The branch, master has been updated via 547111b s4:librpc/rpc: use dcerpc_binding_get_object() in order to pass the object to the epmapper via f17b5b2 s4:librpc/tests: assert the the abstract syntax has the expected value (null) via c25b5b3 librpc/rpc: finally maintain only the object guid via 5f402dc librpc/rpc: maintain "abstract_syntax" as string option of dcerpc_binding via a2ec730 s4:librpc/tests: reset the object on the binding created from the tower via 46eb9fa s4:torture/raw: fix debug message in torture_raw_qfileinfo_pipe() via df08804 s4:torture/rpc: make use of dcerpc_binding_handle_auth_info() in backupkey.c via 1d819ed s4:torture/rpc: make use of dcerpc_binding_handle_auth_info() in lsa.c via 08ec255 s4:torture/rpc: fix altercontext test against windows via 495a76b s4:torture/rpc: remove bogus rpc.multibind test via 66624e4 s4:selftest: don't run rpc.multibind anymore via 0e902b8 s4:dsdb/repl: make use of dcerpc_binding_handle_is_connected() via 70fc746 s4:librpc/test: test ipv6 addresses in dcerpc_binding strings via 4c98f16 librpc/rpc: handle ipv6 addresses without transport in dcerpc_parse_binding() via 9f5bf79 librpc/rpc: add "schannel" => DCERPC_SCHANNEL as ncacn_option via 0ecf01a s4:librpc/tests: add more no transport tests via 8a66947 lib/util: let is_ipaddress_v6() cope with "fe80::1234%3" via dbf3700 s4:librpc/rpc: correctly map the fault code of alter context to NTSTATUS via c2f731e s4:librpc/rpc: remove unused dcecli_connection->binding_string via 983ec86 s4:torture/rpc: avoid using dcecli_connection->binding_string via 002a0fb librpc/rpc: use dcerpc_binding_set_string_option(b, "endpoint", NULL) to reset the endpoint via 7782fbe librpc/rpc: let dcerpc_binding_set_transport() also reset the assoc_group_id via d6794ec libcli/smb: reuse tstream_smbXcli_np_disconnect_send/recv as helper via 5b1d9f7 libcli/smb: add tstream_smbXcli_np_disconnect_cleanup() to handle talloc_free(req) via 6260de7 libcli/smb: make TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE public via 96e1bcd libcli/smb: keep references to smbXcli_{conn,session,tcon} in tstream_smbXcli_np via ea53ba1 s4:torture/rpc: fix error path in torture_leave_domain() from 95d9f16 librpc: inline CHECK_SYNTAX macro logic
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 547111b2cf94d18ae7972308161d64b5504ee9fd Author: Stefan Metzmacher <me...@samba.org> Date: Sat Jan 25 11:14:36 2014 +0100 s4:librpc/rpc: use dcerpc_binding_get_object() in order to pass the object to the epmapper This way we'll be able to do epmapper lookups for the DFS-R (MS-FRS2) endpoint, by using "5bc1ed07-f5f5-485f-9dfd-6fd0acf9a23c@ncacn_ip_tcp:hostname.exmple.com[krb5,seal]" as binding. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Tue Mar 25 02:43:39 CET 2014 on sn-devel-104 commit f17b5b2fe4f2104e5540691b2ad1819aa3db43a3 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Feb 7 22:17:43 2014 +0100 s4:librpc/tests: assert the the abstract syntax has the expected value (null) This makes sure that it's not mixed with the object guid anymore. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit c25b5b35794624b28a8b1dd6ab63a35b6dd5f789 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Mar 11 08:49:07 2014 +0100 librpc/rpc: finally maintain only the object guid This has nothing to do with ndr_syntax_id... Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 5f402dcdf7a652378a7d4e08ab1e12fd929d3d5b Author: Stefan Metzmacher <me...@samba.org> Date: Tue Feb 4 13:52:26 2014 +0100 librpc/rpc: maintain "abstract_syntax" as string option of dcerpc_binding This should not be mixed with the object guid! They are different things! Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit a2ec73050cdb43532692e3548d9c9338e4697e8b Author: Stefan Metzmacher <me...@samba.org> Date: Mon Mar 10 15:52:49 2014 +0100 s4:librpc/tests: reset the object on the binding created from the tower The tower doesn't contain information about the object only about the abstract syntax. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 46eb9fa23cc48fa4604161a05c8a8a0c47b2ca85 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 16 08:23:47 2014 +0100 s4:torture/raw: fix debug message in torture_raw_qfileinfo_pipe() We no longer use dcerpc_pipe_open_smb() there. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit df088041c897da315334c2b34076eeab7587700c Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jan 22 11:19:15 2014 +0100 s4:torture/rpc: make use of dcerpc_binding_handle_auth_info() in backupkey.c Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 1d819eda5c60e83ae9f337c1b648b1d6a03402c5 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jan 22 11:19:15 2014 +0100 s4:torture/rpc: make use of dcerpc_binding_handle_auth_info() in lsa.c Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 08ec25555d8ff2c5b74606c6313651c56bcbe726 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jan 22 11:18:35 2014 +0100 s4:torture/rpc: fix altercontext test against windows Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 495a76b9f6461909be93dcbfd09bc294cf42f8d1 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jan 22 12:22:30 2014 +0100 s4:torture/rpc: remove bogus rpc.multibind test We can later add a more useful test that tests security context multiplexing correctly. And another one that demonstrates that only DCERPC_BIND must be the first (and only the first) PDU on a connection. Otherwise DCERPC_ALTER_CONTEXT is used. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 66624e475d3f9c1a758dcf70c129f66ed677e1cb Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jan 22 12:21:50 2014 +0100 s4:selftest: don't run rpc.multibind anymore Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 0e902b83b4029320cf050a221ad41acdcdc23373 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jan 22 14:14:12 2014 +0100 s4:dsdb/repl: make use of dcerpc_binding_handle_is_connected() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 70fc74623552a9a21fa174b27cfaaa5c2f86e197 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 13 18:55:48 2014 +0100 s4:librpc/test: test ipv6 addresses in dcerpc_binding strings Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 4c98f1651db74c052cf4fa2a10691308a64dbe5e Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 13 18:55:10 2014 +0100 librpc/rpc: handle ipv6 addresses without transport in dcerpc_parse_binding() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9f5bf793418d5aa5f50a4cdfe0ef113194505cf8 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Mar 11 16:28:16 2014 +0100 librpc/rpc: add "schannel" => DCERPC_SCHANNEL as ncacn_option Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 0ecf01a1377352477a844cbf4fefb5271d0e8a32 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 13 18:00:36 2014 +0100 s4:librpc/tests: add more no transport tests Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 8a6694707385fb1ccd7b38ff5643fdc278ba3400 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Feb 13 19:51:30 2014 +0100 lib/util: let is_ipaddress_v6() cope with "fe80::1234%3" Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit dbf37008e04ad999078aaf8eb2f13daece752fa1 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 16 09:22:53 2014 +0100 s4:librpc/rpc: correctly map the fault code of alter context to NTSTATUS Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit c2f731e324f613961a1d051b13b09a0d14a1f13a Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 23 09:48:20 2014 +0100 s4:librpc/rpc: remove unused dcecli_connection->binding_string Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 983ec866afeb8ec40f29ad7523267c853712626e Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 23 09:46:55 2014 +0100 s4:torture/rpc: avoid using dcecli_connection->binding_string Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 002a0fb86e202b61879090f48f0c9513279c7500 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Mar 18 07:07:13 2014 +0100 librpc/rpc: use dcerpc_binding_set_string_option(b, "endpoint", NULL) to reset the endpoint We should always go through just one code path to [re]set a value. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 7782fbe12b2228304bcddf9ff9949ef38597f8d8 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Mar 18 07:07:13 2014 +0100 librpc/rpc: let dcerpc_binding_set_transport() also reset the assoc_group_id This is transport/endpoint specific. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d6794ec2aaad20b640f593b2c937966bc646a10e Author: Stefan Metzmacher <me...@samba.org> Date: Sun Mar 16 11:50:39 2014 +0100 libcli/smb: reuse tstream_smbXcli_np_disconnect_send/recv as helper Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 5b1d9f7a8277112f467fbcfc8048fbb71374bd9a Author: Stefan Metzmacher <me...@samba.org> Date: Sun Mar 16 11:50:39 2014 +0100 libcli/smb: add tstream_smbXcli_np_disconnect_cleanup() to handle talloc_free(req) If the tevent_req of tstream_smbXcli_np_disconnect_* is explicitly or implicitly free'ed, we need to make sure we still deliver the close request to the server! Otherwise the SMB signing sequence gets out of sync. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 6260de72213fafc6f931b9dea35ddb95a188d075 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Jan 22 11:29:15 2014 +0100 libcli/smb: make TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE public This should be used to negotiate the may fragment size of DCERPC connections. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 96e1bcde2bfb5bac8363078a70272893a27b93eb Author: Stefan Metzmacher <me...@samba.org> Date: Tue Mar 11 14:29:46 2014 +0100 libcli/smb: keep references to smbXcli_{conn,session,tcon} in tstream_smbXcli_np This fixes some valgrind errors when the smbXcli_tcon disappears before the smbXcli_conn. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit ea53ba15ee579c4368e7bdae2875c6a3af73afa3 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Mar 11 15:05:37 2014 +0100 s4:torture/rpc: fix error path in torture_leave_domain() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: lib/util/util_net.c | 66 ++++++++-- libcli/smb/tstream_smbXcli_np.c | 214 +++++++++++++++++++-------------- libcli/smb/tstream_smbXcli_np.h | 20 +++ librpc/rpc/binding.c | 91 +++++++++------ source4/dsdb/repl/drepl_out_helpers.c | 17 ++- source4/librpc/rpc/dcerpc.c | 4 +- source4/librpc/rpc/dcerpc.h | 1 - source4/librpc/rpc/dcerpc_util.c | 8 +- source4/librpc/tests/binding_string.c | 52 ++++++++- source4/selftest/tests.py | 6 +- source4/torture/raw/qfileinfo.c | 2 +- source4/torture/rpc/alter_context.c | 6 +- source4/torture/rpc/backupkey.c | 77 +++++++++---- source4/torture/rpc/lsa.c | 9 +- source4/torture/rpc/multi_bind.c | 76 ------------ source4/torture/rpc/rpc.c | 1 - source4/torture/rpc/spoolss.c | 8 +- source4/torture/rpc/testjoin.c | 3 +- source4/torture/wscript_build | 2 +- 19 files changed, 395 insertions(+), 268 deletions(-) delete mode 100644 source4/torture/rpc/multi_bind.c Changeset truncated at 500 lines: diff --git a/lib/util/util_net.c b/lib/util/util_net.c index 83afda4..d58855d 100644 --- a/lib/util/util_net.c +++ b/lib/util/util_net.c @@ -330,28 +330,70 @@ bool is_ipaddress_v6(const char *str) int ret = -1; if (strchr_m(str, ':')) { - char addr[INET6_ADDRSTRLEN]; - struct in6_addr dest6; - const char *sp = str; + char buf[INET6_ADDRSTRLEN] = { 0, }; + size_t len; + const char *addr = str; + const char *idxs = NULL; + unsigned int idx = 0; + struct in6_addr ip6; char *p = strchr_m(str, '%'); + if (p && (p > str)) { + len = PTR_DIFF(p, str); + idxs = p + 1; + } else { + len = strlen(str); + } + + if (len >= sizeof(buf)) { + return false; + } + if (idxs != NULL) { + strncpy(buf, str, len); + addr = buf; + } + + /* + * Cope with link-local. + * This is IP:v6:addr%ifidx. + */ + if (idxs != NULL) { + char c; + + ret = sscanf(idxs, "%5u%c", &idx, &c); + if (ret != 1) { + idx = 0; + } + + if (idx > 0 && idx < UINT16_MAX) { + /* a valid index */ + idxs = NULL; + } + } + /* * Cope with link-local. * This is IP:v6:addr%ifname. */ + if (idxs != NULL) { + idx = if_nametoindex(idxs); - if (p && (p > str) && (if_nametoindex(p+1) != 0)) { - size_t len = MIN(PTR_DIFF(p,str)+1, sizeof(addr)); - if (strlcpy(addr, str, len) >= len) { - /* Truncate. */ - return false; + if (idx > 0) { + /* a valid index */ + idxs = NULL; } - sp = addr; } - ret = inet_pton(AF_INET6, sp, &dest6); - if (ret > 0) { - return true; + + if (idxs != NULL) { + return false; + } + + ret = inet_pton(AF_INET6, addr, &ip6); + if (ret <= 0) { + return false; } + + return true; } #endif return false; diff --git a/libcli/smb/tstream_smbXcli_np.c b/libcli/smb/tstream_smbXcli_np.c index 2c2cb4b..c32fd6f 100644 --- a/libcli/smb/tstream_smbXcli_np.c +++ b/libcli/smb/tstream_smbXcli_np.c @@ -29,26 +29,6 @@ static const struct tstream_context_ops tstream_smbXcli_np_ops; -/* - * Windows uses 4280 (the max xmit/recv size negotiated on DCERPC). - * This is fits into the max_xmit negotiated at the SMB layer. - * - * On the sending side they may use SMBtranss if the request does not - * fit into a single SMBtrans call. - * - * Windows uses 1024 as max data size of a SMBtrans request and then - * possibly reads the rest of the DCERPC fragment (up to 3256 bytes) - * via a SMBreadX. - * - * For now we just ask for the full 4280 bytes (max data size) in the SMBtrans - * request to get the whole fragment at once (like samba 3.5.x and below did. - * - * It is important that we use do SMBwriteX with the size of a full fragment, - * otherwise we may get NT_STATUS_PIPE_BUSY on the SMBtrans request - * from NT4 servers. (See bug #8195) - */ -#define TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE 4280 - #define TSTREAM_SMBXCLI_NP_DESIRED_ACCESS ( \ SEC_STD_READ_CONTROL | \ SEC_FILE_READ_DATA | \ @@ -63,10 +43,12 @@ static const struct tstream_context_ops tstream_smbXcli_np_ops; struct tstream_smbXcli_np_ref; struct tstream_smbXcli_np { - struct tstream_smbXcli_np_ref *ref; struct smbXcli_conn *conn; + struct tstream_smbXcli_np_ref *conn_ref; struct smbXcli_session *session; + struct tstream_smbXcli_np_ref *session_ref; struct smbXcli_tcon *tcon; + struct tstream_smbXcli_np_ref *tcon_ref; uint16_t pid; unsigned int timeout; @@ -98,9 +80,19 @@ static int tstream_smbXcli_np_destructor(struct tstream_smbXcli_np *cli_nps) { NTSTATUS status; - if (cli_nps->ref != NULL) { - cli_nps->ref->cli_nps = NULL; - TALLOC_FREE(cli_nps->ref); + if (cli_nps->conn_ref != NULL) { + cli_nps->conn_ref->cli_nps = NULL; + TALLOC_FREE(cli_nps->conn_ref); + } + + if (cli_nps->session_ref != NULL) { + cli_nps->session_ref->cli_nps = NULL; + TALLOC_FREE(cli_nps->session_ref); + } + + if (cli_nps->tcon_ref != NULL) { + cli_nps->tcon_ref->cli_nps = NULL; + TALLOC_FREE(cli_nps->tcon_ref); } if (!smbXcli_conn_is_connected(cli_nps->conn)) { @@ -153,14 +145,27 @@ static int tstream_smbXcli_np_ref_destructor(struct tstream_smbXcli_np_ref *ref) return 0; } + if (ref->cli_nps->conn == NULL) { + return 0; + } + ref->cli_nps->conn = NULL; ref->cli_nps->session = NULL; ref->cli_nps->tcon = NULL; - ref->cli_nps->ref = NULL; + + TALLOC_FREE(ref->cli_nps->conn_ref); + TALLOC_FREE(ref->cli_nps->session_ref); + TALLOC_FREE(ref->cli_nps->tcon_ref); return 0; }; +static struct tevent_req *tstream_smbXcli_np_disconnect_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct tstream_context *stream); +static int tstream_smbXcli_np_disconnect_recv(struct tevent_req *req, + int *perrno); + struct tstream_smbXcli_np_open_state { struct smbXcli_conn *conn; struct smbXcli_session *session; @@ -312,13 +317,33 @@ NTSTATUS _tstream_smbXcli_np_open_recv(struct tevent_req *req, } ZERO_STRUCTP(cli_nps); - cli_nps->ref = talloc_zero(state->conn, struct tstream_smbXcli_np_ref); - if (cli_nps->ref == NULL) { + cli_nps->conn_ref = talloc_zero(state->conn, + struct tstream_smbXcli_np_ref); + if (cli_nps->conn_ref == NULL) { TALLOC_FREE(cli_nps); tevent_req_received(req); return NT_STATUS_NO_MEMORY; } - cli_nps->ref->cli_nps = cli_nps; + cli_nps->conn_ref->cli_nps = cli_nps; + + cli_nps->session_ref = talloc_zero(state->session, + struct tstream_smbXcli_np_ref); + if (cli_nps->session_ref == NULL) { + TALLOC_FREE(cli_nps); + tevent_req_received(req); + return NT_STATUS_NO_MEMORY; + } + cli_nps->session_ref->cli_nps = cli_nps; + + cli_nps->tcon_ref = talloc_zero(state->tcon, + struct tstream_smbXcli_np_ref); + if (cli_nps->tcon_ref == NULL) { + TALLOC_FREE(cli_nps); + tevent_req_received(req); + return NT_STATUS_NO_MEMORY; + } + cli_nps->tcon_ref->cli_nps = cli_nps; + cli_nps->conn = state->conn; cli_nps->session = state->session; cli_nps->tcon = state->tcon; @@ -331,7 +356,12 @@ NTSTATUS _tstream_smbXcli_np_open_recv(struct tevent_req *req, cli_nps->fid_volatile = state->fid_volatile; talloc_set_destructor(cli_nps, tstream_smbXcli_np_destructor); - talloc_set_destructor(cli_nps->ref, tstream_smbXcli_np_ref_destructor); + talloc_set_destructor(cli_nps->conn_ref, + tstream_smbXcli_np_ref_destructor); + talloc_set_destructor(cli_nps->session_ref, + tstream_smbXcli_np_ref_destructor); + talloc_set_destructor(cli_nps->tcon_ref, + tstream_smbXcli_np_ref_destructor); cli_nps->trans.active = false; cli_nps->trans.read_req = NULL; @@ -637,24 +667,8 @@ static void tstream_smbXcli_np_writev_disconnect_now(struct tevent_req *req, return; } - if (cli_nps->is_smb1) { - subreq = smb1cli_close_send(state, state->ev, - cli_nps->conn, - cli_nps->timeout, - cli_nps->pid, - cli_nps->tcon, - cli_nps->session, - cli_nps->fnum, UINT32_MAX); - } else { - subreq = smb2cli_close_send(state, state->ev, - cli_nps->conn, - cli_nps->timeout, - cli_nps->session, - cli_nps->tcon, - 0, /* flags */ - cli_nps->fid_persistent, - cli_nps->fid_volatile); - } + subreq = tstream_smbXcli_np_disconnect_send(state, state->ev, + state->stream); if (subreq == NULL) { /* return the original error */ _tevent_req_error(req, state->error.val, state->error.location); @@ -671,20 +685,11 @@ static void tstream_smbXcli_np_writev_disconnect_done(struct tevent_req *subreq) tevent_req_callback_data(subreq, struct tevent_req); struct tstream_smbXcli_np_writev_state *state = tevent_req_data(req, struct tstream_smbXcli_np_writev_state); - struct tstream_smbXcli_np *cli_nps = - tstream_context_data(state->stream, struct tstream_smbXcli_np); + int error; - if (cli_nps->is_smb1) { - smb1cli_close_recv(subreq); - } else { - smb2cli_close_recv(subreq); - } + tstream_smbXcli_np_disconnect_recv(subreq, &error); TALLOC_FREE(subreq); - cli_nps->conn = NULL; - cli_nps->tcon = NULL; - cli_nps->session = NULL; - /* return the original error */ _tevent_req_error(req, state->error.val, state->error.location); } @@ -1114,24 +1119,8 @@ static void tstream_smbXcli_np_readv_disconnect_now(struct tevent_req *req, return; } - if (cli_nps->is_smb1) { - subreq = smb1cli_close_send(state, state->ev, - cli_nps->conn, - cli_nps->timeout, - cli_nps->pid, - cli_nps->tcon, - cli_nps->session, - cli_nps->fnum, UINT32_MAX); - } else { - subreq = smb2cli_close_send(state, state->ev, - cli_nps->conn, - cli_nps->timeout, - cli_nps->session, - cli_nps->tcon, - 0, /* flags */ - cli_nps->fid_persistent, - cli_nps->fid_volatile); - } + subreq = tstream_smbXcli_np_disconnect_send(state, state->ev, + state->stream); if (subreq == NULL) { /* return the original error */ tstream_smbXcli_np_readv_error(req); @@ -1146,22 +1135,11 @@ static void tstream_smbXcli_np_readv_disconnect_done(struct tevent_req *subreq) { struct tevent_req *req = tevent_req_callback_data(subreq, struct tevent_req); - struct tstream_smbXcli_np_readv_state *state = - tevent_req_data(req, struct tstream_smbXcli_np_readv_state); - struct tstream_smbXcli_np *cli_nps = - tstream_context_data(state->stream, struct tstream_smbXcli_np); + int error; - if (cli_nps->is_smb1) { - smb1cli_close_recv(subreq); - } else { - smb2cli_close_recv(subreq); - } + tstream_smbXcli_np_disconnect_recv(subreq, &error); TALLOC_FREE(subreq); - cli_nps->conn = NULL; - cli_nps->session = NULL; - cli_nps->tcon = NULL; - tstream_smbXcli_np_readv_error(req); } @@ -1231,9 +1209,12 @@ static int tstream_smbXcli_np_readv_recv(struct tevent_req *req, struct tstream_smbXcli_np_disconnect_state { struct tstream_context *stream; + struct tevent_req *subreq; }; static void tstream_smbXcli_np_disconnect_done(struct tevent_req *subreq); +static void tstream_smbXcli_np_disconnect_cleanup(struct tevent_req *req, + enum tevent_req_state req_state); static struct tevent_req *tstream_smbXcli_np_disconnect_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, @@ -1278,6 +1259,14 @@ static struct tevent_req *tstream_smbXcli_np_disconnect_send(TALLOC_CTX *mem_ctx return tevent_req_post(req, ev); } tevent_req_set_callback(subreq, tstream_smbXcli_np_disconnect_done, req); + state->subreq = subreq; + + tevent_req_set_cleanup_fn(req, tstream_smbXcli_np_disconnect_cleanup); + + /* + * Make sure we don't send any requests anymore. + */ + cli_nps->conn = NULL; return req; } @@ -1292,6 +1281,8 @@ static void tstream_smbXcli_np_disconnect_done(struct tevent_req *subreq) tstream_context_data(state->stream, struct tstream_smbXcli_np); NTSTATUS status; + state->subreq = NULL; + if (cli_nps->is_smb1) { status = smb1cli_close_recv(subreq); } else { @@ -1310,6 +1301,51 @@ static void tstream_smbXcli_np_disconnect_done(struct tevent_req *subreq) tevent_req_done(req); } +static void tstream_smbXcli_np_disconnect_free(struct tevent_req *subreq); + +static void tstream_smbXcli_np_disconnect_cleanup(struct tevent_req *req, + enum tevent_req_state req_state) +{ + struct tstream_smbXcli_np_disconnect_state *state = + tevent_req_data(req, struct tstream_smbXcli_np_disconnect_state); + struct tstream_smbXcli_np *cli_nps = NULL; + + if (state->subreq == NULL) { + return; + } + + cli_nps = tstream_context_data(state->stream, struct tstream_smbXcli_np); + + if (cli_nps->tcon == NULL) { + return; + } + + /* + * We're no longer interested in the result + * any more, but need to make sure that the close + * request arrives at the server if the smb connection, + * session and tcon are still alive. + * + * We move the low level request to the tcon, + * which means that it stays as long as the tcon + * is available. + */ + talloc_steal(cli_nps->tcon, state->subreq); + tevent_req_set_callback(state->subreq, + tstream_smbXcli_np_disconnect_free, + NULL); + state->subreq = NULL; + + cli_nps->conn = NULL; + cli_nps->session = NULL; + cli_nps->tcon = NULL; +} + +static void tstream_smbXcli_np_disconnect_free(struct tevent_req *subreq) +{ + TALLOC_FREE(subreq); +} + static int tstream_smbXcli_np_disconnect_recv(struct tevent_req *req, int *perrno) { diff --git a/libcli/smb/tstream_smbXcli_np.h b/libcli/smb/tstream_smbXcli_np.h index c4af532..e8c5c39 100644 --- a/libcli/smb/tstream_smbXcli_np.h +++ b/libcli/smb/tstream_smbXcli_np.h @@ -49,4 +49,24 @@ NTSTATUS tstream_smbXcli_np_use_trans(struct tstream_context *stream); unsigned int tstream_smbXcli_np_set_timeout(struct tstream_context *stream, unsigned int timeout); +/* + * Windows uses 4280 (the max xmit/recv size negotiated on DCERPC). + * This is fits into the max_xmit negotiated at the SMB layer. + * + * On the sending side they may use SMBtranss if the request does not + * fit into a single SMBtrans call. + * + * Windows uses 1024 as max data size of a SMBtrans request and then + * possibly reads the rest of the DCERPC fragment (up to 3256 bytes) + * via a SMBreadX. + * + * For now we just ask for the full 4280 bytes (max data size) in the SMBtrans + * request to get the whole fragment at once (like samba 3.5.x and below did. + * + * It is important that we use do SMBwriteX with the size of a full fragment, + * otherwise we may get NT_STATUS_PIPE_BUSY on the SMBtrans request + * from NT4 servers. (See bug #8195) + */ +#define TSTREAM_SMBXCLI_NP_MAX_BUF_SIZE 4280 + #endif /* _CLI_NP_TSTREAM_H_ */ diff --git a/librpc/rpc/binding.c b/librpc/rpc/binding.c index 4ee1c62..37e0c4f 100644 --- a/librpc/rpc/binding.c +++ b/librpc/rpc/binding.c @@ -37,7 +37,7 @@ struct dcerpc_binding { enum dcerpc_transport_t transport; - struct ndr_syntax_id object; + struct GUID object; const char *object_string; const char *host; const char *target_hostname; @@ -98,6 +98,7 @@ static const struct ncacn_option { {"spnego", DCERPC_AUTH_SPNEGO}, {"ntlm", DCERPC_AUTH_NTLM}, {"krb5", DCERPC_AUTH_KRB5}, + {"schannel", DCERPC_SCHANNEL}, {"validate", DCERPC_DEBUG_VALIDATE_BOTH}, {"print", DCERPC_DEBUG_PRINT_BOTH}, {"padcheck", DCERPC_DEBUG_PAD_CHECK}, @@ -223,10 +224,10 @@ _PUBLIC_ char *dcerpc_binding_string(TALLOC_CTX *mem_ctx, const struct dcerpc_bi } } - if (!GUID_all_zero(&b->object.uuid)) { + if (!GUID_all_zero(&b->object)) { o = s; s = talloc_asprintf_append_buffer(s, "%s@", - GUID_string(mem_ctx, &b->object.uuid)); + GUID_string(mem_ctx, &b->object)); if (s == NULL) { talloc_free(o); return NULL; @@ -409,6 +410,8 @@ _PUBLIC_ NTSTATUS dcerpc_parse_binding(TALLOC_CTX *mem_ctx, const char *_s, stru if (p == NULL) { b->transport = NCA_UNKNOWN; + } else if (is_ipaddress_v6(s)) { + b->transport = NCA_UNKNOWN; } else { *p = '\0'; @@ -497,7 +500,7 @@ _PUBLIC_ NTSTATUS dcerpc_parse_binding(TALLOC_CTX *mem_ctx, const char *_s, stru -- Samba Shared Repository