The branch, v4-19-stable has been updated
via 3e6d7e10b44 CVE-2023-42670 s3-rpc_server: Remove cross-check with
"samba" EPM lookup
via 06a434bcc31 CVE-2023-42670 s3-rpc_server: Strictly refuse to start
RPC servers in conflict with AD DC
via 88542d6d77d CVE-2023-42669 s3-rpc_server: Disable rpcecho for
consistency with the AD DC
via 5eeba465a0e CVE-2023-42669 s4-rpc_server: Disable rpcecho server by
default
via 72248a51335 CVE-2023-4154: Unimplement the original DirSync
behaviour without LDAP_DIRSYNC_OBJECT_SECURITY
via 56c13448d21 CVE-2023-4154 dsdb/tests: Extend attribute read DirSync
tests
via f70bdb46f85 CVE-2023-4154 dsdb/tests: Add test for
SEARCH_FLAG_RODC_ATTRIBUTE behaviour
via 1eca806c13f CVE-2023-4154 dsdb/tests: Speed up DirSync test by only
checking positive matches once
via e9cbf161261 CVE-2023-4154 dsdb/tests: Check that secret attributes
are not visible with DirSync ever.
via e46a30aa1d2 CVE-2023-4154 dsdb/tests: Force the test attribute to
be not-confidential at the start
via c284a9229c0 CVE-2023-4154 dsdb/tests: Use self.addCleanup() and
delete_force()
via 937e50b1d67 CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests
twice
via 05c370c4698 CVE-2023-4154 s4:dsdb:tests: Fix code spelling
via 6b6495c7125 CVE-2023-4091: smbd: use open_access_mask for access
check in open_file()
via 2ff6cbcd3ac CVE-2023-4091: smbtorture: test overwrite dispositions
on read-only file
via f17abf9c4a7 CVE-2023-3961:s3: smbd: Remove the SMB_ASSERT() that
crashes on bad pipenames.
via 45d584532f8 CVE-2023-3961:s3:torture: Add test
SMB2-INVALID-PIPENAME to show we allow bad pipenames with unix separators
through to the UNIX domain socket code.
via 5dab2cfde7e CVE-2023-3961:s3:smbd: Catch any incoming pipe path
that could exit socket_dir.
from b7921852ad6 VERSION: Disable GIT_SNAPSHOT for the 4.19.0 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-19-stable
- Log -----------------------------------------------------------------
commit 3e6d7e10b4417e348fb4d2942b2eb13197576ab3
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Sep 12 16:23:49 2023 +1200
CVE-2023-42670 s3-rpc_server: Remove cross-check with "samba" EPM lookup
We now have ensured that no conflicting services attempt to start
so we do not need the runtime lookup and so avoid the risk that
the lookup may fail.
This means that any duplicates will be noticed early not just
in a race condition.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15473
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit 06a434bcc31cc428f7b5912027348de8e6660449
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Sep 12 12:28:49 2023 +1200
CVE-2023-42670 s3-rpc_server: Strictly refuse to start RPC servers in
conflict with AD DC
Just as we refuse to start NETLOGON except on the DC, we must refuse
to start all of the RPC services that are provided by the AD DC.
Most critically of course this applies to netlogon, lsa and samr.
This avoids the supression of these services being the result of a
runtime epmapper lookup, as if that fails these services can disrupt
service to end users by listening on the same socket as the AD DC
servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15473
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit 88542d6d77d7a996d15412d05a0d026d47b337f5
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Sep 12 19:01:03 2023 +1200
CVE-2023-42669 s3-rpc_server: Disable rpcecho for consistency with the AD DC
The rpcecho server in source3 does have samba the sleep() feature that
the s4 version has, but the task architecture is different, so there
is not the same impact. Hoever equally this is not something that
should be enabled on production builds of Samba, so restrict to
selftest builds.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15474
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit 5eeba465a0eb784e003750241d8d319cc72c5217
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Sep 12 18:59:44 2023 +1200
CVE-2023-42669 s4-rpc_server: Disable rpcecho server by default
The rpcecho server is useful in development and testing, but should never
have been allowed into production, as it includes the facility to
do a blocking sleep() in the single-threaded rpc worker.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15474
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit 72248a51335d24d715fd31cf19e3de194a60ece1
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Aug 8 17:58:27 2023 +1200
CVE-2023-4154: Unimplement the original DirSync behaviour without
LDAP_DIRSYNC_OBJECT_SECURITY
This makes LDAP_DIRSYNC_OBJECT_SECURITY the only behaviour provided by
Samba.
Having a second access control system withing the LDAP stack is unsafe
and this layer is incomplete.
The current system gives all accounts that have been given the
GUID_DRS_GET_CHANGES extended right SYSTEM access. Currently in Samba
this equates to full access to passwords as well as "RODC Filtered
attributes" (often used with confidential attributes).
Rather than attempting to correctly filter for secrets (passwords) and
these filtered attributes, as well as preventing search expressions for
both, we leave this complexity to the acl_read module which has this
facility already well tested.
The implication is that callers will only see and filter by attribute
in DirSync that they could without DirSync.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit 56c13448d21555fde2d7e6e2903e4ef1c487f352
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Aug 22 15:08:17 2023 +1200
CVE-2023-4154 dsdb/tests: Extend attribute read DirSync tests
The aim here is to document the expected (even if not implemented)
SEARCH_FLAG_RODC_ATTRIBUTE vs SEARCH_FLAG_CONFIDENTIAL, behaviour, so
that any change once CVE-2023-4154 is fixed can be noted.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit f70bdb46f85b5c721e0835766d2ce4a56175b3cb
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Aug 8 14:30:19 2023 +1200
CVE-2023-4154 dsdb/tests: Add test for SEARCH_FLAG_RODC_ATTRIBUTE behaviour
SEARCH_FLAG_RODC_ATTRIBUTE should be like SEARCH_FLAG_CONFIDENTIAL,
but for DirSync and DRS replication. Accounts with
GUID_DRS_GET_CHANGES rights should not be able to read this
attribute.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit 1eca806c13f250b21e6a3dd4579903d84c608b3f
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Aug 8 11:18:46 2023 +1200
CVE-2023-4154 dsdb/tests: Speed up DirSync test by only checking positive
matches once
When we (expect to) get back a result, do not waste time against a
potentially
slow server confirming we also get back results for all the other attribute
combinations.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit e9cbf161261e7818e988c1b391dd31a5dd5e10f8
Author: Andrew Bartlett <abart...@samba.org>
Date: Mon Aug 7 11:56:56 2023 +1200
CVE-2023-4154 dsdb/tests: Check that secret attributes are not visible with
DirSync ever.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit e46a30aa1d2c27eca57a87dfb3195abf98d00b39
Author: Andrew Bartlett <abart...@samba.org>
Date: Mon Aug 7 14:44:28 2023 +1200
CVE-2023-4154 dsdb/tests: Force the test attribute to be not-confidential
at the start
Rather than fail, if the last run failed to reset things, just force
the DC into the required state.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit c284a9229c07874a2a24d2b36061945eaef3e8e7
Author: Andrew Bartlett <abart...@samba.org>
Date: Mon Aug 7 13:15:40 2023 +1200
CVE-2023-4154 dsdb/tests: Use self.addCleanup() and delete_force()
Thie helps ensure this test is reliable even in spite of errors while
running.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit 937e50b1d67a49ae7cb7ea2216b9264a5c5f53f5
Author: Andrew Bartlett <abart...@samba.org>
Date: Mon Aug 7 11:55:55 2023 +1200
CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests twice
To re-use setup code, the super-class must have no test_*() methods
otherwise these will be run as well as the class-local tests.
We rename tests that would otherwise have duplicate names
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andrew Bartlett <abart...@samba.org>
commit 05c370c4698fc7773bceeaa97595fc0ba131c3b3
Author: Andreas Schneider <a...@samba.org>
Date: Wed Aug 2 10:44:32 2023 +0200
CVE-2023-4154 s4:dsdb:tests: Fix code spelling
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Joseph Sutton <josephsut...@catalyst.net.nz>
(cherry picked from commit b29793ffdee5d9b9c1c05830622e80f7faec7670)
commit 6b6495c7125540f5bacc27ef76440340cf0fd58e
Author: Ralph Boehme <s...@samba.org>
Date: Tue Aug 1 13:04:36 2023 +0200
CVE-2023-4091: smbd: use open_access_mask for access check in open_file()
If the client requested FILE_OVERWRITE[_IF], we're implicitly adding
FILE_WRITE_DATA to the open_access_mask in open_file_ntcreate(), but for the
access check we're using access_mask which doesn't contain the additional
right, which means we can end up truncating a file for which the user has
only read-only access via an SD.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15439
Signed-off-by: Ralph Boehme <s...@samba.org>
commit 2ff6cbcd3accaf7953de9fe0a05d0c2176af6b3c
Author: Ralph Boehme <s...@samba.org>
Date: Tue Aug 1 12:30:00 2023 +0200
CVE-2023-4091: smbtorture: test overwrite dispositions on read-only file
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15439
Signed-off-by: Ralph Boehme <s...@samba.org>
commit f17abf9c4a7ce75893a46f90dde5871501b78e86
Author: Jeremy Allison <j...@samba.org>
Date: Tue Jul 25 17:54:41 2023 -0700
CVE-2023-3961:s3: smbd: Remove the SMB_ASSERT() that crashes on bad
pipenames.
We correctly handle this and just return ENOENT
(NT_STATUS_OBJECT_NAME_NOT_FOUND).
Remove knowfail.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15422
Signed-off-by: Jeremy Allison <j...@samba.org>
commit 45d584532f865a39432b9a3f179fdeb5cbef2f76
Author: Jeremy Allison <j...@samba.org>
Date: Tue Jul 25 17:49:21 2023 -0700
CVE-2023-3961:s3:torture: Add test SMB2-INVALID-PIPENAME to show we allow
bad pipenames with unix separators through to the UNIX domain socket code.
The raw SMB2-INVALID-PIPENAME test passes against Windows 2022,
as it just returns NT_STATUS_OBJECT_NAME_NOT_FOUND.
Add the knownfail.
BUG:https://bugzilla.samba.org/show_bug.cgi?id=15422
Signed-off-by: Jeremy Allison <j...@samba.org>
commit 5dab2cfde7e45b9e366325ed1f75b65fc6e30d90
Author: Jeremy Allison <j...@samba.org>
Date: Tue Jul 25 17:41:04 2023 -0700
CVE-2023-3961:s3:smbd: Catch any incoming pipe path that could exit
socket_dir.
For now, SMB_ASSERT() to exit the server. We will remove
this once the test code is in place.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15422
Signed-off-by: Jeremy Allison <j...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
.../smbdotconf/protocol/dcerpcendpointservers.xml | 2 +-
lib/param/loadparm.c | 2 +-
selftest/knownfail | 2 +-
selftest/knownfail.d/dirsync | 13 +
selftest/target/Samba4.pm | 2 +-
source3/param/loadparm.c | 2 +-
source3/rpc_client/local_np.c | 13 +
source3/rpc_server/rpc_host.c | 154 +------
source3/rpc_server/rpcd_classic.c | 45 +-
source3/rpc_server/rpcd_epmapper.c | 33 +-
source3/rpc_server/rpcd_lsad.c | 21 +
source3/rpc_server/rpcd_rpcecho.c | 33 +-
source3/rpc_server/wscript_build | 1 +
source3/selftest/tests.py | 14 +
source3/smbd/open.c | 4 +-
source3/torture/proto.h | 1 +
source3/torture/test_smb2.c | 107 +++++
source3/torture/torture.c | 4 +
source4/dsdb/samdb/ldb_modules/dirsync.c | 22 +-
source4/dsdb/tests/python/acl.py | 12 +-
.../dsdb/tests/python/ad_dc_search_performance.py | 2 +-
source4/dsdb/tests/python/confidential_attr.py | 63 ++-
source4/dsdb/tests/python/dirsync.py | 473 ++++++++++++++++++---
source4/dsdb/tests/python/ldap.py | 14 +-
source4/dsdb/tests/python/ldap_modify_order.py | 4 +-
source4/dsdb/tests/python/ldap_syntaxes.py | 4 +-
source4/dsdb/tests/python/login_basics.py | 2 +-
source4/dsdb/tests/python/password_settings.py | 4 +-
source4/dsdb/tests/python/passwords.py | 4 +-
source4/dsdb/tests/python/sam.py | 2 +-
source4/dsdb/tests/python/sec_descriptor.py | 14 +-
source4/dsdb/tests/python/token_group.py | 4 +-
source4/dsdb/tests/python/user_account_control.py | 2 +-
source4/rpc_server/wscript_build | 3 +-
source4/torture/smb2/acls.c | 143 +++++++
35 files changed, 939 insertions(+), 286 deletions(-)
create mode 100644 selftest/knownfail.d/dirsync
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
index 8a217cc7f11..c6642b795fd 100644
--- a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
+++ b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml
@@ -6,6 +6,6 @@
<para>Specifies which DCE/RPC endpoint servers should be run.</para>
</description>
-<value type="default">epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc,
drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver</value>
+<value type="default">epmapper, wkssvc, samr, netlogon, lsarpc, drsuapi,
dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver</value>
<value type="example">rpcecho</value>
</samba:parameter>
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 447087911b5..02eef6929d0 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2730,7 +2730,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX
*mem_ctx)
lpcfg_do_global_parameter(lp_ctx, "ntvfs handler", "unixuid default");
lpcfg_do_global_parameter(lp_ctx, "max connections", "0");
- lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper
wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6
backupkey dnsserver");
+ lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper
wkssvc samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6
backupkey dnsserver");
lpcfg_do_global_parameter(lp_ctx, "server services", "s3fs rpc nbt
wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns");
lpcfg_do_global_parameter(lp_ctx, "kccsrv:samba_kcc", "true");
/* the winbind method for domain controllers is for both RODC
diff --git a/selftest/knownfail b/selftest/knownfail
index 37c75d7ca33..4e34effbbd1 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -151,7 +151,7 @@
^samba4.smb2.acls.*.inheritflags
^samba4.smb2.acls.*.owner
^samba4.smb2.acls.*.ACCESSBASED
-^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.test_dirsync_deleted_items
+^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.SimpleDirsyncTests.test_dirsync_deleted_items_OBJECT_SECURITY
#^samba4.ldap.dirsync.python.ad_dc_ntvfs..__main__.ExtendedDirsyncTests.*
^samba4.libsmbclient.opendir.(NT1|SMB3).opendir # This requires netbios
browsing
^samba4.rpc.drsuapi.*.drsuapi.DsGetDomainControllerInfo\(.*\)$
diff --git a/selftest/knownfail.d/dirsync b/selftest/knownfail.d/dirsync
new file mode 100644
index 00000000000..fcf4d469d6e
--- /dev/null
+++ b/selftest/knownfail.d/dirsync
@@ -0,0 +1,13 @@
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_OBJECT_SECURITY_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_unicodePwd_OBJ_SEC_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_unicodePwd_with_GET_CHANGES_OBJ_SEC_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_unicodePwd_with_GET_CHANGES_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_with_GET_CHANGES_OBJECT_SECURITY_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialDirsyncTests.test_dirsync_with_GET_CHANGES\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_OBJECT_SECURITY_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_OBJECT_SECURITY_with_GET_CHANGES_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_with_GET_CHANGES_attr\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.ConfidentialFilteredDirsyncTests.test_dirsync_with_GET_CHANGES_insist_on_empty_element\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.FilteredDirsyncTests.test_dirsync_with_GET_CHANGES\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.FilteredDirsyncTests.test_dirsync_with_GET_CHANGES_attr\(.*\)
+^samba4.ldap.dirsync.python\(.*\).__main__.FilteredDirsyncTests.test_dirsync_with_GET_CHANGES_insist_on_empty_element\(.*\)
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 0bd77e906d5..a10c1313322 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -783,7 +783,7 @@ sub provision_raw_step1($$)
wins support = yes
server role = $ctx->{server_role}
server services = +echo $services
- dcerpc endpoint servers = +winreg +srvsvc
+ dcerpc endpoint servers = +winreg +srvsvc +rpcecho
notify:inotify = false
ldb:nosync = true
ldap server require strong auth = yes
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 68e20729661..306528d95b3 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -883,7 +883,7 @@ static void init_globals(struct loadparm_context *lp_ctx,
bool reinit_globals)
Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt
wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
- Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL,
"epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser
eventlog6 backupkey dnsserver", NULL);
+ Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL,
"epmapper wkssvc samr netlogon lsarpc drsuapi dssetup unixinfo browser
eventlog6 backupkey dnsserver", NULL);
Globals.tls_enabled = true;
Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE;
diff --git a/source3/rpc_client/local_np.c b/source3/rpc_client/local_np.c
index 0b323404f06..791ded99a47 100644
--- a/source3/rpc_client/local_np.c
+++ b/source3/rpc_client/local_np.c
@@ -542,6 +542,19 @@ struct tevent_req *local_np_connect_send(
return tevent_req_post(req, ev);
}
+ /*
+ * Ensure we cannot process a path that exits
+ * the socket_dir.
+ */
+ if (ISDOTDOT(lower_case_pipename) ||
+ (strchr(lower_case_pipename, '/')!=NULL))
+ {
+ DBG_DEBUG("attempt to connect to invalid pipe pathname %s\n",
+ lower_case_pipename);
+ tevent_req_error(req, ENOENT);
+ return tevent_req_post(req, ev);
+ }
+
state->socketpath = talloc_asprintf(
state, "%s/np/%s", socket_dir, lower_case_pipename);
if (tevent_req_nomem(state->socketpath, req)) {
diff --git a/source3/rpc_server/rpc_host.c b/source3/rpc_server/rpc_host.c
index 2b9f05c1af3..1cb874569e2 100644
--- a/source3/rpc_server/rpc_host.c
+++ b/source3/rpc_server/rpc_host.c
@@ -214,7 +214,6 @@ struct rpc_server_get_endpoints_state {
char **argl;
char *ncalrpc_endpoint;
enum dcerpc_transport_t only_transport;
- struct dcerpc_binding **existing_bindings;
struct rpc_host_iface_name *iface_names;
struct rpc_host_endpoint **endpoints;
@@ -235,7 +234,6 @@ static void rpc_server_get_endpoints_done(struct tevent_req
*subreq);
* @param[in] ev Event context to run this on
* @param[in] rpc_server_exe Binary to ask with --list-interfaces
* @param[in] only_transport Filter out anything but this
- * @param[in] existing_bindings Filter out endpoints served by "samba"
* @return The tevent_req representing this process
*/
@@ -243,8 +241,7 @@ static struct tevent_req *rpc_server_get_endpoints_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
const char *rpc_server_exe,
- enum dcerpc_transport_t only_transport,
- struct dcerpc_binding **existing_bindings)
+ enum dcerpc_transport_t only_transport)
{
struct tevent_req *req = NULL, *subreq = NULL;
struct rpc_server_get_endpoints_state *state = NULL;
@@ -256,7 +253,6 @@ static struct tevent_req *rpc_server_get_endpoints_send(
return NULL;
}
state->only_transport = only_transport;
- state->existing_bindings = existing_bindings;
progname = strrchr(rpc_server_exe, '/');
if (progname != NULL) {
@@ -417,37 +413,17 @@ static bool dcerpc_binding_same_endpoint(
* In member mode, we only serve named pipes. Indicated by NCACN_NP
* passed in via "only_transport".
*
- * In AD mode, the "samba" process already serves many endpoints,
- * passed in via "existing_binding". Don't serve those from
- * samba-dcerpcd.
- *
* @param[in] binding Which binding is in question?
* @param[in] only_transport Exclusive transport to serve
- * @param[in] existing_bindings Endpoints served by "samba" already
* @return Do we want to serve "binding" from samba-dcerpcd?
*/
static bool rpc_host_serve_endpoint(
struct dcerpc_binding *binding,
- enum dcerpc_transport_t only_transport,
- struct dcerpc_binding **existing_bindings)
+ enum dcerpc_transport_t only_transport)
{
enum dcerpc_transport_t transport =
dcerpc_binding_get_transport(binding);
- size_t i, num_existing_bindings;
-
- num_existing_bindings = talloc_array_length(existing_bindings);
-
- for (i=0; i<num_existing_bindings; i++) {
- bool same = dcerpc_binding_same_endpoint(
- binding, existing_bindings[i]);
- if (same) {
- DBG_DEBUG("%s served by samba\n",
- dcerpc_binding_get_string_option(
- binding, "endpoint"));
- return false;
- }
- }
if (only_transport == NCA_UNKNOWN) {
/* no filter around */
@@ -486,7 +462,7 @@ static struct rpc_host_endpoint *rpc_host_endpoint_find(
}
serve_this = rpc_host_serve_endpoint(
- ep->binding, state->only_transport, state->existing_bindings);
+ ep->binding, state->only_transport);
if (!serve_this) {
goto fail;
}
@@ -1607,7 +1583,6 @@ static struct tevent_req *rpc_server_setup_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct rpc_host *host,
- struct dcerpc_binding **existing_bindings,
const char *rpc_server_exe)
{
struct tevent_req *req = NULL, *subreq = NULL;
@@ -1639,8 +1614,7 @@ static struct tevent_req *rpc_server_setup_send(
state,
ev,
rpc_server_exe,
- host->np_helper ? NCACN_NP : NCA_UNKNOWN,
- existing_bindings);
+ host->np_helper ? NCACN_NP : NCA_UNKNOWN);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
}
@@ -2344,7 +2318,6 @@ static struct tevent_req *rpc_host_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct messaging_context *msg_ctx,
- struct dcerpc_binding **existing_bindings,
char *servers,
int ready_signal_fd,
const char *daemon_ready_progname,
@@ -2465,7 +2438,6 @@ static struct tevent_req *rpc_host_send(
state,
ev,
host,
- existing_bindings,
exe);
if (tevent_req_nomem(subreq, req)) {
return tevent_req_post(req, ev);
@@ -2648,117 +2620,6 @@ static int rpc_host_pidfile_create(
return EAGAIN;
}
-/*
- * Find which interfaces are already being served by the samba AD
- * DC so we know not to serve them. Some interfaces like netlogon
- * are served by "samba", some like srvsvc will be served by the
- * source3 based RPC servers.
- */
-static NTSTATUS rpc_host_epm_lookup(
- TALLOC_CTX *mem_ctx,
- struct dcerpc_binding ***pbindings)
-{
- struct rpc_pipe_client *cli = NULL;
- struct pipe_auth_data *auth = NULL;
- struct policy_handle entry_handle = { .handle_type = 0 };
- struct dcerpc_binding **bindings = NULL;
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
-
- status = rpc_pipe_open_ncalrpc(mem_ctx, &ndr_table_epmapper, &cli);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("rpc_pipe_open_ncalrpc failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
- status = rpccli_ncalrpc_bind_data(cli, &auth);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("rpccli_ncalrpc_bind_data failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
- status = rpc_pipe_bind(cli, auth);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("rpc_pipe_bind failed: %s\n", nt_errstr(status));
- goto fail;
- }
-
- for (;;) {
- size_t num_bindings = talloc_array_length(bindings);
- struct dcerpc_binding **tmp = NULL;
- uint32_t num_entries = 0;
- struct epm_entry_t *entry = NULL;
- struct dcerpc_binding *binding = NULL;
- uint32_t result;
-
- entry = talloc(cli, struct epm_entry_t);
- if (entry == NULL) {
- goto fail;
- }
-
- status = dcerpc_epm_Lookup(
- cli->binding_handle, /* binding_handle */
- cli, /* mem_ctx */
- 0, /* rpc_c_ep_all */
- NULL, /* object */
- NULL, /* interface id */
- 0, /* rpc_c_vers_all */
- &entry_handle, /* entry_handle */
- 1, /* max_ents */
- &num_entries, /* num_ents */
- entry, /* entries */
- &result); /* result */
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("dcerpc_epm_Lookup failed: %s\n",
- nt_errstr(status));
- goto fail;
- }
-
- if (result == EPMAPPER_STATUS_NO_MORE_ENTRIES) {
- break;
- }
-
- if (result != EPMAPPER_STATUS_OK) {
- DBG_DEBUG("dcerpc_epm_Lookup returned %"PRIu32"\n",
- result);
- break;
- }
-
- if (num_entries != 1) {
- DBG_DEBUG("epm_Lookup returned %"PRIu32" "
- "entries, expected one\n",
- num_entries);
- break;
- }
-
- status = dcerpc_binding_from_tower(
- mem_ctx, &entry->tower->tower, &binding);
- if (!NT_STATUS_IS_OK(status)) {
- break;
- }
-
- tmp = talloc_realloc(
- mem_ctx,
- bindings,
- struct dcerpc_binding *,
- num_bindings+1);
- if (tmp == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
- bindings = tmp;
-
- bindings[num_bindings] = talloc_move(bindings, &binding);
-
- TALLOC_FREE(entry);
- }
-
- *pbindings = bindings;
- status = NT_STATUS_OK;
-fail:
- TALLOC_FREE(cli);
- return status;
-}
-
static void samba_dcerpcd_stdin_handler(
struct tevent_context *ev,
struct tevent_fd *fde,
@@ -2788,7 +2649,6 @@ int main(int argc, const char *argv[])
struct tevent_context *ev_ctx = NULL;
struct messaging_context *msg_ctx = NULL;
struct tevent_req *req = NULL;
- struct dcerpc_binding **existing_bindings = NULL;
char *servers = NULL;
const char *arg = NULL;
size_t num_servers;
@@ -2995,11 +2855,6 @@ int main(int argc, const char *argv[])
exit(1);
}
- status = rpc_host_epm_lookup(frame, &existing_bindings);
- DBG_DEBUG("rpc_host_epm_lookup returned %s, %zu bindings\n",
- nt_errstr(status),
- talloc_array_length(existing_bindings));
-
ret = rpc_host_pidfile_create(msg_ctx, progname, ready_signal_fd);
if (ret != 0) {
DBG_DEBUG("rpc_host_pidfile_create failed: %s\n",
@@ -3013,7 +2868,6 @@ int main(int argc, const char *argv[])
ev_ctx,
ev_ctx,
msg_ctx,
- existing_bindings,
servers,
ready_signal_fd,
cmdline_daemon_cfg->fork ? NULL : progname,
diff --git a/source3/rpc_server/rpcd_classic.c
b/source3/rpc_server/rpcd_classic.c
index 4f6164c814c..8494af575ec 100644
--- a/source3/rpc_server/rpcd_classic.c
+++ b/source3/rpc_server/rpcd_classic.c
@@ -42,14 +42,34 @@ static size_t classic_interfaces(
static const struct ndr_interface_table *ifaces[] = {
&ndr_table_srvsvc,
&ndr_table_netdfs,
- &ndr_table_wkssvc,
+ &ndr_table_initshutdown,
&ndr_table_svcctl,
&ndr_table_ntsvcs,
&ndr_table_eventlog,
- &ndr_table_initshutdown,
+ /*
+ * This last item is truncated from the list by the
+ * num_ifaces -= 1 below. Take care when adding new
+ * services.
+ */
+ &ndr_table_wkssvc,
};
+ size_t num_ifaces = ARRAY_SIZE(ifaces);
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC wkssvc is provided by the 'samba'
+ * binary from source4/
+ */
+ num_ifaces -= 1;
+ break;
+ default:
+ break;
+ }
+
*pifaces = ifaces;
- return ARRAY_SIZE(ifaces);
+ return num_ifaces;
+
}
static size_t classic_servers(
@@ -58,15 +78,28 @@ static size_t classic_servers(
void *private_data)
{
static const struct dcesrv_endpoint_server *ep_servers[7] = { NULL };
+ size_t num_servers = ARRAY_SIZE(ep_servers);
bool ok;
ep_servers[0] = srvsvc_get_ep_server();
ep_servers[1] = netdfs_get_ep_server();
- ep_servers[2] = wkssvc_get_ep_server();
+ ep_servers[2] = initshutdown_get_ep_server();
ep_servers[3] = svcctl_get_ep_server();
ep_servers[4] = ntsvcs_get_ep_server();
ep_servers[5] = eventlog_get_ep_server();
- ep_servers[6] = initshutdown_get_ep_server();
+ ep_servers[6] = wkssvc_get_ep_server();
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC wkssvc is provided by the 'samba'
+ * binary from source4/
+ */
+ num_servers -= 1;
+ break;
+ default:
+ break;
+ }
ok = secrets_init();
if (!ok) {
@@ -85,7 +118,7 @@ static size_t classic_servers(
mangle_reset_cache();
*_ep_servers = ep_servers;
- return ARRAY_SIZE(ep_servers);
+ return num_servers;
}
int main(int argc, const char *argv[])
diff --git a/source3/rpc_server/rpcd_epmapper.c
b/source3/rpc_server/rpcd_epmapper.c
index 950ba7ec12a..455179ccfba 100644
--- a/source3/rpc_server/rpcd_epmapper.c
+++ b/source3/rpc_server/rpcd_epmapper.c
@@ -19,6 +19,8 @@
#include "rpc_worker.h"
#include "librpc/gen_ndr/ndr_epmapper.h"
#include "librpc/gen_ndr/ndr_epmapper_scompat.h"
+#include "param/loadparm.h"
+#include "libds/common/roles.h"
static size_t epmapper_interfaces(
const struct ndr_interface_table ***pifaces,
@@ -27,8 +29,22 @@ static size_t epmapper_interfaces(
static const struct ndr_interface_table *ifaces[] = {
&ndr_table_epmapper,
};
+ size_t num_ifaces = ARRAY_SIZE(ifaces);
+
+ switch(lp_server_role()) {
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ /*
+ * On the AD DC epmapper is provided by the 'samba'
+ * binary from source4/
+ */
+ num_ifaces = 0;
+ break;
+ default:
+ break;
+ }
+
*pifaces = ifaces;
- return ARRAY_SIZE(ifaces);
+ return num_ifaces;
}
static size_t epmapper_servers(
@@ -37,11 +53,24 @@ static size_t epmapper_servers(
void *private_data)
{
static const struct dcesrv_endpoint_server *ep_servers[] = { NULL };
+ size_t num_servers = ARRAY_SIZE(ep_servers);
ep_servers[0] = epmapper_get_ep_server();
--
Samba Shared Repository
