From 54d36099ec0c4e2739a954fb712a48fe2fbb7d1b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 7 Mar 2012 21:39:14 +1100 Subject: s3-rpc_server: Do not register embedded ncacn_np endpoints by default The end point mapper is primarily in support of lsasd, and the key SAMR, LSA and NETLOGON services being accessed over TCP/IP. The end point mapper does not appear to be used for the well-known mappings to named pipes, and we have a problem with how to safely register the embedded pipes. For now, disable this to avoid re-registration storms in production, until we sort out a better way. Andrew Bartlett Autobuild-User: Andrew Bartlett Autobuild-Date: Wed Mar 7 14:27:38 CET 2012 on sn-devel-104 --- source3/rpc_server/rpc_service_setup.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/rpc_service_setup.c b/source3/rpc_server/rpc_service_setup.c index bde0d8da89..9fc12f2e31 100644 --- a/source3/rpc_server/rpc_service_setup.c +++ b/source3/rpc_server/rpc_service_setup.c @@ -63,7 +63,14 @@ static bool rpc_setup_embedded(struct tevent_context *ev_ctx, enum rpc_service_mode_e epm_mode = rpc_epmapper_mode(); NTSTATUS status; - if (epm_mode != RPC_SERVICE_MODE_DISABLED) { + /* Registration of ncacn_np services is problematic. The + * ev_ctx passed in here is passed down to all children of the + * smbd process, and if the end point mapper ever goes away, + * they will all attempt to re-register. But we want to test + * the code for now, so it is enabled in on environment in + * make test */ + if (epm_mode != RPC_SERVICE_MODE_DISABLED && + (lp_parm_bool(-1, "rpc_server", "register_embedded_np", false))) { status = dcerpc_binding_vector_new(talloc_tos(), &v); if (!NT_STATUS_IS_OK(status)) { return false; -- cgit