The Samba-Bugzilla – Attachment 9114 Details for
Bug 9911
Build Samba 4.0.x on AIX with IBM XL C/C++ (gettext detection issues)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Revised patchset
9911_3.patch (text/plain), 255.48 KB, created by
Christian Ambach
on 2013-08-07 20:52:36 UTC
(
hide
)
Description:
Revised patchset
Filename:
MIME Type:
Creator:
Christian Ambach
Created:
2013-08-07 20:52:36 UTC
Size:
255.48 KB
patch
obsolete
>From 148499cb62acddd07f60102f8c99c38eb6fb5554 Mon Sep 17 00:00:00 2001 >From: Gregor Beck <gbeck@sernet.de> >Date: Wed, 31 Jul 2013 15:28:51 +0200 >Subject: [PATCH 01/67] security.idl: add new security_secinfo bits > >[MS-DTYP].pdf 2.4.7 > >Signed-off-by: Gregor Beck <gbeck@sernet.de> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Jeremy Allison <jra@samba.org> >--- > librpc/idl/security.idl | 3 +++ > 1 file changed, 3 insertions(+) > >diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl >index 00bb6e6..381d6e5 100644 >--- a/librpc/idl/security.idl >+++ b/librpc/idl/security.idl >@@ -621,6 +621,9 @@ interface security > SECINFO_DACL = 0x00000004, > SECINFO_SACL = 0x00000008, > SECINFO_LABEL = 0x00000010, >+ SECINFO_ATTRIBUTE = 0x00000020, >+ SECINFO_SCOPE = 0x00000040, >+ SECINFO_BACKUP = 0x00010000, > SECINFO_UNPROTECTED_SACL = 0x10000000, > SECINFO_UNPROTECTED_DACL = 0x20000000, > SECINFO_PROTECTED_SACL = 0x40000000, >-- >1.8.1.2 > > >From f556e71db74e695349c03bf82f68ea6e700eae03 Mon Sep 17 00:00:00 2001 >From: Gregor Beck <gbeck@sernet.de> >Date: Thu, 1 Aug 2013 14:16:24 +0200 >Subject: [PATCH 02/67] Fix bug 9678 - Windows 8 Roaming profiles fail > >Windows 8 tries to set 'ATTRIBUTE_SECURITY_INFORMATION' on some >dirs. Ignoring it makes roaming profiles work again. >Just like w2k3 gracefully ignore all the other bits. > >Signed-off-by: Gregor Beck <gbeck@sernet.de> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Jeremy Allison <jra@samba.org> > >Autobuild-User(master): Jeremy Allison <jra@samba.org> >Autobuild-Date(master): Thu Aug 1 20:58:25 CEST 2013 on sn-devel-104 >--- > source3/smbd/nttrans.c | 9 ++------- > 1 file changed, 2 insertions(+), 7 deletions(-) > >diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c >index c8116b0..800e2fd 100644 >--- a/source3/smbd/nttrans.c >+++ b/source3/smbd/nttrans.c >@@ -891,13 +891,8 @@ NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd, > > /* Ensure we have at least one thing set. */ > if ((security_info_sent & (SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL|SECINFO_SACL)) == 0) { >- if (security_info_sent & SECINFO_LABEL) { >- /* Only consider SECINFO_LABEL if no other >- bits are set. Just like W2K3 we don't >- store this. */ >- return NT_STATUS_OK; >- } >- return NT_STATUS_INVALID_PARAMETER; >+ /* Just like W2K3 */ >+ return NT_STATUS_OK; > } > > /* Ensure we have the rights to do this. */ >-- >1.8.1.2 > > >From ba40d0d9d320e500621a6a8107a2ef0a34aeb6ba Mon Sep 17 00:00:00 2001 >From: Christian Ambach <ambi@samba.org> >Date: Thu, 20 Jun 2013 18:27:13 +0200 >Subject: [PATCH 03/67] s3:lib/system fix build on AIX 7 > >AIX uses struct stat64 with struct timespec64, so direct assignment does >not work any more. > >Pair-Programmed-With: Volker Lendecke <vl@samba.org> >Signed-off-by: Christian Ambach <ambi@samba.org> > >Autobuild-User(master): Volker Lendecke <vl@samba.org> >Autobuild-Date(master): Fri Aug 2 09:47:43 CEST 2013 on sn-devel-104 >--- > source3/lib/system.c | 15 ++++++++++++--- > 1 file changed, 12 insertions(+), 3 deletions(-) > >diff --git a/source3/lib/system.c b/source3/lib/system.c >index 8dbf7dc..8252e4f 100644 >--- a/source3/lib/system.c >+++ b/source3/lib/system.c >@@ -228,7 +228,10 @@ static struct timespec get_atimespec(const struct stat *pst) > return ret; > #else > #if defined(HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC) >- return pst->st_atim; >+ struct timespec ret; >+ ret.tv_sec = pst->st_atim.tv_sec; >+ ret.tv_nsec = pst->st_atim.tv_nsec; >+ return ret; > #elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC) > struct timespec ret; > ret.tv_sec = pst->st_atime; >@@ -263,7 +266,10 @@ static struct timespec get_mtimespec(const struct stat *pst) > return ret; > #else > #if defined(HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC) >- return pst->st_mtim; >+ struct timespec ret; >+ ret.tv_sec = pst->st_mtim.tv_sec; >+ ret.tv_nsec = pst->st_mtim.tv_nsec; >+ return ret; > #elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC) > struct timespec ret; > ret.tv_sec = pst->st_mtime; >@@ -298,7 +304,10 @@ static struct timespec get_ctimespec(const struct stat *pst) > return ret; > #else > #if defined(HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC) >- return pst->st_ctim; >+ struct timespec ret; >+ ret.tv_sec = pst->st_ctim.tv_sec; >+ ret.tv_nsec = pst->st_ctim.tv_nsec; >+ return ret; > #elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC) > struct timespec ret; > ret.tv_sec = pst->st_ctime; >-- >1.8.1.2 > > >From 859182da6d06be0e9d37d7ed3448efc3dc78bdb2 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Tue, 30 Jul 2013 10:40:39 +1200 >Subject: [PATCH 04/67] dfs_server: Use dsdb_search_one to catch 0 results as > well as NO_SUCH_OBJECT errors > >This ensures we do not de-reference an invalid rs->msgs pointer if the >pointed-to object was not objectclass=computer > >Andrew Bartlett > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=10052 > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> > >Autobuild-User(master): Stefan Metzmacher <metze@samba.org> >Autobuild-Date(master): Fri Aug 2 13:11:20 CEST 2013 on sn-devel-104 >--- > dfs_server/dfs_server_ad.c | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > >diff --git a/dfs_server/dfs_server_ad.c b/dfs_server/dfs_server_ad.c >index 249a1d1..062eb49 100644 >--- a/dfs_server/dfs_server_ad.c >+++ b/dfs_server/dfs_server_ad.c >@@ -206,14 +206,14 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, > > for (i = 0; i<r->count; i++) { > struct ldb_dn *dn; >- struct ldb_result *r2; >+ struct ldb_message *msg; > > dn = ldb_msg_find_attr_as_dn(ldb, ctx, r->msgs[i], "serverReference"); > if (!dn) { > return NT_STATUS_INTERNAL_ERROR; > } > >- ret = ldb_search(ldb, r, &r2, dn, LDB_SCOPE_BASE, attrs2, "(objectClass=computer)"); >+ ret = dsdb_search_one(ldb, r, &msg, dn, LDB_SCOPE_BASE, attrs2, 0, "(objectClass=computer)"); > if (ret != LDB_SUCCESS) { > DEBUG(2,(__location__ ": Search for computer on %s failed - %s\n", > ldb_dn_get_linearized(dn), ldb_errstring(ldb))); >@@ -221,7 +221,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, > } > > if (dofqdn) { >- const char *dns = ldb_msg_find_attr_as_string(r2->msgs[0], "dNSHostName", NULL); >+ const char *dns = ldb_msg_find_attr_as_string(msg, "dNSHostName", NULL); > if (dns == NULL) { > DEBUG(2,(__location__ ": dNSHostName missing on %s\n", > ldb_dn_get_linearized(dn))); >@@ -233,7 +233,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, > NT_STATUS_HAVE_NO_MEMORY_AND_FREE(list->names[list->count], r); > } else { > char *tmp; >- const char *aname = ldb_msg_find_attr_as_string(r2->msgs[0], "sAMAccountName", NULL); >+ const char *aname = ldb_msg_find_attr_as_string(msg, "sAMAccountName", NULL); > if (aname == NULL) { > DEBUG(2,(__location__ ": sAMAccountName missing on %s\n", > ldb_dn_get_linearized(dn))); >@@ -250,7 +250,7 @@ static NTSTATUS get_dcs_insite(TALLOC_CTX *ctx, struct ldb_context *ldb, > list->names[list->count] = tmp; > } > list->count++; >- talloc_free(r2); >+ talloc_free(msg); > } > > talloc_free(r); >-- >1.8.1.2 > > >From 852c9ac34dbef66d0b2619554c611157c2fab771 Mon Sep 17 00:00:00 2001 >From: Richard Sharpe <realrichardsharpe@gmail.com> >Date: Mon, 22 Jul 2013 16:04:43 -0700 >Subject: [PATCH 05/67] There are tests all over the SMB1 code to check that > srv_send_smb fails, but it never returns false. > >Even if the write to the socket/fd fails, we never return false and >will keep reading stuff off of the input buffer until it is exhausted >and then we will exit. > >Signed-off-by: Richard Sharpe <rsharpe@samba.org> >Reviewed-by: Jeremy Allison <jra@samba.org> > >Autobuild-User(master): Richard Sharpe <sharpe@samba.org> >Autobuild-Date(master): Sat Aug 3 17:41:22 CEST 2013 on sn-devel-104 >--- > source3/smbd/process.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/source3/smbd/process.c b/source3/smbd/process.c >index 5ef0fd3..3fbfc37 100644 >--- a/source3/smbd/process.c >+++ b/source3/smbd/process.c >@@ -194,7 +194,7 @@ out: > SMB_PERFCOUNT_END(pcd); > > smbd_unlock_socket(sconn); >- return true; >+ return (ret > 0); > } > > /******************************************************************* >-- >1.8.1.2 > > >From b35a27b77954992fc1e6db446bbfa6cfbb7547a1 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Fri, 2 Aug 2013 17:05:58 -0700 >Subject: [PATCH 06/67] Ensure we can never integer wrap when working on > client-supplied max_data_bytes. > >This would only be possible with SMB2, and is already checked in the upper >SMB2 layers, but it really doesn't hurt to have these extra checks at time >of use also. > >Signed-off-by: Jeremy Allison <jra@samba.org> >Reviewed-by: David Disseldorp <ddiss@samba.org> > >Autobuild-User(master): David Disseldorp <ddiss@samba.org> >Autobuild-Date(master): Sun Aug 4 16:54:04 CEST 2013 on sn-devel-104 >--- > source3/smbd/trans2.c | 22 ++++++++++++++++++++++ > 1 file changed, 22 insertions(+) > >diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c >index a216f15..f769104 100644 >--- a/source3/smbd/trans2.c >+++ b/source3/smbd/trans2.c >@@ -2564,6 +2564,11 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd > } > } > >+ if (max_data_bytes + DIR_ENTRY_SAFETY_MARGIN < max_data_bytes) { >+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER); >+ goto out; >+ } >+ > *ppdata = (char *)SMB_REALLOC( > *ppdata, max_data_bytes + DIR_ENTRY_SAFETY_MARGIN); > if(*ppdata == NULL ) { >@@ -2893,6 +2898,11 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd > } > } > >+ if (max_data_bytes + DIR_ENTRY_SAFETY_MARGIN < max_data_bytes) { >+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER); >+ return; >+ } >+ > *ppdata = (char *)SMB_REALLOC( > *ppdata, max_data_bytes + DIR_ENTRY_SAFETY_MARGIN); > if(*ppdata == NULL) { >@@ -3150,6 +3160,10 @@ NTSTATUS smbd_do_qfsinfo(connection_struct *conn, > > st = smb_fname.st; > >+ if (max_data_bytes + DIR_ENTRY_SAFETY_MARGIN < max_data_bytes) { >+ return NT_STATUS_INVALID_PARAMETER; >+ } >+ > *ppdata = (char *)SMB_REALLOC( > *ppdata, max_data_bytes + DIR_ENTRY_SAFETY_MARGIN); > if (*ppdata == NULL) { >@@ -4368,6 +4382,10 @@ static void call_trans2qpipeinfo(connection_struct *conn, > } > params = *pparams; > SSVAL(params,0,0); >+ if (max_data_bytes + DIR_ENTRY_SAFETY_MARGIN < max_data_bytes) { >+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER); >+ return; >+ } > data_size = max_data_bytes + DIR_ENTRY_SAFETY_MARGIN; > *ppdata = (char *)SMB_REALLOC(*ppdata, data_size); > if (*ppdata == NULL ) { >@@ -4449,6 +4467,10 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn, > nlink -= 1; > } > >+ if (max_data_bytes + DIR_ENTRY_SAFETY_MARGIN < max_data_bytes) { >+ return NT_STATUS_INVALID_PARAMETER; >+ } >+ > data_size = max_data_bytes + DIR_ENTRY_SAFETY_MARGIN; > *ppdata = (char *)SMB_REALLOC(*ppdata, data_size); > if (*ppdata == NULL) { >-- >1.8.1.2 > > >From cae48e9a36d7e37ec18791439b30a876bde0c775 Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Tue, 23 Jul 2013 10:08:38 +0200 >Subject: [PATCH 07/67] tevent: Add echo server sample code > >This is under a deliberately permissive license. I would like people to start >using libtevent and tevent_req (LGPL) without any worries about where to start >from. > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Amitay Isaacs <amitay@gmail.com> > >Autobuild-User(master): Amitay Isaacs <amitay@samba.org> >Autobuild-Date(master): Mon Aug 5 04:07:58 CEST 2013 on sn-devel-104 >--- > lib/tevent/echo_server.c | 664 +++++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 664 insertions(+) > create mode 100644 lib/tevent/echo_server.c > >diff --git a/lib/tevent/echo_server.c b/lib/tevent/echo_server.c >new file mode 100644 >index 0000000..a1da0d8 >--- /dev/null >+++ b/lib/tevent/echo_server.c >@@ -0,0 +1,664 @@ >+/** >+ ** NOTE! The following liberal license applies to this sample file only. >+ ** This does NOT imply that all of Samba is released under this license. >+ ** >+ ** This file is meant as a starting point for libtevent users to be used >+ ** in any program linking against the LGPL licensed libtevent. >+ **/ >+ >+/* >+ * This file is being made available by the Samba Team under the following >+ * license: >+ * >+ * Permission to use, copy, modify, and distribute this sample file for any >+ * purpose is hereby granted without fee. >+ * >+ * This work is distributed in the hope that it will be useful, but >+ * WITHOUT ANY WARRANTY; without even the implied warranty of >+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. >+ */ >+ >+#include <stdio.h> >+#include <stdlib.h> >+#include <string.h> >+#include <netinet/in.h> >+#include <sys/types.h> >+#include <sys/socket.h> >+#include <errno.h> >+#include <unistd.h> >+#include "tevent.h" >+#include "talloc.h" >+ >+/** >+ * @brief Helper function to get a useful unix error from tevent_req >+ */ >+ >+static bool tevent_req_is_unix_error(struct tevent_req *req, int *perrno) >+{ >+ enum tevent_req_state state; >+ uint64_t err; >+ >+ if (!tevent_req_is_error(req, &state, &err)) { >+ return false; >+ } >+ switch (state) { >+ case TEVENT_REQ_TIMED_OUT: >+ *perrno = ETIMEDOUT; >+ break; >+ case TEVENT_REQ_NO_MEMORY: >+ *perrno = ENOMEM; >+ break; >+ case TEVENT_REQ_USER_ERROR: >+ *perrno = err; >+ break; >+ default: >+ *perrno = EINVAL; >+ break; >+ } >+ return true; >+} >+ >+/** >+ * @brief Wrapper around accept(2) >+ */ >+ >+struct accept_state { >+ struct tevent_fd *fde; >+ int listen_sock; >+ socklen_t addrlen; >+ struct sockaddr addr; >+ int sock; >+}; >+ >+static void accept_handler(struct tevent_context *ev, struct tevent_fd *fde, >+ uint16_t flags, void *private_data); >+ >+static struct tevent_req *accept_send(TALLOC_CTX *mem_ctx, >+ struct tevent_context *ev, >+ int listen_sock) >+{ >+ struct tevent_req *req; >+ struct accept_state *state; >+ >+ req = tevent_req_create(mem_ctx, &state, struct accept_state); >+ if (req == NULL) { >+ return NULL; >+ } >+ >+ state->listen_sock = listen_sock; >+ >+ state->fde = tevent_add_fd(ev, state, listen_sock, TEVENT_FD_READ, >+ accept_handler, req); >+ if (tevent_req_nomem(state->fde, req)) { >+ return tevent_req_post(req, ev); >+ } >+ return req; >+} >+ >+static void accept_handler(struct tevent_context *ev, struct tevent_fd *fde, >+ uint16_t flags, void *private_data) >+{ >+ struct tevent_req *req = talloc_get_type_abort( >+ private_data, struct tevent_req); >+ struct accept_state *state = tevent_req_data(req, struct accept_state); >+ int ret; >+ >+ TALLOC_FREE(state->fde); >+ >+ if ((flags & TEVENT_FD_READ) == 0) { >+ tevent_req_error(req, EIO); >+ return; >+ } >+ state->addrlen = sizeof(state->addr); >+ >+ ret = accept(state->listen_sock, &state->addr, &state->addrlen); >+ if (ret == -1) { >+ tevent_req_error(req, errno); >+ return; >+ } >+ state->sock = ret; >+ tevent_req_done(req); >+} >+ >+static int accept_recv(struct tevent_req *req, struct sockaddr *paddr, >+ socklen_t *paddrlen, int *perr) >+{ >+ struct accept_state *state = tevent_req_data(req, struct accept_state); >+ int err; >+ >+ if (tevent_req_is_unix_error(req, &err)) { >+ if (perr != NULL) { >+ *perr = err; >+ } >+ return -1; >+ } >+ if (paddr != NULL) { >+ *paddr = state->addr; >+ } >+ if (paddrlen != NULL) { >+ *paddrlen = state->addrlen; >+ } >+ return state->sock; >+} >+ >+/** >+ * @brief Wrapper around read(2) >+ */ >+ >+struct read_state { >+ struct tevent_fd *fde; >+ int fd; >+ void *buf; >+ size_t count; >+ >+ ssize_t nread; >+}; >+ >+static void read_handler(struct tevent_context *ev, struct tevent_fd *fde, >+ uint16_t flags, void *private_data); >+ >+static struct tevent_req *read_send(TALLOC_CTX *mem_ctx, >+ struct tevent_context *ev, >+ int fd, void *buf, size_t count) >+{ >+ struct tevent_req *req; >+ struct read_state *state; >+ >+ req = tevent_req_create(mem_ctx, &state, struct read_state); >+ if (req == NULL) { >+ return NULL; >+ } >+ >+ state->fd = fd; >+ state->buf = buf; >+ state->count = count; >+ >+ state->fde = tevent_add_fd(ev, state, fd, TEVENT_FD_READ, >+ read_handler, req); >+ if (tevent_req_nomem(state->fde, req)) { >+ return tevent_req_post(req, ev); >+ } >+ return req; >+} >+ >+static void read_handler(struct tevent_context *ev, struct tevent_fd *fde, >+ uint16_t flags, void *private_data) >+{ >+ struct tevent_req *req = talloc_get_type_abort( >+ private_data, struct tevent_req); >+ struct read_state *state = tevent_req_data(req, struct read_state); >+ ssize_t ret; >+ >+ TALLOC_FREE(state->fde); >+ >+ if ((flags & TEVENT_FD_READ) == 0) { >+ tevent_req_error(req, EIO); >+ return; >+ } >+ >+ ret = read(state->fd, state->buf, state->count); >+ if (ret == -1) { >+ tevent_req_error(req, errno); >+ return; >+ } >+ state->nread = ret; >+ tevent_req_done(req); >+} >+ >+static ssize_t read_recv(struct tevent_req *req, int *perr) >+{ >+ struct read_state *state = tevent_req_data(req, struct read_state); >+ int err; >+ >+ if (tevent_req_is_unix_error(req, &err)) { >+ if (perr != NULL) { >+ *perr = err; >+ } >+ return -1; >+ } >+ return state->nread; >+} >+ >+/** >+ * @brief Wrapper around write(2) >+ */ >+ >+struct write_state { >+ struct tevent_fd *fde; >+ int fd; >+ const void *buf; >+ size_t count; >+ >+ ssize_t nwritten; >+}; >+ >+static void write_handler(struct tevent_context *ev, struct tevent_fd *fde, >+ uint16_t flags, void *private_data); >+ >+static struct tevent_req *write_send(TALLOC_CTX *mem_ctx, >+ struct tevent_context *ev, >+ int fd, const void *buf, size_t count) >+{ >+ struct tevent_req *req; >+ struct write_state *state; >+ >+ req = tevent_req_create(mem_ctx, &state, struct write_state); >+ if (req == NULL) { >+ return NULL; >+ } >+ >+ state->fd = fd; >+ state->buf = buf; >+ state->count = count; >+ >+ state->fde = tevent_add_fd(ev, state, fd, TEVENT_FD_WRITE, >+ write_handler, req); >+ if (tevent_req_nomem(state->fde, req)) { >+ return tevent_req_post(req, ev); >+ } >+ return req; >+} >+ >+static void write_handler(struct tevent_context *ev, struct tevent_fd *fde, >+ uint16_t flags, void *private_data) >+{ >+ struct tevent_req *req = talloc_get_type_abort( >+ private_data, struct tevent_req); >+ struct write_state *state = tevent_req_data(req, struct write_state); >+ ssize_t ret; >+ >+ TALLOC_FREE(state->fde); >+ >+ if ((flags & TEVENT_FD_WRITE) == 0) { >+ tevent_req_error(req, EIO); >+ return; >+ } >+ >+ ret = write(state->fd, state->buf, state->count); >+ if (ret == -1) { >+ tevent_req_error(req, errno); >+ return; >+ } >+ state->nwritten = ret; >+ tevent_req_done(req); >+} >+ >+static ssize_t write_recv(struct tevent_req *req, int *perr) >+{ >+ struct write_state *state = tevent_req_data(req, struct write_state); >+ int err; >+ >+ if (tevent_req_is_unix_error(req, &err)) { >+ if (perr != NULL) { >+ *perr = err; >+ } >+ return -1; >+ } >+ return state->nwritten; >+} >+ >+/** >+ * @brief Wrapper function that deals with short writes >+ */ >+ >+struct writeall_state { >+ struct tevent_context *ev; >+ int fd; >+ const void *buf; >+ size_t count; >+ size_t nwritten; >+}; >+ >+static void writeall_done(struct tevent_req *subreq); >+ >+static struct tevent_req *writeall_send(TALLOC_CTX *mem_ctx, >+ struct tevent_context *ev, >+ int fd, const void *buf, size_t count) >+{ >+ struct tevent_req *req, *subreq; >+ struct writeall_state *state; >+ >+ req = tevent_req_create(mem_ctx, &state, struct writeall_state); >+ if (req == NULL) { >+ return NULL; >+ } >+ state->ev = ev; >+ state->fd = fd; >+ state->buf = buf; >+ state->count = count; >+ state->nwritten = 0; >+ >+ subreq = write_send(state, state->ev, state->fd, >+ ((char *)state->buf)+state->nwritten, >+ state->count - state->nwritten); >+ if (tevent_req_nomem(subreq, req)) { >+ return tevent_req_post(req, ev); >+ } >+ tevent_req_set_callback(subreq, writeall_done, req); >+ return req; >+} >+ >+static void writeall_done(struct tevent_req *subreq) >+{ >+ struct tevent_req *req = tevent_req_callback_data( >+ subreq, struct tevent_req); >+ struct writeall_state *state = tevent_req_data( >+ req, struct writeall_state); >+ ssize_t nwritten; >+ int err = 0; >+ >+ nwritten = write_recv(subreq, &err); >+ TALLOC_FREE(subreq); >+ if (nwritten == -1) { >+ tevent_req_error(req, err); >+ return; >+ } >+ >+ state->nwritten += nwritten; >+ >+ if (state->nwritten < state->count) { >+ subreq = write_send(state, state->ev, state->fd, >+ ((char *)state->buf)+state->nwritten, >+ state->count - state->nwritten); >+ if (tevent_req_nomem(subreq, req)) { >+ return; >+ } >+ tevent_req_set_callback(subreq, writeall_done, req); >+ return; >+ } >+ tevent_req_done(req); >+} >+ >+static ssize_t writeall_recv(struct tevent_req *req, int *perr) >+{ >+ struct writeall_state *state = tevent_req_data( >+ req, struct writeall_state); >+ int err; >+ >+ if (tevent_req_is_unix_error(req, &err)) { >+ if (perr != NULL) { >+ *perr = err; >+ } >+ return -1; >+ } >+ return state->nwritten; >+} >+ >+/** >+ * @brief Async echo handler code dealing with one client >+ */ >+ >+struct echo_state { >+ struct tevent_context *ev; >+ int fd; >+ uint8_t *buf; >+}; >+ >+static int echo_state_destructor(struct echo_state *s); >+static void echo_read_done(struct tevent_req *subreq); >+static void echo_writeall_done(struct tevent_req *subreq); >+ >+static struct tevent_req *echo_send(TALLOC_CTX *mem_ctx, >+ struct tevent_context *ev, >+ int fd, size_t bufsize) >+{ >+ struct tevent_req *req, *subreq; >+ struct echo_state *state; >+ >+ req = tevent_req_create(mem_ctx, &state, struct echo_state); >+ if (req == NULL) { >+ return NULL; >+ } >+ state->ev = ev; >+ state->fd = fd; >+ >+ talloc_set_destructor(state, echo_state_destructor); >+ >+ state->buf = talloc_array(state, uint8_t, bufsize); >+ if (tevent_req_nomem(state->buf, req)) { >+ return tevent_req_post(req, ev); >+ } >+ >+ subreq = read_send(state, state->ev, state->fd, >+ state->buf, talloc_get_size(state->buf)); >+ if (tevent_req_nomem(subreq, req)) { >+ return tevent_req_post(req, ev); >+ } >+ tevent_req_set_callback(subreq, echo_read_done, req); >+ return req; >+} >+ >+static int echo_state_destructor(struct echo_state *s) >+{ >+ if (s->fd != -1) { >+ printf("Closing client fd %d\n", s->fd); >+ close(s->fd); >+ s->fd = -1; >+ } >+ return 0; >+} >+ >+static void echo_read_done(struct tevent_req *subreq) >+{ >+ struct tevent_req *req = tevent_req_callback_data( >+ subreq, struct tevent_req); >+ struct echo_state *state = tevent_req_data( >+ req, struct echo_state); >+ ssize_t nread; >+ int err; >+ >+ nread = read_recv(subreq, &err); >+ TALLOC_FREE(subreq); >+ if (nread == -1) { >+ tevent_req_error(req, err); >+ return; >+ } >+ if (nread == 0) { >+ tevent_req_done(req); >+ return; >+ } >+ >+ subreq = writeall_send(state, state->ev, state->fd, state->buf, nread); >+ if (tevent_req_nomem(subreq, req)) { >+ return; >+ } >+ tevent_req_set_callback(subreq, echo_writeall_done, req); >+} >+ >+static void echo_writeall_done(struct tevent_req *subreq) >+{ >+ struct tevent_req *req = tevent_req_callback_data( >+ subreq, struct tevent_req); >+ struct echo_state *state = tevent_req_data( >+ req, struct echo_state); >+ ssize_t nwritten; >+ int err; >+ >+ nwritten = writeall_recv(subreq, &err); >+ TALLOC_FREE(subreq); >+ if (nwritten == -1) { >+ if (err == EPIPE) { >+ tevent_req_done(req); >+ return; >+ } >+ tevent_req_error(req, err); >+ return; >+ } >+ >+ subreq = read_send(state, state->ev, state->fd, >+ state->buf, talloc_get_size(state->buf)); >+ if (tevent_req_nomem(subreq, req)) { >+ return; >+ } >+ tevent_req_set_callback(subreq, echo_read_done, req); >+} >+ >+static bool echo_recv(struct tevent_req *req, int *perr) >+{ >+ int err; >+ >+ if (tevent_req_is_unix_error(req, &err)) { >+ *perr = err; >+ return false; >+ } >+ return true; >+} >+ >+/** >+ * @brief Full echo handler code accepting and handling clients >+ */ >+ >+struct echo_server_state { >+ struct tevent_context *ev; >+ int listen_sock; >+}; >+ >+static void echo_server_accepted(struct tevent_req *subreq); >+static void echo_server_client_done(struct tevent_req *subreq); >+ >+static struct tevent_req *echo_server_send(TALLOC_CTX *mem_ctx, >+ struct tevent_context *ev, >+ int listen_sock) >+{ >+ struct tevent_req *req, *subreq; >+ struct echo_server_state *state; >+ >+ req = tevent_req_create(mem_ctx, &state, >+ struct echo_server_state); >+ if (req == NULL) { >+ return NULL; >+ } >+ state->ev = ev; >+ state->listen_sock = listen_sock; >+ >+ subreq = accept_send(state, state->ev, state->listen_sock); >+ if (tevent_req_nomem(subreq, req)) { >+ return tevent_req_post(req, ev); >+ } >+ tevent_req_set_callback(subreq, echo_server_accepted, req); >+ return req; >+} >+ >+static void echo_server_accepted(struct tevent_req *subreq) >+{ >+ struct tevent_req *req = tevent_req_callback_data( >+ subreq, struct tevent_req); >+ struct echo_server_state *state = tevent_req_data( >+ req, struct echo_server_state); >+ int sock, err; >+ >+ sock = accept_recv(subreq, NULL, NULL, &err); >+ TALLOC_FREE(subreq); >+ if (sock == -1) { >+ tevent_req_error(req, err); >+ return; >+ } >+ >+ printf("new client fd %d\n", sock); >+ >+ subreq = echo_send(state, state->ev, sock, 100); >+ if (tevent_req_nomem(subreq, req)) { >+ return; >+ } >+ tevent_req_set_callback(subreq, echo_server_client_done, req); >+ >+ subreq = accept_send(state, state->ev, state->listen_sock); >+ if (tevent_req_nomem(subreq, req)) { >+ return; >+ } >+ tevent_req_set_callback(subreq, echo_server_accepted, req); >+} >+ >+static void echo_server_client_done(struct tevent_req *subreq) >+{ >+ bool ret; >+ int err; >+ >+ ret = echo_recv(subreq, &err); >+ TALLOC_FREE(subreq); >+ >+ if (ret) { >+ printf("Client done\n"); >+ } else { >+ printf("Client failed: %s\n", strerror(err)); >+ } >+} >+ >+static bool echo_server_recv(struct tevent_req *req, int *perr) >+{ >+ int err; >+ >+ if (tevent_req_is_unix_error(req, &err)) { >+ *perr = err; >+ return false; >+ } >+ return true; >+} >+ >+int main(int argc, const char **argv) >+{ >+ int ret, port, listen_sock, err; >+ struct tevent_context *ev; >+ struct sockaddr_in addr; >+ struct tevent_req *req; >+ bool result; >+ >+ if (argc != 2) { >+ fprintf(stderr, "Usage: %s <port>\n", argv[0]); >+ exit(1); >+ } >+ >+ port = atoi(argv[1]); >+ >+ printf("listening on port %d\n", port); >+ >+ listen_sock = socket(AF_INET, SOCK_STREAM, 0); >+ >+ if (listen_sock == -1) { >+ perror("socket() failed"); >+ exit(1); >+ } >+ >+ memset(&addr, 0, sizeof(addr)); >+ >+ addr.sin_family = AF_INET; >+ addr.sin_port = htons(port); >+ >+ ret = bind(listen_sock, (struct sockaddr *)&addr, sizeof(addr)); >+ if (ret == -1) { >+ perror("bind() failed"); >+ exit(1); >+ } >+ >+ ret = listen(listen_sock, 5); >+ if (ret == -1) { >+ perror("listen() failed"); >+ exit(1); >+ } >+ >+ ev = tevent_context_init(NULL); >+ if (ev == NULL) { >+ fprintf(stderr, "tevent_context_init failed\n"); >+ exit(1); >+ } >+ >+ req = echo_server_send(ev, ev, listen_sock); >+ if (req == NULL) { >+ fprintf(stderr, "echo_server_send failed\n"); >+ exit(1); >+ } >+ >+ if (!tevent_req_poll(req, ev)) { >+ perror("tevent_req_poll() failed"); >+ exit(1); >+ } >+ >+ result = echo_server_recv(req, &err); >+ TALLOC_FREE(req); >+ if (!result) { >+ fprintf(stderr, "echo_server failed: %s\n", strerror(err)); >+ exit(1); >+ } >+ >+ return 0; >+} >-- >1.8.1.2 > > >From 953502925863377b5e566edff4ac68c63e8d151f Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 12:33:25 +0200 >Subject: [PATCH 08/67] auth/credentials: remove pointless talloc_reference() > from cli_credentials_get_unparsed_name() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > auth/credentials/credentials.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c >index e636123..e597809 100644 >--- a/auth/credentials/credentials.c >+++ b/auth/credentials/credentials.c >@@ -669,7 +669,7 @@ _PUBLIC_ const char *cli_credentials_get_unparsed_name(struct cli_credentials *c > const char *name; > > if (bind_dn) { >- name = talloc_reference(mem_ctx, bind_dn); >+ name = talloc_strdup(mem_ctx, bind_dn); > } else { > cli_credentials_get_ntlm_username_domain(credentials, mem_ctx, &username, &domain); > if (domain && domain[0]) { >-- >1.8.1.2 > > >From b8f09226458dc13cf901f481ede89d8a6bb94ba7 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 12:33:25 +0200 >Subject: [PATCH 09/67] auth/credentials: remove pointless talloc_reference() > from cli_credentials_get_principal_and_obtained() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > auth/credentials/credentials.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c >index e597809..7a4b081 100644 >--- a/auth/credentials/credentials.c >+++ b/auth/credentials/credentials.c >@@ -267,7 +267,7 @@ _PUBLIC_ const char *cli_credentials_get_principal_and_obtained(struct cli_crede > } > } > *obtained = cred->principal_obtained; >- return talloc_reference(mem_ctx, cred->principal); >+ return talloc_strdup(mem_ctx, cred->principal); > } > > /** >-- >1.8.1.2 > > >From 6ff6778bdc60f1cd4d52cba83bd47d3398fe5a20 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 12:52:17 +0200 >Subject: [PATCH 10/67] auth/credentials: add > cli_credentials_[set_]callback_data* > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > auth/credentials/credentials.c | 11 +++++++++++ > auth/credentials/credentials.h | 8 ++++++++ > 2 files changed, 19 insertions(+) > >diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c >index 7a4b081..e6a4710 100644 >--- a/auth/credentials/credentials.c >+++ b/auth/credentials/credentials.c >@@ -114,6 +114,17 @@ _PUBLIC_ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx) > return cred; > } > >+_PUBLIC_ void cli_credentials_set_callback_data(struct cli_credentials *cred, >+ void *callback_data) >+{ >+ cred->priv_data = callback_data; >+} >+ >+_PUBLIC_ void *_cli_credentials_callback_data(struct cli_credentials *cred) >+{ >+ return cred->priv_data; >+} >+ > /** > * Create a new anonymous credential > * @param mem_ctx TALLOC_CTX parent for credentials structure >diff --git a/auth/credentials/credentials.h b/auth/credentials/credentials.h >index dbc014f..0f498ad 100644 >--- a/auth/credentials/credentials.h >+++ b/auth/credentials/credentials.h >@@ -332,6 +332,14 @@ bool cli_credentials_set_realm_callback(struct cli_credentials *cred, > bool cli_credentials_set_workstation_callback(struct cli_credentials *cred, > const char *(*workstation_cb) (struct cli_credentials *)); > >+void cli_credentials_set_callback_data(struct cli_credentials *cred, >+ void *callback_data); >+void *_cli_credentials_callback_data(struct cli_credentials *cred); >+#define cli_credentials_callback_data(_cred, _type) \ >+ talloc_get_type_abort(_cli_credentials_callback_data(_cred), _type) >+#define cli_credentials_callback_data_void(_cred) \ >+ _cli_credentials_callback_data(_cred) >+ > /** > * Return attached NETLOGON credentials > */ >-- >1.8.1.2 > > >From b3cd44d50cff99fa77611679d68d2d57434fefa4 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 13:21:14 +0200 >Subject: [PATCH 11/67] auth/credentials: add cli_credentials_shallow_copy() > >This is useful for testing. > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > auth/credentials/credentials.c | 15 +++++++++++++++ > auth/credentials/credentials.h | 3 +++ > 2 files changed, 18 insertions(+) > >diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c >index e6a4710..c1c6993 100644 >--- a/auth/credentials/credentials.c >+++ b/auth/credentials/credentials.c >@@ -125,6 +125,21 @@ _PUBLIC_ void *_cli_credentials_callback_data(struct cli_credentials *cred) > return cred->priv_data; > } > >+_PUBLIC_ struct cli_credentials *cli_credentials_shallow_copy(TALLOC_CTX *mem_ctx, >+ struct cli_credentials *src) >+{ >+ struct cli_credentials *dst; >+ >+ dst = talloc(mem_ctx, struct cli_credentials); >+ if (dst == NULL) { >+ return NULL; >+ } >+ >+ *dst = *src; >+ >+ return dst; >+} >+ > /** > * Create a new anonymous credential > * @param mem_ctx TALLOC_CTX parent for credentials structure >diff --git a/auth/credentials/credentials.h b/auth/credentials/credentials.h >index 0f498ad..1377bfa 100644 >--- a/auth/credentials/credentials.h >+++ b/auth/credentials/credentials.h >@@ -340,6 +340,9 @@ void *_cli_credentials_callback_data(struct cli_credentials *cred); > #define cli_credentials_callback_data_void(_cred) \ > _cli_credentials_callback_data(_cred) > >+struct cli_credentials *cli_credentials_shallow_copy(TALLOC_CTX *mem_ctx, >+ struct cli_credentials *src); >+ > /** > * Return attached NETLOGON credentials > */ >-- >1.8.1.2 > > >From cfeeb3ce3de5d1df07299fb83327ae258da0bf8d Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 13:20:13 +0200 >Subject: [PATCH 12/67] s3:ntlm_auth: remove pointless credentials->priv_data = > NULL; > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > source3/utils/ntlm_auth.c | 1 - > 1 file changed, 1 deletion(-) > >diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c >index 62cba62..8f51a1a 100644 >--- a/source3/utils/ntlm_auth.c >+++ b/source3/utils/ntlm_auth.c >@@ -228,7 +228,6 @@ static const char *get_password(struct cli_credentials *credentials) > > /* Ask for a password */ > x_fprintf(x_stdout, "PW\n"); >- credentials->priv_data = NULL; > > manage_squid_request(NUM_HELPER_MODES /* bogus */, NULL, NULL, manage_gensec_get_pw_request, (void **)&password); > talloc_steal(credentials, password); >-- >1.8.1.2 > > >From 36b3c9506c1ac5549a38140e7ffd57644290069f Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 13:22:10 +0200 >Subject: [PATCH 13/67] s4:torture/shell: simplify > cli_credentials_set_password() call > >All we want is to avoid a possible callback... > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > source4/torture/shell.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > >diff --git a/source4/torture/shell.c b/source4/torture/shell.c >index d6cc94c..aa85da3 100644 >--- a/source4/torture/shell.c >+++ b/source4/torture/shell.c >@@ -110,10 +110,7 @@ void torture_shell(struct torture_context *tctx) > * stops the credentials system prompting when we use the "auth" > * command to display the current auth parameters. > */ >- if (cmdline_credentials->password_obtained != CRED_SPECIFIED) { >- cli_credentials_set_password(cmdline_credentials, "", >- CRED_SPECIFIED); >- } >+ cli_credentials_set_password(cmdline_credentials, "", CRED_GUESS_ENV); > > while (1) { > cline = smb_readline("torture> ", NULL, NULL); >-- >1.8.1.2 > > >From d36fcaa5f3c4d1ad54d767f4a7c5fa6c8d69c00e Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 13:23:08 +0200 >Subject: [PATCH 14/67] s4:torture/gentest: make use of > cli_credentials_get_username() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > source4/torture/gentest.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > >diff --git a/source4/torture/gentest.c b/source4/torture/gentest.c >index f3c4c20..9e985ed 100644 >--- a/source4/torture/gentest.c >+++ b/source4/torture/gentest.c >@@ -221,7 +221,8 @@ static bool connect_servers(struct tevent_context *ev, > > printf("Connecting to \\\\%s\\%s as %s - instance %d\n", > servers[i].server_name, servers[i].share_name, >- servers[i].credentials->username, j); >+ cli_credentials_get_username(servers[i].credentials), >+ j); > > cli_credentials_set_workstation(servers[i].credentials, > "gentest", CRED_SPECIFIED); >-- >1.8.1.2 > > >From d47bf469b8a9064f4f7033918b1fe519adfa0c26 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 13:23:41 +0200 >Subject: [PATCH 15/67] s4:torture/rpc: make use of > cli_credentials_set_netlogon_creds() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > source4/torture/rpc/schannel.c | 36 ++++++++++++++++-------------------- > 1 file changed, 16 insertions(+), 20 deletions(-) > >diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c >index e0862d2..8203749 100644 >--- a/source4/torture/rpc/schannel.c >+++ b/source4/torture/rpc/schannel.c >@@ -604,9 +604,9 @@ bool torture_rpc_schannel2(struct torture_context *torture) > torture_assert(torture, join_ctx != NULL, > "Failed to join domain with acct_flags=ACB_WSTRUST"); > >- credentials2 = (struct cli_credentials *)talloc_memdup(torture, credentials1, sizeof(*credentials1)); >- credentials1->netlogon_creds = NULL; >- credentials2->netlogon_creds = NULL; >+ credentials2 = cli_credentials_shallow_copy(torture, credentials1); >+ cli_credentials_set_netlogon_creds(credentials1, NULL); >+ cli_credentials_set_netlogon_creds(credentials2, NULL); > > status = dcerpc_parse_binding(torture, binding, &b); > torture_assert_ntstatus_ok(torture, status, "Bad binding string"); >@@ -624,8 +624,8 @@ bool torture_rpc_schannel2(struct torture_context *torture) > credentials2, torture->ev, torture->lp_ctx); > torture_assert_ntstatus_ok(torture, status, "Failed to connect with schannel"); > >- credentials1->netlogon_creds = NULL; >- credentials2->netlogon_creds = NULL; >+ cli_credentials_set_netlogon_creds(credentials1, NULL); >+ cli_credentials_set_netlogon_creds(credentials2, NULL); > > torture_comment(torture, "Testing logon on pipe1\n"); > if (!test_netlogon_ex_ops(p1, torture, credentials1, NULL)) >@@ -827,16 +827,12 @@ bool torture_rpc_schannel_bench1(struct torture_context *torture) > s->nprocs = torture_setting_int(torture, "nprocs", 4); > s->conns = talloc_zero_array(s, struct torture_schannel_bench_conn, s->nprocs); > >- s->user1_creds = (struct cli_credentials *)talloc_memdup(s, >- cmdline_credentials, >- sizeof(*s->user1_creds)); >+ s->user1_creds = cli_credentials_shallow_copy(s, cmdline_credentials); > tmp = torture_setting_string(s->tctx, "extra_user1", NULL); > if (tmp) { > cli_credentials_parse_string(s->user1_creds, tmp, CRED_SPECIFIED); > } >- s->user2_creds = (struct cli_credentials *)talloc_memdup(s, >- cmdline_credentials, >- sizeof(*s->user1_creds)); >+ s->user2_creds = cli_credentials_shallow_copy(s, cmdline_credentials); > tmp = torture_setting_string(s->tctx, "extra_user2", NULL); > if (tmp) { > cli_credentials_parse_string(s->user1_creds, tmp, CRED_SPECIFIED); >@@ -855,15 +851,16 @@ bool torture_rpc_schannel_bench1(struct torture_context *torture) > cli_credentials_set_kerberos_state(s->wks_creds2, CRED_DONT_USE_KERBEROS); > > for (i=0; i < s->nprocs; i++) { >- s->conns[i].s = s; >- s->conns[i].index = i; >- s->conns[i].wks_creds = (struct cli_credentials *)talloc_memdup( >- s->conns, s->wks_creds1,sizeof(*s->wks_creds1)); >+ struct cli_credentials *wks = s->wks_creds1; >+ > if ((i % 2) && (torture_setting_bool(torture, "multijoin", false))) { >- memcpy(s->conns[i].wks_creds, s->wks_creds2, >- talloc_get_size(s->conns[i].wks_creds)); >+ wks = s->wks_creds2; > } >- s->conns[i].wks_creds->netlogon_creds = NULL; >+ >+ s->conns[i].s = s; >+ s->conns[i].index = i; >+ s->conns[i].wks_creds = cli_credentials_shallow_copy(s->conns, wks); >+ cli_credentials_set_netlogon_creds(s->conns[i].wks_creds, NULL); > } > > status = dcerpc_parse_binding(s, binding, &s->b); >@@ -962,8 +959,7 @@ bool torture_rpc_schannel_bench1(struct torture_context *torture) > > /* Just as a test, connect with the new creds */ > >- talloc_free(s->wks_creds1->netlogon_creds); >- s->wks_creds1->netlogon_creds = NULL; >+ cli_credentials_set_netlogon_creds(s->wks_creds1, NULL); > > status = dcerpc_pipe_connect_b(s, &net_pipe, s->b, > &ndr_table_netlogon, >-- >1.8.1.2 > > >From bbd63dd8a17468d3e332969a30c06e2b2f1540fc Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 13:24:21 +0200 >Subject: [PATCH 16/67] s4:ntlm_auth: make use of > cli_credentials_[set_]callback_data* > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > source4/utils/ntlm_auth.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > >diff --git a/source4/utils/ntlm_auth.c b/source4/utils/ntlm_auth.c >index c363c9d..136e238 100644 >--- a/source4/utils/ntlm_auth.c >+++ b/source4/utils/ntlm_auth.c >@@ -299,10 +299,11 @@ static void manage_gensec_get_pw_request(enum stdio_helper_mode stdio_helper_mod > static const char *get_password(struct cli_credentials *credentials) > { > char *password = NULL; >- >+ void *cb = cli_credentials_callback_data_void(credentials); >+ > /* Ask for a password */ >- mux_printf((unsigned int)(uintptr_t)credentials->priv_data, "PW\n"); >- credentials->priv_data = NULL; >+ mux_printf((unsigned int)(uintptr_t)cb, "PW\n"); >+ cli_credentials_set_callback_data(credentials, NULL); > > manage_squid_request(cmdline_lp_ctx, NUM_HELPER_MODES /* bogus */, manage_gensec_get_pw_request, (void **)&password); > return password; >@@ -505,8 +506,9 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, > if (state->set_password) { > cli_credentials_set_password(creds, state->set_password, CRED_SPECIFIED); > } else { >+ void *cb = (void*)(uintptr_t)mux_id; >+ cli_credentials_set_callback_data(creds, cb); > cli_credentials_set_password_callback(creds, get_password); >- creds->priv_data = (void*)(uintptr_t)mux_id; > } > if (opt_workstation) { > cli_credentials_set_workstation(creds, opt_workstation, CRED_SPECIFIED); >-- >1.8.1.2 > > >From 9325bd9cb6bb942ea989f4e32799c76ea8af3d3e Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 12:41:40 +0200 >Subject: [PATCH 17/67] auth/credentials: keep cli_credentials private > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > auth/credentials/credentials.c | 1 + > auth/credentials/credentials.h | 101 +++------------------------- > auth/credentials/credentials_internal.h | 114 ++++++++++++++++++++++++++++++++ > auth/credentials/credentials_krb5.c | 1 + > auth/credentials/credentials_ntlm.c | 1 + > auth/credentials/credentials_secrets.c | 1 + > 6 files changed, 126 insertions(+), 93 deletions(-) > create mode 100644 auth/credentials/credentials_internal.h > >diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c >index c1c6993..f334465 100644 >--- a/auth/credentials/credentials.c >+++ b/auth/credentials/credentials.c >@@ -24,6 +24,7 @@ > #include "includes.h" > #include "librpc/gen_ndr/samr.h" /* for struct samrPassword */ > #include "auth/credentials/credentials.h" >+#include "auth/credentials/credentials_internal.h" > #include "libcli/auth/libcli_auth.h" > #include "tevent.h" > #include "param/param.h" >diff --git a/auth/credentials/credentials.h b/auth/credentials/credentials.h >index 1377bfa..cb09dc3 100644 >--- a/auth/credentials/credentials.h >+++ b/auth/credentials/credentials.h >@@ -25,9 +25,17 @@ > #include "../lib/util/data_blob.h" > #include "librpc/gen_ndr/misc.h" > >+struct cli_credentials; > struct ccache_container; > struct tevent_context; > struct netlogon_creds_CredentialState; >+struct ldb_context; >+struct ldb_message; >+struct loadparm_context; >+struct ccache_container; >+struct gssapi_creds_container; >+struct smb_krb5_context; >+struct keytab_container; > > /* In order of priority */ > enum credentials_obtained { >@@ -57,99 +65,6 @@ enum credentials_krb_forwardable { > #define CLI_CRED_NTLM_AUTH 0x08 > #define CLI_CRED_CLEAR_AUTH 0x10 /* TODO: Push cleartext auth with this flag */ > >-struct cli_credentials { >- enum credentials_obtained workstation_obtained; >- enum credentials_obtained username_obtained; >- enum credentials_obtained password_obtained; >- enum credentials_obtained domain_obtained; >- enum credentials_obtained realm_obtained; >- enum credentials_obtained ccache_obtained; >- enum credentials_obtained client_gss_creds_obtained; >- enum credentials_obtained principal_obtained; >- enum credentials_obtained keytab_obtained; >- enum credentials_obtained server_gss_creds_obtained; >- >- /* Threshold values (essentially a MAX() over a number of the >- * above) for the ccache and GSS credentials, to ensure we >- * regenerate/pick correctly */ >- >- enum credentials_obtained ccache_threshold; >- enum credentials_obtained client_gss_creds_threshold; >- >- const char *workstation; >- const char *username; >- const char *password; >- const char *old_password; >- const char *domain; >- const char *realm; >- const char *principal; >- char *salt_principal; >- char *impersonate_principal; >- char *self_service; >- char *target_service; >- >- const char *bind_dn; >- >- /* Allows authentication from a keytab or similar */ >- struct samr_Password *nt_hash; >- >- /* Allows NTLM pass-though authentication */ >- DATA_BLOB lm_response; >- DATA_BLOB nt_response; >- >- struct ccache_container *ccache; >- struct gssapi_creds_container *client_gss_creds; >- struct keytab_container *keytab; >- struct gssapi_creds_container *server_gss_creds; >- >- const char *(*workstation_cb) (struct cli_credentials *); >- const char *(*password_cb) (struct cli_credentials *); >- const char *(*username_cb) (struct cli_credentials *); >- const char *(*domain_cb) (struct cli_credentials *); >- const char *(*realm_cb) (struct cli_credentials *); >- const char *(*principal_cb) (struct cli_credentials *); >- >- /* Private handle for the callback routines to use */ >- void *priv_data; >- >- struct netlogon_creds_CredentialState *netlogon_creds; >- enum netr_SchannelType secure_channel_type; >- int kvno; >- time_t password_last_changed_time; >- >- struct smb_krb5_context *smb_krb5_context; >- >- /* We are flagged to get machine account details from the >- * secrets.ldb when we are asked for a username or password */ >- bool machine_account_pending; >- struct loadparm_context *machine_account_pending_lp_ctx; >- >- /* Is this a machine account? */ >- bool machine_account; >- >- /* Should we be trying to use kerberos? */ >- enum credentials_use_kerberos use_kerberos; >- >- /* Should we get a forwardable ticket? */ >- enum credentials_krb_forwardable krb_forwardable; >- >- /* gensec features which should be used for connections */ >- uint32_t gensec_features; >- >- /* Number of retries left before bailing out */ >- int tries; >- >- /* Whether any callback is currently running */ >- bool callback_running; >-}; >- >-struct ldb_context; >-struct ldb_message; >-struct loadparm_context; >-struct ccache_container; >- >-struct gssapi_creds_container; >- > const char *cli_credentials_get_workstation(struct cli_credentials *cred); > bool cli_credentials_set_workstation(struct cli_credentials *cred, > const char *val, >diff --git a/auth/credentials/credentials_internal.h b/auth/credentials/credentials_internal.h >new file mode 100644 >index 0000000..5a3655b >--- /dev/null >+++ b/auth/credentials/credentials_internal.h >@@ -0,0 +1,114 @@ >+/* >+ samba -- Unix SMB/CIFS implementation. >+ >+ Client credentials structure >+ >+ Copyright (C) Jelmer Vernooij 2004-2006 >+ Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005 >+ >+ This program is free software; you can redistribute it and/or modify >+ it under the terms of the GNU General Public License as published by >+ the Free Software Foundation; either version 3 of the License, or >+ (at your option) any later version. >+ >+ This program is distributed in the hope that it will be useful, >+ but WITHOUT ANY WARRANTY; without even the implied warranty of >+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+ GNU General Public License for more details. >+ >+ You should have received a copy of the GNU General Public License >+ along with this program. If not, see <http://www.gnu.org/licenses/>. >+*/ >+#ifndef __CREDENTIALS_INTERNAL_H__ >+#define __CREDENTIALS_INTERNAL_H__ >+ >+#include "../lib/util/data_blob.h" >+#include "librpc/gen_ndr/misc.h" >+ >+struct cli_credentials { >+ enum credentials_obtained workstation_obtained; >+ enum credentials_obtained username_obtained; >+ enum credentials_obtained password_obtained; >+ enum credentials_obtained domain_obtained; >+ enum credentials_obtained realm_obtained; >+ enum credentials_obtained ccache_obtained; >+ enum credentials_obtained client_gss_creds_obtained; >+ enum credentials_obtained principal_obtained; >+ enum credentials_obtained keytab_obtained; >+ enum credentials_obtained server_gss_creds_obtained; >+ >+ /* Threshold values (essentially a MAX() over a number of the >+ * above) for the ccache and GSS credentials, to ensure we >+ * regenerate/pick correctly */ >+ >+ enum credentials_obtained ccache_threshold; >+ enum credentials_obtained client_gss_creds_threshold; >+ >+ const char *workstation; >+ const char *username; >+ const char *password; >+ const char *old_password; >+ const char *domain; >+ const char *realm; >+ const char *principal; >+ char *salt_principal; >+ char *impersonate_principal; >+ char *self_service; >+ char *target_service; >+ >+ const char *bind_dn; >+ >+ /* Allows authentication from a keytab or similar */ >+ struct samr_Password *nt_hash; >+ >+ /* Allows NTLM pass-though authentication */ >+ DATA_BLOB lm_response; >+ DATA_BLOB nt_response; >+ >+ struct ccache_container *ccache; >+ struct gssapi_creds_container *client_gss_creds; >+ struct keytab_container *keytab; >+ struct gssapi_creds_container *server_gss_creds; >+ >+ const char *(*workstation_cb) (struct cli_credentials *); >+ const char *(*password_cb) (struct cli_credentials *); >+ const char *(*username_cb) (struct cli_credentials *); >+ const char *(*domain_cb) (struct cli_credentials *); >+ const char *(*realm_cb) (struct cli_credentials *); >+ const char *(*principal_cb) (struct cli_credentials *); >+ >+ /* Private handle for the callback routines to use */ >+ void *priv_data; >+ >+ struct netlogon_creds_CredentialState *netlogon_creds; >+ enum netr_SchannelType secure_channel_type; >+ int kvno; >+ time_t password_last_changed_time; >+ >+ struct smb_krb5_context *smb_krb5_context; >+ >+ /* We are flagged to get machine account details from the >+ * secrets.ldb when we are asked for a username or password */ >+ bool machine_account_pending; >+ struct loadparm_context *machine_account_pending_lp_ctx; >+ >+ /* Is this a machine account? */ >+ bool machine_account; >+ >+ /* Should we be trying to use kerberos? */ >+ enum credentials_use_kerberos use_kerberos; >+ >+ /* Should we get a forwardable ticket? */ >+ enum credentials_krb_forwardable krb_forwardable; >+ >+ /* gensec features which should be used for connections */ >+ uint32_t gensec_features; >+ >+ /* Number of retries left before bailing out */ >+ int tries; >+ >+ /* Whether any callback is currently running */ >+ bool callback_running; >+}; >+ >+#endif /* __CREDENTIALS_INTERNAL_H__ */ >diff --git a/auth/credentials/credentials_krb5.c b/auth/credentials/credentials_krb5.c >index cc51f56..31fc9d2 100644 >--- a/auth/credentials/credentials_krb5.c >+++ b/auth/credentials/credentials_krb5.c >@@ -26,6 +26,7 @@ > #include "system/gssapi.h" > #include "auth/kerberos/kerberos.h" > #include "auth/credentials/credentials.h" >+#include "auth/credentials/credentials_internal.h" > #include "auth/credentials/credentials_proto.h" > #include "auth/credentials/credentials_krb5.h" > #include "auth/kerberos/kerberos_credentials.h" >diff --git a/auth/credentials/credentials_ntlm.c b/auth/credentials/credentials_ntlm.c >index 8f143bf..8c6be39 100644 >--- a/auth/credentials/credentials_ntlm.c >+++ b/auth/credentials/credentials_ntlm.c >@@ -26,6 +26,7 @@ > #include "../lib/crypto/crypto.h" > #include "libcli/auth/libcli_auth.h" > #include "auth/credentials/credentials.h" >+#include "auth/credentials/credentials_internal.h" > > _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, > int *flags, >diff --git a/auth/credentials/credentials_secrets.c b/auth/credentials/credentials_secrets.c >index 27ee607..678d167 100644 >--- a/auth/credentials/credentials_secrets.c >+++ b/auth/credentials/credentials_secrets.c >@@ -28,6 +28,7 @@ > #include "param/secrets.h" > #include "system/filesys.h" > #include "auth/credentials/credentials.h" >+#include "auth/credentials/credentials_internal.h" > #include "auth/credentials/credentials_proto.h" > #include "auth/credentials/credentials_krb5.h" > #include "auth/kerberos/kerberos_util.h" >-- >1.8.1.2 > > >From 26a7420c1c4307023b22676cd85d95010ecbf603 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 13:39:17 +0200 >Subject: [PATCH 18/67] auth/credentials: get the old password from secrets.tdb > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > auth/credentials/credentials_secrets.c | 11 +++++++++++ > 1 file changed, 11 insertions(+) > >diff --git a/auth/credentials/credentials_secrets.c b/auth/credentials/credentials_secrets.c >index 678d167..6c1cded 100644 >--- a/auth/credentials/credentials_secrets.c >+++ b/auth/credentials/credentials_secrets.c >@@ -238,6 +238,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr > bool secrets_tdb_password_more_recent; > time_t secrets_tdb_lct = 0; > char *secrets_tdb_password = NULL; >+ char *secrets_tdb_old_password = NULL; > char *keystr; > char *keystr_upper = NULL; > char *secrets_tdb; >@@ -285,6 +286,15 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr > if (NT_STATUS_IS_OK(status)) { > secrets_tdb_password = (char *)dbuf.dptr; > } >+ keystr = talloc_asprintf(tmp_ctx, "%s/%s", >+ SECRETS_MACHINE_PASSWORD_PREV, >+ domain); >+ keystr_upper = strupper_talloc(tmp_ctx, keystr); >+ status = dbwrap_fetch(db_ctx, tmp_ctx, string_tdb_data(keystr_upper), >+ &dbuf); >+ if (NT_STATUS_IS_OK(status)) { >+ secrets_tdb_old_password = (char *)dbuf.dptr; >+ } > } > > filter = talloc_asprintf(cred, SECRETS_PRIMARY_DOMAIN_FILTER, >@@ -308,6 +318,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr > if (secrets_tdb_password_more_recent) { > char *machine_account = talloc_asprintf(tmp_ctx, "%s$", lpcfg_netbios_name(lp_ctx)); > cli_credentials_set_password(cred, secrets_tdb_password, CRED_SPECIFIED); >+ cli_credentials_set_old_password(cred, secrets_tdb_old_password, CRED_SPECIFIED); > cli_credentials_set_domain(cred, domain, CRED_SPECIFIED); > cli_credentials_set_username(cred, machine_account, CRED_SPECIFIED); > } else if (!NT_STATUS_IS_OK(status)) { >-- >1.8.1.2 > > >From 8ea36a8e58d499aa7bf342b365ca00cb39f295b6 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 14:25:54 +0200 >Subject: [PATCH 19/67] auth/credentials: simplify password_tries state > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >--- > auth/credentials/credentials.c | 19 ++++++++++++++----- > auth/credentials/credentials_internal.h | 2 +- > 2 files changed, 15 insertions(+), 6 deletions(-) > >diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c >index f334465..4ac5356 100644 >--- a/auth/credentials/credentials.c >+++ b/auth/credentials/credentials.c >@@ -104,7 +104,7 @@ _PUBLIC_ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx) > > cred->machine_account = false; > >- cred->tries = 3; >+ cred->password_tries = 0; > > cred->callback_running = false; > >@@ -397,6 +397,7 @@ _PUBLIC_ bool cli_credentials_set_password(struct cli_credentials *cred, > enum credentials_obtained obtained) > { > if (obtained >= cred->password_obtained) { >+ cred->password_tries = 0; > cred->password = talloc_strdup(cred, val); > if (cred->password) { > /* Don't print the actual password in talloc memory dumps */ >@@ -418,6 +419,7 @@ _PUBLIC_ bool cli_credentials_set_password_callback(struct cli_credentials *cred > const char *(*password_cb) (struct cli_credentials *)) > { > if (cred->password_obtained < CRED_CALLBACK) { >+ cred->password_tries = 3; > cred->password_cb = password_cb; > cred->password_obtained = CRED_CALLBACK; > cli_credentials_invalidate_ccache(cred, cred->password_obtained); >@@ -897,12 +899,19 @@ _PUBLIC_ bool cli_credentials_wrong_password(struct cli_credentials *cred) > if (cred->password_obtained != CRED_CALLBACK_RESULT) { > return false; > } >- >- cred->password_obtained = CRED_CALLBACK; > >- cred->tries--; >+ if (cred->password_tries == 0) { >+ return false; >+ } >+ >+ cred->password_tries--; > >- return (cred->tries > 0); >+ if (cred->password_tries == 0) { >+ return false; >+ } >+ >+ cred->password_obtained = CRED_CALLBACK; >+ return true; > } > > _PUBLIC_ void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, >diff --git a/auth/credentials/credentials_internal.h b/auth/credentials/credentials_internal.h >index 5a3655b..f2f79b9 100644 >--- a/auth/credentials/credentials_internal.h >+++ b/auth/credentials/credentials_internal.h >@@ -105,7 +105,7 @@ struct cli_credentials { > uint32_t gensec_features; > > /* Number of retries left before bailing out */ >- int tries; >+ uint32_t password_tries; > > /* Whether any callback is currently running */ > bool callback_running; >-- >1.8.1.2 > > >From b699d404bb5d4385a757b5aa5d0e792cf9d5de59 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 31 Jul 2013 14:32:36 +0200 >Subject: [PATCH 20/67] auth/credentials: use CRED_CALLBACK_RESULT after a > callback > >We only do this if it's still CRED_CALLBACK after the callback, >this allowes the callback to overwrite it. > >Signed-off-by: Stefan Metzmacher <metze@samba.org> > >Reviewed-by: Andrew Bartlett <abartlet@samba.org> > >Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> >Autobuild-Date(master): Mon Aug 5 09:36:05 CEST 2013 on sn-devel-104 >--- > auth/credentials/credentials.c | 34 +++++++++++++++++++++++----------- > 1 file changed, 23 insertions(+), 11 deletions(-) > >diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c >index 4ac5356..be497bc 100644 >--- a/auth/credentials/credentials.c >+++ b/auth/credentials/credentials.c >@@ -206,8 +206,10 @@ _PUBLIC_ const char *cli_credentials_get_username(struct cli_credentials *cred) > cred->callback_running = true; > cred->username = cred->username_cb(cred); > cred->callback_running = false; >- cred->username_obtained = CRED_SPECIFIED; >- cli_credentials_invalidate_ccache(cred, cred->username_obtained); >+ if (cred->username_obtained == CRED_CALLBACK) { >+ cred->username_obtained = CRED_CALLBACK_RESULT; >+ cli_credentials_invalidate_ccache(cred, cred->username_obtained); >+ } > } > > return cred->username; >@@ -275,8 +277,10 @@ _PUBLIC_ const char *cli_credentials_get_principal_and_obtained(struct cli_crede > cred->callback_running = true; > cred->principal = cred->principal_cb(cred); > cred->callback_running = false; >- cred->principal_obtained = CRED_SPECIFIED; >- cli_credentials_invalidate_ccache(cred, cred->principal_obtained); >+ if (cred->principal_obtained == CRED_CALLBACK) { >+ cred->principal_obtained = CRED_CALLBACK_RESULT; >+ cli_credentials_invalidate_ccache(cred, cred->principal_obtained); >+ } > } > > if (cred->principal_obtained < cred->username_obtained >@@ -382,8 +386,10 @@ _PUBLIC_ const char *cli_credentials_get_password(struct cli_credentials *cred) > cred->callback_running = true; > cred->password = cred->password_cb(cred); > cred->callback_running = false; >- cred->password_obtained = CRED_CALLBACK_RESULT; >- cli_credentials_invalidate_ccache(cred, cred->password_obtained); >+ if (cred->password_obtained == CRED_CALLBACK) { >+ cred->password_obtained = CRED_CALLBACK_RESULT; >+ cli_credentials_invalidate_ccache(cred, cred->password_obtained); >+ } > } > > return cred->password; >@@ -502,8 +508,10 @@ _PUBLIC_ const char *cli_credentials_get_domain(struct cli_credentials *cred) > cred->callback_running = true; > cred->domain = cred->domain_cb(cred); > cred->callback_running = false; >- cred->domain_obtained = CRED_SPECIFIED; >- cli_credentials_invalidate_ccache(cred, cred->domain_obtained); >+ if (cred->domain_obtained == CRED_CALLBACK) { >+ cred->domain_obtained = CRED_CALLBACK_RESULT; >+ cli_credentials_invalidate_ccache(cred, cred->domain_obtained); >+ } > } > > return cred->domain; >@@ -561,8 +569,10 @@ _PUBLIC_ const char *cli_credentials_get_realm(struct cli_credentials *cred) > cred->callback_running = true; > cred->realm = cred->realm_cb(cred); > cred->callback_running = false; >- cred->realm_obtained = CRED_SPECIFIED; >- cli_credentials_invalidate_ccache(cred, cred->realm_obtained); >+ if (cred->realm_obtained == CRED_CALLBACK) { >+ cred->realm_obtained = CRED_CALLBACK_RESULT; >+ cli_credentials_invalidate_ccache(cred, cred->realm_obtained); >+ } > } > > return cred->realm; >@@ -612,7 +622,9 @@ _PUBLIC_ const char *cli_credentials_get_workstation(struct cli_credentials *cre > cred->callback_running = true; > cred->workstation = cred->workstation_cb(cred); > cred->callback_running = false; >- cred->workstation_obtained = CRED_SPECIFIED; >+ if (cred->workstation_obtained == CRED_CALLBACK) { >+ cred->workstation_obtained = CRED_CALLBACK_RESULT; >+ } > } > > return cred->workstation; >-- >1.8.1.2 > > >From 6dc7c63efa95d0c04b542667d9b6a6621c8139bf Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 17 May 2013 15:14:35 +0200 >Subject: [PATCH 21/67] s3-libads: Fail > create_local_private_krb5_conf_for_domain() if parameters missing. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/libads/kerberos.c | 4 ++++ > 1 file changed, 4 insertions(+) > >diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c >index 96d194d..bb74305 100644 >--- a/source3/libads/kerberos.c >+++ b/source3/libads/kerberos.c >@@ -839,6 +839,10 @@ bool create_local_private_krb5_conf_for_domain(const char *realm, > return false; > } > >+ if (!realm || !domain || !pss || !kdc_name) { >+ return false; >+ } >+ > dname = lock_path("smb_krb5"); > if (!dname) { > return false; >-- >1.8.1.2 > > >From 93e92faca9c99cd91878c2f48fb244233b16aa0f Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 17 May 2013 16:02:59 +0200 >Subject: [PATCH 22/67] s3-net: pass down ndr_interface_table to > connect_dst_pipe(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/utils/net_proto.h | 2 +- > source3/utils/net_rpc.c | 4 ++-- > source3/utils/net_rpc_printer.c | 10 +++++----- > source3/utils/net_util.c | 4 ++-- > 4 files changed, 10 insertions(+), 10 deletions(-) > >diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h >index 3f99e14..03fb312 100644 >--- a/source3/utils/net_proto.h >+++ b/source3/utils/net_proto.h >@@ -416,7 +416,7 @@ NTSTATUS connect_to_ipc_anonymous(struct net_context *c, > const char *server_name); > NTSTATUS connect_dst_pipe(struct net_context *c, struct cli_state **cli_dst, > struct rpc_pipe_client **pp_pipe_hnd, >- const struct ndr_syntax_id *interface); >+ const struct ndr_interface_table *table); > int net_use_krb_machine_account(struct net_context *c); > int net_use_machine_account(struct net_context *c); > bool net_find_server(struct net_context *c, >diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c >index 870ad22..e59a223 100644 >--- a/source3/utils/net_rpc.c >+++ b/source3/utils/net_rpc.c >@@ -3619,7 +3619,7 @@ static NTSTATUS rpc_share_migrate_shares_internals(struct net_context *c, > > /* connect destination PI_SRVSVC */ > nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe, >- &ndr_table_srvsvc.syntax_id); >+ &ndr_table_srvsvc); > if (!NT_STATUS_IS_OK(nt_status)) > return nt_status; > >@@ -4105,7 +4105,7 @@ static NTSTATUS rpc_share_migrate_security_internals(struct net_context *c, > > /* connect destination PI_SRVSVC */ > nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe, >- &ndr_table_srvsvc.syntax_id); >+ &ndr_table_srvsvc); > if (!NT_STATUS_IS_OK(nt_status)) > return nt_status; > >diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c >index 9743d08..3ed97a7 100644 >--- a/source3/utils/net_rpc_printer.c >+++ b/source3/utils/net_rpc_printer.c >@@ -1577,7 +1577,7 @@ NTSTATUS rpc_printer_migrate_security_internals(struct net_context *c, > > /* connect destination PI_SPOOLSS */ > nt_status = connect_dst_pipe(c, &cli_dst, &pipe_hnd_dst, >- &ndr_table_spoolss.syntax_id); >+ &ndr_table_spoolss); > if (!NT_STATUS_IS_OK(nt_status)) { > return nt_status; > } >@@ -1729,7 +1729,7 @@ NTSTATUS rpc_printer_migrate_forms_internals(struct net_context *c, > > /* connect destination PI_SPOOLSS */ > nt_status = connect_dst_pipe(c, &cli_dst, &pipe_hnd_dst, >- &ndr_table_spoolss.syntax_id); >+ &ndr_table_spoolss); > if (!NT_STATUS_IS_OK(nt_status)) { > return nt_status; > } >@@ -1906,7 +1906,7 @@ NTSTATUS rpc_printer_migrate_drivers_internals(struct net_context *c, > DEBUG(3,("copying printer-drivers\n")); > > nt_status = connect_dst_pipe(c, &cli_dst, &pipe_hnd_dst, >- &ndr_table_spoolss.syntax_id); >+ &ndr_table_spoolss); > if (!NT_STATUS_IS_OK(nt_status)) { > return nt_status; > } >@@ -2125,7 +2125,7 @@ NTSTATUS rpc_printer_migrate_printers_internals(struct net_context *c, > > /* connect destination PI_SPOOLSS */ > nt_status = connect_dst_pipe(c, &cli_dst, &pipe_hnd_dst, >- &ndr_table_spoolss.syntax_id); >+ &ndr_table_spoolss); > if (!NT_STATUS_IS_OK(nt_status)) { > return nt_status; > } >@@ -2300,7 +2300,7 @@ NTSTATUS rpc_printer_migrate_settings_internals(struct net_context *c, > > /* connect destination PI_SPOOLSS */ > nt_status = connect_dst_pipe(c, &cli_dst, &pipe_hnd_dst, >- &ndr_table_spoolss.syntax_id); >+ &ndr_table_spoolss); > if (!NT_STATUS_IS_OK(nt_status)) { > return nt_status; > } >diff --git a/source3/utils/net_util.c b/source3/utils/net_util.c >index 9c4a77e..a4282ec 100644 >--- a/source3/utils/net_util.c >+++ b/source3/utils/net_util.c >@@ -231,7 +231,7 @@ NTSTATUS connect_to_ipc_anonymous(struct net_context *c, > **/ > NTSTATUS connect_dst_pipe(struct net_context *c, struct cli_state **cli_dst, > struct rpc_pipe_client **pp_pipe_hnd, >- const struct ndr_syntax_id *interface) >+ const struct ndr_interface_table *table) > { > NTSTATUS nt_status; > char *server_name = SMB_STRDUP("127.0.0.1"); >@@ -256,7 +256,7 @@ NTSTATUS connect_dst_pipe(struct net_context *c, struct cli_state **cli_dst, > return nt_status; > } > >- nt_status = cli_rpc_pipe_open_noauth(cli_tmp, interface, >+ nt_status = cli_rpc_pipe_open_noauth(cli_tmp, &table->syntax_id, > &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { > DEBUG(0, ("couldn't not initialize pipe\n")); >-- >1.8.1.2 > > >From a1368ca6ef8ab4f158c8b303ad058835f1bbf441 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 17 May 2013 16:24:42 +0200 >Subject: [PATCH 23/67] s3-rpc_cli: remove prototype of nonexisting > cli_rpc_pipe_open_krb5(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.h | 9 --------- > 1 file changed, 9 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h >index bf785fb..34ae542 100644 >--- a/source3/rpc_client/cli_pipe.h >+++ b/source3/rpc_client/cli_pipe.h >@@ -131,15 +131,6 @@ NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli, > const char *domain, > struct rpc_pipe_client **presult); > >-NTSTATUS cli_rpc_pipe_open_krb5(struct cli_state *cli, >- const struct ndr_syntax_id *interface, >- enum dcerpc_transport_t transport, >- enum dcerpc_AuthLevel auth_level, >- const char *service_princ, >- const char *username, >- const char *password, >- struct rpc_pipe_client **presult); >- > NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx, > struct rpc_pipe_client *cli, > DATA_BLOB *session_key); >-- >1.8.1.2 > > >From fa37bbd9d06865d265bf554a3c49920f956f2185 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 17 May 2013 16:08:16 +0200 >Subject: [PATCH 24/67] s3-libnetapi: pass down ndr_interface_table to > libnetapi_get_binding_handle(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/lib/netapi/cm.c | 4 ++-- > source3/lib/netapi/file.c | 6 +++--- > source3/lib/netapi/getdc.c | 6 +++--- > source3/lib/netapi/netapi_private.h | 3 ++- > source3/lib/netapi/netlogon.c | 4 ++-- > source3/lib/netapi/serverinfo.c | 6 +++--- > source3/lib/netapi/share.c | 10 +++++----- > source3/lib/netapi/shutdown.c | 4 ++-- > 8 files changed, 22 insertions(+), 21 deletions(-) > >diff --git a/source3/lib/netapi/cm.c b/source3/lib/netapi/cm.c >index 36e8731..786fd94 100644 >--- a/source3/lib/netapi/cm.c >+++ b/source3/lib/netapi/cm.c >@@ -269,7 +269,7 @@ WERROR libnetapi_open_pipe(struct libnetapi_ctx *ctx, > > WERROR libnetapi_get_binding_handle(struct libnetapi_ctx *ctx, > const char *server_name, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct dcerpc_binding_handle **binding_handle) > { > struct rpc_pipe_client *pipe_cli; >@@ -277,7 +277,7 @@ WERROR libnetapi_get_binding_handle(struct libnetapi_ctx *ctx, > > *binding_handle = NULL; > >- result = libnetapi_open_pipe(ctx, server_name, interface, &pipe_cli); >+ result = libnetapi_open_pipe(ctx, server_name, &table->syntax_id, &pipe_cli); > if (!W_ERROR_IS_OK(result)) { > return result; > } >diff --git a/source3/lib/netapi/file.c b/source3/lib/netapi/file.c >index 1e406d2..551f9ff 100644 >--- a/source3/lib/netapi/file.c >+++ b/source3/lib/netapi/file.c >@@ -36,7 +36,7 @@ WERROR NetFileClose_r(struct libnetapi_ctx *ctx, > struct dcerpc_binding_handle *b; > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -130,7 +130,7 @@ WERROR NetFileGetInfo_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -201,7 +201,7 @@ WERROR NetFileEnum_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >diff --git a/source3/lib/netapi/getdc.c b/source3/lib/netapi/getdc.c >index 3b26d46..ae976f1 100644 >--- a/source3/lib/netapi/getdc.c >+++ b/source3/lib/netapi/getdc.c >@@ -47,7 +47,7 @@ WERROR NetGetDCName_r(struct libnetapi_ctx *ctx, > void *buffer; > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_netlogon.syntax_id, >+ &ndr_table_netlogon, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -101,7 +101,7 @@ WERROR NetGetAnyDCName_r(struct libnetapi_ctx *ctx, > void *buffer; > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_netlogon.syntax_id, >+ &ndr_table_netlogon, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -173,7 +173,7 @@ WERROR DsGetDcName_r(struct libnetapi_ctx *ctx, > struct dcerpc_binding_handle *b; > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_netlogon.syntax_id, >+ &ndr_table_netlogon, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >diff --git a/source3/lib/netapi/netapi_private.h b/source3/lib/netapi/netapi_private.h >index 349287b..62aa7ef 100644 >--- a/source3/lib/netapi/netapi_private.h >+++ b/source3/lib/netapi/netapi_private.h >@@ -30,6 +30,7 @@ > return fn ## _r(ctx, r); > > struct dcerpc_binding_handle; >+struct ndr_interface_table; > > struct libnetapi_private_ctx { > struct { >@@ -64,7 +65,7 @@ WERROR libnetapi_open_pipe(struct libnetapi_ctx *ctx, > struct rpc_pipe_client **presult); > WERROR libnetapi_get_binding_handle(struct libnetapi_ctx *ctx, > const char *server_name, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct dcerpc_binding_handle **binding_handle); > WERROR libnetapi_samr_open_domain(struct libnetapi_ctx *mem_ctx, > struct rpc_pipe_client *pipe_cli, >diff --git a/source3/lib/netapi/netlogon.c b/source3/lib/netapi/netlogon.c >index a046fb7..136cb48 100644 >--- a/source3/lib/netapi/netlogon.c >+++ b/source3/lib/netapi/netlogon.c >@@ -133,7 +133,7 @@ WERROR I_NetLogonControl_r(struct libnetapi_ctx *ctx, > struct dcerpc_binding_handle *b; > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_netlogon.syntax_id, >+ &ndr_table_netlogon, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -190,7 +190,7 @@ WERROR I_NetLogonControl2_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_netlogon.syntax_id, >+ &ndr_table_netlogon, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >diff --git a/source3/lib/netapi/serverinfo.c b/source3/lib/netapi/serverinfo.c >index 046b693..b2a84d1 100644 >--- a/source3/lib/netapi/serverinfo.c >+++ b/source3/lib/netapi/serverinfo.c >@@ -503,7 +503,7 @@ WERROR NetServerGetInfo_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -616,7 +616,7 @@ WERROR NetServerSetInfo_r(struct libnetapi_ctx *ctx, > struct dcerpc_binding_handle *b; > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -658,7 +658,7 @@ WERROR NetRemoteTOD_r(struct libnetapi_ctx *ctx, > struct dcerpc_binding_handle *b; > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >diff --git a/source3/lib/netapi/share.c b/source3/lib/netapi/share.c >index d12fa1c..090e1a9 100644 >--- a/source3/lib/netapi/share.c >+++ b/source3/lib/netapi/share.c >@@ -200,7 +200,7 @@ WERROR NetShareAdd_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -258,7 +258,7 @@ WERROR NetShareDel_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -321,7 +321,7 @@ WERROR NetShareEnum_r(struct libnetapi_ctx *ctx, > ZERO_STRUCT(info_ctr); > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -428,7 +428,7 @@ WERROR NetShareGetInfo_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -502,7 +502,7 @@ WERROR NetShareSetInfo_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >diff --git a/source3/lib/netapi/shutdown.c b/source3/lib/netapi/shutdown.c >index 78bc2fc..9e1e8e1 100644 >--- a/source3/lib/netapi/shutdown.c >+++ b/source3/lib/netapi/shutdown.c >@@ -38,7 +38,7 @@ WERROR NetShutdownInit_r(struct libnetapi_ctx *ctx, > struct dcerpc_binding_handle *b; > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_initshutdown.syntax_id, >+ &ndr_table_initshutdown, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -82,7 +82,7 @@ WERROR NetShutdownAbort_r(struct libnetapi_ctx *ctx, > struct dcerpc_binding_handle *b; > > werr = libnetapi_get_binding_handle(ctx, r->in.server_name, >- &ndr_table_initshutdown.syntax_id, >+ &ndr_table_initshutdown, > &b); > if (!W_ERROR_IS_OK(werr)) { > goto done; >-- >1.8.1.2 > > >From 77f7f2a976e5b95f3bd9f542b92926adee4f5fa6 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 17 May 2013 16:10:13 +0200 >Subject: [PATCH 25/67] s3-libnetapi: pass down ndr_interface_table to > libnetapi_open_pipe(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/lib/netapi/cm.c | 8 ++++---- > source3/lib/netapi/group.c | 18 +++++++++--------- > source3/lib/netapi/joindomain.c | 10 +++++----- > source3/lib/netapi/localgroup.c | 14 +++++++------- > source3/lib/netapi/netapi_private.h | 2 +- > source3/lib/netapi/user.c | 22 +++++++++++----------- > 6 files changed, 37 insertions(+), 37 deletions(-) > >diff --git a/source3/lib/netapi/cm.c b/source3/lib/netapi/cm.c >index 786fd94..310b6d2 100644 >--- a/source3/lib/netapi/cm.c >+++ b/source3/lib/netapi/cm.c >@@ -234,7 +234,7 @@ static NTSTATUS pipe_cm_open(TALLOC_CTX *ctx, > > WERROR libnetapi_open_pipe(struct libnetapi_ctx *ctx, > const char *server_name, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > struct rpc_pipe_client *result = NULL; >@@ -251,10 +251,10 @@ WERROR libnetapi_open_pipe(struct libnetapi_ctx *ctx, > return werr; > } > >- status = pipe_cm_open(ctx, ipc, interface, &result); >+ status = pipe_cm_open(ctx, ipc, &table->syntax_id, &result); > if (!NT_STATUS_IS_OK(status)) { > libnetapi_set_error_string(ctx, "failed to open PIPE %s: %s", >- get_pipe_name_from_syntax(talloc_tos(), interface), >+ get_pipe_name_from_syntax(talloc_tos(), &table->syntax_id), > get_friendly_nt_error_msg(status)); > return WERR_DEST_NOT_FOUND; > } >@@ -277,7 +277,7 @@ WERROR libnetapi_get_binding_handle(struct libnetapi_ctx *ctx, > > *binding_handle = NULL; > >- result = libnetapi_open_pipe(ctx, server_name, &table->syntax_id, &pipe_cli); >+ result = libnetapi_open_pipe(ctx, server_name, table, &pipe_cli); > if (!W_ERROR_IS_OK(result)) { > return result; > } >diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c >index 9813f7e..38ed6df 100644 >--- a/source3/lib/netapi/group.c >+++ b/source3/lib/netapi/group.c >@@ -76,7 +76,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -272,7 +272,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -475,7 +475,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -745,7 +745,7 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -885,7 +885,7 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -1029,7 +1029,7 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -1332,7 +1332,7 @@ WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -1479,7 +1479,7 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, > > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -1655,7 +1655,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c >index b6fb57a..d8e624f 100644 >--- a/source3/lib/netapi/joindomain.c >+++ b/source3/lib/netapi/joindomain.c >@@ -116,7 +116,7 @@ WERROR NetJoinDomain_r(struct libnetapi_ctx *ctx, > DATA_BLOB session_key; > > werr = libnetapi_open_pipe(ctx, r->in.server, >- &ndr_table_wkssvc.syntax_id, >+ &ndr_table_wkssvc, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -257,7 +257,7 @@ WERROR NetUnjoinDomain_r(struct libnetapi_ctx *ctx, > DATA_BLOB session_key; > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_wkssvc.syntax_id, >+ &ndr_table_wkssvc, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -313,7 +313,7 @@ WERROR NetGetJoinInformation_r(struct libnetapi_ctx *ctx, > struct dcerpc_binding_handle *b; > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_wkssvc.syntax_id, >+ &ndr_table_wkssvc, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -455,7 +455,7 @@ WERROR NetGetJoinableOUs_r(struct libnetapi_ctx *ctx, > DATA_BLOB session_key; > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_wkssvc.syntax_id, >+ &ndr_table_wkssvc, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -508,7 +508,7 @@ WERROR NetRenameMachineInDomain_r(struct libnetapi_ctx *ctx, > DATA_BLOB session_key; > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_wkssvc.syntax_id, >+ &ndr_table_wkssvc, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >diff --git a/source3/lib/netapi/localgroup.c b/source3/lib/netapi/localgroup.c >index 1a544ad..6501edd 100644 >--- a/source3/lib/netapi/localgroup.c >+++ b/source3/lib/netapi/localgroup.c >@@ -179,7 +179,7 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -313,7 +313,7 @@ WERROR NetLocalGroupDel_r(struct libnetapi_ctx *ctx, > ZERO_STRUCT(alias_handle); > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -493,7 +493,7 @@ WERROR NetLocalGroupGetInfo_r(struct libnetapi_ctx *ctx, > ZERO_STRUCT(alias_handle); > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -672,7 +672,7 @@ WERROR NetLocalGroupSetInfo_r(struct libnetapi_ctx *ctx, > ZERO_STRUCT(alias_handle); > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -822,7 +822,7 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, > ZERO_STRUCT(alias_handle); > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -1135,7 +1135,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, > > if (r->in.level == 3) { > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_lsarpc.syntax_id, >+ &ndr_table_lsarpc, > &lsa_pipe); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -1154,7 +1154,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >diff --git a/source3/lib/netapi/netapi_private.h b/source3/lib/netapi/netapi_private.h >index 62aa7ef..897cf3d 100644 >--- a/source3/lib/netapi/netapi_private.h >+++ b/source3/lib/netapi/netapi_private.h >@@ -61,7 +61,7 @@ NET_API_STATUS libnetapi_get_debuglevel(struct libnetapi_ctx *ctx, char **debugl > WERROR libnetapi_shutdown_cm(struct libnetapi_ctx *ctx); > WERROR libnetapi_open_pipe(struct libnetapi_ctx *ctx, > const char *server_name, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult); > WERROR libnetapi_get_binding_handle(struct libnetapi_ctx *ctx, > const char *server_name, >diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c >index df3914c..a2d6c79 100644 >--- a/source3/lib/netapi/user.c >+++ b/source3/lib/netapi/user.c >@@ -400,7 +400,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -552,7 +552,7 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, > ZERO_STRUCT(user_handle); > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > > if (!W_ERROR_IS_OK(werr)) { >@@ -1314,7 +1314,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -1622,7 +1622,7 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -1756,7 +1756,7 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -1920,7 +1920,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -2371,7 +2371,7 @@ WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -2856,7 +2856,7 @@ WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -2991,7 +2991,7 @@ WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -3166,7 +3166,7 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >@@ -3491,7 +3491,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, > } > > werr = libnetapi_open_pipe(ctx, r->in.server_name, >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &pipe_cli); > if (!W_ERROR_IS_OK(werr)) { > goto done; >-- >1.8.1.2 > > >From 0ce2178f2ffeaee324c7e8fef7c87727def7bd77 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 17 May 2013 16:13:26 +0200 >Subject: [PATCH 26/67] s3-libnetapi: pass down ndr_interface_table to > pipe_cm() and friends. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/lib/netapi/cm.c | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) > >diff --git a/source3/lib/netapi/cm.c b/source3/lib/netapi/cm.c >index 310b6d2..c158792 100644 >--- a/source3/lib/netapi/cm.c >+++ b/source3/lib/netapi/cm.c >@@ -161,7 +161,7 @@ WERROR libnetapi_shutdown_cm(struct libnetapi_ctx *ctx) > ********************************************************************/ > > static NTSTATUS pipe_cm_find(struct client_ipc_connection *ipc, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > struct client_pipe_connection *p; >@@ -177,7 +177,7 @@ static NTSTATUS pipe_cm_find(struct client_ipc_connection *ipc, > > if (strequal(ipc_remote_name, p->pipe->desthost) > && ndr_syntax_id_equal(&p->pipe->abstract_syntax, >- interface)) { >+ &table->syntax_id)) { > *presult = p->pipe; > return NT_STATUS_OK; > } >@@ -191,7 +191,7 @@ static NTSTATUS pipe_cm_find(struct client_ipc_connection *ipc, > > static NTSTATUS pipe_cm_connect(TALLOC_CTX *mem_ctx, > struct client_ipc_connection *ipc, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > struct client_pipe_connection *p; >@@ -202,7 +202,7 @@ static NTSTATUS pipe_cm_connect(TALLOC_CTX *mem_ctx, > return NT_STATUS_NO_MEMORY; > } > >- status = cli_rpc_pipe_open_noauth(ipc->cli, interface, &p->pipe); >+ status = cli_rpc_pipe_open_noauth(ipc->cli, &table->syntax_id, &p->pipe); > if (!NT_STATUS_IS_OK(status)) { > TALLOC_FREE(p); > return status; >@@ -219,14 +219,14 @@ static NTSTATUS pipe_cm_connect(TALLOC_CTX *mem_ctx, > > static NTSTATUS pipe_cm_open(TALLOC_CTX *ctx, > struct client_ipc_connection *ipc, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { >- if (NT_STATUS_IS_OK(pipe_cm_find(ipc, interface, presult))) { >+ if (NT_STATUS_IS_OK(pipe_cm_find(ipc, table, presult))) { > return NT_STATUS_OK; > } > >- return pipe_cm_connect(ctx, ipc, interface, presult); >+ return pipe_cm_connect(ctx, ipc, table, presult); > } > > /******************************************************************** >@@ -251,7 +251,7 @@ WERROR libnetapi_open_pipe(struct libnetapi_ctx *ctx, > return werr; > } > >- status = pipe_cm_open(ctx, ipc, &table->syntax_id, &result); >+ status = pipe_cm_open(ctx, ipc, table, &result); > if (!NT_STATUS_IS_OK(status)) { > libnetapi_set_error_string(ctx, "failed to open PIPE %s: %s", > get_pipe_name_from_syntax(talloc_tos(), &table->syntax_id), >-- >1.8.1.2 > > >From 9b4fb5b074b035eaef98c4a463c9d68006ed52da Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 17 May 2013 16:16:59 +0200 >Subject: [PATCH 27/67] s3-rpc_cli: pass down ndr_interface_table to > rpc_pipe_open_ncalrpc(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/librpc/rpc/dcerpc_ep.c | 2 +- > source3/rpc_client/cli_pipe.c | 4 ++-- > source3/rpc_client/cli_pipe.h | 2 +- > 3 files changed, 4 insertions(+), 4 deletions(-) > >diff --git a/source3/librpc/rpc/dcerpc_ep.c b/source3/librpc/rpc/dcerpc_ep.c >index bb080c5..410caa7 100644 >--- a/source3/librpc/rpc/dcerpc_ep.c >+++ b/source3/librpc/rpc/dcerpc_ep.c >@@ -365,7 +365,7 @@ static NTSTATUS ep_register(TALLOC_CTX *mem_ctx, > > status = rpc_pipe_open_ncalrpc(tmp_ctx, > ncalrpc_sock, >- &ndr_table_epmapper.syntax_id, >+ &ndr_table_epmapper, > &cli); > if (!NT_STATUS_IS_OK(status)) { > goto done; >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index 497df24..5a55fd5 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2654,7 +2654,7 @@ NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, const char *host, > Create a rpc pipe client struct, connecting to a unix domain socket > ********************************************************************/ > NTSTATUS rpc_pipe_open_ncalrpc(TALLOC_CTX *mem_ctx, const char *socket_path, >- const struct ndr_syntax_id *abstract_syntax, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > struct rpc_pipe_client *result; >@@ -2668,7 +2668,7 @@ NTSTATUS rpc_pipe_open_ncalrpc(TALLOC_CTX *mem_ctx, const char *socket_path, > return NT_STATUS_NO_MEMORY; > } > >- result->abstract_syntax = *abstract_syntax; >+ result->abstract_syntax = table->syntax_id; > result->transfer_syntax = ndr_transfer_syntax_ndr; > > result->desthost = get_myname(result); >diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h >index 34ae542..3415db0 100644 >--- a/source3/rpc_client/cli_pipe.h >+++ b/source3/rpc_client/cli_pipe.h >@@ -71,7 +71,7 @@ NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, > struct rpc_pipe_client **presult); > > NTSTATUS rpc_pipe_open_ncalrpc(TALLOC_CTX *mem_ctx, const char *socket_path, >- const struct ndr_syntax_id *abstract_syntax, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult); > > struct dcerpc_binding_handle *rpccli_bh_create(struct rpc_pipe_client *c); >-- >1.8.1.2 > > >From 6886cff0a7e97864e9094af936cbef08a3c8f6f4 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 17 May 2013 16:44:05 +0200 >Subject: [PATCH 28/67] s3-rpc_cli: pass down ndr_interface_table to > rpc_pipe_open_interface(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/printing/nt_printing_migrate_internal.c | 2 +- > source3/printing/printspoolss.c | 4 +-- > source3/rpc_server/rpc_ncacn_np.c | 8 +++--- > source3/rpc_server/rpc_ncacn_np.h | 2 +- > source3/smbd/lanman.c | 36 ++++++++++++------------- > source3/smbd/reply.c | 2 +- > 6 files changed, 27 insertions(+), 27 deletions(-) > >diff --git a/source3/printing/nt_printing_migrate_internal.c b/source3/printing/nt_printing_migrate_internal.c >index 200db07f..6bc7ea2 100644 >--- a/source3/printing/nt_printing_migrate_internal.c >+++ b/source3/printing/nt_printing_migrate_internal.c >@@ -211,7 +211,7 @@ bool nt_printing_tdb_migrate(struct messaging_context *msg_ctx) > } > > status = rpc_pipe_open_interface(tmp_ctx, >- &ndr_table_winreg.syntax_id, >+ &ndr_table_winreg, > session_info, > NULL, > msg_ctx, >diff --git a/source3/printing/printspoolss.c b/source3/printing/printspoolss.c >index fc1e9c1..0507e83 100644 >--- a/source3/printing/printspoolss.c >+++ b/source3/printing/printspoolss.c >@@ -154,7 +154,7 @@ NTSTATUS print_spool_open(files_struct *fsp, > * a job id */ > > status = rpc_pipe_open_interface(fsp->conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > fsp->conn->session_info, > fsp->conn->sconn->remote_address, > fsp->conn->sconn->msg_ctx, >@@ -343,7 +343,7 @@ void print_spool_terminate(struct connection_struct *conn, > rap_jobid_delete(print_file->svcname, print_file->jobid); > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >diff --git a/source3/rpc_server/rpc_ncacn_np.c b/source3/rpc_server/rpc_ncacn_np.c >index b4602a9..7389b3e 100644 >--- a/source3/rpc_server/rpc_ncacn_np.c >+++ b/source3/rpc_server/rpc_ncacn_np.c >@@ -758,7 +758,7 @@ done: > */ > > NTSTATUS rpc_pipe_open_interface(TALLOC_CTX *mem_ctx, >- const struct ndr_syntax_id *syntax, >+ const struct ndr_interface_table *table, > const struct auth_session_info *session_info, > const struct tsocket_address *remote_address, > struct messaging_context *msg_ctx, >@@ -783,7 +783,7 @@ NTSTATUS rpc_pipe_open_interface(TALLOC_CTX *mem_ctx, > return NT_STATUS_NO_MEMORY; > } > >- pipe_name = get_pipe_name_from_syntax(tmp_ctx, syntax); >+ pipe_name = get_pipe_name_from_syntax(tmp_ctx, &table->syntax_id); > if (pipe_name == NULL) { > status = NT_STATUS_INVALID_PARAMETER; > goto done; >@@ -800,7 +800,7 @@ NTSTATUS rpc_pipe_open_interface(TALLOC_CTX *mem_ctx, > switch (pipe_mode) { > case RPC_SERVICE_MODE_EMBEDDED: > status = rpc_pipe_open_internal(tmp_ctx, >- syntax, session_info, >+ &table->syntax_id, session_info, > remote_address, msg_ctx, > &cli); > if (!NT_STATUS_IS_OK(status)) { >@@ -813,7 +813,7 @@ NTSTATUS rpc_pipe_open_interface(TALLOC_CTX *mem_ctx, > * to spoolssd. */ > > status = rpc_pipe_open_external(tmp_ctx, >- pipe_name, syntax, >+ pipe_name, &table->syntax_id, > session_info, > &cli); > if (!NT_STATUS_IS_OK(status)) { >diff --git a/source3/rpc_server/rpc_ncacn_np.h b/source3/rpc_server/rpc_ncacn_np.h >index 586d61b..67cd8a1 100644 >--- a/source3/rpc_server/rpc_ncacn_np.h >+++ b/source3/rpc_server/rpc_ncacn_np.h >@@ -50,7 +50,7 @@ NTSTATUS rpcint_binding_handle(TALLOC_CTX *mem_ctx, > struct messaging_context *msg_ctx, > struct dcerpc_binding_handle **binding_handle); > NTSTATUS rpc_pipe_open_interface(TALLOC_CTX *mem_ctx, >- const struct ndr_syntax_id *syntax, >+ const struct ndr_interface_table *table, > const struct auth_session_info *session_info, > const struct tsocket_address *remote_address, > struct messaging_context *msg_ctx, >diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c >index 9278a3f..51d5fbf 100644 >--- a/source3/smbd/lanman.c >+++ b/source3/smbd/lanman.c >@@ -832,7 +832,7 @@ static bool api_DosPrintQGetInfo(struct smbd_server_connection *sconn, > } > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -1029,7 +1029,7 @@ static bool api_DosPrintQEnum(struct smbd_server_connection *sconn, > } > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -2255,7 +2255,7 @@ static bool api_RNetShareAdd(struct smbd_server_connection *sconn, > return false; > } > >- status = rpc_pipe_open_interface(mem_ctx, &ndr_table_srvsvc.syntax_id, >+ status = rpc_pipe_open_interface(mem_ctx, &ndr_table_srvsvc, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -2367,7 +2367,7 @@ static bool api_RNetGroupEnum(struct smbd_server_connection *sconn, > } > > status = rpc_pipe_open_interface( >- talloc_tos(), &ndr_table_samr.syntax_id, >+ talloc_tos(), &ndr_table_samr, > conn->session_info, conn->sconn->remote_address, > conn->sconn->msg_ctx, &samr_pipe); > if (!NT_STATUS_IS_OK(status)) { >@@ -2573,7 +2573,7 @@ static bool api_NetUserGetGroups(struct smbd_server_connection *sconn, > endp = *rdata + *rdata_len; > > status = rpc_pipe_open_interface( >- talloc_tos(), &ndr_table_samr.syntax_id, >+ talloc_tos(), &ndr_table_samr, > conn->session_info, conn->sconn->remote_address, > conn->sconn->msg_ctx, &samr_pipe); > if (!NT_STATUS_IS_OK(status)) { >@@ -2765,7 +2765,7 @@ static bool api_RNetUserEnum(struct smbd_server_connection *sconn, > endp = *rdata + *rdata_len; > > status = rpc_pipe_open_interface( >- talloc_tos(), &ndr_table_samr.syntax_id, >+ talloc_tos(), &ndr_table_samr, > conn->session_info, conn->sconn->remote_address, > conn->sconn->msg_ctx, &samr_pipe); > if (!NT_STATUS_IS_OK(status)) { >@@ -3030,7 +3030,7 @@ static bool api_SetUserPassword(struct smbd_server_connection *sconn, > ZERO_STRUCT(domain_handle); > ZERO_STRUCT(user_handle); > >- status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr.syntax_id, >+ status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -3281,7 +3281,7 @@ static bool api_SamOEMChangePassword(struct smbd_server_connection *sconn, > memcpy(password.data, data, 516); > memcpy(hash.hash, data+516, 16); > >- status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr.syntax_id, >+ status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -3378,7 +3378,7 @@ static bool api_RDosPrintJobDel(struct smbd_server_connection *sconn, > ZERO_STRUCT(handle); > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -3506,7 +3506,7 @@ static bool api_WPrintQueueCtrl(struct smbd_server_connection *sconn, > ZERO_STRUCT(handle); > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -3688,7 +3688,7 @@ static bool api_PrintJobInfo(struct smbd_server_connection *sconn, > ZERO_STRUCT(handle); > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -3865,7 +3865,7 @@ static bool api_RNetServerGetInfo(struct smbd_server_connection *sconn, > p = *rdata; > p2 = p + struct_len; > >- status = rpc_pipe_open_interface(mem_ctx, &ndr_table_srvsvc.syntax_id, >+ status = rpc_pipe_open_interface(mem_ctx, &ndr_table_srvsvc, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -4296,7 +4296,7 @@ static bool api_RNetUserGetInfo(struct smbd_server_connection *sconn, > ZERO_STRUCT(domain_handle); > ZERO_STRUCT(user_handle); > >- status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr.syntax_id, >+ status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -4825,7 +4825,7 @@ static bool api_WPrintJobGetInfo(struct smbd_server_connection *sconn, > ZERO_STRUCT(handle); > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -4967,7 +4967,7 @@ static bool api_WPrintJobEnumerate(struct smbd_server_connection *sconn, > ZERO_STRUCT(handle); > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -5167,7 +5167,7 @@ static bool api_WPrintDestGetInfo(struct smbd_server_connection *sconn, > ZERO_STRUCT(handle); > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -5299,7 +5299,7 @@ static bool api_WPrintDestEnum(struct smbd_server_connection *sconn, > queuecnt = 0; > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >@@ -5610,7 +5610,7 @@ static bool api_RNetSessionEnum(struct smbd_server_connection *sconn, > } > > status = rpc_pipe_open_interface(conn, >- &ndr_table_srvsvc.syntax_id, >+ &ndr_table_srvsvc, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c >index 2ae3ff4..3f59df8 100644 >--- a/source3/smbd/reply.c >+++ b/source3/smbd/reply.c >@@ -5636,7 +5636,7 @@ void reply_printqueue(struct smb_request *req) > ZERO_STRUCT(handle); > > status = rpc_pipe_open_interface(conn, >- &ndr_table_spoolss.syntax_id, >+ &ndr_table_spoolss, > conn->session_info, > conn->sconn->remote_address, > conn->sconn->msg_ctx, >-- >1.8.1.2 > > >From f6d61b571d79ebf1df58513ec728057d00b95f3e Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:03:23 +0200 >Subject: [PATCH 29/67] s3-rpc_cli: pass down ndr_interface_table to > cli_rpc_pipe_open_schannel(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/auth/auth_domain.c | 2 +- > source3/rpc_client/cli_pipe.h | 2 +- > source3/rpc_client/cli_pipe_schannel.c | 4 ++-- > source3/rpcclient/rpcclient.c | 2 +- > source3/utils/net_rpc.c | 2 +- > 5 files changed, 6 insertions(+), 6 deletions(-) > >diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c >index 286c75c..a375f11 100644 >--- a/source3/auth/auth_domain.c >+++ b/source3/auth/auth_domain.c >@@ -115,7 +115,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, > if (lp_client_schannel()) { > /* We also setup the creds chain in the open_schannel call. */ > result = cli_rpc_pipe_open_schannel( >- *cli, &ndr_table_netlogon.syntax_id, NCACN_NP, >+ *cli, &ndr_table_netlogon, NCACN_NP, > DCERPC_AUTH_LEVEL_PRIVACY, domain, &netlogon_pipe); > } else { > result = cli_rpc_pipe_open_noauth( >diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h >index 3415db0..d17322a 100644 >--- a/source3/rpc_client/cli_pipe.h >+++ b/source3/rpc_client/cli_pipe.h >@@ -125,7 +125,7 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, > struct rpc_pipe_client **presult); > > NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > enum dcerpc_transport_t transport, > enum dcerpc_AuthLevel auth_level, > const char *domain, >diff --git a/source3/rpc_client/cli_pipe_schannel.c b/source3/rpc_client/cli_pipe_schannel.c >index c275720..8bc01a5 100644 >--- a/source3/rpc_client/cli_pipe_schannel.c >+++ b/source3/rpc_client/cli_pipe_schannel.c >@@ -169,7 +169,7 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, > ****************************************************************************/ > > NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > enum dcerpc_transport_t transport, > enum dcerpc_AuthLevel auth_level, > const char *domain, >@@ -190,7 +190,7 @@ NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli, > } > > status = cli_rpc_pipe_open_schannel_with_key( >- cli, interface, transport, auth_level, domain, &netlogon_pipe->dc, >+ cli, &table->syntax_id, transport, auth_level, domain, &netlogon_pipe->dc, > &result); > > /* Now we've bound using the session key we can close the netlog pipe. */ >diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c >index d204d7f..6b6478e 100644 >--- a/source3/rpcclient/rpcclient.c >+++ b/source3/rpcclient/rpcclient.c >@@ -734,7 +734,7 @@ static NTSTATUS do_cmd(struct cli_state *cli, > break; > case DCERPC_AUTH_TYPE_SCHANNEL: > ntresult = cli_rpc_pipe_open_schannel( >- cli, &cmd_entry->table->syntax_id, >+ cli, cmd_entry->table, > default_transport, > pipe_default_auth_level, > get_cmdline_auth_info_domain(auth_info), >diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c >index e59a223..1e9d6f0 100644 >--- a/source3/utils/net_rpc.c >+++ b/source3/utils/net_rpc.c >@@ -191,7 +191,7 @@ int run_rpc_command(struct net_context *c, > &ndr_table_netlogon.syntax_id))) { > /* Always try and create an schannel netlogon pipe. */ > nt_status = cli_rpc_pipe_open_schannel( >- cli, &table->syntax_id, NCACN_NP, >+ cli, table, NCACN_NP, > DCERPC_AUTH_LEVEL_PRIVACY, domain_name, > &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { >-- >1.8.1.2 > > >From 7f169474fc86479abe09a5716b8029c6febcfaa9 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:08:33 +0200 >Subject: [PATCH 30/67] s3-rpc_cli: pass down ndr_interface_table to > cli_rpc_pipe_open_ntlmssp_auth_schannel(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.h | 2 +- > source3/rpc_client/cli_pipe_schannel.c | 4 ++-- > 2 files changed, 3 insertions(+), 3 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h >index d17322a..7026692 100644 >--- a/source3/rpc_client/cli_pipe.h >+++ b/source3/rpc_client/cli_pipe.h >@@ -116,7 +116,7 @@ NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, > struct rpc_pipe_client **presult); > > NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > enum dcerpc_transport_t transport, > enum dcerpc_AuthLevel auth_level, > const char *domain, >diff --git a/source3/rpc_client/cli_pipe_schannel.c b/source3/rpc_client/cli_pipe_schannel.c >index 8bc01a5..261a768 100644 >--- a/source3/rpc_client/cli_pipe_schannel.c >+++ b/source3/rpc_client/cli_pipe_schannel.c >@@ -128,7 +128,7 @@ static NTSTATUS get_schannel_session_key_auth_ntlmssp(struct cli_state *cli, > ****************************************************************************/ > > NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > enum dcerpc_transport_t transport, > enum dcerpc_AuthLevel auth_level, > const char *domain, >@@ -151,7 +151,7 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, > } > > status = cli_rpc_pipe_open_schannel_with_key( >- cli, interface, transport, auth_level, domain, &netlogon_pipe->dc, >+ cli, &table->syntax_id, transport, auth_level, domain, &netlogon_pipe->dc, > &result); > > /* Now we've bound using the session key we can close the netlog pipe. */ >-- >1.8.1.2 > > >From 3dc3a6c8483a8de22b483ecf164c81232d4a8d65 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:17:24 +0200 >Subject: [PATCH 31/67] s3-rpc_cli: pass down ndr_interface_table to > cli_rpc_pipe_open_schannel_with_key(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/libnet/libnet_join.c | 2 +- > source3/rpc_client/cli_pipe.c | 6 +++--- > source3/rpc_client/cli_pipe.h | 2 +- > source3/rpc_client/cli_pipe_schannel.c | 4 ++-- > source3/utils/net_rpc_join.c | 4 ++-- > source3/winbindd/winbindd_cm.c | 8 ++++---- > 6 files changed, 13 insertions(+), 13 deletions(-) > >diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c >index dfe7283..c77149a 100644 >--- a/source3/libnet/libnet_join.c >+++ b/source3/libnet/libnet_join.c >@@ -1264,7 +1264,7 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name, > } > > status = cli_rpc_pipe_open_schannel_with_key( >- cli, &ndr_table_netlogon.syntax_id, NCACN_NP, >+ cli, &ndr_table_netlogon, NCACN_NP, > DCERPC_AUTH_LEVEL_PRIVACY, > netbios_domain_name, &netlogon_pipe->dc, &pipe_hnd); > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index 5a55fd5..8ff4a86 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2994,7 +2994,7 @@ NTSTATUS cli_rpc_pipe_open_generic_auth(struct cli_state *cli, > ****************************************************************************/ > > NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > enum dcerpc_transport_t transport, > enum dcerpc_AuthLevel auth_level, > const char *domain, >@@ -3005,7 +3005,7 @@ NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, > struct pipe_auth_data *auth; > NTSTATUS status; > >- status = cli_rpc_pipe_open(cli, transport, interface, &result); >+ status = cli_rpc_pipe_open(cli, transport, &table->syntax_id, &result); > if (!NT_STATUS_IS_OK(status)) { > return status; > } >@@ -3042,7 +3042,7 @@ NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, > > DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s " > "for domain %s and bound using schannel.\n", >- get_pipe_name_from_syntax(talloc_tos(), interface), >+ get_pipe_name_from_syntax(talloc_tos(), &table->syntax_id), > result->desthost, domain)); > > *presult = result; >diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h >index 7026692..65bfbc8 100644 >--- a/source3/rpc_client/cli_pipe.h >+++ b/source3/rpc_client/cli_pipe.h >@@ -108,7 +108,7 @@ NTSTATUS cli_rpc_pipe_open_spnego(struct cli_state *cli, > struct rpc_pipe_client **presult); > > NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > enum dcerpc_transport_t transport, > enum dcerpc_AuthLevel auth_level, > const char *domain, >diff --git a/source3/rpc_client/cli_pipe_schannel.c b/source3/rpc_client/cli_pipe_schannel.c >index 261a768..784e63f 100644 >--- a/source3/rpc_client/cli_pipe_schannel.c >+++ b/source3/rpc_client/cli_pipe_schannel.c >@@ -151,7 +151,7 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, > } > > status = cli_rpc_pipe_open_schannel_with_key( >- cli, &table->syntax_id, transport, auth_level, domain, &netlogon_pipe->dc, >+ cli, table, transport, auth_level, domain, &netlogon_pipe->dc, > &result); > > /* Now we've bound using the session key we can close the netlog pipe. */ >@@ -190,7 +190,7 @@ NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli, > } > > status = cli_rpc_pipe_open_schannel_with_key( >- cli, &table->syntax_id, transport, auth_level, domain, &netlogon_pipe->dc, >+ cli, table, transport, auth_level, domain, &netlogon_pipe->dc, > &result); > > /* Now we've bound using the session key we can close the netlog pipe. */ >diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c >index 7167cf9..c536676 100644 >--- a/source3/utils/net_rpc_join.c >+++ b/source3/utils/net_rpc_join.c >@@ -137,7 +137,7 @@ NTSTATUS net_rpc_join_ok(struct net_context *c, const char *domain, > } > > ntret = cli_rpc_pipe_open_schannel_with_key( >- cli, &ndr_table_netlogon.syntax_id, NCACN_NP, >+ cli, &ndr_table_netlogon, NCACN_NP, > DCERPC_AUTH_LEVEL_PRIVACY, > domain, &netlogon_pipe->dc, &pipe_hnd); > >@@ -488,7 +488,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) > struct rpc_pipe_client *netlogon_schannel_pipe; > > status = cli_rpc_pipe_open_schannel_with_key( >- cli, &ndr_table_netlogon.syntax_id, NCACN_NP, >+ cli, &ndr_table_netlogon, NCACN_NP, > DCERPC_AUTH_LEVEL_PRIVACY, domain, &pipe_hnd->dc, > &netlogon_schannel_pipe); > >diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c >index 50728a5..dfcf3f4 100644 >--- a/source3/winbindd/winbindd_cm.c >+++ b/source3/winbindd/winbindd_cm.c >@@ -2343,7 +2343,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, > goto anonymous; > } > status = cli_rpc_pipe_open_schannel_with_key >- (conn->cli, &ndr_table_samr.syntax_id, NCACN_NP, >+ (conn->cli, &ndr_table_samr, NCACN_NP, > DCERPC_AUTH_LEVEL_PRIVACY, > domain->name, &p_creds, &conn->samr_pipe); > >@@ -2475,7 +2475,7 @@ NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain, > } > > status = cli_rpc_pipe_open_schannel_with_key(conn->cli, >- &ndr_table_lsarpc.syntax_id, >+ &ndr_table_lsarpc, > NCACN_IP_TCP, > DCERPC_AUTH_LEVEL_PRIVACY, > domain->name, >@@ -2574,7 +2574,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, > goto anonymous; > } > result = cli_rpc_pipe_open_schannel_with_key >- (conn->cli, &ndr_table_lsarpc.syntax_id, NCACN_NP, >+ (conn->cli, &ndr_table_lsarpc, NCACN_NP, > DCERPC_AUTH_LEVEL_PRIVACY, > domain->name, &p_creds, &conn->lsa_pipe); > >@@ -2754,7 +2754,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, > */ > > result = cli_rpc_pipe_open_schannel_with_key( >- conn->cli, &ndr_table_netlogon.syntax_id, NCACN_NP, >+ conn->cli, &ndr_table_netlogon, NCACN_NP, > DCERPC_AUTH_LEVEL_PRIVACY, domain->name, &netlogon_pipe->dc, > &conn->netlogon_pipe); > >-- >1.8.1.2 > > >From 9813fe2b04a5b4abaa95ea1d893b3803edbede4d Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:29:28 +0200 >Subject: [PATCH 32/67] s3-rpc_cli: pass down ndr_interface_table to > cli_rpc_pipe_open_noauth(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/auth/auth_domain.c | 2 +- > source3/client/client.c | 2 +- > source3/lib/netapi/cm.c | 2 +- > source3/libnet/libnet_join.c | 8 ++++---- > source3/libsmb/libsmb_dir.c | 2 +- > source3/libsmb/libsmb_server.c | 2 +- > source3/libsmb/passchange.c | 4 ++-- > source3/libsmb/trustdom_cache.c | 2 +- > source3/libsmb/trusts_util.c | 2 +- > source3/rpc_client/cli_pipe.c | 4 ++-- > source3/rpc_client/cli_pipe.h | 2 +- > source3/rpc_client/cli_pipe_schannel.c | 2 +- > source3/rpc_server/spoolss/srv_spoolss_nt.c | 2 +- > source3/rpcclient/cmd_spoolss.c | 2 +- > source3/rpcclient/cmd_test.c | 4 ++-- > source3/rpcclient/rpcclient.c | 2 +- > source3/torture/test_async_echo.c | 2 +- > source3/utils/net_ads.c | 2 +- > source3/utils/net_rpc.c | 20 ++++++++++---------- > source3/utils/net_rpc_join.c | 6 +++--- > source3/utils/net_rpc_shell.c | 2 +- > source3/utils/net_rpc_trust.c | 2 +- > source3/utils/net_util.c | 8 ++++---- > source3/utils/netlookup.c | 2 +- > source3/utils/smbcacls.c | 7 +++---- > source3/utils/smbcquotas.c | 2 +- > source3/utils/smbtree.c | 2 +- > source3/winbindd/winbindd_cm.c | 10 +++++----- > 28 files changed, 54 insertions(+), 55 deletions(-) > >diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c >index a375f11..54ee5a1 100644 >--- a/source3/auth/auth_domain.c >+++ b/source3/auth/auth_domain.c >@@ -119,7 +119,7 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, > DCERPC_AUTH_LEVEL_PRIVACY, domain, &netlogon_pipe); > } else { > result = cli_rpc_pipe_open_noauth( >- *cli, &ndr_table_netlogon.syntax_id, &netlogon_pipe); >+ *cli, &ndr_table_netlogon, &netlogon_pipe); > } > > if (!NT_STATUS_IS_OK(result)) { >diff --git a/source3/client/client.c b/source3/client/client.c >index d03d1a4..1f63052 100644 >--- a/source3/client/client.c >+++ b/source3/client/client.c >@@ -4218,7 +4218,7 @@ static bool browse_host_rpc(bool sort) > int i; > struct dcerpc_binding_handle *b; > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_srvsvc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_srvsvc, > &pipe_hnd); > > if (!NT_STATUS_IS_OK(status)) { >diff --git a/source3/lib/netapi/cm.c b/source3/lib/netapi/cm.c >index c158792..cbc93d9 100644 >--- a/source3/lib/netapi/cm.c >+++ b/source3/lib/netapi/cm.c >@@ -202,7 +202,7 @@ static NTSTATUS pipe_cm_connect(TALLOC_CTX *mem_ctx, > return NT_STATUS_NO_MEMORY; > } > >- status = cli_rpc_pipe_open_noauth(ipc->cli, &table->syntax_id, &p->pipe); >+ status = cli_rpc_pipe_open_noauth(ipc->cli, table, &p->pipe); > if (!NT_STATUS_IS_OK(status)) { > TALLOC_FREE(p); > return status; >diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c >index c77149a..348fb94 100644 >--- a/source3/libnet/libnet_join.c >+++ b/source3/libnet/libnet_join.c >@@ -734,7 +734,7 @@ static NTSTATUS libnet_join_lookup_dc_rpc(TALLOC_CTX *mem_ctx, > goto done; > } > >- status = cli_rpc_pipe_open_noauth(*cli, &ndr_table_lsarpc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(*cli, &ndr_table_lsarpc, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0,("Error connecting to LSA pipe. Error was %s\n", >@@ -804,7 +804,7 @@ static NTSTATUS libnet_join_joindomain_rpc_unsecure(TALLOC_CTX *mem_ctx, > fstring trust_passwd; > NTSTATUS status; > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > return status; >@@ -893,7 +893,7 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, > > /* Open the domain */ > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0,("Error connecting to SAM pipe. Error was %s\n", >@@ -1354,7 +1354,7 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx, > > /* Open the domain */ > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0,("Error connecting to SAM pipe. Error was %s\n", >diff --git a/source3/libsmb/libsmb_dir.c b/source3/libsmb/libsmb_dir.c >index 87e10d8..3a07f11 100644 >--- a/source3/libsmb/libsmb_dir.c >+++ b/source3/libsmb/libsmb_dir.c >@@ -277,7 +277,7 @@ net_share_enum_rpc(struct cli_state *cli, > struct dcerpc_binding_handle *b; > > /* Open the server service pipe */ >- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_srvsvc.syntax_id, >+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_srvsvc, > &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { > DEBUG(1, ("net_share_enum_rpc pipe open fail!\n")); >diff --git a/source3/libsmb/libsmb_server.c b/source3/libsmb/libsmb_server.c >index fc3977e..5c665bf 100644 >--- a/source3/libsmb/libsmb_server.c >+++ b/source3/libsmb/libsmb_server.c >@@ -792,7 +792,7 @@ SMBC_attr_server(TALLOC_CTX *ctx, > ipc_srv->cli = ipc_cli; > > nt_status = cli_rpc_pipe_open_noauth( >- ipc_srv->cli, &ndr_table_lsarpc.syntax_id, &pipe_hnd); >+ ipc_srv->cli, &ndr_table_lsarpc, &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { > DEBUG(1, ("cli_nt_session_open fail!\n")); > errno = ENOTSUP; >diff --git a/source3/libsmb/passchange.c b/source3/libsmb/passchange.c >index 3933833..9736ada 100644 >--- a/source3/libsmb/passchange.c >+++ b/source3/libsmb/passchange.c >@@ -169,7 +169,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam > * way. > */ > result = cli_rpc_pipe_open_noauth( >- cli, &ndr_table_samr.syntax_id, &pipe_hnd); >+ cli, &ndr_table_samr, &pipe_hnd); > } > > if (!NT_STATUS_IS_OK(result)) { >@@ -230,7 +230,7 @@ NTSTATUS remote_password_change(const char *remote_machine, const char *user_nam > result = NT_STATUS_UNSUCCESSFUL; > > /* OK, this is ugly, but... try an anonymous pipe. */ >- result = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr.syntax_id, >+ result = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr, > &pipe_hnd); > > if ( NT_STATUS_IS_OK(result) && >diff --git a/source3/libsmb/trustdom_cache.c b/source3/libsmb/trustdom_cache.c >index 8789d30..dadc751 100644 >--- a/source3/libsmb/trustdom_cache.c >+++ b/source3/libsmb/trustdom_cache.c >@@ -289,7 +289,7 @@ static bool enumerate_domain_trusts( TALLOC_CTX *mem_ctx, const char *domain, > > /* open the LSARPC_PIPE */ > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &lsa_pipe); > if (!NT_STATUS_IS_OK(status)) { > goto done; >diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c >index 0d039bc..6156ba0 100644 >--- a/source3/libsmb/trusts_util.c >+++ b/source3/libsmb/trusts_util.c >@@ -182,7 +182,7 @@ NTSTATUS change_trust_account_password( const char *domain, const char *remote_m > /* Shouldn't we open this with schannel ? JRA. */ > > nt_status = cli_rpc_pipe_open_noauth( >- cli, &ndr_table_netlogon.syntax_id, &netlogon_pipe); >+ cli, &ndr_table_netlogon, &netlogon_pipe); > if (!NT_STATUS_IS_OK(nt_status)) { > DEBUG(0,("modify_trust_password: unable to open the domain client session to machine %s. Error was : %s.\n", > dc_name, nt_errstr(nt_status))); >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index 8ff4a86..a8fbaa2 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2920,11 +2920,11 @@ NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli, > ****************************************************************************/ > > NTSTATUS cli_rpc_pipe_open_noauth(struct cli_state *cli, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > return cli_rpc_pipe_open_noauth_transport(cli, NCACN_NP, >- interface, presult); >+ &table->syntax_id, presult); > } > > /**************************************************************************** >diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h >index 65bfbc8..9aae61a 100644 >--- a/source3/rpc_client/cli_pipe.h >+++ b/source3/rpc_client/cli_pipe.h >@@ -77,7 +77,7 @@ NTSTATUS rpc_pipe_open_ncalrpc(TALLOC_CTX *mem_ctx, const char *socket_path, > struct dcerpc_binding_handle *rpccli_bh_create(struct rpc_pipe_client *c); > > NTSTATUS cli_rpc_pipe_open_noauth(struct cli_state *cli, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult); > > NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli, >diff --git a/source3/rpc_client/cli_pipe_schannel.c b/source3/rpc_client/cli_pipe_schannel.c >index 784e63f..bc672ef 100644 >--- a/source3/rpc_client/cli_pipe_schannel.c >+++ b/source3/rpc_client/cli_pipe_schannel.c >@@ -217,7 +217,7 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli, > struct rpc_pipe_client *netlogon_pipe = NULL; > NTSTATUS status; > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon, > &netlogon_pipe); > if (!NT_STATUS_IS_OK(status)) { > return status; >diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c >index 03c966b..a094b49 100644 >--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c >+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c >@@ -2493,7 +2493,7 @@ static bool spoolss_connect_to_client(struct rpc_pipe_client **pp_pipe, > * Now start the NT Domain stuff :-). > */ > >- ret = cli_rpc_pipe_open_noauth(the_cli, &ndr_table_spoolss.syntax_id, pp_pipe); >+ ret = cli_rpc_pipe_open_noauth(the_cli, &ndr_table_spoolss, pp_pipe); > if (!NT_STATUS_IS_OK(ret)) { > DEBUG(2,("spoolss_connect_to_client: unable to open the spoolss pipe on machine %s. Error was : %s.\n", > remote_machine, nt_errstr(ret))); >diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c >index 5c499d4..fb011f8 100644 >--- a/source3/rpcclient/cmd_spoolss.c >+++ b/source3/rpcclient/cmd_spoolss.c >@@ -3453,7 +3453,7 @@ static WERROR cmd_spoolss_printercmp(struct rpc_pipe_client *cli, > if ( !NT_STATUS_IS_OK(nt_status) ) > return WERR_GENERAL_FAILURE; > >- nt_status = cli_rpc_pipe_open_noauth(cli_server2, &ndr_table_spoolss.syntax_id, >+ nt_status = cli_rpc_pipe_open_noauth(cli_server2, &ndr_table_spoolss, > &cli2); > if (!NT_STATUS_IS_OK(nt_status)) { > printf("failed to open spoolss pipe on server %s (%s)\n", >diff --git a/source3/rpcclient/cmd_test.c b/source3/rpcclient/cmd_test.c >index 591ae8c..367dc71 100644 >--- a/source3/rpcclient/cmd_test.c >+++ b/source3/rpcclient/cmd_test.c >@@ -36,14 +36,14 @@ static NTSTATUS cmd_testme(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, > d_printf("testme\n"); > > status = cli_rpc_pipe_open_noauth(rpc_pipe_np_smb_conn(cli), >- &ndr_table_lsarpc.syntax_id, >+ &ndr_table_lsarpc, > &lsa_pipe); > if (!NT_STATUS_IS_OK(status)) { > goto done; > } > > status = cli_rpc_pipe_open_noauth(rpc_pipe_np_smb_conn(cli), >- &ndr_table_samr.syntax_id, >+ &ndr_table_samr, > &samr_pipe); > if (!NT_STATUS_IS_OK(status)) { > goto done; >diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c >index 6b6478e..e3b35bb 100644 >--- a/source3/rpcclient/rpcclient.c >+++ b/source3/rpcclient/rpcclient.c >@@ -167,7 +167,7 @@ static void fetch_machine_sid(struct cli_state *cli) > goto error; > } > >- result = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ result = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &lsapipe); > if (!NT_STATUS_IS_OK(result)) { > fprintf(stderr, "could not initialise lsa pipe. Error was %s\n", nt_errstr(result) ); >diff --git a/source3/torture/test_async_echo.c b/source3/torture/test_async_echo.c >index 6df95dd..f21daa4 100644 >--- a/source3/torture/test_async_echo.c >+++ b/source3/torture/test_async_echo.c >@@ -82,7 +82,7 @@ bool run_async_echo(int dummy) > printf("torture_open_connection failed\n"); > goto fail; > } >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_rpcecho.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_rpcecho, > &p); > if (!NT_STATUS_IS_OK(status)) { > printf("Could not open echo pipe: %s\n", nt_errstr(status)); >diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c >index 5699943..89eebf3 100644 >--- a/source3/utils/net_ads.c >+++ b/source3/utils/net_ads.c >@@ -1957,7 +1957,7 @@ static int net_ads_printer_publish(struct net_context *c, int argc, const char * > SAFE_FREE(srv_cn_escaped); > SAFE_FREE(printername_escaped); > >- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_spoolss.syntax_id, &pipe_hnd); >+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_spoolss, &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { > d_fprintf(stderr, _("Unable to open a connection to the spoolss pipe on %s\n"), > servername); >diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c >index 1e9d6f0..488167c 100644 >--- a/source3/utils/net_rpc.c >+++ b/source3/utils/net_rpc.c >@@ -82,7 +82,7 @@ NTSTATUS net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx, > union lsa_PolicyInformation *info = NULL; > struct dcerpc_binding_handle *b; > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &lsa_pipe); > if (!NT_STATUS_IS_OK(status)) { > d_fprintf(stderr, _("Could not initialise lsa pipe\n")); >@@ -212,7 +212,7 @@ int run_rpc_command(struct net_context *c, > c->opt_password, &pipe_hnd); > } else { > nt_status = cli_rpc_pipe_open_noauth( >- cli, &table->syntax_id, >+ cli, table, > &pipe_hnd); > } > if (!NT_STATUS_IS_OK(nt_status)) { >@@ -348,7 +348,7 @@ static NTSTATUS rpc_oldjoin_internals(struct net_context *c, > NTSTATUS result; > enum netr_SchannelType sec_channel_type; > >- result = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon.syntax_id, >+ result = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon, > &pipe_hnd); > if (!NT_STATUS_IS_OK(result)) { > DEBUG(0,("rpc_oldjoin_internals: netlogon pipe open to machine %s failed. " >@@ -1958,7 +1958,7 @@ static NTSTATUS get_sid_from_name(struct cli_state *cli, > NTSTATUS status, result; > struct dcerpc_binding_handle *b; > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > goto done; >@@ -2951,7 +2951,7 @@ static NTSTATUS rpc_list_alias_members(struct net_context *c, > } > > result = cli_rpc_pipe_open_noauth(rpc_pipe_np_smb_conn(pipe_hnd), >- &ndr_table_lsarpc.syntax_id, >+ &ndr_table_lsarpc, > &lsa_pipe); > if (!NT_STATUS_IS_OK(result)) { > d_fprintf(stderr, _("Couldn't open LSA pipe. Error was %s\n"), >@@ -6188,7 +6188,7 @@ static NTSTATUS rpc_trustdom_get_pdc(struct net_context *c, > > /* Try netr_GetDcName */ > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon, > &netr); > if (!NT_STATUS_IS_OK(status)) { > return status; >@@ -6335,7 +6335,7 @@ static int rpc_trustdom_establish(struct net_context *c, int argc, > * Call LsaOpenPolicy and LsaQueryInfo > */ > >- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { > DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", nt_errstr(nt_status) )); >@@ -6612,7 +6612,7 @@ static int rpc_trustdom_vampire(struct net_context *c, int argc, > return -1; > }; > >- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { > DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", >@@ -6790,7 +6790,7 @@ static int rpc_trustdom_list(struct net_context *c, int argc, const char **argv) > return -1; > }; > >- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { > DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", >@@ -6906,7 +6906,7 @@ static int rpc_trustdom_list(struct net_context *c, int argc, const char **argv) > /* > * Open \PIPE\samr and get needed policy handles > */ >- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr.syntax_id, >+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr, > &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { > DEBUG(0, ("Could not initialise samr pipe. Error was %s\n", nt_errstr(nt_status))); >diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c >index c536676..a6ef11b 100644 >--- a/source3/utils/net_rpc_join.c >+++ b/source3/utils/net_rpc_join.c >@@ -245,7 +245,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) > > /* Fetch domain sid */ > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0, ("Error connecting to LSA pipe. Error was %s\n", >@@ -280,7 +280,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) > } > > /* Create domain user */ >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0, ("Error connecting to SAM pipe. Error was %s\n", >@@ -447,7 +447,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) > > /* Now check the whole process from top-to-bottom */ > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0,("Error connecting to NETLOGON pipe. Error was %s\n", >diff --git a/source3/utils/net_rpc_shell.c b/source3/utils/net_rpc_shell.c >index 6086066..120cfa6 100644 >--- a/source3/utils/net_rpc_shell.c >+++ b/source3/utils/net_rpc_shell.c >@@ -85,7 +85,7 @@ static NTSTATUS net_sh_run(struct net_context *c, > return NT_STATUS_NO_MEMORY; > } > >- status = cli_rpc_pipe_open_noauth(ctx->cli, &cmd->table->syntax_id, >+ status = cli_rpc_pipe_open_noauth(ctx->cli, cmd->table, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > d_fprintf(stderr, _("Could not open pipe: %s\n"), >diff --git a/source3/utils/net_rpc_trust.c b/source3/utils/net_rpc_trust.c >index 9060700..5e58103 100644 >--- a/source3/utils/net_rpc_trust.c >+++ b/source3/utils/net_rpc_trust.c >@@ -210,7 +210,7 @@ static NTSTATUS connect_and_get_info(TALLOC_CTX *mem_ctx, > return status; > } > >- status = cli_rpc_pipe_open_noauth(*cli, &ndr_table_lsarpc.syntax_id, pipe_hnd); >+ status = cli_rpc_pipe_open_noauth(*cli, &ndr_table_lsarpc, pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0, ("Failed to initialise lsa pipe with error [%s]\n", > nt_errstr(status))); >diff --git a/source3/utils/net_util.c b/source3/utils/net_util.c >index a4282ec..13a0ef1 100644 >--- a/source3/utils/net_util.c >+++ b/source3/utils/net_util.c >@@ -45,7 +45,7 @@ NTSTATUS net_rpc_lookup_name(struct net_context *c, > > ZERO_STRUCT(pol); > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &lsa_pipe); > if (!NT_STATUS_IS_OK(status)) { > d_fprintf(stderr, _("Could not initialise lsa pipe\n")); >@@ -256,7 +256,7 @@ NTSTATUS connect_dst_pipe(struct net_context *c, struct cli_state **cli_dst, > return nt_status; > } > >- nt_status = cli_rpc_pipe_open_noauth(cli_tmp, &table->syntax_id, >+ nt_status = cli_rpc_pipe_open_noauth(cli_tmp, table, > &pipe_hnd); > if (!NT_STATUS_IS_OK(nt_status)) { > DEBUG(0, ("couldn't not initialize pipe\n")); >@@ -571,7 +571,7 @@ static NTSTATUS net_scan_dc_noad(struct net_context *c, > ZERO_STRUCTP(dc_info); > ZERO_STRUCT(pol); > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &pipe_hnd); > if (!NT_STATUS_IS_OK(status)) { > return status; >@@ -634,7 +634,7 @@ NTSTATUS net_scan_dc(struct net_context *c, > > ZERO_STRUCTP(dc_info); > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_dssetup.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_dssetup, > &dssetup_pipe); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(10,("net_scan_dc: failed to open dssetup pipe with %s, " >diff --git a/source3/utils/netlookup.c b/source3/utils/netlookup.c >index b66c34e..56d3bfe 100644 >--- a/source3/utils/netlookup.c >+++ b/source3/utils/netlookup.c >@@ -122,7 +122,7 @@ static struct con_struct *create_cs(struct net_context *c, > } > > nt_status = cli_rpc_pipe_open_noauth(cs->cli, >- &ndr_table_lsarpc.syntax_id, >+ &ndr_table_lsarpc, > &cs->lsapipe); > > if (!NT_STATUS_IS_OK(nt_status)) { >diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c >index 39400c8..d3d60bc 100644 >--- a/source3/utils/smbcacls.c >+++ b/source3/utils/smbcacls.c >@@ -96,7 +96,7 @@ static NTSTATUS cli_lsa_lookup_sid(struct cli_state *cli, > goto tcon_fail; > } > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &p); > if (!NT_STATUS_IS_OK(status)) { > goto fail; >@@ -146,7 +146,7 @@ static NTSTATUS cli_lsa_lookup_name(struct cli_state *cli, > goto tcon_fail; > } > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, > &p); > if (!NT_STATUS_IS_OK(status)) { > goto fail; >@@ -187,14 +187,13 @@ static NTSTATUS cli_lsa_lookup_domain_sid(struct cli_state *cli, > struct policy_handle handle; > NTSTATUS status, result; > TALLOC_CTX *frame = talloc_stackframe(); >- const struct ndr_syntax_id *lsarpc_syntax = &ndr_table_lsarpc.syntax_id; > > status = cli_tree_connect(cli, "IPC$", "?????", "", 0); > if (!NT_STATUS_IS_OK(status)) { > goto done; > } > >- status = cli_rpc_pipe_open_noauth(cli, lsarpc_syntax, &rpc_pipe); >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, &rpc_pipe); > if (!NT_STATUS_IS_OK(status)) { > goto tdis; > } >diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c >index bf1f95c..2791b93 100644 >--- a/source3/utils/smbcquotas.c >+++ b/source3/utils/smbcquotas.c >@@ -58,7 +58,7 @@ static bool cli_open_policy_hnd(void) > NTSTATUS ret; > cli_ipc = connect_one("IPC$"); > ret = cli_rpc_pipe_open_noauth(cli_ipc, >- &ndr_table_lsarpc.syntax_id, >+ &ndr_table_lsarpc, > &global_pipe_hnd); > if (!NT_STATUS_IS_OK(ret)) { > return False; >diff --git a/source3/utils/smbtree.c b/source3/utils/smbtree.c >index 40b1f09..5c07b12 100644 >--- a/source3/utils/smbtree.c >+++ b/source3/utils/smbtree.c >@@ -177,7 +177,7 @@ static bool get_rpc_shares(struct cli_state *cli, > return False; > } > >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_srvsvc.syntax_id, >+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_srvsvc, > &pipe_hnd); > > if (!NT_STATUS_IS_OK(status)) { >diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c >index dfcf3f4..6c3f6ea 100644 >--- a/source3/winbindd/winbindd_cm.c >+++ b/source3/winbindd/winbindd_cm.c >@@ -2006,7 +2006,7 @@ static void set_dc_type_and_flags_connect( struct winbindd_domain *domain ) > DEBUG(5, ("set_dc_type_and_flags_connect: domain %s\n", domain->name )); > > status = cli_rpc_pipe_open_noauth(domain->conn.cli, >- &ndr_table_dssetup.syntax_id, >+ &ndr_table_dssetup, > &cli); > > if (!NT_STATUS_IS_OK(status)) { >@@ -2057,7 +2057,7 @@ static void set_dc_type_and_flags_connect( struct winbindd_domain *domain ) > > no_dssetup: > status = cli_rpc_pipe_open_noauth(domain->conn.cli, >- &ndr_table_lsarpc.syntax_id, &cli); >+ &ndr_table_lsarpc, &cli); > > if (!NT_STATUS_IS_OK(status)) { > DEBUG(5, ("set_dc_type_and_flags_connect: Could not bind to " >@@ -2375,7 +2375,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, > anonymous: > > /* Finally fall back to anonymous. */ >- status = cli_rpc_pipe_open_noauth(conn->cli, &ndr_table_samr.syntax_id, >+ status = cli_rpc_pipe_open_noauth(conn->cli, &ndr_table_samr, > &conn->samr_pipe); > > if (!NT_STATUS_IS_OK(status)) { >@@ -2602,7 +2602,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, > anonymous: > > result = cli_rpc_pipe_open_noauth(conn->cli, >- &ndr_table_lsarpc.syntax_id, >+ &ndr_table_lsarpc, > &conn->lsa_pipe); > if (!NT_STATUS_IS_OK(result)) { > result = NT_STATUS_PIPE_NOT_AVAILABLE; >@@ -2688,7 +2688,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, > TALLOC_FREE(conn->netlogon_pipe); > > result = cli_rpc_pipe_open_noauth(conn->cli, >- &ndr_table_netlogon.syntax_id, >+ &ndr_table_netlogon, > &netlogon_pipe); > if (!NT_STATUS_IS_OK(result)) { > return result; >-- >1.8.1.2 > > >From 9aa99c3cfb0ff7a290dd4df472a4ff30d0efcb76 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:33:03 +0200 >Subject: [PATCH 33/67] s3-rpc_cli: pass down ndr_interface_table to > cli_rpc_pipe_open_noauth_transport(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 13 +++++++------ > source3/rpc_client/cli_pipe.h | 2 +- > source3/rpcclient/rpcclient.c | 2 +- > 3 files changed, 9 insertions(+), 8 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index a8fbaa2..02d2a16 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2837,14 +2837,14 @@ static NTSTATUS cli_rpc_pipe_open(struct cli_state *cli, > > NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli, > enum dcerpc_transport_t transport, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > struct rpc_pipe_client *result; > struct pipe_auth_data *auth; > NTSTATUS status; > >- status = cli_rpc_pipe_open(cli, transport, interface, &result); >+ status = cli_rpc_pipe_open(cli, transport, &table->syntax_id, &result); > if (!NT_STATUS_IS_OK(status)) { > return status; > } >@@ -2893,7 +2893,7 @@ NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli, > status = rpc_pipe_bind(result, auth); > if (!NT_STATUS_IS_OK(status)) { > int lvl = 0; >- if (ndr_syntax_id_equal(interface, >+ if (ndr_syntax_id_equal(&table->syntax_id, > &ndr_table_dssetup.syntax_id)) { > /* non AD domains just don't have this pipe, avoid > * level 0 statement in that case - gd */ >@@ -2901,7 +2901,8 @@ NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli, > } > DEBUG(lvl, ("cli_rpc_pipe_open_noauth: rpc_pipe_bind for pipe " > "%s failed with error %s\n", >- get_pipe_name_from_syntax(talloc_tos(), interface), >+ get_pipe_name_from_syntax(talloc_tos(), >+ &table->syntax_id), > nt_errstr(status) )); > TALLOC_FREE(result); > return status; >@@ -2909,7 +2910,7 @@ NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli, > > DEBUG(10,("cli_rpc_pipe_open_noauth: opened pipe %s to machine " > "%s and bound anonymously.\n", >- get_pipe_name_from_syntax(talloc_tos(), interface), >+ get_pipe_name_from_syntax(talloc_tos(), &table->syntax_id), > result->desthost)); > > *presult = result; >@@ -2924,7 +2925,7 @@ NTSTATUS cli_rpc_pipe_open_noauth(struct cli_state *cli, > struct rpc_pipe_client **presult) > { > return cli_rpc_pipe_open_noauth_transport(cli, NCACN_NP, >- &table->syntax_id, presult); >+ table, presult); > } > > /**************************************************************************** >diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h >index 9aae61a..f37f8a9 100644 >--- a/source3/rpc_client/cli_pipe.h >+++ b/source3/rpc_client/cli_pipe.h >@@ -82,7 +82,7 @@ NTSTATUS cli_rpc_pipe_open_noauth(struct cli_state *cli, > > NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli, > enum dcerpc_transport_t transport, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult); > > NTSTATUS cli_rpc_pipe_open_generic_auth(struct cli_state *cli, >diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c >index e3b35bb..c23ff2d 100644 >--- a/source3/rpcclient/rpcclient.c >+++ b/source3/rpcclient/rpcclient.c >@@ -690,7 +690,7 @@ static NTSTATUS do_cmd(struct cli_state *cli, > case DCERPC_AUTH_TYPE_NONE: > ntresult = cli_rpc_pipe_open_noauth_transport( > cli, default_transport, >- &cmd_entry->table->syntax_id, >+ cmd_entry->table, > &cmd_entry->rpc_pipe); > break; > case DCERPC_AUTH_TYPE_SPNEGO: >-- >1.8.1.2 > > >From 34cc4b409558f229fba24f59e81ef9100a851d24 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:38:01 +0200 >Subject: [PATCH 34/67] s3-rpc_cli: pass down ndr_interface_table to > cli_rpc_pipe_open(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 14 +++++++------- > 1 file changed, 7 insertions(+), 7 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index 02d2a16..c5fdd9b 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2815,7 +2815,7 @@ static NTSTATUS rpc_pipe_open_np(struct cli_state *cli, > > static NTSTATUS cli_rpc_pipe_open(struct cli_state *cli, > enum dcerpc_transport_t transport, >- const struct ndr_syntax_id *interface, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > switch (transport) { >@@ -2823,9 +2823,9 @@ static NTSTATUS cli_rpc_pipe_open(struct cli_state *cli, > return rpc_pipe_open_tcp(NULL, > smbXcli_conn_remote_name(cli->conn), > smbXcli_conn_remote_sockaddr(cli->conn), >- interface, presult); >+ &table->syntax_id, presult); > case NCACN_NP: >- return rpc_pipe_open_np(cli, interface, presult); >+ return rpc_pipe_open_np(cli, &table->syntax_id, presult); > default: > return NT_STATUS_NOT_IMPLEMENTED; > } >@@ -2844,7 +2844,7 @@ NTSTATUS cli_rpc_pipe_open_noauth_transport(struct cli_state *cli, > struct pipe_auth_data *auth; > NTSTATUS status; > >- status = cli_rpc_pipe_open(cli, transport, &table->syntax_id, &result); >+ status = cli_rpc_pipe_open(cli, transport, table, &result); > if (!NT_STATUS_IS_OK(status)) { > return status; > } >@@ -2949,7 +2949,7 @@ NTSTATUS cli_rpc_pipe_open_generic_auth(struct cli_state *cli, > > NTSTATUS status; > >- status = cli_rpc_pipe_open(cli, transport, &table->syntax_id, &result); >+ status = cli_rpc_pipe_open(cli, transport, table, &result); > if (!NT_STATUS_IS_OK(status)) { > return status; > } >@@ -3006,7 +3006,7 @@ NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, > struct pipe_auth_data *auth; > NTSTATUS status; > >- status = cli_rpc_pipe_open(cli, transport, &table->syntax_id, &result); >+ status = cli_rpc_pipe_open(cli, transport, table, &result); > if (!NT_STATUS_IS_OK(status)) { > return status; > } >@@ -3076,7 +3076,7 @@ NTSTATUS cli_rpc_pipe_open_spnego(struct cli_state *cli, > return NT_STATUS_INVALID_PARAMETER; > } > >- status = cli_rpc_pipe_open(cli, transport, &table->syntax_id, &result); >+ status = cli_rpc_pipe_open(cli, transport, table, &result); > if (!NT_STATUS_IS_OK(status)) { > return status; > } >-- >1.8.1.2 > > >From 8cd3a060514ddcc178c938100edfb0b177c00c8c Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:40:45 +0200 >Subject: [PATCH 35/67] s3-rpc_cli: pass down ndr_interface_table to > rpc_pipe_open_np(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index c5fdd9b..632a42b 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2747,7 +2747,7 @@ static int rpc_pipe_client_np_ref_destructor(struct rpc_pipe_client_np_ref *np_r > ****************************************************************************/ > > static NTSTATUS rpc_pipe_open_np(struct cli_state *cli, >- const struct ndr_syntax_id *abstract_syntax, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > struct rpc_pipe_client *result; >@@ -2765,7 +2765,7 @@ static NTSTATUS rpc_pipe_open_np(struct cli_state *cli, > return NT_STATUS_NO_MEMORY; > } > >- result->abstract_syntax = *abstract_syntax; >+ result->abstract_syntax = table->syntax_id; > result->transfer_syntax = ndr_transfer_syntax_ndr; > result->desthost = talloc_strdup(result, smbXcli_conn_remote_name(cli->conn)); > result->srv_name_slash = talloc_asprintf_strupper_m( >@@ -2779,7 +2779,7 @@ static NTSTATUS rpc_pipe_open_np(struct cli_state *cli, > return NT_STATUS_NO_MEMORY; > } > >- status = rpc_transport_np_init(result, cli, abstract_syntax, >+ status = rpc_transport_np_init(result, cli, &table->syntax_id, > &result->transport); > if (!NT_STATUS_IS_OK(status)) { > TALLOC_FREE(result); >@@ -2825,7 +2825,7 @@ static NTSTATUS cli_rpc_pipe_open(struct cli_state *cli, > smbXcli_conn_remote_sockaddr(cli->conn), > &table->syntax_id, presult); > case NCACN_NP: >- return rpc_pipe_open_np(cli, &table->syntax_id, presult); >+ return rpc_pipe_open_np(cli, table, presult); > default: > return NT_STATUS_NOT_IMPLEMENTED; > } >-- >1.8.1.2 > > >From 5c5cff0a722a0925ae75ea7aa11ede0d82d5b92d Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:44:00 +0200 >Subject: [PATCH 36/67] s3-rpc_cli: pass down ndr_interface_table to > rpc_pipe_open_tcp(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 8 ++++---- > source3/rpc_client/cli_pipe.h | 2 +- > source3/torture/rpc_open_tcp.c | 2 +- > 3 files changed, 6 insertions(+), 6 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index 632a42b..3934cc6 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2635,19 +2635,19 @@ done: > */ > NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, const char *host, > const struct sockaddr_storage *addr, >- const struct ndr_syntax_id *abstract_syntax, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > NTSTATUS status; > uint16_t port = 0; > >- status = rpc_pipe_get_tcp_port(host, addr, abstract_syntax, &port); >+ status = rpc_pipe_get_tcp_port(host, addr, &table->syntax_id, &port); > if (!NT_STATUS_IS_OK(status)) { > return status; > } > > return rpc_pipe_open_tcp_port(mem_ctx, host, addr, port, >- abstract_syntax, presult); >+ &table->syntax_id, presult); > } > > /******************************************************************** >@@ -2823,7 +2823,7 @@ static NTSTATUS cli_rpc_pipe_open(struct cli_state *cli, > return rpc_pipe_open_tcp(NULL, > smbXcli_conn_remote_name(cli->conn), > smbXcli_conn_remote_sockaddr(cli->conn), >- &table->syntax_id, presult); >+ table, presult); > case NCACN_NP: > return rpc_pipe_open_np(cli, table, presult); > default: >diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h >index f37f8a9..6fcc587 100644 >--- a/source3/rpc_client/cli_pipe.h >+++ b/source3/rpc_client/cli_pipe.h >@@ -67,7 +67,7 @@ NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, > NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, > const char *host, > const struct sockaddr_storage *ss_addr, >- const struct ndr_syntax_id *abstract_syntax, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult); > > NTSTATUS rpc_pipe_open_ncalrpc(TALLOC_CTX *mem_ctx, const char *socket_path, >diff --git a/source3/torture/rpc_open_tcp.c b/source3/torture/rpc_open_tcp.c >index d29f4cf..cd27b5f 100644 >--- a/source3/torture/rpc_open_tcp.c >+++ b/source3/torture/rpc_open_tcp.c >@@ -95,7 +95,7 @@ int main(int argc, const char **argv) > } > > status = rpc_pipe_open_tcp(mem_ctx, argv[2], NULL, >- &((*table)->syntax_id), >+ *table, > &rpc_pipe); > if (!NT_STATUS_IS_OK(status)) { > d_printf("ERROR calling rpc_pipe_open_tcp(): %s\n", >-- >1.8.1.2 > > >From 0ff8c2d508949f732716e24047694cecf38597df Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:46:07 +0200 >Subject: [PATCH 37/67] s3-rpc_cli: pass down ndr_interface_table to > rpc_pipe_get_tcp_port(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index 3934cc6..29092aa 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2490,7 +2490,7 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, > */ > static NTSTATUS rpc_pipe_get_tcp_port(const char *host, > const struct sockaddr_storage *addr, >- const struct ndr_syntax_id *abstract_syntax, >+ const struct ndr_interface_table *table, > uint16_t *pport) > { > NTSTATUS status; >@@ -2513,7 +2513,7 @@ static NTSTATUS rpc_pipe_get_tcp_port(const char *host, > goto done; > } > >- if (ndr_syntax_id_equal(abstract_syntax, >+ if (ndr_syntax_id_equal(&table->syntax_id, > &ndr_table_epmapper.syntax_id)) { > *pport = 135; > return NT_STATUS_OK; >@@ -2548,7 +2548,7 @@ static NTSTATUS rpc_pipe_get_tcp_port(const char *host, > } > > map_binding->transport = NCACN_IP_TCP; >- map_binding->object = *abstract_syntax; >+ map_binding->object = table->syntax_id; > map_binding->host = host; /* needed? */ > map_binding->endpoint = "0"; /* correct? needed? */ > >@@ -2584,7 +2584,7 @@ static NTSTATUS rpc_pipe_get_tcp_port(const char *host, > status = dcerpc_epm_Map(epm_handle, > tmp_ctx, > discard_const_p(struct GUID, >- &(abstract_syntax->uuid)), >+ &(table->syntax_id.uuid)), > map_tower, > entry_handle, > max_towers, >@@ -2641,7 +2641,7 @@ NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, const char *host, > NTSTATUS status; > uint16_t port = 0; > >- status = rpc_pipe_get_tcp_port(host, addr, &table->syntax_id, &port); >+ status = rpc_pipe_get_tcp_port(host, addr, table, &port); > if (!NT_STATUS_IS_OK(status)) { > return status; > } >-- >1.8.1.2 > > >From 7bdcfcb37c5b96ee6aa0cecffd89c6d17291fe62 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:47:16 +0200 >Subject: [PATCH 38/67] s3-rpc_cli: pass down ndr_interface_table to > rpc_pipe_open_tcp_port(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index 29092aa..a378f51 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2419,7 +2419,7 @@ NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, const char *domain, > static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, > const struct sockaddr_storage *ss_addr, > uint16_t port, >- const struct ndr_syntax_id *abstract_syntax, >+ const struct ndr_interface_table *table, > struct rpc_pipe_client **presult) > { > struct rpc_pipe_client *result; >@@ -2432,7 +2432,7 @@ static NTSTATUS rpc_pipe_open_tcp_port(TALLOC_CTX *mem_ctx, const char *host, > return NT_STATUS_NO_MEMORY; > } > >- result->abstract_syntax = *abstract_syntax; >+ result->abstract_syntax = table->syntax_id; > result->transfer_syntax = ndr_transfer_syntax_ndr; > > result->desthost = talloc_strdup(result, host); >@@ -2521,7 +2521,7 @@ static NTSTATUS rpc_pipe_get_tcp_port(const char *host, > > /* open the connection to the endpoint mapper */ > status = rpc_pipe_open_tcp_port(tmp_ctx, host, addr, 135, >- &ndr_table_epmapper.syntax_id, >+ &ndr_table_epmapper, > &epm_pipe); > > if (!NT_STATUS_IS_OK(status)) { >@@ -2647,7 +2647,7 @@ NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, const char *host, > } > > return rpc_pipe_open_tcp_port(mem_ctx, host, addr, port, >- &table->syntax_id, presult); >+ table, presult); > } > > /******************************************************************** >-- >1.8.1.2 > > >From c41b6e5c5e7fcdbd98c1eb2bea08378b47d343d4 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:52:05 +0200 >Subject: [PATCH 39/67] s3-rpc_cli: pass down ndr_interface_table to > rpc_transport_np_init(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 2 +- > source3/rpc_client/rpc_transport.h | 2 +- > source3/rpc_client/rpc_transport_np.c | 4 ++-- > 3 files changed, 4 insertions(+), 4 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index a378f51..1e296ee 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2779,7 +2779,7 @@ static NTSTATUS rpc_pipe_open_np(struct cli_state *cli, > return NT_STATUS_NO_MEMORY; > } > >- status = rpc_transport_np_init(result, cli, &table->syntax_id, >+ status = rpc_transport_np_init(result, cli, table, > &result->transport); > if (!NT_STATUS_IS_OK(status)) { > TALLOC_FREE(result); >diff --git a/source3/rpc_client/rpc_transport.h b/source3/rpc_client/rpc_transport.h >index bc115dd..2b4a323 100644 >--- a/source3/rpc_client/rpc_transport.h >+++ b/source3/rpc_client/rpc_transport.h >@@ -89,7 +89,7 @@ NTSTATUS rpc_transport_np_init_recv(struct tevent_req *req, > TALLOC_CTX *mem_ctx, > struct rpc_cli_transport **presult); > NTSTATUS rpc_transport_np_init(TALLOC_CTX *mem_ctx, struct cli_state *cli, >- const struct ndr_syntax_id *abstract_syntax, >+ const struct ndr_interface_table *table, > struct rpc_cli_transport **presult); > > /* The following definitions come from rpc_client/rpc_transport_sock.c */ >diff --git a/source3/rpc_client/rpc_transport_np.c b/source3/rpc_client/rpc_transport_np.c >index 78caa5b..59a29ea 100644 >--- a/source3/rpc_client/rpc_transport_np.c >+++ b/source3/rpc_client/rpc_transport_np.c >@@ -109,7 +109,7 @@ NTSTATUS rpc_transport_np_init_recv(struct tevent_req *req, > } > > NTSTATUS rpc_transport_np_init(TALLOC_CTX *mem_ctx, struct cli_state *cli, >- const struct ndr_syntax_id *abstract_syntax, >+ const struct ndr_interface_table *table, > struct rpc_cli_transport **presult) > { > TALLOC_CTX *frame = talloc_stackframe(); >@@ -123,7 +123,7 @@ NTSTATUS rpc_transport_np_init(TALLOC_CTX *mem_ctx, struct cli_state *cli, > goto fail; > } > >- req = rpc_transport_np_init_send(frame, ev, cli, abstract_syntax); >+ req = rpc_transport_np_init_send(frame, ev, cli, &table->syntax_id); > if (req == NULL) { > status = NT_STATUS_NO_MEMORY; > goto fail; >-- >1.8.1.2 > > >From b19e7e6638a5dd53e3c6e6701f78bf31184ed493 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Fri, 24 May 2013 13:56:53 +0200 >Subject: [PATCH 40/67] s3-rpc_cli: pass down ndr_interface_table to > rpc_transport_np_init_send(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/rpc_transport.h | 2 +- > source3/rpc_client/rpc_transport_np.c | 6 +++--- > 2 files changed, 4 insertions(+), 4 deletions(-) > >diff --git a/source3/rpc_client/rpc_transport.h b/source3/rpc_client/rpc_transport.h >index 2b4a323..72e7609 100644 >--- a/source3/rpc_client/rpc_transport.h >+++ b/source3/rpc_client/rpc_transport.h >@@ -84,7 +84,7 @@ struct cli_state; > struct tevent_req *rpc_transport_np_init_send(TALLOC_CTX *mem_ctx, > struct tevent_context *ev, > struct cli_state *cli, >- const struct ndr_syntax_id *abstract_syntax); >+ const struct ndr_interface_table *table); > NTSTATUS rpc_transport_np_init_recv(struct tevent_req *req, > TALLOC_CTX *mem_ctx, > struct rpc_cli_transport **presult); >diff --git a/source3/rpc_client/rpc_transport_np.c b/source3/rpc_client/rpc_transport_np.c >index 59a29ea..804db58 100644 >--- a/source3/rpc_client/rpc_transport_np.c >+++ b/source3/rpc_client/rpc_transport_np.c >@@ -34,7 +34,7 @@ static void rpc_transport_np_init_pipe_open(struct tevent_req *subreq); > struct tevent_req *rpc_transport_np_init_send(TALLOC_CTX *mem_ctx, > struct tevent_context *ev, > struct cli_state *cli, >- const struct ndr_syntax_id *abstract_syntax) >+ const struct ndr_interface_table *table) > { > struct tevent_req *req; > struct rpc_transport_np_init_state *state; >@@ -47,7 +47,7 @@ struct tevent_req *rpc_transport_np_init_send(TALLOC_CTX *mem_ctx, > return NULL; > } > >- pipe_name = get_pipe_name_from_syntax(state, abstract_syntax); >+ pipe_name = get_pipe_name_from_syntax(state, &table->syntax_id); > if (tevent_req_nomem(pipe_name, req)) { > return tevent_req_post(req, ev); > } >@@ -123,7 +123,7 @@ NTSTATUS rpc_transport_np_init(TALLOC_CTX *mem_ctx, struct cli_state *cli, > goto fail; > } > >- req = rpc_transport_np_init_send(frame, ev, cli, &table->syntax_id); >+ req = rpc_transport_np_init_send(frame, ev, cli, table); > if (req == NULL) { > status = NT_STATUS_NO_MEMORY; > goto fail; >-- >1.8.1.2 > > >From a9d5b2fdf03a25e7669258de6c83288be3335cef Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Wed, 19 Dec 2012 13:53:23 +0100 >Subject: [PATCH 41/67] libcli/auth: also set secure channel type in > netlogon_creds_client_init(). >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > libcli/auth/credentials.c | 2 ++ > libcli/auth/proto.h | 1 + > source3/rpc_client/cli_netlogon.c | 1 + > source4/librpc/rpc/dcerpc_schannel.c | 1 + > source4/torture/ntp/ntp_signd.c | 1 + > source4/torture/rpc/lsa.c | 1 + > source4/torture/rpc/netlogon.c | 3 +++ > source4/torture/rpc/samba3rpc.c | 2 ++ > 8 files changed, 12 insertions(+) > >diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c >index 7c8d53c..fb77ede 100644 >--- a/libcli/auth/credentials.c >+++ b/libcli/auth/credentials.c >@@ -263,6 +263,7 @@ next comes the client specific functions > struct netlogon_creds_CredentialState *netlogon_creds_client_init(TALLOC_CTX *mem_ctx, > const char *client_account, > const char *client_computer_name, >+ uint16_t secure_channel_type, > const struct netr_Credential *client_challenge, > const struct netr_Credential *server_challenge, > const struct samr_Password *machine_password, >@@ -277,6 +278,7 @@ struct netlogon_creds_CredentialState *netlogon_creds_client_init(TALLOC_CTX *me > > creds->sequence = time(NULL); > creds->negotiate_flags = negotiate_flags; >+ creds->secure_channel_type = secure_channel_type; > > creds->computer_name = talloc_strdup(creds, client_computer_name); > if (!creds->computer_name) { >diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h >index 89a732e..6bc18d7 100644 >--- a/libcli/auth/proto.h >+++ b/libcli/auth/proto.h >@@ -26,6 +26,7 @@ next comes the client specific functions > struct netlogon_creds_CredentialState *netlogon_creds_client_init(TALLOC_CTX *mem_ctx, > const char *client_account, > const char *client_computer_name, >+ uint16_t secure_channel_type, > const struct netr_Credential *client_challenge, > const struct netr_Credential *server_challenge, > const struct samr_Password *machine_password, >diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c >index 66a50a8..3d6a3e1 100644 >--- a/source3/rpc_client/cli_netlogon.c >+++ b/source3/rpc_client/cli_netlogon.c >@@ -89,6 +89,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli, > cli->dc = netlogon_creds_client_init(cli, > mach_acct, > clnt_name, >+ sec_chan_type, > &clnt_chal_send, > &srv_chal_recv, > &password, >diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c >index be1ab24..1480486 100644 >--- a/source4/librpc/rpc/dcerpc_schannel.c >+++ b/source4/librpc/rpc/dcerpc_schannel.c >@@ -187,6 +187,7 @@ static void continue_srv_challenge(struct tevent_req *subreq) > s->creds = netlogon_creds_client_init(s, > s->a.in.account_name, > s->a.in.computer_name, >+ s->a.in.secure_channel_type, > &s->credentials1, &s->credentials2, > s->mach_pwd, &s->credentials3, > s->local_negotiate_flags); >diff --git a/source4/torture/ntp/ntp_signd.c b/source4/torture/ntp/ntp_signd.c >index 89eb1a0..5f097fe 100644 >--- a/source4/torture/ntp/ntp_signd.c >+++ b/source4/torture/ntp/ntp_signd.c >@@ -113,6 +113,7 @@ static bool test_ntp_signd(struct torture_context *tctx, > > creds = netlogon_creds_client_init(tctx, a.in.account_name, > a.in.computer_name, >+ a.in.secure_channel_type, > &credentials1, &credentials2, > pwhash, &credentials3, > negotiate_flags); >diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c >index 107af11..7385ad4 100644 >--- a/source4/torture/rpc/lsa.c >+++ b/source4/torture/rpc/lsa.c >@@ -2715,6 +2715,7 @@ static bool check_pw_with_ServerAuthenticate3(struct dcerpc_pipe *p, > > creds = netlogon_creds_client_init(tctx, a.in.account_name, > a.in.computer_name, >+ a.in.secure_channel_type, > &credentials1, &credentials2, > &mach_password, &credentials3, > negotiate_flags); >diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c >index dadf8bc..c7bdf49 100644 >--- a/source4/torture/rpc/netlogon.c >+++ b/source4/torture/rpc/netlogon.c >@@ -173,6 +173,7 @@ bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx, > > creds = netlogon_creds_client_init(tctx, a.in.account_name, > a.in.computer_name, >+ a.in.secure_channel_type, > &credentials1, &credentials2, > mach_password, &credentials3, > 0); >@@ -243,6 +244,7 @@ bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx, > > creds = netlogon_creds_client_init(tctx, a.in.account_name, > a.in.computer_name, >+ a.in.secure_channel_type, > &credentials1, &credentials2, > mach_password, &credentials3, > negotiate_flags); >@@ -310,6 +312,7 @@ bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx, > > creds = netlogon_creds_client_init(tctx, a.in.account_name, > a.in.computer_name, >+ a.in.secure_channel_type, > &credentials1, &credentials2, > &mach_password, &credentials3, > negotiate_flags); >diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c >index 9443d5e..432e9d5 100644 >--- a/source4/torture/rpc/samba3rpc.c >+++ b/source4/torture/rpc/samba3rpc.c >@@ -1015,6 +1015,7 @@ static bool auth2(struct torture_context *tctx, > creds_state = netlogon_creds_client_init(mem_ctx, > a.in.account_name, > a.in.computer_name, >+ a.in.secure_channel_type, > r.in.credentials, > r.out.return_credentials, &mach_pw, > &netr_cred, negotiate_flags); >@@ -2146,6 +2147,7 @@ static bool torture_samba3_rpc_randomauth2(struct torture_context *torture) > creds_state = netlogon_creds_client_init(mem_ctx, > a.in.account_name, > a.in.computer_name, >+ a.in.secure_channel_type, > r.in.credentials, > r.out.return_credentials, &mach_pw, > &netr_cred, negotiate_flags); >-- >1.8.1.2 > > >From c11a79c5a054e862f61c97093fa2ce5e5040f111 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Wed, 24 Sep 2008 11:04:42 +0200 >Subject: [PATCH 42/67] s3: libnet_join: add admin_domain. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/librpc/idl/libnet_join.idl | 2 ++ > 1 file changed, 2 insertions(+) > >diff --git a/source3/librpc/idl/libnet_join.idl b/source3/librpc/idl/libnet_join.idl >index 4f28bb6..ac0a350 100644 >--- a/source3/librpc/idl/libnet_join.idl >+++ b/source3/librpc/idl/libnet_join.idl >@@ -21,6 +21,7 @@ interface libnetjoin > [in,ref] string *domain_name, > [in] string account_ou, > [in] string admin_account, >+ [in] string admin_domain, > [in,noprint] string admin_password, > [in] string machine_password, > [in] wkssvc_joinflags join_flags, >@@ -51,6 +52,7 @@ interface libnetjoin > [in] string domain_name, > [in] string account_ou, > [in] string admin_account, >+ [in] string admin_domain, > [in,noprint] string admin_password, > [in] string machine_password, > [in] wkssvc_joinflags unjoin_flags, >-- >1.8.1.2 > > >From cc0cbd4fdc6e07538d67cc41ca07bad1eaebf493 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Wed, 24 Sep 2008 11:05:37 +0200 >Subject: [PATCH 43/67] s3: libnet_join: use admin_domain in libnetjoin. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/libnet/libnet_join.c | 27 ++++++++++++++++++++++++++- > 1 file changed, 26 insertions(+), 1 deletion(-) > >diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c >index 348fb94..4582158 100644 >--- a/source3/libnet/libnet_join.c >+++ b/source3/libnet/libnet_join.c >@@ -686,6 +686,7 @@ static bool libnet_join_joindomain_store_secrets(TALLOC_CTX *mem_ctx, > > static NTSTATUS libnet_join_connect_dc_ipc(const char *dc, > const char *user, >+ const char *domain, > const char *pass, > bool use_kerberos, > struct cli_state **cli) >@@ -705,7 +706,7 @@ static NTSTATUS libnet_join_connect_dc_ipc(const char *dc, > NULL, 0, > "IPC$", "IPC", > user, >- NULL, >+ domain, > pass, > flags, > SMB_SIGNING_DEFAULT); >@@ -727,6 +728,7 @@ static NTSTATUS libnet_join_lookup_dc_rpc(TALLOC_CTX *mem_ctx, > > status = libnet_join_connect_dc_ipc(r->in.dc_name, > r->in.admin_account, >+ r->in.admin_domain, > r->in.admin_password, > r->in.use_kerberos, > cli); >@@ -1345,6 +1347,7 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx, > > status = libnet_join_connect_dc_ipc(r->in.dc_name, > r->in.admin_account, >+ r->in.admin_domain, > r->in.admin_password, > r->in.use_kerberos, > &cli); >@@ -1724,6 +1727,17 @@ static WERROR libnet_join_pre_processing(TALLOC_CTX *mem_ctx, > return WERR_SETUP_DOMAIN_CONTROLLER; > } > >+ if (!r->in.admin_domain) { >+ char *admin_domain = NULL; >+ char *admin_account = NULL; >+ split_domain_user(mem_ctx, >+ r->in.admin_account, >+ &admin_domain, >+ &admin_account); >+ r->in.admin_domain = admin_domain; >+ r->in.admin_account = admin_account; >+ } >+ > if (!secrets_init()) { > libnet_join_set_error_string(mem_ctx, r, > "Unable to open secrets database"); >@@ -2285,6 +2299,17 @@ static WERROR libnet_unjoin_pre_processing(TALLOC_CTX *mem_ctx, > return WERR_SETUP_DOMAIN_CONTROLLER; > } > >+ if (!r->in.admin_domain) { >+ char *admin_domain = NULL; >+ char *admin_account = NULL; >+ split_domain_user(mem_ctx, >+ r->in.admin_account, >+ &admin_domain, >+ &admin_account); >+ r->in.admin_domain = admin_domain; >+ r->in.admin_account = admin_account; >+ } >+ > if (!secrets_init()) { > libnet_unjoin_set_error_string(mem_ctx, r, > "Unable to open secrets database"); >-- >1.8.1.2 > > >From c4d6d75cf48aed7b17728e283581366143fa4233 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Thu, 6 Nov 2008 11:40:03 +0100 >Subject: [PATCH 44/67] s3-libnetjoin: add machine_name length check. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/libnet/libnet_join.c | 9 +++++++++ > 1 file changed, 9 insertions(+) > >diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c >index 4582158..df3a86d 100644 >--- a/source3/libnet/libnet_join.c >+++ b/source3/libnet/libnet_join.c >@@ -1715,6 +1715,15 @@ static WERROR libnet_join_pre_processing(TALLOC_CTX *mem_ctx, > return WERR_INVALID_PARAM; > } > >+ if (strlen(r->in.machine_name) > 15) { >+ libnet_join_set_error_string(mem_ctx, r, >+ "Our netbios name can be at most 15 chars long, " >+ "\"%s\" is %u chars long\n", >+ r->in.machine_name, >+ (unsigned int)strlen(r->in.machine_name)); >+ return WERR_INVALID_PARAM; >+ } >+ > if (!libnet_parse_domain_dc(mem_ctx, r->in.domain_name, > &r->in.domain_name, > &r->in.dc_name)) { >-- >1.8.1.2 > > >From d398a12f7907866189c1b253ca6a40e5454f42a1 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Thu, 6 Nov 2008 13:37:45 +0100 >Subject: [PATCH 45/67] s3-libnetjoin: move "net rpc oldjoin" to use > libnetjoin. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/utils/net_rpc.c | 182 ++++++++++++++++++++++-------------------------- > 1 file changed, 84 insertions(+), 98 deletions(-) > >diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c >index 488167c..fc779a3 100644 >--- a/source3/utils/net_rpc.c >+++ b/source3/utils/net_rpc.c >@@ -37,6 +37,8 @@ > #include "secrets.h" > #include "lib/netapi/netapi.h" > #include "lib/netapi/netapi_net.h" >+#include "librpc/gen_ndr/libnet_join.h" >+#include "libnet/libnet_join.h" > #include "rpc_client/init_lsa.h" > #include "../libcli/security/security.h" > #include "libsmb/libsmb.h" >@@ -314,48 +316,46 @@ int net_rpc_changetrustpw(struct net_context *c, int argc, const char **argv) > } > > /** >- * Join a domain, the old way. >+ * Join a domain, the old way. This function exists to allow >+ * the message to be displayed when oldjoin was explicitly >+ * requested, but not when it was implied by "net rpc join". > * > * This uses 'machinename' as the inital password, and changes it. > * > * The password should be created with 'server manager' or equiv first. > * >- * All parameters are provided by the run_rpc_command function, except for >- * argc, argv which are passed through. >- * >- * @param domain_sid The domain sid acquired from the remote server. >- * @param cli A cli_state connected to the server. >- * @param mem_ctx Talloc context, destroyed on completion of the function. > * @param argc Standard main() style argc. > * @param argv Standard main() style argv. Initial components are already > * stripped. > * >- * @return Normal NTSTATUS return. >+ * @return A shell status integer (0 for success). > **/ > >-static NTSTATUS rpc_oldjoin_internals(struct net_context *c, >- const struct dom_sid *domain_sid, >- const char *domain_name, >- struct cli_state *cli, >- struct rpc_pipe_client *pipe_hnd, >- TALLOC_CTX *mem_ctx, >- int argc, >- const char **argv) >+static int net_rpc_oldjoin(struct net_context *c, int argc, const char **argv) > { >+ struct libnet_JoinCtx *r = NULL; >+ TALLOC_CTX *mem_ctx; >+ WERROR werr; >+ const char *domain = lp_workgroup(); /* FIXME */ >+ bool modify_config = lp_config_backend_is_registry(); >+ enum netr_SchannelType sec_chan_type; >+ char *pw = NULL; > >- fstring trust_passwd; >- unsigned char orig_trust_passwd_hash[16]; >- NTSTATUS result; >- enum netr_SchannelType sec_channel_type; >+ if (c->display_usage) { >+ d_printf("Usage:\n" >+ "net rpc oldjoin\n" >+ " Join a domain the old way\n"); >+ return 0; >+ } > >- result = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon, >- &pipe_hnd); >- if (!NT_STATUS_IS_OK(result)) { >- DEBUG(0,("rpc_oldjoin_internals: netlogon pipe open to machine %s failed. " >- "error was %s\n", >- smbXcli_conn_remote_name(cli->conn), >- nt_errstr(result) )); >- return result; >+ mem_ctx = talloc_init("net_rpc_oldjoin"); >+ if (!mem_ctx) { >+ return -1; >+ } >+ >+ werr = libnet_init_JoinCtx(mem_ctx, &r); >+ if (!W_ERROR_IS_OK(werr)) { >+ goto fail; > } > > /* >@@ -363,92 +363,78 @@ static NTSTATUS rpc_oldjoin_internals(struct net_context *c, > a BDC, the server must agree that we are a BDC. > */ > if (argc >= 0) { >- sec_channel_type = get_sec_channel_type(argv[0]); >+ sec_chan_type = get_sec_channel_type(argv[0]); > } else { >- sec_channel_type = get_sec_channel_type(NULL); >+ sec_chan_type = get_sec_channel_type(NULL); > } > >- fstrcpy(trust_passwd, lp_netbios_name()); >- if (!strlower_m(trust_passwd)) { >- return NT_STATUS_UNSUCCESSFUL; >+ if (!c->msg_ctx) { >+ d_fprintf(stderr, _("Could not initialise message context. " >+ "Try running as root\n")); >+ werr = WERR_ACCESS_DENIED; >+ goto fail; > } > >- /* >- * Machine names can be 15 characters, but the max length on >- * a password is 14. --jerry >- */ >- >- trust_passwd[14] = '\0'; >- >- E_md4hash(trust_passwd, orig_trust_passwd_hash); >- >- result = trust_pw_change_and_store_it(pipe_hnd, mem_ctx, c->opt_target_workgroup, >- lp_netbios_name(), >- orig_trust_passwd_hash, >- sec_channel_type); >- >- if (NT_STATUS_IS_OK(result)) >- printf(_("Joined domain %s.\n"), c->opt_target_workgroup); >+ pw = talloc_strndup(r, lp_netbios_name(), 14); >+ if (pw == NULL) { >+ werr = WERR_NOMEM; >+ goto fail; >+ } > >+ r->in.msg_ctx = c->msg_ctx; >+ r->in.domain_name = domain; >+ r->in.secure_channel_type = sec_chan_type; >+ r->in.dc_name = c->opt_host; >+ r->in.admin_account = ""; >+ r->in.admin_password = strlower_talloc(r, pw); >+ if (r->in.admin_password == NULL) { >+ werr = WERR_NOMEM; >+ goto fail; >+ } >+ r->in.debug = true; >+ r->in.modify_config = modify_config; >+ r->in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE | >+ WKSSVC_JOIN_FLAGS_JOIN_UNSECURE | >+ WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED; > >- if (!secrets_store_domain_sid(c->opt_target_workgroup, domain_sid)) { >- DEBUG(0, ("error storing domain sid for %s\n", c->opt_target_workgroup)); >- result = NT_STATUS_UNSUCCESSFUL; >+ werr = libnet_Join(mem_ctx, r); >+ if (!W_ERROR_IS_OK(werr)) { >+ goto fail; > } > >- return result; >-} >+ /* Check the short name of the domain */ > >-/** >- * Join a domain, the old way. >- * >- * @param argc Standard main() style argc. >- * @param argv Standard main() style argv. Initial components are already >- * stripped. >- * >- * @return A shell status integer (0 for success). >- **/ >+ if (!modify_config && !strequal(lp_workgroup(), r->out.netbios_domain_name)) { >+ d_printf("The workgroup in %s does not match the short\n", get_dyn_CONFIGFILE()); >+ d_printf("domain name obtained from the server.\n"); >+ d_printf("Using the name [%s] from the server.\n", r->out.netbios_domain_name); >+ d_printf("You should set \"workgroup = %s\" in %s.\n", >+ r->out.netbios_domain_name, get_dyn_CONFIGFILE()); >+ } > >-static int net_rpc_perform_oldjoin(struct net_context *c, int argc, const char **argv) >-{ >- return run_rpc_command(c, NULL, &ndr_table_netlogon, >- NET_FLAGS_NO_PIPE | NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, >- rpc_oldjoin_internals, >- argc, argv); >-} >+ d_printf("Using short domain name -- %s\n", r->out.netbios_domain_name); > >-/** >- * Join a domain, the old way. This function exists to allow >- * the message to be displayed when oldjoin was explicitly >- * requested, but not when it was implied by "net rpc join". >- * >- * @param argc Standard main() style argc. >- * @param argv Standard main() style argv. Initial components are already >- * stripped. >- * >- * @return A shell status integer (0 for success). >- **/ >+ if (r->out.dns_domain_name) { >+ d_printf("Joined '%s' to realm '%s'\n", r->in.machine_name, >+ r->out.dns_domain_name); >+ } else { >+ d_printf("Joined '%s' to domain '%s'\n", r->in.machine_name, >+ r->out.netbios_domain_name); >+ } > >-static int net_rpc_oldjoin(struct net_context *c, int argc, const char **argv) >-{ >- int rc = -1; >+ TALLOC_FREE(mem_ctx); > >- if (c->display_usage) { >- d_printf( "%s\n" >- "net rpc oldjoin\n" >- " %s\n", >- _("Usage:"), >- _("Join a domain the old way")); >- return 0; >- } >+ return 0; > >- rc = net_rpc_perform_oldjoin(c, argc, argv); >+fail: >+ /* issue an overall failure message at the end. */ >+ d_fprintf(stderr, _("Failed to join domain: %s\n"), >+ r && r->out.error_string ? r->out.error_string : >+ get_friendly_werror_msg(werr)); > >- if (rc) { >- d_fprintf(stderr, _("Failed to join domain\n")); >- } >+ TALLOC_FREE(mem_ctx); > >- return rc; >+ return -1; > } > > /** >@@ -492,7 +478,7 @@ int net_rpc_join(struct net_context *c, int argc, const char **argv) > return -1; > } > >- if ((net_rpc_perform_oldjoin(c, argc, argv) == 0)) >+ if ((net_rpc_oldjoin(c, argc, argv) == 0)) > return 0; > > return net_rpc_join_newstyle(c, argc, argv); >-- >1.8.1.2 > > >From 1242ab0cb3bf575b695b39313604af9d0a7f1b3a Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 13 Jun 2013 19:12:27 +0200 >Subject: [PATCH 46/67] s3:libnet: let the caller truncate the pw in > libnet_join_joindomain_rpc_unsecure() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/libnet/libnet_join.c | 15 +-------------- > 1 file changed, 1 insertion(+), 14 deletions(-) > >diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c >index df3a86d..26c037a 100644 >--- a/source3/libnet/libnet_join.c >+++ b/source3/libnet/libnet_join.c >@@ -803,7 +803,6 @@ static NTSTATUS libnet_join_joindomain_rpc_unsecure(TALLOC_CTX *mem_ctx, > struct rpc_pipe_client *pipe_hnd = NULL; > unsigned char orig_trust_passwd_hash[16]; > unsigned char new_trust_passwd_hash[16]; >- fstring trust_passwd; > NTSTATUS status; > > status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon, >@@ -822,19 +821,7 @@ static NTSTATUS libnet_join_joindomain_rpc_unsecure(TALLOC_CTX *mem_ctx, > E_md4hash(r->in.machine_password, new_trust_passwd_hash); > > /* according to WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED */ >- fstrcpy(trust_passwd, r->in.admin_password); >- if (!strlower_m(trust_passwd)) { >- return NT_STATUS_INVALID_PARAMETER; >- } >- >- /* >- * Machine names can be 15 characters, but the max length on >- * a password is 14. --jerry >- */ >- >- trust_passwd[14] = '\0'; >- >- E_md4hash(trust_passwd, orig_trust_passwd_hash); >+ E_md4hash(r->in.admin_password, orig_trust_passwd_hash); > > status = rpccli_netlogon_set_trust_password(pipe_hnd, mem_ctx, > r->in.machine_name, >-- >1.8.1.2 > > >From 9cfa6251600ddea0e821f2bd3fd359c28eb1b7f9 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Tue, 3 Feb 2009 20:10:05 +0100 >Subject: [PATCH 47/67] s3-net: use libnetjoin for "net rpc testjoin". >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/utils/net_proto.h | 2 +- > source3/utils/net_rpc.c | 66 ++++++++++++++++++++++++++++++++++++++++++++ > source3/utils/net_rpc_join.c | 29 ------------------- > 3 files changed, 67 insertions(+), 30 deletions(-) > >diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h >index 03fb312..d791708 100644 >--- a/source3/utils/net_proto.h >+++ b/source3/utils/net_proto.h >@@ -145,6 +145,7 @@ int run_rpc_command(struct net_context *c, > int argc, > const char **argv); > int net_rpc_changetrustpw(struct net_context *c, int argc, const char **argv); >+int net_rpc_testjoin(struct net_context *c, int argc, const char **argv); > int net_rpc_join(struct net_context *c, int argc, const char **argv); > NTSTATUS rpc_info_internals(struct net_context *c, > const struct dom_sid *domain_sid, >@@ -205,7 +206,6 @@ NTSTATUS net_rpc_join_ok(struct net_context *c, const char *domain, > const char *server, > const struct sockaddr_storage *server_ss); > int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv); >-int net_rpc_testjoin(struct net_context *c, int argc, const char **argv); > > /* The following definitions come from utils/net_rpc_printer.c */ > >diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c >index fc779a3..3a70e99 100644 >--- a/source3/utils/net_rpc.c >+++ b/source3/utils/net_rpc.c >@@ -438,6 +438,72 @@ fail: > } > > /** >+ * check that a join is OK >+ * >+ * @return A shell status integer (0 for success) >+ * >+ **/ >+int net_rpc_testjoin(struct net_context *c, int argc, const char **argv) >+{ >+ NTSTATUS status; >+ TALLOC_CTX *mem_ctx; >+ const char *domain = c->opt_target_workgroup; >+ const char *dc = c->opt_host; >+ >+ if (c->display_usage) { >+ d_printf("Usage\n" >+ "net rpc testjoin\n" >+ " Test if a join is OK\n"); >+ return 0; >+ } >+ >+ mem_ctx = talloc_init("net_rpc_testjoin"); >+ if (!mem_ctx) { >+ return -1; >+ } >+ >+ if (!dc) { >+ struct netr_DsRGetDCNameInfo *info; >+ >+ if (!c->msg_ctx) { >+ d_fprintf(stderr, _("Could not initialise message context. " >+ "Try running as root\n")); >+ talloc_destroy(mem_ctx); >+ return -1; >+ } >+ >+ status = dsgetdcname(mem_ctx, >+ c->msg_ctx, >+ domain, >+ NULL, >+ NULL, >+ DS_RETURN_DNS_NAME, >+ &info); >+ if (!NT_STATUS_IS_OK(status)) { >+ talloc_destroy(mem_ctx); >+ return -1; >+ } >+ >+ dc = strip_hostname(info->dc_unc); >+ } >+ >+ /* Display success or failure */ >+ status = libnet_join_ok(c->opt_workgroup, lp_netbios_name(), dc, >+ c->opt_kerberos); >+ if (!NT_STATUS_IS_OK(status)) { >+ fprintf(stderr,"Join to domain '%s' is not valid: %s\n", >+ domain, nt_errstr(status)); >+ talloc_destroy(mem_ctx); >+ return -1; >+ } >+ >+ printf("Join to '%s' is OK\n",domain); >+ talloc_destroy(mem_ctx); >+ >+ return 0; >+} >+ >+/** > * 'net rpc join' entrypoint. > * @param argc Standard main() style argc. > * @param argv Standard main() style argv. Initial components are already >diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c >index a6ef11b..8d7baab 100644 >--- a/source3/utils/net_rpc_join.c >+++ b/source3/utils/net_rpc_join.c >@@ -552,32 +552,3 @@ done: > > return retval; > } >- >-/** >- * check that a join is OK >- * >- * @return A shell status integer (0 for success) >- * >- **/ >-int net_rpc_testjoin(struct net_context *c, int argc, const char **argv) >-{ >- NTSTATUS nt_status; >- >- if (c->display_usage) { >- d_printf(_("Usage\n" >- "net rpc testjoin\n" >- " Test if a join is OK\n")); >- return 0; >- } >- >- /* Display success or failure */ >- nt_status = net_rpc_join_ok(c, c->opt_target_workgroup, NULL, NULL); >- if (!NT_STATUS_IS_OK(nt_status)) { >- fprintf(stderr, _("Join to domain '%s' is not valid: %s\n"), >- c->opt_target_workgroup, nt_errstr(nt_status)); >- return -1; >- } >- >- printf(_("Join to '%s' is OK\n"), c->opt_target_workgroup); >- return 0; >-} >-- >1.8.1.2 > > >From 3e4ded48bbeacdcd128f3c667cbdd12a3efca312 Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Tue, 3 Feb 2009 20:21:05 +0100 >Subject: [PATCH 48/67] s3-net: use libnetjoin for "net rpc join" newstyle. >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >Guenther > >Signed-off-by: Günther Deschner <gd@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/utils/net_proto.h | 8 +- > source3/utils/net_rpc.c | 106 +++++++++ > source3/utils/net_rpc_join.c | 554 ------------------------------------------- > source3/wscript_build | 2 +- > 4 files changed, 108 insertions(+), 562 deletions(-) > delete mode 100644 source3/utils/net_rpc_join.c > >diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h >index d791708..1809ba9 100644 >--- a/source3/utils/net_proto.h >+++ b/source3/utils/net_proto.h >@@ -146,6 +146,7 @@ int run_rpc_command(struct net_context *c, > const char **argv); > int net_rpc_changetrustpw(struct net_context *c, int argc, const char **argv); > int net_rpc_testjoin(struct net_context *c, int argc, const char **argv); >+int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv); > int net_rpc_join(struct net_context *c, int argc, const char **argv); > NTSTATUS rpc_info_internals(struct net_context *c, > const struct dom_sid *domain_sid, >@@ -200,13 +201,6 @@ int net_rpc(struct net_context *c, int argc, const char **argv); > > int net_rpc_audit(struct net_context *c, int argc, const char **argv); > >-/* The following definitions come from utils/net_rpc_join.c */ >- >-NTSTATUS net_rpc_join_ok(struct net_context *c, const char *domain, >- const char *server, >- const struct sockaddr_storage *server_ss); >-int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv); >- > /* The following definitions come from utils/net_rpc_printer.c */ > > NTSTATUS net_copy_fileattr(struct net_context *c, >diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c >index 3a70e99..ae8ebc0 100644 >--- a/source3/utils/net_rpc.c >+++ b/source3/utils/net_rpc.c >@@ -504,6 +504,112 @@ int net_rpc_testjoin(struct net_context *c, int argc, const char **argv) > } > > /** >+ * Join a domain using the administrator username and password >+ * >+ * @param argc Standard main() style argc >+ * @param argc Standard main() style argv. Initial components are already >+ * stripped. Currently not used. >+ * @return A shell status integer (0 for success) >+ * >+ **/ >+ >+int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) >+{ >+ struct libnet_JoinCtx *r = NULL; >+ TALLOC_CTX *mem_ctx; >+ WERROR werr; >+ const char *domain = lp_workgroup(); /* FIXME */ >+ bool modify_config = lp_config_backend_is_registry(); >+ enum netr_SchannelType sec_chan_type; >+ >+ if (c->display_usage) { >+ d_printf("Usage:\n" >+ "net rpc join\n" >+ " Join a domain the new way\n"); >+ return 0; >+ } >+ >+ mem_ctx = talloc_init("net_rpc_join_newstyle"); >+ if (!mem_ctx) { >+ return -1; >+ } >+ >+ werr = libnet_init_JoinCtx(mem_ctx, &r); >+ if (!W_ERROR_IS_OK(werr)) { >+ goto fail; >+ } >+ >+ /* >+ check what type of join - if the user want's to join as >+ a BDC, the server must agree that we are a BDC. >+ */ >+ if (argc >= 0) { >+ sec_chan_type = get_sec_channel_type(argv[0]); >+ } else { >+ sec_chan_type = get_sec_channel_type(NULL); >+ } >+ >+ if (!c->msg_ctx) { >+ d_fprintf(stderr, _("Could not initialise message context. " >+ "Try running as root\n")); >+ werr = WERR_ACCESS_DENIED; >+ goto fail; >+ } >+ >+ r->in.msg_ctx = c->msg_ctx; >+ r->in.domain_name = domain; >+ r->in.secure_channel_type = sec_chan_type; >+ r->in.dc_name = c->opt_host; >+ r->in.admin_account = c->opt_user_name; >+ r->in.admin_password = net_prompt_pass(c, c->opt_user_name); >+ r->in.debug = true; >+ r->in.use_kerberos = c->opt_kerberos; >+ r->in.modify_config = modify_config; >+ r->in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE | >+ WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE | >+ WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED; >+ >+ werr = libnet_Join(mem_ctx, r); >+ if (!W_ERROR_IS_OK(werr)) { >+ goto fail; >+ } >+ >+ /* Check the short name of the domain */ >+ >+ if (!modify_config && !strequal(lp_workgroup(), r->out.netbios_domain_name)) { >+ d_printf("The workgroup in %s does not match the short\n", get_dyn_CONFIGFILE()); >+ d_printf("domain name obtained from the server.\n"); >+ d_printf("Using the name [%s] from the server.\n", r->out.netbios_domain_name); >+ d_printf("You should set \"workgroup = %s\" in %s.\n", >+ r->out.netbios_domain_name, get_dyn_CONFIGFILE()); >+ } >+ >+ d_printf("Using short domain name -- %s\n", r->out.netbios_domain_name); >+ >+ if (r->out.dns_domain_name) { >+ d_printf("Joined '%s' to realm '%s'\n", r->in.machine_name, >+ r->out.dns_domain_name); >+ } else { >+ d_printf("Joined '%s' to domain '%s'\n", r->in.machine_name, >+ r->out.netbios_domain_name); >+ } >+ >+ TALLOC_FREE(mem_ctx); >+ >+ return 0; >+ >+fail: >+ /* issue an overall failure message at the end. */ >+ d_printf("Failed to join domain: %s\n", >+ r && r->out.error_string ? r->out.error_string : >+ get_friendly_werror_msg(werr)); >+ >+ TALLOC_FREE(mem_ctx); >+ >+ return -1; >+} >+ >+/** > * 'net rpc join' entrypoint. > * @param argc Standard main() style argc. > * @param argv Standard main() style argv. Initial components are already >diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c >deleted file mode 100644 >index 8d7baab..0000000 >--- a/source3/utils/net_rpc_join.c >+++ /dev/null >@@ -1,554 +0,0 @@ >-/* >- Samba Unix/Linux SMB client library >- Distributed SMB/CIFS Server Management Utility >- Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org) >- Copyright (C) Tim Potter 2001 >- Copyright (C) 2008 Guenther Deschner >- >- This program is free software; you can redistribute it and/or modify >- it under the terms of the GNU General Public License as published by >- the Free Software Foundation; either version 3 of the License, or >- (at your option) any later version. >- >- This program is distributed in the hope that it will be useful, >- but WITHOUT ANY WARRANTY; without even the implied warranty of >- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >- GNU General Public License for more details. >- >- You should have received a copy of the GNU General Public License >- along with this program. If not, see <http://www.gnu.org/licenses/>. */ >- >-#include "includes.h" >-#include "utils/net.h" >-#include "rpc_client/cli_pipe.h" >-#include "../libcli/auth/libcli_auth.h" >-#include "../librpc/gen_ndr/ndr_lsa_c.h" >-#include "rpc_client/cli_lsarpc.h" >-#include "../librpc/gen_ndr/ndr_samr_c.h" >-#include "rpc_client/init_samr.h" >-#include "../librpc/gen_ndr/ndr_netlogon.h" >-#include "rpc_client/cli_netlogon.h" >-#include "secrets.h" >-#include "rpc_client/init_lsa.h" >-#include "libsmb/libsmb.h" >-#include "../libcli/smb/smbXcli_base.h" >- >-/* Macro for checking RPC error codes to make things more readable */ >- >-#define CHECK_RPC_ERR(rpc, msg) \ >- if (!NT_STATUS_IS_OK(status = rpc)) { \ >- DEBUG(0, (msg ": %s\n", nt_errstr(status))); \ >- goto done; \ >- } >- >-#define CHECK_DCERPC_ERR(rpc, msg) \ >- if (!NT_STATUS_IS_OK(status = rpc)) { \ >- DEBUG(0, (msg ": %s\n", nt_errstr(status))); \ >- goto done; \ >- } \ >- if (!NT_STATUS_IS_OK(result)) { \ >- status = result; \ >- DEBUG(0, (msg ": %s\n", nt_errstr(result))); \ >- goto done; \ >- } >- >- >-#define CHECK_RPC_ERR_DEBUG(rpc, debug_args) \ >- if (!NT_STATUS_IS_OK(status = rpc)) { \ >- DEBUG(0, debug_args); \ >- goto done; \ >- } >- >-#define CHECK_DCERPC_ERR_DEBUG(rpc, debug_args) \ >- if (!NT_STATUS_IS_OK(status = rpc)) { \ >- DEBUG(0, debug_args); \ >- goto done; \ >- } \ >- if (!NT_STATUS_IS_OK(result)) { \ >- status = result; \ >- DEBUG(0, debug_args); \ >- goto done; \ >- } >- >- >-/** >- * confirm that a domain join is still valid >- * >- * @return A shell status integer (0 for success) >- * >- **/ >-NTSTATUS net_rpc_join_ok(struct net_context *c, const char *domain, >- const char *server, >- const struct sockaddr_storage *server_ss) >-{ >- enum security_types sec; >- unsigned int conn_flags = NET_FLAGS_PDC; >- uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; >- struct cli_state *cli = NULL; >- struct rpc_pipe_client *pipe_hnd = NULL; >- struct rpc_pipe_client *netlogon_pipe = NULL; >- NTSTATUS ntret = NT_STATUS_UNSUCCESSFUL; >- >- sec = (enum security_types)lp_security(); >- >- if (sec == SEC_ADS) { >- /* Connect to IPC$ using machine account's credentials. We don't use anonymous >- connection here, as it may be denied by server's local policy. */ >- net_use_machine_account(c); >- >- } else { >- /* some servers (e.g. WinNT) don't accept machine-authenticated >- smb connections */ >- conn_flags |= NET_FLAGS_ANONYMOUS; >- } >- >- /* Connect to remote machine */ >- ntret = net_make_ipc_connection_ex(c, domain, server, server_ss, >- conn_flags, &cli); >- if (!NT_STATUS_IS_OK(ntret)) { >- return ntret; >- } >- >- /* Setup the creds as though we're going to do schannel... */ >- ntret = get_schannel_session_key(cli, domain, &neg_flags, >- &netlogon_pipe); >- >- /* We return NT_STATUS_INVALID_NETWORK_RESPONSE if the server is refusing >- to negotiate schannel, but the creds were set up ok. That'll have to do. */ >- >- if (!NT_STATUS_IS_OK(ntret)) { >- if (NT_STATUS_EQUAL(ntret, NT_STATUS_INVALID_NETWORK_RESPONSE)) { >- cli_shutdown(cli); >- return NT_STATUS_OK; >- } else { >- DEBUG(0,("net_rpc_join_ok: failed to get schannel session " >- "key from server %s for domain %s. Error was %s\n", >- smbXcli_conn_remote_name(cli->conn), domain, nt_errstr(ntret) )); >- cli_shutdown(cli); >- return ntret; >- } >- } >- >- /* Only do the rest of the schannel test if the client is allowed to do this. */ >- if (!lp_client_schannel()) { >- cli_shutdown(cli); >- /* We're good... */ >- return ntret; >- } >- >- ntret = cli_rpc_pipe_open_schannel_with_key( >- cli, &ndr_table_netlogon, NCACN_NP, >- DCERPC_AUTH_LEVEL_PRIVACY, >- domain, &netlogon_pipe->dc, &pipe_hnd); >- >- if (!NT_STATUS_IS_OK(ntret)) { >- DEBUG(0,("net_rpc_join_ok: failed to open schannel session " >- "on netlogon pipe to server %s for domain %s. Error was %s\n", >- smbXcli_conn_remote_name(cli->conn), domain, nt_errstr(ntret) )); >- /* >- * Note: here, we have: >- * (pipe_hnd != NULL) if and only if NT_STATUS_IS_OK(ntret) >- */ >- } >- >- cli_shutdown(cli); >- return ntret; >-} >- >-/** >- * Join a domain using the administrator username and password >- * >- * @param argc Standard main() style argc >- * @param argc Standard main() style argv. Initial components are already >- * stripped. Currently not used. >- * @return A shell status integer (0 for success) >- * >- **/ >- >-int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) >-{ >- >- /* libsmb variables */ >- >- struct cli_state *cli; >- TALLOC_CTX *mem_ctx; >- uint32 acb_info = ACB_WSTRUST; >- uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; >- enum netr_SchannelType sec_channel_type; >- struct rpc_pipe_client *pipe_hnd = NULL; >- struct dcerpc_binding_handle *b = NULL; >- >- /* rpc variables */ >- >- struct policy_handle lsa_pol, sam_pol, domain_pol, user_pol; >- struct dom_sid *domain_sid; >- uint32 user_rid; >- >- /* Password stuff */ >- >- DATA_BLOB session_key = data_blob_null; >- char *clear_trust_password = NULL; >- struct samr_CryptPassword crypt_pwd; >- uchar md4_trust_password[16]; >- union samr_UserInfo set_info; >- >- /* Misc */ >- >- NTSTATUS status, result; >- int retval = 1; >- const char *domain = NULL; >- char *acct_name; >- struct lsa_String lsa_acct_name; >- uint32 acct_flags=0; >- uint32_t access_granted = 0; >- union lsa_PolicyInformation *info = NULL; >- struct samr_Ids user_rids; >- struct samr_Ids name_types; >- >- >- /* check what type of join */ >- if (argc >= 0) { >- sec_channel_type = get_sec_channel_type(argv[0]); >- } else { >- sec_channel_type = get_sec_channel_type(NULL); >- } >- >- switch (sec_channel_type) { >- case SEC_CHAN_WKSTA: >- acb_info = ACB_WSTRUST; >- break; >- case SEC_CHAN_BDC: >- acb_info = ACB_SVRTRUST; >- break; >-#if 0 >- case SEC_CHAN_DOMAIN: >- acb_info = ACB_DOMTRUST; >- break; >-#endif >- default: >- DEBUG(0,("secure channel type %d not yet supported\n", >- sec_channel_type)); >- break; >- } >- >- /* Make authenticated connection to remote machine */ >- >- status = net_make_ipc_connection(c, NET_FLAGS_PDC, &cli); >- if (!NT_STATUS_IS_OK(status)) { >- return 1; >- } >- >- if (!(mem_ctx = talloc_init("net_rpc_join_newstyle"))) { >- DEBUG(0, ("Could not initialise talloc context\n")); >- goto done; >- } >- >- /* Fetch domain sid */ >- >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc, >- &pipe_hnd); >- if (!NT_STATUS_IS_OK(status)) { >- DEBUG(0, ("Error connecting to LSA pipe. Error was %s\n", >- nt_errstr(status) )); >- goto done; >- } >- >- b = pipe_hnd->binding_handle; >- >- CHECK_RPC_ERR(rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, >- SEC_FLAG_MAXIMUM_ALLOWED, >- &lsa_pol), >- "error opening lsa policy handle"); >- >- CHECK_DCERPC_ERR(dcerpc_lsa_QueryInfoPolicy(b, mem_ctx, >- &lsa_pol, >- LSA_POLICY_INFO_ACCOUNT_DOMAIN, >- &info, >- &result), >- "error querying info policy"); >- >- domain = info->account_domain.name.string; >- domain_sid = info->account_domain.sid; >- >- dcerpc_lsa_Close(b, mem_ctx, &lsa_pol, &result); >- TALLOC_FREE(pipe_hnd); /* Done with this pipe */ >- >- /* Bail out if domain didn't get set. */ >- if (!domain) { >- DEBUG(0, ("Could not get domain name.\n")); >- goto done; >- } >- >- /* Create domain user */ >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr, >- &pipe_hnd); >- if (!NT_STATUS_IS_OK(status)) { >- DEBUG(0, ("Error connecting to SAM pipe. Error was %s\n", >- nt_errstr(status) )); >- goto done; >- } >- >- b = pipe_hnd->binding_handle; >- >- status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key); >- if (!NT_STATUS_IS_OK(status)) { >- DEBUG(0,("Error getting session_key of SAM pipe. Error was %s\n", >- nt_errstr(status))); >- goto done; >- } >- >- CHECK_DCERPC_ERR(dcerpc_samr_Connect2(b, mem_ctx, >- pipe_hnd->desthost, >- SAMR_ACCESS_ENUM_DOMAINS >- | SAMR_ACCESS_LOOKUP_DOMAIN, >- &sam_pol, >- &result), >- "could not connect to SAM database"); >- >- >- CHECK_DCERPC_ERR(dcerpc_samr_OpenDomain(b, mem_ctx, >- &sam_pol, >- SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 >- | SAMR_DOMAIN_ACCESS_CREATE_USER >- | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, >- domain_sid, >- &domain_pol, >- &result), >- "could not open domain"); >- >- /* Create domain user */ >- if ((acct_name = talloc_asprintf(mem_ctx, "%s$", lp_netbios_name())) == NULL) { >- status = NT_STATUS_NO_MEMORY; >- goto done; >- } >- if (!strlower_m(acct_name)) { >- status = NT_STATUS_INVALID_PARAMETER; >- goto done; >- } >- >- init_lsa_String(&lsa_acct_name, acct_name); >- >- acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE | >- SEC_STD_WRITE_DAC | SEC_STD_DELETE | >- SAMR_USER_ACCESS_SET_PASSWORD | >- SAMR_USER_ACCESS_GET_ATTRIBUTES | >- SAMR_USER_ACCESS_SET_ATTRIBUTES; >- >- DEBUG(10, ("Creating account with flags: %d\n",acct_flags)); >- >- status = dcerpc_samr_CreateUser2(b, mem_ctx, >- &domain_pol, >- &lsa_acct_name, >- acb_info, >- acct_flags, >- &user_pol, >- &access_granted, >- &user_rid, >- &result); >- if (!NT_STATUS_IS_OK(status)) { >- goto done; >- } >- if (!NT_STATUS_IS_OK(result) && >- !NT_STATUS_EQUAL(result, NT_STATUS_USER_EXISTS)) { >- status = result; >- d_fprintf(stderr,_("Creation of workstation account failed\n")); >- >- /* If NT_STATUS_ACCESS_DENIED then we have a valid >- username/password combo but the user does not have >- administrator access. */ >- >- if (NT_STATUS_V(result) == NT_STATUS_V(NT_STATUS_ACCESS_DENIED)) >- d_fprintf(stderr, _("User specified does not have " >- "administrator privileges\n")); >- >- goto done; >- } >- >- /* We *must* do this.... don't ask... */ >- >- if (NT_STATUS_IS_OK(result)) { >- dcerpc_samr_Close(b, mem_ctx, &user_pol, &result); >- } >- >- CHECK_DCERPC_ERR_DEBUG(dcerpc_samr_LookupNames(b, mem_ctx, >- &domain_pol, >- 1, >- &lsa_acct_name, >- &user_rids, >- &name_types, >- &result), >- ("error looking up rid for user %s: %s/%s\n", >- acct_name, nt_errstr(status), nt_errstr(result))); >- >- if (name_types.ids[0] != SID_NAME_USER) { >- DEBUG(0, ("%s is not a user account (type=%d)\n", acct_name, name_types.ids[0])); >- goto done; >- } >- >- user_rid = user_rids.ids[0]; >- >- /* Open handle on user */ >- >- CHECK_DCERPC_ERR_DEBUG( >- dcerpc_samr_OpenUser(b, mem_ctx, >- &domain_pol, >- SEC_FLAG_MAXIMUM_ALLOWED, >- user_rid, >- &user_pol, >- &result), >- ("could not re-open existing user %s: %s/%s\n", >- acct_name, nt_errstr(status), nt_errstr(result))); >- >- /* Create a random machine account password */ >- >- clear_trust_password = generate_random_password(talloc_tos(), >- DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH, >- DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); >- E_md4hash(clear_trust_password, md4_trust_password); >- >- /* Set password on machine account */ >- >- init_samr_CryptPassword(clear_trust_password, >- &session_key, >- &crypt_pwd); >- >- set_info.info24.password = crypt_pwd; >- set_info.info24.password_expired = PASS_DONT_CHANGE_AT_NEXT_LOGON; >- >- CHECK_DCERPC_ERR(dcerpc_samr_SetUserInfo2(b, mem_ctx, >- &user_pol, >- 24, >- &set_info, >- &result), >- "error setting trust account password"); >- >- /* Why do we have to try to (re-)set the ACB to be the same as what >- we passed in the samr_create_dom_user() call? When a NT >- workstation is joined to a domain by an administrator the >- acb_info is set to 0x80. For a normal user with "Add >- workstations to the domain" rights the acb_info is 0x84. I'm >- not sure whether it is supposed to make a difference or not. NT >- seems to cope with either value so don't bomb out if the set >- userinfo2 level 0x10 fails. -tpot */ >- >- set_info.info16.acct_flags = acb_info; >- >- /* Ignoring the return value is necessary for joining a domain >- as a normal user with "Add workstation to domain" privilege. */ >- >- status = dcerpc_samr_SetUserInfo(b, mem_ctx, >- &user_pol, >- 16, >- &set_info, >- &result); >- >- dcerpc_samr_Close(b, mem_ctx, &user_pol, &result); >- TALLOC_FREE(pipe_hnd); /* Done with this pipe */ >- >- /* Now check the whole process from top-to-bottom */ >- >- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon, >- &pipe_hnd); >- if (!NT_STATUS_IS_OK(status)) { >- DEBUG(0,("Error connecting to NETLOGON pipe. Error was %s\n", >- nt_errstr(status) )); >- goto done; >- } >- >- status = rpccli_netlogon_setup_creds(pipe_hnd, >- pipe_hnd->desthost, /* server name */ >- domain, /* domain */ >- lp_netbios_name(), /* client name */ >- lp_netbios_name(), /* machine account name */ >- md4_trust_password, >- sec_channel_type, >- &neg_flags); >- >- if (!NT_STATUS_IS_OK(status)) { >- DEBUG(0, ("Error in domain join verification (credential setup failed): %s\n\n", >- nt_errstr(status))); >- >- if ( NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) && >- (sec_channel_type == SEC_CHAN_BDC) ) { >- d_fprintf(stderr, _("Please make sure that no computer " >- "account\nnamed like this machine " >- "(%s) exists in the domain\n"), >- lp_netbios_name()); >- } >- >- goto done; >- } >- >- /* We can only check the schannel connection if the client is allowed >- to do this and the server supports it. If not, just assume success >- (after all the rpccli_netlogon_setup_creds() succeeded, and we'll >- do the same again (setup creds) in net_rpc_join_ok(). JRA. */ >- >- if (lp_client_schannel() && (neg_flags & NETLOGON_NEG_SCHANNEL)) { >- struct rpc_pipe_client *netlogon_schannel_pipe; >- >- status = cli_rpc_pipe_open_schannel_with_key( >- cli, &ndr_table_netlogon, NCACN_NP, >- DCERPC_AUTH_LEVEL_PRIVACY, domain, &pipe_hnd->dc, >- &netlogon_schannel_pipe); >- >- if (!NT_STATUS_IS_OK(status)) { >- DEBUG(0, ("Error in domain join verification (schannel setup failed): %s\n\n", >- nt_errstr(status))); >- >- if ( NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) && >- (sec_channel_type == SEC_CHAN_BDC) ) { >- d_fprintf(stderr, _("Please make sure that no " >- "computer account\nnamed " >- "like this machine (%s) " >- "exists in the domain\n"), >- lp_netbios_name()); >- } >- >- goto done; >- } >- TALLOC_FREE(netlogon_schannel_pipe); >- } >- >- TALLOC_FREE(pipe_hnd); >- >- /* Now store the secret in the secrets database */ >- >- if (!strupper_m(discard_const_p(char, domain))) { >- DEBUG(0, ("strupper_m %s failed\n", domain)); >- goto done; >- } >- >- if (!secrets_store_domain_sid(domain, domain_sid)) { >- DEBUG(0, ("error storing domain sid for %s\n", domain)); >- goto done; >- } >- >- if (!secrets_store_machine_password(clear_trust_password, domain, sec_channel_type)) { >- DEBUG(0, ("error storing plaintext domain secrets for %s\n", domain)); >- } >- >- /* double-check, connection from scratch */ >- status = net_rpc_join_ok(c, domain, smbXcli_conn_remote_name(cli->conn), >- smbXcli_conn_remote_sockaddr(cli->conn)); >- retval = NT_STATUS_IS_OK(status) ? 0 : -1; >- >-done: >- >- /* Display success or failure */ >- >- if (domain) { >- if (retval != 0) { >- fprintf(stderr,_("Unable to join domain %s.\n"),domain); >- } else { >- printf(_("Joined domain %s.\n"),domain); >- } >- } >- >- cli_shutdown(cli); >- >- TALLOC_FREE(clear_trust_password); >- data_blob_clear_free(&session_key); >- >- return retval; >-} >diff --git a/source3/wscript_build b/source3/wscript_build >index a8bdaf0..f7988a6 100755 >--- a/source3/wscript_build >+++ b/source3/wscript_build >@@ -504,7 +504,7 @@ LIBNET_SAMSYNC_SRC = '''libnet/libnet_samsync.c > > NET_SRC1 = '''utils/net.c utils/net_ads.c utils/net_help.c > utils/net_rap.c utils/net_rpc.c utils/net_rpc_samsync.c >- utils/net_rpc_join.c utils/net_time.c utils/net_lookup.c >+ utils/net_time.c utils/net_lookup.c > utils/net_cache.c utils/net_groupmap.c > utils/net_idmap.c utils/net_idmap_check.c > utils/interact.c >-- >1.8.1.2 > > >From 05d9b4165af9e7f03d3fbeb64db4fc305fcec4df Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Mon, 15 Jul 2013 13:28:34 +0200 >Subject: [PATCH 49/67] s3-net: avoid confusing output in net_rpc_oldjoin() if > NET_FLAGS_EXPECT_FALLBACK is passed > >"net rpc join" tries net_rpc_oldjoin() first and falls back to >net_rpc_join_newstyle(). We should not print the join failed >if just net_rpc_oldjoin() failed. > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/utils/net.h | 1 + > source3/utils/net_proto.h | 1 - > source3/utils/net_rpc.c | 15 +++++++++++++-- > 3 files changed, 14 insertions(+), 3 deletions(-) > >diff --git a/source3/utils/net.h b/source3/utils/net.h >index 2056d89..e97734a 100644 >--- a/source3/utils/net.h >+++ b/source3/utils/net.h >@@ -182,6 +182,7 @@ enum netdom_domain_t { ND_TYPE_NT4, ND_TYPE_AD }; > #define NET_FLAGS_SIGN 0x00000040 /* sign RPC connection */ > #define NET_FLAGS_SEAL 0x00000080 /* seal RPC connection */ > #define NET_FLAGS_TCP 0x00000100 /* use ncacn_ip_tcp */ >+#define NET_FLAGS_EXPECT_FALLBACK 0x00000200 /* the caller will fallback */ > > /* net share operation modes */ > #define NET_MODE_SHARE_MIGRATE 1 >diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h >index 1809ba9..25e9db2 100644 >--- a/source3/utils/net_proto.h >+++ b/source3/utils/net_proto.h >@@ -146,7 +146,6 @@ int run_rpc_command(struct net_context *c, > const char **argv); > int net_rpc_changetrustpw(struct net_context *c, int argc, const char **argv); > int net_rpc_testjoin(struct net_context *c, int argc, const char **argv); >-int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv); > int net_rpc_join(struct net_context *c, int argc, const char **argv); > NTSTATUS rpc_info_internals(struct net_context *c, > const struct dom_sid *domain_sid, >diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c >index ae8ebc0..e258ec6 100644 >--- a/source3/utils/net_rpc.c >+++ b/source3/utils/net_rpc.c >@@ -427,11 +427,16 @@ static int net_rpc_oldjoin(struct net_context *c, int argc, const char **argv) > return 0; > > fail: >+ if (c->opt_flags & NET_FLAGS_EXPECT_FALLBACK) { >+ goto cleanup; >+ } >+ > /* issue an overall failure message at the end. */ > d_fprintf(stderr, _("Failed to join domain: %s\n"), > r && r->out.error_string ? r->out.error_string : > get_friendly_werror_msg(werr)); > >+cleanup: > TALLOC_FREE(mem_ctx); > > return -1; >@@ -513,7 +518,7 @@ int net_rpc_testjoin(struct net_context *c, int argc, const char **argv) > * > **/ > >-int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) >+static int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) > { > struct libnet_JoinCtx *r = NULL; > TALLOC_CTX *mem_ctx; >@@ -623,6 +628,8 @@ fail: > > int net_rpc_join(struct net_context *c, int argc, const char **argv) > { >+ int ret; >+ > if (c->display_usage) { > d_printf("%s\n%s", > _("Usage:"), >@@ -650,8 +657,12 @@ int net_rpc_join(struct net_context *c, int argc, const char **argv) > return -1; > } > >- if ((net_rpc_oldjoin(c, argc, argv) == 0)) >+ c->opt_flags |= NET_FLAGS_EXPECT_FALLBACK; >+ ret = net_rpc_oldjoin(c, argc, argv); >+ c->opt_flags &= ~NET_FLAGS_EXPECT_FALLBACK; >+ if (ret == 0) { > return 0; >+ } > > return net_rpc_join_newstyle(c, argc, argv); > } >-- >1.8.1.2 > > >From 34fa7946993506fde2c6b30e4a41bea27390a814 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 16 Jul 2013 10:07:30 +0200 >Subject: [PATCH 50/67] s4:librpc: fix netlogon connections against servers > without AES support > >LogonGetCapabilities() only works on the credential chain if >the server supports AES, so we need to work on a temporary copy >until we know the server replied a valid return authenticator. > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source4/librpc/rpc/dcerpc_schannel.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > >diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c >index 1480486..130ebeb 100644 >--- a/source4/librpc/rpc/dcerpc_schannel.c >+++ b/source4/librpc/rpc/dcerpc_schannel.c >@@ -385,6 +385,7 @@ struct auth_schannel_state { > struct loadparm_context *lp_ctx; > uint8_t auth_level; > struct netlogon_creds_CredentialState *creds_state; >+ struct netlogon_creds_CredentialState save_creds_state; > struct netr_Authenticator auth; > struct netr_Authenticator return_auth; > union netr_Capabilities capabilities; >@@ -449,7 +450,8 @@ static void continue_bind_auth(struct composite_context *ctx) > s->creds_state = cli_credentials_get_netlogon_creds(s->credentials); > if (composite_nomem(s->creds_state, c)) return; > >- netlogon_creds_client_authenticator(s->creds_state, &s->auth); >+ s->save_creds_state = *s->creds_state; >+ netlogon_creds_client_authenticator(&s->save_creds_state, &s->auth); > > s->c.in.server_name = talloc_asprintf(c, > "\\\\%s", >@@ -519,12 +521,14 @@ static void continue_get_capabilities(struct tevent_req *subreq) > } > > /* verify credentials */ >- if (!netlogon_creds_client_check(s->creds_state, >+ if (!netlogon_creds_client_check(&s->save_creds_state, > &s->c.out.return_authenticator->cred)) { > composite_error(c, NT_STATUS_UNSUCCESSFUL); > return; > } > >+ *s->creds_state = s->save_creds_state; >+ > if (!NT_STATUS_IS_OK(s->c.out.result)) { > composite_error(c, s->c.out.result); > return; >-- >1.8.1.2 > > >From d54c908ff5bef774f5cca038741558089ff6baeb Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Fri, 22 Mar 2013 15:07:10 +0100 >Subject: [PATCH 51/67] s3:rpcclient: use talloc_stackframe() in do_cmd() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpcclient/rpcclient.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > >diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c >index c23ff2d..9bf296e 100644 >--- a/source3/rpcclient/rpcclient.c >+++ b/source3/rpcclient/rpcclient.c >@@ -678,7 +678,7 @@ static NTSTATUS do_cmd(struct cli_state *cli, > > /* Create mem_ctx */ > >- if (!(mem_ctx = talloc_init("do_cmd"))) { >+ if (!(mem_ctx = talloc_stackframe())) { > DEBUG(0, ("talloc_init() failed\n")); > return NT_STATUS_NO_MEMORY; > } >@@ -745,12 +745,14 @@ static NTSTATUS do_cmd(struct cli_state *cli, > "auth type %u\n", > cmd_entry->table->name, > pipe_default_auth_type )); >+ talloc_free(mem_ctx); > return NT_STATUS_UNSUCCESSFUL; > } > if (!NT_STATUS_IS_OK(ntresult)) { > DEBUG(0, ("Could not initialise %s. Error was %s\n", > cmd_entry->table->name, > nt_errstr(ntresult) )); >+ talloc_free(mem_ctx); > return ntresult; > } > >@@ -765,6 +767,7 @@ static NTSTATUS do_cmd(struct cli_state *cli, > trust_password, &machine_account, > &sec_channel_type)) > { >+ talloc_free(mem_ctx); > return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; > } > >@@ -780,6 +783,7 @@ static NTSTATUS do_cmd(struct cli_state *cli, > if (!NT_STATUS_IS_OK(ntresult)) { > DEBUG(0, ("Could not initialise credentials for %s.\n", > cmd_entry->table->name)); >+ talloc_free(mem_ctx); > return ntresult; > } > } >@@ -803,7 +807,7 @@ static NTSTATUS do_cmd(struct cli_state *cli, > > /* Cleanup */ > >- talloc_destroy(mem_ctx); >+ talloc_free(mem_ctx); > > return ntresult; > } >-- >1.8.1.2 > > >From 39fedd27182d9e1985418ea79b86aef69999dd57 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 24 Apr 2013 12:36:04 +0200 >Subject: [PATCH 52/67] libcli/auth: make > netlogon_creds_crypt_samlogon_validation more robust > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > libcli/auth/credentials.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > >diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c >index fb77ede..5c8b25b 100644 >--- a/libcli/auth/credentials.c >+++ b/libcli/auth/credentials.c >@@ -493,8 +493,12 @@ static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_Crede > bool encrypt) > { > static const char zeros[16]; >- > struct netr_SamBaseInfo *base = NULL; >+ >+ if (validation == NULL) { >+ return; >+ } >+ > switch (validation_level) { > case 2: > if (validation->sam2) { >-- >1.8.1.2 > > >From 291f6a1e031dc9db7d03b3ca924c4309b313cae5 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Fri, 14 Jun 2013 09:47:50 +0200 >Subject: [PATCH 53/67] libcli/auth: fix shadowed declaration in > netlogon_creds_crypt_samlogon_validation() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > libcli/auth/credentials.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > >diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c >index 5c8b25b..2e9c87e 100644 >--- a/libcli/auth/credentials.c >+++ b/libcli/auth/credentials.c >@@ -490,7 +490,7 @@ NTSTATUS netlogon_creds_server_step_check(struct netlogon_creds_CredentialState > static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, > uint16_t validation_level, > union netr_Validation *validation, >- bool encrypt) >+ bool do_encrypt) > { > static const char zeros[16]; > struct netr_SamBaseInfo *base = NULL; >@@ -531,7 +531,7 @@ static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_Crede > /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ > if (memcmp(base->key.key, zeros, > sizeof(base->key.key)) != 0) { >- if (encrypt) { >+ if (do_encrypt) { > netlogon_creds_aes_encrypt(creds, > base->key.key, > sizeof(base->key.key)); >@@ -544,7 +544,7 @@ static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_Crede > > if (memcmp(base->LMSessKey.key, zeros, > sizeof(base->LMSessKey.key)) != 0) { >- if (encrypt) { >+ if (do_encrypt) { > netlogon_creds_aes_encrypt(creds, > base->LMSessKey.key, > sizeof(base->LMSessKey.key)); >@@ -574,7 +574,7 @@ static void netlogon_creds_crypt_samlogon_validation(struct netlogon_creds_Crede > /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */ > if (memcmp(base->LMSessKey.key, zeros, > sizeof(base->LMSessKey.key)) != 0) { >- if (encrypt) { >+ if (do_encrypt) { > netlogon_creds_des_encrypt_LMKey(creds, > &base->LMSessKey); > } else { >-- >1.8.1.2 > > >From c7319fce604d5f89a89094b6b18ef459a347aef8 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 25 Apr 2013 17:01:00 +0200 >Subject: [PATCH 54/67] libcli/auth: add > netlogon_creds_[de|en]crypt_samlogon_logon() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > libcli/auth/credentials.c | 118 ++++++++++++++++++++++++++++++++++++++++++++++ > libcli/auth/proto.h | 6 +++ > 2 files changed, 124 insertions(+) > >diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c >index 2e9c87e..78a8d7a 100644 >--- a/libcli/auth/credentials.c >+++ b/libcli/auth/credentials.c >@@ -601,6 +601,124 @@ void netlogon_creds_encrypt_samlogon_validation(struct netlogon_creds_Credential > validation, true); > } > >+static void netlogon_creds_crypt_samlogon_logon(struct netlogon_creds_CredentialState *creds, >+ enum netr_LogonInfoClass level, >+ union netr_LogonLevel *logon, >+ bool encrypt) >+{ >+ static const char zeros[16]; >+ >+ if (logon == NULL) { >+ return; >+ } >+ >+ switch (level) { >+ case NetlogonInteractiveInformation: >+ case NetlogonInteractiveTransitiveInformation: >+ case NetlogonServiceInformation: >+ case NetlogonServiceTransitiveInformation: >+ if (logon->password == NULL) { >+ return; >+ } >+ >+ if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { >+ uint8_t *h; >+ >+ h = logon->password->lmpassword.hash; >+ if (memcmp(h, zeros, 16) != 0) { >+ if (encrypt) { >+ netlogon_creds_aes_encrypt(creds, h, 16); >+ } else { >+ netlogon_creds_aes_decrypt(creds, h, 16); >+ } >+ } >+ >+ h = logon->password->ntpassword.hash; >+ if (memcmp(h, zeros, 16) != 0) { >+ if (encrypt) { >+ netlogon_creds_aes_encrypt(creds, h, 16); >+ } else { >+ netlogon_creds_aes_decrypt(creds, h, 16); >+ } >+ } >+ } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { >+ uint8_t *h; >+ >+ h = logon->password->lmpassword.hash; >+ if (memcmp(h, zeros, 16) != 0) { >+ netlogon_creds_arcfour_crypt(creds, h, 16); >+ } >+ >+ h = logon->password->ntpassword.hash; >+ if (memcmp(h, zeros, 16) != 0) { >+ netlogon_creds_arcfour_crypt(creds, h, 16); >+ } >+ } else { >+ struct samr_Password *p; >+ >+ p = &logon->password->lmpassword; >+ if (memcmp(p->hash, zeros, 16) != 0) { >+ if (encrypt) { >+ netlogon_creds_des_encrypt(creds, p); >+ } else { >+ netlogon_creds_des_decrypt(creds, p); >+ } >+ } >+ p = &logon->password->ntpassword; >+ if (memcmp(p->hash, zeros, 16) != 0) { >+ if (encrypt) { >+ netlogon_creds_des_encrypt(creds, p); >+ } else { >+ netlogon_creds_des_decrypt(creds, p); >+ } >+ } >+ } >+ break; >+ >+ case NetlogonNetworkInformation: >+ case NetlogonNetworkTransitiveInformation: >+ break; >+ >+ case NetlogonGenericInformation: >+ if (logon->generic == NULL) { >+ return; >+ } >+ >+ if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { >+ if (encrypt) { >+ netlogon_creds_aes_encrypt(creds, >+ logon->generic->data, >+ logon->generic->length); >+ } else { >+ netlogon_creds_aes_decrypt(creds, >+ logon->generic->data, >+ logon->generic->length); >+ } >+ } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { >+ netlogon_creds_arcfour_crypt(creds, >+ logon->generic->data, >+ logon->generic->length); >+ } else { >+ /* Using DES to verify kerberos tickets makes no sense */ >+ } >+ break; >+ } >+} >+ >+void netlogon_creds_decrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds, >+ enum netr_LogonInfoClass level, >+ union netr_LogonLevel *logon) >+{ >+ netlogon_creds_crypt_samlogon_logon(creds, level, logon, false); >+} >+ >+void netlogon_creds_encrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds, >+ enum netr_LogonInfoClass level, >+ union netr_LogonLevel *logon) >+{ >+ netlogon_creds_crypt_samlogon_logon(creds, level, logon, true); >+} >+ > /* > copy a netlogon_creds_CredentialState struct > */ >diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h >index 6bc18d7..110e039 100644 >--- a/libcli/auth/proto.h >+++ b/libcli/auth/proto.h >@@ -64,6 +64,12 @@ void netlogon_creds_decrypt_samlogon_validation(struct netlogon_creds_Credential > void netlogon_creds_encrypt_samlogon_validation(struct netlogon_creds_CredentialState *creds, > uint16_t validation_level, > union netr_Validation *validation); >+void netlogon_creds_decrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds, >+ enum netr_LogonInfoClass level, >+ union netr_LogonLevel *logon); >+void netlogon_creds_encrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds, >+ enum netr_LogonInfoClass level, >+ union netr_LogonLevel *logon); > > /* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/session.c */ > >-- >1.8.1.2 > > >From 2ea749a1a43a6539b01d36dbe0402a99619444e1 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 24 Apr 2013 12:53:27 +0200 >Subject: [PATCH 55/67] libcli/auth: add netlogon_creds_shallow_copy_logon() > >This can be used before netlogon_creds_encrypt_samlogon_logon() >in order to keep the provided buffers unchanged. > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > libcli/auth/credentials.c | 73 +++++++++++++++++++++++++++++++++++++++++++++++ > libcli/auth/proto.h | 3 ++ > 2 files changed, 76 insertions(+) > >diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c >index 78a8d7a..1f664d3 100644 >--- a/libcli/auth/credentials.c >+++ b/libcli/auth/credentials.c >@@ -719,6 +719,79 @@ void netlogon_creds_encrypt_samlogon_logon(struct netlogon_creds_CredentialState > netlogon_creds_crypt_samlogon_logon(creds, level, logon, true); > } > >+union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx, >+ enum netr_LogonInfoClass level, >+ const union netr_LogonLevel *in) >+{ >+ union netr_LogonLevel *out; >+ >+ if (in == NULL) { >+ return NULL; >+ } >+ >+ out = talloc(mem_ctx, union netr_LogonLevel); >+ if (out == NULL) { >+ return NULL; >+ } >+ >+ *out = *in; >+ >+ switch (level) { >+ case NetlogonInteractiveInformation: >+ case NetlogonInteractiveTransitiveInformation: >+ case NetlogonServiceInformation: >+ case NetlogonServiceTransitiveInformation: >+ if (in->password == NULL) { >+ return out; >+ } >+ >+ out->password = talloc(out, struct netr_PasswordInfo); >+ if (out->password == NULL) { >+ talloc_free(out); >+ return NULL; >+ } >+ *out->password = *in->password; >+ >+ return out; >+ >+ case NetlogonNetworkInformation: >+ case NetlogonNetworkTransitiveInformation: >+ break; >+ >+ case NetlogonGenericInformation: >+ if (in->generic == NULL) { >+ return out; >+ } >+ >+ out->generic = talloc(out, struct netr_GenericInfo); >+ if (out->generic == NULL) { >+ talloc_free(out); >+ return NULL; >+ } >+ *out->generic = *in->generic; >+ >+ if (in->generic->data == NULL) { >+ return out; >+ } >+ >+ if (in->generic->length == 0) { >+ return out; >+ } >+ >+ out->generic->data = talloc_memdup(out->generic, >+ in->generic->data, >+ in->generic->length); >+ if (out->generic->data == NULL) { >+ talloc_free(out); >+ return NULL; >+ } >+ >+ return out; >+ } >+ >+ return out; >+} >+ > /* > copy a netlogon_creds_CredentialState struct > */ >diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h >index 110e039..0c319d3 100644 >--- a/libcli/auth/proto.h >+++ b/libcli/auth/proto.h >@@ -70,6 +70,9 @@ void netlogon_creds_decrypt_samlogon_logon(struct netlogon_creds_CredentialState > void netlogon_creds_encrypt_samlogon_logon(struct netlogon_creds_CredentialState *creds, > enum netr_LogonInfoClass level, > union netr_LogonLevel *logon); >+union netr_LogonLevel *netlogon_creds_shallow_copy_logon(TALLOC_CTX *mem_ctx, >+ enum netr_LogonInfoClass level, >+ const union netr_LogonLevel *in); > > /* The following definitions come from /home/jeremy/src/samba/git/master/source3/../source4/../libcli/auth/session.c */ > >-- >1.8.1.2 > > >From 9d548318da11247ffe8acf505cdb5299090c16f0 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 24 Apr 2013 16:00:18 +0200 >Subject: [PATCH 56/67] s4:netlogon: make use of > netlogon_creds_decrypt_samlogon_logon() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source4/rpc_server/netlogon/dcerpc_netlogon.c | 28 ++++++--------------------- > 1 file changed, 6 insertions(+), 22 deletions(-) > >diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c >index d463e85..5cc3b34 100644 >--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c >+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c >@@ -629,29 +629,15 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal > user_info = talloc_zero(mem_ctx, struct auth_usersupplied_info); > NT_STATUS_HAVE_NO_MEMORY(user_info); > >+ netlogon_creds_decrypt_samlogon_logon(creds, >+ r->in.logon_level, >+ r->in.logon); >+ > switch (r->in.logon_level) { > case NetlogonInteractiveInformation: > case NetlogonServiceInformation: > case NetlogonInteractiveTransitiveInformation: > case NetlogonServiceTransitiveInformation: >- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { >- netlogon_creds_aes_decrypt(creds, >- r->in.logon->password->lmpassword.hash, >- sizeof(r->in.logon->password->lmpassword.hash)); >- netlogon_creds_aes_decrypt(creds, >- r->in.logon->password->ntpassword.hash, >- sizeof(r->in.logon->password->ntpassword.hash)); >- } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { >- netlogon_creds_arcfour_crypt(creds, >- r->in.logon->password->lmpassword.hash, >- sizeof(r->in.logon->password->lmpassword.hash)); >- netlogon_creds_arcfour_crypt(creds, >- r->in.logon->password->ntpassword.hash, >- sizeof(r->in.logon->password->ntpassword.hash)); >- } else { >- netlogon_creds_des_decrypt(creds, &r->in.logon->password->lmpassword); >- netlogon_creds_des_decrypt(creds, &r->in.logon->password->ntpassword); >- } > > /* TODO: we need to deny anonymous access here */ > nt_status = auth_context_create(mem_ctx, >@@ -705,11 +691,9 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal > case NetlogonGenericInformation: > { > if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { >- netlogon_creds_aes_decrypt(creds, >- r->in.logon->generic->data, r->in.logon->generic->length); >+ /* OK */ > } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { >- netlogon_creds_arcfour_crypt(creds, >- r->in.logon->generic->data, r->in.logon->generic->length); >+ /* OK */ > } else { > /* Using DES to verify kerberos tickets makes no sense */ > return NT_STATUS_INVALID_PARAMETER; >-- >1.8.1.2 > > >From 7b3ddd1a0bb41fe84c115555113362044620e484 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 24 Apr 2013 16:00:44 +0200 >Subject: [PATCH 57/67] s3:netlogon: make use of > netlogon_creds_decrypt_samlogon_logon() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_server/netlogon/srv_netlog_nt.c | 45 ++++++++++++++--------------- > 1 file changed, 21 insertions(+), 24 deletions(-) > >diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c >index 6a6c125..4f66dfe 100644 >--- a/source3/rpc_server/netlogon/srv_netlog_nt.c >+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c >@@ -1467,6 +1467,15 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p, > struct auth_context *auth_context = NULL; > const char *fn; > >+#ifdef DEBUG_PASSWORD >+ logon = netlogon_creds_shallow_copy_logon(p->mem_ctx, >+ r->in.logon_level, >+ r->in.logon); >+ if (logon == NULL) { >+ logon = r->in.logon; >+ } >+#endif >+ > switch (p->opnum) { > case NDR_NETR_LOGONSAMLOGON: > fn = "_netr_LogonSamLogon"; >@@ -1547,6 +1556,10 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p, > > status = NT_STATUS_OK; > >+ netlogon_creds_decrypt_samlogon_logon(creds, >+ r->in.logon_level, >+ logon); >+ > switch (r->in.logon_level) { > case NetlogonNetworkInformation: > case NetlogonNetworkTransitiveInformation: >@@ -1592,32 +1605,16 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p, > uint8_t chal[8]; > > #ifdef DEBUG_PASSWORD >- DEBUG(100,("lm owf password:")); >- dump_data(100, logon->password->lmpassword.hash, 16); >- >- DEBUG(100,("nt owf password:")); >- dump_data(100, logon->password->ntpassword.hash, 16); >-#endif >- if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { >- netlogon_creds_aes_decrypt(creds, >- logon->password->lmpassword.hash, >- 16); >- netlogon_creds_aes_decrypt(creds, >- logon->password->ntpassword.hash, >- 16); >- } else if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { >- netlogon_creds_arcfour_crypt(creds, >- logon->password->lmpassword.hash, >- 16); >- netlogon_creds_arcfour_crypt(creds, >- logon->password->ntpassword.hash, >- 16); >- } else { >- netlogon_creds_des_decrypt(creds, &logon->password->lmpassword); >- netlogon_creds_des_decrypt(creds, &logon->password->ntpassword); >+ if (logon != r->in.logon) { >+ DEBUG(100,("lm owf password:")); >+ dump_data(100, >+ r->in.logon->password->lmpassword.hash, 16); >+ >+ DEBUG(100,("nt owf password:")); >+ dump_data(100, >+ r->in.logon->password->ntpassword.hash, 16); > } > >-#ifdef DEBUG_PASSWORD > DEBUG(100,("decrypt of lm owf password:")); > dump_data(100, logon->password->lmpassword.hash, 16); > >-- >1.8.1.2 > > >From 6ce645e03c279cbb2ed8a94f033b8e0601b61ef4 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 25 Apr 2013 18:27:57 +0200 >Subject: [PATCH 58/67] s3:rpc_client: make rpccli_schannel_bind_data() static > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 9 +++++---- > source3/rpc_client/cli_pipe.h | 6 ------ > 2 files changed, 5 insertions(+), 10 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index 1e296ee..068510a 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2373,10 +2373,11 @@ static NTSTATUS rpccli_generic_bind_data(TALLOC_CTX *mem_ctx, > return status; > } > >-NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, const char *domain, >- enum dcerpc_AuthLevel auth_level, >- struct netlogon_creds_CredentialState *creds, >- struct pipe_auth_data **presult) >+static NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, >+ const char *domain, >+ enum dcerpc_AuthLevel auth_level, >+ struct netlogon_creds_CredentialState *creds, >+ struct pipe_auth_data **presult) > { > struct schannel_state *schannel_auth; > struct pipe_auth_data *result; >diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h >index 6fcc587..8eb6040 100644 >--- a/source3/rpc_client/cli_pipe.h >+++ b/source3/rpc_client/cli_pipe.h >@@ -58,12 +58,6 @@ NTSTATUS rpccli_ncalrpc_bind_data(TALLOC_CTX *mem_ctx, > NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx, > struct pipe_auth_data **presult); > >-NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, >- const char *domain, >- enum dcerpc_AuthLevel auth_level, >- struct netlogon_creds_CredentialState *creds, >- struct pipe_auth_data **presult); >- > NTSTATUS rpc_pipe_open_tcp(TALLOC_CTX *mem_ctx, > const char *host, > const struct sockaddr_storage *ss_addr, >-- >1.8.1.2 > > >From 8a302fc353de8d373a0ec8544da4da6f305ec923 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 25 Apr 2013 18:29:31 +0200 >Subject: [PATCH 59/67] s3:rpc_client: use the correct context for > netlogon_creds_copy() in rpccli_schannel_bind_data() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index 068510a..b4a4bed 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -2403,7 +2403,10 @@ static NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, > > schannel_auth->state = SCHANNEL_STATE_START; > schannel_auth->initiator = true; >- schannel_auth->creds = netlogon_creds_copy(result, creds); >+ schannel_auth->creds = netlogon_creds_copy(schannel_auth, creds); >+ if (schannel_auth->creds == NULL) { >+ goto fail; >+ } > > result->auth_ctx = schannel_auth; > *presult = result; >-- >1.8.1.2 > > >From 94be8d63cd21fbb9e31bf7a92af82e19c596f94f Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 25 Apr 2013 19:43:58 +0200 >Subject: [PATCH 60/67] s3:rpc_client: rename same variables in > cli_rpc_pipe_open_schannel_with_key() > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >--- > source3/rpc_client/cli_pipe.c | 30 +++++++++++++++--------------- > 1 file changed, 15 insertions(+), 15 deletions(-) > >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index b4a4bed..a935030 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -3004,32 +3004,32 @@ NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, > enum dcerpc_AuthLevel auth_level, > const char *domain, > struct netlogon_creds_CredentialState **pdc, >- struct rpc_pipe_client **presult) >+ struct rpc_pipe_client **_rpccli) > { >- struct rpc_pipe_client *result; >- struct pipe_auth_data *auth; >+ struct rpc_pipe_client *rpccli; >+ struct pipe_auth_data *rpcauth; > NTSTATUS status; > >- status = cli_rpc_pipe_open(cli, transport, table, &result); >+ status = cli_rpc_pipe_open(cli, transport, table, &rpccli); > if (!NT_STATUS_IS_OK(status)) { > return status; > } > >- status = rpccli_schannel_bind_data(result, domain, auth_level, >- *pdc, &auth); >+ status = rpccli_schannel_bind_data(rpccli, domain, auth_level, >+ *pdc, &rpcauth); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0, ("rpccli_schannel_bind_data returned %s\n", > nt_errstr(status))); >- TALLOC_FREE(result); >+ TALLOC_FREE(rpccli); > return status; > } > >- status = rpc_pipe_bind(result, auth); >+ status = rpc_pipe_bind(rpccli, rpcauth); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: " > "cli_rpc_pipe_bind failed with error %s\n", > nt_errstr(status) )); >- TALLOC_FREE(result); >+ TALLOC_FREE(rpccli); > return status; > } > >@@ -3037,10 +3037,10 @@ NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, > * The credentials on a new netlogon pipe are the ones we are passed > * in - copy them over > */ >- if (result->dc == NULL) { >- result->dc = netlogon_creds_copy(result, *pdc); >- if (result->dc == NULL) { >- TALLOC_FREE(result); >+ if (rpccli->dc == NULL) { >+ rpccli->dc = netlogon_creds_copy(rpccli, *pdc); >+ if (rpccli->dc == NULL) { >+ TALLOC_FREE(rpccli); > return NT_STATUS_NO_MEMORY; > } > } >@@ -3048,9 +3048,9 @@ NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, > DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s " > "for domain %s and bound using schannel.\n", > get_pipe_name_from_syntax(talloc_tos(), &table->syntax_id), >- result->desthost, domain)); >+ rpccli->desthost, domain)); > >- *presult = result; >+ *_rpccli = rpccli; > return NT_STATUS_OK; > } > >-- >1.8.1.2 > > >From 6659f0164c6b8d7ad522bcd6c2c6748c3d9bca81 Mon Sep 17 00:00:00 2001 >From: Andreas Schneider <asn@samba.org> >Date: Mon, 5 Aug 2013 09:25:11 +0200 >Subject: [PATCH 61/67] s3-libads: Print a message if no realm has been > specified. > >Signed-off-by: Andreas Schneider <asn@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> > >Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> >Autobuild-Date(master): Mon Aug 5 12:24:44 CEST 2013 on sn-devel-104 >--- > source3/libads/kerberos.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > >diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c >index bb74305..b026e09 100644 >--- a/source3/libads/kerberos.c >+++ b/source3/libads/kerberos.c >@@ -839,7 +839,13 @@ bool create_local_private_krb5_conf_for_domain(const char *realm, > return false; > } > >- if (!realm || !domain || !pss || !kdc_name) { >+ if (realm == NULL) { >+ DEBUG(0, ("No realm has been specified! Do you really want to " >+ "join an Active Directory server?\n")); >+ return false; >+ } >+ >+ if (domain == NULL || pss == NULL || kdc_name == NULL) { > return false; > } > >-- >1.8.1.2 > > >From c8d8bb257ac390c89c4238ed86dfef02750b6049 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Wed, 10 Jul 2013 17:10:17 -0700 >Subject: [PATCH 62/67] Fix bug #10010 - Missing integer wrap protection in EA > list reading can cause server to loop with DOS. > >Ensure we never wrap whilst adding client provided input. > >Signed-off-by: Jeremy Allison <jra@samba.org> >--- > source3/smbd/nttrans.c | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > >diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c >index 800e2fd..bcba29a 100644 >--- a/source3/smbd/nttrans.c >+++ b/source3/smbd/nttrans.c >@@ -990,7 +990,19 @@ struct ea_list *read_nttrans_ea_list(TALLOC_CTX *ctx, const char *pdata, size_t > if (next_offset == 0) { > break; > } >+ >+ /* Integer wrap protection for the increment. */ >+ if (offset + next_offset < offset) { >+ break; >+ } >+ > offset += next_offset; >+ >+ /* Integer wrap protection for while loop. */ >+ if (offset + 4 < offset) { >+ break; >+ } >+ > } > > return ea_list_head; >-- >1.8.1.2 > > >From c4cba824d9e4bb31e1b6a901e994ffdfd3ad522e Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Thu, 11 Jul 2013 09:36:01 -0700 >Subject: [PATCH 63/67] Fix bug #10010 - Missing integer wrap protection in EA > list reading can cause server to loop with DOS. > >Fix client-side parsing also. Found by David Disseldorp <ddiss@suse.de> > >Signed-off-by: Jeremy Allison <jra@samba.org> > >Autobuild-User(master): Karolin Seeger <kseeger@samba.org> >Autobuild-Date(master): Mon Aug 5 14:39:04 CEST 2013 on sn-devel-104 >--- > source4/libcli/raw/raweas.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > >diff --git a/source4/libcli/raw/raweas.c b/source4/libcli/raw/raweas.c >index 5f06e70..b626b31 100644 >--- a/source4/libcli/raw/raweas.c >+++ b/source4/libcli/raw/raweas.c >@@ -243,9 +243,12 @@ NTSTATUS ea_pull_list_chained(const DATA_BLOB *blob, > return NT_STATUS_INVALID_PARAMETER; > } > >- ofs += next_ofs; >+ if (ofs + next_ofs < ofs) { >+ return NT_STATUS_INVALID_PARAMETER; >+ } > >- if (ofs+4 > blob->length) { >+ ofs += next_ofs; >+ if (ofs+4 > blob->length || ofs+4 < ofs) { > return NT_STATUS_INVALID_PARAMETER; > } > n++; >-- >1.8.1.2 > > >From 09359c1d60e528fe4a4f1233722a090d1f7d1297 Mon Sep 17 00:00:00 2001 >From: Christian Ambach <ambi@samba.org> >Date: Thu, 20 Jun 2013 18:26:04 +0200 >Subject: [PATCH 64/67] waf: fix build on AIX7 > >the same works for AIX 5,6,7 so leave away the version specifics (as autoconf build did) > >Signed-off-by: Christian Ambach <ambi@samba.org> >--- > buildtools/wafsamba/wscript | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/buildtools/wafsamba/wscript b/buildtools/wafsamba/wscript >index 17aef27..d115b5f 100755 >--- a/buildtools/wafsamba/wscript >+++ b/buildtools/wafsamba/wscript >@@ -322,7 +322,7 @@ def configure(conf): > else: > conf.env.HAVE_LD_VERSION_SCRIPT = False > >- if sys.platform == "aix5" or sys.platform == "aix6": >+ if sys.platform.startswith('aix'): > conf.DEFINE('_ALL_SOURCE', 1, add_to_cflags=True) > # Might not be needed if ALL_SOURCE is defined > # conf.DEFINE('_XOPEN_SOURCE', 600, add_to_cflags=True) >-- >1.8.1.2 > > >From e812222815d2803e6ab5ca1bac317576c035e2eb Mon Sep 17 00:00:00 2001 >From: Christian Ambach <ambi@samba.org> >Date: Tue, 25 Jun 2013 18:37:35 +0200 >Subject: [PATCH 65/67] waf: add --without-gettext option > >Signed-off-by: Christian Ambach <ambi@samba.org> >--- > buildtools/wafsamba/wscript | 3 +++ > 1 file changed, 3 insertions(+) > >diff --git a/buildtools/wafsamba/wscript b/buildtools/wafsamba/wscript >index d115b5f..fe2e515 100755 >--- a/buildtools/wafsamba/wscript >+++ b/buildtools/wafsamba/wscript >@@ -82,6 +82,9 @@ def set_options(opt): > help='additional directory to search for gettext', > action='store', dest='gettext_location', default='/usr/local', > match = ['Checking for library intl', 'Checking for header libintl.h']) >+ opt.add_option('--without-gettext', >+ help=("Disable use of gettext"), >+ action="store_true", dest='disable_gettext', default=False) > > gr = opt.option_group('developer options') > >-- >1.8.1.2 > > >From 7f9a9a46a82c20ce52b2dfd92f4b5a9cbb58e532 Mon Sep 17 00:00:00 2001 >From: Christian Ambach <ambi@samba.org> >Date: Thu, 1 Aug 2013 22:28:05 +0200 >Subject: [PATCH 66/67] waf: consolidate libintl related checks > >consolidate the dealing with functions from libintl and the >handling of checking if libiconv is required or not >to a common place in lib/replace > >also add a new samba_intl subsystem that has dependencies >on the appropriate set of libraries (libintl, libintl+libiconv or none) >that can be used as a general dependency by code that depends >on the internationalization libraries > >Signed-off-by: Christian Ambach <ambi@samba.org> >--- > lib/replace/wscript | 38 ++++++++++++++++++++++++--------- > source3/wscript | 9 ++++---- > source4/heimdal_build/wscript_configure | 4 +--- > 3 files changed, 33 insertions(+), 18 deletions(-) > >diff --git a/lib/replace/wscript b/lib/replace/wscript >index 2117f56..0867e77 100644 >--- a/lib/replace/wscript >+++ b/lib/replace/wscript >@@ -89,7 +89,7 @@ struct foo bar = { .y = 'X', .x = 1 }; > sys/sockio.h sys/un.h''', together=True) > conf.CHECK_HEADERS('sys/uio.h ifaddrs.h direct.h dirent.h') > conf.CHECK_HEADERS('windows.h winsock2.h ws2tcpip.h') >- conf.CHECK_HEADERS('libintl.h errno.h') >+ conf.CHECK_HEADERS('errno.h') > conf.CHECK_HEADERS('gcrypt.h getopt.h iconv.h') > conf.CHECK_HEADERS('sys/inotify.h memory.h nss.h sasl/sasl.h') > conf.CHECK_HEADERS('security/pam_appl.h zlib.h asm/unistd.h') >@@ -363,17 +363,33 @@ removeea setea > headers='netinet/in.h arpa/nameser.h resolv.h') > > >- if not conf.CHECK_FUNCS_IN('gettext', 'intl', checklibc=True, headers='libintl.h'): >- # Some hosts need lib iconv for linking with lib intl >- # So we try with flags just in case it helps. >- oldflags = conf.env['LDFLAGS_INTL'] >- conf.env['LDFLAGS_INTL'] = "-liconv" >- if not conf.CHECK_LIB('intl'): >- conf.env['LDFLAGS_INTL'] = oldflags >+ conf.env.intl_libs='' >+ if not Options.options.disable_gettext: >+ conf.CHECK_HEADERS('libintl.h') >+ conf.CHECK_LIB('intl') >+ # *textdomain functions are not strictly necessary >+ conf.CHECK_FUNCS_IN('bindtextdomain textdomain bind_textdomain_codeset', >+ 'intl', checklibc=True, headers='libintl.h') >+ # gettext and dgettext must exist >+ if conf.CHECK_FUNCS_IN('dgettext gettext', 'intl', checklibc=True, headers='libintl.h'): >+ # save for dependency definitions >+ conf.env.intl_libs='intl' > else: >- conf.CHECK_FUNCS_IN('gettext', 'intl', checklibc=True, headers='libintl.h') >+ # Some hosts need lib iconv for linking with lib intl >+ # So we try with flags just in case it helps. >+ oldflags = conf.env['EXTRA_LDFLAGS']; >+ conf.env['EXTRA_LDFLAGS'].extend("-liconv") >+ conf.CHECK_FUNCS_IN('dgettext gettext bindtextdomain textdomain bind_textdomain_codeset', >+ 'intl', headers='libintl.h') >+ conf.env['EXTRA_LDFLAGS'] = oldflags >+ if conf.env['HAVE_GETTEXT'] and conf.env['HAVE_DGETTEXT']: >+ # save for dependency definitions >+ conf.env.intl_libs='iconv intl' >+ else: >+ conf.fatal('library gettext not found, try specifying the path to ' + >+ 'it with --with-gettext=</path/to/gettext> or ' + >+ '--without-gettext to build without''') > >- conf.CHECK_FUNCS_IN('dgettext gettext', 'intl', headers='libintl.h') > conf.CHECK_FUNCS_IN('pthread_create', 'pthread', checklibc=True, headers='pthread.h') > > conf.CHECK_FUNCS_IN('crypt', 'crypt', checklibc=True) >@@ -627,6 +643,8 @@ def build(bld): > target='stdbool.h', > enabled = not bld.CONFIG_SET('HAVE_STDBOOL_H')) > >+ bld.SAMBA_SUBSYSTEM('samba_intl', source='', use_global_deps=False,deps=bld.env.intl_libs) >+ > def dist(): > '''makes a tarball for distribution''' > samba_dist.dist() >diff --git a/source3/wscript b/source3/wscript >index 3c0145b..271314d 100644 >--- a/source3/wscript >+++ b/source3/wscript >@@ -98,7 +98,6 @@ def configure(conf): > conf.CHECK_FUNCS('memalign posix_memalign hstrerror') > conf.CHECK_FUNCS('shmget') > conf.CHECK_FUNCS_IN('shm_open', 'rt', checklibc=True) >- conf.CHECK_FUNCS('gettext dgettext bindtextdomain textdomain bind_textdomain_codeset') > #FIXME: for some reason this one still fails > conf.CHECK_FUNCS_IN('yp_get_default_domain', 'nsl') > conf.CHECK_FUNCS_IN('dn_expand _dn_expand __dn_expand', 'resolv') >@@ -331,8 +330,8 @@ if (0) { > > conf.CHECK_FUNCS(''' > _acl __acl atexit >-bindtextdomain _chdir __chdir chflags chmod _close __close _closedir >-__closedir crypt16 devnm dgettext dirfd >+ _chdir __chdir chflags chmod _close __close _closedir >+__closedir crypt16 devnm dirfd > DNSServiceRegister _dup __dup _dup2 __dup2 endmntent execl > _facl __facl _fchdir > __fchdir fchmod fchown _fcntl __fcntl fcvt fcvtl fdatasync >@@ -341,7 +340,7 @@ fsetxattr _fstat __fstat fsync > futimens futimes __fxstat getauthuid > getcwd _getcwd __getcwd getdents __getdents getdirentries > getgrent getgrnam getgrouplist getgrset getmntent getpagesize >-getpwanam getpwent_r getrlimit gettext >+getpwanam getpwent_r getrlimit > glob grantpt hstrerror initgroups innetgr > llseek _llseek __llseek _lseek __lseek > _lstat __lstat lutimes >@@ -357,7 +356,7 @@ setmntent setpgid setpriv setsid setuidx > shmget shm_open sigaction sigblock sigprocmask sigset > _stat __stat statvfs > strcasecmp strchr strpbrk strsignal strtol strupr sysconf sysctl sysctlbyname >-__sys_llseek syslog _telldir __telldir textdomain timegm >+__sys_llseek syslog _telldir __telldir timegm > utimensat vsyslog _write __write __xstat > ''') > >diff --git a/source4/heimdal_build/wscript_configure b/source4/heimdal_build/wscript_configure >index 2bb465a..bed63d6 100755 >--- a/source4/heimdal_build/wscript_configure >+++ b/source4/heimdal_build/wscript_configure >@@ -19,7 +19,7 @@ conf.CHECK_HEADERS('ifaddrs.h') > conf.CHECK_HEADERS('''crypt.h errno.h inttypes.h netdb.h signal.h sys/bswap.h > sys/file.h sys/stropts.h sys/timeb.h sys/times.h sys/uio.h sys/un.h > sys/utsname.h time.h timezone.h ttyname.h netinet/in.h >- netinet/in6.h netinet6/in6.h libintl.h''') >+ netinet/in6.h netinet6/in6.h''') > > conf.CHECK_HEADERS('curses.h term.h termcap.h', together=True) > >@@ -42,8 +42,6 @@ conf.CHECK_FUNCS_IN('''getnameinfo sendmsg socket getipnodebyname gethostent get > 'socket nsl', > checklibc=True) > >-conf.CHECK_FUNCS_IN('dgettext gettext', 'intl', headers='libintl.h') >- > conf.CHECK_FUNCS('iruserok') > > conf.CHECK_FUNCS('bswap16') >-- >1.8.1.2 > > >From 1cd649bde3be28d93bd6d205c0858558923e317b Mon Sep 17 00:00:00 2001 >From: Christian Ambach <ambi@samba.org> >Date: Thu, 1 Aug 2013 23:00:21 +0200 >Subject: [PATCH 67/67] waf: replace dependency to libintl with samba_intl > >Signed-off-by: Christian Ambach <ambi@samba.org> >--- > nsswitch/wscript_build | 2 +- > source3/wscript_build | 2 +- > source4/heimdal_build/wscript_build | 4 ++-- > 3 files changed, 4 insertions(+), 4 deletions(-) > >diff --git a/nsswitch/wscript_build b/nsswitch/wscript_build >index a7d6489..55ba776 100644 >--- a/nsswitch/wscript_build >+++ b/nsswitch/wscript_build >@@ -81,7 +81,7 @@ elif (host_os.rfind('aix') > -1): > if bld.CONFIG_SET('WITH_PAM_MODULES') and bld.CONFIG_SET('HAVE_PAM_START'): > bld.SAMBA_LIBRARY('pamwinbind', > source='pam_winbind.c', >- deps='intl talloc wbclient winbind-client iniparser pam', >+ deps='talloc wbclient winbind-client iniparser pam samba_intl', > cflags='-DLOCALEDIR=\"%s/locale\"' % bld.env.DATADIR, > realname='pam_winbind.so', > install_path='${PAMMODULESDIR}' >diff --git a/source3/wscript_build b/source3/wscript_build >index f7988a6..f52197a 100755 >--- a/source3/wscript_build >+++ b/source3/wscript_build >@@ -1267,7 +1267,7 @@ bld.SAMBA3_BINARY('net', > talloc > netapi > addns >- intl >+ samba_intl > popt_samba3 > pdb > libsmb >diff --git a/source4/heimdal_build/wscript_build b/source4/heimdal_build/wscript_build >index 8ca8788..ae7fbec 100644 >--- a/source4/heimdal_build/wscript_build >+++ b/source4/heimdal_build/wscript_build >@@ -670,7 +670,7 @@ if not bld.CONFIG_SET("USING_SYSTEM_KRB5"): > HEIMDAL_LIBRARY('krb5', KRB5_SOURCE, > version_script='lib/krb5/version-script.map', > includes='../heimdal/lib/krb5 ../heimdal/lib/asn1 ../heimdal/include', >- deps='roken wind asn1 hx509 hcrypto intl com_err HEIMDAL_CONFIG heimbase execinfo', >+ deps='roken wind asn1 hx509 hcrypto com_err HEIMDAL_CONFIG heimbase execinfo samba_intl', > vnum='26.0.0', > ) > KRB5_PROTO_SOURCE = KRB5_SOURCE + ['lib/krb5/expand_path.c', 'lib/krb5/plugin.c', 'lib/krb5/context.c'] >@@ -894,7 +894,7 @@ if not bld.CONFIG_SET('USING_SYSTEM_COM_ERR'): > HEIMDAL_LIBRARY('com_err', > 'lib/com_err/com_err.c lib/com_err/error.c', > includes='../heimdal/lib/com_err', >- deps='roken intl', >+ deps='roken samba_intl', > vnum='0.25', > version_script='lib/com_err/version-script.map', > ) >-- >1.8.1.2 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 9911
:
8964
|
8987
|
8998
|
9007
|
9106
|
9107
|
9114
|
9115
|
9127
|
9419
|
9482
|
9483
|
9500
|
9554
|
9746
|
9747