The branch, v4-21-test has been updated
via ccb5e9694e3 python:lsa_utils: Fix fallback to OpenPolicy2
via b106c7d77ae python:lsa_utils: Don't use optional arguments for
OpenPolicyFallback()
via e8e6b68539b pidl: Update documentation for DCERPC interface
connections
via 0a0d87f4093 librpc:pyrpc: Allow new authenticated rpc connection on
the same transport as the basis_connection
via 30b077b6781 dcesrv_core: Make dcesrv_call_disconnect_after() public
via 1cbbe56266b s3:rpc_client: Use cli_rpc_pipe_reopen_np_noauth() for
OpenPolicy fallback
via 4ae32d6faa0 s3:rpc_cerver: Use dcerpc_lsa_open_policy3() for
internal RPC
via fe5b8928443 s3:rpc_client: Add cli_rpc_pipe_reopen_np_noauth()
via 1ba2acc9fc9 s3:cli_pipe: pass target_service to
cli_rpc_pipe_open_with_creds()
via 22900d278cb s3:rpc_client: remember the local/remote ipv4 or ipv6
addresses
via e568b119340 s3:rpc_client: add missing TALLOC_FREE(frame) in
cli_rpc_pipe_open()
via 4ead8424471 s3:rpc_client: split out
cli_rpc_pipe_client_auth_schannel()
via bf717ca5c4d s3:rpc_client: add cli_rpc_pipe_client_prepare_alter()
helper
via 75e1c18d912 s3:rpc_client: make real use of
rpc_client_{association,connection}
via cb3e074ec54 s3:rpc_client: let cli_rpc_pipe_open() use
rpc_client_connection_np()
via 4b1f27c3202 s3:rpc_client: convert rpc_pipe_open_np() to
rpc_client_{association,connection}
via f019fa98dbf s3:rpc_client: convert rpc_pipe_open_tcp_port() to
rpc_client_{association,connection}
via f81ee3b6d0f s3:rpc_client: convert rpc_pipe_open_local_np() to
rpc_client_{association,connection}
via 6f67e05fb70 s3:rpc_client: convert rpc_pipe_open_ncalrpc() to
rpc_client_{association,connection}
via 8dc83405eeb s3:rpc_client: add struct
rpc_client_{association,connection} and helpers
via e42835a2f5f s3:rpc_client: only pass the pipe_name to
rpc_transport_np_init_send()
via 7e02cf063ac s3:rpc_client: make most of rpc_pipe_client internal
struct members
via 6c43234a06b s3:librpc/rpc: split out dcerpc_internal.h for struct
pipe_auth_data
via 6af9f50396d s3:libsmb: make use of
dcerpc_binding_get_abstract_syntax()
via 33b0b4bfe5f s3:lib/netapi: make use of
dcerpc_binding_get_abstract_syntax()
via 61a5a72a3cd s3:rpcclient: make use of
dcerpc_binding_handle_get_transport()
via 523484d1882 s3:winbindd: make use of
dcerpc_binding_handle_get_transport()
via 86e27e94b2b s3:rpc_client: remove references to rpc_pipe_client
from wsp_cli.c
via 2f753ed81ce s3:rpc_client: remember rpc_pipe_client->print_username
via 91e8d63c638 s4:librpc: make all but dcerpc_pipe->binding_handle
internal struct members
via ba777ee0532 s4:torture/rpc: make use of
dcerpc_binding_handle_get_transport()
via a57ec7313cd s4:tortore/rpc: make use of
dcerpc_binding_get_abstract_syntax() and dcerpc_binding_get_flags()
via 087ccbdd863 s4:torture/rpc: make use of
dcerpc_binding_handle_get_binding() and dcerpc_binding_get_flags()
via 2ca22d00411 s4:libnet: make use of
dcerpc_binding_handle_get_transport()
via 5e2606c5ea3 s4:libnet: make use of
dcerpc_binding_handle_get_binding()
via 2edaf617e86 librpc/rpc: un-const dcerpc_default_transport_endpoint()
via 57d161d54f0 librpc/rpc: add dcerpc_binding_handle_get_transport()
helper function
via e94025e1a8e librpc/rpc: add dcerpc_binding_handle_get_binding()
via bac9282844a s3:rpc_client: implement rpccli_bh_get_binding()
via 1ed6f5c6692 s4:librpc/rpc: implement dcerpc_bh_get_binding()
via d2d951bddd4 s4:librpc/rpc: call dcerpc_binding_set_abstract_syntax
after bind or alter context
via a89c2664f68 s3:winbindd: implement wbint_bh_get_binding() in
winbindd_dual_ndr.c
via 296b5cd0665 s4:lib/messaging: implement irpc_bh_get_binding()
via 51dc661d261 libcli/tstream_binding_handle: implement get_binding()
via 20a42d2ca1b librpc/rpc: add get_binding() to
dcerpc_binding_handle_ops
via 3731bbfdc4a s3:rpc_client: header signing is negotiated per
transport connection
via daefb7b2436 s3:rpc_client: make use of struct samba_sockaddr in
rpc_pipe_open_ncalrpc()
via 3db4cfe8a33 s3:winbindd: cm_connect_lsa_tcp() doesn't need to check
for NCACN_IP_TCP or LEVEL_INTEGRITY
via 1ff49833b6e s3:rpcclient: make use of
dcerpc_binding_handle_auth_info()
via 277f9ff99a8 s3:rpc_client: the transport_session_key is per
connection!
via b640002afd6 s3:rpc_client: remove unused cli_get_session_key()
via 95f7152911a s3:rpcclient/cli_drsuapi: make use of
dcerpc_binding_handle_auth_session_key()
via 3200bd21d4d s3:libnet_dssync: make use of
dcerpc_binding_handle_auth_session_key()
via 8c695f13b6b s3:rpc_client: make use of
dcerpc_binding_handle_transport_session_key()
via 5f1f651d0e5 s3:utils/net_rpc: make use of
dcerpc_binding_handle_transport_session_key()
via 505775ba876 s3:libnet_join: make use of
dcerpc_binding_handle_transport_session_key()
via 7092b9abf1d s3:lib/netapi: make use of
dcerpc_binding_handle_transport_session_key()
via c924b4420de s4:torture/drs: make use of
dcerpc_binding_handle_auth_session_key()
via c1875485f4b s4:pyrpc: make use of
dcerpc_binding_handle_auth_session_key()
via dd0c6b46880 s4:py_net: make use of
dcerpc_binding_handle_auth_session_key()
via 37768515a52 s4:libnet: make use of
dcerpc_binding_handle_auth_session_key() in libnet_become_dc.c
via 7fae08c9dcd s4:drepl: make use of
dcerpc_binding_handle_auth_session_key()
via 2b7ae6f61af s3:rpc_client: add rpccli_bh_auth_session_key()
via 0c0f83127cb s4:librpc/rpc: add dcerpc_bh_auth_session_key()
via ece818eb50c librpc/rpc: add dcerpc_binding_handle_auth_session_key()
via a835a9b2f58 s4:librpc/rpc: remove unused dcerpc_fetch_session_key()
via 21882daef2e s4:torture/rpc: make use of
dcerpc_binding_handle_transport_session_key()
via 1fe021a0c41 xss4:pyrpc: make use of
dcerpc_binding_handle_transport_session_key()
via 9aa2be36397 s4:libnet: make use of
dcerpc_binding_handle_transport_session_key() in libnet_passwd.c
via 0b5624e50d3 s4:libnet: add struct dcerpc_binding_handle helper
variables in libnet_passwd.c
via b1be2bb12d9 s4:librpc/rpc: remove unused
dcerpc_transport_encrypted()
via 7e5ac988114 s4:pyrpc: let py_iface_transport_encrypted() use
dcerpc_binding_handle_transport_encrypted()
via 30134801b6d s3:rpc_client: add rpccli_bh_transport_session_key()
via f596c49585f s4:librpc/rpc: add
dcerpc_bh_transport_{encrypted,session_key}()
via c4990ed56f7 librpc/rpc: add
dcerpc_binding_handle_transport_{encrypted,session_key}()
via b7cd9cf02aa s4:torture/rpc: avoid using DCERPC_NDR_REF_ALLOC in
fsrvp.c
via 5047e9863b9 s4:torture/rpc: remove useless usage of DCERPC_SIGN,
DCERPC_SEAL
via 59c5354117c s4:torture/rpc: avoid checking p->last_fault_code in
iremotewinspool*
via a91f4b27c18 librpc/rpc: map DCERPC_NCA_S_UNSUPPORTED_TYPE to
NT_STATUS_RPC_UNSUPPORTED_TYPE
via 27b0b2c2dde librpc/rpc: map DCERPC_NCA_S_SERVER_TOO_BUSY to
NT_STATUS_RPC_SERVER_TOO_BUSY
from a3e57f9df27 VERSION: Bump version up to Samba 4.21.7...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-21-test
- Log -----------------------------------------------------------------
commit ccb5e9694e30028c8bf849fdab1f06ecca861d26
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Jul 17 18:12:31 2024 +0200
python:lsa_utils: Fix fallback to OpenPolicy2
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Pair-Programmed-With: Andreas Schneider <a...@samba.org>
Signed-off-by: Andreas Schneider <a...@samba.org>
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org>
Autobuild-Date(master): Mon Feb 17 18:33:15 UTC 2025 on atb-devel-224
(cherry picked from commit a814f5d90a3fb85a94c9516dba224037e8fd76f1)
Autobuild-User(v4-22-test): Jule Anger <jan...@samba.org>
Autobuild-Date(v4-22-test): Thu Feb 20 11:22:18 UTC 2025 on atb-devel-224
(cherry picked from commit 29bd6fe9cbe538b267bf0ed66823cfe8599afb3d)
Autobuild-User(v4-21-test): Jule Anger <jan...@samba.org>
Autobuild-Date(v4-21-test): Thu Jun 12 12:40:31 UTC 2025 on atb-devel-224
commit b106c7d77aec6c2c82937fb24ef3ee6a16087cb6
Author: Andreas Schneider <a...@samba.org>
Date: Thu Feb 13 10:31:49 2025 +0100
python:lsa_utils: Don't use optional arguments for OpenPolicyFallback()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
(cherry picked from commit f9a3fc19f1e212c54351c3f94978e66fceeb8835)
(cherry picked from commit 8a7346f6c03dd4f5e8394997e1d118d33c950c35)
commit e8e6b68539bebf93ad6ec8e86386705cb8f4cc15
Author: Andreas Schneider <a...@samba.org>
Date: Mon Feb 17 15:41:06 2025 +0100
pidl: Update documentation for DCERPC interface connections
https://realpython.com/documenting-python-code/
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
(cherry picked from commit 73ce15e7d5b7ea867849f1aa4fa5390830660f11)
(cherry picked from commit 1f84f56c6df0813e488701704daf2174bd0f7eb3)
commit 0a0d87f4093c88e6ba43951f7182d8bcac49fbc2
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Jul 17 18:11:49 2024 +0200
librpc:pyrpc: Allow new authenticated rpc connection on the same transport
as the basis_connection
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
(cherry picked from commit 2c171fb1b8c88034a98c3aaf052e99ba5dbbafd9)
(cherry picked from commit 82aa83142598f99d662fb9f16aa20c5e2f5fafa5)
commit 30b077b67810adcd320facf0d41c4a0836fa0abe
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Jul 17 17:39:24 2024 +0200
dcesrv_core: Make dcesrv_call_disconnect_after() public
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
(cherry picked from commit a094a29e426cc79e23bb4d866334d7735159fb41)
(cherry picked from commit 310b5c9dcecfba72b3b02632fca08a68c042d2c1)
commit 1cbbe56266b81ffeedb57f2a3283b274e33981c7
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Feb 12 12:45:19 2025 +0100
s3:rpc_client: Use cli_rpc_pipe_reopen_np_noauth() for OpenPolicy fallback
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
(cherry picked from commit 3bbe35d42c4d4a0ce663580dfb035b6beb329ebb)
(cherry picked from commit 1a3be37e0eb564604b20c5d2ab1842661d466433)
commit 4ae32d6faa0e9e075cdeceb2d57c98f372b00448
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Feb 12 14:17:30 2025 +0100
s3:rpc_cerver: Use dcerpc_lsa_open_policy3() for internal RPC
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
(cherry picked from commit 0c68d9bc0cd5873f7b59be0fe93d64d6d47b5a57)
(cherry picked from commit d0420684649383ffbd309d23c69a0bf8a051fc06)
commit fe5b8928443d3e9aac04b6748ccb9973b883f250
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Feb 12 12:35:20 2025 +0100
s3:rpc_client: Add cli_rpc_pipe_reopen_np_noauth()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15680
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
(cherry picked from commit d2ac6221db48b93581d7ce48d31f8851c88b77bc)
(cherry picked from commit 60dc107d2a6154bf3254218e10b91c2a91ee88d9)
commit 1ba2acc9fc9b2f4b15340dc2296bc89aa6b8b6be
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Nov 6 14:16:27 2024 +0100
s3:cli_pipe: pass target_service to cli_rpc_pipe_open_with_creds()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 22900d278cb38167400dab21992aa711cf7fae36
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Oct 1 12:52:15 2024 +0200
s3:rpc_client: remember the local/remote ipv4 or ipv6 addresses
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
(cherry picked from commit b6123197d13b5350b8fc88e9c8d59f0f05c3aed6)
commit e568b1193400fa8b2923c01d918882041c3e12ac
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Sep 27 12:00:59 2024 +0200
s3:rpc_client: add missing TALLOC_FREE(frame) in cli_rpc_pipe_open()
This was missing in commit 637a8e5270fefaea5c61921d4b6ecfc4455a91aa.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
(cherry picked from commit c3222192a40a2b1608c9c48f0352cb6f18f26d79)
commit 4ead84244710f2f70a3ff4db37fc06ca6b4e1b7b
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 04:23:40 2024 +0200
s3:rpc_client: split out cli_rpc_pipe_client_auth_schannel()
This will allow us to use it without creating a new
association group and transport connection.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 14fe854ec5379c422e805cde6ed6290f86ad66db)
commit bf717ca5c4dbbf2084c8d4493ab22498bf41990b
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 05:54:05 2024 +0200
s3:rpc_client: add cli_rpc_pipe_client_prepare_alter() helper
This will allow to do an alter context if security context multiplexing
is negotiated or opening a new connection in the same association group.
The old connection will be kept open, but not used anymore...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit dd7980841593d18081216e6eb3e1b0fb9bd9c757)
commit 75e1c18d912f24876610471f39188e736b41c55c
Author: Stefan Metzmacher <me...@samba.org>
Date: Sun Sep 15 18:26:07 2024 +0200
s3:rpc_client: make real use of rpc_client_{association,connection}
This will allow NCACN_NP and NCACN_IP_TCP to support
alter_context with security context multiplexing
or otherwise more than one connection per association group.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 899c9f2d6836c3b63acb6f261690c087e287afde)
commit cb3e074ec54f41a6cdb223d1954c16d9d3e4f3ce
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Sep 16 22:10:00 2024 +0200
s3:rpc_client: let cli_rpc_pipe_open() use rpc_client_connection_np()
This way cli_rpc_pipe_open() uses the same flow for
rpc_client_connection_np() and rpc_pipe_open_tcp_port().
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit fab0d27c5cf4885c31d7ed04ea69eda7992ea209)
commit 4b1f27c32023224e1bf2d5b7d24933971076c298
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Sep 16 22:09:34 2024 +0200
s3:rpc_client: convert rpc_pipe_open_np() to
rpc_client_{association,connection}
This split out rpc_client_connection_np_send/recv, which will
be used as shortcut in a later commit.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 7b9cef2a29333c6338520754927ee37027738010)
commit f019fa98dbf39cc7ed718c39b4f996459d3e7d55
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Sep 16 22:04:49 2024 +0200
s3:rpc_client: convert rpc_pipe_open_tcp_port() to
rpc_client_{association,connection}
Note that cli_rpc_pipe_open() calls rpc_client_association_create()
without a need for NCACN_NP, but that will change in the next commits...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 637a8e5270fefaea5c61921d4b6ecfc4455a91aa)
commit f81ee3b6d0fd8e5d06c1c800e2e41f7b7fe999b2
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Sep 16 22:01:06 2024 +0200
s3:rpc_client: convert rpc_pipe_open_local_np() to
rpc_client_{association,connection}
For rpc_pipe_open_local_np() it's not really important to abstract
these out, but we want to have these for all...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 338dd71cc39195fcf25977b40b9772775972bc9f)
commit 6f67e05fb7057365f6f300ecfb17aee386579767
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Sep 16 21:56:50 2024 +0200
s3:rpc_client: convert rpc_pipe_open_ncalrpc() to
rpc_client_{association,connection}
For rpc_pipe_open_ncalrpc() it's not really important to abstract these
out, but we want to have these for all...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 5e9c2ebb37b276d7c90b4cc8397c4853f62aa189)
commit 8dc83405eeb3d693288299f4eb70735e25c77075
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Sep 16 21:56:50 2024 +0200
s3:rpc_client: add struct rpc_client_{association,connection} and helpers
They will be every useful for NCACN_NP and NCACN_IP_TCP,
so that we can support alter_context or more than one connection
per association group.
We mark the helpers as _UNUSED_ for now in order to compile...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 327fe920d07e5bcbcaa0f09f276aad2b99d68235)
commit e42835a2f5f132aad072d6f4a70589c70c192aec
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Sep 20 00:24:05 2024 +0200
s3:rpc_client: only pass the pipe_name to rpc_transport_np_init_send()
There's no need to have the ndr_interface_table at that stage...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 5b3573135b222755cd897d4539c0e5a89f7cdf5b)
commit 7e02cf063ac6e13fbd462d2015e9d04ba4bc0670
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Sep 19 06:43:14 2024 +0200
s3:rpc_client: make most of rpc_pipe_client internal struct members
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit ae88941c8a2e4e9c7d0deb9c39dcbb2f9fab0ebb)
commit 6c43234a06ba727b1ba4af8d0cbee06b5227c8c6
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Sep 19 06:39:02 2024 +0200
s3:librpc/rpc: split out dcerpc_internal.h for struct pipe_auth_data
This should be anonymous for callers.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit b874619b5ed5d29a939f13d8064a47c8aca45b8c)
commit 6af9f50396d3fcd0288bb0478d6cd9140a3530d4
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Sep 19 10:32:58 2024 +0200
s3:libsmb: make use of dcerpc_binding_get_abstract_syntax()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 8d666e18f8d254124967e7ac56fc5b171963c02f)
commit 33b0b4bfe5fb999786145a9c866baba264835745
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Sep 19 09:39:44 2024 +0200
s3:lib/netapi: make use of dcerpc_binding_get_abstract_syntax()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit fe94230f7ebedfdcc5f087b442ee91d9c44b734f)
commit 61a5a72a3cd7518defad9af6643a5c4ab3e61801
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Sep 19 09:20:03 2024 +0200
s3:rpcclient: make use of dcerpc_binding_handle_get_transport()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit e5c09e041d1517649616d0d4b072422802a69f08)
commit 523484d18828f23ddd52554edf55fd479be5124d
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Sep 19 09:13:03 2024 +0200
s3:winbindd: make use of dcerpc_binding_handle_get_transport()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 504906e60f9a09518202397f0aa0782242dbe3bb)
commit 86e27e94b2b7221ea39bce477057c320ffbb0f8f
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Sep 19 09:12:10 2024 +0200
s3:rpc_client: remove references to rpc_pipe_client from wsp_cli.c
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit dc6d3c96c33797163ac578675b255872deca9b98)
commit 2f753ed81ce8c3b077d02fbcc82dfb165a4403f5
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Sep 19 06:27:22 2024 +0200
s3:rpc_client: remember rpc_pipe_client->print_username
This is ugly, but it's less ugly than doing it deep
inside of cli_spoolss.c and other code.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 344e45507e122137c357fc177bb024f09fff8b01)
commit 91e8d63c638cbcc478faccb82191335550a08003
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 23:35:20 2024 +0200
s4:librpc: make all but dcerpc_pipe->binding_handle internal struct members
We could use a dcerpc_internal.h for struct dcecli_security and
struct dcecli_connection, but in struct dcerpc_pipe we still
expose binding_handle and changing that would require way too
much work for now...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 353af4b70559be1665df345655af43a61177c710)
commit ba777ee05324de5340fe55d098d6407fe9ef6b6a
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 22:41:16 2024 +0200
s4:torture/rpc: make use of dcerpc_binding_handle_get_transport()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 382ece66063bd8ef465e989857394e6f412df6d3)
commit a57ec7313cd689cb7f824be260369b76369a6010
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 23:27:17 2024 +0200
s4:tortore/rpc: make use of dcerpc_binding_get_abstract_syntax() and
dcerpc_binding_get_flags()
We should not use p->syntax nor p->transfer_syntax...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 1713ad96a42e9245697a29d4899924cfbf636fc5)
commit 087ccbdd8631353c7701f2fc54b505ff1497a5d2
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 23:04:23 2024 +0200
s4:torture/rpc: make use of dcerpc_binding_handle_get_binding() and
dcerpc_binding_get_flags()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 7ed9867fa82ae61a4522a724580900adce7e2bb5)
commit 2ca22d004118df6ef30b38d4d5c0770c2ec07df5
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 23:34:44 2024 +0200
s4:libnet: make use of dcerpc_binding_handle_get_transport()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit a4b1845f4c5202afedd65b9d0db2866de75420a5)
commit 5e2606c5ea37d6bd0500b565c2b87f0fe7a41187
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 23:33:53 2024 +0200
s4:libnet: make use of dcerpc_binding_handle_get_binding()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit ad20c6656aa6798541b71b172534054c172d3aa5)
commit 2edaf617e86ed37c7184a69ca5e8c153338740ef
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Sep 20 00:00:31 2024 +0200
librpc/rpc: un-const dcerpc_default_transport_endpoint()
It returns an alloced string so it should not be marked as
const...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 9fe85a93539adb73ae59247d044746073915684a)
commit 57d161d54f027040845b3d9bf879bb6d72913e7a
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 22:29:58 2024 +0200
librpc/rpc: add dcerpc_binding_handle_get_transport() helper function
This will allow callers to avoid the dcerpc_binding_handle_get_binding()
dcerpc_binding_get_transport() dance...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 0e751215b349e10cc796065d6d01de35f52b41fd)
commit e94025e1a8edfbb1d9ac211de2437ac8537c5c7b
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 20:56:07 2024 +0200
librpc/rpc: add dcerpc_binding_handle_get_binding()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit a038e7d8cf7a93ecf9a3e0c906f0d0db81ecee54)
commit bac9282844a11870d41e0494764b573ea6dc8eff
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 22:21:23 2024 +0200
s3:rpc_client: implement rpccli_bh_get_binding()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit fffc6e0f37a2d6a6612e17ad6fa777ae6a8eb3b6)
commit 1ed6f5c6692407b82ff745963cbca747e36c4393
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 20:55:35 2024 +0200
s4:librpc/rpc: implement dcerpc_bh_get_binding()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 0ef5d79eb6feefa2b7c5821ced98773d6d8fdd3a)
commit d2d951bddd4b2b02fc750b3aaae782750de85567
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 23:25:34 2024 +0200
s4:librpc/rpc: call dcerpc_binding_set_abstract_syntax after bind or alter
context
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit e8d59ca3361bcdaf4db729eeb4a71f714bd9feda)
commit a89c2664f68c1b2c6ef7ed913187a1c078777edc
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 20:52:41 2024 +0200
s3:winbindd: implement wbint_bh_get_binding() in winbindd_dual_ndr.c
We use NCACN_INTERNAL here too...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 8c2aa56c7003e690252dfb05f78fd083c0c13dab)
commit 296b5cd06657a87e0895530a4c4fab1c2d14590c
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 20:43:28 2024 +0200
s4:lib/messaging: implement irpc_bh_get_binding()
We just use NCACN_INTERNAL here...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit a6034592faf0676532c97a79b9c542bcd2de9537)
commit 51dc661d2619c9e37feafbcaf0d6c6f900b16490
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 20:43:28 2024 +0200
libcli/tstream_binding_handle: implement get_binding()
We just create an dummy binding handle here
as it's not really dcerpc...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 66411b96b88fbb7b405efa87015e4af1f2988fad)
commit 20a42d2ca1b2b6ee37b303a8e279a5c3a35d46ad
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 17 19:28:55 2024 +0200
librpc/rpc: add get_binding() to dcerpc_binding_handle_ops
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 1adf226e74375b2fb0932380f13bf19d8d856ea4)
commit 3731bbfdc4aa955fe73b1fd3458b068c0c5b69d0
Author: Stefan Metzmacher <me...@samba.org>
Date: Sun Sep 15 17:58:53 2024 +0200
s3:rpc_client: header signing is negotiated per transport connection
All gensec backends support GENSEC_FEATURE_SIGN_PKT_HEADER, so there's
no point in negotiating header signing based on the
auth context used during the DCERPC Bind.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 72b79a771fdbf54aa73b4c1b0372b9dffd81bfa6)
commit daefb7b24366deb5021826bd7922f0a53f404386
Author: Stefan Metzmacher <me...@samba.org>
Date: Sun Sep 15 05:35:30 2024 +0200
s3:rpc_client: make use of struct samba_sockaddr in rpc_pipe_open_ncalrpc()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit d406f9fffede27220f4d589c8ab3c7210ca01b74)
commit 3db4cfe8a33ddc23557905fad85d72067dcb1ac0
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 18:54:43 2024 +0200
s3:winbindd: cm_connect_lsa_tcp() doesn't need to check for NCACN_IP_TCP or
LEVEL_INTEGRITY
We only ever create domain->lsa_pipe_tcp with
cli_rpc_pipe_open_schannel_with_creds() and hardcoded NCACN_IP_TCP.
And schannel_update_internal returns an error with
an auth level lower than DCERPC_AUTH_LEVEL_INTEGRITY.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 61d38f70be378c59b42a6e20e7d49fea21255c6b)
commit 1ff49833b6e67a89e8a740516463af3a65c42828
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 16:46:47 2024 +0200
s3:rpcclient: make use of dcerpc_binding_handle_auth_info()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 8dcbbebe56d3dad3650eca79322150e9d397e227)
commit 277f9ff99a87e0ccbd7895f81f23a8f2de21c890
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 15:59:29 2024 +0200
s3:rpc_client: the transport_session_key is per connection!
It's not per auth_context_id, currently there's no difference
but that will change in future...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 1a311df3d61d3f3dbb986cc35470df6445802ff6)
commit b640002afd6a3d3694b800db3bcc1711509a5514
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 15:58:44 2024 +0200
s3:rpc_client: remove unused cli_get_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 3a3338bd184e3c51eab48fb1a03b1b3e749f2dc6)
commit 95f7152911a0e8378a0d4992d4e48cca06bd7e85
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 15:57:03 2024 +0200
s3:rpcclient/cli_drsuapi: make use of
dcerpc_binding_handle_auth_session_key()
Note we only need to call this once per connection, not after
each request...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit f75189dee9db486d393cd17c25f5a84ce2d0b889)
commit 3200bd21d4dc4c0a9cfc7526300576ced590b670
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 15:57:03 2024 +0200
s3:libnet_dssync: make use of dcerpc_binding_handle_auth_session_key()
Note we only need to call this once per connection, not after
each request...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 099c8d904ece0edbefecbaa51fa50256fd2ea7c0)
commit 8c695f13b6be00dc49074fcce3c49bd0dfb30057
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 15:55:30 2024 +0200
s3:rpc_client: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 77da0914d5cccd7116ca3b6f75cb4d0cd0107239)
commit 5f1f651d0e5a6fa508dc467bf4ccb9f0fc97099b
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 15:54:25 2024 +0200
s3:utils/net_rpc: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit a14ac349deca11cda4159266cb3119fb3024999c)
commit 505775ba876ff5454f80b104a666c318a491e56d
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 15:52:29 2024 +0200
s3:libnet_join: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 56175a0947fbb56d151fca057cf9696d55ea5d82)
commit 7092b9abf1dc4c564eadcc9cc9f420cc218f9d0f
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 15:51:20 2024 +0200
s3:lib/netapi: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 2cb726e92c819d60509419a33cd8da265e1c99e7)
commit c924b4420de308fe4e59a9ed978aa04ffa6f062e
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 15:00:37 2024 +0200
s4:torture/drs: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit bbe529a2f6090d2b9df0f361aee9b0a28523cefe)
commit c1875485f4b32df3e40e164e26428090b1ae784f
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 14:20:46 2024 +0200
s4:pyrpc: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 38874d28404f49a075bab71fb7357d266173791a)
commit dd0c6b4688005f3d85f7354fb8523382d6e8af9c
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 14:19:55 2024 +0200
s4:py_net: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 5d3faa86fd47d6bc887e182f3eb5a51144339549)
commit 37768515a521054629a50d2f8d52d60a5cf31235
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 14:16:42 2024 +0200
s4:libnet: make use of dcerpc_binding_handle_auth_session_key() in
libnet_become_dc.c
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit bf888b59e34169e1f6b9fd1d211cb8ff973cf333)
commit 7fae08c9dcd71b5fa1d9b5f044ae4e730e8b4893
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 14:16:01 2024 +0200
s4:drepl: make use of dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 51f5eefcd119b5981281924a45380d99f9158a88)
commit 2b7ae6f61af91e4debb8eabfa559de61e9cc0092
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 09:55:20 2024 +0200
s3:rpc_client: add rpccli_bh_auth_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit af16ecece870846323956c37d3e15abe24e336fd)
commit 0c0f83127cbfcf269d9a483bb0fcd1f3bc023d17
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 09:55:20 2024 +0200
s4:librpc/rpc: add dcerpc_bh_auth_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 64467157479c04cb4bafa6c4ec19213009f0643f)
commit ece818eb50cb037a4a2dd15690646e9975a4e5e0
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 09:55:20 2024 +0200
librpc/rpc: add dcerpc_binding_handle_auth_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 5e34173041eb04e30f3f6f81a3269d621220b09c)
commit a835a9b2f583c7ea46d2d1410bd41bfa708ea9ec
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 14:32:22 2024 +0200
s4:librpc/rpc: remove unused dcerpc_fetch_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit d9bf23f971dd8f426424f05076e76be587d42087)
commit 21882daef2ea23528fbf119e8c12c2ec63c8fbc6
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 14:31:58 2024 +0200
s4:torture/rpc: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 4ccd2dd8a2f78bcd53c047889b8043e8d95a6d55)
commit 1fe021a0c41b08812320037edaedc8c3fff9a809
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 14:20:46 2024 +0200
xss4:pyrpc: make use of dcerpc_binding_handle_transport_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 57905603e066e2d1ca60268b1b1e8166868d60e5)
commit 9aa2be36397c15be1475fb2fa8cf2adb15ec62ba
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 14:16:42 2024 +0200
s4:libnet: make use of dcerpc_binding_handle_transport_session_key() in
libnet_passwd.c
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 93e8d58736e53d8d360ef2ee40f1619bd917c054)
commit 0b5624e50d3b166771b92702b2e1aa84bc1fcb4a
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 14:16:42 2024 +0200
s4:libnet: add struct dcerpc_binding_handle helper variables in
libnet_passwd.c
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 2d1c182bf512666606b8192b2021d571a47d2f58)
commit b1be2bb12d914bcecf55d4b0972ca012517398e7
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 13:37:34 2024 +0200
s4:librpc/rpc: remove unused dcerpc_transport_encrypted()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 3cc6ddeb589f0357c436d1caa70130f053ddcba0)
commit 7e5ac988114ca774585bdca79fc4dee6442b142a
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 13:35:47 2024 +0200
s4:pyrpc: let py_iface_transport_encrypted() use
dcerpc_binding_handle_transport_encrypted()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 9567d753ac0fcffb50f3710f3329334afb7595cd)
commit 30134801b6d546e9c9af127504028e3c1602e035
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 09:55:20 2024 +0200
s3:rpc_client: add rpccli_bh_transport_session_key()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 5bb35cc7cca101390e58256e9b38e31113211e4f)
commit f596c49585fc8dc44cadd365294a43bbd4ffcfb8
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 09:55:20 2024 +0200
s4:librpc/rpc: add dcerpc_bh_transport_{encrypted,session_key}()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 9b50ab08c16c197291835c8e66cd064ca0bb6579)
commit c4990ed56f750d64732dab2cd3b6672a48a4da6c
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Sep 14 09:55:20 2024 +0200
librpc/rpc: add dcerpc_binding_handle_transport_{encrypted,session_key}()
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 3dc3f9cf1b6fc47baea329863e31ff140cf89550)
commit b7cd9cf02aa28eaf49e6ca39d13196ace6c093c9
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 06:27:30 2024 +0200
s4:torture/rpc: avoid using DCERPC_NDR_REF_ALLOC in fsrvp.c
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 061267e0e4de5c6379205a09376ec21374a87a3d)
commit 5047e9863b9b50028c77e0c950a86d33d9af2ba4
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 04:31:04 2024 +0200
s4:torture/rpc: remove useless usage of DCERPC_SIGN, DCERPC_SEAL
We already used DCERPC_AUTH_LEVEL_PRIVACY for the connection.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 136ee756fe3a41f863c2d1d538ad029bfe54e1d1)
commit 59c5354117c7ee905ad5e41b379534a4bcf0ef20
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 22:42:17 2024 +0200
s4:torture/rpc: avoid checking p->last_fault_code in iremotewinspool*
Now that we check for NT_STATUS_RPC_UNSUPPORTED_TYPE, there's no
need to check for DCERPC_NCA_S_UNSUPPORTED_TYPE.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit b0be3c8af8240cfb7bc0b63fb7bf73f0f1655e4e)
commit a91f4b27c1849fb9989f900aef6d1717821f0624
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 22:37:14 2024 +0200
librpc/rpc: map DCERPC_NCA_S_UNSUPPORTED_TYPE to
NT_STATUS_RPC_UNSUPPORTED_TYPE
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 492f6a0eef7e7c64806ac9137c18a76fd116766d)
commit 27b0b2c2dde9f7181b542fb89ec9e5aed42cf35f
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 18 22:36:26 2024 +0200
librpc/rpc: map DCERPC_NCA_S_SERVER_TOO_BUSY to
NT_STATUS_RPC_SERVER_TOO_BUSY
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
(cherry picked from commit 722e93e4d9ace010e44cc041e6614ce5b71265d8)
-----------------------------------------------------------------------
Summary of changes:
.../tstream_binding_handle.c | 19 +
librpc/rpc/binding_handle.c | 44 +
librpc/rpc/dcerpc_error.c | 4 +-
librpc/rpc/dcerpc_util.c | 8 +-
librpc/rpc/dcerpc_util.h | 6 +-
librpc/rpc/dcesrv_core.c | 4 +-
librpc/rpc/dcesrv_core.h | 3 +
librpc/rpc/rpc_common.h | 26 +
pidl/lib/Parse/Pidl/Samba4/Python.pm | 29 +-
python/samba/lsa_utils.py | 67 +-
python/samba/netcmd/domain/trust.py | 93 +-
python/samba/tests/dcerpc/lsa_utils.py | 51 +-
source3/lib/netapi/cm.c | 15 +-
source3/lib/netapi/joindomain.c | 12 +-
source3/lib/netapi/localgroup.c | 2 +-
source3/lib/netapi/user.c | 6 +-
source3/libnet/libnet_dssync.c | 17 +-
source3/libnet/libnet_join.c | 3 +-
source3/librpc/rpc/dcerpc.h | 17 +-
source3/librpc/rpc/dcerpc_helpers.c | 1 +
.../librpc/rpc/dcerpc_internal.h | 22 +-
source3/libsmb/libsmb_xattr.c | 10 +-
source3/libsmb/passchange.c | 1 +
source3/rpc_client/cli_lsarpc.c | 15 +-
source3/rpc_client/cli_lsarpc.h | 4 +-
source3/rpc_client/cli_pipe.c | 1781 +++++++++++++++-----
source3/rpc_client/cli_pipe.h | 21 +-
source3/rpc_client/cli_spoolss.c | 6 +-
source3/rpc_client/rpc_client.h | 39 +-
source3/rpc_client/rpc_transport.h | 2 +-
source3/rpc_client/rpc_transport_np.c | 5 +-
source3/rpc_client/wsp_cli.c | 71 +-
source3/rpc_server/netlogon/srv_netlog_nt.c | 2 +-
source3/rpcclient/cmd_drsuapi.c | 15 +-
source3/rpcclient/cmd_iremotewinspool.c | 3 +-
source3/rpcclient/cmd_lsarpc.c | 75 +-
source3/rpcclient/cmd_samr.c | 3 +-
source3/rpcclient/rpcclient.c | 26 +-
source3/utils/net_rpc.c | 13 +-
source3/utils/net_rpc_printer.c | 3 +-
source3/utils/net_rpc_rights.c | 4 +-
source3/utils/net_rpc_trust.c | 5 +-
source3/winbindd/winbindd_cm.c | 8 +-
source3/winbindd/winbindd_dual_ndr.c | 47 +-
source3/winbindd/winbindd_msrpc.c | 4 +-
source3/winbindd/winbindd_rpc.c | 7 +-
source3/wscript_build | 2 +-
source4/dsdb/repl/drepl_out_helpers.c | 7 +-
source4/lib/messaging/messaging.c | 44 +-
source4/libnet/libnet_become_dc.c | 29 +-
source4/libnet/libnet_join.c | 3 +-
source4/libnet/libnet_passwd.c | 55 +-
source4/libnet/libnet_rpc.c | 27 +-
source4/libnet/py_net.c | 12 +-
source4/librpc/rpc/dcerpc.c | 121 ++
source4/librpc/rpc/dcerpc.h | 22 +-
source4/librpc/rpc/dcerpc_auth.c | 2 +
source4/librpc/rpc/dcerpc_connect.c | 1 +
source4/librpc/rpc/dcerpc_roh.c | 2 +
source4/librpc/rpc/dcerpc_schannel.c | 2 +
source4/librpc/rpc/dcerpc_secondary.c | 1 +
source4/librpc/rpc/dcerpc_smb.c | 2 +
source4/librpc/rpc/dcerpc_sock.c | 2 +
source4/librpc/rpc/dcerpc_util.c | 34 +-
source4/librpc/rpc/pyrpc.c | 50 +-
source4/librpc/rpc/pyrpc_util.c | 80 +-
source4/rpc_server/remote/dcesrv_remote.c | 2 +
source4/torture/drs/rpc/dssync.c | 5 +-
source4/torture/drs/rpc/msds_intid.c | 5 +-
source4/torture/rpc/alter_context.c | 36 +-
source4/torture/rpc/backupkey.c | 9 +-
source4/torture/rpc/bind.c | 4 +-
source4/torture/rpc/drsuapi.c | 5 +-
source4/torture/rpc/dsgetinfo.c | 4 +-
source4/torture/rpc/echo.c | 17 +-
source4/torture/rpc/forest_trust.c | 5 +-
source4/torture/rpc/fsrvp.c | 72 +-
source4/torture/rpc/handles.c | 28 +-
source4/torture/rpc/iremotewinspool.c | 22 +-
source4/torture/rpc/iremotewinspool_common.c | 4 -
source4/torture/rpc/iremotewinspool_common.h | 1 -
source4/torture/rpc/lsa.c | 22 +-
source4/torture/rpc/lsa_lookup.c | 5 +-
source4/torture/rpc/netlogon.c | 30 +-
source4/torture/rpc/samba3rpc.c | 19 +-
source4/torture/rpc/samr.c | 24 +-
source4/torture/rpc/samsync.c | 6 +-
source4/torture/rpc/session_key.c | 4 +-
source4/torture/rpc/spoolss.c | 4 +-
source4/torture/rpc/testjoin.c | 2 +-
source4/torture/rpc/winreg.c | 8 +-
source4/torture/rpc/wkssvc.c | 4 +-
92 files changed, 2476 insertions(+), 988 deletions(-)
copy source4/echo_server/echo_server.h => source3/librpc/rpc/dcerpc_internal.h
(64%)
Changeset truncated at 500 lines:
diff --git a/libcli/tstream_binding_handle/tstream_binding_handle.c
b/libcli/tstream_binding_handle/tstream_binding_handle.c
index 76f54a7f338..672fd3b89c6 100644
--- a/libcli/tstream_binding_handle/tstream_binding_handle.c
+++ b/libcli/tstream_binding_handle/tstream_binding_handle.c
@@ -35,8 +35,17 @@ struct tstream_bh_state {
size_t call_initial_read_size;
tstream_read_pdu_blob_full_fn_t *complete_pdu_fn;
void *complete_pdu_fn_private;
+ const struct dcerpc_binding *binding;
};
+static const struct dcerpc_binding *tstream_bh_get_binding(struct
dcerpc_binding_handle *h)
+{
+ struct tstream_bh_state *hs = dcerpc_binding_handle_data(
+ h, struct tstream_bh_state);
+
+ return hs->binding;
+}
+
static bool tstream_bh_is_connected(struct dcerpc_binding_handle *h)
{
struct tstream_bh_state *hs = dcerpc_binding_handle_data(
@@ -290,6 +299,7 @@ static NTSTATUS tstream_bh_call_recv(struct tevent_req *req,
static const struct dcerpc_binding_handle_ops tstream_bh_ops = {
.name = "tstream_binding_handle",
+ .get_binding = tstream_bh_get_binding,
.is_connected = tstream_bh_is_connected,
.set_timeout = tstream_bh_set_timeout,
.raw_call_send = tstream_bh_call_send,
@@ -309,6 +319,8 @@ struct dcerpc_binding_handle *tstream_binding_handle_create(
{
struct dcerpc_binding_handle *h = NULL;
struct tstream_bh_state *hs = NULL;
+ struct dcerpc_binding *b = NULL;
+ NTSTATUS status;
h = dcerpc_binding_handle_create(mem_ctx,
&tstream_bh_ops,
@@ -333,6 +345,13 @@ struct dcerpc_binding_handle
*tstream_binding_handle_create(
return NULL;
}
+ status = dcerpc_parse_binding(hs, "", &b);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(h);
+ return NULL;
+ }
+ hs->binding = b;
+
if (max_data > 0) {
tstream_smbXcli_np_set_max_data(hs->stream, max_data);
}
diff --git a/librpc/rpc/binding_handle.c b/librpc/rpc/binding_handle.c
index 41675e10360..8ace6722a43 100644
--- a/librpc/rpc/binding_handle.c
+++ b/librpc/rpc/binding_handle.c
@@ -87,6 +87,17 @@ void dcerpc_binding_handle_set_sync_ev(struct
dcerpc_binding_handle *h,
h->sync_ev = ev;
}
+const struct dcerpc_binding *dcerpc_binding_handle_get_binding(struct
dcerpc_binding_handle *h)
+{
+ return h->ops->get_binding(h);
+}
+
+enum dcerpc_transport_t dcerpc_binding_handle_get_transport(struct
dcerpc_binding_handle *h)
+{
+ const struct dcerpc_binding *b = dcerpc_binding_handle_get_binding(h);
+ return dcerpc_binding_get_transport(b);
+}
+
bool dcerpc_binding_handle_is_connected(struct dcerpc_binding_handle *h)
{
return h->ops->is_connected(h);
@@ -98,6 +109,27 @@ uint32_t dcerpc_binding_handle_set_timeout(struct
dcerpc_binding_handle *h,
return h->ops->set_timeout(h, timeout);
}
+bool dcerpc_binding_handle_transport_encrypted(struct dcerpc_binding_handle *h)
+{
+ if (h->ops->transport_encrypted == NULL) {
+ return false;
+ }
+
+ return h->ops->transport_encrypted(h);
+}
+
+NTSTATUS dcerpc_binding_handle_transport_session_key(
+ struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key)
+{
+ if (h->ops->transport_session_key == NULL) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+
+ return h->ops->transport_session_key(h, mem_ctx, session_key);
+}
+
void dcerpc_binding_handle_auth_info(struct dcerpc_binding_handle *h,
enum dcerpc_AuthType *auth_type,
enum dcerpc_AuthLevel *auth_level)
@@ -123,6 +155,18 @@ void dcerpc_binding_handle_auth_info(struct
dcerpc_binding_handle *h,
h->ops->auth_info(h, auth_type, auth_level);
}
+NTSTATUS dcerpc_binding_handle_auth_session_key(
+ struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key)
+{
+ if (h->ops->auth_session_key == NULL) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+
+ return h->ops->auth_session_key(h, mem_ctx, session_key);
+}
+
struct dcerpc_binding_handle_raw_call_state {
const struct dcerpc_binding_handle_ops *ops;
uint8_t *out_data;
diff --git a/librpc/rpc/dcerpc_error.c b/librpc/rpc/dcerpc_error.c
index d5b5b66ab6a..26c96336615 100644
--- a/librpc/rpc/dcerpc_error.c
+++ b/librpc/rpc/dcerpc_error.c
@@ -40,9 +40,9 @@ static const struct dcerpc_fault_table dcerpc_faults[] =
_FAULT_STR_NO_NT_MAPPING(DCERPC_NCA_S_YOU_CRASHED),
_FAULT_STR(DCERPC_NCA_S_PROTO_ERROR, NT_STATUS_RPC_PROTOCOL_ERROR),
_FAULT_STR_NO_NT_MAPPING(DCERPC_NCA_S_OUT_ARGS_TOO_BIG),
- _FAULT_STR_NO_NT_MAPPING(DCERPC_NCA_S_SERVER_TOO_BUSY),
+ _FAULT_STR(DCERPC_NCA_S_SERVER_TOO_BUSY, NT_STATUS_RPC_SERVER_TOO_BUSY),
_FAULT_STR_NO_NT_MAPPING(DCERPC_NCA_S_FAULT_STRING_TOO_LARGE),
- _FAULT_STR_NO_NT_MAPPING(DCERPC_NCA_S_UNSUPPORTED_TYPE),
+ _FAULT_STR(DCERPC_NCA_S_UNSUPPORTED_TYPE,
NT_STATUS_RPC_UNSUPPORTED_TYPE),
_FAULT_STR_NO_NT_MAPPING(DCERPC_NCA_S_FAULT_ADDR_ERROR),
_FAULT_STR(DCERPC_NCA_S_FAULT_FP_DIV_BY_ZERO,
NT_STATUS_RPC_FP_DIV_ZERO),
_FAULT_STR(DCERPC_NCA_S_FAULT_FP_UNDERFLOW, NT_STATUS_RPC_FP_UNDERFLOW),
diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c
index 51a8a11ac4a..e01391e6dcd 100644
--- a/librpc/rpc/dcerpc_util.c
+++ b/librpc/rpc/dcerpc_util.c
@@ -647,13 +647,13 @@ NTSTATUS dcerpc_read_ncacn_packet_recv(struct tevent_req
*req,
return NT_STATUS_OK;
}
-const char *dcerpc_default_transport_endpoint(TALLOC_CTX *mem_ctx,
- enum dcerpc_transport_t transport,
- const struct ndr_interface_table
*table)
+char *dcerpc_default_transport_endpoint(TALLOC_CTX *mem_ctx,
+ enum dcerpc_transport_t transport,
+ const struct ndr_interface_table *table)
{
NTSTATUS status;
const char *p = NULL;
- const char *endpoint = NULL;
+ char *endpoint = NULL;
uint32_t i;
struct dcerpc_binding *default_binding = NULL;
TALLOC_CTX *frame = talloc_stackframe();
diff --git a/librpc/rpc/dcerpc_util.h b/librpc/rpc/dcerpc_util.h
index 4e49e3e8572..86c254e539c 100644
--- a/librpc/rpc/dcerpc_util.h
+++ b/librpc/rpc/dcerpc_util.h
@@ -36,9 +36,9 @@ uint8_t dcerpc_get_endian_flag(DATA_BLOB *blob);
uint8_t dcerpc_get_auth_type(const DATA_BLOB *blob);
uint8_t dcerpc_get_auth_level(const DATA_BLOB *blob);
uint32_t dcerpc_get_auth_context_id(const DATA_BLOB *blob);
-const char *dcerpc_default_transport_endpoint(TALLOC_CTX *mem_ctx,
- enum dcerpc_transport_t transport,
- const struct ndr_interface_table
*table);
+char *dcerpc_default_transport_endpoint(TALLOC_CTX *mem_ctx,
+ enum dcerpc_transport_t transport,
+ const struct ndr_interface_table
*table);
NTSTATUS dcerpc_pull_ncacn_packet(TALLOC_CTX *mem_ctx,
const DATA_BLOB *blob,
diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c
index 66478001640..7fb23d49d61 100644
--- a/librpc/rpc/dcesrv_core.c
+++ b/librpc/rpc/dcesrv_core.c
@@ -783,8 +783,8 @@ static void dcesrv_call_set_list(struct dcesrv_call_state
*call,
}
}
-static void dcesrv_call_disconnect_after(struct dcesrv_call_state *call,
- const char *reason)
+void dcesrv_call_disconnect_after(struct dcesrv_call_state *call,
+ const char *reason)
{
struct dcesrv_auth *a = NULL;
diff --git a/librpc/rpc/dcesrv_core.h b/librpc/rpc/dcesrv_core.h
index 90f5bd21d64..0b69af575b2 100644
--- a/librpc/rpc/dcesrv_core.h
+++ b/librpc/rpc/dcesrv_core.h
@@ -566,6 +566,9 @@ NTSTATUS dcesrv_auth_session_key(struct dcesrv_call_state
*call,
NTSTATUS dcesrv_transport_session_key(struct dcesrv_call_state *call,
DATA_BLOB *session_key);
+void dcesrv_call_disconnect_after(struct dcesrv_call_state *call,
+ const char *reason);
+
/* a useful macro for generating a RPC fault in the backend code */
#define DCESRV_FAULT(code) do { \
dce_call->fault_code = code; \
diff --git a/librpc/rpc/rpc_common.h b/librpc/rpc/rpc_common.h
index 76557101dcd..493c3137126 100644
--- a/librpc/rpc/rpc_common.h
+++ b/librpc/rpc/rpc_common.h
@@ -172,13 +172,23 @@ enum dcerpc_transport_t dcerpc_transport_by_tower(const
struct epm_tower *tower)
struct dcerpc_binding_handle_ops {
const char *name;
+ const struct dcerpc_binding *(*get_binding)(struct
dcerpc_binding_handle *h);
+
bool (*is_connected)(struct dcerpc_binding_handle *h);
uint32_t (*set_timeout)(struct dcerpc_binding_handle *h,
uint32_t timeout);
+ bool (*transport_encrypted)(struct dcerpc_binding_handle *h);
+ NTSTATUS (*transport_session_key)(struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key);
+
void (*auth_info)(struct dcerpc_binding_handle *h,
enum dcerpc_AuthType *auth_type,
enum dcerpc_AuthLevel *auth_level);
+ NTSTATUS (*auth_session_key)(struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key);
struct tevent_req *(*raw_call_send)(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
@@ -245,15 +255,31 @@ void *_dcerpc_binding_handle_data(struct
dcerpc_binding_handle *h);
_DEPRECATED_ void dcerpc_binding_handle_set_sync_ev(struct
dcerpc_binding_handle *h,
struct tevent_context *ev);
+const struct dcerpc_binding *dcerpc_binding_handle_get_binding(struct
dcerpc_binding_handle *h);
+
+enum dcerpc_transport_t dcerpc_binding_handle_get_transport(struct
dcerpc_binding_handle *h);
+
bool dcerpc_binding_handle_is_connected(struct dcerpc_binding_handle *h);
uint32_t dcerpc_binding_handle_set_timeout(struct dcerpc_binding_handle *h,
uint32_t timeout);
+bool dcerpc_binding_handle_transport_encrypted(struct dcerpc_binding_handle
*h);
+
+NTSTATUS dcerpc_binding_handle_transport_session_key(
+ struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key);
+
void dcerpc_binding_handle_auth_info(struct dcerpc_binding_handle *h,
enum dcerpc_AuthType *auth_type,
enum dcerpc_AuthLevel *auth_level);
+NTSTATUS dcerpc_binding_handle_auth_session_key(
+ struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key);
+
struct tevent_req *dcerpc_binding_handle_raw_call_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct dcerpc_binding_handle *h,
diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm
b/pidl/lib/Parse/Pidl/Samba4/Python.pm
index 63f0f72605d..9bcdea3b15b 100644
--- a/pidl/lib/Parse/Pidl/Samba4/Python.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm
@@ -1547,11 +1547,30 @@ sub Interface($$$)
$self->pidl("");
my $signature =
-"\"$interface->{NAME}(binding, lp_ctx=None, credentials=None) ->
connection\\n\"
-\"\\n\"
-\"binding should be a DCE/RPC binding string (for example:
ncacn_ip_tcp:127.0.0.1)\\n\"
-\"lp_ctx should be a path to a smb.conf file or a param.LoadParm object\\n\"
-\"credentials should be a credentials.Credentials object.\\n\\n\"";
+"\"$interface->{NAME}(binding, lp_ctx=None, credentials=None,
basis_connection=None) -> connection\\n\"
+\"\\n\\n\"
+\"Parameters\\n\"
+\"----------\\n\"
+\"binding : str\\n\"
+\" A DCE/RPC binding string (for example: ncacn_ip_tcp:127.0.0.1)\\n\"
+\"lp_ctx : param.LoadParm\\n\"
+\" Should be a path to a smb.conf file or a param.LoadParm object\\n\"
+\"credentials : credentials.Credentials, optional\\n\"
+\" A credentials.Credentials object (default is None).\\n\"
+\"basis_connection : samba.dcerpc.ClientConnection, optional\\n\"
+\" A $interface->{NAME} client connection object (default is None).\\n\"
+\"\\n\\n\"
+\"Returns\\n\"
+\"-------\\n\"
+\"samba.dcerpc.ClientConnection\\n\"
+\" A ClientConnection object\\n\"
+\"\\n\\n\"
+\"Raises\\n\"
+\"------\\n\"
+\"samba.NTSTATUSError\\n\"
+\" An NTSTATUS error\\n\"
+\"\\n\"";
+
my $docstring = $self->DocString($interface,
$interface->{NAME});
diff --git a/python/samba/lsa_utils.py b/python/samba/lsa_utils.py
index 043e65f3341..506dc399c93 100644
--- a/python/samba/lsa_utils.py
+++ b/python/samba/lsa_utils.py
@@ -20,24 +20,27 @@ from samba.dcerpc import lsa, drsblobs, misc
from samba.ndr import ndr_pack
from samba import (
NTSTATUSError,
+ ntstatus,
aead_aes_256_cbc_hmac_sha512,
arcfour_encrypt,
)
-from samba.ntstatus import (
- NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE
-)
from samba import crypto
from secrets import token_bytes
+# FIXME from collections.abc import Callable
def OpenPolicyFallback(
- conn: lsa.lsarpc,
+ # new_lsa_conn: Callable[[], lsa.lsarpc], - FIXME the type doesn't work
+ # with python version 3.6 (CentOS8, SLES15).
+ new_lsa_conn,
system_name: str,
in_version: int,
in_revision_info: lsa.revision_info1,
- sec_qos: bool = False,
- access_mask: int = 0,
+ sec_qos: bool,
+ access_mask: int,
):
+ conn = new_lsa_conn()
+
attr = lsa.ObjectAttribute()
if sec_qos:
qos = lsa.QosInfo()
@@ -48,26 +51,38 @@ def OpenPolicyFallback(
attr.sec_qos = qos
- try:
- out_version, out_rev_info, policy = conn.OpenPolicy3(
- system_name,
- attr,
- access_mask,
- in_version,
- in_revision_info
- )
- except NTSTATUSError as e:
- if e.args[0] == NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE:
- out_version = 1
- out_rev_info = lsa.revision_info1()
- out_rev_info.revision = 1
- out_rev_info.supported_features = 0
-
- policy = conn.OpenPolicy2(system_name, attr, access_mask)
- else:
- raise
-
- return out_version, out_rev_info, policy
+ open_policy2 = False
+ if in_revision_info is not None:
+ try:
+ out_version, out_rev_info, policy = conn.OpenPolicy3(
+ system_name,
+ attr,
+ access_mask,
+ in_version,
+ in_revision_info
+ )
+ except NTSTATUSError as e:
+ if e.args[0] == ntstatus.NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE:
+ open_policy2 = True
+ if e.args[0] == ntstatus.NT_STATUS_ACCESS_DENIED:
+ # We need a new connection
+ conn = new_lsa_conn(basis_connection=conn)
+
+ open_policy2 = True
+ else:
+ raise
+ else:
+ open_policy2 = True
+
+ if open_policy2:
+ out_version = 1
+ out_rev_info = lsa.revision_info1()
+ out_rev_info.revision = 1
+ out_rev_info.supported_features = 0
+
+ policy = conn.OpenPolicy2(system_name, attr, access_mask)
+
+ return conn, out_version, out_rev_info, policy
def CreateTrustedDomainRelax(
diff --git a/python/samba/netcmd/domain/trust.py
b/python/samba/netcmd/domain/trust.py
index 0784fa5e282..f3d75f84137 100644
--- a/python/samba/netcmd/domain/trust.py
+++ b/python/samba/netcmd/domain/trust.py
@@ -125,8 +125,13 @@ class DomainTrustCommand(Command):
self.local_creds = local_creds
return self.local_server
- def new_local_lsa_connection(self):
- return lsa.lsarpc(self.local_binding_string, self.local_lp,
self.local_creds)
+ def new_local_lsa_connection(self, basis_connection=None):
+ return lsa.lsarpc(
+ self.local_binding_string,
+ self.local_lp,
+ self.local_creds,
+ basis_connection=basis_connection
+ )
def new_local_netlogon_connection(self):
return netlogon.netlogon(self.local_binding_string, self.local_lp,
self.local_creds)
@@ -203,13 +208,23 @@ class DomainTrustCommand(Command):
self.remote_creds = remote_creds
return self.remote_server
- def new_remote_lsa_connection(self):
- return lsa.lsarpc(self.remote_binding_string, self.local_lp,
self.remote_creds)
+ def new_remote_lsa_connection(self, basis_connection=None):
+ return lsa.lsarpc(
+ self.remote_binding_string,
+ self.local_lp,
+ self.remote_creds,
+ basis_connection=basis_connection
+ )
- def new_remote_netlogon_connection(self):
- return netlogon.netlogon(self.remote_binding_string, self.local_lp,
self.remote_creds)
+ def new_remote_netlogon_connection(self, basis_connection=None):
+ return netlogon.netlogon(
+ self.remote_binding_string,
+ self.local_lp,
+ self.remote_creds,
+ basis_connection=basis_connection
+ )
- def get_lsa_info(self, conn, policy_access):
+ def get_lsa_info(self, conn_fn, policy_access):
in_version = 1
in_revision_info1 = lsa.revision_info1()
in_revision_info1.revision = 1
@@ -217,17 +232,18 @@ class DomainTrustCommand(Command):
lsa.LSA_FEATURE_TDO_AUTH_INFO_AES_CIPHER
)
- out_version, out_revision_info1, policy = OpenPolicyFallback(
- conn,
- b''.decode('utf-8'),
+ conn, out_version, out_revision_info1, policy = OpenPolicyFallback(
+ conn_fn,
+ '',
in_version,
in_revision_info1,
+ False,
policy_access
)
info = conn.QueryInfoPolicy2(policy, lsa.LSA_POLICY_INFO_DNS)
- return (policy, out_version, out_revision_info1, info)
+ return (conn, policy, out_version, out_revision_info1, info)
def get_netlogon_dc_unc(self, conn, server, domain):
try:
@@ -507,19 +523,15 @@ class cmd_domain_trust_show(DomainTrustCommand):
def run(self, domain, sambaopts=None, versionopts=None, localdcopts=None):
self.setup_local_server(sambaopts, localdcopts)
- try:
- local_lsa = self.new_local_lsa_connection()
- except RuntimeError as error:
- raise self.LocalRuntimeError(self, error, "failed to connect lsa
server")
-
try:
local_policy_access = lsa.LSA_POLICY_VIEW_LOCAL_INFORMATION
(
+ local_lsa,
local_policy,
local_version,
local_revision_info1,
local_lsa_info
- ) = self.get_lsa_info(local_lsa, local_policy_access)
+ ) = self.get_lsa_info(self.new_local_lsa_connection,
local_policy_access)
except RuntimeError as error:
raise self.LocalRuntimeError(self, error, "failed to query
LSA_POLICY_INFO_DNS")
@@ -648,19 +660,16 @@ class cmd_domain_trust_modify(DomainTrustCommand):
raise CommandError("modification arguments are required, try
--help")
--
Samba Shared Repository
