From 1af1ebe54aefd436b6ed80cb99a30282d5abd495 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 11 Nov 2019 15:02:30 +1300
Subject: [PATCH] librpc: Unify packet dumping on ndr_pull() failure

There were two duplicate implementations of packet dumping just for the s4 RPC server!

This unifies them and makes them easier to find because they are not triggered
from the generated server stub any more.

The behaviour have unified on setting "dcesrv:stubs directory" and
being compiled with --enable-developer.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 20 02:14:56 UTC 2019 on sn-devel-184
---
 librpc/rpc/dcerpc_util.c                  | 21 +++++++++++-------
 librpc/rpc/dcesrv_core.c                  | 26 +++++++++--------------
 librpc/rpc/rpc_common.h                   |  7 +++---
 pidl/lib/Parse/Pidl/Samba4/COM/Stub.pm    |  6 ------
 pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm  |  9 --------
 source4/librpc/rpc/dcerpc.h               |  4 ----
 source4/rpc_server/remote/dcesrv_remote.c |  3 ---
 source4/torture/rpc/spoolss_notify.c      |  6 ------
 8 files changed, 27 insertions(+), 55 deletions(-)

diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c
index 32df534d5d9..7e2d06e0cef 100644
--- a/librpc/rpc/dcerpc_util.c
+++ b/librpc/rpc/dcerpc_util.c
@@ -1410,25 +1410,30 @@ NTSTATUS dcerpc_ncacn_push_auth(DATA_BLOB *blob,
   log a rpc packet in a format suitable for ndrdump. This is especially useful
   for sealed packets, where ethereal cannot easily see the contents
 
-  this triggers on a debug level of >= 10
+  this triggers if "dcesrv:stubs directory" is set and present
+  for all packets that fail to parse
 */
-void dcerpc_log_packet(const char *lockdir,
-		       const struct ndr_interface_table *ndr,
+void dcerpc_log_packet(const char *packet_log_dir,
+		       const char *interface_name,
 		       uint32_t opnum, uint32_t flags,
-		       const DATA_BLOB *pkt)
+		       const DATA_BLOB *pkt,
+		       const char *why)
 {
 	const int num_examples = 20;
 	int i;
 
-	if (lockdir == NULL) return;
+	if (packet_log_dir == NULL) {
+		return;
+	}
 
 	for (i=0;i<num_examples;i++) {
 		char *name=NULL;
 		int ret;
 		bool saved;
-		ret = asprintf(&name, "%s/rpclog/%s-%u.%d.%s",
-			       lockdir, ndr->name, opnum, i,
-			       (flags&NDR_IN)?"in":"out");
+		ret = asprintf(&name, "%s/%s-%u.%d.%s.%s",
+			       packet_log_dir, interface_name, opnum, i,
+			       (flags&NDR_IN)?"in":"out",
+			       why);
 		if (ret == -1) {
 			return;
 		}
diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c
index 902e82887f7..b7360abfcf7 100644
--- a/librpc/rpc/dcesrv_core.c
+++ b/librpc/rpc/dcesrv_core.c
@@ -541,7 +541,10 @@ _PUBLIC_ NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
 
 	p->dce_ctx = dce_ctx;
 	p->endpoint = ep;
-	p->packet_log_dir = lpcfg_lock_directory(dce_ctx->lp_ctx);
+	p->packet_log_dir = lpcfg_parm_string(dce_ctx->lp_ctx,
+					      NULL,
+					      "dcesrv",
+					      "stubs directory");
 	p->event_ctx = event_ctx;
 	p->state_flags = state_flags;
 	p->allow_bind = true;
@@ -1693,21 +1696,12 @@ static void dcesrv_alter_done(struct tevent_req *subreq)
 static void dcesrv_save_call(struct dcesrv_call_state *call, const char *why)
 {
 #ifdef DEVELOPER
-	char *fname;
-	const char *dump_dir;
-	dump_dir = lpcfg_parm_string(call->conn->dce_ctx->lp_ctx, NULL, "dcesrv", "stubs directory");
-	if (!dump_dir) {
-		return;
-	}
-	fname = talloc_asprintf(call, "%s/RPC-%s-%u-%s.dat",
-				dump_dir,
-				call->context->iface->name,
-				call->pkt.u.request.opnum,
-				why);
-	if (file_save(fname, call->pkt.u.request.stub_and_verifier.data, call->pkt.u.request.stub_and_verifier.length)) {
-		DEBUG(0,("RPC SAVED %s\n", fname));
-	}
-	talloc_free(fname);
+	dcerpc_log_packet(call->conn->packet_log_dir,
+			  call->context->iface->name,
+			  call->pkt.u.request.opnum,
+			  NDR_IN,
+			  &call->pkt.u.request.stub_and_verifier,
+			  why);
 #endif
 }
 
diff --git a/librpc/rpc/rpc_common.h b/librpc/rpc/rpc_common.h
index 9812146d0ba..3e98c205fcf 100644
--- a/librpc/rpc/rpc_common.h
+++ b/librpc/rpc/rpc_common.h
@@ -452,9 +452,10 @@ NTSTATUS dcerpc_ncacn_push_auth(DATA_BLOB *blob,
 				struct ncacn_packet *pkt,
 				struct dcerpc_auth *auth_info);
 
-void dcerpc_log_packet(const char *lockdir,
-		       const struct ndr_interface_table *ndr,
+void dcerpc_log_packet(const char *packet_log_dir,
+		       const char *interface_name,
 		       uint32_t opnum, uint32_t flags,
-		       const DATA_BLOB *pkt);
+		       const DATA_BLOB *pkt,
+		       const char *why);
 
 #endif /* __DEFAULT_LIBRPC_RPCCOMMON_H__ */
diff --git a/pidl/lib/Parse/Pidl/Samba4/COM/Stub.pm b/pidl/lib/Parse/Pidl/Samba4/COM/Stub.pm
index 239f5baaeed..746b384a462 100644
--- a/pidl/lib/Parse/Pidl/Samba4/COM/Stub.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/COM/Stub.pm
@@ -125,8 +125,6 @@ static NTSTATUS $name\__op_ndr_pull(struct dcesrv_call_state *dce_call, TALLOC_C
         /* unravel the NDR for the packet */
 	status = dcerpc_table_$name.calls[opnum].ndr_pull(pull, NDR_IN, *r);
 	if (!NT_STATUS_IS_OK(status)) {
-		dcerpc_log_packet(&dcerpc_table_$name, opnum, NDR_IN,
-				  &dce_call->pkt.u.request.stub_and_verifier);
 		dce_call->fault_code = DCERPC_FAULT_NDR;
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
@@ -152,8 +150,6 @@ pidl "
 	}
 
 	if (dce_call->fault_code != 0) {
-		dcerpc_log_packet(&dcerpc_table_$name, opnum, NDR_IN,
-				  &dce_call->pkt.u.request.stub_and_verifier);
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
 
@@ -175,8 +171,6 @@ pidl "
 	}
 
 	if (dce_call->fault_code != 0) {
-		dcerpc_log_packet(&dcerpc_table_$name, opnum, NDR_IN,
-				  &dce_call->pkt.u.request.stub_and_verifier);
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
 
diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm
index 945c0ffcee0..f87975cf939 100644
--- a/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm
@@ -120,9 +120,6 @@ static NTSTATUS $name\__op_ndr_pull(struct dcesrv_call_state *dce_call, TALLOC_C
         /* unravel the NDR for the packet */
 	ndr_err = ndr_table_$name.calls[opnum].ndr_pull(pull, NDR_IN, *r);
 	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-		dcerpc_log_packet(dce_call->conn->packet_log_dir, 
-				  &ndr_table_$name, opnum, NDR_IN,
-				  &dce_call->pkt.u.request.stub_and_verifier);
 		dce_call->fault_code = DCERPC_FAULT_NDR;
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
@@ -145,9 +142,6 @@ pidl "
 	}
 
 	if (dce_call->fault_code != 0) {
-		dcerpc_log_packet(dce_call->conn->packet_log_dir, 
-		          &ndr_table_$name, opnum, NDR_IN,
-				  &dce_call->pkt.u.request.stub_and_verifier);
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
 
@@ -169,9 +163,6 @@ pidl "
 	}
 
 	if (dce_call->fault_code != 0) {
-		dcerpc_log_packet(dce_call->conn->packet_log_dir,
-		          &ndr_table_$name, opnum, NDR_IN,
-				  &dce_call->pkt.u.request.stub_and_verifier);
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
 
diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h
index b5ef1fd3be4..6b0b841d64d 100644
--- a/source4/librpc/rpc/dcerpc.h
+++ b/source4/librpc/rpc/dcerpc.h
@@ -258,9 +258,5 @@ NTSTATUS dcerpc_secondary_auth_connection(struct dcerpc_pipe *p,
 
 struct composite_context* dcerpc_secondary_connection_send(struct dcerpc_pipe *p,
 							   const struct dcerpc_binding *b);
-void dcerpc_log_packet(const char *lockdir, 
-		       const struct ndr_interface_table *ndr,
-		       uint32_t opnum, uint32_t flags,
-		       const DATA_BLOB *pkt);
 
 #endif /* __S4_DCERPC_H__ */
diff --git a/source4/rpc_server/remote/dcesrv_remote.c b/source4/rpc_server/remote/dcesrv_remote.c
index 916e59e5f4b..8de9190e03e 100644
--- a/source4/rpc_server/remote/dcesrv_remote.c
+++ b/source4/rpc_server/remote/dcesrv_remote.c
@@ -277,9 +277,6 @@ static NTSTATUS remote_op_ndr_pull(struct dcesrv_call_state *dce_call, TALLOC_CT
         /* unravel the NDR for the packet */
 	ndr_err = table->calls[opnum].ndr_pull(pull, NDR_IN, *r);
 	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-		dcerpc_log_packet(dce_call->conn->packet_log_dir,
-						  table, opnum, NDR_IN,
-				  &dce_call->pkt.u.request.stub_and_verifier);
 		dce_call->fault_code = DCERPC_FAULT_NDR;
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
diff --git a/source4/torture/rpc/spoolss_notify.c b/source4/torture/rpc/spoolss_notify.c
index 33d49c9092a..fa2b917c8d9 100644
--- a/source4/torture/rpc/spoolss_notify.c
+++ b/source4/torture/rpc/spoolss_notify.c
@@ -68,9 +68,6 @@ static NTSTATUS spoolss__op_ndr_pull(struct dcesrv_call_state *dce_call, TALLOC_
         /* unravel the NDR for the packet */
 	ndr_err = ndr_table_spoolss.calls[opnum].ndr_pull(pull, NDR_IN, *r);
 	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-		dcerpc_log_packet(dce_call->conn->packet_log_dir,
-						  &ndr_table_spoolss, opnum, NDR_IN,
-				  &dce_call->pkt.u.request.stub_and_verifier);
 		dce_call->fault_code = DCERPC_FAULT_NDR;
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
@@ -185,9 +182,6 @@ static NTSTATUS spoolss__op_dispatch(struct dcesrv_call_state *dce_call, TALLOC_
 	}
 
 	if (dce_call->fault_code != 0) {
-		dcerpc_log_packet(dce_call->conn->packet_log_dir,
-						  &ndr_table_spoolss, opnum, NDR_IN,
-				  &dce_call->pkt.u.request.stub_and_verifier);
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
 	return NT_STATUS_OK;
-- 
2.34.1