summaryrefslogtreecommitdiff
path: root/librpc
Commit message (Collapse)AuthorAgeFilesLines
* pidl: Avoid leaving array_size NDR tokens aroundAndrew Bartlett2021-06-025-6/+36
| | | | | | | | | | | | | | | | | | In many cases these can and should be consumed as soon as they are used. This is not a complete fix, we don't clean up the array_size token after using it split between an NDR_SCALARS and an NDR_BUFFERS pass, but it is much better than it was and helps the winbind case with a large number of groups (eg 100,000) as otherwise we hit the 65535 NDR token limit. (This is an arbitary Samba-only limit to avoid DoS conditions) BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* pidl: Avoid leaving array_length NDR tokens aroundAndrew Bartlett2021-06-023-4/+16
| | | | | | | | | | In many cases these can and should be consumed as soon as they are used. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* librpc: Use helper function ndr_get_array_size() in ndr_check_array_size()Andrew Bartlett2021-06-021-1/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* librpc: Add const to cookie pointer in ndr_check_array_{size,length}Andrew Bartlett2021-06-023-6/+6
| | | | | | | | | | This pointer is only used to find the right token in the list so can be declared const. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* libndr: Return error code from ndr_token_peek()Andrew Bartlett2021-06-024-28/+23
| | | | | | | | | | | | | This makes it safer to change our code to remove tokens after use if failing to obtain a token would result in an error. This means changing ndr_get_array_size() and ndr_get_array_length() to also return an error code. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* selftest: Add test of NDR marshalling from python, starting with wbintAndrew Bartlett2021-06-024-1/+304
| | | | | | | | | | | | | | These patches are to address an issue unpacking a very large winbind.wbint_Principals array (100,000). We need the NDR_TOKEN_MAX_LIST_SIZE value exposed as otherwise a well-meaning incrase of this value would invalidate the test. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* spoolss: Avoid indirection via ndr_get_array_size()Andrew Bartlett2021-06-021-1/+1
| | | | | | | | | | | This is set in the call just above and otherwise we will (in the next commit) need an intermediate variable once we need to check error codes from ndr_get_array_size(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14710 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* krb5ccache.idl: Add definition for a Kerberos credentials cacheJoseph Sutton2021-05-193-1/+123
| | | | | | | | | | | | Based on specifications found at https://web.mit.edu/kerberos/krb5-devel/doc/formats/ccache_file_format.html This is primarily designed for parsing and storing a single Kerberos ticket, due to the limitations of PIDL. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* printing: Introduce samba-bgqdVolker Lendecke2021-05-111-0/+2
| | | | | | | | | | This is a separate binary executed from start_background_queue(). As such it does not really gain much, but the idea is to move all the code this runs out of the smbd and spoolssd binaries to just link here. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* auth: Fix a typoVolker Lendecke2021-04-271-1/+1
| | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* dcesrv_core: fix buildBernd Kuhls2021-04-071-10/+1
| | | | | | | | | | | | | | Move include of system/network.h to avoid a build error: In file included from ../../lib/replace/system/network.h:35, from ../../librpc/rpc/dcesrv_core.c:2658: usr/include/unistd.h: At top level: usr/include/unistd.h:675:16: error: conflicting types for ‘geteuid’ 675 | extern __uid_t geteuid (void) __THROW; Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* librpc: Remove the gensec dependency from library dcerpc-bindingVolker Lendecke2021-04-066-485/+578
| | | | | | | | | | | | This means yet another library, but having to depend on gensec just for dcerpc_parse_binding() and basic packet parsing seems like a bit overkill to me. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Apr 6 23:33:14 UTC 2021 on sn-devel-184
* rpc: Give dcerpc_util.c its own headerVolker Lendecke2021-04-066-74/+107
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* tstream_npa: Return named_pipe_auth_req_info4 from accept_existingVolker Lendecke2021-04-011-1/+1
| | | | | | | | Callers might want the full picture. We need to make named_pipe_auth_req_info4 public for that. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* rpc/idl dnsserver s/DNS_RPC_DATA/DNS_RPC_RECORD_DATA/Douglas Bagnall2021-03-301-4/+4
| | | | | | | | | | Following MS-DNSP. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Tue Mar 30 00:20:53 UTC 2021 on sn-devel-184
* librpc/idl: dnsp tombstone timestamp name matches MS-DNSPDouglas Bagnall2021-03-292-2/+2
| | | | | | | | | | MS-DNSP uses the term "EntombedTime" in e.g. "2.2.2.2.4.23 DNS_RPC_RECORD_TS" which is more descriptive than the generic "timestamp", and less likely to be confused with dwTimestamp, which has been our curse. Let's make it grep-able, google-able, and evocative. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: Simplify dcerpc_binding_dup() with common nomem handlingVolker Lendecke2021-03-191-14/+10
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: Make "dcesrv_context->callbacks" a pointerVolker Lendecke2021-03-163-9/+11
| | | | | | | | | This structure just grew from 3 to 6 pointers, avoid making a copy of this. All callers of dcesrv_init_context() have this as a static struct in the C object, so a pointer to that won't change. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: Add "private_data" to struct dcesrv_context_callbacksVolker Lendecke2021-03-163-13/+26
| | | | | | | | | Not used right now, but we should never have callbacks without a "private_data" pointer. Some of the callbacks could even today benefit from this. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: Simplify struct dcesrv_handleVolker Lendecke2021-03-092-8/+5
| | | | | | | | | This saves a tiny bit of memory: dom_sid_dup() allocates a full struct dom_sid, although it might not have to. Save the additional talloc object and the pointer, be more cache-friendly Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: Fix typosVolker Lendecke2021-03-091-1/+2
| | | | | | | While there, wrap the long comment lines Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: Fix a typo, while there linewrap the commentVolker Lendecke2021-03-091-1/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* rpc_server: Fix a typoVolker Lendecke2021-03-091-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* smbXsrv_client: move the connection passing to ↵Stefan Metzmacher2021-03-061-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | smb2srv_client_mc_negprot_send/recv We need a full request/response pair in order to avoid races in the multichannel connection passing. smb2srv_client_mc_negprot_send/recv locks the db record for the given client_guid. If there's no entry found, we add ourself and return NT_STATUS_OK. If there's an existing process for that client guid we start messaging_filtered_read_send() dbwrap_watched_watch_send() before calling smb2srv_client_connection_pass(). Then we release the lock and wait for either MSG_SMBXSRV_CONNECTION_PASSED to arrive or retry if dbwrap_watched_watch_recv signaled a change in the database. If we got MSG_SMBXSRV_CONNECTION_PASSED we'll return NT_STATUS_MESSAGE_RETRIEVED in order to signal that the other process will take care of the connection and we terminate the current process. All that is done completely async, which means that the IDLE_CLOSED_TIMEOUT (60 seconds) may trigger deadtime_fn(), which will send itself a MSG_SHUTDOWN. So the process that accepted the tcp connection exists if there was no MSG_SMBXSRV_CONNECTION_PASSED within 60 seconds. However the fd may still exists in the kernel (and the new connection may still be handed to the other process. If that process somehow exists before there's no way to prevent a connection termination for the client. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14433 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Mar 6 03:30:06 UTC 2021 on sn-devel-184
* librpc: Lower dcesrv_call_dispatch_local() errors from DBG_ERR to DBG_INFOSamuel Cabrero2021-03-061-16/+16
| | | | | | | | | | | | | | | | | | | Before merging the s3 and s4 RPC servers the rpcint_dispatch function was not logging any error. This commit lowers from DBG_ERR to DBG_INFO the importance of error messages when dispatching local RPC calls. There are some situations where RPC functions return RPC faults and this is not a fatal condition. One example is _lsa_QueryInfoPolicy2. This change prevents a noisy error logged when winbindd tries to connect to its primary domain in the nt4_member and ad_member test environments: [2021/03/01 16:49:38.486111, 0, pid=12456] ../../librpc/rpc/dcesrv_core.c:2990(dcesrv_call_dispatch_local) dcesrv_call_dispatch_local: DCE/RPC fault in call lsarpc:2E - DCERPC_NCA_S_OP_RNG_ERROR Signed-off-by: Samuel Cabrero <scabrero@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libndr: Use better and more clear check for empty flagsAndreas Schneider2021-02-011-1/+1
| | | | | | | warning: converting the result of '<<' to a boolean always evaluates to true [-Wtautological-constant-compare] Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: Simplify find_interface_by_binding()Volker Lendecke2021-01-281-15/+6
| | | | | | | | | | Use find_interface_by_syntax_id() instead of duplicating the loop. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Thu Jan 28 18:03:53 UTC 2021 on sn-devel-184
* librpc: Simplify find_interface_by_syntax_id()Volker Lendecke2021-01-281-14/+1
| | | | | | | | Directly use ndr_syntax_id_equal() instead of duplicating it with interface_match_by_uuid(). Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Convert find_interface_by_uuid to search by syntax_idVolker Lendecke2021-01-282-12/+12
| | | | | | | All callers manually dissected the syntax id for this API. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Fix a typoVolker Lendecke2021-01-281-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Simplify dcesrv_check_or_create_context()Volker Lendecke2021-01-281-3/+4
| | | | | | | Use ndr_syntax_id_buf_string(), avoid a talloc/talloc_free Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Simplify dcerpc_binding_string()Volker Lendecke2021-01-281-62/+59
| | | | | | | Make it follow a more conventional memory handling style for reallocs. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Simplify dcerpc_binding_string()Volker Lendecke2021-01-281-13/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* rpc_server: Introduce "goto nomem;" to dcesrv_endpoint_connect()Volker Lendecke2021-01-281-6/+9
| | | | | | | Avoid the control-flow changing NT_STATUS_HAVE_NO_MEMORY macro. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* lib: Simplify parse_guid_string() and ndr_syntax_id_from_string()Volker Lendecke2021-01-282-85/+22
| | | | | | | | | Return "bool" instead of NTSTATUS, use hex_byte() instead of read_hex_bytes(). And parse directly into a struct GUID instead of the components. 99 lines less code. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Simplify dcerpc_binding_set_abstract_syntax()Volker Lendecke2021-01-281-10/+2
| | | | | | | It might be a question of style, but I find it simpler this way. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Use ndr_syntax_id_buf_string() in dcerpc_binding_set_abstract_syntax()Volker Lendecke2021-01-281-13/+4
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Use ndr_syntax_id_buf_string() in dcerpc_sec_vt_pctx_check()Volker Lendecke2021-01-281-16/+13
| | | | | | | "mem_ctx" is no longer needed Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Add ndr_syntax_id_buf_string()Volker Lendecke2021-01-284-11/+287
| | | | | | | Same pattern as GUID_buf_string() Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* librpc: Add a NULL check to dcerpc_binding_build_tower()Volker Lendecke2021-01-281-0/+3
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* libndr: Simplify ndr_print_GUID()Volker Lendecke2021-01-281-1/+2
| | | | | | | Fix a small memleak of the tmp GUID_string Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Samuel Cabrero <scabrero@samba.org>
* rpc_server: Fix a typoVolker Lendecke2021-01-221-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: Fix a small memleak in epm_floor_string()Volker Lendecke2021-01-221-4/+6
| | | | | | | Use GUID_buf_string(), don't leak the output of GUID_string() Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* rpc_server: Slightly simplify dcesrv_bind()Volker Lendecke2021-01-221-2/+3
| | | | | | | Factor out dereferencing conn->dce_ctx Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* rpc_server: Slightly simplify dcesrv_bind()Volker Lendecke2021-01-221-13/+13
| | | | | | | We have already dereferenced call->conn in a variable, use that. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: gen_ndr/dcerpc.h references DATA_BLOBVolker Lendecke2021-01-121-0/+2
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* librpc: Align a few integer typesVolker Lendecke2021-01-121-6/+6
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* rpc_server: Fix an error path memleakVolker Lendecke2021-01-121-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* rpc_server: Avoid a pointless ZERO_STRUCTPVolker Lendecke2021-01-121-1/+0
| | | | | | | We've done talloc_zero() 4 lines above. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* rpc_server: Move a variable closer to its useVolker Lendecke2021-01-121-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
View Lorry Controller Status