s4:rpc_server: only use context within op_bind() hooks and dcesrv_interface_bind_...
authorStefan Metzmacher <metze@samba.org>
Wed, 21 Nov 2018 19:06:21 +0000 (20:06 +0100)
committerJeremy Allison <jra@samba.org>
Sat, 12 Jan 2019 02:13:39 +0000 (03:13 +0100)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
12 files changed:
source4/rpc_server/backupkey/dcesrv_backupkey.c
source4/rpc_server/backupkey/dcesrv_backupkey_heimdal.c
source4/rpc_server/dcerpc_server.c
source4/rpc_server/dcerpc_server.h
source4/rpc_server/dcesrv_mgmt.c
source4/rpc_server/dnsserver/dcerpc_dnsserver.c
source4/rpc_server/drsuapi/dcesrv_drsuapi.c
source4/rpc_server/echo/rpc_echo.c
source4/rpc_server/epmapper/rpc_epmapper.c
source4/rpc_server/lsa/dcesrv_lsa.c
source4/rpc_server/netlogon/dcerpc_netlogon.c
source4/rpc_server/samr/dcesrv_samr.c

index 10caf24..307a7f0 100644 (file)
@@ -47,7 +47,8 @@
 static NTSTATUS dcesrv_interface_backupkey_bind(struct dcesrv_call_state *dce_call,
                                                const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_require_privacy(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_require_privacy(context, iface);
 }
 
 static NTSTATUS set_lsa_secret(TALLOC_CTX *mem_ctx,
index 9cd9125..05113a9 100644 (file)
@@ -54,7 +54,8 @@
 static NTSTATUS dcesrv_interface_backupkey_bind(struct dcesrv_call_state *dce_call,
                                                const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_require_privacy(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_require_privacy(context, iface);
 }
 
 static const unsigned rsa_with_var_num[] = { 1, 2, 840, 113549, 1, 1, 1 };
index a79556d..9717a24 100644 (file)
@@ -781,44 +781,31 @@ static void dcesrv_prepare_context_auth(struct dcesrv_call_state *dce_call)
                                        context->allow_connect);
 }
 
-NTSTATUS dcesrv_interface_bind_require_integrity(struct dcesrv_call_state *dce_call,
+NTSTATUS dcesrv_interface_bind_require_integrity(struct dcesrv_connection_context *context,
                                                 const struct dcesrv_interface *iface)
 {
-       if (dce_call->context == NULL) {
-               return NT_STATUS_INTERNAL_ERROR;
-       }
-
        /*
         * For connection oriented DCERPC DCERPC_AUTH_LEVEL_PACKET (4)
         * has the same behavior as DCERPC_AUTH_LEVEL_INTEGRITY (5).
         */
-       dce_call->context->min_auth_level = DCERPC_AUTH_LEVEL_PACKET;
+       context->min_auth_level = DCERPC_AUTH_LEVEL_PACKET;
        return NT_STATUS_OK;
 }
 
-NTSTATUS dcesrv_interface_bind_require_privacy(struct dcesrv_call_state *dce_call,
+NTSTATUS dcesrv_interface_bind_require_privacy(struct dcesrv_connection_context *context,
                                               const struct dcesrv_interface *iface)
 {
-       if (dce_call->context == NULL) {
-               return NT_STATUS_INTERNAL_ERROR;
-       }
-
-       dce_call->context->min_auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
+       context->min_auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
        return NT_STATUS_OK;
 }
 
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_reject_connect(struct dcesrv_call_state *dce_call,
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_reject_connect(struct dcesrv_connection_context *context,
                                                       const struct dcesrv_interface *iface)
 {
-       struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
-       const struct dcesrv_endpoint *endpoint = dce_call->conn->endpoint;
+       struct loadparm_context *lp_ctx = context->conn->dce_ctx->lp_ctx;
+       const struct dcesrv_endpoint *endpoint = context->conn->endpoint;
        enum dcerpc_transport_t transport =
                dcerpc_binding_get_transport(endpoint->ep_description);
-       struct dcesrv_connection_context *context = dce_call->context;
-
-       if (context == NULL) {
-               return NT_STATUS_INTERNAL_ERROR;
-       }
 
        if (transport == NCALRPC) {
                context->allow_connect = true;
@@ -837,18 +824,13 @@ _PUBLIC_ NTSTATUS dcesrv_interface_bind_reject_connect(struct dcesrv_call_state
        return NT_STATUS_OK;
 }
 
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_allow_connect(struct dcesrv_call_state *dce_call,
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_allow_connect(struct dcesrv_connection_context *context,
                                                      const struct dcesrv_interface *iface)
 {
-       struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
-       const struct dcesrv_endpoint *endpoint = dce_call->conn->endpoint;
+       struct loadparm_context *lp_ctx = context->conn->dce_ctx->lp_ctx;
+       const struct dcesrv_endpoint *endpoint = context->conn->endpoint;
        enum dcerpc_transport_t transport =
                dcerpc_binding_get_transport(endpoint->ep_description);
-       struct dcesrv_connection_context *context = dce_call->context;
-
-       if (context == NULL) {
-               return NT_STATUS_INTERNAL_ERROR;
-       }
 
        if (transport == NCALRPC) {
                context->allow_connect = true;
index f4ea993..dfe4888 100644 (file)
@@ -527,13 +527,13 @@ _PUBLIC_ void dcesrv_call_auth_info(struct dcesrv_call_state *dce_call,
                                    enum dcerpc_AuthType *auth_type,
                                    enum dcerpc_AuthLevel *auth_level);
 
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_integrity(struct dcesrv_call_state *dce_call,
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_integrity(struct dcesrv_connection_context *context,
                                                          const struct dcesrv_interface *iface);
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_privacy(struct dcesrv_call_state *dce_call,
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_privacy(struct dcesrv_connection_context *context,
                                                        const struct dcesrv_interface *iface);
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_reject_connect(struct dcesrv_call_state *dce_call,
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_reject_connect(struct dcesrv_connection_context *context,
                                                       const struct dcesrv_interface *iface);
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_allow_connect(struct dcesrv_call_state *dce_call,
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_allow_connect(struct dcesrv_connection_context *context,
                                                      const struct dcesrv_interface *iface);
 
 _PUBLIC_ NTSTATUS _dcesrv_iface_state_store_assoc(
index ecb90d8..210a86d 100644 (file)
@@ -39,7 +39,8 @@
 static NTSTATUS dcesrv_interface_mgmt_bind(struct dcesrv_call_state *dce_call,
                                             const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_allow_connect(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_allow_connect(context, iface);
 }
 
 /* 
index 1f7a2e1..7c2ca8e 100644 (file)
@@ -33,7 +33,8 @@
 static NTSTATUS dcesrv_interface_dnsserver_bind(struct dcesrv_call_state *dce_call,
                                                const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_require_integrity(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_require_integrity(context, iface);
 }
 
 #define DNSSERVER_STATE_MAGIC 0xc9657ab4
index 415e8db..347823e 100644 (file)
@@ -47,7 +47,8 @@
 static NTSTATUS dcesrv_interface_drsuapi_bind(struct dcesrv_call_state *dce_call,
                                              const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_require_privacy(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_require_privacy(context, iface);
 }
 
 /* 
index 49c9e23..e00eaec 100644 (file)
@@ -31,7 +31,8 @@
 static NTSTATUS dcesrv_interface_rpcecho_bind(struct dcesrv_call_state *dce_call,
                                              const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_allow_connect(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_allow_connect(context, iface);
 }
 
 static NTSTATUS dcesrv_echo_AddOne(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct echo_AddOne *r)
index 6b934d7..7e9c261 100644 (file)
@@ -29,7 +29,8 @@
 static NTSTATUS dcesrv_interface_epmapper_bind(struct dcesrv_call_state *dce_call,
                                             const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_allow_connect(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_allow_connect(context, iface);
 }
 
 typedef uint32_t error_status_t;
index 8575db6..4a1bf60 100644 (file)
@@ -40,7 +40,8 @@
 static NTSTATUS dcesrv_interface_lsarpc_bind(struct dcesrv_call_state *dce_call,
                                             const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_reject_connect(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_reject_connect(context, iface);
 }
 
 static NTSTATUS lsarpc__op_init_server(struct dcesrv_context *dce_ctx,
index 21374a2..ca3dba3 100644 (file)
@@ -60,7 +60,8 @@
 static NTSTATUS dcesrv_interface_netlogon_bind(struct dcesrv_call_state *dce_call,
                                               const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_reject_connect(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_reject_connect(context, iface);
 }
 
 #define NETLOGON_SERVER_PIPE_STATE_MAGIC 0x4f555358
index 921d296..0ddbaae 100644 (file)
@@ -46,7 +46,8 @@
 static NTSTATUS dcesrv_interface_samr_bind(struct dcesrv_call_state *dce_call,
                                             const struct dcesrv_interface *iface)
 {
-       return dcesrv_interface_bind_reject_connect(dce_call, iface);
+       struct dcesrv_connection_context *context = dce_call->context;
+       return dcesrv_interface_bind_reject_connect(context, iface);
 }
 
 /* these query macros make samr_Query[User|Group|Alias]Info a bit easier to read */