1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

86 Commits

Author SHA1 Message Date
Ralph Boehme
0eecfddd07 s3/rpc_server: install elasticsearch_mappings.json
This was removed accidentally remvoed by
a7c65958a1 because the original code
only installed the json file if the mdssvc was built as module:

     if bld.SAMBA3_IS_ENABLED_MODULE('rpc_mdssvc_module'):
         bld.INSTALL_FILES(bld.env.SAMBA_DATADIR,
                           'mdssvc/elasticsearch_mappings.json')

Installing the json file should just depend on Elasticsearch support
being enabled, regardless of the removed module support.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14961

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Fri Jan 28 10:22:31 UTC 2022 on sn-devel-184
2022-01-28 10:22:31 +00:00
Anoop C S
00c2425c2c s3/rpc_server: Remove duplicate dependency listing for RPC_SERVICE
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Mon Dec 20 10:14:53 UTC 2021 on sn-devel-184
2021-12-20 10:14:53 +00:00
Volker Lendecke
a7c65958a1 s3:rpc_server: Activate samba-dcerpcd
This is the big switch to use samba-dcerpcd for the RPC services in
source3/. It is a pretty big and unordered patch, but I don't see a
good way to split this up into more manageable pieces without
sacrificing bisectability even more. Probably I could cut out a few
small ones, but a major architechtural switch like this will always be
messy.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-12-10 14:02:30 +00:00
Volker Lendecke
d522a8cce1 s3:rpc_server: Add samba-dcerpcd helper programs
These are rpcd_* binaries.

rpcd_classic collects everything that's not specific

Changes the epmapper to read the epmdb.tdb, which will make the
epmapper tests non-bisectable until the switch is done.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-12-10 14:02:30 +00:00
Volker Lendecke
d3e1ece1a4 s3:rpc_server: Implement the rpcd_* helper-end of the samba-dcerpc protocol
This is the generic code that becomes the
template that all rpcd_* instances that
serve DCERPC can use to provide services to samba-dcerpcd.

The external entry point is:
rpc_worker_main() which takes an argc/argv list
and two functions:

get_interfaces() - List all interfaces that this server provides
get_servers() - Provide the RPC server implementations

Each rpcd_* service needs only to provide
the implementations of get_interfaces() and get_servers()
and call rpc_worker_main() from their main() function
to provide services that can be connected to from samba-dcerpcd.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-12-10 14:02:30 +00:00
Volker Lendecke
3ca7c640da s3:rpc_server: Add samba-dcerpcd
Central dispatcher for incoming RPC requests, supported by helpers
that implement RPC services.

Upon startup, it asks all helpers which interfaces and endpoints to
listen on so it doesn't interfere with the samba binary when we're
configured as an Active Directory Domain Controller, then samba-dcerpcd
opens the relevant sockets. Once clients connect, start required helpers
and tell them to shut down once idle for a while.

Can be started as a full standalone daemon without smbd involved or as
a helper daemon started on demand by smbd or winbind or other local
processes trying to connect to a named pipe based RPC service.

NB. To start as a standalone daemon the smb.conf [global] option
"rpc start on demand helpers = false" must be set.
By default "rpc start on demand helpers = true"
in order to allow upgrades without needing an smb.conf change.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-12-10 14:02:30 +00:00
Ralph Boehme
6c421f523b s3/rpc_server: add deps of rpc_mdssvc_module
This allows removing allow_undefined_symbols=True.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jan 14 16:05:10 UTC 2021 on sn-devel-184
2021-01-14 16:05:10 +00:00
Andreas Schneider
c6a21e1897 s3:rpc_server: Allow to use RC4 for setting passwords
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2020-10-29 14:19:36 +00:00
Andrew Bartlett
d4a9e882f6 Revert "build: fix the coverage build"
This reverts commit 3e072b3fb7.

This is no longer required now that --noline is set globally
and that is a much nicer solution.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2020-08-07 03:23:44 +00:00
Samuel Cabrero
10cea64e4c s3: rpc_server: Remove dead code
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:37 +00:00
Samuel Cabrero
9496e0523e s3:rpc_server: Remove dead code
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Samuel Cabrero <scabrero@samba.org>
Autobuild-Date(master): Fri Mar 20 17:11:28 UTC 2020 on sn-devel-184
2020-03-20 17:11:28 +00:00
Samuel Cabrero
e8e4ecfb8b s3:rpc_server: Do not generate and build s3 RPC server code
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:36 +00:00
Samuel Cabrero
04172e966b s3:rpc_server: Remove s3 rpc server loop
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:36 +00:00
Samuel Cabrero
dc1d34d388 s3:rpc_server: Include generated boilerplate code
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:31 +00:00
Gary Lockyer
3e072b3fb7 build: fix the coverage build
"make lcov" was failing with:
   Processing file bin/default/<stdout>
   genhtml: ERROR: cannot read ... <stdout>

Flex adds "#line nnn <stdout>" to the generated source, which then causes
issues with lcov. This commit adds a SAMBA_GENERATOR for es_lexer.l and
sparql_lexer.l that strips out the offending lines.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-27 01:02:32 +00:00
Isaac Boukris
0f855f1ab9 smbdes: add des_crypt56_gnutls() using DES-CBC with zeroed IV
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 00:30:30 +00:00
Ralph Boehme
f5510d7db3 s3:mdssvc: add Elasticsearch backend
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
2019-10-09 14:35:29 +00:00
Ralph Boehme
c742ab7a4c s3:mdssvc: add noindex backend
Add a new default backend that, while allowing mdsvc RPC and search queries from
clients, always returns no results.

Shares using this backend will behave the same way as shares on a macOS SMB
server where indexing is disabled.

This change will later also allow us to compile the Spotlight RPC service by
default which is a big step in the direction of adding tests to CI.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-08-08 20:24:32 +00:00
Ralph Boehme
2d98fb57e0 s3:mdssvc: move some code to a subsystem
We need this in a later patchset when adding a mdssvc client library and for
unit tests.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-08-08 20:24:31 +00:00
Ralph Boehme
1b897df4f7 s3:mdssvc: new option "spotlight backend"
Currently there's only the tracker backend, but subsequent commits will add
other backends.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-08-08 20:24:31 +00:00
Ralph Boehme
1ef96e0907 s3-mdssvc: factor out Tracker backend logic
This moves all Tracker backend logic into a modularized component.

This should not result in any change in behaviour, it just paves the way
for adding additional backends. Currently the only available backend is
Gnome Tracker.

slq_destroy_send/recv is not needed anymore as the problem is solved now by
correctly checking if an async Tracker request was cancelled and we got
G_IO_ERROR_CANCELLED in tracker_con_cb() or tracker_query_cb() and avoid using
user_data in that the case.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-08-08 20:24:31 +00:00
Ralph Boehme
9e0b6f667f s3:rpc_server: factor out rpc_mdssvc_sources
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-08-08 20:24:31 +00:00
Andreas Schneider
acf605f595 s4:rpc_server: Use GnuTLS RC4 in lsa endpoint
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-06-27 12:54:24 +00:00
Ralph Boehme
55b2cca14a s3-mdssvc: use tevent_glib_glue in mdssvc RPC service
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
2019-04-24 18:32:15 +00:00
Jeremy Allison
b1582a4d09 CVE-2019-3880 s3: rpc: winreg: Remove implementations of SaveKey/RestoreKey.
Remove the now unused code implementations of
registry file io.

As reported by Michael Hanselmann.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13851

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Apr  8 11:43:31 UTC 2019 on sn-devel-144
2019-04-08 11:43:31 +00:00
Gary Lockyer
8154acfd0d auth: Generate a human readable Authentication log message.
Add a human readable authentication log line, to allow
verification that all required details are being passed.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2017-03-29 02:37:26 +02:00
Noel Power
1820209b9e s3/rpc_server/mdssvc: Generate flex/bison files in build
Build the generated files at build time instead of using a committed version
generated at some point in the past.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12528

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Jan 28 13:26:01 CET 2017 on sn-devel-144
2017-01-28 13:26:01 +01:00
Ralph Boehme
be8e90f27a s3/rpc_server: move rpc_modules.c to its own subsystem
The source file rpc_modules.c was used in two places which lead to the
following build error when configuring with '--nonshared-binary=smbd/smbd':

  ERROR: source source3/rpc_server/rpc_modules.c is in more than one
  subsystem of target 'smbd/smbd': ['RPC_SERVICE', 'MDSSD']

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12524

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Noel Power <nopower@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jan 20 15:00:45 CET 2017 on sn-devel-144
2017-01-20 15:00:45 +01:00
Stefan Metzmacher
4b295b106c wscript: remove executable bits for all wscript* files
These files should not be executable.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Jan 11 20:21:01 CET 2017 on sn-devel-144
2017-01-11 20:21:01 +01:00
Günther Deschner
a2501843b6 s3-iremotewinspool: update api struct map so we only end up implementing 8 calls
In the end, these calls are the only ones we need to implement:

3.1.4.2. Printer Driver Management Methods

* AsyncInstallPrinterDriverFromPackage
* AsyncUploadPrinterDriverPackage
* AsyncCorePrinterDriverInstalled
* AsyncDeletePrinterDriverPackage

3.1.4.9. Printing Related Notification Methods

* SyncRegisterForRemoteNotifications
* SyncUnRegisterForRemoteNotifications
* SyncRefreshRemoteNotifications
* AsyncGetRemoteNotifications

All other calls are 1:1 mapped to spoolss calls.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-06 12:28:18 +01:00
Günther Deschner
7dd880f4b9 s3-iremotewinspool: add generated server stubs and no longer compile autogenerated ones
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-06 12:28:18 +01:00
Günther Deschner
29266c0a90 s3-iremotewinspool: add generated srv_iremotewinspool_nt.c file
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2017-01-06 12:28:18 +01:00
Ralph Boehme
6018a7756f s3:rpc_server: make it possible to build mdssvc as a shared module
Allow building mdssvc RPC service as shared module:

  --with-shared-modules=rpc_mdssvc_module

The default is to build it static.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sun Feb 21 22:28:41 CET 2016 on sn-devel-144
2016-02-21 22:28:41 +01:00
Ralph Boehme
593abe5f6b s3:rpc_server: allow building RPC services as shared modules
This is the general RPC subsystem change, existing modules must be
tweaked to support being loaded as a module.

The next commit shows how to do this for the Spotlight RPC service.

The general syntax is: --with-shared-modules=rpc_NAME_module

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-02-21 19:21:17 +01:00
Ralph Boehme
480cc511ff s3-mdssvc: add mdssd RPC service daemon for mdssvc
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-07-07 17:34:28 +02:00
Ralph Boehme
4b0ee5d209 s3-mdssvc: lexer and parser for Spotlight queries
Add a lexer and parser for translating Spotlight query strings to
SPARQL.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-07-07 17:34:28 +02:00
Ralph Boehme
0de03ce4a4 s3-mdssvc: Spotlight attribute mappings
Add mappings for metadata attribute between Spotlight and NEPOMUK for
use with Tracker.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-07-07 17:34:28 +02:00
Ralph Boehme
5d4eceae15 s3-mdssvc: (un)marshalling Spotlight RPC blob
Add code for marshalling and unmarshalling Spotlight RPC blobs
from/into a dalloc object store.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-07-07 17:34:28 +02:00
Ralph Boehme
222e863d4e s3-mdssvc: dalloc: dynamic object store based on talloc
dalloc is a hack with a bizarre API, but it does its job: it's a
simple object store that allows for storing simple and complex data
types.

We'll use it for storing Spotlight query data.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-07-07 17:34:28 +02:00
Ralph Boehme
63dd793cde s3-mdssvc: add Spotlight RPC stubs
'mdssvc' aka 'Metadata Search Service' is an RPC service used by Apple
for passing marshalled Spotlight search queries and results between
client to server.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-07-07 17:34:28 +02:00
David Disseldorp
b6e034069f fsrvp: add remote snapshot RPC server
The Samba fss_agent RPC server is an implementation of the File Server
Remote VSS (Volume Shadow Copy Service) Protocol, or FSRVP for short.

FSRVP is new with Windows Server 2012, and allows authenticated clients
to remotely request the creation, exposure and deletion of share
snapshots.

The fss_agent RPC server processes requests on the FssAgentRpc named
pipe, and dispatches relevant snapshot creation and deletion requests
through to the VFS.
The registry smb.conf back-end is used to expose snapshot shares, with
configuration parameters and share ACLs cloned from the base share.

There are three FSRVP client implementations that I'm aware of:
- Samba rpcclient includes fss_X commands.
- Windows Server 2012 includes diskshadow.exe.
- System Center 2012.

FSRVP operations are only processed for users with:
- Built-in Administrators group membership, or
- Built-in Backup Operators group membership, or
- Backup Operator privileges, or
- Security token matches the initial process UID

MS-FSRVP specifies that server state should be stored persistently
during operation and retrieved on startup. Use the existing fss_srv.tdb
FSRVP state storage back-end to satisfy this requirement.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:25 +02:00
David Disseldorp
9c8ae4454c fsrvp: add server state storage back-end
MS-FSRVP specifies:
  the server MUST persist all state information into an implementation-
  specific configuration store.

This change adds a fss_srv TDB database to preserve FSRVP server state,
with the following keys used to track shadow copy state and hierarchy:
- sc_set/<shadow copy set GUID>
  A shadow copy set tracks a collection of zero or more shadow copies,
  as initiated by a StartShadowCopySet FSRVP client request.
- sc_set/<shadow copy set GUID>/sc/<shadow copy GUID>
  A shadow copy defines information about a snapshot base volume, the
  snapshot path, and a collection of share maps. It is initiated by an
  AddToShadowCopySet client request.
- sc_set/<shadow copy set GUID>/sc/<shadow copy GUID>/smap/<smap GUID>
  A share map tracks new shares that are created to expose shadow
  copies.

All structures are marshalled into on-disk format using the previously
added fsrvp_state IDL library.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-31 18:40:24 +02:00
Stefan Metzmacher
ea2ff2c7ff s3:rpc_server/wscript_build: remove allow_warnings=True from RPC_SPOOLSS
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-03-20 20:43:11 +01:00
Christof Schmitt
16594e7fc0 s3: Move init_lsa_ref_domain_list to lib
This will be used in the next patch in winbind.

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2014-09-29 10:52:47 +02:00
Stefan Metzmacher
f42046692a s3:rpc_server: explicitly use allow_warnings=True for RPC_SPOOLSS
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-04-02 09:03:46 +02:00
Andreas Schneider
7daa4b94fa s3-rpc_server: Add make_internal_rpc_pipe_socketpair().
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-29 16:17:03 +01:00
Andreas Schneider
01524063cc s3-waf: Create a target for RPC_SOCK_HELPER.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-29 15:46:06 +01:00
Andreas Schneider
710ddf82ed s3-waf: Seperate rpc_server and rpc_service.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-29 15:45:39 +01:00
Andreas Schneider
df4c2df53b s3-waf: Reorder rpc_server wscript_build file.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-10-29 15:44:45 +01:00
Michael Adam
7e966397ec build: get rid of source variables and vars=locals() in source3/rpc_server/wscript_build
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2013-09-24 23:00:44 +02:00