diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-03-07 21:39:14 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2012-03-07 14:27:38 +0100 |
commit | 54d36099ec0c4e2739a954fb712a48fe2fbb7d1b (patch) | |
tree | f3c60add78d0bd1bf1d3d19cab34e8219ef59c21 | |
parent | 78f85b282ec52a320d0605c58cc51b7133bc0774 (diff) | |
download | samba-54d36099ec0c4e2739a954fb712a48fe2fbb7d1b.tar.gz samba-54d36099ec0c4e2739a954fb712a48fe2fbb7d1b.tar.bz2 samba-54d36099ec0c4e2739a954fb712a48fe2fbb7d1b.zip |
s3-rpc_server: Do not register embedded ncacn_np endpoints by default
The end point mapper is primarily in support of lsasd, and the key
SAMR, LSA and NETLOGON services being accessed over TCP/IP. The end
point mapper does not appear to be used for the well-known mappings to
named pipes, and we have a problem with how to safely register the
embedded pipes. For now, disable this to avoid re-registration storms
in production, until we sort out a better way.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Wed Mar 7 14:27:38 CET 2012 on sn-devel-104
-rwxr-xr-x | selftest/target/Samba3.pm | 1 | ||||
-rw-r--r-- | source3/rpc_server/rpc_service_setup.c | 9 |
2 files changed, 9 insertions, 1 deletions
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index c93a0f1f10..7e4e601cfe 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -194,6 +194,7 @@ sub setup_s3dc($$) rpc_server:lsarpc = external rpc_server:samr = external rpc_server:netlogon = external + rpc_server:register_embedded_np = yes rpc_daemon:epmd = fork rpc_daemon:spoolssd = fork diff --git a/source3/rpc_server/rpc_service_setup.c b/source3/rpc_server/rpc_service_setup.c index bde0d8da89..9fc12f2e31 100644 --- a/source3/rpc_server/rpc_service_setup.c +++ b/source3/rpc_server/rpc_service_setup.c @@ -63,7 +63,14 @@ static bool rpc_setup_embedded(struct tevent_context *ev_ctx, enum rpc_service_mode_e epm_mode = rpc_epmapper_mode(); NTSTATUS status; - if (epm_mode != RPC_SERVICE_MODE_DISABLED) { + /* Registration of ncacn_np services is problematic. The + * ev_ctx passed in here is passed down to all children of the + * smbd process, and if the end point mapper ever goes away, + * they will all attempt to re-register. But we want to test + * the code for now, so it is enabled in on environment in + * make test */ + if (epm_mode != RPC_SERVICE_MODE_DISABLED && + (lp_parm_bool(-1, "rpc_server", "register_embedded_np", false))) { status = dcerpc_binding_vector_new(talloc_tos(), &v); if (!NT_STATUS_IS_OK(status)) { return false; |