diff options
| author | Stefan Metzmacher <metze@samba.org> | 2004-01-08 22:55:27 +0000 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2004-01-08 22:55:27 +0000 |
| commit | 7e6cf43756b7643e2f0ee7ada5076f36f3a24bb7 (patch) | |
| tree | ad6aebaaf7e3da39992548925135537d66ffabaa /source4/librpc/ndr/ndr_sec.c | |
| parent | 8364fd2853ff4bb608157656878e05ca7984a2b9 (diff) | |
| download | samba-7e6cf43756b7643e2f0ee7ada5076f36f3a24bb7.tar.gz samba-7e6cf43756b7643e2f0ee7ada5076f36f3a24bb7.tar.bz2 samba-7e6cf43756b7643e2f0ee7ada5076f36f3a24bb7.zip | |
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
Diffstat (limited to 'source4/librpc/ndr/ndr_sec.c')
| -rw-r--r-- | source4/librpc/ndr/ndr_sec.c | 68 |
1 files changed, 41 insertions, 27 deletions
diff --git a/source4/librpc/ndr/ndr_sec.c b/source4/librpc/ndr/ndr_sec.c index a3be697c49..49c88d1563 100644 --- a/source4/librpc/ndr/ndr_sec.c +++ b/source4/librpc/ndr/ndr_sec.c @@ -88,6 +88,37 @@ void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, struct dom_sid2 ndr_print_dom_sid(ndr, name, sid); } +/* + return the wire size of a dom_sid +*/ +size_t ndr_size_dom_sid(struct dom_sid *sid) +{ + if (!sid) return 0; + return 8 + 4*sid->num_auths; +} + +/* + add a rid to a domain dom_sid to make a full dom_sid +*/ +struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx, + const struct dom_sid *domain_sid, + uint32 rid) +{ + struct dom_sid *sid; + + sid = talloc_p(mem_ctx, struct dom_sid); + if (!sid) return NULL; + + *sid = *domain_sid; + sid->sub_auths = talloc_array_p(mem_ctx, uint32, sid->num_auths+1); + if (!sid->sub_auths) { + return NULL; + } + memcpy(sid->sub_auths, domain_sid->sub_auths, sid->num_auths*sizeof(uint32)); + sid->sub_auths[sid->num_auths] = rid; + sid->num_auths++; + return sid; +} /* return the wire size of a security_ace @@ -115,15 +146,6 @@ size_t ndr_size_security_acl(struct security_acl *acl) } /* - return the wire size of a dom_sid -*/ -size_t ndr_size_dom_sid(struct dom_sid *sid) -{ - if (!sid) return 0; - return 8 + 4*sid->num_auths; -} - -/* return the wire size of a security descriptor */ size_t ndr_size_security_descriptor(struct security_descriptor *sd) @@ -139,25 +161,17 @@ size_t ndr_size_security_descriptor(struct security_descriptor *sd) return ret; } -/* - add a rid to a domain dom_sid to make a full dom_sid -*/ -struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx, - const struct dom_sid *domain_sid, - uint32 rid) +/* + talloc and copy a security descriptor + */ +struct security_descriptor *copy_security_descriptor(TALLOC_CTX *mem_ctx, + const struct security_descriptor *osd) { - struct dom_sid *sid; + struct security_descriptor *nsd; - sid = talloc_p(mem_ctx, struct dom_sid); - if (!sid) return NULL; + /* FIXME */ + DEBUG(1, ("copy_security_descriptor: sorry unimplemented yet\n")); + nsd = NULL; - *sid = *domain_sid; - sid->sub_auths = talloc_array_p(mem_ctx, uint32, sid->num_auths+1); - if (!sid->sub_auths) { - return NULL; - } - memcpy(sid->sub_auths, domain_sid->sub_auths, sid->num_auths*sizeof(uint32)); - sid->sub_auths[sid->num_auths] = rid; - sid->num_auths++; - return sid; + return nsd; } |