summaryrefslogtreecommitdiff
path: root/source4/rpc_server/dcerpc_server.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r6973: Merge new version of pidl into the main SAMBA_4_0 branch.Jelmer Vernooij1-0/+2
The main difference in this new version is the extra data structure generated between the IDL data structure and the NDR parser: IDL -> NDR -> { ndr_parser, ndr_header, eparser, etc } This makes the ndr_parser.pm internals much more sane. Other changes include: - Remove unnecessary calls with NDR_BUFFERS (for example, GUID doesn't have any buffers, just scalars) as well as some (unnecessary) nested setting of flags. - Parse array loops in the C code rather then calling ndr_pull_array(). This allows us to have, for example, arrays of pointers or arrays of pointers to arrays, etc.. - Use if() {} rather then if () goto foo; everywhere - NDR_IN no longer implies LIBNDR_FLAG_REF_ALLOC - By default, top level pointers are now "ref" (as is the default in most other IDL compilers). This can be overridden using the default_pointer_top() property. - initial work on new ethereal parser generators by Alan DeKok and me - pidl now writes errors in the standard format used by compilers, which is parsable by most editors - ability to warn about the fact that pidl extension(s) have been used, useful for making sure IDL files work with other IDL compilers. oh, and there's probably some other things I can't think of right now.. (This used to be commit 13cf227615f6b9e0e5fa62e59197024410254f01)
2007-10-10r6714: We can only ask GENSEC questions if we are authenticated.Andrew Bartlett1-1/+3
Andrew Bartlett (This used to be commit b429712f1e8234c64138aaa8ff67dce94988406c)
2007-10-10r6705: let the gensec module decide if messages can be signed and sealed in ↵Stefan Metzmacher1-0/+4
a different order than a strict request - reply sequence Note: we should also fix the client code... metze (This used to be commit 0a61d1f65150546f7a7582512ca010d156f963bf)
2007-10-10r6526: Rename this RPC fault. Everybody else calls this ACCESS_DENIED, andAndrew Bartlett1-1/+1
it certainly doesn't make sense as LOGON_FAILURE. Andrew Bartlett (This used to be commit 4bec3d3f378ed8b988e00441c9bb5718b8548ba6)
2007-10-10r5902: A rather large change...Andrew Bartlett1-4/+4
I wanted to add a simple 'workstation' argument to the DCERPC authenticated binding calls, but this patch kind of grew from there. With SCHANNEL, the 'workstation' name (the netbios name of the client) matters, as this is what ties the session between the NETLOGON ops and the SCHANNEL bind. This changes a lot of files, and these will again be changed when jelmer does the credentials work. I also correct some schannel IDL to distinguish between workstation names and account names. The distinction matters for domain trust accounts. Issues in handling this (issues with lifetime of talloc pointers) caused me to change the 'creds_CredentialsState' and 'struct dcerpc_binding' pointers to always be talloc()ed pointers. In the schannel DB, we now store both the domain and computername, and query on both. This should ensure we fault correctly when the domain is specified incorrectly in the SCHANNEL bind. In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out, where the comment claimed we re-used a connection, but in fact we made a new connection. This was achived by breaking apart some of the dcerpc_secondary_connection() logic. The addition of workstation handling was also propogated to NTLMSSP and GENSEC, for completeness. The RPC-SAMSYNC test has been cleaned up a little, using a loop over usernames/passwords rather than manually expanded tests. This will be expanded further (the code in #if 0 in this patch) to use a newly created user account for testing. In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO server, caused by the removal of [ref] and the assoicated pointer from the IDL. This has been re-added, until the underlying pidl issues are solved. (This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2007-10-10r5298: - got rid of pstring.h from includes.h. This at least makes it a bitAndrew Tridgell1-1/+1
less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2007-10-10r5197: moved events code to lib/events/ (suggestion from metze)Andrew Tridgell1-1/+1
(This used to be commit 7f54c8a339f36aa43c9340be70ab7f0067593ef2)
2007-10-10r5185: make all the events data structures private to events.c. This willAndrew Tridgell1-1/+1
make it possible to add optimisations to the events code such as keeping the next timed event in a sorted list, and using epoll for file descriptor events. I also removed the loop events code, as it wasn't being used anywhere, and changed timed events to always be one-shot (as adding a new timed event in the event handler is so easy to do if needed) (This used to be commit d7b4b6de51342a65bf46fce772d313f92f8d73d3)
2007-10-10r5102: This is a major simplification of the logic for controlling top levelAndrew Tridgell1-63/+18
servers in smbd. The old code still contained a fairly bit of legacy from the time when smbd was only handling SMB connection. The new code gets rid of all of the smb_server specific code in smbd/, and creates a much simpler infrastructures for new server code. Major changes include: - simplified the process model code a lot. - got rid of the top level server and service structures completely. The top level context is now the event_context. This got rid of service.h and server.h completely (they were the most confusing parts of the old code) - added service_stream.[ch] for the helper functions that are specific to stream type services (services that handle streams, and use a logically separate process per connection) - got rid of the builtin idle_handler code in the service logic, as none of the servers were using it, and it can easily be handled by a server in future by adding its own timed_event to the event context. - fixed some major memory leaks in the rpc server code. - added registration of servers, rather than hard coding our list of possible servers. This allows for servers as modules in the future. - temporarily disabled the winbind code until I add the helper functions for that type of server - added error checking on service startup. If a configured server fails to startup then smbd doesn't startup. - cleaned up the command line handling in smbd, removing unused options (This used to be commit cf6a46c3cbde7b1eb1b86bd3882b953a2de3a42e)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-6/+6
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r4758: - added async support to the session request codeAndrew Tridgell1-2/+0
- added async support to the negprot client code - removed two unused parameters from smbcli_full_connection() code - converted smbclient to use smbcli_full_connection() rather than reinventing everything itself (This used to be commit 71cbe2873473e039b4511511302cb63f1c50bce8)
2007-10-10r4728: split up server_services into:Stefan Metzmacher1-18/+17
- stream_socket services the smb, ldap and rpc service which sets up a srtam socket end then waits for connections and - task services which this you can create a seperate task that do something (this is also going through the process_model subsystem so with -M standard a new process for this created with -M thread a new thread ... I'll add datagram services later when we whave support for datagram sockets in lib/socket/ see the next commit as an example for service_task's metze (This used to be commit d5fa02746c6569b09b6e05785642da2fad3ba3e0)
2007-10-10r4712: slight tidy up in alter_context serverAndrew Tridgell1-2/+1
(This used to be commit 20ab5bed34c852509b7f3e4c778ff23f4379b36e)
2007-10-10r4690: - add support for async rpc server repliesStefan Metzmacher1-96/+125
the backend should check for (dce_call->state_flags & DCESRV_CALL_STATE_FLAG_MAY_ASYNC) then it's allowed to reply async then the backend should mark that call as async with dce_call->state_flags |= DCESRV_CALL_STATE_FLAG_ASYNC; later it has to manualy set r->out.result and then send the reply by calling status = dcesrv_reply(p->dce_call); NOTE: that ncacn_np doesn't support async replies yet - implement an async version of echo_TestSleep - reenable the echo_TestSleep torture test (this need to be more strict when we have support for async ncacn_np) metze (This used to be commit f0a0dbeb25b034b1333078ca085999359f5f6209)
2007-10-10r4642: added support for alter_context in the server for adding new ↵Andrew Tridgell1-3/+68
interfaces to an existing pipe (This used to be commit b6af57c86829aadc261cd7b79091cef17c15b967)
2007-10-10r4640: first stage in the server side support for multiple context_ids on ↵Andrew Tridgell1-25/+70
one pipe this stage does the following: - simplifies the dcerpc_handle handling, and all the callers of it - split out the context_id depenent state into a linked list of established contexts - fixed some talloc handling in several rpc servers that i noticed while doing the above (This used to be commit fde042b3fc609c94e2c7eedcdd72ecdf489cf63b)
2007-10-10r4620: - add interface functions to the auth subsystem so that callers ↵Stefan Metzmacher1-2/+1
doesn't need to use function pointers anymore - make the module init much easier - a lot of cleanups don't try to read the diff in auth/ better read the new files it passes test_echo.sh and test_rpc.sh abartlet: please fix spelling fixes metze (This used to be commit 3c0d16b8236451f2cfd38fc3db8ae2906106d847)
2007-10-10r4618: - tidied up the alter_context client code a bitAndrew Tridgell1-13/+13
- there is no alter_nak or alter_ack packet, its all done in an alter_response - auto-allocated the contex_ids - tried to fix up the dcom code to work again with alter_context. Jelmer, please take a look :) (This used to be commit dd1c54add8884376601f2f8a56c01bfb8add030c)
2007-10-10r4591: - converted the other _p talloc functions to not need _pAndrew Tridgell1-1/+4
- added #if TALLOC_DEPRECATED around the _p functions - fixes the code that broke from the above while doing this I fixed quite a number of places that were incorrectly using the non type-safe talloc functions to use the type safe ones. Some were even doing multiplies for array allocation, which is potentially unsafe. (This used to be commit 6e7754abd0c225527fb38363996a6e241b87b37e)
2007-10-10r4359: using talloc_free() of a child struct in a talloc_destructor is uselessStefan Metzmacher1-5/+0
metze (This used to be commit e51f2cf43f2cbcf3c3bbb00abc99f1bddb9f7f35)
2007-10-10r4358: At metze's request, the Christmas elves have removed gensec_end inAndrew Bartlett1-1/+2
favor of talloc_free(). Andrew Bartlett (This used to be commit 1933cd12fbaed56e13f2386b19de6ade99bf9478)
2007-10-10r4288: don't use struct dcerpc_interface_table anymore in theStefan Metzmacher1-31/+14
main rpc server code. let the backends specify a ndr_push/ndr_pull function like we already do with the dispatch() function. this allows an interface implmentation to work as real proxy without needing to know the idl for an interface that means just the plain decrypted payload can be forwarded If someone want to write such a backend, patches are wellcome metze (This used to be commit a150bdf140d9165a05cbc7cac40b6e3c03a7bd3c)
2007-10-10r4161: two more fixes for NT4 clients. Bugs found by kukks.Andrew Tridgell1-2/+6
- nt4 doesn't setup the pfc flags correctly for rpc packet types other than normal requests, so don't check for fragmented packets unless they are of type request - ensure we give STATUS_BUFFER_OVERFLOW when we return a partial fragment in SMBtrans requests on ncacn_np (This used to be commit 83ebffec3215c58c5cebf1a7c9a58904854203c8)
2007-10-10r4082: support alter_context requestsStefan Metzmacher1-0/+62
metze (This used to be commit ab6ec6b5f4e04322eb151b7bf9c530a0dc16bf89)
2007-10-10r4052: fixed a bunch of code to use the type safe _p allocation macrosAndrew Tridgell1-2/+2
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
2007-10-10r4000: DATA_BLOB.data is uint8_t * not void * :-)Stefan Metzmacher1-1/+1
(thanks abartlet for telling me) metze (This used to be commit 2783bf393f6310f9d827538329d619dad5b02dd0)
2007-10-10r3968: fix compiler warningsStefan Metzmacher1-1/+1
metze (This used to be commit 6440476f7f2fd5776ec4a21240e7482603000d19)
2007-10-10r3810: create a LIB_SECURITY subsystemStefan Metzmacher1-1/+1
- move dom_sid, security_descriptor, security_* funtions to one place and rename some of them metze (This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
2007-10-10r3790: use a registration function that is called from dcerpc_*_init functionsJelmer Vernooij1-1/+0
rather then a large table in librpc/gen_ndr/tables.c. This will allow us to only link in only the required gen_ndr files (speeds up linking quite a bit, makes binaries smaller). Each gen_ndr_* file now has a init function that calls the init functions of the interfaces it contains. I did it this way to keep pidl's code simple, though it might hurt startup time a bit. I'd be happy to change it if people like one function better. (This used to be commit 3c436590ae95b58ad6d00e72d6fdd08a4d80f208)
2007-10-10r3737: - Get rid of the register_subsystem() and register_backend() functions.Jelmer Vernooij1-19/+1
- Re-disable tdbtool (it was building fine on my Debian box but other machines were having problems) (This used to be commit 0d7bb2c40b7a9ed59df3f8944133ea562697e814)
2007-10-10r3630: More work on DCOM server sideJelmer Vernooij1-0/+4
(This used to be commit e995a1c0e5d2ee2dc50c31c01ce281a303dd5231)
2007-10-10r3586: Fix some of the issues with the module init functions.Jelmer Vernooij1-5/+4
Both subsystems and modules can now have init functions, which can be specified in .mk files (INIT_FUNCTION = ...) The build system will define : - SUBSYSTEM_init_static_modules that calls the init functions of all statically compiled modules. Failing to load will generate an error which is not fatal - BINARY_init_subsystems that calls the init functions (if defined) for the subsystems the binary depends on This removes the hack with the "static bool Initialised = " and the "lazy_init" functions (This used to be commit 7a8244761bfdfdfb48f8264d76951ebdfbf7bd8a)
2007-10-10r3507: - added deferred replies on sharing violation in pvfs open. TheAndrew Tridgell1-8/+5
deferred reply is short-circuited immediately when the file is closed by another user, allowing it to be opened by the waiting user. - added a sane set of timeval manipulation routines - converted all the events code and code that uses it to use struct timeval instead of time_t, which allows for microsecond resolution instead of 1 second resolution. This was needed for doing the pvfs deferred open code, and is why the patch is so big. (This used to be commit 0d51511d408d91eb5f68a35e980e0875299b1831)
2007-10-10r3497: removed some include cruft, and split out librpc/gen_ndr/tables.hAndrew Tridgell1-0/+1
(This used to be commit 7dd3a5a6dadb0edc4fad56deba84f24b1e6dd2bc)
2007-10-10r3468: split out dcerpc_server.hAndrew Tridgell1-0/+1
(This used to be commit 729e0026e4408f74f140375537d4fe48c1fc3242)
2007-10-10r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ↵Andrew Tridgell1-0/+1
ioctl.h) (This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
2007-10-10r3453: - split out the auth and popt includesAndrew Tridgell1-1/+1
- tidied up some of the system includes - moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl knows about inter-IDL dependencies (This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
2007-10-10r3428: switched to using minimal includes for the auto-generated RPC code.Andrew Tridgell1-0/+3
The thing that finally convinced me that minimal includes was worth pursuing for rpc was a compiler (tcc) that failed to build Samba due to reaching internal limits of the size of include files. Also the fact that includes.h.gch was 16MB, which really seems excessive. This patch brings it back to 12M, which is still too large, but better. Note that this patch speeds up compile times for both the pch and non-pch case. This change also includes the addition iof a "depends()" option in our IDL files, allowing you to specify that one IDL file depends on another. This capability was needed for the auto-includes generation. (This used to be commit b8f5fa8ac8e8725f3d321004f0aedf4246fc6b49)
2007-10-10r3323: more warning reductionsAndrew Tridgell1-1/+1
(This used to be commit 5921587ec26e4892efc678421277e4969417d7f5)
2007-10-10r3320: fixed bugs in the rpc_server code in handling partial packet receives ↵Andrew Tridgell1-4/+1
and sends it now passes the non-blocking test suite (This used to be commit 6cdf485fb263c69d62ea2e98236d92ffbf6b7a3e)
2007-10-10r3167: Add a member 'endpoint' to the dcerpc_binding struct to use instead ofJelmer Vernooij1-7/+3
options[0]. (This used to be commit 18582083af800abd3d8de40eb73255c8ae6598dd)
2007-10-10r3165: Support local connections in Gtk+ toolsJelmer Vernooij1-1/+1
(This used to be commit 3de0cf22ddd6b7fb4a2214f3f99d37174c54840f)
2007-10-10r3163: Add server side support for ncalrpc: and ncacn_unix_stream:Jelmer Vernooij1-7/+7
Examples of binding strings are : ncalrpc:[EPMAPPER] ncacn_unix_stream:[/tmp/epmapper] N.B. The unix socket support in lib/socket/ appears to close and remove the socket it is listening on after the first client disconnects so until that has been fixed, it is only possible to do one ncalrpc: or ncacn_unix_stream: request per instance of smbd :-) Support for looking up NCALRPC names via the endpoint mapper will be added later. (This used to be commit 426f3e63cae3d306dcdc13ee4b655eed30057ff8)
2007-10-10r3118: Eliminate struct dcesrv_ep_description and replace it withJelmer Vernooij1-55/+17
struct dcerpc_binding. (This used to be commit 2046e14cf8d010d4e715124859df2c1c3c782266)
2007-10-10r3114: - More work on merging the various structs that describe endpointsJelmer Vernooij1-13/+22
- Add protocol sequence to dcerpc transports (will be used later on) - Add more transports to the list (This used to be commit ab110192e6e2c1e5a3b2befe7b61158744f15d18)
2007-10-10r3043: Use binding strings for specifying endpoints. The property forJelmer Vernooij1-9/+27
specifying a endpoint is now also 'endpoint' instead of 'endpoints'. The default endpoint (if none is specified) is still "ncacn_np:[\\pipe\\ifacename]", where ifacename is the name of the interface. Examples: [ uuid(60a15ec5-4de8-11d7-a637-005056a20182), endpoint("ncacn_np:[\\pipe\\rpcecho]", "ncacn_ip_tcp:") ] interface rpcecho { void dummy(); } dcerpc_binding is now converted to ep_description in the server, but I hope to completely eliminate ep_description later on. The eventual goal of all these changes is to make it easier to add transports as I'm going to add support for ncalrpc (local RPC over named pipes) and ncacn_unix_stream (Unix sockets). (This used to be commit f3da7c8b443a29b0c656c687a277384ae1353792)
2007-10-10r2710: continue with the new style of providing a parent context wheneverAndrew Tridgell1-21/+25
possible to a structure creation routine. This makes for much easier global cleanup. (This used to be commit e14ee428ec357fab76a960387a9820a673786e27)
2007-10-10r2673: in the rpc server, free up the old call when we decide to extend anAndrew Tridgell1-1/+3
existing call rather than creating a new one. This prevents call structures hanging around on the rpc connection context until it is closed (This used to be commit c51ca7c0e73b97435c245cd440a4fb979cf6a4f3)
2007-10-10r2671: we're getting too many errors caused by the talloc_realloc() API notAndrew Tridgell1-2/+3
taking a context (so when you pass a NULL pointer you end up with memory in a top level context). Fixed it by changing the API to take a context. The context is only used if the pointer you are reallocing is NULL. (This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
2007-10-10r2660: - converted the libcli/raw/ library to use talloc_increase_ref_count()Andrew Tridgell1-4/+0
rather than manual reference counts - properly support SMBexit in the cifs and posix backends - added a logoff method to all backends With these changes the RAW-CONTEXT test now passes against the posix backend (This used to be commit c315d6ac1cc40546fde1474702a6d66d07ee13c8)