From 6ec4306f8c3fed7ec5b5bd164c5829b2661589b7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 16 Apr 2011 15:41:50 +1000 Subject: auth/kerberos: Create common helper to get the verified PAC from GSSAPI This only works for Heimdal and MIT Krb5 1.8, other versions will get an ACCESS_DEINED error. We no longer manually verify any details of the PAC in Samba for GSSAPI logins, as we never had the information to do it properly, and it is better to have the GSSAPI library handle it. Andrew Bartlett --- source3/librpc/crypto/gse.c | 47 +++++---------------------------------------- source3/librpc/crypto/gse.h | 3 ++- 2 files changed, 7 insertions(+), 43 deletions(-) (limited to 'source3/librpc') diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c index 0d9eead082..42e9c942a9 100644 --- a/source3/librpc/crypto/gse.c +++ b/source3/librpc/crypto/gse.c @@ -62,16 +62,6 @@ gss_OID_desc gse_authz_data_oid = { (void *)GSE_EXTRACT_RELEVANT_AUTHZ_DATA_OID }; -#ifndef GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID -#define GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID_LENGTH 11 -#define GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x0c" -#endif - -gss_OID_desc gse_authtime_oid = { - GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID_LENGTH, - (void *)GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID -}; - static char *gse_errstr(TALLOC_CTX *mem_ctx, OM_uint32 maj, OM_uint32 min); struct gse_context { @@ -692,42 +682,15 @@ NTSTATUS gse_get_authz_data(struct gse_context *gse_ctx, return NT_STATUS_OK; } -NTSTATUS gse_get_authtime(struct gse_context *gse_ctx, time_t *authtime) +NTSTATUS gse_get_pac_blob(struct gse_context *gse_ctx, + TALLOC_CTX *mem_ctx, DATA_BLOB *pac_blob) { - OM_uint32 gss_min, gss_maj; - gss_buffer_set_t set = GSS_C_NO_BUFFER_SET; - int32_t tkttime; - if (!gse_ctx->authenticated) { return NT_STATUS_ACCESS_DENIED; } - gss_maj = gss_inquire_sec_context_by_oid( - &gss_min, gse_ctx->gss_ctx, - &gse_authtime_oid, &set); - if (gss_maj) { - DEBUG(0, ("gss_inquire_sec_context_by_oid failed [%s]\n", - gse_errstr(talloc_tos(), gss_maj, gss_min))); - return NT_STATUS_NOT_FOUND; - } - - if ((set == GSS_C_NO_BUFFER_SET) || (set->count != 1) != 0) { - DEBUG(0, ("gss_inquire_sec_context_by_oid returned unknown " - "data in results.\n")); - return NT_STATUS_INTERNAL_ERROR; - } - - if (set->elements[0].length != sizeof(int32_t)) { - DEBUG(0, ("Invalid authtime size!\n")); - return NT_STATUS_INTERNAL_ERROR; - } - - tkttime = *((int32_t *)set->elements[0].value); - - gss_maj = gss_release_buffer_set(&gss_min, &set); - - *authtime = (time_t)tkttime; - return NT_STATUS_OK; + return gssapi_obtain_pac_blob(mem_ctx, gse_ctx->gss_ctx, + gse_ctx->client_name, pac_blob); } size_t gse_get_signature_length(struct gse_context *gse_ctx, @@ -1017,4 +980,4 @@ NTSTATUS gse_sigcheck(TALLOC_CTX *mem_ctx, struct gse_context *gse_ctx, return NT_STATUS_NOT_IMPLEMENTED; } -#endif /* HAVE_KRB5 && HAVE_GSSAPI_EXT_H && HAVE_GSS_WRAP_IOV */ +#endif /* HAVE_KRB5 && HAVE_GSS_WRAP_IOV */ diff --git a/source3/librpc/crypto/gse.h b/source3/librpc/crypto/gse.h index fbcf5b6e10..27cc2e9255 100644 --- a/source3/librpc/crypto/gse.h +++ b/source3/librpc/crypto/gse.h @@ -56,7 +56,8 @@ NTSTATUS gse_get_client_name(struct gse_context *gse_ctx, TALLOC_CTX *mem_ctx, char **client_name); NTSTATUS gse_get_authz_data(struct gse_context *gse_ctx, TALLOC_CTX *mem_ctx, DATA_BLOB *pac); -NTSTATUS gse_get_authtime(struct gse_context *gse_ctx, time_t *authtime); +NTSTATUS gse_get_pac_blob(struct gse_context *gse_ctx, + TALLOC_CTX *mem_ctx, DATA_BLOB *pac_blob); size_t gse_get_signature_length(struct gse_context *gse_ctx, int seal, size_t payload_size); -- cgit From cd7112ba84759a677e51111e44b5f531d602c77c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 16 Apr 2011 15:39:00 +1000 Subject: s3-gse: Don't release the mech OID from gss_accept_security_context This is constant data according to the man pages I find for this fucntion, and causes a segfault to free() when linked to Heimdal. I am advised that while it is constant for gss_mech_krb5, it may not be for other mechanisms, so an assert will ensure this is dealt with by the programmer who extends this code in future. Andrew Bartlett --- source3/librpc/crypto/gse.c | 35 +++++++++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 4 deletions(-) (limited to 'source3/librpc') diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c index 42e9c942a9..22b940a1f3 100644 --- a/source3/librpc/crypto/gse.c +++ b/source3/librpc/crypto/gse.c @@ -85,6 +85,24 @@ struct gse_context { bool authenticated; }; +#ifndef HAVE_GSS_OID_EQUAL + +static bool gss_oid_equal(const gss_OID o1, const gss_OID o2) +{ + if (o1 == o2) { + return true; + } + if ((o1 == NULL && o2 != NULL) || (o1 != NULL && o2 == NULL)) { + return false; + } + if (o1->length != o2->length) { + return false; + } + return memcmp(o1->elements, o2->elements, o1->length) == false; +} + +#endif + /* free non talloc dependent contexts */ static int gse_context_destructor(void *ptr) { @@ -125,10 +143,19 @@ static int gse_context_destructor(void *ptr) gss_maj = gss_release_cred(&gss_min, &gse_ctx->delegated_creds); } - if (gse_ctx->ret_mech) { - gss_maj = gss_release_oid(&gss_min, - &gse_ctx->ret_mech); - } + + /* MIT and Heimdal differ as to if you can call + * gss_release_oid() on this OID, generated by + * gss_{accept,init}_sec_context(). However, as long as the + * oid is gss_mech_krb5 (which it always is at the moment), + * then this is a moot point, as both declare this particular + * OID static, and so no memory is lost. This assert is in + * place to ensure that the programmer who wishes to extend + * this code to EAP or other GSS mechanisms determines an + * implementation-dependent way of releasing any dynamically + * allocated OID */ + SMB_ASSERT(gss_oid_equal(&gse_ctx->gss_mech, GSS_C_NO_OID) || gss_oid_equal(&gse_ctx->gss_mech, gss_mech_krb5)); + return 0; } -- cgit From 91ebf22fa8aa5ecd9b4508b5b2c448e5edc3d151 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 27 Apr 2011 15:37:59 +1000 Subject: s3-rpc_server Fix compile without kerberos Autobuild-User: Andrew Bartlett Autobuild-Date: Wed Apr 27 23:08:48 CEST 2011 on sn-devel-104 --- source3/librpc/crypto/gse.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/librpc') diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c index 22b940a1f3..ca99f9b03a 100644 --- a/source3/librpc/crypto/gse.c +++ b/source3/librpc/crypto/gse.c @@ -972,7 +972,8 @@ NTSTATUS gse_get_authz_data(struct gse_context *gse_ctx, return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS gse_get_authtime(struct gse_context *gse_ctx, time_t *authtime) +NTSTATUS gse_get_pac_blob(struct gse_context *gse_ctx, + TALLOC_CTX *mem_ctx, DATA_BLOB *pac_blob) { return NT_STATUS_NOT_IMPLEMENTED; } -- cgit From bc6f24e89f2dd6204209fc9bacc7bfa9c22d0a57 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Apr 2011 16:37:05 +0200 Subject: s3-build: remove some unused headers. Guenther --- source3/librpc/rpc/rpc_common.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/librpc') diff --git a/source3/librpc/rpc/rpc_common.c b/source3/librpc/rpc/rpc_common.c index ed0320adf0..b4c7e1dcd4 100644 --- a/source3/librpc/rpc/rpc_common.c +++ b/source3/librpc/rpc/rpc_common.c @@ -18,7 +18,6 @@ */ #include "includes.h" -#include "../librpc/gen_ndr/ndr_schannel.h" #include "../librpc/gen_ndr/ndr_lsa.h" #include "../librpc/gen_ndr/ndr_dssetup.h" #include "../librpc/gen_ndr/ndr_samr.h" -- cgit From faf11751255202274505d72848c54ee6e5dce7b6 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 29 Apr 2011 15:13:55 +0200 Subject: s3-proto: move more librpc prototypes to librpc/rpc/dcerpc.h Guenther --- source3/librpc/rpc/dcerpc.h | 8 ++++++++ source3/librpc/rpc/rpc_common.c | 1 + 2 files changed, 9 insertions(+) (limited to 'source3/librpc') diff --git a/source3/librpc/rpc/dcerpc.h b/source3/librpc/rpc/dcerpc.h index 0a6ddaca17..05e8e0d3af 100644 --- a/source3/librpc/rpc/dcerpc.h +++ b/source3/librpc/rpc/dcerpc.h @@ -75,4 +75,12 @@ NTSTATUS dcerpc_check_auth(struct pipe_auth_data *auth, DATA_BLOB *raw_pkt, size_t *pad_len); +/* The following definitions come from librpc/rpc/rpc_common.c */ + +bool smb_register_ndr_interface(const struct ndr_interface_table *interface); +const struct ndr_interface_table *get_iface_from_syntax( + const struct ndr_syntax_id *syntax); +const char *get_pipe_name_from_syntax(TALLOC_CTX *mem_ctx, + const struct ndr_syntax_id *syntax); + #endif /* __S3_DCERPC_H__ */ diff --git a/source3/librpc/rpc/rpc_common.c b/source3/librpc/rpc/rpc_common.c index b4c7e1dcd4..65e3205f62 100644 --- a/source3/librpc/rpc/rpc_common.c +++ b/source3/librpc/rpc/rpc_common.c @@ -18,6 +18,7 @@ */ #include "includes.h" +#include "librpc/rpc/dcerpc.h" #include "../librpc/gen_ndr/ndr_lsa.h" #include "../librpc/gen_ndr/ndr_dssetup.h" #include "../librpc/gen_ndr/ndr_samr.h" -- cgit From bc781bf7d98baca57c8043bf7dc0a95f8ffd1345 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 29 Apr 2011 16:20:27 +0200 Subject: s3-proto: remove duplicate prototypes. Guenther --- source3/librpc/rpc/dcerpc_ep.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/librpc') diff --git a/source3/librpc/rpc/dcerpc_ep.c b/source3/librpc/rpc/dcerpc_ep.c index 76f7e91fb0..5ed71857bc 100644 --- a/source3/librpc/rpc/dcerpc_ep.c +++ b/source3/librpc/rpc/dcerpc_ep.c @@ -23,6 +23,7 @@ #include "../librpc/gen_ndr/ndr_epmapper_c.h" #include "rpc_client/cli_pipe.h" #include "auth.h" +#include "rpc_server/rpc_ncacn_np.h" #define EPM_MAX_ANNOTATION_SIZE 64 -- cgit From 80fa624861e6f45c4b6837969253d5fbac2f3b1e Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 May 2011 12:36:25 +0200 Subject: s3: move pipe_auth_data to dcerpc.h Guenther --- source3/librpc/rpc/dcerpc.h | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'source3/librpc') diff --git a/source3/librpc/rpc/dcerpc.h b/source3/librpc/rpc/dcerpc.h index 05e8e0d3af..d7e8e0c193 100644 --- a/source3/librpc/rpc/dcerpc.h +++ b/source3/librpc/rpc/dcerpc.h @@ -33,7 +33,20 @@ #define SMB_RPC_INTERFACE_VERSION 1 struct NL_AUTH_MESSAGE; -struct pipe_auth_data; + +/* auth state for all bind types. */ + +struct pipe_auth_data { + enum dcerpc_AuthType auth_type; + enum dcerpc_AuthLevel auth_level; + + void *auth_ctx; + + /* Only the client code uses these 3 for now */ + char *domain; + char *user_name; + DATA_BLOB user_session_key; +}; /* The following definitions come from librpc/rpc/dcerpc_helpers.c */ NTSTATUS dcerpc_push_ncacn_packet(TALLOC_CTX *mem_ctx, -- cgit From 0bb4701a747599042242b0612bc392a6e6d777af Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 May 2011 12:36:55 +0200 Subject: s3: remove various references to server side dcerpc structs (which are not needed). Guenther --- source3/librpc/rpc/dcerpc_helpers.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/librpc') diff --git a/source3/librpc/rpc/dcerpc_helpers.c b/source3/librpc/rpc/dcerpc_helpers.c index 7e6990c0ad..7520d767ba 100644 --- a/source3/librpc/rpc/dcerpc_helpers.c +++ b/source3/librpc/rpc/dcerpc_helpers.c @@ -28,7 +28,6 @@ #include "ntlmssp_wrap.h" #include "librpc/crypto/gse.h" #include "librpc/crypto/spnego.h" -#include "ntdomain.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_PARSE -- cgit From 4f41be356a4e6b311d30de3b2e36e4c33aa72ca3 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 5 May 2011 10:41:59 -0700 Subject: Fix many const compiler warnings. --- source3/librpc/crypto/gse.c | 44 +++++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 21 deletions(-) (limited to 'source3/librpc') diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c index ca99f9b03a..34742bc4aa 100644 --- a/source3/librpc/crypto/gse.c +++ b/source3/librpc/crypto/gse.c @@ -365,8 +365,6 @@ NTSTATUS gse_init_server(TALLOC_CTX *mem_ctx, OM_uint32 gss_maj, gss_min; krb5_error_code ret; NTSTATUS status; - const char *ktname; - gss_OID_set_desc mech_set; status = gse_context_init(mem_ctx, do_sign, do_seal, NULL, add_gss_c_flags, &gse_ctx); @@ -396,24 +394,27 @@ NTSTATUS gse_init_server(TALLOC_CTX *mem_ctx, * This call sets the default keytab for the whole server, not * just for this context. Need to find a way that does not alter * the state of the whole server ... */ + { + const char *ktname; + gss_OID_set_desc mech_set; - ret = smb_krb5_keytab_name(gse_ctx, gse_ctx->k5ctx, + ret = smb_krb5_keytab_name(gse_ctx, gse_ctx->k5ctx, gse_ctx->keytab, &ktname); - if (ret) { - status = NT_STATUS_INTERNAL_ERROR; - goto done; - } + if (ret) { + status = NT_STATUS_INTERNAL_ERROR; + goto done; + } - ret = gsskrb5_register_acceptor_identity(ktname); - if (ret) { - status = NT_STATUS_INTERNAL_ERROR; - goto done; - } + ret = gsskrb5_register_acceptor_identity(ktname); + if (ret) { + status = NT_STATUS_INTERNAL_ERROR; + goto done; + } - mech_set.count = 1; - mech_set.elements = &gse_ctx->gss_mech; - - gss_maj = gss_acquire_cred(&gss_min, + mech_set.count = 1; + mech_set.elements = &gse_ctx->gss_mech; + + gss_maj = gss_acquire_cred(&gss_min, GSS_C_NO_NAME, GSS_C_INDEFINITE, &mech_set, @@ -421,11 +422,12 @@ NTSTATUS gse_init_server(TALLOC_CTX *mem_ctx, &gse_ctx->creds, NULL, NULL); - if (gss_maj) { - DEBUG(0, ("gss_acquire_creds failed with [%s]\n", - gse_errstr(gse_ctx, gss_maj, gss_min))); - status = NT_STATUS_INTERNAL_ERROR; - goto done; + if (gss_maj) { + DEBUG(0, ("gss_acquire_creds failed with [%s]\n", + gse_errstr(gse_ctx, gss_maj, gss_min))); + status = NT_STATUS_INTERNAL_ERROR; + goto done; + } } #endif status = NT_STATUS_OK; -- cgit From 05e8881fef02e309a6dfbaee544f11c3d5088278 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 10 May 2011 22:02:49 +0200 Subject: s3:librpc: remove unneded gssapi includes from source3/librpc/crypto/gse.c These come in via the smb_krb5.h include (and lib/replace/system/kerberos.h) in the end. Pair-Programmed-With: Stefan Metzmacher Autobuild-User: Michael Adam Autobuild-Date: Tue May 10 23:12:31 CEST 2011 on sn-devel-104 --- source3/librpc/crypto/gse.c | 6 ------ 1 file changed, 6 deletions(-) (limited to 'source3/librpc') diff --git a/source3/librpc/crypto/gse.c b/source3/librpc/crypto/gse.c index 34742bc4aa..c311c774d4 100644 --- a/source3/librpc/crypto/gse.c +++ b/source3/librpc/crypto/gse.c @@ -27,12 +27,6 @@ #include "smb_krb5.h" #include "gse_krb5.h" -#include -#include -#ifdef HAVE_GSSAPI_GSSAPI_EXT_H -#include -#endif - #ifndef GSS_KRB5_INQ_SSPI_SESSION_KEY_OID #define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH 11 #define GSS_KRB5_INQ_SSPI_SESSION_KEY_OID "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05" -- cgit From 41b3c38587f1153d49c1805869aa186b66501f7a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 16 May 2011 21:18:25 +1000 Subject: librpc/ndr Merge ndr_print_sockaddr_storage() into common code There is no longer a reason to leave this source3 specific, and this brings it into a library (avoiding duplicate symbols). Andrew Bartlett --- source3/librpc/ndr/util.c | 30 ------------------------------ 1 file changed, 30 deletions(-) delete mode 100644 source3/librpc/ndr/util.c (limited to 'source3/librpc') diff --git a/source3/librpc/ndr/util.c b/source3/librpc/ndr/util.c deleted file mode 100644 index 6bbe054959..0000000000 --- a/source3/librpc/ndr/util.c +++ /dev/null @@ -1,30 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - libndr interface - - Copyright (C) Andrew Tridgell 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - -#include "includes.h" -#include "../librpc/ndr/libndr.h" -#include "librpc/ndr/util.h" - -_PUBLIC_ void ndr_print_sockaddr_storage(struct ndr_print *ndr, const char *name, const struct sockaddr_storage *ss) -{ - char addr[INET6_ADDRSTRLEN]; - ndr->print(ndr, "%-25s: %s", name, print_sockaddr(addr, sizeof(addr), ss)); -} -- cgit From c615ebed6e3d273a682806b952d543e834e5630d Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 13 May 2011 20:21:30 +0200 Subject: s3-lib Replace StrCaseCmp() with strcasecmp_m() strcasecmp_m() never needs to call to talloc, and via next_codepoint() still has an ASCII fast-path bypassing iconv() calls. Andrew Bartlett --- source3/librpc/rpc/dcerpc_ep.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/librpc') diff --git a/source3/librpc/rpc/dcerpc_ep.c b/source3/librpc/rpc/dcerpc_ep.c index 5ed71857bc..5088e7efcf 100644 --- a/source3/librpc/rpc/dcerpc_ep.c +++ b/source3/librpc/rpc/dcerpc_ep.c @@ -169,7 +169,7 @@ static NTSTATUS ep_register(TALLOC_CTX *mem_ctx, "rpc_server", "epmapper", "none"); - if (StrCaseCmp(rpcsrv_type, "embedded") == 0) { + if (strcasecmp_m(rpcsrv_type, "embedded") == 0) { static struct client_address client_id; strlcpy(client_id.addr, "localhost", sizeof(client_id.addr)); @@ -186,7 +186,7 @@ static NTSTATUS ep_register(TALLOC_CTX *mem_ctx, "epmapper (%s)", nt_errstr(status))); goto done; } - } else if (StrCaseCmp(rpcsrv_type, "daemon") == 0) { + } else if (strcasecmp_m(rpcsrv_type, "daemon") == 0) { /* Connect to the endpoint mapper locally */ ncalrpc_sock = talloc_asprintf(tmp_ctx, "%s/%s", -- cgit From df650fa8cf4954245eced7eccb26388c24acee82 Mon Sep 17 00:00:00 2001 From: Christian Ambach Date: Fri, 20 May 2011 14:17:36 +0200 Subject: s3:smbd remove unused code in the early CTDB days, the RELEASE_IP message was defined and some code was added to react on such a message to make smbd exit if the IP address it was using for the server socket is removed by CTDB. Later, it was discovered that we need to stop smbd immediately and logic was added to ctdb_conn to call release_ip() without going through the messaging system. So this code is not used and can be removed Autobuild-User: Christian Ambach Autobuild-Date: Fri May 20 16:18:24 CEST 2011 on sn-devel-104 --- source3/librpc/idl/messaging.idl | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/librpc') diff --git a/source3/librpc/idl/messaging.idl b/source3/librpc/idl/messaging.idl index 8618d53c9a..0c0672c7a6 100644 --- a/source3/librpc/idl/messaging.idl +++ b/source3/librpc/idl/messaging.idl @@ -75,7 +75,6 @@ interface messaging /* cluster reconfigure events */ MSG_SMB_BRL_VALIDATE = 0x0311, - MSG_SMB_RELEASE_IP = 0x0312, /*Close a specific file given a share entry. */ MSG_SMB_CLOSE_FILE = 0x0313, -- cgit From 9549cf125a2e54a6bcaf4251b1f363775f8e7929 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 31 May 2011 12:06:00 +0200 Subject: s3:librpc: remove unused file librpc/ndr/util.h Autobuild-User: Michael Adam Autobuild-Date: Tue May 31 15:19:46 CEST 2011 on sn-devel-104 --- source3/librpc/ndr/util.h | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 source3/librpc/ndr/util.h (limited to 'source3/librpc') diff --git a/source3/librpc/ndr/util.h b/source3/librpc/ndr/util.h deleted file mode 100644 index 3bf9c0eb43..0000000000 --- a/source3/librpc/ndr/util.h +++ /dev/null @@ -1,4 +0,0 @@ - -/* The following definitions come from librpc/ndr/util.c */ - -_PUBLIC_ void ndr_print_sockaddr_storage(struct ndr_print *ndr, const char *name, const struct sockaddr_storage *ss); -- cgit From cc3b75b807c6dd63b6dde3b449054f6640826f7c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 2 May 2011 10:27:36 +1000 Subject: s3-server_id Add task_id to server_id to match Samba4 This will allow this structure to be shared, and allow us to create a common messaging system between all Samba processes. Samba4 uses the task_id to indicate the different tasks within a single unix process. Andrew Bartlett Signed-off-by: Andrew Tridgell --- source3/librpc/idl/server_id.idl | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/librpc') diff --git a/source3/librpc/idl/server_id.idl b/source3/librpc/idl/server_id.idl index ed727881c7..095405af56 100644 --- a/source3/librpc/idl/server_id.idl +++ b/source3/librpc/idl/server_id.idl @@ -19,6 +19,7 @@ interface server_id typedef [public] struct { uint32 pid; + uint32 task_id; uint32 vnn; udlong unique_id; } server_id; -- cgit From 174893c312f700105f8cda069cdb3b51a5aa602c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 2 May 2011 10:37:31 +1000 Subject: s3-server_id change pid to hyper This matches Samba4's server_id. Signed-off-by: Andrew Tridgell --- source3/librpc/idl/server_id.idl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/librpc') diff --git a/source3/librpc/idl/server_id.idl b/source3/librpc/idl/server_id.idl index 095405af56..51900000ed 100644 --- a/source3/librpc/idl/server_id.idl +++ b/source3/librpc/idl/server_id.idl @@ -18,7 +18,7 @@ interface server_id */ typedef [public] struct { - uint32 pid; + hyper pid; uint32 task_id; uint32 vnn; udlong unique_id; -- cgit From d057116cc2e454ba097d0dcb22e16108a05a4a1b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 2 May 2011 10:55:20 +1000 Subject: server_id.idl: Bring server_id.idl in common Andrew Bartlett Signed-off-by: Andrew Tridgell --- source3/librpc/idl/server_id.idl | 26 -------------------------- source3/librpc/idl/wscript_build | 2 +- source3/librpc/wscript_build | 5 ----- 3 files changed, 1 insertion(+), 32 deletions(-) delete mode 100644 source3/librpc/idl/server_id.idl (limited to 'source3/librpc') diff --git a/source3/librpc/idl/server_id.idl b/source3/librpc/idl/server_id.idl deleted file mode 100644 index 51900000ed..0000000000 --- a/source3/librpc/idl/server_id.idl +++ /dev/null @@ -1,26 +0,0 @@ -[ - pointer_default(unique) -] -interface server_id -{ - - /* used to look like the following, note that unique_id was not - * marshalled at all... - - struct server_id { - pid_t pid; - #ifdef CLUSTER_SUPPORT - uint32 vnn; - #endif - uint64_t unique_id; - }; - - */ - - typedef [public] struct { - hyper pid; - uint32 task_id; - uint32 vnn; - udlong unique_id; - } server_id; -} diff --git a/source3/librpc/idl/wscript_build b/source3/librpc/idl/wscript_build index 5a8dc31980..97b14659d1 100644 --- a/source3/librpc/idl/wscript_build +++ b/source3/librpc/idl/wscript_build @@ -6,7 +6,7 @@ topinclude=os.path.join(bld.srcnode.abspath(), 'librpc/idl') bld.SAMBA_PIDL_LIST('PIDL', '''messaging.idl libnetapi.idl notify.idl - perfcount.idl secrets.idl libnet_join.idl server_id.idl''', + perfcount.idl secrets.idl libnet_join.idl''', options='--includedir=%s --header --ndr-parser' % topinclude, output_dir='../gen_ndr') diff --git a/source3/librpc/wscript_build b/source3/librpc/wscript_build index d99936cc16..7f18f03258 100644 --- a/source3/librpc/wscript_build +++ b/source3/librpc/wscript_build @@ -10,11 +10,6 @@ bld.SAMBA3_SUBSYSTEM('NDR_LIBNET_JOIN', public_deps='ndr' ) -bld.SAMBA3_SUBSYSTEM('NDR_SERVER_ID', - source='gen_ndr/ndr_server_id.c', - public_deps='ndr' - ) - bld.SAMBA3_SUBSYSTEM('NDR_MESSAGING', source='gen_ndr/ndr_messaging.c', public_deps='ndr NDR_SERVER_ID' -- cgit From a772797a384a1142c5af95bd06c14a141dea38d7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 2 May 2011 11:10:12 +1000 Subject: librpc/idr Use the Samba3 notify.idl in common. The extra fields in the structure that Samba4 does not use should not bother it. Andrew Bartlett Signed-off-by: Andrew Tridgell --- source3/librpc/idl/notify.idl | 84 ---------------------------------------- source3/librpc/idl/wscript_build | 2 +- source3/librpc/wscript_build | 5 --- 3 files changed, 1 insertion(+), 90 deletions(-) delete mode 100644 source3/librpc/idl/notify.idl (limited to 'source3/librpc') diff --git a/source3/librpc/idl/notify.idl b/source3/librpc/idl/notify.idl deleted file mode 100644 index 0776ed107c..0000000000 --- a/source3/librpc/idl/notify.idl +++ /dev/null @@ -1,84 +0,0 @@ -#include "idl_types.h" - -import "file_id.idl", "server_id.idl"; - -/* - IDL structures for notify change code - - this defines the structures used in the notify database code, and - the change notify buffers -*/ - -[ - pointer_default(unique) -] -interface notify -{ - - /* structure used in the notify database */ - typedef [public] struct { - server_id server; - uint32 filter; /* filter to apply in this directory */ - uint32 subdir_filter; /* filter to apply in child directories */ - uint32 dir_fd; /* fd of open directory */ - file_id dir_id; /* file_id of open directory */ - utf8string path; - uint32 path_len; /* saves some computation on search */ - pointer private_data; - } notify_entry; - - typedef [public] struct { - uint32 num_entries; - notify_entry entries[num_entries]; - } notify_entry_array; - - /* - to allow for efficient search for matching entries, we - divide them by the directory depth, with a separate array - per depth. The entries within each depth are sorted by path, - allowing for a bisection search. - - The max_mask and max_mask_subdir at each depth is the - bitwise or of the filters and subdir filters for all entries - at that depth. This allows a depth to be quickly skipped if - no entries will match the target filter - */ - typedef struct { - uint32 max_mask; - uint32 max_mask_subdir; - uint32 num_entries; - notify_entry entries[num_entries]; - } notify_depth; - - typedef [public] struct { - uint32 num_depths; - notify_depth depth[num_depths]; - } notify_array; - - /* structure sent between servers in notify messages */ - typedef [public] struct { - uint32 action; - utf8string path; - pointer private_data; - } notify_event; - - typedef [v1_enum] enum { - FILE_ACTION_ADDED = 0x00000001, - FILE_ACTION_REMOVED = 0x00000002, - FILE_ACTION_MODIFIED = 0x00000003, - FILE_ACTION_RENAMED_OLD_NAME = 0x00000004, - FILE_ACTION_RENAMED_NEW_NAME = 0x00000005, - FILE_ACTION_ADDED_STREAM = 0x00000006, - FILE_ACTION_REMOVED_STREAM = 0x00000007, - FILE_ACTION_MODIFIED_STREAM = 0x00000008 - } FILE_NOTIFY_ACTION; - - /* structure sent at the CIFS layer */ - /* Align on 4-byte boundary according to MS-CIFS 2.2.7.4.2 */ - typedef [public,gensize,flag(NDR_ALIGN4)] struct { - uint32 NextEntryOffset; - FILE_NOTIFY_ACTION Action; - [value(strlen_m(FileName1)*2)] uint32 FileNameLength; - [charset(UTF16),flag(STR_NOTERM)] uint16 FileName1[FileNameLength]; - } FILE_NOTIFY_INFORMATION; -} diff --git a/source3/librpc/idl/wscript_build b/source3/librpc/idl/wscript_build index 97b14659d1..3e07542320 100644 --- a/source3/librpc/idl/wscript_build +++ b/source3/librpc/idl/wscript_build @@ -5,7 +5,7 @@ import os topinclude=os.path.join(bld.srcnode.abspath(), 'librpc/idl') bld.SAMBA_PIDL_LIST('PIDL', - '''messaging.idl libnetapi.idl notify.idl + '''messaging.idl libnetapi.idl perfcount.idl secrets.idl libnet_join.idl''', options='--includedir=%s --header --ndr-parser' % topinclude, output_dir='../gen_ndr') diff --git a/source3/librpc/wscript_build b/source3/librpc/wscript_build index 7f18f03258..a4af551e7f 100644 --- a/source3/librpc/wscript_build +++ b/source3/librpc/wscript_build @@ -15,11 +15,6 @@ bld.SAMBA3_SUBSYSTEM('NDR_MESSAGING', public_deps='ndr NDR_SERVER_ID' ) -bld.SAMBA3_SUBSYSTEM('NDR_NOTIFY3', - source='gen_ndr/ndr_notify.c', - public_deps='ndr NDR_FILE_ID NDR_SERVER_ID' - ) - bld.SAMBA3_SUBSYSTEM('NDR_SECRETS', source='gen_ndr/ndr_secrets.c', public_deps='ndr' -- cgit From 74eed8f3ed5c333728350df1d23a4318e9104909 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 9 Jun 2011 15:31:03 +1000 Subject: s3-param Remove special case for global_myname(), rename to lp_netbios_name() There is no reason this can't be a normal constant string in the loadparm system, now that we have lp_set_cmdline() to handle overrides correctly. Andrew Bartlett --- source3/librpc/crypto/cli_spnego.c | 2 +- source3/librpc/crypto/gse_krb5.c | 2 +- source3/librpc/rpc/dcerpc_ep.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/librpc') diff --git a/source3/librpc/crypto/cli_spnego.c b/source3/librpc/crypto/cli_spnego.c index bf58e25d9a..e4fdf315aa 100644 --- a/source3/librpc/crypto/cli_spnego.c +++ b/source3/librpc/crypto/cli_spnego.c @@ -99,7 +99,7 @@ NTSTATUS spnego_ntlmssp_init_client(TALLOC_CTX *mem_ctx, sp_ctx->mech = SPNEGO_NTLMSSP; status = auth_ntlmssp_client_start(sp_ctx, - global_myname(), + lp_netbios_name(), lp_workgroup(), lp_client_ntlmv2_auth(), &sp_ctx->mech_ctx.ntlmssp_state); diff --git a/source3/librpc/crypto/gse_krb5.c b/source3/librpc/crypto/gse_krb5.c index 830d517bc7..81a9a07596 100644 --- a/source3/librpc/crypto/gse_krb5.c +++ b/source3/librpc/crypto/gse_krb5.c @@ -90,7 +90,7 @@ static krb5_error_code get_host_principal(krb5_context krbctx, char *host_princ_s = NULL; int err; - err = asprintf(&host_princ_s, "%s$@%s", global_myname(), lp_realm()); + err = asprintf(&host_princ_s, "%s$@%s", lp_netbios_name(), lp_realm()); if (err == -1) { return -1; } diff --git a/source3/librpc/rpc/dcerpc_ep.c b/source3/librpc/rpc/dcerpc_ep.c index 5088e7efcf..3d1acbbee2 100644 --- a/source3/librpc/rpc/dcerpc_ep.c +++ b/source3/librpc/rpc/dcerpc_ep.c @@ -78,7 +78,7 @@ NTSTATUS dcerpc_binding_vector_create(TALLOC_CTX *mem_ctx, switch (b->transport) { case NCACN_NP: - b->host = talloc_asprintf(b, "\\\\%s", global_myname()); + b->host = talloc_asprintf(b, "\\\\%s", lp_netbios_name()); if (b->host == NULL) { status = NT_STATUS_NO_MEMORY; goto done; -- cgit