1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

33 Commits

Author SHA1 Message Date
Volker Lendecke
b6f4acb9b4 rpc_server3: Use fdopen_keepfd()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
2024-04-16 23:51:45 +00:00
Stefan Metzmacher
d23d6145bf VERSION: move COPYRIGHT_STARTUP_MESSAGE as SAMBA_COPYRIGHT_STRING into version.h
We also prodive a samba_copyright_string() helper similar to
samba_version_string().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Dec 15 10:44:42 UTC 2023 on atb-devel-224
2023-12-15 10:44:42 +00:00
Björn Jacke
159cfde446 logging: use DBG_STARTUP_NOTICE for startup message
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15377

Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-11-20 03:52:33 +00:00
Stefan Metzmacher
c5201cd0b5 s3:rpc_server: make use of tstream_bsd_fail_readv_first_error(true)
This avoids doing useless work in case the client connection
is already broken.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-24 09:36:38 +00:00
Stefan Metzmacher
f8b76235fe s3:rpc_server: distribute clients based on available association group slots
The important factor to distribute connection to workers
should be the number of used association group slots instead
of the raw number of connections. If one worker has a lot of
association groups with just one connection each, but another
with few association groups, but multiple connections per
association group. The one with less association groups should
get the connection. Note each worker is only able to allocate
UINT16_MAX allocation groups, but the number of connections
is only limited by RAM.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-17 19:20:38 +00:00
Stefan Metzmacher
40e780ad16 dcesrv_core: maintain the number of allocated association groups per dce_ctx
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-17 19:20:38 +00:00
Stefan Metzmacher
eb8cf371b8 s3:rpc_server: correctly allow up to 65536 workers processes
We already limit the per worker portion of the association
group id to UINT16_MAX, so we can also use 16-bit instead
of just 8-bit to encode the worker index.

While there we should actually ensure that the max worker
index is UINT16_MAX.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-17 19:20:38 +00:00
Stefan Metzmacher
e4bdab659b rpc_host.idl: change server_index from uint8 to uint32
This reflects what we're using in the C code already...

Note this is an incompatible change, but we also changed
from named_pipe_auth_req_info7 to named_pipe_auth_req_info8
in master...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-17 19:20:38 +00:00
Stefan Metzmacher
94723b6732 s3:rpc_server: call reopen_logs before we print the copyright notice
This matches what we do in smbd, winbindd and nmbd.

For the workers it's important to call it at all, otherwise
things like 'debug pid = yes' or 'debug class = yes' have no effect
in the workers.

We could argue if we want the copyright notice on the start
of each worker at all, but that's a different discussion...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-17 19:20:38 +00:00
Stefan Metzmacher
ae38cfe6da s3:rpc_server: let get_servers() callback of rpc_worker_main() return NTSTATUS
This means the rpc_worker_main() logic is the only layer that
needs to call exit() and its able to do some cleanup before.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-17 19:20:38 +00:00
Stefan Metzmacher
2d73b1e061 s3:rpc_server: let register_ep_server() errors result in DBG_ERR()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-10-17 19:20:38 +00:00
Douglas Bagnall
da841a80e3 s3:rpc: bump named_pipe_auth_req_info version number
This is because commit f893cf85cc
changed the security token in secuirty.idl, and bumping the version
was missed.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-09-11 02:42:41 +00:00
Joseph Sutton
c172de6ee4 s3:rpc_server: Add missing newlines to logging messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-08-08 04:39:38 +00:00
Volker Lendecke
59694ad0a4 rpc_server3: Pass winbind_env_set() state through to rpcd_*
Winbind can ask rpcd_lsad for LookupNames etc. This can recurse back
into winbind for getpwnam. We have the "_NO_WINBINDD" environment
variable set in winbind itself for this case, but this is lost on the
way into rpcd_lsad. Use a flag in global_sid_Samba_NPA_Flags to pass
this information to dcerpc_core, where it sets the variable on every
call if requested.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue May 16 11:54:32 UTC 2023 on atb-devel-224
2023-05-16 11:54:32 +00:00
Volker Lendecke
bdba027a33 rpc: Remove named_pipe_auth_req_info6->need_idle_server
Involves bumping up the version number

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-05-16 10:53:40 +00:00
Volker Lendecke
a1780ed8d1 rpcd: With npa->need_idle_server we can have more than 256 servers
Before this patch the worker-status cut the worker index such that
samba-dcerpcd could not properly update status of the surplus rpc
daemons. This could lead to those daemons to stay around forever,
samba-dcerpcd will never notice they are idle and can exit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15310

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar  6 22:35:00 UTC 2023 on atb-devel-224
2023-03-06 22:35:00 +00:00
Joseph Sutton
8aef16bbbc named_pipe_auth: Bump info5 to info6
In the next commit, we shall replace the 'authenticated' field of
named_pipe_auth_req_info.info5.session_info.session_info.info with a
more general 'user_flags' field.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-02-08 00:03:39 +00:00
Volker Lendecke
43f041de65 lib: Add "starting_id" to idr_get_new_random()
To be used in smbXsrv_open.c, for this we need a lower bound.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-01-10 00:28:37 +00:00
Stefan Metzmacher
0651fa474c dcesrv_core: wrap gensec_*() calls in [un]become_root() calls
This is important for the source3/rpc_server code as it might
be called embedded in smbd and may not run as root with access
to our private tdb/ldb files.

Note this is only really needed for 4.15 and older, as
we no longer run the rpc_server embedded in smbd,
but we better be consistent for now.

This should be able to fix the problem the printing no longer works
on Windows 7 with 2021-10 monthly rollup patch (KB5006743).

Windows uses NTLMSSP with privacy at the DCERPC layer on top
of NCACN_NP (smb).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14867

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-01-24 15:25:36 +00:00
Volker Lendecke
bad374ae66 rpc_server3: Inline pipes_struct into dcerpc_ncacn_conn
This makes it clear that our internal representation of a rpc client
connection in the source3/ server is struct dcerpc_ncacn_conn and that
struct pipes_struct is only around for API compatibility with the
existing server stubs.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:38 +00:00
Volker Lendecke
55cdb61269 rpc_server3: Remove dcerpc_ncacn_conn->session_info
This was only used inside rpc_worker_new_client(), a leftover from
times where accepting a client was an async process waiting for the
struct named_pipe_auth_req_info4.

The talloc hierarchy is correctly maintained, dcesrv_endpoint_connect() takes a
talloc_reference() of session_info.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:38 +00:00
Volker Lendecke
79024fa681 rpc_server3: Remove dcerpc_ncacn_conn->local_server_addr
This was only used inside rpc_worker_new_client(), a leftover from
times where accepting a client was an async process waiting for the
struct named_pipe_auth_req_info4.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:38 +00:00
Volker Lendecke
10478d39a1 rpc_server3: Remove dcerpc_ncacn_conn->remote_client_addr
This was only used inside rpc_worker_new_client(), a leftover from
times where accepting a client was an async process waiting for the
struct named_pipe_auth_req_info4.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:38 +00:00
Volker Lendecke
7c5b247e31 rpc_server3: Remove dcerpc_ncacn_conn->tstream
This was only used inside rpc_worker_new_client(), a leftover from
times where accepting a client was an async process waiting for the
struct named_pipe_auth_req_info4.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:38 +00:00
Volker Lendecke
0d315ddbfe rpc_server3: Remove dcerpc_ncacn_conn->dce_ctx
This was only used inside rpc_worker_new_client(), a leftover from
times where accepting a client was an async process waiting for the
struct named_pipe_auth_req_info4.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:38 +00:00
Volker Lendecke
909e309414 rpc_server3: Remove dcerpc_ncacn_conn->msg_ctx
This was only used inside rpc_worker_new_client(), a leftover from
times where accepting a client was an async process waiting for the
struct named_pipe_auth_req_info4.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:38 +00:00
Volker Lendecke
7d92880fbf rpc_server3: dcerpc_ncacn_conn->ev_ctx was only set but never used
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:38 +00:00
Volker Lendecke
cdc18db7e2 rpc_server3: Inline make_base_pipes_struct()
This did not even use all its arguments anymore.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:37 +00:00
Volker Lendecke
640f4403c6 rpc_server3: Remove pipes_struct->remote_address
Also available via dcesrv_connection_get_remote_address(p->dce_call->conn)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:37 +00:00
Volker Lendecke
5a0155fb51 rpc_server3: Remove pipes_struct->local_address
Also available via dcesrv_connection_get_local_address(p->dce_call->conn)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:37 +00:00
Volker Lendecke
2777fde6a1 rpc_server3: Inline make_base_pipes_struct() into rpc_worker.c
This is the only user, and in winbind_dual_ndr.c's
make_internal_ncacn_conn we have another creator of pipes_struct. So
it seems not necessary to keep this public.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:37 +00:00
Volker Lendecke
0f9f1fa0c2 rpc_server3: Inline make_internal_ncacn_conn() into rpc_worker.c
This was the only user, and as we have another custom version in
winbind with make_internal_ncacn_conn(), I think this is not really
required to keep around as a separate function.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-01-05 00:11:37 +00:00
Volker Lendecke
d3e1ece1a4 s3:rpc_server: Implement the rpcd_* helper-end of the samba-dcerpc protocol
This is the generic code that becomes the
template that all rpcd_* instances that
serve DCERPC can use to provide services to samba-dcerpcd.

The external entry point is:
rpc_worker_main() which takes an argc/argv list
and two functions:

get_interfaces() - List all interfaces that this server provides
get_servers() - Provide the RPC server implementations

Each rpcd_* service needs only to provide
the implementations of get_interfaces() and get_servers()
and call rpc_worker_main() from their main() function
to provide services that can be connected to from samba-dcerpcd.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2021-12-10 14:02:30 +00:00