1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

31 Commits

Author SHA1 Message Date
Samuel Cabrero
6edcf6801d s3: rpc_server: Avoid casts calling to find_policy_by_hnd()
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:37 +00:00
Samuel Cabrero
da9749acb3 s3: rpc_server: pass DCE/RPC handle type to find_policy_handle
Following changes in commit c7a4578d06
pass the handle type to the handle search functions. The handle type will
be verified unless passing DCESRV_HANDLE_ANY to find functions.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-05-24 23:55:36 +00:00
Alexander Bokovoy
c7a4578d06 s3: pass DCE RPC handle type to create_policy_hnd
Various RPC services expect policy handles of a specific type.

s3 RPC server did not allow to create policy handles with a specific
type while actually requiring that policy handle type itself in some
places.

Make sure we are able to specify the policy on-wire handle type when
creating the policy handle. The changes follow s4 DCE RPC server
implementation.

The original logic to always set on-wire handle type to 0 can be tracked
down to commit fdeea341ed when we didn't
really know about differences in on-wire handle types.

All but LSA trusted domain RPC calls do not check the on-wire handle
type in s3 RPC server.

Fixes trusted domain operations when Samba RPC client attempts to call
s3 RPC server to perform lsa_lsaRSetForestTrustInformation in FreeIPA.
This fix is a pre-requisite for FreeIPA-FreeIPA forest trust.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 28 22:55:29 UTC 2020 on sn-devel-184
2020-04-28 22:55:29 +00:00
Samuel Cabrero
4c09839ec9 s3:rpc_server: Do not include s3 autogenerated headers
Prototype is generated by the server compat parser.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:36 +00:00
Samuel Cabrero
dc1d34d388 s3:rpc_server: Include generated boilerplate code
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:31 +00:00
Ralph Boehme
a6054e2b35 s3/rpc_server: use talloc_alpha_strcpy() in _winreg_InitiateSystemShutdownEx()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-02-06 10:17:43 +00:00
Ralph Boehme
a0185c7efb smbdotconf: mark "shutdown script" with substitution="1"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-11-27 10:25:36 +00:00
Ralph Boehme
db75b5d6fc smbdotconf: mark "abort shutdown script" with substitution="1"
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-11-27 10:25:33 +00:00
Jeremy Allison
b1582a4d09 CVE-2019-3880 s3: rpc: winreg: Remove implementations of SaveKey/RestoreKey.
Remove the now unused code implementations of
registry file io.

As reported by Michael Hanselmann.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13851

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Apr  8 11:43:31 UTC 2019 on sn-devel-144
2019-04-08 11:43:31 +00:00
Jeremy Allison
c79f719a84 CVE-2019-3880 s3: rpc: winreg: Remove implementations of SaveKey/RestoreKey.
The were not using VFS backend calls and could only work
locally, and were unsafe against symlink races and other
security issues.

If the incoming handle is valid, return WERR_BAD_PATHNAME.

[MS-RRP] states "The format of the file name is implementation-specific"
so ensure we don't allow this.

As reported by Michael Hanselmann.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13851

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-04-08 10:27:34 +00:00
Trever L. Adams
7accec7f78 Update smbrun to allow for settings environment variables.
Signed-off-by: Trever L. Adams <trever.adams@gmail.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Oct 13 04:26:26 CEST 2016 on sn-devel-144
2016-10-13 04:26:26 +02:00
Günther Deschner
7d54fde08f werror: replace WERR_OBJECT_PATH_INVALID with WERR_BAD_PATHNAME in source3/rpc_server/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:24 +02:00
Günther Deschner
402bafcbca werror: replace WERR_INVALID_PARAM with WERR_INVALID_PARAMETER in source3/rpc_server/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:22 +02:00
Günther Deschner
74d3bf1488 werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in source3/rpc_server/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:19 +02:00
Günther Deschner
4198327897 werror: replace WERR_BADFID with WERR_INVALID_HANDLE in source3/rpc_server/spoolss/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:18 +02:00
Günther Deschner
3af16e4abd werror: replace WERR_BADFILE with WERR_FILE_NOT_FOUND in source3/rpc_client/
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-09-28 00:04:17 +02:00
Richard Sharpe
0dde2106bb Covert all uint32/16/8 to _t in source3/rpc_server.
This can be committed regardless of the state of the PIDL changes.

Signed-off-by: Richard Sharpe <rsharpe@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-05-15 19:31:24 +02:00
Michael Adam
4286e147a6 loadparm: rename lp[cfg]_print_ok to lp[cfg]_printable for consistency with docs
Signed-off-by: Michael Adam <obnox@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-02-03 13:27:15 +13:00
Michael Adam
d85bab275a loadparm: rename lp[cfg]_pathname to lp[cfg]_path for consistency with docs
Signed-off-by: Michael Adam <obnox@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-02-03 13:26:13 +13:00
Volker Lendecke
61f59d84ae winreg3: Fix a const warning
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-06-11 10:54:30 -07:00
Rusty Russell
fe72740e82 loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.
They use talloc_tos() internally: hoist that up to the callers, some
of whom don't want to us talloc_tos().

A simple patch, but hits a lot of files.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:23 +09:30
Andreas Schneider
fae6091f1d s3-rpc_server: Make it possible to use more rpc exceptions. 2012-07-06 10:00:56 +02:00
Andrew Bartlett
3d15137653 s3-talloc Change TALLOC_ARRAY() to talloc_array()
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
2011-06-09 12:40:08 +02:00
Andrew Bartlett
381423b1bd libcli/security: move secdesc.c to the top level libcli/security
This code does not rely on lp_ or other source3 only functions, so can
be part of the common library.

Andrew Bartlett
2011-05-31 00:32:07 +02:00
Günther Deschner
0e76eddcc8 s3: include ntdomain.h before including generated srv_ headers.
Guenther
2011-05-02 15:03:44 +02:00
Günther Deschner
c2d6260f10 s3: only include lib/privileges.h where needed.
This finally removes the global lsa.h inclusion.

Guenther
2011-03-30 01:13:10 +02:00
Günther Deschner
6e3f0d28a4 s3-includes: only include ntdomain.h where needed.
Guenther
2011-03-30 01:13:09 +02:00
Günther Deschner
146c1aac99 s3-auth: rpc_server needs auth.h
Guenther
2011-03-30 01:13:09 +02:00
Günther Deschner
4a4efc20b4 s3-rpc_server: remove two uneeded include registry/reg_parse_prs.h
Guenther
2011-03-24 23:08:22 +01:00
Andrew Bartlett
2e69e89456 s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_info
These variables, of type struct auth_serversupplied_info were poorly
named when added into 2001, and in good consistant practice, this has
extended all over the codebase in the years since.

The structure is also not ideal for it's current purpose.  Originally
intended to convey the results of the authentication modules, it
really describes all the essential attributes of a session.  This
rename will reduce the volume of a future patch to replaced these with
a struct auth_session_info, with auth_serversupplied_info confined to
the lower levels of the auth subsystem, and then eliminated.

(The new structure will be the output of create_local_token(), and the
change in struct definition will ensure that this is always run, populating
local groups and privileges).

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-02-22 16:20:10 +11:00
Günther Deschner
4063bde3ed s3-rpc_server: move services into individual directories.
Guenther

Autobuild-User: Günther Deschner <gd@samba.org>
Autobuild-Date: Thu Feb 10 22:13:17 CET 2011 on sn-devel-104
2011-02-10 22:13:17 +01:00