Samuel Cabrero [Thu, 28 Feb 2019 13:04:08 +0000 (14:04 +0100)]
s3:rpc_server: Remove s3 rpc server loop
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Mon, 9 Sep 2019 16:22:43 +0000 (18:22 +0200)]
s3:rpc_server: Remove call to s3 rpc services shutdown code
The rpc_<service>_shutdown function unregisters the legacy api_struct
from the local dispatch table, which is not longer used as local
dispatching is done through dcesrv_interface and will be removed in
following commits.
The dcesrv_shutdown_registered_ep_servers will unregister endpoint servers.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Thu, 5 Dec 2019 10:45:54 +0000 (11:45 +0100)]
s3:rpc_server: Switch to core dcerpc server loop
This commit finally switches the RPC server implementation.
At the same we have to do other related changes to keep code compiling
and test environments running.
First avoid moving the session_info into the allocated pipes_struct memory
context as it is owned now by the core RPC server, and the s3compat pidl
compiler will update the pipes_struct session_info before dispatching
the call with dcesrv_call->auth_state->session_info.
Also, fix a segfault in the endpoint mapper daemon when it tries to delete
the endpoints previously registered over a NCALRPC connection.
If we have:
rpc_server : epmapper = external
rpc_server : lsarpc = external
rpc_daemon : epmd = fork
rpc_daemon : lsasd = fork
The sequence is:
* The endpoint mapper starts (start_epmd in source3/smbd/server.c)
* The lsarpc daemon starts (start_lsasd in source3/smbd/server.c)
* The lsarpc daemon creates the sockets and registers its endpoints
(rpc_ep_register in source3/rpc_server/lsasd.c)
* The endpoint registration code opens a NCALRPC connection to the
endpoint mapper daemon (ep_register in source3/librpc/rpc/dcerpc_ep.c)
and keeps it open to re-register if the endpoint mapper daemon dies
(rpc_ep_register_loop in source3/rpc_server/rpc_ep_register.c)
* When the endpoint mapper daemon accepts a NCALRPC connection it sets a
termination function (srv_epmapper_delete_endpoints)
* Suppose the lsarpc daemon exits. The NCALRPC connection termination
function is called.
* The termination function tries to delete all endpoints registered by that
connection by calling _epm_Delete
* _epm_Delete calls is_privileged_pipe which access to
pipes_struct->session_info.
As the call to _epm_Delete occurs outside of the PIDL generated code,
the pipes_stuct->session_info is NULL. This commit also sets
pipes_struct->session_info from the dcerpc_connection before calling
_epm_Delete. As the core rpc server supports security context multiplexing we
need to pass the dcesrv_connection to the termination function and let the
implementation pick a auth context. In the case of the endpoint mapper
the termination function has to pick one of type NCALRPC_AS_SYSTEM to
check if the connection is privileged and delete the endpoints
registered by the connection being closed.
Finally, the samba.tests.dcerpc.raw_protocol testsuite passes against
the ad_member environment.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Thu, 28 Feb 2019 12:04:02 +0000 (13:04 +0100)]
s3:rpc_server: Update winspool generated server stub
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 22 Oct 2019 16:28:44 +0000 (18:28 +0200)]
s3:winbindd: Dispatch RPC calls through interface local handler
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 28 May 2019 10:05:45 +0000 (12:05 +0200)]
s3:rpc_server: Dispatch local calls through interfaces local handler
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 28 May 2019 10:02:09 +0000 (12:02 +0200)]
pidl:NDR/ServerCompat: Generate local dispatching function
To be used in rpcint_binding_handle, prepare to remove legacy api_struct
and S3 pidl generated code.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Mon, 11 Mar 2019 13:10:28 +0000 (14:10 +0100)]
pidl:NDR/ServerCompat: Initialize and allocate out vars
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Thu, 28 Feb 2019 12:03:33 +0000 (13:03 +0100)]
pidl:NDR/ServerCompat: Add dispatch, reply, pull and push functions to header
Will be used by winspool to forward selected opnums to spoolss.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 22:28:25 +0000 (23:28 +0100)]
pidl:NDR/ServerCompat: Retrieve and setup pipes struct before dispatch
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 22:44:16 +0000 (23:44 +0100)]
s3:rpc_server: Store dcesrv context and endpoint in ncacn_conn
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 20:36:22 +0000 (21:36 +0100)]
s3:rpc_server: Retrieve dcesrv_context from parent context to open NP
Get the dcesrv_context from parent context and use it to search the
endpoint serving the named pipe. Once we have the endpoint pass it to
the make_internal_rpc_pipe_socketpair function.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 20:03:30 +0000 (21:03 +0100)]
s3:rpc_server: Set a dcerpc_ncacn_conn termination function
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 19:21:44 +0000 (20:21 +0100)]
s3:rpc_server: Retrieve the dcesrv_endpoint from prefork listen data
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 18:32:26 +0000 (19:32 +0100)]
s3:rpc_server: Drop dcerpc_binding_vector usage in the server side
The endpoint mapper entry is built using the dcesrv_endpoint and the
interfaces registered into it instead of using the
dcerpc_binding_vector.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 19:49:56 +0000 (20:49 +0100)]
s3:rpc_server: Remove unused members from dcerpc_ncacn_listen_state
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 18:13:57 +0000 (19:13 +0100)]
s3:rpc_server: Create ncacn_np sockets through endpoint initialization
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 17:58:15 +0000 (18:58 +0100)]
s3:rpc_server: Setup ncacn_np sockets through endpoint initialization
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Mon, 18 Nov 2019 11:46:04 +0000 (12:46 +0100)]
s3:rpc_server: Listen in different socket for ncalrpc when role is AD DC
If smbd and samba processes use DEFAULT as socket name they will race to
accept the NCALRPC connections.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 17:32:45 +0000 (18:32 +0100)]
s3:rpc_server: Create ncalrpc socket through endpoint initialization
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 17:20:11 +0000 (18:20 +0100)]
s3:rpc_server: Setup ncalrpc sockets through endpoint initialization
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 17:05:08 +0000 (18:05 +0100)]
s3:rpc_server: Create ncacn_ip_tcp sockets through enpoint init
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 16:52:21 +0000 (17:52 +0100)]
s3:rpc_server: Setup ncacn_ip_tcp sockets through endpoint init
The listener is created in the endpoint memory context. If the endpoint
is freed, the listener will be freed too and the socket closed.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 15:28:28 +0000 (16:28 +0100)]
s3:rpc_server: Initialize spoolssd connection endpoints
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 15:06:44 +0000 (16:06 +0100)]
s3:rpc_server: Initialize mdssd connection endpoints
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 14:49:01 +0000 (15:49 +0100)]
s3:rpc_server: Initialize fssd connection endpoints
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 14:45:52 +0000 (15:45 +0100)]
s3:rpc_server: Initialize lsasd connection endpoints
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 13:42:07 +0000 (14:42 +0100)]
s3:rpc_server: Initialize epmd connection endpoints
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 13:36:30 +0000 (14:36 +0100)]
s3:rpc_server: Initialize the embedded services endpoints
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 13:21:01 +0000 (14:21 +0100)]
s3:rpc_server: Add a function to create the endpoints sockets
The pidl-generated initialization function for each endpoint server will
register the RPC interface in all endpoints defined in the idl file.
The interface registration code will create the endpoint if it does not
exists (as an endpoint can serve multiple interfaces) and will add it to
the endpoint list exiting in the dcesrv_context.
This commit adds a generic dcesrv_create_endpoint_sockets function which
will be preforking external daemons to create the sockets regardless the
endpoint transport. This function will only create the sockets, the
external preforking daemon is who will start listening.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 27 Feb 2019 13:01:11 +0000 (14:01 +0100)]
s3:rpc_server: Add a function to setup the endpoints
The pidl-generated initialization function for each endpoint server will
register the RPC interface in all endpoints defined in the idl file.
The interface registration code will create the endpoint if it does not
exists (as an endpoint can serve multiple interfaces) and will add it to
the endpoint list exiting in the dcesrv_context.
This commit adds a generic dcesrv_setup_endpoint_sockets function which
will be used by embedded services and non-preforking external daemons to
setup the sockets regardless the transport.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Fri, 4 Oct 2019 12:05:53 +0000 (14:05 +0200)]
s3:rpc_server: Implement association group find callback
Keep the s3 server behaviour for now and return always the same
association group ID, 0x53F0.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Fri, 25 Jan 2019 08:50:15 +0000 (09:50 +0100)]
s3:rpc_server: Setup dcesrv_context callbacks
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Thu, 28 Feb 2019 12:36:09 +0000 (13:36 +0100)]
s3:winbindd: Initialize dcesrv_context and ep servers in winbindd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 17:00:55 +0000 (18:00 +0100)]
s3:rpc_server: Init registered ep servers in external mdssd daemon
Initialize and shutdown the endpoint servers registed by the mdssd
daemon. The pidl-generated init function will register the
api_struct for backward compatibility until completely removed.
The common server exit routine will shutdown all registered endpoint
servers, and the pidl-generated shutdown function will unregister the
api_struct.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 16:59:38 +0000 (17:59 +0100)]
s3:rpc_server: Init registered ep servers in external fssd daemon
Initialize and shutdown the endpoint servers registed by the fssd
daemon. The pidl-generated init function will register the
api_struct for backward compatibility until completely removed.
The common server exit routine will shutdown all registered endpoint
servers, and the pidl-generated shutdown function will unregister the
api_struct.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 16:57:58 +0000 (17:57 +0100)]
s3:rpc_server: Init registered ep servers in external lsasd daemon
Initialize and shutdown the endpoint servers registed by the lsasd
daemon. The pidl-generated init function will register the
api_struct for backward compatibility until completely removed.
The common server exit routine will shutdown all registered endpoint
servers, and the pidl-generated shutdown function will unregister the
api_struct.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 16:55:07 +0000 (17:55 +0100)]
s3:rpc_server: Init registered ep servers in external spoolssd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 16:15:37 +0000 (17:15 +0100)]
s3:rpc_server: Init registered ep servers in external epmd daemon
Initialize and shutdown the endpoint servers registed by the endpoint
mapper daemon. The pidl-generated init function will register the
api_struct for backward compatibility until completely removed.
The common server exit routine will shutdown all registered endpoint
servers, and the pidl-generated shutdown function will unregister the
api_struct.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 16:53:18 +0000 (17:53 +0100)]
s3:rpc_server: Init registered endpoint servers for embedded services
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 16:37:52 +0000 (17:37 +0100)]
pidl:NDR/ServerCompat: Register and unregister legacy api_struct cmds
Next commits will initialize the registered enpoint servers in S3 RPC
server, removing the rpc_{interface}_init calls. The legacy api_struct
registration will be registered by the enpoint server initialization
code generated by PIDL.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 15:58:10 +0000 (16:58 +0100)]
s3:rpc_server: Reinitialize dcesrv_context in external spoolssd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 15:56:42 +0000 (16:56 +0100)]
s3:rpc_server: Reinitialize dcesrv_context in external lsasd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 14:52:43 +0000 (15:52 +0100)]
s3:rpc_server: Reinitialize dcesrv_context in external mdssd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 14:47:06 +0000 (15:47 +0100)]
s3:rpc_server: Reinitialize dcesrv_context in external fssd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 13:18:34 +0000 (14:18 +0100)]
s3:rpc_server: Reinitialize dcesrv_context in external epmd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Thu, 19 Mar 2020 12:00:52 +0000 (13:00 +0100)]
s3:rpc_server: Shutdown registered enpoint servers on server exit
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 12:58:43 +0000 (13:58 +0100)]
s3:rpc_server: Initialize global dcesrv_context for embedded services
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Wed, 30 Oct 2019 16:00:05 +0000 (17:00 +0100)]
s3:rpc_server: Add global dcesrv_context init and shutdown functions
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Thu, 28 Feb 2019 12:32:53 +0000 (13:32 +0100)]
s3:winbindd: Register endpoint servers in winbindd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 12:52:39 +0000 (13:52 +0100)]
s3:rpc_server: Register endpoint servers in external mdssd daemon
The parent calls the setup function to register the endpoint server, as
it has to be registered to initialize the endpoints (create the sockets).
Delete the setup call from forker childs as it is already registered by
the parent.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 12:51:23 +0000 (13:51 +0100)]
s3:rpc_server: Register endpoint servers in external spoolssd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 12:50:37 +0000 (13:50 +0100)]
s3:rpc_server: Register endpoint servers in external fssd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 12:48:33 +0000 (13:48 +0100)]
s3:rpc_server: Register endpoint servers in external lsasd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Feb 2019 12:40:44 +0000 (13:40 +0100)]
s3:rpc_server: Register endpoint servers in external epmd daemon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Fri, 15 Nov 2019 13:26:28 +0000 (14:26 +0100)]
s3:rpc_server: Register endpoint servers for embedded services
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Thu, 14 Feb 2019 13:21:25 +0000 (14:21 +0100)]
s3:rpc_server: Provide LSA ncacn_np secondary endpoint and LSA over Netlogon
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 26 Nov 2019 13:16:14 +0000 (14:16 +0100)]
selftests: Tests only appropiate RPC interfaces are available in smb pipes
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Fri, 15 Nov 2019 13:24:31 +0000 (14:24 +0100)]
selftests: Test lsa over netlogon in nt4 dc environment
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Fri, 22 Feb 2019 17:30:45 +0000 (18:30 +0100)]
s3:rpc_server: Include generated boilerplate code
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Tue, 15 Jan 2019 16:55:07 +0000 (17:55 +0100)]
pidl:NDR/ServerCompat: Compat server PIDL parser
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Samuel Cabrero [Thu, 3 Oct 2019 12:18:17 +0000 (14:18 +0200)]
selftest: Run python.samba.tests.dcerpc.raw_protocol against S3 ad_member
The goal is to pass the raw protocol testsuite against s3 RPC server.
To do so we need to enable epmd and lsasd daemons, as the testsuite
connects to the endpoint mapper and lsa endpoints using NCACN_IP_TCP
and NCACN_NP transports.
Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 19 Mar 2020 09:32:17 +0000 (10:32 +0100)]
gitlab-ci: Add Fedora 32 (Beta)
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Mar 20 15:19:50 UTC 2020 on sn-devel-184
Andreas Schneider [Thu, 19 Mar 2020 09:28:23 +0000 (10:28 +0100)]
gitlab-ci: Remove Fedora 30
It is pretty similar to Fedora 31, so remove it safe some CI resources.
We will add Fedora 32 next.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 19 Mar 2020 09:23:02 +0000 (10:23 +0100)]
gitlab-ci: Remove Fedora 29 which is already EOL
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 16 Mar 2020 16:00:16 +0000 (17:00 +0100)]
third_party: Update nss_wrapper to version 1.1.10
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Mar 20 12:41:36 UTC 2020 on sn-devel-184
Andreas Schneider [Tue, 17 Mar 2020 16:39:48 +0000 (17:39 +0100)]
bootstrap: Add podman command to readme
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Volker Lendecke [Thu, 19 Mar 2020 10:01:41 +0000 (11:01 +0100)]
libsmb: Don't try to find posix stat info in SMBC_getatr()
This wrongly used "frame" instead of "fname", which can never have
worked. A first attempt to fix in
51551e0d53fa6 caused a few followup
patches in an attempt to clean up the test failures
51551e0d53fa6
introduced. They were reverted after a few discussions. So rather than
changing behaviour, just remove the code that introduced the valgrind
error again.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 20 05:06:07 UTC 2020 on sn-devel-184
Noel Power [Mon, 16 Mar 2020 16:00:24 +0000 (16:00 +0000)]
s4/param: py_sid shouldn't be decref'ed after insertion into dict
This was causing samba.tests.net_join_no_spnego(ad_dc) to
core dumps sometimes on tumbleweed with python3.8
with...
===============================================================
INTERNAL ERROR: Signal 11 in pid 1781 (4.12.0)
If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting
===============================================================
smb_panic_default: PANIC (pid 1781): internal error
BACKTRACE: 64 stack frames:
7128 #0 bin/shared/libsamba-util.so.0(log_stack_trace+0x1f) [0x7fa541c5b220]
7129 #1 bin/shared/libsamba-util.so.0(+0x1efc8) [0x7fa541c5afc8]
7130 #2 bin/shared/libsamba-util.so.0(log_stack_trace+0) [0x7fa541c5b201]
7131 #3 bin/shared/libsamba-util.so.0(+0x1eed9) [0x7fa541c5aed9]
7132 #4 bin/shared/libsamba-util.so.0(+0x1eeee) [0x7fa541c5aeee]
7133 #5 /lib64/libc.so.6(+0x3bf20) [0x7fa542631f20]
7134 #6 /usr/lib64/libpython3.8.so.1.0(PyObject_GC_UnTrack+0xd) [0x7fa542386c1d]
7135 #7 /usr/lib64/libpython3.8.so.1.0(+0x12d599) [0x7fa542387599]
7136 #8 /usr/lib64/libpython3.8.so.1.0(_PyEval_EvalFrameDefault+0x4d6d) [0x7fa5424269ed]
7137 #9 /usr/lib64/libpython3.8.so.1.0(_PyEval_EvalCodeWithName+0x30c) [0x7fa5423eaf5c]
7138 #10 /usr/lib64/libpython3.8.so.1.0(_PyFunction_Vectorcall+0x18e) [0x7fa5423ebcbe]
7139 #11 /usr/lib64/libpython3.8.so.1.0(_PyEval_EvalFrameDefault+0x4a3a) [0x7fa5424266ba]
etc....
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Mar 19 22:23:52 UTC 2020 on sn-devel-184
Noel Power [Mon, 16 Mar 2020 15:54:00 +0000 (15:54 +0000)]
s4/param: treat NULL value passed to dict_insert as error
insert_dict is used as a convenience to decrement the values to
prevent leaks with orpahaned PyObjects and avoid excessive creation of
temp variables.
if (!dict_insert(parameters,
"rootdn",
PyUnicode_FromString(settings->root_dn_str))) {
status = NT_STATUS_UNSUCCESSFUL;
goto out;
}
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Mon, 16 Mar 2020 15:27:15 +0000 (15:27 +0000)]
s4/param: don't decref object we don't own
provision_fn is a borrowed reference we should not
call Py_CLEAR on it
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Tue, 17 Mar 2020 03:49:02 +0000 (16:49 +1300)]
bootstrap: Bring back a Ubuntu 16.04 build but just for the samba-fuzz task
This is needed to restore oss-fuzz support, as this uses the Ubuntu 16.04 package list
because all the docker images provided start with a Ubuntu 16.04 base.
REF: https://github.com/google/oss-fuzz/issues/3505
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21189
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Andrew Bartlett [Tue, 17 Mar 2020 04:07:02 +0000 (17:07 +1300)]
build: Allow a fuzzing build with Python 3.5
The Python 3.6 changes are only in actual .py files, not in the build system
nor the C side of things, so relax this so we can still build on oss-fuzz
which is based on Ubuntu 16.04 for now.
REF: https://github.com/google/oss-fuzz/issues/3505
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21189
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Noel Power [Fri, 13 Mar 2020 17:32:20 +0000 (17:32 +0000)]
python/samba/gp_parse: Fix test errors with python3.8
UNEXPECTED(failure): samba.tests.samba_tool.gpo.samba.tests.samba_tool.gpo.GpoCmdTestCase.test_backup_restore_generalize(ad_dc:local)
REASON: Exception: Exception: Traceback (most recent call last):
File "/tmp/samba-testbase/b28/samba-ad-dc-1/bin/python/samba/tests/samba_tool/gpo.py", line 434, in test_backup_restore_generalize
self.assertIsNone(has_difference(os.path.join(new_path, 'policy',
This caused because prior to 3.8 minodom.toprettyxml() was sorting the
attribute order, now it preserves the attribute order specified by the user
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 11 Mar 2020 17:35:57 +0000 (18:35 +0100)]
tests: Add test for weak crypto
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Thu, 12 Mar 2020 06:13:00 +0000 (07:13 +0100)]
waf: Check if GnuTLS has support for crypto policies
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 11 Nov 2019 15:39:24 +0000 (16:39 +0100)]
auth:ntlmssp: Mark as weak_crypto
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Wed, 11 Dec 2019 16:45:39 +0000 (17:45 +0100)]
gensec: Add a check if a gensec module implements weak crypto
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 4 Nov 2019 16:15:14 +0000 (17:15 +0100)]
lib:param: Add lp(cfg)_weak_crypto()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 4 Nov 2019 16:26:48 +0000 (17:26 +0100)]
s3:utils: Add weak crypto information to testparm
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Mon, 4 Nov 2019 16:01:50 +0000 (17:01 +0100)]
lib:crypto: Add samba_gnutls_weak_crypto()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Ralph Boehme [Sun, 15 Mar 2020 07:30:21 +0000 (08:30 +0100)]
smbd: let delayed update handler also update on-disk timestamps
Let delayed update handler also update on-disk timestamps by calling
trigger_write_time_update_immediate().
trigger_write_time_update_immediate() sets fsp->update_write_time_on_close to
false which prevents updating the write-time on close if there was ever only one
write to the file.
Besides resetting fsp->update_write_time_on_close and setting the on-disk timestamps
trigger_write_time_update_immediate() takes the same steps as the removed code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 19 03:05:40 UTC 2020 on sn-devel-184
Ralph Boehme [Sun, 15 Mar 2020 07:30:21 +0000 (08:30 +0100)]
smbd: let mark_file_modified() always call trigger_write_time_update()
Preperatory change: the next commit will reset fsp->update_write_time_on_close
in the event handler, so this change ensures it gets set again for any
subsequent write.
This will NOT always result in a write-time update because
trigger_write_time_update() has its own only-once logic using the internal
variable fsp->update_write_time_triggered.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 15 Mar 2020 15:46:16 +0000 (16:46 +0100)]
torture/smb2: delayed timestamp updates test: more then one write
Verify a close updates the write-time for subsequent writes after an initial
write started the delayed update logic.
This covers a scenario that will become relevant with the two subsequent
commits. The next commit:
smbd: let mark_file_modified() always call trigger_write_time_update()
ensures that trigger_write_time_update() is not only called for the first write
on a file. Without that preaparatory change, the second commit:
smbd: let delayed update handler also update on-disk timestamps
alone would cause this test to fail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 14 Mar 2020 15:43:48 +0000 (16:43 +0100)]
torture/smb2: delayed timestamp update test: single write
Verify close only updates write-time when a delayed update is actually pending.
This scenario is not covered by basic.delaywrite.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sun, 15 Mar 2020 14:51:18 +0000 (15:51 +0100)]
smbd: remove stat call from mark_file_modified()
This stat dates back to
d03453864ab1bc5fd3b4a3abaf96176a006c102b where the call
to trigger_write_time_update() had been to the file IO codepath. It was present
there for other reasons: to setup the write-cache based on the file's size.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14320
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 6 Mar 2020 15:21:47 +0000 (16:21 +0100)]
torture/smb2: Windows 2019 15 ms timestamp resolution
This test demonstrates that Windows has a timestamp resolution of ~15ms.
When a smaller amount of time than that has passed between modifying operations
on a file, it's not necessarily detectable on a Windows 2019 server that
implements immediate timestamp updates (no delayed magic).
Note that this test relies on a low latency SMB connection. Even with a low
latency connection of eg 1m there's a chance of 1/15 that the first part of the
test expecting no timestamp change fails as the writetime is updated.
Due to this timing dependency this test is skipped in Samba CI, but it is
preserved here for future SMB2 timestamps behaviour archealogists.
See also: https://lists.samba.org/archive/cifs-protocol/2019-December/003358.html
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 12 Mar 2020 18:23:40 +0000 (19:23 +0100)]
smbd: flush pending writetime update when setting timestamps file
Cf the explanations in the previous commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 12 Mar 2020 18:23:40 +0000 (19:23 +0100)]
smbd: flush pending writetime update when flushing file
Cf the explanations in the previous commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 12 Mar 2020 15:52:34 +0000 (16:52 +0100)]
smbd: always flush pending write time update when setting filesize
We need to flush a pending write time update even when we're setting the
filesize to current filesize.
Note that we're already doing it this way in the relevant places listed my
dochelp@MS in
https://lists.samba.org/archive/cifs-protocol/2019-December/003364.html
Cleanup (= Close)
SetBasicInfo
SetAllocationInfo
SetEndOfFileInfo
SetValidDataLengthInfo
Flush
FSCTL_SET_ENCRYPTION
FSCTL_OFFLOAD_WRITE
Cleanup (= Close):
Already implemented by update_write_time_on_close() and friends.
SetBasicInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetAllocationInfo:
smb_set_file_allocation_info() when setting a file's allocation size.
SetEndOfFileInfo:
Currently doesn't flush pending updates. Fixed by a subsequent commit.
SetValidDataLengthInfo:
Not implemented, returns NT_STATUS_NOT_SUPPORTED which seems wrong btw, as
SetValidDataLengthInfo IS listed in MS-SMB2 2.2.39.
Flush:
Currently doesn't flush pending updates. Fixed by subsequent commit.
FSCTL_SET_ENCRYPTION:
Windows 2016 doesn't flush a pending writetime update, verified with a
smbtorture test.
FSCTL_OFFLOAD_WRITE:
NT_STATUS_NOT_IMPLEMENTED
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 12 Mar 2020 15:48:09 +0000 (16:48 +0100)]
torture/smb2: add a test verifying a setinfo(basicinfo) flushes a pending writetime update
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 12 Mar 2020 15:48:09 +0000 (16:48 +0100)]
torture/smb2: add a test verifying a flush flushes a pending writetime update
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 6 Mar 2020 10:50:57 +0000 (11:50 +0100)]
torture/smb2: mtime update logic with 2 handles: write io on handle 1, then set mtime on handle 2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14150
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 10 Mar 2020 17:26:49 +0000 (18:26 +0100)]
s4/torture: fix a timestamps test to work on ext filesystem
ext filesystem has a time_t limit of
15032385535 (0x0x37fffffff). From
Documentation/filesystems/ext4/inodes.rst:
If the inode structure size ``sb->s_inode_size`` is larger than 128 bytes and
the ``i_inode_extra`` field is large enough to encompass the respective
``i_[cma]time_extra`` field, the ctime, atime, and mtime inode fields are
widened to 64 bits. Within this “extra” 32-bit field, the lower two bits are
used to extend the 32-bit seconds field to be 34 bit wide; the upper 30 bits
are used to provide nanosecond timestamp accuracy. Therefore, timestamps
should not overflow until May 2446. ...
Changing the test to use the value 0x37fffffff instead of
100000000000 allows
running the test locally on ext filesytems.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Tue, 17 Mar 2020 10:17:46 +0000 (11:17 +0100)]
smbd: enforce AIO requests draining
Now we wait for all aio to finish on all SHUTDOWN_CLOSE
cases, this is no longer needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 18 19:40:00 UTC 2020 on sn-devel-184
Jeremy Allison [Fri, 13 Mar 2020 17:40:50 +0000 (10:40 -0700)]
Revert "s3: VFS: vfs_default: Add tevent_req pointer to state struct in vfswrap_pread_state."
This reverts commit
594a435b33e8447625ca83b50daec2d08cf66d64.
Now we wait for all aio to finish on all SHUTDOWN_CLOSE
cases, this is no longer needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 13 Mar 2020 17:40:33 +0000 (10:40 -0700)]
Revert "s3: VFS: vfs_default. Pass in struct vfswrap_pread_state as the callback data to the subreq."
This reverts commit
e102908f112866d657b8c0cd6a5b217d070210c8.
Now we wait for all aio to finish on all SHUTDOWN_CLOSE
cases, this is no longer needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 13 Mar 2020 17:40:19 +0000 (10:40 -0700)]
Revert "s3: VFS: vfs_default. Protect vfs_pread_done() from accessing a freed req pointer."
This reverts commit
b9ad06079fe362385cc4c77f8e8d54f5f74d6db6.
Now we wait for all aio to finish on all SHUTDOWN_CLOSE
cases, this is no longer needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 13 Mar 2020 17:40:02 +0000 (10:40 -0700)]
Revert "s3: VFS: vfs_default: Add tevent_req pointer to state struct in vfswrap_pwrite_state."
This reverts commit
86cc7439501ab9b9eb018a18dbbef9567eb9b6f9.
Now we wait for all aio to finish on all SHUTDOWN_CLOSE
cases, this is no longer needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 13 Mar 2020 17:39:46 +0000 (10:39 -0700)]
Revert "s3: VFS: vfs_default. Pass in struct vfswrap_pwrite_state as the callback data to the subreq."
This reverts commit
13e25d68385aa951115e0e063ec6a9a281fea4a4.
Now we wait for all aio to finish on all SHUTDOWN_CLOSE
cases, this is no longer needed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14301
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>