The branch, master has been updated
via 2cf0525 s4/irpc: Add security token to the binding handle when
doing irp call forwarding
via ed7bbc9 s4/irpc: Add function to add security token to the binding
handle
via d9d4ded s4:irpc: optionaly pass the security_token via IRPC
requests.
from 3235f44 s3: Make file_fnum static
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 2cf0525b2382d22b3497f49eb58b9fd8f0c837e1
Author: Anatoliy Atanasov <[email protected]>
Date: Sun Sep 26 17:05:13 2010 -0700
s4/irpc: Add security token to the binding handle when doing irp call
forwarding
commit ed7bbc993d4fd080303611a64fefc2b47d786176
Author: Anatoliy Atanasov <[email protected]>
Date: Sun Sep 26 17:04:43 2010 -0700
s4/irpc: Add function to add security token to the binding handle
commit d9d4ded71a9214917d9999da0a16aa82eeac0afb
Author: Stefan Metzmacher <[email protected]>
Date: Mon Sep 27 01:42:26 2010 +0200
s4:irpc: optionaly pass the security_token via IRPC requests.
metze
-----------------------------------------------------------------------
Summary of changes:
source4/lib/messaging/irpc.h | 2 ++
source4/lib/messaging/messaging.c | 13 +++++++++++++
source4/librpc/idl/irpc.idl | 5 +++++
source4/rpc_server/common/forward.c | 7 +++++++
4 files changed, 27 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/lib/messaging/irpc.h b/source4/lib/messaging/irpc.h
index 3c7edcc..5236021 100644
--- a/source4/lib/messaging/irpc.h
+++ b/source4/lib/messaging/irpc.h
@@ -71,6 +71,8 @@ struct dcerpc_binding_handle
*irpc_binding_handle_by_name(TALLOC_CTX *mem_ctx,
struct messaging_context *msg_ctx,
const char *dest_task,
const struct ndr_interface_table
*table);
+void irpc_binding_handle_add_security_token(struct dcerpc_binding_handle *h,
+ struct security_token *token);
NTSTATUS irpc_add_name(struct messaging_context *msg_ctx, const char *name);
struct server_id *irpc_servers_byname(struct messaging_context *msg_ctx,
TALLOC_CTX *mem_ctx, const char *name);
diff --git a/source4/lib/messaging/messaging.c
b/source4/lib/messaging/messaging.c
index 724d66a..c61bb7a 100644
--- a/source4/lib/messaging/messaging.c
+++ b/source4/lib/messaging/messaging.c
@@ -717,6 +717,7 @@ NTSTATUS irpc_send_reply(struct irpc_message *m, NTSTATUS
status)
}
m->header.flags |= IRPC_FLAG_REPLY;
+ m->header.creds.token= NULL;
/* construct the packet */
ndr_err = ndr_push_irpc_header(push, NDR_SCALARS|NDR_BUFFERS,
&m->header);
@@ -1014,6 +1015,7 @@ struct irpc_bh_state {
struct server_id server_id;
const struct ndr_interface_table *table;
uint32_t timeout;
+ struct security_token *token;
};
static bool irpc_bh_is_connected(struct dcerpc_binding_handle *h)
@@ -1111,6 +1113,7 @@ static struct tevent_req
*irpc_bh_raw_call_send(TALLOC_CTX *mem_ctx,
header.callnum = state->opnum;
header.flags = 0;
header.status = NT_STATUS_OK;
+ header.creds.token= hs->token;
/* construct the irpc packet */
ndr = ndr_push_init_ctx(state->irpc);
@@ -1325,3 +1328,13 @@ struct dcerpc_binding_handle
*irpc_binding_handle_by_name(TALLOC_CTX *mem_ctx,
return h;
}
+
+void irpc_binding_handle_add_security_token(struct dcerpc_binding_handle *h,
+ struct security_token *token)
+{
+ struct irpc_bh_state *hs =
+ dcerpc_binding_handle_data(h,
+ struct irpc_bh_state);
+
+ hs->token = token;
+}
diff --git a/source4/librpc/idl/irpc.idl b/source4/librpc/idl/irpc.idl
index 2070d3d..6e2c73d 100644
--- a/source4/librpc/idl/irpc.idl
+++ b/source4/librpc/idl/irpc.idl
@@ -14,6 +14,10 @@ import "misc.idl", "security.idl", "nbt.idl";
IRPC_FLAG_REPLY = 0x0001
} irpc_flags;
+ typedef struct {
+ security_token *token;
+ } irpc_creds;
+
typedef [public] struct {
GUID uuid;
uint32 if_version;
@@ -21,6 +25,7 @@ import "misc.idl", "security.idl", "nbt.idl";
uint32 callid;
irpc_flags flags;
NTSTATUS status;
+ [subcontext(4)] irpc_creds creds;
[flag(NDR_ALIGN8)] DATA_BLOB _pad;
} irpc_header;
diff --git a/source4/rpc_server/common/forward.c
b/source4/rpc_server/common/forward.c
index c983ac3..113ac5f 100644
--- a/source4/rpc_server/common/forward.c
+++ b/source4/rpc_server/common/forward.c
@@ -24,6 +24,8 @@
#include "rpc_server/dcerpc_server.h"
#include "rpc_server/common/common.h"
#include "messaging/irpc.h"
+#include "auth/auth.h"
+
struct dcesrv_forward_state {
const char *opname;
@@ -69,6 +71,7 @@ void dcesrv_irpc_forward_rpc_call(struct dcesrv_call_state
*dce_call, TALLOC_CTX
struct dcesrv_forward_state *st;
struct dcerpc_binding_handle *binding_handle;
struct tevent_req *subreq;
+ struct security_token *token;
st = talloc(mem_ctx, struct dcesrv_forward_state);
if (st == NULL) {
@@ -100,6 +103,10 @@ void dcesrv_irpc_forward_rpc_call(struct dcesrv_call_state
*dce_call, TALLOC_CTX
/* reset timeout for the handle */
dcerpc_binding_handle_set_timeout(binding_handle, timeout);
+ /* add security token to the handle*/
+ token = dce_call->conn->auth_state.session_info->security_token;
+ irpc_binding_handle_add_security_token(binding_handle, token);
+
/* forward the call */
subreq = dcerpc_binding_handle_call_send(st, dce_call->event_ctx,
binding_handle,
--
Samba Shared Repository
