1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-28 17:47:29 +03:00

98 Commits

Author SHA1 Message Date
Andrew Tridgell
af237084ec r7633: this patch started as an attempt to make the dcerpc code use a given
event_context for the socket_connect() call, so that when things that
use dcerpc are running alongside anything else it doesn't block the
whole process during a connect.

Then of course I needed to change any code that created a dcerpc
connection (such as the auth code) to also take an event context, and
anything that called that and so on .... thus the size of the patch.

There were 3 places where I punted:

  - abartlet wanted me to add a gensec_set_event_context() call
    instead of adding it to the gensec init calls. Andrew, my
    apologies for not doing this. I didn't do it as adding a new
    parameter allowed me to catch all the callers with the
    compiler. Now that its done, we could go back and use
    gensec_set_event_context()

  - the ejs code calls auth initialisation, which means it should pass
    in the event context from the web server. I punted on that. Needs fixing.

  - I used a NULL event context in dcom_get_pipe(). This is equivalent
    to what we did already, but should be fixed to use a callers event
    context. Jelmer, can you think of a clean way to do that?

I also cleaned up a couple of things:

 - libnet_context_destroy() makes no sense. I removed it.

 - removed some unused vars in various places
(This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2007-10-10 13:18:15 -05:00
Andrew Tridgell
ee30cf3b1d r7497: add timeouts to all rpc requests. The default timeout is 60
seconds. This should prevent the problem I am seeing on a solaris box
where a rpc request gets stuck forever
(This used to be commit c24ab34813d675b9b81f3062fb6f30aae5697805)
2007-10-10 13:18:00 -05:00
Jelmer Vernooij
fcc74fc060 r7313: Prefix a few functions with ncacn_ rather then dcerpc_ because they are
ncacn_ specific
(This used to be commit 875cce126878172eedb43b4ecab3970ea9d82e4a)
2007-10-10 13:17:41 -05:00
Jelmer Vernooij
430dc36c1a r7312: Add IDL for ncadg packets.
(This used to be commit 2009a430b03c685dd65bd573e70d3618f2e0dd0f)
2007-10-10 13:17:40 -05:00
Jelmer Vernooij
e427f58622 r6973: Merge new version of pidl into the main SAMBA_4_0 branch.
The main difference in this new version is the extra data structure generated
between the IDL data structure and the NDR parser:

IDL -> NDR -> { ndr_parser, ndr_header, eparser, etc }

This makes the ndr_parser.pm internals much more sane.

Other changes include:

- Remove unnecessary calls with NDR_BUFFERS (for example, GUID doesn't have any buffers, just scalars) as well as some (unnecessary) nested setting of flags.
- Parse array loops in the C code rather then calling ndr_pull_array(). This allows us to have, for example, arrays of pointers or arrays of pointers to arrays, etc..
- Use if() {} rather then if () goto foo; everywhere
- NDR_IN no longer implies LIBNDR_FLAG_REF_ALLOC
- By default, top level pointers are now "ref" (as is the default in
  most other IDL compilers). This can be overridden using the
  default_pointer_top() property.
- initial work on new ethereal parser generators by Alan DeKok and me
- pidl now writes errors in the standard format used by compilers, which
  is parsable by most editors
- ability to warn about the fact that pidl extension(s) have been used,
  useful for making sure IDL files work with other IDL compilers.

oh, and there's probably some other things I can't think of right now..
(This used to be commit 13cf227615f6b9e0e5fa62e59197024410254f01)
2007-10-10 13:17:01 -05:00
Andrew Bartlett
645711c602 r5941: Commit this patch much earlier than I would normally prefer, but metze needs a working tree...
The main volume of this patch was what I started working on today:
 - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context.
 - Uses sepereate inner loops for some of the DCE/RPC tests

The other and more important part of this patch fixes issues
surrounding the new credentials framwork:

This makes the struct cli_credentials always a talloc() structure,
rather than on the stack.  Parts of the cli_credentials code already
assumed this.

There were other issues, particularly in the DCERPC over SMB handling,
as well as little things that had to be tidied up before test_w2k3.sh
would start to pass.

Andrew Bartlett
(This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10 13:11:11 -05:00
Stefan Metzmacher
9bec9cb6b8 r5488: - let the request be a child of the pipe struct
to fix dcerpc_pipe_close() on a secondary connection,
  while the callers mem_ctx of a request is still valid

- fix up some memory contexts

TODO: split up output mem_ctx from ndr_pull context

metze
(This used to be commit 0bcbd694e903a3caeb0daa81b2f115ec8a1b93d5)
2007-10-10 13:10:50 -05:00
Andrew Tridgell
131dc76d56 r5197: moved events code to lib/events/ (suggestion from metze)
(This used to be commit 7f54c8a339f36aa43c9340be70ab7f0067593ef2)
2007-10-10 13:09:30 -05:00
Andrew Tridgell
66170ef8b3 r5185: make all the events data structures private to events.c. This will
make it possible to add optimisations to the events code such as
keeping the next timed event in a sorted list, and using epoll for
file descriptor events.

I also removed the loop events code, as it wasn't being used anywhere,
and changed timed events to always be one-shot (as adding a new timed
event in the event handler is so easy to do if needed)
(This used to be commit d7b4b6de51342a65bf46fce772d313f92f8d73d3)
2007-10-10 13:09:29 -05:00
Stefan Metzmacher
d8d3a5ffe3 r5137: fix types
metze
(This used to be commit add1c579375d08040f722946da31ee3862f9e7ac)
2007-10-10 13:09:26 -05:00
Andrew Tridgell
759da3b915 r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for the
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10 13:09:15 -05:00
Andrew Tridgell
e74b3ed6f1 r4618: - tidied up the alter_context client code a bit
- there is no alter_nak or alter_ack packet, its all done in an
  alter_response

- auto-allocated the contex_ids

- tried to fix up the dcom code to work again with
  alter_context. Jelmer, please take a look :)
(This used to be commit dd1c54add8884376601f2f8a56c01bfb8add030c)
2007-10-10 13:08:34 -05:00
Andrew Tridgell
ab9ca55926 r4617: basic alter_context requests now work in our client library. The test
just does a simple LSA/DSSETUP combo, which is what w2k does in the
ACL editor rpc calls that triggered this work
(This used to be commit 0129ec947aa1fa5a7104dc3a666af3cb9bd104f1)
2007-10-10 13:08:34 -05:00
Andrew Tridgell
6836f5d0b1 r4616: the first phase in the addition of proper support for
dcerpc_alter_context and multiple context_ids in the dcerpc client
library.

This stage does the following:

 - split "struct dcerpc_pipe" into two parts, the main part being "struct dcerpc_connection", which
   contains all the parts not dependent on the context, and "struct dcerpc_pipe" which has
   the context dependent part. This is similar to the layering in libcli_*() for SMB

 - disable the current dcerpc_alter code. I've used a #warning until i
   get the 2nd phase finished. I don't know how portable #warning is, but
   it won't be long before I add full alter context support anyway, so it won't last long

 - cleanup the allocation of dcerpc_pipe structures. The previous code
   was quite awkward.
(This used to be commit 4004c69937be7e5dae56f9567ca607f982d395d3)
2007-10-10 13:08:34 -05:00
Andrew Tridgell
11ce2cfd70 r4591: - converted the other _p talloc functions to not need _p
- added #if TALLOC_DEPRECATED around the _p functions

- fixes the code that broke from the above

while doing this I fixed quite a number of places that were
incorrectly using the non type-safe talloc functions to use the type
safe ones. Some were even doing multiplies for array allocation, which
is potentially unsafe.
(This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
2007-10-10 13:08:30 -05:00
Andrew Tridgell
ddc10d4d37 r4549: got rid of a lot more uses of plain talloc(), instead using
talloc_size() or talloc_array_p() where appropriate.

also fixed a memory leak in pvfs_copy_file() (failed to free a memory
context)
(This used to be commit 89b74b53546e1570b11b3702f40bee58aed8c503)
2007-10-10 13:08:25 -05:00
Andrew Tridgell
58d9adf409 r4526: - much simpler (and more accurate!) ndr_size_*() code generation. It
is less efficient, but I really doubt that matters.

- use enum in epmapper.idl for protocol type

- added support for "enum8bit" flag, used in epmapper.idl
(This used to be commit 1a24a50384b7f588844cd012f1218ca242ca4507)
2007-10-10 13:08:18 -05:00
Andrew Tridgell
f4b349127b r4479: added the function talloc_autofree_context() which returns a talloc context that
will automatically be freed on program exit. This is useful for reducing
clutter in leak reports
(This used to be commit cf73dda652e0a121901f22771104be6751c0fcb9)
2007-10-10 13:08:10 -05:00
Andrew Bartlett
0f1444b772 r4358: At metze's request, the Christmas elves have removed gensec_end in
favor of talloc_free().

Andrew Bartlett
(This used to be commit 1933cd12fbaed56e13f2386b19de6ade99bf9478)
2007-10-10 13:07:37 -05:00
Andrew Tridgell
b7f53e9d18 r4115: check for gensec errors before calling memcpy on a set of credentials,
otherwise the creds structure might be invalid
(This used to be commit 76285b3390f20366d53c7b2509ac07e1f88f7309)
2007-10-10 13:06:28 -05:00
Stefan Metzmacher
9b50dba87e r4086: - make dcerpc_ndr_request_table_send() the default and rename it to just
dcerpc_ndr_request_send()
- this allows us to call dcerpc_log_packet() when we receive a packet we
  can't parse correctly

metze
(This used to be commit a7a6cea112a180a28188997ca99f30d8dd286bb8)
2007-10-10 13:06:25 -05:00
Stefan Metzmacher
37e2570632 r4081: use clearer names
metze
(This used to be commit 5d7d6f02cf1aa731d371c97054480d83d85102cb)
2007-10-10 13:06:24 -05:00
Andrew Tridgell
6e6374cb5b r4055: fixed more places to use type safe allocation macros
(This used to be commit eec698254f67365f27b4b7569fa982e22472aca1)
2007-10-10 13:06:20 -05:00
Jelmer Vernooij
a0fa682faa r3861: - Put ndr and rpc client code in seperate files
- Add some const
(This used to be commit a00bda88e1b6abdc36e5aa8c2a35f64855f67c96)
2007-10-10 13:05:58 -05:00
Jelmer Vernooij
46badf1908 r3790: use a registration function that is called from dcerpc_*_init functions
rather then a large table in librpc/gen_ndr/tables.c. This will allow us
to only link in only the required gen_ndr files (speeds up linking quite a
bit, makes binaries smaller).

Each gen_ndr_* file now has a init function that calls the init functions
of the interfaces it contains. I did it this way to keep pidl's code simple,
though it might hurt startup time a bit. I'd be happy to change it if
people like one function better.
(This used to be commit 3c436590ae95b58ad6d00e72d6fdd08a4d80f208)
2007-10-10 13:05:53 -05:00
Jelmer Vernooij
8c2e179d47 r3611: DCOM client support works!!
The torture test DCOM-SIMPLE now successfully does an
IStream_Read and a IStream_Write call.

This test can now be run successfully against the "Simple DCOM" Visual
Studio example.

(You have to quote out line 337 in pidl. pidl complains if the variable
 that contains the array size follows the array. I still need to fix this
 properly)

Next goals:
 - Clean up code
 - Server side support
 - Support custom marshalling
 - Support DCOM interfaces in files other then dcom.idl
(This used to be commit 8693344772a9b700533179f4bacfe27ec27dfcfe)
2007-10-10 13:05:39 -05:00
Jelmer Vernooij
f2d715cd85 r3606: More DCOM fixes:
- OXID tables work now. IOXIDResolver is used if there is used for getting a STRINGBINDING if none is known yet
 - Add custom dissectors for STRINGARRAY and DUALSTRINGARRAY. If there's a way to get rid of these later on (by supporting them thru pidl somehow), I'd be happy to use that instead of doing it manually.

I can now get to the point where we have created an object and are connected to
it. The only thing left to do is being able to set the Object UUID properly..
(This used to be commit 54e1e5edca50d3cd496c080715e84ec62cb2a10c)
2007-10-10 13:05:38 -05:00
Jelmer Vernooij
485df40bf9 r3601: Lots of smaller DCOM updates and fixes. Adds oxid tables, proper
use of contexts.
(This used to be commit 93eb3cd99c4fb065a69eabcead0c33804259c976)
2007-10-10 13:05:38 -05:00
Jelmer Vernooij
71db46ea66 r3586: Fix some of the issues with the module init functions.
Both subsystems and modules can now have init functions, which can be
specified in .mk files (INIT_FUNCTION = ...)

The build system will define :
 - SUBSYSTEM_init_static_modules that calls the init functions of all statically compiled modules. Failing to load will generate an error which is not fatal
 - BINARY_init_subsystems that calls the init functions (if defined) for the subsystems the binary depends on

This removes the hack with the "static bool Initialised = " and the
"lazy_init" functions
(This used to be commit 7a8244761bfdfdfb48f8264d76951ebdfbf7bd8a)
2007-10-10 13:05:36 -05:00
Jelmer Vernooij
6d3c74a67b r3513: Add (the infrastructure for) DCOM support. Contents:
- Support for sending over the object UUID in DCERPC calls
 - Simple torture test for the DCOM "Simple" object
 - Generate extra argument for "object" interfaces in pidl
 - Some stubs for common DCOM functions
(This used to be commit c052f2e1edd816206d8974af3140cec7ef97a70c)
2007-10-10 13:05:23 -05:00
Andrew Tridgell
3643fb1109 r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ioctl.h)
(This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
2007-10-10 13:05:17 -05:00
Andrew Tridgell
90067934cd r3428: switched to using minimal includes for the auto-generated RPC code.
The thing that finally convinced me that minimal includes was worth
pursuing for rpc was a compiler (tcc) that failed to build Samba due
to reaching internal limits of the size of include files. Also the
fact that includes.h.gch was 16MB, which really seems excessive. This
patch brings it back to 12M, which is still too large, but
better. Note that this patch speeds up compile times for both the pch
and non-pch case.

This change also includes the addition iof a "depends()" option in our
IDL files, allowing you to specify that one IDL file depends on
another. This capability was needed for the auto-includes generation.
(This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)
2007-10-10 13:05:09 -05:00
Jelmer Vernooij
3b252b765d r3205: Create ncalrpc directory if it didn't exist yet
(This used to be commit 1161c33794cdb16a3d09a66258f46e0020c4aeef)
2007-10-10 13:04:41 -05:00
Andrew Tridgell
34f84aae55 r3103: use a destructor to ensure that on abnormnal rpc request termination
it is removed from the pending list.
(This used to be commit 33176e9751374de3b5dc3f5f9b19c6824140d90a)
2007-10-10 13:02:21 -05:00
Andrew Tridgell
5b44130afa r2671: we're getting too many errors caused by the talloc_realloc() API not
taking a context (so when you pass a NULL pointer you end up with
memory in a top level context). Fixed it by changing the API to take a
context. The context is only used if the pointer you are reallocing is
NULL.
(This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
2007-10-10 12:59:20 -05:00
Andrew Tridgell
223e78990a r2628: got rid of some warnings and converted a few more places to use hierarchical memory allocation
(This used to be commit 26da45a8019a2d6c9ff2ac2a6739c7d0b42b00de)
2007-10-10 12:59:14 -05:00
Andrew Tridgell
642ba4bfee r2614: support CONNECT level DCE/RPC security in both client and
server. CONNECT security uses NTLMSSP, but does not do any signing or
sealing (or equivalently, its like signing, but with a zero filled
checksum).
(This used to be commit f4660857bc708db7f5aa7487bf7ab04bffe68928)
2007-10-10 12:59:12 -05:00
Stefan Metzmacher
6b9b169c27 r2443: check return code of event_loop_once() to catch thet cases where the server
closes the connetion and we got EBADF from select() and event_loop_once() fails

metze
(This used to be commit 9c0e50a6f3d628156b4543d5ded89e06be696f64)
2007-10-10 12:58:54 -05:00
Tim Potter
a502c85fb1 r2399: Display text description of rpc fault in debug message.
(This used to be commit 04aec4c0a3f559f6a9ccfaf990f3a2ff2e6f48df)
2007-10-10 12:58:48 -05:00
Andrew Tridgell
8b7a6df180 r2383: fixed the handling of sending zero length dcerpc packets (I broke this
recently, and this broke the autoidl code)
(This used to be commit 01d66f68f6b21dc9b5c0702edcd4f56daeae9b9d)
2007-10-10 12:58:47 -05:00
Andrew Tridgell
cde1950aea r2304: fixed a bug in old style NTLM signing
(This used to be commit 09651b831d085345dd385bc9777f97e1c0d57c6f)
2007-10-10 12:58:41 -05:00
Andrew Tridgell
f8f2630c0d r2294: this fixes the NTLM2 sign+seal combination. I have now tested:
NTLM sign
 NTLM sign+seal
 NTLM2 sign
 NTLM2 sign+seal

and all of the above both with and without key exchange

the NTLM2 seal case is ugly and involves an extra data copy, which
some API changes in gensec or the ndr layer might avoid in future.
(This used to be commit fce7a4218b3136d880dd1a123e8525e3091bbed8)
2007-10-10 12:58:40 -05:00
Andrew Bartlett
909c9b681a r2284: Thanks to some great detective work by tridge, NTLM2 signing now works.
This means that 'require NTLMv2 session security' now works for RPC
pipe signing.  We don't yet have sealing, but it can't be much further.

This is almost all tridge's code, munged into a form that can work
with the GENSEC API.

This commit also includes more lsakey fixes - that key is used for all
DCE-RPC level authenticated connections, even over CIFS/ncacn_np.

No doubt I missed something, but I'm going to get some sleep :-)

Andrew Bartlett
(This used to be commit a1fe175eec884280fb7e9ca8f528134cf4600beb)
2007-10-10 12:58:39 -05:00
Andrew Tridgell
1512030832 r2275: don't crash on a rpc BIND_NAK response ...
(This used to be commit 22a6e5d50d2d40c2dfc5e36bce1132b92723dd81)
2007-10-10 12:58:37 -05:00
Tim Potter
aeaec31533 r2234: Tridge, this is a patch to allow people to set the REF_ALLOC flag on
a dcerpc_pipe structure as we discussed this morning.
(This used to be commit 79969dc8daf5fdaacd26135a200ecec0b4d7663c)
2007-10-10 12:58:33 -05:00
Andrew Tridgell
eaab3ed2d2 r2185: add a callback function to the dcerpc async API
also add a demonstration of its use in the netlogon async example
(This used to be commit f2a0438c66b999189c1a2ad726e91efd0748eb90)
2007-10-10 12:58:30 -05:00
Andrew Tridgell
4d390df586 r2180: added RPC flags "padcheck" which enables checking of all received pad
bytes to make sure they are zero. Non-zero values usually indicate one
of two things:

 - the server is leaking data through sending uninitialised memory
 - we have mistaken a real field in the IDL for padding

to differentiate between the two you really need to run with
"print,padcheck" and look carefully at whether the non-zero pad bytes
are random or appear to be deliberate.
(This used to be commit 7fdb778f81f14aaab75ab204431e4342a462957a)
2007-10-10 12:58:29 -05:00
Andrew Tridgell
91e645b6d7 r2118: fixed the receipt of bigendian rpc packets with the new async code.
The fix uses the new talloc_increase_ref_count() function in an
interesting way. I suspect this sort of technique will become quite
common.
(This used to be commit a86e629a39baf0ba2a6bb347eb9b72551c1477ff)
2007-10-10 12:58:26 -05:00
Andrew Tridgell
4db64692e7 r2103: in the conversion to async rpc I simplified the smb backend to only
use readx/writex instead of the more efficient SMBtrans calls. This
patch restores the efficiency by using SMBtrans when possible.
(This used to be commit 83fbe080e7fcdf4168d85f654b802dc4538b8984)
2007-10-10 12:58:25 -05:00
Andrew Tridgell
e7f36ff1a5 r2100: rework the dcerpc client side library so that it is async. We now
generate a separate *_send() async function for every RPC call, and
there is a single dcerpc_ndr_request_recv() call that processes the
receive side of any rpc call. The caller can use
dcerpc_event_context() to get a pointer to the event context for the
pipe so that events can be waited for asynchronously.

The only part that remains synchronous is the initial bind
calls. These could also be made async if necessary, although I suspect
most applications won't need them to be.
(This used to be commit f5d004d8eb8c76c03342cace1976b27266cfa1f0)
2007-10-10 12:58:24 -05:00