diff options
Diffstat (limited to 'source4/libcli')
| -rw-r--r-- | source4/libcli/auth/session.c | 2 | ||||
| -rw-r--r-- | source4/libcli/resolve/bcast.c | 9 | ||||
| -rw-r--r-- | source4/libcli/resolve/host.c | 24 | ||||
| -rw-r--r-- | source4/libcli/resolve/nbtlist.c | 36 | ||||
| -rw-r--r-- | source4/libcli/resolve/resolve.c | 72 | ||||
| -rw-r--r-- | source4/libcli/resolve/resolve.h | 11 | ||||
| -rw-r--r-- | source4/libcli/resolve/testsuite.c | 2 | ||||
| -rw-r--r-- | source4/libcli/resolve/wins.c | 10 | ||||
| -rw-r--r-- | source4/libcli/security/dom_sid.c | 17 | ||||
| -rw-r--r-- | source4/libcli/security/sddl.c | 1 | ||||
| -rw-r--r-- | source4/libcli/security/security_descriptor.c | 20 |
11 files changed, 117 insertions, 87 deletions
diff --git a/source4/libcli/auth/session.c b/source4/libcli/auth/session.c index 29af7fafe8..10c728662d 100644 --- a/source4/libcli/auth/session.c +++ b/source4/libcli/auth/session.c @@ -29,7 +29,7 @@ before calling, the out blob must be initialised to be the same size as the in blob */ -static void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key, +void sess_crypt_blob(DATA_BLOB *out, const DATA_BLOB *in, const DATA_BLOB *session_key, bool forward) { int i, k; diff --git a/source4/libcli/resolve/bcast.c b/source4/libcli/resolve/bcast.c index ca78a2ce43..0a71ebed99 100644 --- a/source4/libcli/resolve/bcast.c +++ b/source4/libcli/resolve/bcast.c @@ -73,9 +73,10 @@ struct composite_context *resolve_name_bcast_send(TALLOC_CTX *mem_ctx, broadcast name resolution method - recv side */ NTSTATUS resolve_name_bcast_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { - NTSTATUS status = resolve_name_nbtlist_recv(c, mem_ctx, reply_addr); + NTSTATUS status = resolve_name_nbtlist_recv(c, mem_ctx, addrs); if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { /* this makes much more sense for a bcast name resolution timeout */ @@ -92,7 +93,7 @@ NTSTATUS resolve_name_bcast(struct nbt_name *name, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout, - const char **reply_addr) + struct socket_address ***addrs) { struct resolve_bcast_data *data = talloc(mem_ctx, struct resolve_bcast_data); struct composite_context *c; @@ -101,7 +102,7 @@ NTSTATUS resolve_name_bcast(struct nbt_name *name, data->nbt_timeout = nbt_timeout; c = resolve_name_bcast_send(mem_ctx, NULL, data, name); - return resolve_name_bcast_recv(c, mem_ctx, reply_addr); + return resolve_name_bcast_recv(c, mem_ctx, addrs); } bool resolve_context_add_bcast_method(struct resolve_context *ctx, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout) diff --git a/source4/libcli/resolve/host.c b/source4/libcli/resolve/host.c index 7d779b0678..7b1aef803e 100644 --- a/source4/libcli/resolve/host.c +++ b/source4/libcli/resolve/host.c @@ -32,13 +32,14 @@ #include "lib/events/events.h" #include "system/network.h" #include "system/filesys.h" +#include "lib/socket/socket.h" #include "libcli/composite/composite.h" #include "librpc/gen_ndr/ndr_nbt.h" #include "libcli/resolve/resolve.h" struct host_state { struct nbt_name name; - const char *reply_addr; + struct socket_address **addrs; pid_t child; int child_fd; struct fd_event *fde; @@ -95,7 +96,6 @@ static void pipe_handler(struct event_context *ev, struct fd_event *fde, struct host_state *state = talloc_get_type(c->private_data, struct host_state); char address[128]; int ret; - pid_t child = state->child; int status; /* if we get any event from the child then we know that we @@ -125,8 +125,15 @@ static void pipe_handler(struct event_context *ev, struct fd_event *fde, return; } - state->reply_addr = talloc_strdup(state, address); - if (composite_nomem(state->reply_addr, c)) return; + state->addrs = talloc_array(state, struct socket_address *, 2); + if (composite_nomem(state->addrs, c)) return; + + state->addrs[0] = socket_address_from_strings(state->addrs, + "ipv4", + address, + 0); + if (composite_nomem(state->addrs[0], c)) return; + state->addrs[1] = NULL; composite_done(c); } @@ -200,7 +207,8 @@ struct composite_context *resolve_name_host_send(TALLOC_CTX *mem_ctx, gethostbyname name resolution method - recv side */ NTSTATUS resolve_name_host_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { NTSTATUS status; @@ -208,7 +216,7 @@ NTSTATUS resolve_name_host_recv(struct composite_context *c, if (NT_STATUS_IS_OK(status)) { struct host_state *state = talloc_get_type(c->private_data, struct host_state); - *reply_addr = talloc_steal(mem_ctx, state->reply_addr); + *addrs = talloc_steal(mem_ctx, state->addrs); } talloc_free(c); @@ -220,10 +228,10 @@ NTSTATUS resolve_name_host_recv(struct composite_context *c, */ NTSTATUS resolve_name_host(struct nbt_name *name, TALLOC_CTX *mem_ctx, - const char **reply_addr) + struct socket_address ***addrs) { struct composite_context *c = resolve_name_host_send(mem_ctx, NULL, NULL, name); - return resolve_name_host_recv(c, mem_ctx, reply_addr); + return resolve_name_host_recv(c, mem_ctx, addrs); } bool resolve_context_add_host_method(struct resolve_context *ctx) diff --git a/source4/libcli/resolve/nbtlist.c b/source4/libcli/resolve/nbtlist.c index ec4cfb81b4..9c53fcb7ec 100644 --- a/source4/libcli/resolve/nbtlist.c +++ b/source4/libcli/resolve/nbtlist.c @@ -26,6 +26,7 @@ #include "includes.h" #include "libcli/composite/composite.h" #include "system/network.h" +#include "lib/socket/socket.h" #include "lib/socket/netif.h" #include "librpc/gen_ndr/ndr_nbt.h" #include "../libcli/nbt/libnbt.h" @@ -38,7 +39,7 @@ struct nbtlist_state { int num_queries; struct nbt_name_request **queries; struct nbt_name_query *io_queries; - const char *reply_addr; + struct socket_address **addrs; struct interface *ifaces; }; @@ -71,25 +72,23 @@ static void nbtlist_handler(struct nbt_name_request *req) talloc_free(state->nbtsock); if (!composite_is_ok(c)) return; - if (state->io_queries[i].out.num_addrs < 1) { + if (q->out.num_addrs < 1) { composite_error(c, NT_STATUS_UNEXPECTED_NETWORK_ERROR); return; } - /* favor a local address if possible */ - state->reply_addr = NULL; - for (i=0;i<q->out.num_addrs;i++) { - if (iface_is_local(state->ifaces, q->out.reply_addrs[i])) { - state->reply_addr = talloc_steal(state, - q->out.reply_addrs[i]); - break; - } - } + state->addrs = talloc_array(state, struct socket_address *, + q->out.num_addrs + 1); + if (composite_nomem(state->addrs, c)) return; - if (state->reply_addr == NULL) { - state->reply_addr = talloc_steal(state, - q->out.reply_addrs[0]); + for (i=0;i<q->out.num_addrs;i++) { + state->addrs[i] = socket_address_from_strings(state->addrs, + "ipv4", + q->out.reply_addrs[i], + 0); + if (composite_nomem(state->addrs[i], c)) return; } + state->addrs[i] = NULL; composite_done(c); } @@ -180,7 +179,8 @@ struct composite_context *resolve_name_nbtlist_send(TALLOC_CTX *mem_ctx, nbt list of addresses name resolution method - recv side */ NTSTATUS resolve_name_nbtlist_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { NTSTATUS status; @@ -188,7 +188,7 @@ NTSTATUS resolve_name_nbtlist_recv(struct composite_context *c, if (NT_STATUS_IS_OK(status)) { struct nbtlist_state *state = talloc_get_type(c->private_data, struct nbtlist_state); - *reply_addr = talloc_steal(mem_ctx, state->reply_addr); + *addrs = talloc_steal(mem_ctx, state->addrs); } talloc_free(c); @@ -205,13 +205,13 @@ NTSTATUS resolve_name_nbtlist(struct nbt_name *name, uint16_t nbt_port, int nbt_timeout, bool broadcast, bool wins_lookup, - const char **reply_addr) + struct socket_address ***addrs) { struct composite_context *c = resolve_name_nbtlist_send(mem_ctx, NULL, name, address_list, ifaces, nbt_port, nbt_timeout, broadcast, wins_lookup); - return resolve_name_nbtlist_recv(c, mem_ctx, reply_addr); + return resolve_name_nbtlist_recv(c, mem_ctx, addrs); } diff --git a/source4/libcli/resolve/resolve.c b/source4/libcli/resolve/resolve.c index f57f231bc0..7d1c48cbee 100644 --- a/source4/libcli/resolve/resolve.c +++ b/source4/libcli/resolve/resolve.c @@ -26,6 +26,7 @@ #include "libcli/resolve/resolve.h" #include "librpc/gen_ndr/ndr_nbt.h" #include "system/network.h" +#include "lib/socket/socket.h" #include "../lib/util/dlinklist.h" struct resolve_state { @@ -33,7 +34,7 @@ struct resolve_state { struct resolve_method *method; struct nbt_name name; struct composite_context *creq; - const char *reply_addr; + struct socket_address **addrs; }; static struct composite_context *setup_next_method(struct composite_context *c); @@ -83,7 +84,7 @@ static void resolve_handler(struct composite_context *creq) struct resolve_state *state = talloc_get_type(c->private_data, struct resolve_state); const struct resolve_method *method = state->method; - c->status = method->recv_fn(creq, state, &state->reply_addr); + c->status = method->recv_fn(creq, state, &state->addrs); if (!NT_STATUS_IS_OK(c->status)) { state->method = state->method->next; @@ -128,9 +129,9 @@ static struct composite_context *setup_next_method(struct composite_context *c) /* general name resolution - async send */ -struct composite_context *resolve_name_send(struct resolve_context *ctx, - struct nbt_name *name, - struct event_context *event_ctx) +struct composite_context *resolve_name_all_send(struct resolve_context *ctx, + struct nbt_name *name, + struct event_context *event_ctx) { struct composite_context *c; struct resolve_state *state; @@ -157,8 +158,13 @@ struct composite_context *resolve_name_send(struct resolve_context *ctx, if (is_ipaddress(state->name.name) || strcasecmp(state->name.name, "localhost") == 0) { struct in_addr ip = interpret_addr2(state->name.name); - state->reply_addr = talloc_strdup(state, inet_ntoa(ip)); - if (composite_nomem(state->reply_addr, c)) return c; + + state->addrs = talloc_array(state, struct socket_address *, 2); + if (composite_nomem(state->addrs, c)) return c; + state->addrs[0] = socket_address_from_strings(state->addrs, "ipv4", + inet_ntoa(ip), 0); + if (composite_nomem(state->addrs[0], c)) return c; + state->addrs[1] = NULL; composite_done(c); return c; } @@ -177,8 +183,9 @@ struct composite_context *resolve_name_send(struct resolve_context *ctx, /* general name resolution method - recv side */ -NTSTATUS resolve_name_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) +NTSTATUS resolve_name_all_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { NTSTATUS status; @@ -186,7 +193,7 @@ NTSTATUS resolve_name_recv(struct composite_context *c, if (NT_STATUS_IS_OK(status)) { struct resolve_state *state = talloc_get_type(c->private_data, struct resolve_state); - *reply_addr = talloc_steal(mem_ctx, state->reply_addr); + *addrs = talloc_steal(mem_ctx, state->addrs); } talloc_free(c); @@ -196,9 +203,50 @@ NTSTATUS resolve_name_recv(struct composite_context *c, /* general name resolution - sync call */ -NTSTATUS resolve_name(struct resolve_context *ctx, struct nbt_name *name, TALLOC_CTX *mem_ctx, const char **reply_addr, struct event_context *ev) +NTSTATUS resolve_all_name(struct resolve_context *ctx, + struct nbt_name *name, + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs, + struct event_context *ev) +{ + struct composite_context *c = resolve_name_all_send(ctx, name, ev); + return resolve_name_all_recv(c, mem_ctx, addrs); +} + +struct composite_context *resolve_name_send(struct resolve_context *ctx, + struct nbt_name *name, + struct event_context *event_ctx) +{ + return resolve_name_all_send(ctx, name, event_ctx); +} + +NTSTATUS resolve_name_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + const char **reply_addr) +{ + NTSTATUS status; + struct socket_address **addrs = NULL; + + status = resolve_name_all_recv(c, mem_ctx, &addrs); + + if (NT_STATUS_IS_OK(status)) { + *reply_addr = talloc_steal(mem_ctx, addrs[0]->addr); + talloc_free(addrs); + } + + return status; +} + +/* + general name resolution - sync call + */ +NTSTATUS resolve_name(struct resolve_context *ctx, + struct nbt_name *name, + TALLOC_CTX *mem_ctx, + const char **reply_addr, + struct event_context *ev) { - struct composite_context *c = resolve_name_send(ctx, name, ev); + struct composite_context *c = resolve_name_send(ctx, name, ev); return resolve_name_recv(c, mem_ctx, reply_addr); } diff --git a/source4/libcli/resolve/resolve.h b/source4/libcli/resolve/resolve.h index 22de146c99..01fc930fce 100644 --- a/source4/libcli/resolve/resolve.h +++ b/source4/libcli/resolve/resolve.h @@ -22,9 +22,16 @@ #ifndef __RESOLVE_H__ #define __RESOLVE_H__ +struct socket_address; + #include "../libcli/nbt/libnbt.h" -typedef struct composite_context *(*resolve_name_send_fn)(TALLOC_CTX *mem_ctx, struct event_context *, void *privdata, struct nbt_name *); -typedef NTSTATUS (*resolve_name_recv_fn)(struct composite_context *, TALLOC_CTX *, const char **); +typedef struct composite_context *(*resolve_name_send_fn)(TALLOC_CTX *mem_ctx, + struct event_context *, + void *privdata, + struct nbt_name *); +typedef NTSTATUS (*resolve_name_recv_fn)(struct composite_context *creq, + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs); #include "libcli/resolve/proto.h" struct interface; #include "libcli/resolve/lp_proto.h" diff --git a/source4/libcli/resolve/testsuite.c b/source4/libcli/resolve/testsuite.c index 73a8c841bb..34de1158a5 100644 --- a/source4/libcli/resolve/testsuite.c +++ b/source4/libcli/resolve/testsuite.c @@ -43,7 +43,7 @@ static bool test_async_resolve(struct torture_context *tctx) torture_comment(tctx, "Testing async resolve of '%s' for %d seconds\n", host, timelimit); while (timeval_elapsed(&tv) < timelimit) { - const char *s; + struct socket_address **s; struct composite_context *c = resolve_name_host_send(mem_ctx, ev, NULL, &n); torture_assert(tctx, c != NULL, "resolve_name_host_send"); torture_assert_ntstatus_ok(tctx, resolve_name_host_recv(c, mem_ctx, &s), diff --git a/source4/libcli/resolve/wins.c b/source4/libcli/resolve/wins.c index f787d52d31..ae142f7054 100644 --- a/source4/libcli/resolve/wins.c +++ b/source4/libcli/resolve/wins.c @@ -23,6 +23,7 @@ #include "../libcli/nbt/libnbt.h" #include "libcli/resolve/resolve.h" #include "param/param.h" +#include "lib/socket/socket.h" #include "lib/socket/netif.h" struct resolve_wins_data { @@ -50,9 +51,10 @@ struct composite_context *resolve_name_wins_send( wins name resolution method - recv side */ NTSTATUS resolve_name_wins_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, const char **reply_addr) + TALLOC_CTX *mem_ctx, + struct socket_address ***addrs) { - return resolve_name_nbtlist_recv(c, mem_ctx, reply_addr); + return resolve_name_nbtlist_recv(c, mem_ctx, addrs); } /* @@ -64,7 +66,7 @@ NTSTATUS resolve_name_wins(struct nbt_name *name, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout, - const char **reply_addr) + struct socket_address ***addrs) { struct composite_context *c; struct resolve_wins_data *wins_data = talloc(mem_ctx, struct resolve_wins_data); @@ -73,7 +75,7 @@ NTSTATUS resolve_name_wins(struct nbt_name *name, wins_data->nbt_port = nbt_port; wins_data->nbt_timeout = nbt_timeout; c = resolve_name_wins_send(mem_ctx, NULL, wins_data, name); - return resolve_name_wins_recv(c, mem_ctx, reply_addr); + return resolve_name_wins_recv(c, mem_ctx, addrs); } bool resolve_context_add_wins_method(struct resolve_context *ctx, const char **address_list, struct interface *ifaces, uint16_t nbt_port, int nbt_timeout) diff --git a/source4/libcli/security/dom_sid.c b/source4/libcli/security/dom_sid.c index 1a7519e362..d8a83f2abb 100644 --- a/source4/libcli/security/dom_sid.c +++ b/source4/libcli/security/dom_sid.c @@ -122,11 +122,6 @@ struct dom_sid *dom_sid_parse_talloc(TALLOC_CTX *mem_ctx, const char *sidstr) return NULL; } - ret->sub_auths = talloc_array(ret, uint32_t, num_sub_auths); - if (!ret->sub_auths) { - return NULL; - } - ret->sid_rev_num = rev; ret->id_auth[0] = 0; ret->id_auth[1] = 0; @@ -183,11 +178,6 @@ struct dom_sid *dom_sid_dup(TALLOC_CTX *mem_ctx, const struct dom_sid *dom_sid) return NULL; } - ret->sub_auths = talloc_array(ret, uint32_t, dom_sid->num_auths); - if (!ret->sub_auths) { - return NULL; - } - ret->sid_rev_num = dom_sid->sid_rev_num; ret->id_auth[0] = dom_sid->id_auth[0]; ret->id_auth[1] = dom_sid->id_auth[1]; @@ -206,7 +196,7 @@ struct dom_sid *dom_sid_dup(TALLOC_CTX *mem_ctx, const struct dom_sid *dom_sid) /* add a rid to a domain dom_sid to make a full dom_sid. This function - returns a new sid in the suppplied memory context + returns a new sid in the supplied memory context */ struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx, const struct dom_sid *domain_sid, @@ -219,11 +209,6 @@ struct dom_sid *dom_sid_add_rid(TALLOC_CTX *mem_ctx, *sid = *domain_sid; - sid->sub_auths = talloc_array(sid, uint32_t, sid->num_auths+1); - if (!sid->sub_auths) { - return NULL; - } - memcpy(sid->sub_auths, domain_sid->sub_auths, sid->num_auths*sizeof(uint32_t)); sid->sub_auths[sid->num_auths] = rid; sid->num_auths++; diff --git a/source4/libcli/security/sddl.c b/source4/libcli/security/sddl.c index 09522f182a..a8d893f085 100644 --- a/source4/libcli/security/sddl.c +++ b/source4/libcli/security/sddl.c @@ -249,7 +249,6 @@ static bool sddl_decode_ace(TALLOC_CTX *mem_ctx, struct security_ace *ace, char return false; } ace->trustee = *sid; - talloc_steal(mem_ctx, sid->sub_auths); talloc_free(sid); return true; diff --git a/source4/libcli/security/security_descriptor.c b/source4/libcli/security/security_descriptor.c index 882284dd9b..2bce8e8b08 100644 --- a/source4/libcli/security/security_descriptor.c +++ b/source4/libcli/security/security_descriptor.c @@ -65,18 +65,6 @@ static struct security_acl *security_acl_dup(TALLOC_CTX *mem_ctx, goto failed; } - /* remapping array in trustee dom_sid from old acl to new acl */ - - for (i = 0; i < oacl->num_aces; i++) { - nacl->aces[i].trustee.sub_auths = - (uint32_t *)talloc_memdup(nacl->aces, nacl->aces[i].trustee.sub_auths, - sizeof(uint32_t) * nacl->aces[i].trustee.num_auths); - - if ((nacl->aces[i].trustee.sub_auths == NULL) && (nacl->aces[i].trustee.num_auths > 0)) { - goto failed; - } - } - nacl->revision = oacl->revision; nacl->size = oacl->size; nacl->num_aces = oacl->num_aces; @@ -175,14 +163,6 @@ static NTSTATUS security_descriptor_acl_add(struct security_descriptor *sd, } acl->aces[acl->num_aces] = *ace; - acl->aces[acl->num_aces].trustee.sub_auths = - (uint32_t *)talloc_memdup(acl->aces, - acl->aces[acl->num_aces].trustee.sub_auths, - sizeof(uint32_t) * - acl->aces[acl->num_aces].trustee.num_auths); - if (acl->aces[acl->num_aces].trustee.sub_auths == NULL) { - return NT_STATUS_NO_MEMORY; - } switch (acl->aces[acl->num_aces].type) { case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT: |