)
==1950==    by 0x8507941: close_internal_rpc_pipe_hnd (rpc_ncacn_np.c:109)
==1950==    by 0x468270: _talloc_free_internal (talloc.c:826)
==1950==    by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950==    by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950==    by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950==    by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950==    by 0x80E6487: sam_trusted_domains (winbindd_samr.c:406)
==1950==  Address 0x687ea4 is 20 bytes inside a block of size 40 free'd
==1950==    at 0x58CDC: free (in /usr/local/lib/valgrind/vgpreload_memcheck-x86-freebsd.so)
==1950==    by 0x8507812: free_pipe_rpc_context_internal (rpc_ncacn_np.c:74)
==1950==    by 0x8507936: close_internal_rpc_pipe_hnd (rpc_ncacn_np.c:106)
==1950==    by 0x468270: _talloc_free_internal (talloc.c:826)
==1950==    by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950==    by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950==    by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950==    by 0x467EE0: _talloc_free_internal (talloc.c:1268)
==1950==    by 0x80E6487: sam_trusted_domains (winbindd_samr.c:406)
==1950==    by 0x80C2F85: trusted_domains (winbindd_cache.c:2820)
==1950==    by 0x80D5188: winbindd_dual_list_trusted_domains (winbindd_misc.c:162)
==1950==    by 0x80E987F: wb_child_request_trigger (winbindd_dual.c:437)
==1950==

Andreas, Guenther, please check!

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Jun  5 13:19:39 CEST 2011 on sn-devel-104
2011-06-05 13:19:39 +02:00
Andreas Schneider
4640d908f7 s3-rpc_server: Remove unused variable pipes_open. 2011-06-01 12:02:16 +02:00
Andreas Schneider
f086057ce8 s3-rpc_server: Remove syntax from pipes_struct. 2011-06-01 12:02:16 +02:00
Andreas Schneider
6e8c7d0834 s3-rpc_server: Use the correct context syntax. 2011-06-01 12:02:15 +02:00
Andrew Bartlett
c615ebed6e s3-lib Replace StrCaseCmp() with strcasecmp_m()
strcasecmp_m() never needs to call to talloc, and via next_codepoint()
still has an ASCII fast-path bypassing iconv() calls.

Andrew Bartlett
2011-05-18 16:12:08 +02:00
Simo Sorce
d31181214c rpc_server: Always use rpc_pipe_open_interface()
This way we can configure which rpc service we actually want to connect to.
By default it uses an "embedded" interface and calls rpc_pipe_open_internal()

Signed-off-by: Günther Deschner <gd@samba.org>

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri May 13 14:40:26 CEST 2011 on sn-devel-104
2011-05-13 14:40:26 +02:00
Günther Deschner
50883cfeb4 s3-tevent: only include ../lib/util/tevent wrappers where needed.
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Fri Apr 29 14:00:30 CEST 2011 on sn-devel-104
2011-04-29 14:00:30 +02:00
Günther Deschner
12476223c6 s3-tsocket: only include ../lib/tsocket/tsocket.h where needed.
Guenther
2011-04-29 12:19:04 +02:00
Andrew Bartlett
663dc94e63 auth: Move auth_session_info into IDL
This changes auth_session_info_transport to just be a wrapper, rather
than a copy that has to be kept in sync.

As auth_session_info was already wrapped in python, this required
changes to the existing pyauth wrapper and it's users.

Andrew Bartlett
2011-04-05 23:46:04 +02:00
Andrew Bartlett
ff9b6682a0 s3-auth Rename user_session_key -> session_key to match auth_session_info 2011-04-05 06:32:07 +10:00
Günther Deschner
6e3f0d28a4 s3-includes: only include ntdomain.h where needed.
Guenther
2011-03-30 01:13:09 +02:00
Günther Deschner
146c1aac99 s3-auth: rpc_server needs auth.h
Guenther
2011-03-30 01:13:09 +02:00
Andreas Schneider
2cb797456a s3-rpc_server: Fixed rpc_pipe_open_internal documentation.
Signed-off-by: Günther Deschner <gd@samba.org>
2011-03-29 16:03:54 +02:00
Andreas Schneider
8dc5805738 s3-rpc_server: Only allow embedded, daemon and external server type.
Signed-off-by: Günther Deschner <gd@samba.org>
2011-03-29 16:03:53 +02:00
Andreas Schneider
cc5b88545d s3-rpc_server: Introduce transport in pipe_struct.
Signed-off-by: Günther Deschner <gd@samba.org>
2011-03-08 11:41:30 +01:00
Andreas Schneider
bf18403c81 s3-rpc_client: Move client pipe functions to own header. 2011-02-28 18:15:04 +01:00
Andrew Bartlett
2e69e89456 s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_info
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.

The structure is also not ideal for it's current purpose.  Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session.  This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.

(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-02-22 16:20:10 +11:00
Andrew Bartlett
2b05ba77b4 s3-auth Rename cryptic 'ptok' to security_token
This will allow the auth_serversupplied_info struct to be migrated
to auth_session_info easier.

Adnrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-02-10 06:51:06 +01:00
Andrew Bartlett
d66150c14d libcli/named_pipe_auth Change from 'info3' to auth_session_info_transport
This changes the structure being used to convey the current user state
from the netlogon-derived 'netr_SamInfo3' structure to a purpose-built
structure that matches the internals of the Samba auth subsystem and
contains the final group list, as well as the final privilege set and
session key.

These previously had to be re-created on the server side of the pipe
each time.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-02-10 06:51:06 +01:00
Stefan Metzmacher
d04c2c575a s3:rpc_server: create binding_handle in rpc_pipe_open_external()
metze

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Feb  9 12:30:50 CET 2011 on sn-devel-104
2011-02-09 12:30:50 +01:00
Stefan Metzmacher
8111d95655 s3:rpc_server: fix make_external_rpc_pipe_p() and create read and write queues
They are needed for the callers in rpc_server/srv_pipe_hnd.c.

It seems I only looked at the caller in rpc_server/rpc_ncacn_np.c
when I've done the change of commit e55426fe79.

Thanks Volker for finding this :-)

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Feb  7 11:40:20 CET 2011 on sn-devel-104
2011-02-07 11:40:20 +01:00
Stefan Metzmacher
e55426fe79 s3:rpc_client: let rpc_transport_tstream_init() create read and write queue
metze
2010-12-15 15:26:05 +01:00
Andreas Schneider
a8f26f60ec s3-rpc_server: Normalize rpc_pipe_open_interface pipe name.
Autobuild-User: Andreas Schneider <asn@samba.org>
Autobuild-Date: Fri Oct 15 12:15:45 UTC 2010 on sn-devel-104
2010-10-15 12:15:45 +00:00
Andreas Schneider
f22e6cf3b7 s3-rpc_server: Make auth_serversupplied_info const. 2010-10-15 11:34:03 +00:00
Günther Deschner
a88a7c76de s3-dcerpc: no point for printing NDR twice for internal pipes in log level 10.
Guenther
2010-10-01 22:30:22 +02:00
Simo Sorce
b11fff1f48 s3-dcerpc: remove auth_data_free_func
Everything is using a talloc pointer now, no need to have an
accessor function to free data anymore.

Signed-off-by: Günther Deschner <gd@samba.org>
2010-09-23 10:54:24 -07:00
Andreas Schneider
e580c6d88f s3-rpc_server: Use talloc_stackframe. 2010-09-15 12:53:43 +02:00
Simo Sorce
390642a9e6 s3-rpc_server: Moved "external" pipe functions to rpc_ncacn_np.c.
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-09-15 12:53:42 +02:00
Simo Sorce
738c843e99 s3-rpc_server: Renamed rpc_ncacn_np_internal.c.
Signed-off-by: Andreas Schneider <asn@samba.org>
2010-09-15 12:53:42 +02:00