Changeset 988 for vendor/current/source4/lib
- Timestamp:
- Nov 24, 2016, 1:14:11 PM (9 years ago)
- Location:
- vendor/current/source4/lib
- Files:
-
- 10 added
- 9 deleted
- 75 edited
-
cmdline/credentials.c (modified) (1 diff)
-
cmdline/popt_common.c (modified) (4 diffs)
-
cmdline/popt_common.h (modified) (2 diffs)
-
cmdline/popt_credentials.c (modified) (5 diffs)
-
cmdline/wscript_build (modified) (3 diffs)
-
com/classes/simple.c (modified) (1 diff)
-
com/dcom/dcom.h (modified) (1 diff)
-
com/dcom/main.c (modified) (4 diffs)
-
com/main.c (modified) (1 diff)
-
com/pycom.c (modified) (1 diff)
-
com/tables.c (modified) (1 diff)
-
com/wscript_build (modified) (2 diffs)
-
events/events.h (modified) (1 diff)
-
events/tevent_s4.c (modified) (2 diffs)
-
http (added)
-
http/gensec (added)
-
http/gensec/basic.c (added)
-
http/gensec/ntlm.c (added)
-
http/http.c (added)
-
http/http.h (added)
-
http/http_auth.c (added)
-
http/http_internal.h (added)
-
http/wscript_build (added)
-
ldb (deleted)
-
ldb-samba (deleted)
-
messaging/irpc.h (modified) (2 diffs)
-
messaging/messaging.c (modified) (29 diffs)
-
messaging/messaging.h (modified) (1 diff)
-
messaging/pymessaging.c (modified) (16 diffs)
-
messaging/tests/irpc.c (modified) (8 diffs)
-
messaging/tests/messaging.c (modified) (8 diffs)
-
messaging/wscript_build (modified) (1 diff)
-
policy/gp_filesys.c (modified) (13 diffs)
-
policy/gp_ini.c (modified) (1 diff)
-
policy/gp_ldap.c (modified) (33 diffs)
-
policy/gp_manage.c (modified) (7 diffs)
-
policy/policy.h (modified) (4 diffs)
-
policy/policy.pc.in (deleted)
-
policy/pypolicy.c (modified) (2 diffs)
-
policy/samba-policy.pc.in (added)
-
policy/tests (deleted)
-
policy/wscript_build (modified) (1 diff)
-
registry/dir.c (deleted)
-
registry/hive.c (modified) (3 diffs)
-
registry/ldb.c (modified) (6 diffs)
-
registry/local.c (modified) (6 diffs)
-
registry/man/regdiff.1.xml (modified) (2 diffs)
-
registry/man/regpatch.1.xml (modified) (1 diff)
-
registry/man/regshell.1.xml (modified) (1 diff)
-
registry/man/regtree.1.xml (modified) (1 diff)
-
registry/patchfile_dotreg.c (modified) (3 diffs)
-
registry/patchfile_preg.c (modified) (1 diff)
-
registry/pyregistry.c (modified) (21 diffs)
-
registry/regf.c (modified) (10 diffs)
-
registry/registry.h (modified) (2 diffs)
-
registry/registry.pc.in (deleted)
-
registry/rpc.c (modified) (2 diffs)
-
registry/tests/diff.c (modified) (1 diff)
-
registry/tests/generic.c (modified) (4 diffs)
-
registry/tests/hive.c (modified) (4 diffs)
-
registry/tests/registry.c (modified) (9 diffs)
-
registry/tools/common.c (modified) (1 diff)
-
registry/tools/regdiff.c (modified) (3 diffs)
-
registry/tools/regpatch.c (modified) (2 diffs)
-
registry/tools/regshell.c (modified) (20 diffs)
-
registry/tools/regtree.c (modified) (3 diffs)
-
registry/util.c (modified) (3 diffs)
-
registry/wscript_build (modified) (1 diff)
-
samba3/samba3.h (modified) (1 diff)
-
samba3/smbpasswd.c (modified) (1 diff)
-
smbreadline (deleted)
-
socket/access.c (modified) (3 diffs)
-
socket/connect.c (modified) (1 diff)
-
socket/connect_multi.c (modified) (6 diffs)
-
socket/interface.c (modified) (15 diffs)
-
socket/netif.c (deleted)
-
socket/netif.h (modified) (1 diff)
-
socket/socket.c (modified) (6 diffs)
-
socket/socket.h (modified) (3 diffs)
-
socket/socket_ip.c (modified) (32 diffs)
-
socket/socket_unix.c (modified) (14 diffs)
-
socket/testsuite.c (modified) (6 diffs)
-
socket/wscript_build (modified) (2 diffs)
-
stream/packet.c (modified) (10 diffs)
-
stream/packet.h (modified) (1 diff)
-
tls/tls.c (modified) (32 diffs)
-
tls/tls.h (modified) (5 diffs)
-
tls/tls_tstream.c (modified) (22 diffs)
-
tls/tlscert.c (modified) (7 diffs)
-
tls/wscript (modified) (3 diffs)
-
wmi/tools/wmis.c (modified) (1 diff)
-
wmi/wmi_wrap.c (modified) (6 diffs)
-
wmi/wmicore.c (modified) (1 diff)
-
wscript_build (deleted)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source4/lib/cmdline/credentials.c
r414 r988 25 25 static const char *cmdline_get_userpassword(struct cli_credentials *credentials) 26 26 { 27 char *ret;28 27 TALLOC_CTX *mem_ctx = talloc_new(NULL); 29 30 28 const char *prompt_name = cli_credentials_get_unparsed_name(credentials, mem_ctx); 31 29 const char *prompt; 30 static char pwd[256]; /* FIXME: Return a dup pwd and free it. */ 31 int rc; 32 32 33 33 prompt = talloc_asprintf(mem_ctx, "Password for [%s]:", 34 34 prompt_name); 35 35 36 ret = getpass(prompt); 36 memset(pwd, '\0', sizeof(pwd)); 37 rc = samba_getpass(prompt, pwd, sizeof(pwd), false, false); 38 talloc_free(mem_ctx); 39 if (rc < 0) { 40 return NULL; 41 } 37 42 38 talloc_free(mem_ctx); 39 return ret; 43 return pwd; 40 44 } 41 45 -
vendor/current/source4/lib/cmdline/popt_common.c
r740 r988 84 84 85 85 if (reason == POPT_CALLBACK_REASON_PRE) { 86 cmdline_lp_ctx = loadparm_init_global(false);87 88 86 /* Hook for 'almost the first thing to do in a samba program' here */ 89 87 /* setup for panics */ 90 fault_setup( poptGetInvocationName(con));88 fault_setup(); 91 89 92 90 /* and logging */ 93 setup_logging(pname, DEBUG_ STDOUT);91 setup_logging(pname, DEBUG_DEFAULT_STDOUT); 94 92 talloc_set_log_fn(popt_s4_talloc_log_fn); 95 93 talloc_set_abort_fn(smb_panic); 96 94 95 cmdline_lp_ctx = loadparm_init_global(false); 97 96 return; 98 97 } … … 188 187 } 189 188 190 struct poptOption popt_common_connection [] = {189 struct poptOption popt_common_connection4[] = { 191 190 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback }, 192 191 { "name-resolve", 'R', POPT_ARG_STRING, NULL, 'R', "Use these name resolution services only", "NAME-RESOLVE-ORDER" }, … … 201 200 }; 202 201 203 struct poptOption popt_common_samba [] = {202 struct poptOption popt_common_samba4[] = { 204 203 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_samba_callback }, 205 204 { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" }, … … 213 212 }; 214 213 215 struct poptOption popt_common_version [] = {214 struct poptOption popt_common_version4[] = { 216 215 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_version_callback }, 217 216 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" }, -
vendor/current/source4/lib/cmdline/popt_common.h
r414 r988 24 24 25 25 /* Common popt structures */ 26 extern struct poptOption popt_common_samba [];27 extern struct poptOption popt_common_connection [];28 extern struct poptOption popt_common_version [];29 extern struct poptOption popt_common_credentials [];26 extern struct poptOption popt_common_samba4[]; 27 extern struct poptOption popt_common_connection4[]; 28 extern struct poptOption popt_common_version4[]; 29 extern struct poptOption popt_common_credentials4[]; 30 30 31 31 #ifndef POPT_TABLEEND … … 33 33 #endif 34 34 35 #define POPT_COMMON_SAMBA { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_samba , 0, "Common samba options:", NULL },36 #define POPT_COMMON_CONNECTION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_connection , 0, "Connection options:", NULL },37 #define POPT_COMMON_VERSION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version , 0, "Common sambaoptions:", NULL },38 #define POPT_COMMON_CREDENTIALS { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_credentials , 0, "Authentication options:", NULL },35 #define POPT_COMMON_SAMBA { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_samba4, 0, "Common Samba options:", NULL }, 36 #define POPT_COMMON_CONNECTION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_connection4, 0, "Connection options:", NULL }, 37 #define POPT_COMMON_VERSION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version4, 0, "Version options:", NULL }, 38 #define POPT_COMMON_CREDENTIALS { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_credentials4, 0, "Authentication options:", NULL }, 39 39 40 40 extern struct cli_credentials *cmdline_credentials; 41 41 extern struct loadparm_context *cmdline_lp_ctx; 42 42 43 void popt_common_dont_ask(void);44 45 43 #endif /* _POPT_COMMON_H */ -
vendor/current/source4/lib/cmdline/popt_credentials.c
r740 r988 35 35 * --simple-bind-dn 36 36 * --password 37 * --krb5-ccache 37 38 */ 38 39 … … 40 41 static bool machine_account_pending; 41 42 42 enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS, OPT_SIGN, OPT_ENCRYPT }; 43 44 /* 45 disable asking for a password 46 */ 47 void popt_common_dont_ask(void) 48 { 49 dont_ask = true; 50 } 43 enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS, OPT_SIGN, OPT_ENCRYPT, OPT_KRB5_CCACHE }; 51 44 52 45 static void popt_common_credentials_callback(poptContext con, … … 131 124 break; 132 125 } 126 case OPT_KRB5_CCACHE: 127 { 128 const char *error_string; 129 if (cli_credentials_set_ccache(cmdline_credentials, cmdline_lp_ctx, arg, CRED_SPECIFIED, 130 &error_string) != 0) { 131 fprintf(stderr, "Error reading krb5 credentials cache: '%s' %s", arg, error_string); 132 exit(1); 133 } 134 break; 135 } 133 136 case OPT_SIGN: 134 137 { … … 158 161 159 162 160 struct poptOption popt_common_credentials [] = {163 struct poptOption popt_common_credentials4[] = { 161 164 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_credentials_callback }, 162 165 { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "[DOMAIN/]USERNAME[%PASSWORD]" }, … … 164 167 { "password", 0, POPT_ARG_STRING, NULL, OPT_PASSWORD, "Password" }, 165 168 { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" }, 166 { "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password (implies -k)" },169 { "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" }, 167 170 { "simple-bind-dn", 0, POPT_ARG_STRING, NULL, OPT_SIMPLE_BIND_DN, "DN to use for a simple bind" }, 168 171 { "kerberos", 'k', POPT_ARG_STRING, NULL, OPT_KERBEROS, "Use Kerberos, -k [yes|no]" }, 172 { "krb5-ccache", 0, POPT_ARG_STRING, NULL, OPT_KRB5_CCACHE, "Credentials cache location for Kerberos" }, 169 173 { "sign", 'S', POPT_ARG_NONE, NULL, OPT_SIGN, "Sign connection to prevent modification in transit" }, 170 174 { "encrypt", 'e', POPT_ARG_NONE, NULL, OPT_ENCRYPT, "Encrypt connection for privacy" }, -
vendor/current/source4/lib/cmdline/wscript_build
r740 r988 4 4 source='credentials.c', 5 5 autoproto='credentials.h', 6 public_deps='credentials popt', 6 public_deps='samba-credentials popt', 7 deps='samba-util', 7 8 private_library=True) 8 9 … … 10 11 source='popt_common.c', 11 12 public_deps='popt', 12 public_headers='popt_common.h:popt.h',13 13 header_path='samba', 14 14 deps='talloc samba-hostconfig' … … 18 18 source='popt_credentials.c', 19 19 autoproto='popt_credentials.h', 20 public_deps=' credentials CREDENTIALS_SECRETS cmdline-credentials popt',20 public_deps='samba-credentials CREDENTIALS_SECRETS cmdline-credentials popt', 21 21 deps='samba-util' 22 22 ) -
vendor/current/source4/lib/com/classes/simple.c
r414 r988 22 22 #include "lib/com/com.h" 23 23 #include "librpc/gen_ndr/com_dcom.h" 24 25 NTSTATUS com_simple_init(void); 24 26 25 27 static struct IClassFactory_vtable simple_classobject_vtable; -
vendor/current/source4/lib/com/dcom/dcom.h
r414 r988 51 51 struct dcom_object_exporter *object_exporter_by_oxid(struct com_context *ctx, uint64_t oxid); 52 52 struct dcom_object_exporter *object_exporter_by_ip(struct com_context *ctx, struct IUnknown *ip); 53 WERROR dcom_create_object(struct com_context *ctx, struct GUID *clsid, const char *server, int num_ifaces, struct GUID *iid, struct IUnknown ***ip, WERROR*results);53 WERROR dcom_create_object(struct com_context *ctx, struct GUID *clsid, const char *server, int num_ifaces, struct GUID *iid, struct IUnknown ***ip, HRESULT *results); 54 54 WERROR dcom_get_class_object(struct com_context *ctx, struct GUID *clsid, const char *server, struct GUID *iid, struct IUnknown **ip); 55 55 NTSTATUS dcom_get_pipe(struct IUnknown *iface, struct dcerpc_pipe **pp); -
vendor/current/source4/lib/com/dcom/main.c
r740 r988 37 37 static NTSTATUS dcerpc_binding_from_STRINGBINDING(TALLOC_CTX *mem_ctx, struct dcerpc_binding **b_out, struct STRINGBINDING *bd) 38 38 { 39 char *host, *endpoint; 39 char *tstr; 40 char *bstr; 41 enum dcerpc_transport_t transport; 40 42 struct dcerpc_binding *b; 41 43 42 b = talloc_zero(mem_ctx, struct dcerpc_binding); 43 if (!b) { 44 transport = dcerpc_transport_by_endpoint_protocol(bd->wTowerId); 45 if (transport == NCA_UNKNOWN) { 46 DEBUG(1, ("Can't find transport match endpoint protocol %d\n", bd->wTowerId)); 47 return NT_STATUS_NOT_SUPPORTED; 48 } 49 50 tstr = derpc_transport_string_by_transport(transport); 51 bstr = talloc_asprintf(mem_ctx, "%s:%s", tstr, bd->NetworkAddr); 52 if (bstr == NULL) { 44 53 return NT_STATUS_NO_MEMORY; 45 54 } 46 47 b->transport = dcerpc_transport_by_endpoint_protocol(bd->wTowerId); 48 49 if (b->transport == -1) { 50 DEBUG(1, ("Can't find transport match endpoint protocol %d\n", bd->wTowerId)); 51 talloc_free(b); 52 return NT_STATUS_NOT_SUPPORTED; 53 } 54 55 host = talloc_strdup(b, bd->NetworkAddr); 56 endpoint = strchr(host, '['); 57 58 if (endpoint) { 59 *endpoint = '\0'; 60 endpoint++; 61 62 endpoint[strlen(endpoint)-1] = '\0'; 63 } 64 65 b->host = host; 66 b->endpoint = talloc_strdup(b, endpoint); 55 56 status = dcerpc_parse_binding(mem_ctx, bstr, &b); 57 TALLOC_FREE(bstr); 58 if (!NT_STATUS_IS_OK(status)) { 59 return status; 60 } 67 61 68 62 *b_out = b; … … 247 241 } 248 242 249 WERROR dcom_create_object(struct com_context *ctx, struct GUID *clsid, const char *server, int num_ifaces, struct GUID *iid, struct IUnknown ***ip, WERROR*results)243 WERROR dcom_create_object(struct com_context *ctx, struct GUID *clsid, const char *server, int num_ifaces, struct GUID *iid, struct IUnknown ***ip, HRESULT *results) 250 244 { 251 245 uint16_t protseq[] = DCOM_NEGOTIATED_PROTOCOLS; … … 256 250 struct DUALSTRINGARRAY *pds; 257 251 int i; 258 WERRORhr;252 HRESULT hr; 259 253 uint64_t oxid; 260 254 struct GUID ipidRemUnknown; … … 308 302 goto end; 309 303 } 310 311 if(! W_ERROR_IS_OK(hr)) {304 305 if(!HRES_IS_OK(hr)) { 312 306 goto end; 313 307 } -
vendor/current/source4/lib/com/main.c
r740 r988 29 29 *ctx = talloc(NULL, struct com_context); 30 30 if (event_ctx == NULL) { 31 event_ctx = event_context_init(*ctx);31 event_ctx = samba_tevent_context_init(*ctx); 32 32 } 33 33 (*ctx)->event_ctx = event_ctx; -
vendor/current/source4/lib/com/pycom.c
r740 r988 23 23 #include "librpc/ndr/libndr.h" 24 24 #include "libcli/util/pyerrors.h" 25 26 void initcom(void); 25 27 26 28 static struct com_context *py_com_ctx = NULL; /* FIXME: evil global */ -
vendor/current/source4/lib/com/tables.c
r478 r988 70 70 71 71 if (!f) { 72 dlclose(mod); 72 73 return NULL; 73 74 } -
vendor/current/source4/lib/com/wscript_build
r740 r988 3 3 bld.SAMBA_SUBSYSTEM('COM', 4 4 source='tables.c rot.c main.c', 5 allow_warnings=True, 5 6 deps='samba-util samba-hostconfig events ndr NDR_DCOM' 6 7 ) … … 20 21 bld.SAMBA_MODULE('com_simple', 21 22 source='classes/simple.c', 23 allow_warnings=True, 22 24 deps='talloc', 23 25 subsystem='COM', -
vendor/current/source4/lib/events/events.h
r740 r988 1 1 #ifndef __LIB_EVENTS_H__ 2 2 #define __LIB_EVENTS_H__ 3 #define TEVENT_COMPAT_DEFINES 14 3 #include <tevent.h> 5 4 struct tevent_context *s4_event_context_init(TALLOC_CTX *mem_ctx); 6 struct tevent_context *event_context_find(TALLOC_CTX *mem_ctx) _DEPRECATED_;7 5 void s4_event_context_set_default(struct tevent_context *ev); 8 6 #endif /* __LIB_EVENTS_H__ */ -
vendor/current/source4/lib/events/tevent_s4.c
r740 r988 22 22 23 23 /* 24 this is used to catch debug messages from events25 */26 static void ev_wrap_debug(void *context, enum tevent_debug_level level,27 const char *fmt, va_list ap) PRINTF_ATTRIBUTE(3,0);28 29 static void ev_wrap_debug(void *context, enum tevent_debug_level level,30 const char *fmt, va_list ap)31 {32 int samba_level = -1;33 char *s = NULL;34 switch (level) {35 case TEVENT_DEBUG_FATAL:36 samba_level = 0;37 break;38 case TEVENT_DEBUG_ERROR:39 samba_level = 1;40 break;41 case TEVENT_DEBUG_WARNING:42 samba_level = 2;43 break;44 case TEVENT_DEBUG_TRACE:45 samba_level = 50;46 break;47 48 };49 vasprintf(&s, fmt, ap);50 if (!s) return;51 DEBUG(samba_level, ("tevent: %s", s));52 free(s);53 }54 55 /*56 24 create a event_context structure. This must be the first events 57 25 call, and all subsequent calls pass this event_context as the first … … 66 34 ev = tevent_context_init_byname(mem_ctx, NULL); 67 35 if (ev) { 68 tevent_set_debug(ev, ev_wrap_debug, NULL);36 samba_tevent_set_debug(ev, "s4_tevent"); 69 37 tevent_loop_allow_nesting(ev); 70 38 } -
vendor/current/source4/lib/messaging/irpc.h
r740 r988 36 36 bool defer_reply; 37 37 bool no_reply; 38 struct messaging_context *msg_ctx;38 struct imessaging_context *msg_ctx; 39 39 struct irpc_list *irpc; 40 40 void *data; 41 struct tevent_context *ev;42 41 }; 43 42 … … 59 58 struct ndr_interface_table; 60 59 61 NTSTATUS irpc_register(struct messaging_context *msg_ctx,60 NTSTATUS irpc_register(struct imessaging_context *msg_ctx, 62 61 const struct ndr_interface_table *table, 63 62 int call, irpc_function_t fn, void *private_data); 64 63 65 64 struct dcerpc_binding_handle *irpc_binding_handle(TALLOC_CTX *mem_ctx, 66 structmessaging_context *msg_ctx,67 struct server_id server_id,68 const struct ndr_interface_table *table);65 struct imessaging_context *msg_ctx, 66 struct server_id server_id, 67 const struct ndr_interface_table *table); 69 68 struct dcerpc_binding_handle *irpc_binding_handle_by_name(TALLOC_CTX *mem_ctx, 70 structmessaging_context *msg_ctx,71 const char *dest_task,72 const struct ndr_interface_table *table);69 struct imessaging_context *msg_ctx, 70 const char *dest_task, 71 const struct ndr_interface_table *table); 73 72 void irpc_binding_handle_add_security_token(struct dcerpc_binding_handle *h, 74 73 struct security_token *token); 75 74 76 NTSTATUS irpc_add_name(struct messaging_context *msg_ctx, const char *name); 77 struct server_id *irpc_servers_byname(struct messaging_context *msg_ctx, TALLOC_CTX *mem_ctx, const char *name); 78 void irpc_remove_name(struct messaging_context *msg_ctx, const char *name); 75 NTSTATUS irpc_add_name(struct imessaging_context *msg_ctx, const char *name); 76 NTSTATUS irpc_servers_byname(struct imessaging_context *msg_ctx, 77 TALLOC_CTX *mem_ctx, const char *name, 78 unsigned *num_servers, 79 struct server_id **servers); 80 struct irpc_name_records *irpc_all_servers(struct imessaging_context *msg_ctx, 81 TALLOC_CTX *mem_ctx); 82 void irpc_remove_name(struct imessaging_context *msg_ctx, const char *name); 79 83 NTSTATUS irpc_send_reply(struct irpc_message *m, NTSTATUS status); 80 84 -
vendor/current/source4/lib/messaging/messaging.c
r740 r988 1 /* 1 /* 2 2 Unix SMB/CIFS implementation. 3 3 … … 5 5 6 6 Copyright (C) Andrew Tridgell 2004 7 7 8 8 This program is free software; you can redistribute it and/or modify 9 9 it under the terms of the GNU General Public License as published by 10 10 the Free Software Foundation; either version 3 of the License, or 11 11 (at your option) any later version. 12 12 13 13 This program is distributed in the hope that it will be useful, 14 14 but WITHOUT ANY WARRANTY; without even the implied warranty of 15 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 16 GNU General Public License for more details. 17 17 18 18 You should have received a copy of the GNU General Public License 19 19 along with this program. If not, see <http://www.gnu.org/licenses/>. … … 28 28 #include "librpc/gen_ndr/ndr_irpc.h" 29 29 #include "lib/messaging/irpc.h" 30 #include "lib/util/tdb_wrap.h"31 30 #include "../lib/util/unix_privs.h" 32 31 #include "librpc/rpc/dcerpc.h" 33 #include <tdb.h>34 #include "../lib/util/util_tdb.h"35 32 #include "cluster/cluster.h" 36 33 #include "../lib/util/tevent_ntstatus.h" 34 #include "lib/param/param.h" 35 #include "lib/util/server_id_db.h" 36 #include "lib/util/talloc_report.h" 37 #include "../source3/lib/messages_dgm.h" 38 #include "../source3/lib/messages_dgm_ref.h" 39 #include "../source3/lib/messages_util.h" 40 #include <tdb.h> 37 41 38 42 /* change the message version with any incompatible changes in the protocol */ 39 #define MESSAGING_VERSION 143 #define IMESSAGING_VERSION 1 40 44 41 45 /* … … 43 47 */ 44 48 struct irpc_request { 45 struct messaging_context *msg_ctx;49 struct imessaging_context *msg_ctx; 46 50 int callid; 47 51 struct { … … 51 55 }; 52 56 53 struct messaging_context { 57 struct imessaging_context { 58 struct imessaging_context *prev, *next; 54 59 struct server_id server_id; 55 struct socket_context *sock; 56 const char *base_path; 57 const char *path; 60 const char *sock_dir; 61 const char *lock_dir; 58 62 struct dispatch_fn **dispatch; 59 63 uint32_t num_types; 60 64 struct idr_context *dispatch_tree; 61 struct messaging_rec *pending;62 struct messaging_rec *retry_queue;63 65 struct irpc_list *irpc; 64 66 struct idr_context *idr; 65 const char **names;67 struct server_id_db *names; 66 68 struct timeval start_time; 67 struct tevent_timer *retry_te; 68 struct { 69 struct tevent_context *ev; 70 struct tevent_fd *fde; 71 } event; 69 void *msg_dgm_ref; 72 70 }; 73 71 … … 82 80 83 81 /* an individual message */ 84 struct messaging_rec { 85 struct messaging_rec *next, *prev; 86 struct messaging_context *msg; 87 const char *path; 88 89 struct messaging_header { 90 uint32_t version; 91 uint32_t msg_type; 92 struct server_id from; 93 struct server_id to; 94 uint32_t length; 95 } *header; 96 97 DATA_BLOB packet; 98 uint32_t retries; 99 }; 100 101 102 static void irpc_handler(struct messaging_context *, void *, 82 83 static void irpc_handler(struct imessaging_context *, void *, 103 84 uint32_t, struct server_id, DATA_BLOB *); 104 85 … … 107 88 A useful function for testing the message system. 108 89 */ 109 static void ping_message(struct messaging_context *msg, void *private_data,90 static void ping_message(struct imessaging_context *msg, void *private_data, 110 91 uint32_t msg_type, struct server_id src, DATA_BLOB *data) 111 92 { 112 DEBUG(1,("INFO: Received PING message from server %u.%u [%.*s]\n", 113 (unsigned int)src.node, (unsigned int)src.id, (int)data->length, 93 struct server_id_buf idbuf; 94 DEBUG(1,("INFO: Received PING message from server %s [%.*s]\n", 95 server_id_str_buf(src, &idbuf), (int)data->length, 114 96 data->data?(const char *)data->data:"")); 115 messaging_send(msg, src, MSG_PONG, data); 97 imessaging_send(msg, src, MSG_PONG, data); 98 } 99 100 static void pool_message(struct imessaging_context *msg, void *private_data, 101 uint32_t msg_type, struct server_id src, 102 DATA_BLOB *data) 103 { 104 char *report; 105 106 report = talloc_report_str(msg, NULL); 107 108 if (report != NULL) { 109 DATA_BLOB blob = { .data = (uint8_t *)report, 110 .length = talloc_get_size(report) - 1}; 111 imessaging_send(msg, src, MSG_POOL_USAGE, &blob); 112 } 113 talloc_free(report); 116 114 } 117 115 … … 119 117 return uptime of messaging server via irpc 120 118 */ 121 static NTSTATUS irpc_uptime(struct irpc_message *msg, 119 static NTSTATUS irpc_uptime(struct irpc_message *msg, 122 120 struct irpc_uptime *r) 123 121 { 124 struct messaging_context *ctx = talloc_get_type(msg->private_data, structmessaging_context);122 struct imessaging_context *ctx = talloc_get_type(msg->private_data, struct imessaging_context); 125 123 *r->out.start_time = timeval_to_nttime(&ctx->start_time); 126 124 return NT_STATUS_OK; 127 125 } 128 126 129 /* 130 return the path to a messaging socket 131 */ 132 static char *messaging_path(struct messaging_context *msg, struct server_id server_id) 133 { 134 TALLOC_CTX *tmp_ctx = talloc_new(msg); 135 const char *id = cluster_id_string(tmp_ctx, server_id); 136 char *s; 137 if (id == NULL) { 138 return NULL; 139 } 140 s = talloc_asprintf(msg, "%s/msg.%s", msg->base_path, id); 141 talloc_steal(s, tmp_ctx); 142 return s; 143 } 144 145 /* 146 dispatch a fully received message 147 148 note that this deliberately can match more than one message handler 149 per message. That allows a single messasging context to register 150 (for example) a debug handler for more than one piece of code 151 */ 152 static void messaging_dispatch(struct messaging_context *msg, struct messaging_rec *rec) 153 { 154 struct dispatch_fn *d, *next; 155 127 static struct dispatch_fn *imessaging_find_dispatch( 128 struct imessaging_context *msg, uint32_t msg_type) 129 { 156 130 /* temporary IDs use an idtree, the rest use a array of pointers */ 157 if (rec->header->msg_type >= MSG_TMP_BASE) { 158 d = (struct dispatch_fn *)idr_find(msg->dispatch_tree, 159 rec->header->msg_type); 160 } else if (rec->header->msg_type < msg->num_types) { 161 d = msg->dispatch[rec->header->msg_type]; 162 } else { 163 d = NULL; 164 } 165 166 for (; d; d = next) { 167 DATA_BLOB data; 168 next = d->next; 169 data.data = rec->packet.data + sizeof(*rec->header); 170 data.length = rec->header->length; 171 d->fn(msg, d->private_data, d->msg_type, rec->header->from, &data); 172 } 173 rec->header->length = 0; 174 } 175 176 /* 177 handler for messages that arrive from other nodes in the cluster 178 */ 179 static void cluster_message_handler(struct messaging_context *msg, DATA_BLOB packet) 180 { 181 struct messaging_rec *rec; 182 183 rec = talloc(msg, struct messaging_rec); 184 if (rec == NULL) { 185 smb_panic("Unable to allocate messaging_rec"); 186 } 187 188 rec->msg = msg; 189 rec->path = msg->path; 190 rec->header = (struct messaging_header *)packet.data; 191 rec->packet = packet; 192 rec->retries = 0; 193 194 if (packet.length != sizeof(*rec->header) + rec->header->length) { 195 DEBUG(0,("messaging: bad message header size %d should be %d\n", 196 rec->header->length, (int)(packet.length - sizeof(*rec->header)))); 197 talloc_free(rec); 198 return; 199 } 200 201 messaging_dispatch(msg, rec); 202 talloc_free(rec); 203 } 204 205 206 207 /* 208 try to send the message 209 */ 210 static NTSTATUS try_send(struct messaging_rec *rec) 211 { 212 struct messaging_context *msg = rec->msg; 213 size_t nsent; 214 void *priv; 215 NTSTATUS status; 216 struct socket_address *path; 217 218 /* rec->path is the path of the *other* socket, where we want 219 * this to end up */ 220 path = socket_address_from_strings(msg, msg->sock->backend_name, 221 rec->path, 0); 222 if (!path) { 223 return NT_STATUS_NO_MEMORY; 224 } 225 226 /* we send with privileges so messages work from any context */ 227 priv = root_privileges(); 228 status = socket_sendto(msg->sock, &rec->packet, &nsent, path); 229 talloc_free(path); 230 talloc_free(priv); 231 232 return status; 233 } 234 235 /* 236 retry backed off messages 237 */ 238 static void msg_retry_timer(struct tevent_context *ev, struct tevent_timer *te, 239 struct timeval t, void *private_data) 240 { 241 struct messaging_context *msg = talloc_get_type(private_data, 242 struct messaging_context); 243 msg->retry_te = NULL; 244 245 /* put the messages back on the main queue */ 246 while (msg->retry_queue) { 247 struct messaging_rec *rec = msg->retry_queue; 248 DLIST_REMOVE(msg->retry_queue, rec); 249 DLIST_ADD_END(msg->pending, rec, struct messaging_rec *); 250 } 251 252 EVENT_FD_WRITEABLE(msg->event.fde); 253 } 254 255 /* 256 handle a socket write event 257 */ 258 static void messaging_send_handler(struct messaging_context *msg) 259 { 260 while (msg->pending) { 261 struct messaging_rec *rec = msg->pending; 262 NTSTATUS status; 263 status = try_send(rec); 264 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) { 265 rec->retries++; 266 if (rec->retries > 3) { 267 /* we're getting continuous write errors - 268 backoff this record */ 269 DLIST_REMOVE(msg->pending, rec); 270 DLIST_ADD_END(msg->retry_queue, rec, 271 struct messaging_rec *); 272 if (msg->retry_te == NULL) { 273 msg->retry_te = 274 event_add_timed(msg->event.ev, msg, 275 timeval_current_ofs(1, 0), 276 msg_retry_timer, msg); 277 } 278 } 279 break; 280 } 281 rec->retries = 0; 282 if (!NT_STATUS_IS_OK(status)) { 283 TALLOC_CTX *tmp_ctx = talloc_new(msg); 284 DEBUG(1,("messaging: Lost message from %s to %s of type %u - %s\n", 285 cluster_id_string(tmp_ctx, rec->header->from), 286 cluster_id_string(tmp_ctx, rec->header->to), 287 rec->header->msg_type, 288 nt_errstr(status))); 289 talloc_free(tmp_ctx); 290 } 291 DLIST_REMOVE(msg->pending, rec); 292 talloc_free(rec); 293 } 294 if (msg->pending == NULL) { 295 EVENT_FD_NOT_WRITEABLE(msg->event.fde); 296 } 297 } 298 299 /* 300 handle a new incoming packet 301 */ 302 static void messaging_recv_handler(struct messaging_context *msg) 303 { 304 struct messaging_rec *rec; 305 NTSTATUS status; 306 DATA_BLOB packet; 307 size_t msize; 308 309 /* see how many bytes are in the next packet */ 310 status = socket_pending(msg->sock, &msize); 311 if (!NT_STATUS_IS_OK(status)) { 312 DEBUG(0,("socket_pending failed in messaging - %s\n", 313 nt_errstr(status))); 314 return; 315 } 316 317 packet = data_blob_talloc(msg, NULL, msize); 318 if (packet.data == NULL) { 319 /* assume this is temporary and retry */ 320 return; 321 } 322 323 status = socket_recv(msg->sock, packet.data, msize, &msize); 324 if (!NT_STATUS_IS_OK(status)) { 325 data_blob_free(&packet); 326 return; 327 } 328 329 if (msize < sizeof(*rec->header)) { 330 DEBUG(0,("messaging: bad message of size %d\n", (int)msize)); 331 data_blob_free(&packet); 332 return; 333 } 334 335 rec = talloc(msg, struct messaging_rec); 336 if (rec == NULL) { 337 smb_panic("Unable to allocate messaging_rec"); 338 } 339 340 talloc_steal(rec, packet.data); 341 rec->msg = msg; 342 rec->path = msg->path; 343 rec->header = (struct messaging_header *)packet.data; 344 rec->packet = packet; 345 rec->retries = 0; 346 347 if (msize != sizeof(*rec->header) + rec->header->length) { 348 DEBUG(0,("messaging: bad message header size %d should be %d\n", 349 rec->header->length, (int)(msize - sizeof(*rec->header)))); 350 talloc_free(rec); 351 return; 352 } 353 354 messaging_dispatch(msg, rec); 355 talloc_free(rec); 356 } 357 358 359 /* 360 handle a socket event 361 */ 362 static void messaging_handler(struct tevent_context *ev, struct tevent_fd *fde, 363 uint16_t flags, void *private_data) 364 { 365 struct messaging_context *msg = talloc_get_type(private_data, 366 struct messaging_context); 367 if (flags & EVENT_FD_WRITE) { 368 messaging_send_handler(msg); 369 } 370 if (flags & EVENT_FD_READ) { 371 messaging_recv_handler(msg); 372 } 373 } 374 131 if (msg_type >= MSG_TMP_BASE) { 132 return (struct dispatch_fn *)idr_find(msg->dispatch_tree, 133 msg_type); 134 } 135 if (msg_type < msg->num_types) { 136 return msg->dispatch[msg_type]; 137 } 138 return NULL; 139 } 375 140 376 141 /* 377 142 Register a dispatch function for a particular message type. 378 143 */ 379 NTSTATUS messaging_register(structmessaging_context *msg, void *private_data,144 NTSTATUS imessaging_register(struct imessaging_context *msg, void *private_data, 380 145 uint32_t msg_type, msg_callback_t fn) 381 146 { … … 410 175 above MSG_TMP_BASE 411 176 */ 412 NTSTATUS messaging_register_tmp(structmessaging_context *msg, void *private_data,177 NTSTATUS imessaging_register_tmp(struct imessaging_context *msg, void *private_data, 413 178 msg_callback_t fn, uint32_t *msg_type) 414 179 { … … 436 201 De-register the function for a particular message type. 437 202 */ 438 void messaging_deregister(structmessaging_context *msg, uint32_t msg_type, void *private_data)203 void imessaging_deregister(struct imessaging_context *msg, uint32_t msg_type, void *private_data) 439 204 { 440 205 struct dispatch_fn *d, *next; 441 206 442 207 if (msg_type >= msg->num_types) { 443 d = (struct dispatch_fn *)idr_find(msg->dispatch_tree, 208 d = (struct dispatch_fn *)idr_find(msg->dispatch_tree, 444 209 msg_type); 445 210 if (!d) return; … … 461 226 Send a message to a particular server 462 227 */ 463 NTSTATUS messaging_send(struct messaging_context *msg, struct server_id server,228 NTSTATUS imessaging_send(struct imessaging_context *msg, struct server_id server, 464 229 uint32_t msg_type, const DATA_BLOB *data) 465 230 { 466 struct messaging_rec *rec; 467 NTSTATUS status; 468 size_t dlength = data?data->length:0; 469 470 rec = talloc(msg, struct messaging_rec); 471 if (rec == NULL) { 472 return NT_STATUS_NO_MEMORY; 473 } 474 475 rec->packet = data_blob_talloc(rec, NULL, sizeof(*rec->header) + dlength); 476 if (rec->packet.data == NULL) { 477 talloc_free(rec); 478 return NT_STATUS_NO_MEMORY; 479 } 480 481 rec->retries = 0; 482 rec->msg = msg; 483 rec->header = (struct messaging_header *)rec->packet.data; 484 /* zero padding */ 485 ZERO_STRUCTP(rec->header); 486 rec->header->version = MESSAGING_VERSION; 487 rec->header->msg_type = msg_type; 488 rec->header->from = msg->server_id; 489 rec->header->to = server; 490 rec->header->length = dlength; 491 if (dlength != 0) { 492 memcpy(rec->packet.data + sizeof(*rec->header), 493 data->data, dlength); 494 } 231 uint8_t hdr[MESSAGE_HDR_LENGTH]; 232 struct iovec iov[2]; 233 int num_iov, ret; 234 pid_t pid; 235 void *priv; 495 236 496 237 if (!cluster_node_equal(&msg->server_id, &server)) { 497 /* the destination is on another node - dispatch via 498 the cluster layer */ 499 status = cluster_message_send(server, &rec->packet); 500 talloc_free(rec); 501 return status; 502 } 503 504 rec->path = messaging_path(msg, server); 505 talloc_steal(rec, rec->path); 506 507 if (msg->pending != NULL) { 508 status = STATUS_MORE_ENTRIES; 509 } else { 510 status = try_send(rec); 511 } 512 513 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) { 514 if (msg->pending == NULL) { 515 EVENT_FD_WRITEABLE(msg->event.fde); 516 } 517 DLIST_ADD_END(msg->pending, rec, struct messaging_rec *); 238 /* No cluster in source4... */ 518 239 return NT_STATUS_OK; 519 240 } 520 241 521 talloc_free(rec); 522 523 return status; 242 message_hdr_put(hdr, msg_type, msg->server_id, server); 243 244 iov[0] = (struct iovec) { .iov_base = &hdr, .iov_len = sizeof(hdr) }; 245 num_iov = 1; 246 247 if (data != NULL) { 248 iov[1] = (struct iovec) { .iov_base = data->data, 249 .iov_len = data->length }; 250 num_iov += 1; 251 } 252 253 pid = server.pid; 254 if (pid == 0) { 255 pid = getpid(); 256 } 257 258 priv = root_privileges(); 259 ret = messaging_dgm_send(pid, iov, num_iov, NULL, 0); 260 TALLOC_FREE(priv); 261 if (ret != 0) { 262 return map_nt_error_from_unix_common(ret); 263 } 264 return NT_STATUS_OK; 524 265 } 525 266 … … 527 268 Send a message to a particular server, with the message containing a single pointer 528 269 */ 529 NTSTATUS messaging_send_ptr(struct messaging_context *msg, struct server_id server,270 NTSTATUS imessaging_send_ptr(struct imessaging_context *msg, struct server_id server, 530 271 uint32_t msg_type, void *ptr) 531 272 { … … 535 276 blob.length = sizeof(void *); 536 277 537 return messaging_send(msg, server, msg_type, &blob); 538 } 539 540 541 /* 542 destroy the messaging context 543 */ 544 static int messaging_destructor(struct messaging_context *msg) 545 { 546 unlink(msg->path); 547 while (msg->names && msg->names[0]) { 548 irpc_remove_name(msg, msg->names[0]); 278 return imessaging_send(msg, server, msg_type, &blob); 279 } 280 281 282 /* 283 remove our messaging socket and database entry 284 */ 285 int imessaging_cleanup(struct imessaging_context *msg) 286 { 287 if (!msg) { 288 return 0; 549 289 } 550 290 return 0; 551 291 } 552 292 293 static void imessaging_dgm_recv(const uint8_t *buf, size_t buf_len, 294 int *fds, size_t num_fds, 295 void *private_data); 296 553 297 /* 554 298 create the listening socket and setup the dispatcher 555 */ 556 struct messaging_context *messaging_init(TALLOC_CTX *mem_ctx, 557 const char *dir, 558 struct server_id server_id, 559 struct tevent_context *ev) 560 { 561 struct messaging_context *msg; 562 NTSTATUS status; 563 struct socket_address *path; 299 300 use auto_remove=true when you want a destructor to remove the 301 associated messaging socket and database entry on talloc free. Don't 302 use this in processes that may fork and a child may talloc free this 303 memory 304 */ 305 struct imessaging_context *imessaging_init(TALLOC_CTX *mem_ctx, 306 struct loadparm_context *lp_ctx, 307 struct server_id server_id, 308 struct tevent_context *ev, 309 bool auto_remove) 310 { 311 struct imessaging_context *msg; 312 bool ok; 313 int ret; 314 const char *lock_dir = NULL; 315 int tdb_flags = TDB_INCOMPATIBLE_HASH | TDB_CLEAR_IF_FIRST; 564 316 565 317 if (ev == NULL) { … … 567 319 } 568 320 569 msg = talloc_zero(mem_ctx, struct messaging_context);321 msg = talloc_zero(mem_ctx, struct imessaging_context); 570 322 if (msg == NULL) { 571 323 return NULL; 572 324 } 573 325 574 /* setup a handler for messages from other cluster nodes, if appropriate */575 status = cluster_message_init(msg, server_id, cluster_message_handler);576 if (!NT_STATUS_IS_OK(status)) {577 talloc_free(msg);578 return NULL;579 }580 581 326 /* create the messaging directory if needed */ 582 mkdir(dir, 0700); 583 584 msg->base_path = talloc_reference(msg, dir); 585 msg->path = messaging_path(msg, server_id); 327 328 lock_dir = lpcfg_lock_directory(lp_ctx); 329 if (lock_dir == NULL) { 330 goto fail; 331 } 332 333 msg->sock_dir = lpcfg_private_path(msg, lp_ctx, "msg.sock"); 334 if (msg->sock_dir == NULL) { 335 goto fail; 336 } 337 ok = directory_create_or_exist_strict(msg->sock_dir, geteuid(), 0700); 338 if (!ok) { 339 goto fail; 340 } 341 342 msg->lock_dir = lpcfg_lock_path(msg, lp_ctx, "msg.lock"); 343 if (msg->lock_dir == NULL) { 344 goto fail; 345 } 346 ok = directory_create_or_exist_strict(msg->lock_dir, geteuid(), 0755); 347 if (!ok) { 348 goto fail; 349 } 350 351 msg->msg_dgm_ref = messaging_dgm_ref( 352 msg, ev, &server_id.unique_id, msg->sock_dir, msg->lock_dir, 353 imessaging_dgm_recv, msg, &ret); 354 355 if (msg->msg_dgm_ref == NULL) { 356 goto fail; 357 } 358 586 359 msg->server_id = server_id; 587 360 msg->idr = idr_init(msg); 361 if (msg->idr == NULL) { 362 goto fail; 363 } 364 588 365 msg->dispatch_tree = idr_init(msg); 366 if (msg->dispatch_tree == NULL) { 367 goto fail; 368 } 369 589 370 msg->start_time = timeval_current(); 590 371 591 status = socket_create("unix", SOCKET_TYPE_DGRAM, &msg->sock, 0); 592 if (!NT_STATUS_IS_OK(status)) { 593 talloc_free(msg); 594 return NULL; 595 } 596 597 /* by stealing here we ensure that the socket is cleaned up (and even 598 deleted) on exit */ 599 talloc_steal(msg, msg->sock); 600 601 path = socket_address_from_strings(msg, msg->sock->backend_name, 602 msg->path, 0); 603 if (!path) { 604 talloc_free(msg); 605 return NULL; 606 } 607 608 status = socket_listen(msg->sock, path, 50, 0); 609 if (!NT_STATUS_IS_OK(status)) { 610 DEBUG(0,("Unable to setup messaging listener for '%s':%s\n", msg->path, nt_errstr(status))); 611 talloc_free(msg); 612 return NULL; 613 } 614 615 /* it needs to be non blocking for sends */ 616 set_blocking(socket_get_fd(msg->sock), false); 617 618 msg->event.ev = ev; 619 msg->event.fde = event_add_fd(ev, msg, socket_get_fd(msg->sock), 620 EVENT_FD_READ, messaging_handler, msg); 621 tevent_fd_set_auto_close(msg->event.fde); 622 623 talloc_set_destructor(msg, messaging_destructor); 624 625 messaging_register(msg, NULL, MSG_PING, ping_message); 626 messaging_register(msg, NULL, MSG_IRPC, irpc_handler); 372 tdb_flags |= lpcfg_tdb_flags(lp_ctx, 0); 373 374 msg->names = server_id_db_init(msg, server_id, lock_dir, 0, tdb_flags); 375 if (msg->names == NULL) { 376 goto fail; 377 } 378 379 if (auto_remove) { 380 talloc_set_destructor(msg, imessaging_cleanup); 381 } 382 383 imessaging_register(msg, NULL, MSG_PING, ping_message); 384 imessaging_register(msg, NULL, MSG_REQ_POOL_USAGE, pool_message); 385 imessaging_register(msg, NULL, MSG_IRPC, irpc_handler); 627 386 IRPC_REGISTER(msg, irpc, IRPC_UPTIME, irpc_uptime, msg); 628 387 629 388 return msg; 630 } 631 632 /* 633 A hack, for the short term until we get 'client only' messaging in place 634 */ 635 struct messaging_context *messaging_client_init(TALLOC_CTX *mem_ctx, 636 const char *dir, 389 fail: 390 talloc_free(msg); 391 return NULL; 392 } 393 394 static void imessaging_dgm_recv(const uint8_t *buf, size_t buf_len, 395 int *fds, size_t num_fds, 396 void *private_data) 397 { 398 struct imessaging_context *msg = talloc_get_type_abort( 399 private_data, struct imessaging_context); 400 uint32_t msg_type; 401 struct server_id src, dst; 402 struct server_id_buf srcbuf, dstbuf; 403 DATA_BLOB data; 404 405 if (buf_len < MESSAGE_HDR_LENGTH) { 406 /* Invalid message, ignore */ 407 return; 408 } 409 410 message_hdr_get(&msg_type, &src, &dst, buf); 411 412 data.data = discard_const_p(uint8_t, buf + MESSAGE_HDR_LENGTH); 413 data.length = buf_len - MESSAGE_HDR_LENGTH; 414 415 if ((cluster_id_equal(&dst, &msg->server_id)) || 416 ((dst.task_id == 0) && (msg->server_id.pid == 0))) { 417 struct dispatch_fn *d, *next; 418 419 DEBUG(10, ("%s: dst %s matches my id: %s, type=0x%x\n", 420 __func__, 421 server_id_str_buf(dst, &dstbuf), 422 server_id_str_buf(msg->server_id, &srcbuf), 423 (unsigned)msg_type)); 424 425 d = imessaging_find_dispatch(msg, msg_type); 426 427 for (; d; d = next) { 428 next = d->next; 429 d->fn(msg, d->private_data, d->msg_type, src, &data); 430 } 431 } else { 432 DEBUG(10, ("%s: Ignoring type=0x%x dst %s, I am %s, \n", 433 __func__, (unsigned)msg_type, 434 server_id_str_buf(dst, &dstbuf), 435 server_id_str_buf(msg->server_id, &srcbuf))); 436 } 437 } 438 439 /* 440 A hack, for the short term until we get 'client only' messaging in place 441 */ 442 struct imessaging_context *imessaging_client_init(TALLOC_CTX *mem_ctx, 443 struct loadparm_context *lp_ctx, 637 444 struct tevent_context *ev) 638 445 { 639 446 struct server_id id; 640 447 ZERO_STRUCT(id); 641 id.id = random() % 0x10000000; 642 return messaging_init(mem_ctx, dir, id, ev); 448 id.pid = getpid(); 449 id.task_id = generate_random(); 450 id.vnn = NONCLUSTER_VNN; 451 452 /* This is because we are not in the s3 serverid database */ 453 id.unique_id = SERVERID_UNIQUE_ID_NOT_TO_VERIFY; 454 455 return imessaging_init(mem_ctx, lp_ctx, id, ev, true); 643 456 } 644 457 /* … … 658 471 register a irpc server function 659 472 */ 660 NTSTATUS irpc_register(struct messaging_context *msg_ctx,661 const struct ndr_interface_table *table, 473 NTSTATUS irpc_register(struct imessaging_context *msg_ctx, 474 const struct ndr_interface_table *table, 662 475 int callnum, irpc_function_t fn, void *private_data) 663 476 { … … 689 502 handle an incoming irpc reply message 690 503 */ 691 static void irpc_handler_reply(struct messaging_context *msg_ctx, struct irpc_message *m)504 static void irpc_handler_reply(struct imessaging_context *msg_ctx, struct irpc_message *m) 692 505 { 693 506 struct irpc_request *irpc; … … 735 548 /* send the reply message */ 736 549 packet = ndr_push_blob(push); 737 status = messaging_send(m->msg_ctx, m->from, MSG_IRPC, &packet);550 status = imessaging_send(m->msg_ctx, m->from, MSG_IRPC, &packet); 738 551 if (!NT_STATUS_IS_OK(status)) goto failed; 739 552 … … 746 559 handle an incoming irpc request message 747 560 */ 748 static void irpc_handler_request(struct messaging_context *msg_ctx,561 static void irpc_handler_request(struct imessaging_context *msg_ctx, 749 562 struct irpc_message *m) 750 563 { … … 784 597 m->irpc = i; 785 598 m->data = r; 786 m->ev = msg_ctx->event.ev;787 599 788 600 m->header.status = i->fn(m, r); … … 810 622 handle an incoming irpc message 811 623 */ 812 static void irpc_handler(struct messaging_context *msg_ctx, void *private_data,624 static void irpc_handler(struct imessaging_context *msg_ctx, void *private_data, 813 625 uint32_t msg_type, struct server_id src, DATA_BLOB *packet) 814 626 { … … 855 667 856 668 /* 857 open the naming database 858 */ 859 static struct tdb_wrap *irpc_namedb_open(struct messaging_context *msg_ctx) 860 { 861 struct tdb_wrap *t; 862 char *path = talloc_asprintf(msg_ctx, "%s/names.tdb", msg_ctx->base_path); 863 if (path == NULL) { 669 add a string name that this irpc server can be called on 670 */ 671 NTSTATUS irpc_add_name(struct imessaging_context *msg_ctx, const char *name) 672 { 673 int ret; 674 675 ret = server_id_db_add(msg_ctx->names, name); 676 if (ret != 0) { 677 return map_nt_error_from_unix_common(ret); 678 } 679 return NT_STATUS_OK; 680 } 681 682 /* 683 return a list of server ids for a server name 684 */ 685 NTSTATUS irpc_servers_byname(struct imessaging_context *msg_ctx, 686 TALLOC_CTX *mem_ctx, const char *name, 687 unsigned *num_servers, 688 struct server_id **servers) 689 { 690 int ret; 691 692 ret = server_id_db_lookup(msg_ctx->names, name, mem_ctx, 693 num_servers, servers); 694 if (ret != 0) { 695 return map_nt_error_from_unix_common(ret); 696 } 697 return NT_STATUS_OK; 698 } 699 700 static int all_servers_func(const char *name, unsigned num_servers, 701 const struct server_id *servers, 702 void *private_data) 703 { 704 struct irpc_name_records *name_records = talloc_get_type( 705 private_data, struct irpc_name_records); 706 struct irpc_name_record *name_record; 707 int i; 708 709 name_records->names 710 = talloc_realloc(name_records, name_records->names, 711 struct irpc_name_record *, name_records->num_records+1); 712 if (!name_records->names) { 713 return -1; 714 } 715 716 name_records->names[name_records->num_records] = name_record 717 = talloc(name_records->names, 718 struct irpc_name_record); 719 if (!name_record) { 720 return -1; 721 } 722 723 name_records->num_records++; 724 725 name_record->name = talloc_strdup(name_record, name); 726 if (!name_record->name) { 727 return -1; 728 } 729 730 name_record->count = num_servers; 731 name_record->ids = talloc_array(name_record, struct server_id, 732 num_servers); 733 if (name_record->ids == NULL) { 734 return -1; 735 } 736 for (i=0;i<name_record->count;i++) { 737 name_record->ids[i] = servers[i]; 738 } 739 return 0; 740 } 741 742 /* 743 return a list of server ids for a server name 744 */ 745 struct irpc_name_records *irpc_all_servers(struct imessaging_context *msg_ctx, 746 TALLOC_CTX *mem_ctx) 747 { 748 int ret; 749 struct irpc_name_records *name_records = talloc_zero(mem_ctx, struct irpc_name_records); 750 if (name_records == NULL) { 864 751 return NULL; 865 752 } 866 t = tdb_wrap_open(msg_ctx, path, 0, 0, O_RDWR|O_CREAT, 0660); 867 talloc_free(path); 868 return t; 869 } 870 871 872 /* 873 add a string name that this irpc server can be called on 874 */ 875 NTSTATUS irpc_add_name(struct messaging_context *msg_ctx, const char *name) 876 { 877 struct tdb_wrap *t; 878 TDB_DATA rec; 879 int count; 880 NTSTATUS status = NT_STATUS_OK; 881 882 t = irpc_namedb_open(msg_ctx); 883 NT_STATUS_HAVE_NO_MEMORY(t); 884 885 if (tdb_lock_bystring(t->tdb, name) != 0) { 886 talloc_free(t); 887 return NT_STATUS_LOCK_NOT_GRANTED; 888 } 889 rec = tdb_fetch_bystring(t->tdb, name); 890 count = rec.dsize / sizeof(struct server_id); 891 rec.dptr = (unsigned char *)realloc_p(rec.dptr, struct server_id, count+1); 892 rec.dsize += sizeof(struct server_id); 893 if (rec.dptr == NULL) { 894 tdb_unlock_bystring(t->tdb, name); 895 talloc_free(t); 896 return NT_STATUS_NO_MEMORY; 897 } 898 ((struct server_id *)rec.dptr)[count] = msg_ctx->server_id; 899 if (tdb_store_bystring(t->tdb, name, rec, 0) != 0) { 900 status = NT_STATUS_INTERNAL_ERROR; 901 } 902 free(rec.dptr); 903 tdb_unlock_bystring(t->tdb, name); 904 talloc_free(t); 905 906 msg_ctx->names = str_list_add(msg_ctx->names, name); 907 talloc_steal(msg_ctx, msg_ctx->names); 908 909 return status; 910 } 911 912 /* 913 return a list of server ids for a server name 914 */ 915 struct server_id *irpc_servers_byname(struct messaging_context *msg_ctx, 916 TALLOC_CTX *mem_ctx, 917 const char *name) 918 { 919 struct tdb_wrap *t; 920 TDB_DATA rec; 921 int count, i; 922 struct server_id *ret; 923 924 t = irpc_namedb_open(msg_ctx); 925 if (t == NULL) { 753 754 ret = server_id_db_traverse_read(msg_ctx->names, all_servers_func, 755 name_records); 756 if (ret == -1) { 757 TALLOC_FREE(name_records); 926 758 return NULL; 927 759 } 928 760 929 if (tdb_lock_bystring(t->tdb, name) != 0) { 930 talloc_free(t); 931 return NULL; 932 } 933 rec = tdb_fetch_bystring(t->tdb, name); 934 if (rec.dptr == NULL) { 935 tdb_unlock_bystring(t->tdb, name); 936 talloc_free(t); 937 return NULL; 938 } 939 count = rec.dsize / sizeof(struct server_id); 940 ret = talloc_array(mem_ctx, struct server_id, count+1); 941 if (ret == NULL) { 942 tdb_unlock_bystring(t->tdb, name); 943 talloc_free(t); 944 return NULL; 945 } 946 for (i=0;i<count;i++) { 947 ret[i] = ((struct server_id *)rec.dptr)[i]; 948 } 949 ret[i] = cluster_id(0, 0); 950 free(rec.dptr); 951 tdb_unlock_bystring(t->tdb, name); 952 talloc_free(t); 953 954 return ret; 761 return name_records; 955 762 } 956 763 … … 958 765 remove a name from a messaging context 959 766 */ 960 void irpc_remove_name(struct messaging_context *msg_ctx, const char *name) 961 { 962 struct tdb_wrap *t; 963 TDB_DATA rec; 964 int count, i; 965 struct server_id *ids; 966 967 str_list_remove(msg_ctx->names, name); 968 969 t = irpc_namedb_open(msg_ctx); 970 if (t == NULL) { 971 return; 972 } 973 974 if (tdb_lock_bystring(t->tdb, name) != 0) { 975 talloc_free(t); 976 return; 977 } 978 rec = tdb_fetch_bystring(t->tdb, name); 979 if (rec.dptr == NULL) { 980 tdb_unlock_bystring(t->tdb, name); 981 talloc_free(t); 982 return; 983 } 984 count = rec.dsize / sizeof(struct server_id); 985 if (count == 0) { 986 free(rec.dptr); 987 tdb_unlock_bystring(t->tdb, name); 988 talloc_free(t); 989 return; 990 } 991 ids = (struct server_id *)rec.dptr; 992 for (i=0;i<count;i++) { 993 if (cluster_id_equal(&ids[i], &msg_ctx->server_id)) { 994 if (i < count-1) { 995 memmove(ids+i, ids+i+1, 996 sizeof(struct server_id) * (count-(i+1))); 997 } 998 rec.dsize -= sizeof(struct server_id); 999 break; 1000 } 1001 } 1002 tdb_store_bystring(t->tdb, name, rec, 0); 1003 free(rec.dptr); 1004 tdb_unlock_bystring(t->tdb, name); 1005 talloc_free(t); 1006 } 1007 1008 struct server_id messaging_get_server_id(struct messaging_context *msg_ctx) 767 void irpc_remove_name(struct imessaging_context *msg_ctx, const char *name) 768 { 769 server_id_db_remove(msg_ctx->names, name); 770 } 771 772 struct server_id imessaging_get_server_id(struct imessaging_context *msg_ctx) 1009 773 { 1010 774 return msg_ctx->server_id; … … 1012 776 1013 777 struct irpc_bh_state { 1014 struct messaging_context *msg_ctx;778 struct imessaging_context *msg_ctx; 1015 779 struct server_id server_id; 1016 780 const struct ndr_interface_table *table; … … 1085 849 ok = irpc_bh_is_connected(h); 1086 850 if (!ok) { 1087 tevent_req_nterror(req, NT_STATUS_ INVALID_CONNECTION);851 tevent_req_nterror(req, NT_STATUS_CONNECTION_DISCONNECTED); 1088 852 return tevent_req_post(req, ev); 1089 853 } … … 1138 902 /* and send it */ 1139 903 state->in_packet = ndr_push_blob(ndr); 1140 status = messaging_send(hs->msg_ctx, hs->server_id,904 status = imessaging_send(hs->msg_ctx, hs->server_id, 1141 905 MSG_IRPC, &state->in_packet); 1142 906 if (!NT_STATUS_IS_OK(status)) { … … 1177 941 m->ndr->data_size - m->ndr->offset); 1178 942 if ((m->ndr->data_size - m->ndr->offset) > 0 && !state->out_data.data) { 1179 tevent_req_ nomem(NULL,req);943 tevent_req_oom(req); 1180 944 return; 1181 945 } … … 1229 993 ok = irpc_bh_is_connected(h); 1230 994 if (!ok) { 1231 tevent_req_nterror(req, NT_STATUS_ INVALID_CONNECTION);995 tevent_req_nterror(req, NT_STATUS_CONNECTION_DISCONNECTED); 1232 996 return tevent_req_post(req, ev); 1233 997 } … … 1271 1035 /* initialise a irpc binding handle */ 1272 1036 struct dcerpc_binding_handle *irpc_binding_handle(TALLOC_CTX *mem_ctx, 1273 structmessaging_context *msg_ctx,1274 struct server_id server_id,1275 const struct ndr_interface_table *table)1037 struct imessaging_context *msg_ctx, 1038 struct server_id server_id, 1039 const struct ndr_interface_table *table) 1276 1040 { 1277 1041 struct dcerpc_binding_handle *h; … … 1293 1057 hs->timeout = IRPC_CALL_TIMEOUT; 1294 1058 1295 dcerpc_binding_handle_set_sync_ev(h, msg_ctx->event.ev);1296 1297 1059 return h; 1298 1060 } 1299 1061 1300 1062 struct dcerpc_binding_handle *irpc_binding_handle_by_name(TALLOC_CTX *mem_ctx, 1301 structmessaging_context *msg_ctx,1302 const char *dest_task,1303 const struct ndr_interface_table *table)1063 struct imessaging_context *msg_ctx, 1064 const char *dest_task, 1065 const struct ndr_interface_table *table) 1304 1066 { 1305 1067 struct dcerpc_binding_handle *h; 1068 unsigned num_sids; 1306 1069 struct server_id *sids; 1307 1070 struct server_id sid; 1071 NTSTATUS status; 1308 1072 1309 1073 /* find the server task */ 1310 sids = irpc_servers_byname(msg_ctx, mem_ctx, dest_task); 1311 if (sids == NULL) { 1312 errno = EADDRNOTAVAIL; 1313 return NULL; 1314 } 1315 if (sids[0].id == 0) { 1316 talloc_free(sids); 1074 1075 status = irpc_servers_byname(msg_ctx, mem_ctx, dest_task, 1076 &num_sids, &sids); 1077 if (!NT_STATUS_IS_OK(status)) { 1317 1078 errno = EADDRNOTAVAIL; 1318 1079 return NULL; -
vendor/current/source4/lib/messaging/messaging.h
r740 r988 19 19 */ 20 20 21 #ifndef _ MESSAGES_H_22 #define _ MESSAGES_H_21 #ifndef _SOURCE4_LIB_MESSAGING_MESSAGES_H_ 22 #define _SOURCE4_LIB_MESSAGING_MESSAGES_H_ 23 23 24 #include "librpc/gen_ndr/server_id4.h" 24 #include "librpc/gen_ndr/server_id.h" 25 #include "librpc/gen_ndr/messaging.h" 25 26 26 struct messaging_context; 27 28 /* general messages */ 29 #define MSG_DEBUG 1 30 #define MSG_PING 2 31 #define MSG_PONG 3 32 #define MSG_BRL_RETRY 4 33 #define MSG_PVFS_RETRY_OPEN 5 34 #define MSG_IRPC 6 35 #define MSG_PVFS_NOTIFY 7 36 #define MSG_NTVFS_OPLOCK_BREAK 8 37 #define MSG_DREPL_ALLOCATE_RID 9 38 39 /* temporary messaging endpoints are allocated above this line */ 40 #define MSG_TMP_BASE 1000 27 struct imessaging_context; 41 28 42 29 /* taskid for messaging of parent process */ 43 30 #define SAMBA_PARENT_TASKID 0 44 31 45 typedef void (*msg_callback_t)(struct messaging_context *msg, void *private_data,32 typedef void (*msg_callback_t)(struct imessaging_context *msg, void *private_data, 46 33 uint32_t msg_type, 47 34 struct server_id server_id, DATA_BLOB *data); 48 35 49 NTSTATUS messaging_send(structmessaging_context *msg, struct server_id server,36 NTSTATUS imessaging_send(struct imessaging_context *msg, struct server_id server, 50 37 uint32_t msg_type, const DATA_BLOB *data); 51 NTSTATUS messaging_register(structmessaging_context *msg, void *private_data,38 NTSTATUS imessaging_register(struct imessaging_context *msg, void *private_data, 52 39 uint32_t msg_type, 53 40 msg_callback_t fn); 54 NTSTATUS messaging_register_tmp(structmessaging_context *msg, void *private_data,41 NTSTATUS imessaging_register_tmp(struct imessaging_context *msg, void *private_data, 55 42 msg_callback_t fn, uint32_t *msg_type); 56 struct messaging_context *messaging_init(TALLOC_CTX *mem_ctx, 57 const char *dir, 58 struct server_id server_id, 43 struct imessaging_context *imessaging_init(TALLOC_CTX *mem_ctx, 44 struct loadparm_context *lp_ctx, 45 struct server_id server_id, 46 struct tevent_context *ev, 47 bool auto_remove); 48 int imessaging_cleanup(struct imessaging_context *msg); 49 struct imessaging_context *imessaging_client_init(TALLOC_CTX *mem_ctx, 50 struct loadparm_context *lp_ctx, 59 51 struct tevent_context *ev); 60 struct messaging_context *messaging_client_init(TALLOC_CTX *mem_ctx, 61 const char *dir, 62 struct tevent_context *ev); 63 NTSTATUS messaging_send_ptr(struct messaging_context *msg, struct server_id server, 52 NTSTATUS imessaging_send_ptr(struct imessaging_context *msg, struct server_id server, 64 53 uint32_t msg_type, void *ptr); 65 void messaging_deregister(structmessaging_context *msg, uint32_t msg_type, void *private_data);66 struct server_id messaging_get_server_id(structmessaging_context *msg_ctx);54 void imessaging_deregister(struct imessaging_context *msg, uint32_t msg_type, void *private_data); 55 struct server_id imessaging_get_server_id(struct imessaging_context *msg_ctx); 67 56 68 57 #endif -
vendor/current/source4/lib/messaging/pymessaging.c
r740 r988 22 22 #include <Python.h> 23 23 #include "includes.h" 24 #include " scripting/python/modules.h"24 #include "python/modules.h" 25 25 #include "libcli/util/pyerrors.h" 26 26 #include "librpc/rpc/pyrpc_util.h" 27 27 #include "librpc/ndr/libndr.h" 28 28 #include "lib/messaging/messaging.h" 29 #include "lib/messaging/irpc.h" 29 30 #include "lib/events/events.h" 30 31 #include "cluster/cluster.h" … … 32 33 #include "param/pyparam.h" 33 34 #include "librpc/rpc/dcerpc.h" 34 #include "librpc/gen_ndr/server_id4.h" 35 #include "librpc/gen_ndr/server_id.h" 36 #include <pytalloc.h> 35 37 36 38 void initmessaging(void); 37 39 38 extern PyTypeObject messaging_Type;40 extern PyTypeObject imessaging_Type; 39 41 40 42 static bool server_id_from_py(PyObject *object, struct server_id *server_id) 41 43 { 42 44 if (!PyTuple_Check(object)) { 43 PyErr_SetString(PyExc_ValueError, "Expected tuple"); 44 return false; 45 } 46 45 if (!py_check_dcerpc_type(object, "samba.dcerpc.server_id", "server_id")) { 46 47 PyErr_SetString(PyExc_ValueError, "Expected tuple or server_id"); 48 return false; 49 } 50 *server_id = *pytalloc_get_type(object, struct server_id); 51 return true; 52 } 47 53 if (PyTuple_Size(object) == 3) { 48 return PyArg_ParseTuple(object, "iii", &server_id->id, &server_id->id2, &server_id->node); 54 unsigned long long pid; 55 int task_id, vnn; 56 57 if (!PyArg_ParseTuple(object, "KII", &pid, &task_id, &vnn)) { 58 return false; 59 } 60 server_id->pid = pid; 61 server_id->task_id = task_id; 62 server_id->vnn = vnn; 63 return true; 49 64 } else { 50 int id, id2; 51 if (!PyArg_ParseTuple(object, "ii", &id, &id2)) 65 unsigned long long pid; 66 int task_id; 67 if (!PyArg_ParseTuple(object, "KI", &pid, &task_id)) 52 68 return false; 53 *server_id = cluster_id( id, id2);69 *server_id = cluster_id(pid, task_id); 54 70 return true; 55 71 } … … 59 75 PyObject_HEAD 60 76 TALLOC_CTX *mem_ctx; 61 struct messaging_context *msg_ctx;62 } messaging_Object;63 64 static PyObject *py_ messaging_connect(PyTypeObject *self, PyObject *args, PyObject *kwargs)77 struct imessaging_context *msg_ctx; 78 } imessaging_Object; 79 80 static PyObject *py_imessaging_connect(PyTypeObject *self, PyObject *args, PyObject *kwargs) 65 81 { 66 82 struct tevent_context *ev; 67 const char *kwnames[] = { "own_id", " messaging_path", NULL };83 const char *kwnames[] = { "own_id", "lp_ctx", NULL }; 68 84 PyObject *own_id = Py_None; 69 const char *messaging_path = NULL; 70 messaging_Object *ret; 71 72 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|Oz:connect", 73 discard_const_p(char *, kwnames), &own_id, &messaging_path)) { 74 return NULL; 75 } 76 77 ret = PyObject_New(messaging_Object, &messaging_Type); 85 PyObject *py_lp_ctx = Py_None; 86 imessaging_Object *ret; 87 struct loadparm_context *lp_ctx; 88 89 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|OO:connect", 90 discard_const_p(char *, kwnames), &own_id, &py_lp_ctx)) { 91 return NULL; 92 } 93 94 ret = PyObject_New(imessaging_Object, &imessaging_Type); 78 95 if (ret == NULL) 79 96 return NULL; … … 81 98 ret->mem_ctx = talloc_new(NULL); 82 99 100 lp_ctx = lpcfg_from_py_object(ret->mem_ctx, py_lp_ctx); 101 if (lp_ctx == NULL) { 102 PyErr_SetString(PyExc_RuntimeError, "imessaging_connect unable to interpret loadparm_context"); 103 talloc_free(ret->mem_ctx); 104 return NULL; 105 } 106 83 107 ev = s4_event_context_init(ret->mem_ctx); 84 85 if (messaging_path == NULL) {86 messaging_path = lpcfg_messaging_path(ret->mem_ctx,87 py_default_loadparm_context(ret->mem_ctx));88 } else {89 messaging_path = talloc_strdup(ret->mem_ctx, messaging_path);90 }91 108 92 109 if (own_id != Py_None) { … … 96 113 return NULL; 97 114 98 ret->msg_ctx = messaging_init(ret->mem_ctx,99 messaging_path,100 server_id,101 ev);115 ret->msg_ctx = imessaging_init(ret->mem_ctx, 116 lp_ctx, 117 server_id, 118 ev, true); 102 119 } else { 103 ret->msg_ctx = messaging_client_init(ret->mem_ctx,104 messaging_path,105 ev);120 ret->msg_ctx = imessaging_client_init(ret->mem_ctx, 121 lp_ctx, 122 ev); 106 123 } 107 124 108 125 if (ret->msg_ctx == NULL) { 109 PyErr_SetString(PyExc_RuntimeError, " messaging_connect unable to create a messaging context");126 PyErr_SetString(PyExc_RuntimeError, "imessaging_connect unable to create a messaging context"); 110 127 talloc_free(ret->mem_ctx); 111 128 return NULL; … … 115 132 } 116 133 117 static void py_ messaging_dealloc(PyObject *self)118 { 119 messaging_Object *iface = (messaging_Object *)self;134 static void py_imessaging_dealloc(PyObject *self) 135 { 136 imessaging_Object *iface = (imessaging_Object *)self; 120 137 talloc_free(iface->msg_ctx); 121 138 self->ob_type->tp_free(self); 122 139 } 123 140 124 static PyObject *py_ messaging_send(PyObject *self, PyObject *args, PyObject *kwargs)125 { 126 messaging_Object *iface = (messaging_Object *)self;141 static PyObject *py_imessaging_send(PyObject *self, PyObject *args, PyObject *kwargs) 142 { 143 imessaging_Object *iface = (imessaging_Object *)self; 127 144 uint32_t msg_type; 128 145 DATA_BLOB data; … … 131 148 struct server_id server; 132 149 const char *kwnames[] = { "target", "msg_type", "data", NULL }; 133 int length;150 Py_ssize_t length; 134 151 135 152 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "Ois#:send", … … 144 161 return NULL; 145 162 146 status = messaging_send(iface->msg_ctx, server, msg_type, &data);163 status = imessaging_send(iface->msg_ctx, server, msg_type, &data); 147 164 if (NT_STATUS_IS_ERR(status)) { 148 165 PyErr_SetNTSTATUS(status); … … 153 170 } 154 171 155 static void py_msg_callback_wrapper(struct messaging_context *msg, void *private_data,172 static void py_msg_callback_wrapper(struct imessaging_context *msg, void *private_data, 156 173 uint32_t msg_type, 157 174 struct server_id server_id, DATA_BLOB *data) 158 175 { 159 PyObject *callback = (PyObject *)private_data; 160 161 PyObject_CallFunction(callback, discard_const_p(char, "i(iii)s#"), msg_type, 162 server_id.id, server_id.id2, server_id.node, 176 PyObject *py_server_id, *callback = (PyObject *)private_data; 177 178 struct server_id *p_server_id = talloc(NULL, struct server_id); 179 if (!p_server_id) { 180 PyErr_NoMemory(); 181 return; 182 } 183 *p_server_id = server_id; 184 185 py_server_id = py_return_ndr_struct("samba.dcerpc.server_id", "server_id", p_server_id, p_server_id); 186 talloc_unlink(NULL, p_server_id); 187 188 PyObject_CallFunction(callback, discard_const_p(char, "i(O)s#"), msg_type, 189 py_server_id, 163 190 data->data, data->length); 164 191 } 165 192 166 static PyObject *py_ messaging_register(PyObject *self, PyObject *args, PyObject *kwargs)167 { 168 messaging_Object *iface = (messaging_Object *)self;193 static PyObject *py_imessaging_register(PyObject *self, PyObject *args, PyObject *kwargs) 194 { 195 imessaging_Object *iface = (imessaging_Object *)self; 169 196 int msg_type = -1; 170 197 PyObject *callback; … … 181 208 if (msg_type == -1) { 182 209 uint32_t msg_type32 = msg_type; 183 status = messaging_register_tmp(iface->msg_ctx, callback,210 status = imessaging_register_tmp(iface->msg_ctx, callback, 184 211 py_msg_callback_wrapper, &msg_type32); 185 212 msg_type = msg_type32; 186 213 } else { 187 status = messaging_register(iface->msg_ctx, callback,214 status = imessaging_register(iface->msg_ctx, callback, 188 215 msg_type, py_msg_callback_wrapper); 189 216 } … … 196 223 } 197 224 198 static PyObject *py_ messaging_deregister(PyObject *self, PyObject *args, PyObject *kwargs)199 { 200 messaging_Object *iface = (messaging_Object *)self;225 static PyObject *py_imessaging_deregister(PyObject *self, PyObject *args, PyObject *kwargs) 226 { 227 imessaging_Object *iface = (imessaging_Object *)self; 201 228 int msg_type = -1; 202 229 PyObject *callback; … … 208 235 } 209 236 210 messaging_deregister(iface->msg_ctx, msg_type, callback);237 imessaging_deregister(iface->msg_ctx, msg_type, callback); 211 238 212 239 Py_DECREF(callback); … … 215 242 } 216 243 217 static PyMethodDef py_messaging_methods[] = { 218 { "send", (PyCFunction)py_messaging_send, METH_VARARGS|METH_KEYWORDS, 244 static PyObject *py_irpc_servers_byname(PyObject *self, PyObject *args, PyObject *kwargs) 245 { 246 imessaging_Object *iface = (imessaging_Object *)self; 247 char *server_name; 248 unsigned i, num_ids; 249 struct server_id *ids; 250 PyObject *pylist; 251 TALLOC_CTX *mem_ctx = talloc_new(NULL); 252 NTSTATUS status; 253 254 if (!mem_ctx) { 255 PyErr_NoMemory(); 256 return NULL; 257 } 258 259 if (!PyArg_ParseTuple(args, "s", &server_name)) { 260 TALLOC_FREE(mem_ctx); 261 return NULL; 262 } 263 264 status = irpc_servers_byname(iface->msg_ctx, mem_ctx, server_name, 265 &num_ids, &ids); 266 if (!NT_STATUS_IS_OK(status)) { 267 TALLOC_FREE(mem_ctx); 268 PyErr_SetString(PyExc_KeyError, "No such name"); 269 return NULL; 270 } 271 272 pylist = PyList_New(num_ids); 273 if (pylist == NULL) { 274 TALLOC_FREE(mem_ctx); 275 PyErr_NoMemory(); 276 return NULL; 277 } 278 for (i = 0; i < num_ids; i++) { 279 PyObject *py_server_id; 280 struct server_id *p_server_id = talloc(NULL, struct server_id); 281 if (!p_server_id) { 282 PyErr_NoMemory(); 283 return NULL; 284 } 285 *p_server_id = ids[i]; 286 287 py_server_id = py_return_ndr_struct("samba.dcerpc.server_id", "server_id", p_server_id, p_server_id); 288 if (!py_server_id) { 289 return NULL; 290 } 291 PyList_SetItem(pylist, i, py_server_id); 292 talloc_unlink(NULL, p_server_id); 293 } 294 TALLOC_FREE(mem_ctx); 295 return pylist; 296 } 297 298 static PyObject *py_irpc_all_servers(PyObject *self, PyObject *args, PyObject *kwargs) 299 { 300 imessaging_Object *iface = (imessaging_Object *)self; 301 PyObject *pylist; 302 int i; 303 struct irpc_name_records *records; 304 TALLOC_CTX *mem_ctx = talloc_new(NULL); 305 if (!mem_ctx) { 306 PyErr_NoMemory(); 307 return NULL; 308 } 309 310 records = irpc_all_servers(iface->msg_ctx, mem_ctx); 311 if (records == NULL) { 312 return NULL; 313 } 314 315 pylist = PyList_New(records->num_records); 316 if (pylist == NULL) { 317 TALLOC_FREE(mem_ctx); 318 PyErr_NoMemory(); 319 return NULL; 320 } 321 for (i = 0; i < records->num_records; i++) { 322 PyObject *py_name_record 323 = py_return_ndr_struct("samba.dcerpc.irpc", 324 "name_record", 325 records->names[i], 326 records->names[i]); 327 if (!py_name_record) { 328 return NULL; 329 } 330 PyList_SetItem(pylist, i, 331 py_name_record); 332 } 333 TALLOC_FREE(mem_ctx); 334 return pylist; 335 } 336 337 static PyMethodDef py_imessaging_methods[] = { 338 { "send", (PyCFunction)py_imessaging_send, METH_VARARGS|METH_KEYWORDS, 219 339 "S.send(target, msg_type, data) -> None\nSend a message" }, 220 { "register", (PyCFunction)py_ messaging_register, METH_VARARGS|METH_KEYWORDS,340 { "register", (PyCFunction)py_imessaging_register, METH_VARARGS|METH_KEYWORDS, 221 341 "S.register(callback, msg_type=None) -> msg_type\nRegister a message handler" }, 222 { "deregister", (PyCFunction)py_ messaging_deregister, METH_VARARGS|METH_KEYWORDS,342 { "deregister", (PyCFunction)py_imessaging_deregister, METH_VARARGS|METH_KEYWORDS, 223 343 "S.deregister(callback, msg_type) -> None\nDeregister a message handler" }, 344 { "irpc_servers_byname", (PyCFunction)py_irpc_servers_byname, METH_VARARGS, 345 "S.irpc_servers_byname(name) -> list\nGet list of server_id values that are registered for a particular name" }, 346 { "irpc_all_servers", (PyCFunction)py_irpc_all_servers, METH_NOARGS, 347 "S.irpc_servers_byname() -> list\nGet list of all registered names and the associated server_id values" }, 224 348 { NULL, NULL, 0, NULL } 225 349 }; 226 350 227 static PyObject *py_messaging_server_id(PyObject *obj, void *closure) 228 { 229 messaging_Object *iface = (messaging_Object *)obj; 230 struct server_id server_id = messaging_get_server_id(iface->msg_ctx); 231 232 return Py_BuildValue("(iii)", server_id.id, server_id.id2, 233 server_id.node); 234 } 235 236 static PyGetSetDef py_messaging_getset[] = { 237 { discard_const_p(char, "server_id"), py_messaging_server_id, NULL, 351 static PyObject *py_imessaging_server_id(PyObject *obj, void *closure) 352 { 353 imessaging_Object *iface = (imessaging_Object *)obj; 354 PyObject *py_server_id; 355 struct server_id server_id = imessaging_get_server_id(iface->msg_ctx); 356 struct server_id *p_server_id = talloc(NULL, struct server_id); 357 if (!p_server_id) { 358 PyErr_NoMemory(); 359 return NULL; 360 } 361 *p_server_id = server_id; 362 363 py_server_id = py_return_ndr_struct("samba.dcerpc.server_id", "server_id", p_server_id, p_server_id); 364 talloc_unlink(NULL, p_server_id); 365 366 return py_server_id; 367 } 368 369 static PyGetSetDef py_imessaging_getset[] = { 370 { discard_const_p(char, "server_id"), py_imessaging_server_id, NULL, 238 371 discard_const_p(char, "local server id") }, 239 372 { NULL }, … … 241 374 242 375 243 PyTypeObject messaging_Type = {376 PyTypeObject imessaging_Type = { 244 377 PyObject_HEAD_INIT(NULL) 0, 245 378 .tp_name = "messaging.Messaging", 246 .tp_basicsize = sizeof( messaging_Object),379 .tp_basicsize = sizeof(imessaging_Object), 247 380 .tp_flags = Py_TPFLAGS_DEFAULT|Py_TPFLAGS_BASETYPE, 248 .tp_new = py_messaging_connect, 249 .tp_dealloc = py_messaging_dealloc, 250 .tp_methods = py_messaging_methods, 251 .tp_getset = py_messaging_getset, 252 .tp_doc = "Messaging(own_id=None, messaging_path=None)\n" \ 253 "Create a new object that can be used to communicate with the peers in the specified messaging path.\n" \ 254 "If no path is specified, the default path from smb.conf will be used." 381 .tp_new = py_imessaging_connect, 382 .tp_dealloc = py_imessaging_dealloc, 383 .tp_methods = py_imessaging_methods, 384 .tp_getset = py_imessaging_getset, 385 .tp_doc = "Messaging(own_id=None)\n" \ 386 "Create a new object that can be used to communicate with the peers in the specified messaging path.\n" 255 387 }; 256 388 … … 259 391 PyObject *mod; 260 392 261 if (PyType_Ready(& messaging_Type) < 0)393 if (PyType_Ready(&imessaging_Type) < 0) 262 394 return; 263 395 … … 266 398 return; 267 399 268 Py_INCREF((PyObject *)& messaging_Type);269 PyModule_AddObject(mod, "Messaging", (PyObject *)& messaging_Type);270 } 400 Py_INCREF((PyObject *)&imessaging_Type); 401 PyModule_AddObject(mod, "Messaging", (PyObject *)&imessaging_Type); 402 } -
vendor/current/source4/lib/messaging/tests/irpc.c
r740 r988 28 28 #include "cluster/cluster.h" 29 29 #include "param/param.h" 30 #include "torture/local/proto.h" 30 31 31 32 const uint32_t MSG_ID1 = 1, MSG_ID2 = 2; … … 35 36 struct irpc_test_data 36 37 { 37 struct messaging_context *msg_ctx1, *msg_ctx2;38 struct imessaging_context *msg_ctx1, *msg_ctx2; 38 39 struct tevent_context *ev; 39 40 }; … … 74 75 static NTSTATUS irpc_EchoData(struct irpc_message *irpc, struct echo_EchoData *r) 75 76 { 77 struct irpc_test_data *data = talloc_get_type_abort(irpc->private_data, struct irpc_test_data); 76 78 irpc->defer_reply = true; 77 event_add_timed(irpc->ev, irpc, timeval_zero(), deferred_echodata, irpc);79 tevent_add_timer(data->ev, irpc, timeval_zero(), deferred_echodata, irpc); 78 80 return NT_STATUS_OK; 79 81 } … … 101 103 102 104 test_debug = true; 105 /* 106 * Note: this makes use of nested event loops 107 * as client and server use the same loop. 108 */ 109 dcerpc_binding_handle_set_sync_ev(irpc_handle, data->ev); 103 110 status = dcerpc_echo_AddOne_r(irpc_handle, test, &r); 104 111 test_debug = false; … … 135 142 r.in.len = strlen((char *)r.in.in_data); 136 143 144 /* 145 * Note: this makes use of nested event loops 146 * as client and server use the same loop. 147 */ 148 dcerpc_binding_handle_set_sync_ev(irpc_handle, data->ev); 137 149 status = dcerpc_echo_EchoData_r(irpc_handle, mem_ctx, &r); 138 150 torture_assert_ntstatus_ok(tctx, status, "EchoData failed"); … … 219 231 220 232 while (ping_count > pong_count + 20) { 221 event_loop_once(data->ev);233 tevent_loop_once(data->ev); 222 234 } 223 235 } … … 226 238 ping_count - pong_count, pong_count); 227 239 while (timeval_elapsed(&tv) < 30 && pong_count < ping_count) { 228 event_loop_once(data->ev);240 tevent_loop_once(data->ev); 229 241 } 230 242 … … 247 259 data->ev = tctx->ev; 248 260 torture_assert(tctx, data->msg_ctx1 = 249 messaging_init(tctx,250 lpcfg_messaging_path(tctx, tctx->lp_ctx),261 imessaging_init(tctx, 262 tctx->lp_ctx, 251 263 cluster_id(0, MSG_ID1), 252 data->ev ),264 data->ev, true), 253 265 "Failed to init first messaging context"); 254 266 255 267 torture_assert(tctx, data->msg_ctx2 = 256 messaging_init(tctx,257 lpcfg_messaging_path(tctx, tctx->lp_ctx),268 imessaging_init(tctx, 269 tctx->lp_ctx, 258 270 cluster_id(0, MSG_ID2), 259 data->ev ),271 data->ev, true), 260 272 "Failed to init second messaging context"); 261 273 262 274 /* register the server side function */ 263 IRPC_REGISTER(data->msg_ctx1, rpcecho, ECHO_ADDONE, irpc_AddOne, NULL);264 IRPC_REGISTER(data->msg_ctx2, rpcecho, ECHO_ADDONE, irpc_AddOne, NULL);265 266 IRPC_REGISTER(data->msg_ctx1, rpcecho, ECHO_ECHODATA, irpc_EchoData, NULL);267 IRPC_REGISTER(data->msg_ctx2, rpcecho, ECHO_ECHODATA, irpc_EchoData, NULL);275 IRPC_REGISTER(data->msg_ctx1, rpcecho, ECHO_ADDONE, irpc_AddOne, data); 276 IRPC_REGISTER(data->msg_ctx2, rpcecho, ECHO_ADDONE, irpc_AddOne, data); 277 278 IRPC_REGISTER(data->msg_ctx1, rpcecho, ECHO_ECHODATA, irpc_EchoData, data); 279 IRPC_REGISTER(data->msg_ctx2, rpcecho, ECHO_ECHODATA, irpc_EchoData, data); 268 280 269 281 return true; -
vendor/current/source4/lib/messaging/tests/messaging.c
r740 r988 26 26 #include "cluster/cluster.h" 27 27 #include "param/param.h" 28 28 #include "torture/local/proto.h" 29 29 30 30 static uint32_t msg_pong; 31 31 32 static void ping_message(struct messaging_context *msg, void *private_data,32 static void ping_message(struct imessaging_context *msg, void *private_data, 33 33 uint32_t msg_type, struct server_id src, DATA_BLOB *data) 34 34 { 35 35 NTSTATUS status; 36 status = messaging_send(msg, src, msg_pong, data);36 status = imessaging_send(msg, src, msg_pong, data); 37 37 if (!NT_STATUS_IS_OK(status)) { 38 38 printf("pong failed - %s\n", nt_errstr(status)); … … 40 40 } 41 41 42 static void pong_message(struct messaging_context *msg, void *private_data,42 static void pong_message(struct imessaging_context *msg, void *private_data, 43 43 uint32_t msg_type, struct server_id src, DATA_BLOB *data) 44 44 { … … 47 47 } 48 48 49 static void exit_message(struct messaging_context *msg, void *private_data,49 static void exit_message(struct imessaging_context *msg, void *private_data, 50 50 uint32_t msg_type, struct server_id src, DATA_BLOB *data) 51 51 { … … 60 60 { 61 61 struct tevent_context *ev; 62 struct messaging_context *msg_client_ctx;63 struct messaging_context *msg_server_ctx;62 struct imessaging_context *msg_client_ctx; 63 struct imessaging_context *msg_server_ctx; 64 64 int ping_count = 0; 65 65 int pong_count = 0; … … 72 72 ev = tctx->ev; 73 73 74 msg_server_ctx = messaging_init(tctx,75 lpcfg_messaging_path(tctx, tctx->lp_ctx), cluster_id(0, 1),76 ev);74 msg_server_ctx = imessaging_init(tctx, 75 tctx->lp_ctx, cluster_id(0, 1), 76 ev, true); 77 77 78 78 torture_assert(tctx, msg_server_ctx != NULL, "Failed to init ping messaging context"); 79 79 80 messaging_register_tmp(msg_server_ctx, NULL, ping_message, &msg_ping);81 messaging_register_tmp(msg_server_ctx, tctx, exit_message, &msg_exit);80 imessaging_register_tmp(msg_server_ctx, NULL, ping_message, &msg_ping); 81 imessaging_register_tmp(msg_server_ctx, tctx, exit_message, &msg_exit); 82 82 83 msg_client_ctx = messaging_init(tctx,84 lpcfg_messaging_path(tctx, tctx->lp_ctx),85 cluster_id(0, 2),86 ev);83 msg_client_ctx = imessaging_init(tctx, 84 tctx->lp_ctx, 85 cluster_id(0, 2), 86 ev, true); 87 87 88 88 torture_assert(tctx, msg_client_ctx != NULL, 89 "msg_client_ctx messaging_init() failed");89 "msg_client_ctx imessaging_init() failed"); 90 90 91 messaging_register_tmp(msg_client_ctx, &pong_count, pong_message, &msg_pong);91 imessaging_register_tmp(msg_client_ctx, &pong_count, pong_message, &msg_pong); 92 92 93 93 tv = timeval_current(); … … 101 101 data.length = strlen((const char *)data.data); 102 102 103 status1 = messaging_send(msg_client_ctx, cluster_id(0, 1), msg_ping, &data);104 status2 = messaging_send(msg_client_ctx, cluster_id(0, 1), msg_ping, NULL);103 status1 = imessaging_send(msg_client_ctx, cluster_id(0, 1), msg_ping, &data); 104 status2 = imessaging_send(msg_client_ctx, cluster_id(0, 1), msg_ping, NULL); 105 105 106 106 torture_assert_ntstatus_ok(tctx, status1, "msg1 failed"); … … 111 111 112 112 while (ping_count > pong_count + 20) { 113 event_loop_once(ev);113 tevent_loop_once(ev); 114 114 } 115 115 } … … 118 118 ping_count - pong_count, pong_count); 119 119 while (timeval_elapsed(&tv) < 30 && pong_count < ping_count) { 120 event_loop_once(ev);120 tevent_loop_once(ev); 121 121 } 122 122 123 123 torture_comment(tctx, "sending exit\n"); 124 messaging_send(msg_client_ctx, cluster_id(0, 1), msg_exit, NULL);124 imessaging_send(msg_client_ctx, cluster_id(0, 1), msg_exit, NULL); 125 125 126 126 torture_assert_int_equal(tctx, ping_count, pong_count, "ping test failed"); -
vendor/current/source4/lib/messaging/wscript_build
r740 r988 2 2 3 3 4 bld.SAMBA_ SUBSYSTEM('MESSAGING',4 bld.SAMBA_LIBRARY('MESSAGING', 5 5 source='messaging.c', 6 public_deps='samba-util tdb-wrap NDR_IRPC UNIX_PRIVS UTIL_TDB cluster ndr samba_socket dcerpc' 6 public_deps='samba-util NDR_IRPC UNIX_PRIVS cluster ndr dcerpc messages_util server_id_db talloc_report', 7 private_library=True 7 8 ) 8 9 9 10 10 bld.SAMBA_PYTHON('python_messaging', 11 11 source='pymessaging.c', 12 deps='MESSAGING events pyparam_util ',12 deps='MESSAGING events pyparam_util pytalloc-util', 13 13 realname='samba/messaging.so' 14 14 ) -
vendor/current/source4/lib/policy/gp_filesys.c
r740 r988 18 18 */ 19 19 #include "includes.h" 20 #include "system/filesys.h" 20 21 #include "lib/policy/policy.h" 21 22 #include "libcli/raw/smb.h" … … 24 25 #include "libcli/resolve/resolve.h" 25 26 #include "libcli/raw/libcliraw.h" 26 #include <sys/stat.h>27 #include <fcntl.h>28 #include <unistd.h>29 27 #include <dirent.h> 30 28 #include <errno.h> … … 165 163 lpcfg_smbcli_session_options(gp_ctx->lp_ctx, &session_options); 166 164 167 168 165 return smbcli_full_connection(gp_ctx, 169 166 &gp_ctx->cli, 170 gp_ctx->active_dc .name,167 gp_ctx->active_dc->name, 171 168 lpcfg_smb_ports(gp_ctx->lp_ctx), 172 169 "sysvol", … … 255 252 "%s (remote %zu, local %zu).\n", 256 253 remote_src, file_size, nread)); 254 close(fh_local); 257 255 talloc_free(buf); 258 256 return NT_STATUS_UNSUCCESSFUL; … … 283 281 /* Get local path by replacing backslashes with slashes */ 284 282 local_rel_path = talloc_strdup(mem_ctx, list->files[i].rel_path); 285 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(local_rel_path, mem_ctx); 283 if (local_rel_path == NULL) { 284 TALLOC_FREE(mem_ctx); 285 return NT_STATUS_NO_MEMORY; 286 } 286 287 string_replace(local_rel_path, '\\', '/'); 287 288 288 289 full_local_path = talloc_asprintf(mem_ctx, "%s%s", local_path, 289 290 local_rel_path); 290 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(full_local_path, mem_ctx); 291 if (full_local_path == NULL) { 292 TALLOC_FREE(mem_ctx); 293 return NT_STATUS_NO_MEMORY; 294 } 291 295 292 296 /* If the entry is a directory, create it. */ … … 304 308 full_remote_path = talloc_asprintf(mem_ctx, "%s%s", share_path, 305 309 list->files[i].rel_path); 306 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(full_remote_path, mem_ctx); 310 if (full_remote_path == NULL) { 311 TALLOC_FREE(mem_ctx); 312 return NT_STATUS_NO_MEMORY; 313 } 307 314 308 315 /* Get the file */ … … 343 350 /* Get the remote path to copy from */ 344 351 share_path = gp_get_share_path(mem_ctx, gpo->file_sys_path); 345 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(share_path, mem_ctx); 352 if (share_path == NULL) { 353 TALLOC_FREE(mem_ctx); 354 return NT_STATUS_NO_MEMORY; 355 } 346 356 347 357 /* Get the local path to copy to */ 348 358 local_path = talloc_asprintf(gp_ctx, "%s/%s", gp_tmpdir(mem_ctx), gpo->name); 349 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(local_path, mem_ctx); 359 if (local_path == NULL) { 360 TALLOC_FREE(mem_ctx); 361 return NT_STATUS_NO_MEMORY; 362 } 350 363 351 364 /* Prepare the state structure */ 352 365 state = talloc_zero(mem_ctx, struct gp_list_state); 353 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(state, mem_ctx); 366 if (state == NULL) { 367 TALLOC_FREE(mem_ctx); 368 return NT_STATUS_NO_MEMORY; 369 } 354 370 355 371 state->tree = gp_ctx->cli->tree; … … 396 412 DIR *dir; 397 413 struct dirent *dirent; 398 char *entry_local_path ;399 char *entry_remote_path ;414 char *entry_local_path = NULL; 415 char *entry_remote_path = NULL; 400 416 int local_fd, remote_fd; 401 417 int buf[1024]; 402 418 int nread, total_read; 403 419 struct stat s; 420 NTSTATUS status; 404 421 405 422 dir = opendir(local_path); … … 412 429 entry_local_path = talloc_asprintf(gp_ctx, "%s/%s", local_path, 413 430 dirent->d_name); 414 NT_STATUS_HAVE_NO_MEMORY(entry_local_path); 431 if (entry_local_path == NULL) { 432 status = NT_STATUS_NO_MEMORY; 433 goto done; 434 } 415 435 416 436 entry_remote_path = talloc_asprintf(gp_ctx, "%s\\%s", 417 437 remote_path, dirent->d_name); 418 NT_STATUS_HAVE_NO_MEMORY(entry_remote_path); 419 420 if (stat(dirent->d_name, &s) != 0) { 421 return NT_STATUS_UNSUCCESSFUL; 438 if (entry_remote_path == NULL) { 439 status = NT_STATUS_NO_MEMORY; 440 goto done; 441 } 442 443 if (stat(entry_local_path, &s) != 0) { 444 status = NT_STATUS_UNSUCCESSFUL; 445 goto done; 422 446 } 423 447 if (s.st_mode & S_IFDIR) { … … 437 461 0); 438 462 if (remote_fd < 0) { 439 talloc_free(entry_local_path);440 talloc_free(entry_remote_path);441 463 DEBUG(0, ("Failed to create remote file: %s\n", 442 464 entry_remote_path)); 443 return NT_STATUS_UNSUCCESSFUL; 465 status = NT_STATUS_UNSUCCESSFUL; 466 goto done; 444 467 } 445 468 local_fd = open(entry_local_path, O_RDONLY); 446 469 if (local_fd < 0) { 447 talloc_free(entry_local_path);448 talloc_free(entry_remote_path);449 470 DEBUG(0, ("Failed to open local file: %s\n", 450 471 entry_local_path)); 451 return NT_STATUS_UNSUCCESSFUL; 472 status = NT_STATUS_UNSUCCESSFUL; 473 goto done; 452 474 } 453 475 total_read = 0; … … 461 483 smbcli_close(gp_ctx->cli->tree, remote_fd); 462 484 } 463 talloc_free(entry_local_path); 464 talloc_free(entry_remote_path); 465 } 485 TALLOC_FREE(entry_local_path); 486 TALLOC_FREE(entry_remote_path); 487 } 488 489 status = NT_STATUS_OK; 490 done: 491 talloc_free(entry_local_path); 492 talloc_free(entry_remote_path); 493 466 494 closedir(dir); 467 495 468 return NT_STATUS_OK;496 return status; 469 497 } 470 498 … … 554 582 555 583 rv = write(fd, file_content, strlen(file_content)); 584 close(fd); 556 585 if (rv != strlen(file_content)) { 557 586 DEBUG(0, ("Short write in GPT.INI\n")); … … 559 588 return NT_STATUS_UNSUCCESSFUL; 560 589 } 561 562 close(fd);563 590 564 591 /* Upload the GPT to the sysvol share on a DC */ -
vendor/current/source4/lib/policy/gp_ini.c
r740 r988 19 19 */ 20 20 #include "includes.h" 21 #include "lib/util/ util.h"21 #include "lib/util/samba_util.h" 22 22 #include "lib/policy/policy.h" 23 23 -
vendor/current/source4/lib/policy/gp_ldap.c
r740 r988 62 62 63 63 gpo->dn = talloc_strdup(mem_ctx, ldb_dn_get_linearized(msg->dn)); 64 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->dn, gpo); 64 if (gpo->dn == NULL) { 65 TALLOC_FREE(gpo); 66 return NT_STATUS_NO_MEMORY; 67 } 65 68 66 69 DEBUG(9, ("Parsing GPO LDAP data for %s\n", gpo->dn)); 67 70 68 71 gpo->display_name = talloc_strdup(gpo, ldb_msg_find_attr_as_string(msg, "displayName", "")); 69 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->display_name, gpo); 72 if (gpo->display_name == NULL) { 73 TALLOC_FREE(gpo); 74 return NT_STATUS_NO_MEMORY; 75 } 70 76 71 77 gpo->name = talloc_strdup(gpo, ldb_msg_find_attr_as_string(msg, "name", "")); 72 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->name, gpo); 78 if (gpo->name == NULL) { 79 TALLOC_FREE(gpo); 80 return NT_STATUS_NO_MEMORY; 81 } 73 82 74 83 gpo->flags = ldb_msg_find_attr_as_uint(msg, "flags", 0); … … 76 85 77 86 gpo->file_sys_path = talloc_strdup(gpo, ldb_msg_find_attr_as_string(msg, "gPCFileSysPath", "")); 78 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->file_sys_path, gpo); 87 if (gpo->file_sys_path == NULL) { 88 TALLOC_FREE(gpo); 89 return NT_STATUS_NO_MEMORY; 90 } 79 91 80 92 /* Pull the security descriptor through the NDR library */ 81 93 data = ldb_msg_find_ldb_val(msg, "nTSecurityDescriptor"); 82 94 gpo->security_descriptor = talloc(gpo, struct security_descriptor); 83 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->security_descriptor, gpo); 95 if (gpo->security_descriptor == NULL) { 96 TALLOC_FREE(gpo); 97 return NT_STATUS_NO_MEMORY; 98 } 84 99 85 100 ndr_err = ndr_pull_struct_blob(data, … … 178 193 } 179 194 180 181 195 *gp_ctx = talloc_zero(mem_ctx, struct gp_context); 182 196 NT_STATUS_HAVE_NO_MEMORY(gp_ctx); … … 186 200 (*gp_ctx)->ev_ctx = ev_ctx; 187 201 (*gp_ctx)->ldb_ctx = ldb_ctx; 188 (*gp_ctx)->active_dc = io->out.dcs[0];202 (*gp_ctx)->active_dc = talloc_reference(*gp_ctx, &io->out.dcs[0]); 189 203 190 204 /* We don't need to keep the libnet context */ … … 220 234 221 235 attrs = talloc_array(mem_ctx, const char *, 7); 222 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(attrs, mem_ctx); 236 if (attrs == NULL) { 237 TALLOC_FREE(mem_ctx); 238 return NT_STATUS_NO_MEMORY; 239 } 223 240 224 241 attrs[0] = "nTSecurityDescriptor"; … … 238 255 239 256 gpo = talloc_array(gp_ctx, struct gp_object *, result->count+1); 240 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo, mem_ctx); 257 if (gpo == NULL) { 258 TALLOC_FREE(mem_ctx); 259 return NT_STATUS_NO_MEMORY; 260 } 241 261 242 262 gpo[result->count] = NULL; … … 275 295 276 296 attrs = talloc_array(mem_ctx, const char *, 7); 277 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(attrs, mem_ctx); 297 if (attrs == NULL) { 298 TALLOC_FREE(mem_ctx); 299 return NT_STATUS_NO_MEMORY; 300 } 278 301 279 302 attrs[0] = "nTSecurityDescriptor"; … … 343 366 gplink_str + start, 344 367 pos - start); 345 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplinks[idx]->dn, gplinks); 368 if (gplinks[idx]->dn == NULL) { 369 TALLOC_FREE(gplinks); 370 return NT_STATUS_NO_MEMORY; 371 } 346 372 347 373 for (start = pos + 1; gplink_str[pos] != ']'; pos++); 348 374 349 375 buf = talloc_strndup(gplinks, gplink_str + start, pos - start); 350 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(buf, gplinks); 376 if (buf == NULL) { 377 TALLOC_FREE(gplinks); 378 return NT_STATUS_NO_MEMORY; 379 } 351 380 gplinks[idx]->options = (uint32_t) strtoll(buf, &end, 0); 352 381 talloc_free(buf); … … 399 428 SMB_ASSERT(element->num_values > 0); 400 429 gplink_str = talloc_strdup(mem_ctx, (char *) element->values[0].data); 401 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 430 if (gplink_str == NULL) { 431 TALLOC_FREE(mem_ctx); 432 return NT_STATUS_NO_MEMORY; 433 } 402 434 goto found; 403 435 } … … 405 437 } 406 438 gplink_str = talloc_strdup(mem_ctx, ""); 407 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 439 if (gplink_str == NULL) { 440 TALLOC_FREE(mem_ctx); 441 return NT_STATUS_NO_MEMORY; 442 } 408 443 409 444 found: … … 481 516 482 517 gpos = talloc_array(gp_ctx, const char *, 1); 483 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpos, mem_ctx); 518 if (gpos == NULL) { 519 TALLOC_FREE(mem_ctx); 520 return NT_STATUS_NO_MEMORY; 521 } 484 522 gpos[0] = NULL; 485 523 … … 561 599 /* Add the GPO to the list */ 562 600 gpos = talloc_realloc(gp_ctx, gpos, const char *, count+2); 563 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpos, mem_ctx); 601 if (gpos == NULL) { 602 TALLOC_FREE(mem_ctx); 603 return NT_STATUS_NO_MEMORY; 604 } 564 605 gpos[count] = talloc_strdup(gp_ctx, gplinks[i]->dn); 565 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpos[count], mem_ctx); 606 if (gpos[count] == NULL) { 607 TALLOC_FREE(mem_ctx); 608 return NT_STATUS_NO_MEMORY; 609 } 566 610 gpos[count+1] = NULL; 567 611 count++; … … 626 670 } 627 671 gplink_str = talloc_asprintf(mem_ctx, "%s;%d%s", gplink_str, gplink->options, start); 628 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 672 if (gplink_str == NULL) { 673 TALLOC_FREE(mem_ctx); 674 return NT_STATUS_NO_MEMORY; 675 } 629 676 630 677 } else { 631 678 /* Prepend the new GPO link to the string. This list is backwards in priority. */ 632 679 gplink_str = talloc_asprintf(mem_ctx, "[LDAP://%s;%d]%s", gplink->dn, gplink->options, gplink_str); 633 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 680 if (gplink_str == NULL) { 681 TALLOC_FREE(mem_ctx); 682 return NT_STATUS_NO_MEMORY; 683 } 634 684 } 635 685 … … 637 687 638 688 msg = ldb_msg_new(mem_ctx); 639 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 689 if (msg == NULL) { 690 TALLOC_FREE(mem_ctx); 691 return NT_STATUS_NO_MEMORY; 692 } 640 693 641 694 msg->dn = dn; 642 695 643 696 rv = ldb_msg_add_string(msg, "gPLink", gplink_str); 644 if (rv != 0) {697 if (rv != LDB_SUCCESS) { 645 698 DEBUG(0, ("LDB message add string failed: %s\n", ldb_strerror(rv))); 646 699 talloc_free(mem_ctx); … … 650 703 651 704 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 652 if (rv != 0) {705 if (rv != LDB_SUCCESS) { 653 706 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 654 707 talloc_free(mem_ctx); … … 693 746 /* If this GPO link already exists, alter the options, else add it */ 694 747 search_string = talloc_asprintf(mem_ctx, "[LDAP://%s]", gplink_dn); 695 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(search_string, mem_ctx); 748 if (search_string == NULL) { 749 TALLOC_FREE(mem_ctx); 750 return NT_STATUS_NO_MEMORY; 751 } 696 752 697 753 p = strcasestr(gplink_str, search_string); … … 708 764 p++; 709 765 gplink_str = talloc_asprintf(mem_ctx, "%s%s", gplink_str, p); 710 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gplink_str, mem_ctx); 766 if (gplink_str == NULL) { 767 TALLOC_FREE(mem_ctx); 768 return NT_STATUS_NO_MEMORY; 769 } 711 770 712 771 713 772 msg = ldb_msg_new(mem_ctx); 714 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 773 if (msg == NULL) { 774 TALLOC_FREE(mem_ctx); 775 return NT_STATUS_NO_MEMORY; 776 } 715 777 716 778 msg->dn = dn; … … 718 780 if (strcmp(gplink_str, "") == 0) { 719 781 rv = ldb_msg_add_empty(msg, "gPLink", LDB_FLAG_MOD_DELETE, NULL); 720 if (rv != 0) {782 if (rv != LDB_SUCCESS) { 721 783 DEBUG(0, ("LDB message add empty element failed: %s\n", ldb_strerror(rv))); 722 784 talloc_free(mem_ctx); … … 725 787 } else { 726 788 rv = ldb_msg_add_string(msg, "gPLink", gplink_str); 727 if (rv != 0) {789 if (rv != LDB_SUCCESS) { 728 790 DEBUG(0, ("LDB message add string failed: %s\n", ldb_strerror(rv))); 729 791 talloc_free(mem_ctx); … … 733 795 } 734 796 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 735 if (rv != 0) {797 if (rv != LDB_SUCCESS) { 736 798 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 737 799 talloc_free(mem_ctx); … … 787 849 788 850 inheritance_string = talloc_asprintf(msg, "%d", inheritance); 789 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(inheritance_string, msg); 851 if (inheritance_string == NULL) { 852 TALLOC_FREE(msg); 853 return NT_STATUS_NO_MEMORY; 854 } 790 855 791 856 rv = ldb_msg_add_string(msg, "gPOptions", inheritance_string); 792 if (rv != 0) {857 if (rv != LDB_SUCCESS) { 793 858 DEBUG(0, ("LDB message add string failed: %s\n", ldb_strerror(rv))); 794 859 talloc_free(msg); … … 798 863 799 864 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 800 if (rv != 0) {865 if (rv != LDB_SUCCESS) { 801 866 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 802 867 talloc_free(msg); … … 821 886 /* CN={GUID} */ 822 887 msg = ldb_msg_new(mem_ctx); 823 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 888 if (msg == NULL) { 889 TALLOC_FREE(mem_ctx); 890 return NT_STATUS_NO_MEMORY; 891 } 824 892 825 893 msg->dn = ldb_get_default_basedn(gp_ctx->ldb_ctx); 826 894 dn_str = talloc_asprintf(mem_ctx, "CN=%s,CN=Policies,CN=System", gpo->name); 827 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(dn_str, mem_ctx); 895 if (dn_str == NULL) { 896 TALLOC_FREE(mem_ctx); 897 return NT_STATUS_NO_MEMORY; 898 } 828 899 829 900 child_dn = ldb_dn_new(mem_ctx, gp_ctx->ldb_ctx, dn_str); … … 832 903 833 904 flags_str = talloc_asprintf(mem_ctx, "%d", gpo->flags); 834 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(flags_str, mem_ctx); 905 if (flags_str == NULL) { 906 TALLOC_FREE(mem_ctx); 907 return NT_STATUS_NO_MEMORY; 908 } 835 909 836 910 version_str = talloc_asprintf(mem_ctx, "%d", gpo->version); 837 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(version_str, mem_ctx); 911 if (version_str == NULL) { 912 TALLOC_FREE(mem_ctx); 913 return NT_STATUS_NO_MEMORY; 914 } 838 915 839 916 rv = ldb_msg_add_string(msg, "objectClass", "top"); … … 871 948 /* CN=User */ 872 949 msg = ldb_msg_new(mem_ctx); 873 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 950 if (msg == NULL) { 951 TALLOC_FREE(mem_ctx); 952 return NT_STATUS_NO_MEMORY; 953 } 874 954 875 955 msg->dn = ldb_dn_copy(mem_ctx, gpo_dn); … … 898 978 /* CN=Machine */ 899 979 msg = ldb_msg_new(mem_ctx); 900 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 980 if (msg == NULL) { 981 TALLOC_FREE(mem_ctx); 982 return NT_STATUS_NO_MEMORY; 983 } 901 984 902 985 msg->dn = ldb_dn_copy(mem_ctx, gpo_dn); … … 924 1007 925 1008 gpo->dn = talloc_strdup(gpo, ldb_dn_get_linearized(gpo_dn)); 926 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->dn, mem_ctx); 1009 if (gpo->dn == NULL) { 1010 TALLOC_FREE(mem_ctx); 1011 return NT_STATUS_NO_MEMORY; 1012 } 927 1013 928 1014 talloc_free(mem_ctx); … … 959 1045 /* Create a LDB message */ 960 1046 msg = ldb_msg_new(mem_ctx); 961 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 1047 if (msg == NULL) { 1048 TALLOC_FREE(mem_ctx); 1049 return NT_STATUS_NO_MEMORY; 1050 } 962 1051 963 1052 msg->dn = ldb_dn_new(mem_ctx, gp_ctx->ldb_ctx, dn_str); 964 1053 965 1054 rv = ldb_msg_add_value(msg, "nTSecurityDescriptor", &data, NULL); 966 if (rv != 0) {1055 if (rv != LDB_SUCCESS) { 967 1056 DEBUG(0, ("LDB message add element failed for adding nTSecurityDescriptor: %s\n", ldb_strerror(rv))); 968 1057 talloc_free(mem_ctx); … … 972 1061 973 1062 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 974 if (rv != 0) {1063 if (rv != LDB_SUCCESS) { 975 1064 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 976 1065 talloc_free(mem_ctx); … … 993 1082 994 1083 msg = ldb_msg_new(mem_ctx); 995 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 1084 if (msg == NULL) { 1085 TALLOC_FREE(mem_ctx); 1086 return NT_STATUS_NO_MEMORY; 1087 } 996 1088 997 1089 msg->dn = ldb_dn_new(mem_ctx, gp_ctx->ldb_ctx, gpo->dn); 998 1090 999 1091 version_str = talloc_asprintf(mem_ctx, "%d", gpo->version); 1000 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 1092 if (msg == NULL) { 1093 TALLOC_FREE(mem_ctx); 1094 return NT_STATUS_NO_MEMORY; 1095 } 1001 1096 1002 1097 flags_str = talloc_asprintf(mem_ctx, "%d", gpo->flags); 1003 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg, mem_ctx); 1098 if (msg == NULL) { 1099 TALLOC_FREE(mem_ctx); 1100 return NT_STATUS_NO_MEMORY; 1101 } 1004 1102 1005 1103 rv = ldb_msg_add_string(msg, "flags", flags_str); 1006 if (rv != 0) {1104 if (rv != LDB_SUCCESS) { 1007 1105 DEBUG(0, ("LDB message add string failed for flags: %s\n", ldb_strerror(rv))); 1008 1106 talloc_free(mem_ctx); … … 1012 1110 1013 1111 rv = ldb_msg_add_string(msg, "version", version_str); 1014 if (rv != 0) {1112 if (rv != LDB_SUCCESS) { 1015 1113 DEBUG(0, ("LDB message add string failed for version: %s\n", ldb_strerror(rv))); 1016 1114 talloc_free(mem_ctx); … … 1020 1118 1021 1119 rv = ldb_msg_add_string(msg, "displayName", gpo->display_name); 1022 if (rv != 0) {1120 if (rv != LDB_SUCCESS) { 1023 1121 DEBUG(0, ("LDB message add string failed for displayName: %s\n", ldb_strerror(rv))); 1024 1122 talloc_free(mem_ctx); … … 1028 1126 1029 1127 rv = ldb_modify(gp_ctx->ldb_ctx, msg); 1030 if (rv != 0) {1128 if (rv != LDB_SUCCESS) { 1031 1129 DEBUG(0, ("LDB modify failed: %s\n", ldb_strerror(rv))); 1032 1130 talloc_free(mem_ctx); -
vendor/current/source4/lib/policy/gp_manage.c
r740 r988 25 25 #include "lib/policy/policy.h" 26 26 27 staticuint32_t gp_ads_to_dir_access_mask(uint32_t access_mask)27 uint32_t gp_ads_to_dir_access_mask(uint32_t access_mask) 28 28 { 29 29 uint32_t fs_mask; … … 68 68 /* Copy the basic information from the directory server security descriptor */ 69 69 fs_sd->owner_sid = talloc_memdup(fs_sd, ds_sd->owner_sid, sizeof(struct dom_sid)); 70 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(fs_sd->owner_sid, fs_sd); 70 if (fs_sd->owner_sid == NULL) { 71 TALLOC_FREE(fs_sd); 72 return NT_STATUS_NO_MEMORY; 73 } 71 74 72 75 fs_sd->group_sid = talloc_memdup(fs_sd, ds_sd->group_sid, sizeof(struct dom_sid)); 73 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(fs_sd->group_sid, fs_sd); 76 if (fs_sd->group_sid == NULL) { 77 TALLOC_FREE(fs_sd); 78 return NT_STATUS_NO_MEMORY; 79 } 74 80 75 81 fs_sd->type = ds_sd->type; … … 78 84 /* Copy the sacl */ 79 85 fs_sd->sacl = security_acl_dup(fs_sd, ds_sd->sacl); 80 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(fs_sd->sacl, fs_sd); 86 if (fs_sd->sacl == NULL) { 87 TALLOC_FREE(fs_sd); 88 return NT_STATUS_NO_MEMORY; 89 } 81 90 82 91 /* Copy the dacl */ 83 92 fs_sd->dacl = talloc_zero(fs_sd, struct security_acl); 84 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(fs_sd->dacl, fs_sd); 93 if (fs_sd->dacl == NULL) { 94 TALLOC_FREE(fs_sd); 95 return NT_STATUS_NO_MEMORY; 96 } 85 97 86 98 for (i = 0; i < ds_sd->dacl->num_aces; i++) { … … 97 109 /* Copy the ace from the directory server security descriptor */ 98 110 ace = talloc_memdup(fs_sd, &ds_sd->dacl->aces[i], sizeof(struct security_ace)); 99 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(ace, fs_sd); 111 if (ace == NULL) { 112 TALLOC_FREE(fs_sd); 113 return NT_STATUS_NO_MEMORY; 114 } 100 115 101 116 /* Set specific inheritance flags for within the GPO */ … … 140 155 /* Create the gpo struct to return later */ 141 156 gpo = talloc(gp_ctx, struct gp_object); 142 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo, mem_ctx); 157 if (gpo == NULL) { 158 TALLOC_FREE(mem_ctx); 159 return NT_STATUS_NO_MEMORY; 160 } 143 161 144 162 /* Generate a GUID */ 145 163 guid_struct = GUID_random(); 146 164 guid_str = GUID_string2(mem_ctx, &guid_struct); 147 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(guid_str, mem_ctx); 165 if (guid_str == NULL) { 166 TALLOC_FREE(mem_ctx); 167 return NT_STATUS_NO_MEMORY; 168 } 148 169 name = strupper_talloc(mem_ctx, guid_str); 149 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(name, mem_ctx); 170 if (name == NULL) { 171 TALLOC_FREE(mem_ctx); 172 return NT_STATUS_NO_MEMORY; 173 } 150 174 151 175 /* Prepare the GPO struct */ … … 155 179 gpo->version = 0; 156 180 gpo->display_name = talloc_strdup(gpo, display_name); 157 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->display_name, mem_ctx); 181 if (gpo->display_name == NULL) { 182 TALLOC_FREE(mem_ctx); 183 return NT_STATUS_NO_MEMORY; 184 } 158 185 159 186 gpo->file_sys_path = talloc_asprintf(gpo, "\\\\%s\\sysvol\\%s\\Policies\\%s", lpcfg_dnsdomain(gp_ctx->lp_ctx), lpcfg_dnsdomain(gp_ctx->lp_ctx), name); 160 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(gpo->file_sys_path, mem_ctx); 187 if (gpo->file_sys_path == NULL) { 188 TALLOC_FREE(mem_ctx); 189 return NT_STATUS_NO_MEMORY; 190 } 161 191 162 192 /* Create the GPT */ … … 267 297 /* FIXME: The local file system may be case sensitive */ 268 298 filename = talloc_asprintf(mem_ctx, "%s/%s", local_path, "GPT.INI"); 269 NT_STATUS_HAVE_NO_MEMORY_AND_FREE(filename, mem_ctx); 299 if (filename == NULL) { 300 TALLOC_FREE(mem_ctx); 301 return NT_STATUS_NO_MEMORY; 302 } 270 303 status = gp_parse_ini(mem_ctx, gp_ctx, local_path, &ini); 271 304 if (!NT_STATUS_IS_OK(status)) { -
vendor/current/source4/lib/policy/policy.h
r740 r988 21 21 #ifndef __POLICY_H__ 22 22 #define __POLICY_H__ 23 #include "libcli/libcli.h"24 23 25 24 #define GPLINK_OPT_DISABLE (1 << 0) 26 25 #define GPLINK_OPT_ENFORCE (1 << 1) 27 28 26 29 27 #define GPO_FLAG_USER_DISABLE (1 << 0) … … 31 29 32 30 struct security_token; 31 struct nbt_dc_name; 33 32 34 33 enum gpo_inheritance { … … 43 42 struct tevent_context *ev_ctx; 44 43 struct smbcli_state *cli; 45 struct nbt_dc_name active_dc;44 struct nbt_dc_name *active_dc; 46 45 }; 47 46 … … 124 123 NTSTATUS gp_create_gpt_security_descriptor (TALLOC_CTX *mem_ctx, struct security_descriptor *ds_sd, struct security_descriptor **ret); 125 124 NTSTATUS gp_set_acl (struct gp_context *gp_ctx, const char *dn_str, const struct security_descriptor *sd); 125 uint32_t gp_ads_to_dir_access_mask(uint32_t access_mask); 126 126 127 127 #endif -
vendor/current/source4/lib/policy/pypolicy.c
r740 r988 22 22 #include "policy.h" 23 23 #include "libcli/util/pyerrors.h" 24 25 void initpolicy(void); 24 26 25 27 static PyObject *py_get_gpo_flags(PyObject *self, PyObject *args) … … 107 109 } 108 110 111 static PyObject *py_ads_to_dir_access_mask(PyObject *self, PyObject *args) 112 { 113 uint32_t access_mask, dir_mask; 114 115 if (! PyArg_ParseTuple(args, "I", &access_mask)) 116 return NULL; 117 118 dir_mask = gp_ads_to_dir_access_mask(access_mask); 119 120 return Py_BuildValue("I", dir_mask); 121 } 122 123 109 124 static PyMethodDef py_policy_methods[] = { 110 125 { "get_gpo_flags", (PyCFunction)py_get_gpo_flags, METH_VARARGS, 111 126 "get_gpo_flags(flags) -> list" }, 112 { "get_gplink_options", (PyCFunction)py_get_gplink_options, METH_VARARGS, 113 "get_gplink_options(options) -> list" }, 127 { "get_gplink_options", (PyCFunction)py_get_gplink_options, METH_VARARGS, 128 "get_gplink_options(options) -> list" }, 129 { "ads_to_dir_access_mask", (PyCFunction)py_ads_to_dir_access_mask, METH_VARARGS, 130 "ads_to_dir_access_mask(access_mask) -> dir_mask" }, 114 131 { NULL } 115 132 }; -
vendor/current/source4/lib/policy/wscript_build
r740 r988 1 1 #!/usr/bin/env python 2 2 3 bld.SAMBA_LIBRARY(' policy',3 bld.SAMBA_LIBRARY('samba-policy', 4 4 source='gp_ldap.c gp_filesys.c gp_manage.c gp_ini.c', 5 pc_files=' policy.pc',5 pc_files='samba-policy.pc', 6 6 public_deps='ldb samba-net', 7 7 vnum='0.0.1', 8 pyembed=True 8 pyembed=True, 9 public_headers='policy.h' 9 10 ) 10 11 11 12 bld.SAMBA_PYTHON('py_policy', 12 13 source='pypolicy.c', 13 public_deps=' policy pytalloc-util',14 public_deps='samba-policy pytalloc-util', 14 15 realname='samba/policy.so' 15 16 ) -
vendor/current/source4/lib/registry/hive.c
r740 r988 36 36 char peek[20]; 37 37 38 /* Check for directory */39 if (directory_exist(location)) {40 return reg_open_directory(parent_ctx, location, root);41 }42 43 38 fd = open(location, O_RDWR); 44 39 if (fd == -1) { … … 49 44 50 45 num = read(fd, peek, 20); 46 close(fd); 51 47 if (num == -1) { 52 48 return WERR_BADFILE; … … 54 50 55 51 if (!strncmp(peek, "regf", 4)) { 56 close(fd);57 52 return reg_open_regf_file(parent_ctx, location, root); 58 53 } else if (!strncmp(peek, "TDB file", 8)) { 59 close(fd);60 54 return reg_open_ldb_file(parent_ctx, location, session_info, 61 55 credentials, ev_ctx, lp_ctx, root); -
vendor/current/source4/lib/registry/ldb.c
r740 r988 66 66 convert_string_talloc(mem_ctx, CH_UTF8, CH_UTF16, 67 67 val->data, val->length, 68 (void **)&data->data, &data->length , false);68 (void **)&data->data, &data->length); 69 69 } else { 70 70 data->data = NULL; … … 160 160 ret2 = convert_string_talloc(mem_ctx, CH_UTF16, CH_UTF8, 161 161 (void *)data.data, data.length, 162 (void **)&val->data, &val->length, 163 false); 162 (void **)&val->data, &val->length); 164 163 if (ret2) { 165 164 ret = ldb_msg_add_value(msg, "data", val, NULL); … … 410 409 int ret; 411 410 412 ret = ldb_search(c, mem_ctx, &res, kd->dn, LDB_SCOPE_BASE, attrs, "(dn=*)"); 411 ret = ldb_search(c, mem_ctx, &res, kd->dn, LDB_SCOPE_BASE, attrs, 412 NULL); 413 413 414 414 if (ret != LDB_SUCCESS) { … … 505 505 W_ERROR_HAVE_NO_MEMORY(ldb_path); 506 506 507 ret = ldb_search(c, mem_ctx, &res, ldb_path, LDB_SCOPE_BASE, NULL, "(key=*)"); 507 ret = ldb_search(c, mem_ctx, &res, ldb_path, LDB_SCOPE_BASE, NULL, 508 NULL); 508 509 509 510 if (ret != LDB_SUCCESS) { … … 646 647 msg->dn = ldb_dn_copy(msg, kd->dn); 647 648 W_ERROR_HAVE_NO_MEMORY(msg->dn); 648 ldb_msg_add_empty(msg, "data", LDB_FLAG_MOD_DELETE, NULL); 649 ldb_msg_add_empty(msg, "type", LDB_FLAG_MOD_DELETE, NULL); 649 ret = ldb_msg_add_empty(msg, "data", LDB_FLAG_MOD_DELETE, NULL); 650 if (ret != LDB_SUCCESS) { 651 return WERR_FOOBAR; 652 } 653 ret = ldb_msg_add_empty(msg, "type", LDB_FLAG_MOD_DELETE, 654 NULL); 655 if (ret != LDB_SUCCESS) { 656 return WERR_FOOBAR; 657 } 650 658 651 659 ret = ldb_modify(kd->ldb, msg); … … 653 661 talloc_free(msg); 654 662 655 if (ret != LDB_SUCCESS) { 663 if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) { 664 return WERR_BADFILE; 665 } else if (ret != LDB_SUCCESS) { 656 666 DEBUG(1, ("ldb_del_value: %s\n", ldb_errstring(kd->ldb))); 657 667 return WERR_FOOBAR; -
vendor/current/source4/lib/registry/local.c
r740 r988 81 81 int el; 82 82 83 if (path == NULL ) {83 if (path == NULL || path[0] == '\0') { 84 84 return WERR_INVALID_PARAM; 85 85 } … … 104 104 } 105 105 106 while (curbegin != NULL && *curbegin){106 do { 107 107 if (curend != NULL) 108 108 *curend = '\0'; … … 125 125 curbegin = curend + 1; 126 126 curend = strchr(curbegin, '\\'); 127 } 127 } while (curbegin[0] != '\0'); 128 128 talloc_free(orig); 129 129 … … 185 185 int el; 186 186 187 if (path == NULL ) {187 if (path == NULL || path[0] == '\0') { 188 188 return WERR_INVALID_PARAM; 189 189 } … … 208 208 } 209 209 210 while (curbegin != NULL && *curbegin){210 do { 211 211 if (curend != NULL) 212 212 *curend = '\0'; … … 234 234 curbegin = curend + 1; 235 235 curend = strchr(curbegin, '\\'); 236 } 236 } while (curbegin[0] != '\0'); 237 237 talloc_free(orig); 238 238 -
vendor/current/source4/lib/registry/man/regdiff.1.xml
r740 r988 6 6 <refentrytitle>regdiff</refentrytitle> 7 7 <manvolnum>1</manvolnum> 8 <refmiscinfo class="source">Samba</refmiscinfo> 9 <refmiscinfo class="manual">System Administration tools</refmiscinfo> 10 <refmiscinfo class="version">4.0</refmiscinfo> 8 11 </refmeta> 9 12 … … 19 22 <arg choice="opt">--help</arg> 20 23 <arg choice="opt">--backend=BACKEND</arg> 21 <arg choice="opt">--backend=BACKEND</arg>22 24 <arg choice="opt">--credentials=CREDENTIALS</arg> 23 <arg choice="opt">--credentials=CREDENTIALS</arg>24 <arg choice="opt">location</arg>25 25 <arg choice="opt">location</arg> 26 26 </cmdsynopsis> -
vendor/current/source4/lib/registry/man/regpatch.1.xml
r740 r988 6 6 <refentrytitle>regpatch</refentrytitle> 7 7 <manvolnum>1</manvolnum> 8 <refmiscinfo class="source">Samba</refmiscinfo> 9 <refmiscinfo class="manual">System Administration tools</refmiscinfo> 10 <refmiscinfo class="version">4.0</refmiscinfo> 8 11 </refmeta> 9 12 -
vendor/current/source4/lib/registry/man/regshell.1.xml
r740 r988 6 6 <refentrytitle>regshell</refentrytitle> 7 7 <manvolnum>1</manvolnum> 8 <refmiscinfo class="source">Samba</refmiscinfo> 9 <refmiscinfo class="manual">System Administration tools</refmiscinfo> 10 <refmiscinfo class="version">4.0</refmiscinfo> 8 11 </refmeta> 9 12 -
vendor/current/source4/lib/registry/man/regtree.1.xml
r740 r988 6 6 <refentrytitle>regtree</refentrytitle> 7 7 <manvolnum>1</manvolnum> 8 <refmiscinfo class="source">Samba</refmiscinfo> 9 <refmiscinfo class="manual">System Administration tools</refmiscinfo> 10 <refmiscinfo class="version">4.0</refmiscinfo> 8 11 </refmeta> 9 12 -
vendor/current/source4/lib/registry/patchfile_dotreg.c
r740 r988 71 71 const DATA_BLOB data) 72 72 { 73 size_t converted_size = 0; 73 74 char *ret = NULL; 74 75 … … 80 81 case REG_SZ: 81 82 convert_string_talloc(mem_ctx, 82 83 (void **)&ret, NULL, false);83 CH_UTF16, CH_UNIX, data.data, data.length, 84 (void **)&ret, &converted_size); 84 85 break; 85 86 case REG_DWORD: … … 235 236 bool result; 236 237 char *type_str = NULL; 237 char *data_str ;238 char *value ;238 char *data_str = NULL; 239 char *value = NULL; 239 240 bool continue_next_line = 0; 240 241 -
vendor/current/source4/lib/registry/patchfile_preg.c
r740 r988 188 188 } 189 189 190 strncpy(preg_header.hdr, "PReg", 4);190 memcpy(preg_header.hdr, "PReg", sizeof(preg_header.hdr)); 191 191 SIVAL(&preg_header.version, 0, 1); 192 192 write(data->fd, (uint8_t *)&preg_header, sizeof(preg_header)); -
vendor/current/source4/lib/registry/pyregistry.c
r740 r988 23 23 #include "libcli/util/pyerrors.h" 24 24 #include "lib/registry/registry.h" 25 #include "lib/talloc/pytalloc.h"25 #include <pytalloc.h> 26 26 #include "lib/events/events.h" 27 27 #include "auth/credentials/pycredentials.h" … … 32 32 extern PyTypeObject PyHiveKey; 33 33 34 /*#define PyRegistryKey_AsRegistryKey(obj) py_talloc_get_type(obj, struct registry_key)*/ 35 #define PyRegistry_AsRegistryContext(obj) ((struct registry_context *)py_talloc_get_ptr(obj)) 36 #define PyHiveKey_AsHiveKey(obj) ((struct hive_key*)py_talloc_get_ptr(obj)) 34 void initregistry(void); 35 36 /*#define PyRegistryKey_AsRegistryKey(obj) pytalloc_get_type(obj, struct registry_key)*/ 37 #define PyRegistry_AsRegistryContext(obj) ((struct registry_context *)pytalloc_get_ptr(obj)) 38 #define PyHiveKey_AsHiveKey(obj) ((struct hive_key*)pytalloc_get_ptr(obj)) 37 39 38 40 … … 48 50 49 51 result = reg_get_predefined_key_by_name(ctx, name, &key); 50 PyErr_WERROR_ IS_ERR_RAISE(result);51 52 return py _talloc_steal(&PyRegistryKey, key);52 PyErr_WERROR_NOT_OK_RAISE(result); 53 54 return pytalloc_steal(&PyRegistryKey, key); 53 55 } 54 56 … … 63 65 64 66 result = reg_key_del_abs(ctx, path); 65 PyErr_WERROR_ IS_ERR_RAISE(result);67 PyErr_WERROR_NOT_OK_RAISE(result); 66 68 67 69 Py_RETURN_NONE; … … 79 81 80 82 result = reg_get_predefined_key(ctx, hkey, &key); 81 PyErr_WERROR_ IS_ERR_RAISE(result);82 83 return py _talloc_steal(&PyRegistryKey, key);83 PyErr_WERROR_NOT_OK_RAISE(result); 84 85 return pytalloc_steal(&PyRegistryKey, key); 84 86 } 85 87 … … 93 95 94 96 result = reg_diff_apply(ctx, filename); 95 PyErr_WERROR_ IS_ERR_RAISE(result);97 PyErr_WERROR_NOT_OK_RAISE(result); 96 98 97 99 Py_RETURN_NONE; … … 126 128 127 129 result = reg_mount_hive(ctx, PyHiveKey_AsHiveKey(py_hivekey), hkey, elements); 128 PyErr_WERROR_ IS_ERR_RAISE(result);130 PyErr_WERROR_NOT_OK_RAISE(result); 129 131 130 132 Py_RETURN_NONE; … … 136 138 struct registry_context *ctx; 137 139 result = reg_open_local(NULL, &ctx); 138 PyErr_WERROR_ IS_ERR_RAISE(result);139 return py _talloc_steal(&PyRegistry, ctx);140 PyErr_WERROR_NOT_OK_RAISE(result); 141 return pytalloc_steal(&PyRegistry, ctx); 140 142 } 141 143 … … 159 161 .tp_methods = registry_methods, 160 162 .tp_new = registry_new, 161 .tp_basicsize = sizeof(py_talloc_Object),162 163 .tp_flags = Py_TPFLAGS_DEFAULT, 163 164 }; … … 174 175 result = hive_key_del(NULL, key, name); 175 176 176 PyErr_WERROR_ IS_ERR_RAISE(result);177 PyErr_WERROR_NOT_OK_RAISE(result); 177 178 178 179 Py_RETURN_NONE; … … 185 186 186 187 result = hive_key_flush(key); 187 PyErr_WERROR_ IS_ERR_RAISE(result);188 PyErr_WERROR_NOT_OK_RAISE(result); 188 189 189 190 Py_RETURN_NONE; … … 201 202 result = hive_key_del_value(NULL, key, name); 202 203 203 PyErr_WERROR_ IS_ERR_RAISE(result);204 PyErr_WERROR_NOT_OK_RAISE(result); 204 205 205 206 Py_RETURN_NONE; … … 211 212 uint32_t type; 212 213 DATA_BLOB value; 214 Py_ssize_t value_length = 0; 213 215 WERROR result; 214 216 struct hive_key *key = PyHiveKey_AsHiveKey(self); 215 217 216 if (!PyArg_ParseTuple(args, "siz#", &name, &type, &value.data, &value.length)) 217 return NULL; 218 if (!PyArg_ParseTuple(args, "siz#", &name, &type, &value.data, &value_length)) { 219 return NULL; 220 } 221 value.length = value_length; 218 222 219 223 if (value.data != NULL) … … 222 226 result = hive_key_del_value(NULL, key, name); 223 227 224 PyErr_WERROR_ IS_ERR_RAISE(result);228 PyErr_WERROR_NOT_OK_RAISE(result); 225 229 226 230 Py_RETURN_NONE; … … 284 288 285 289 result = reg_open_hive(NULL, location, session_info, credentials, 286 tevent_context_init(NULL),290 samba_tevent_context_init(NULL), 287 291 lp_ctx, &hive_key); 288 292 talloc_free(mem_ctx); 289 PyErr_WERROR_ IS_ERR_RAISE(result);290 291 return py _talloc_steal(&PyHiveKey, hive_key);293 PyErr_WERROR_NOT_OK_RAISE(result); 294 295 return pytalloc_steal(&PyHiveKey, hive_key); 292 296 } 293 297 … … 296 300 .tp_methods = hive_key_methods, 297 301 .tp_new = hive_new, 298 .tp_basicsize = sizeof(py_talloc_Object),299 302 .tp_flags = Py_TPFLAGS_DEFAULT, 300 303 }; … … 302 305 PyTypeObject PyRegistryKey = { 303 306 .tp_name = "RegistryKey", 304 .tp_basicsize = sizeof(py_talloc_Object),305 307 .tp_flags = Py_TPFLAGS_DEFAULT, 306 308 }; … … 353 355 } 354 356 355 return py_talloc_steal(&PyRegistry, reg_ctx); 356 } 357 358 static PyObject *py_open_directory(PyObject *self, PyObject *args) 359 { 360 char *location; 361 WERROR result; 362 struct hive_key *key; 363 364 if (!PyArg_ParseTuple(args, "s", &location)) 365 return NULL; 366 367 result = reg_open_directory(NULL, location, &key); 368 PyErr_WERROR_IS_ERR_RAISE(result); 369 370 return py_talloc_steal(&PyHiveKey, key); 371 } 372 373 static PyObject *py_create_directory(PyObject *self, PyObject *args) 374 { 375 char *location; 376 WERROR result; 377 struct hive_key *key; 378 379 if (!PyArg_ParseTuple(args, "s", &location)) 380 return NULL; 381 382 result = reg_create_directory(NULL, location, &key); 383 PyErr_WERROR_IS_ERR_RAISE(result); 384 385 return py_talloc_steal(&PyHiveKey, key); 357 return pytalloc_steal(&PyRegistry, reg_ctx); 386 358 } 387 359 … … 429 401 s4_event_context_init(NULL), lp_ctx, &key); 430 402 talloc_free(mem_ctx); 431 PyErr_WERROR_ IS_ERR_RAISE(result);432 433 return py _talloc_steal(&PyHiveKey, key);403 PyErr_WERROR_NOT_OK_RAISE(result); 404 405 return pytalloc_steal(&PyHiveKey, key); 434 406 } 435 407 … … 460 432 static PyMethodDef py_registry_methods[] = { 461 433 { "open_samba", (PyCFunction)py_open_samba, METH_VARARGS|METH_KEYWORDS, "open_samba() -> reg" }, 462 { "open_directory", py_open_directory, METH_VARARGS, "open_dir(location) -> key" },463 { "create_directory", py_create_directory, METH_VARARGS, "create_dir(location) -> key" },464 434 { "open_ldb", (PyCFunction)py_open_ldb_file, METH_VARARGS|METH_KEYWORDS, "open_ldb(location, session_info=None, credentials=None, loadparm_context=None) -> key" }, 465 435 { "open_hive", (PyCFunction)py_open_hive, METH_VARARGS|METH_KEYWORDS, "open_hive(location, session_info=None, credentials=None, loadparm_context=None) -> key" }, … … 472 442 { 473 443 PyObject *m; 474 PyTypeObject *talloc_type = PyTalloc_GetObjectType(); 475 476 if (talloc_type == NULL) 444 445 if (pytalloc_BaseObject_PyType_Ready(&PyHiveKey) < 0) 477 446 return; 478 447 479 PyHiveKey.tp_base = talloc_type; 480 PyRegistry.tp_base = talloc_type; 481 PyRegistryKey.tp_base = talloc_type; 482 483 if (PyType_Ready(&PyHiveKey) < 0) 448 if (pytalloc_BaseObject_PyType_Ready(&PyRegistry) < 0) 484 449 return; 485 450 486 if (PyType_Ready(&PyRegistry) < 0) 487 return; 488 489 if (PyType_Ready(&PyRegistryKey) < 0) 451 if (pytalloc_BaseObject_PyType_Ready(&PyRegistryKey) < 0) 490 452 return; 491 453 -
vendor/current/source4/lib/registry/regf.c
r740 r988 164 164 unsigned int i; 165 165 166 *offset = 0; 166 if (offset != NULL) { 167 *offset = 0; 168 } 167 169 168 170 if (size == 0) … … 252 254 ret.length = size - 0x4; 253 255 if (offset) { 254 uint32_t new_rel_offset ;256 uint32_t new_rel_offset = 0; 255 257 *offset = hbin->offset_from_first + rel_offset + 0x20; 256 258 SMB_ASSERT(hbin_by_offset(data, *offset, &new_rel_offset) == hbin); … … 1719 1721 1720 1722 if (key->nk->subkeys_offset != -1) { 1721 char *sk_name;1722 1723 struct hive_key *sk = (struct hive_key *)key; 1723 1724 unsigned int i = key->nk->num_subkeys; 1724 1725 while (i--) { 1726 char *sk_name; 1727 const char *p = NULL; 1728 1725 1729 /* Get subkey information. */ 1726 1730 error = regf_get_subkey_by_index(parent_nk, sk, 0, 1727 (const char **)&sk_name,1731 &p, 1728 1732 NULL, NULL); 1729 1733 if (!W_ERROR_IS_OK(error)) { … … 1731 1735 return error; 1732 1736 } 1737 sk_name = discard_const_p(char, p); 1733 1738 1734 1739 /* Delete subkey. */ … … 1744 1749 1745 1750 if (key->nk->values_offset != -1) { 1746 char *val_name;1747 1751 struct hive_key *sk = (struct hive_key *)key; 1748 1752 DATA_BLOB data; 1749 1753 unsigned int i = key->nk->num_values; 1750 1754 while (i--) { 1755 char *val_name; 1756 const char *p = NULL; 1757 1751 1758 /* Get value information. */ 1752 1759 error = regf_get_value(parent_nk, sk, 0, 1753 (const char **)&val_name,1760 &p, 1754 1761 NULL, &data); 1755 1762 if (!W_ERROR_IS_OK(error)) { … … 1757 1764 return error; 1758 1765 } 1766 val_name = discard_const_p(char, p); 1759 1767 1760 1768 /* Delete value. */ … … 1864 1872 uint32_t i; 1865 1873 uint32_t tmp_vk_offset, vk_offset, old_vk_offset = (uint32_t) -1; 1866 DATA_BLOB values ;1874 DATA_BLOB values = {0}; 1867 1875 1868 1876 ZERO_STRUCT(vk); … … 1891 1899 if (old_vk_offset == -1) { 1892 1900 vk.header = "vk"; 1893 vk.name_length = strlen(name); 1894 if (name != NULL && name[0] != 0) { 1901 if (name != NULL && name[0] != '\0') { 1895 1902 vk.flag = 1; 1896 1903 vk.data_name = name; 1904 vk.name_length = strlen(name); 1897 1905 } else { 1906 vk.flag = 0; 1898 1907 vk.data_name = NULL; 1899 vk. flag= 0;1908 vk.name_length = 0; 1900 1909 } 1901 1910 } else { … … 2212 2221 2213 2222 if (pull->data.data == NULL) { 2214 DEBUG(0, ("Error reading data \n"));2223 DEBUG(0, ("Error reading data from file: %s\n", location)); 2215 2224 talloc_free(regf); 2216 2225 return WERR_GENERAL_FAILURE; … … 2221 2230 2222 2231 if (NT_STATUS_IS_ERR(tdr_pull_regf_hdr(pull, regf_hdr, regf_hdr))) { 2232 DEBUG(0, ("Failed to pull regf header from file: %s\n", location)); 2223 2233 talloc_free(regf); 2224 2234 return WERR_GENERAL_FAILURE; -
vendor/current/source4/lib/registry/registry.h
r740 r988 3 3 Registry interface 4 4 Copyright (C) Gerald Carter 2002. 5 Copyright (C) Jelmer Vernooij 5 Copyright (C) Jelmer Vernooij 2003-2007. 6 6 7 7 This program is free software; you can redistribute it and/or modify … … 380 380 * Open the registry on a remote machine. 381 381 */ 382 WERROR reg_open_remote(struct registry_context **ctx, 382 WERROR reg_open_remote(TALLOC_CTX *mem_ctx, 383 struct registry_context **ctx, 383 384 struct auth_session_info *session_info, 384 385 struct cli_credentials *credentials, -
vendor/current/source4/lib/registry/rpc.c
r740 r988 476 476 }; 477 477 478 _PUBLIC_ WERROR reg_open_remote(struct registry_context **ctx, 478 _PUBLIC_ WERROR reg_open_remote(TALLOC_CTX *mem_ctx, 479 struct registry_context **ctx, 479 480 struct auth_session_info *session_info, 480 481 struct cli_credentials *credentials, … … 486 487 struct rpc_registry_context *rctx; 487 488 488 dcerpc_init( lp_ctx);489 490 rctx = talloc( NULL, struct rpc_registry_context);489 dcerpc_init(); 490 491 rctx = talloc(mem_ctx, struct rpc_registry_context); 491 492 W_ERROR_HAVE_NO_MEMORY(rctx); 492 493 -
vendor/current/source4/lib/registry/tests/diff.c
r740 r988 26 26 #include "librpc/gen_ndr/winreg.h" 27 27 #include "param/param.h" 28 #include "lib/registry/tests/proto.h" 28 29 29 30 struct diff_tcase_data { -
vendor/current/source4/lib/registry/tests/generic.c
r740 r988 25 25 #include "librpc/gen_ndr/winreg.h" 26 26 #include "param/param.h" 27 28 struct torture_suite *torture_registry_hive(TALLOC_CTX *mem_ctx); 29 struct torture_suite *torture_registry_registry(TALLOC_CTX *mem_ctx); 30 struct torture_suite *torture_registry_diff(TALLOC_CTX *mem_ctx); 27 #include "lib/registry/tests/proto.h" 31 28 32 29 static bool test_str_regtype(struct torture_context *ctx) … … 95 92 DATA_BLOB db; 96 93 convert_string_talloc(ctx, CH_UTF8, CH_UTF16, 97 "bla", 3, (void **)&db.data, &db.length , false);94 "bla", 3, (void **)&db.data, &db.length); 98 95 torture_assert_str_equal(ctx, "bla", 99 96 reg_val_data_string(ctx, REG_SZ, db), … … 132 129 "stationary traveller", 133 130 strlen("stationary traveller"), 134 (void **)&data.data, &data.length , false);131 (void **)&data.data, &data.length); 135 132 torture_assert_str_equal(ctx, "camel = REG_SZ : stationary traveller", 136 133 reg_val_description(ctx, "camel", REG_SZ, data), … … 146 143 "west berlin", 147 144 strlen("west berlin"), 148 (void **)&data.data, &data.length , false);145 (void **)&data.data, &data.length); 149 146 torture_assert_str_equal(ctx, "<No Name> = REG_SZ : west berlin", 150 147 reg_val_description(ctx, NULL, REG_SZ, data), -
vendor/current/source4/lib/registry/tests/hive.c
r740 r988 28 28 #include "param/param.h" 29 29 #include "libcli/security/security.h" 30 31 static bool test_del_nonexistant_key(struct torture_context *tctx, 30 #include "lib/registry/tests/proto.h" 31 32 static bool test_del_nonexistent_key(struct torture_context *tctx, 32 33 const void *test_data) 33 34 { … … 346 347 static void tcase_add_tests(struct torture_tcase *tcase) 347 348 { 348 torture_tcase_add_simple_test_const(tcase, "del_nonexist ant_key",349 test_del_nonexist ant_key);349 torture_tcase_add_simple_test_const(tcase, "del_nonexistent_key", 350 test_del_nonexistent_key); 350 351 torture_tcase_add_simple_test_const(tcase, "add_subkey", 351 352 test_add_subkey); … … 375 376 } 376 377 377 static bool hive_setup_dir(struct torture_context *tctx, void **data)378 {379 struct hive_key *key;380 WERROR error;381 char *dirname;382 NTSTATUS status;383 384 status = torture_temp_dir(tctx, "hive-dir", &dirname);385 if (!NT_STATUS_IS_OK(status))386 return false;387 388 rmdir(dirname);389 390 error = reg_create_directory(tctx, dirname, &key);391 if (!W_ERROR_IS_OK(error)) {392 fprintf(stderr, "Unable to initialize dir hive\n");393 return false;394 }395 396 *data = key;397 398 return true;399 }400 401 378 static bool hive_setup_ldb(struct torture_context *tctx, void **data) 402 379 { … … 447 424 } 448 425 449 static bool test_dir_refuses_null_location(struct torture_context *tctx)450 {451 torture_assert_werr_equal(tctx, WERR_INVALID_PARAM,452 reg_open_directory(NULL, NULL, NULL),453 "reg_open_directory accepts NULL location");454 return true;455 }456 457 426 struct torture_suite *torture_registry_hive(TALLOC_CTX *mem_ctx) 458 427 { 459 428 struct torture_tcase *tcase; 460 429 struct torture_suite *suite = torture_suite_create(mem_ctx, "hive"); 461 462 torture_suite_add_simple_test(suite, "dir-refuses-null-location",463 test_dir_refuses_null_location);464 465 tcase = torture_suite_add_tcase(suite, "dir");466 torture_tcase_set_fixture(tcase, hive_setup_dir, NULL);467 tcase_add_tests(tcase);468 430 469 431 tcase = torture_suite_add_tcase(suite, "ldb"); -
vendor/current/source4/lib/registry/tests/registry.c
r740 r988 27 27 #include "libcli/security/security.h" 28 28 #include "system/filesys.h" 29 #include "lib/registry/tests/proto.h" 29 30 30 31 /** … … 255 256 uint32_t num_subkeys, num_values; 256 257 const char *classname; 257 258 if (!create_test_key(tctx, rctx, "Munchen", &root, &subkey)) 258 const char *data = "temp"; 259 260 if (!create_test_key(tctx, rctx, "Muenchen", &root, &subkey)) 259 261 return false; 260 262 … … 267 269 torture_assert_int_equal(tctx, num_subkeys, 0, "num subkeys"); 268 270 torture_assert_int_equal(tctx, num_values, 0, "num values"); 271 272 error = reg_val_set(subkey, "", REG_SZ, 273 data_blob_string_const(data)); 274 torture_assert_werr_ok(tctx, error, "set default value"); 275 276 error = reg_key_get_info(tctx, subkey, &classname, 277 &num_subkeys, &num_values, 278 &last_changed_time, NULL, NULL, NULL); 279 280 torture_assert_werr_ok(tctx, error, "get info key"); 281 torture_assert(tctx, classname == NULL, "classname"); 282 torture_assert_int_equal(tctx, num_subkeys, 0, "num subkeys"); 283 torture_assert_int_equal(tctx, num_values, 1, "num values"); 269 284 270 285 return true; … … 409 424 char value[4]; 410 425 uint32_t type; 426 const char *data_val = "temp"; 427 411 428 SIVAL(value, 0, 42); 412 429 … … 432 449 torture_assert_int_equal(tctx, REG_DWORD, type, "value type"); 433 450 451 error = reg_val_set(subkey, "", REG_SZ, 452 data_blob_talloc(tctx, data_val, 453 strlen(data_val))); 454 torture_assert_werr_ok(tctx, error, "set default value"); 455 456 error = reg_key_get_value_by_name(tctx, subkey, "", &type, 457 &data); 458 torture_assert_werr_ok(tctx, error, "getting default value"); 459 torture_assert_int_equal(tctx, REG_SZ, type, "value type ok"); 460 torture_assert_int_equal(tctx, strlen(data_val), data.length, "value length ok"); 461 torture_assert_str_equal(tctx, data_val, (char *)data.data, "value ok"); 462 434 463 return true; 435 464 } … … 446 475 uint32_t type; 447 476 char value[4]; 477 const char *data_val = "temp"; 478 448 479 SIVAL(value, 0, 42); 449 480 … … 468 499 "getting missing value"); 469 500 501 error = reg_del_value(tctx, subkey, ""); 502 torture_assert_werr_equal(tctx, error, WERR_BADFILE, 503 "unsetting missing default value"); 504 505 error = reg_val_set(subkey, "", REG_SZ, 506 data_blob_talloc(tctx, data_val, 507 strlen(data_val))); 508 torture_assert_werr_ok(tctx, error, "set default value"); 509 510 error = reg_del_value(tctx, subkey, ""); 511 torture_assert_werr_ok (tctx, error, "unsetting default value"); 512 470 513 return true; 471 514 } … … 483 526 const char *name; 484 527 char value[4]; 528 const char *data_val = "temp"; 529 485 530 SIVAL(value, 0, 42); 486 531 … … 506 551 torture_assert_werr_equal(tctx, error, WERR_NO_MORE_ITEMS, 507 552 "getting missing value"); 553 554 error = reg_val_set(subkey, "", REG_SZ, 555 data_blob_talloc(tctx, data_val, strlen(data_val))); 556 torture_assert_werr_ok(tctx, error, "set default value"); 557 558 error = reg_key_get_value_by_index(tctx, subkey, 0, &name, 559 &type, &data); 560 torture_assert_werr_ok(tctx, error, "getting default value"); 561 torture_assert_int_equal(tctx, REG_SZ, type, "value type ok"); 562 torture_assert_int_equal(tctx, strlen(data_val), data.length, "value length ok"); 563 torture_assert_str_equal(tctx, data_val, (char *)data.data, "value ok"); 508 564 509 565 return true; -
vendor/current/source4/lib/registry/tools/common.c
r414 r988 32 32 WERROR error; 33 33 34 error = reg_open_remote( &h, NULL, creds, lp_ctx, remote, ev_ctx);34 error = reg_open_remote(NULL, &h, NULL, creds, lp_ctx, remote, ev_ctx); 35 35 36 36 if (!W_ERROR_IS_OK(error)) { -
vendor/current/source4/lib/registry/tools/regdiff.c
r740 r988 29 29 enum reg_backend { REG_UNKNOWN, REG_LOCAL, REG_REMOTE, REG_NULL }; 30 30 31 static struct registry_context *open_backend(poptContext pc, 31 static struct registry_context *open_backend(TALLOC_CTX *mem_ctx, 32 poptContext pc, 32 33 struct tevent_context *ev_ctx, 33 34 struct loadparm_context *lp_ctx, … … 43 44 return NULL; 44 45 case REG_LOCAL: 45 error = reg_open_samba( NULL, &ctx, ev_ctx, lp_ctx, NULL, cmdline_credentials);46 error = reg_open_samba(mem_ctx, &ctx, ev_ctx, lp_ctx, NULL, cmdline_credentials); 46 47 break; 47 48 case REG_REMOTE: 48 error = reg_open_remote( &ctx, NULL, cmdline_credentials, lp_ctx,49 error = reg_open_remote(mem_ctx, &ctx, NULL, cmdline_credentials, lp_ctx, 49 50 remote_host, ev_ctx); 50 51 break; 51 52 case REG_NULL: 52 error = reg_open_local( NULL, &ctx);53 error = reg_open_local(mem_ctx, &ctx); 53 54 break; 54 55 } … … 119 120 } 120 121 121 ev_ctx = s4_event_context_init( NULL);122 ev_ctx = s4_event_context_init(ctx); 122 123 123 h1 = open_backend( pc, ev_ctx, cmdline_lp_ctx, backend1, remote1);124 h1 = open_backend(ctx, pc, ev_ctx, cmdline_lp_ctx, backend1, remote1); 124 125 if (h1 == NULL) 125 126 return 1; 126 127 127 h2 = open_backend( pc, ev_ctx, cmdline_lp_ctx, backend2, remote2);128 h2 = open_backend(ctx, pc, ev_ctx, cmdline_lp_ctx, backend2, remote2); 128 129 if (h2 == NULL) 129 130 return 1; -
vendor/current/source4/lib/registry/tools/regpatch.c
r740 r988 27 27 #include "events/events.h" 28 28 29 int main(int argc, c har **argv)29 int main(int argc, const char **argv) 30 30 { 31 31 int opt; … … 45 45 }; 46 46 47 pc = poptGetContext(argv[0], argc, (const char **)argv, long_options,0);47 pc = poptGetContext(argv[0], argc, argv, long_options,0); 48 48 49 49 while((opt = poptGetNextOpt(pc)) != -1) { -
vendor/current/source4/lib/registry/tools/regshell.c
r740 r988 38 38 }; 39 39 40 static WERROR get_full_path(struct regshell_context *ctx, c har *path, char **ret_path)41 { 42 c har *dir;40 static WERROR get_full_path(struct regshell_context *ctx, const char *path, char **ret_path) 41 { 42 const char *dir; 43 43 char *tmp; 44 44 char *new_path; … … 50 50 } 51 51 52 dir = strtok( path, "\\");52 dir = strtok(discard_const_p(char, path), "\\"); 53 53 if (dir == NULL) { 54 54 *ret_path = new_path; … … 99 99 */ 100 100 101 static WERROR cmd_info(struct regshell_context *ctx, int argc, c har **argv)101 static WERROR cmd_info(struct regshell_context *ctx, int argc, const char **argv) 102 102 { 103 103 struct security_descriptor *sec_desc = NULL; … … 151 151 } 152 152 153 static WERROR cmd_predef(struct regshell_context *ctx, int argc, c har **argv)153 static WERROR cmd_predef(struct regshell_context *ctx, int argc, const char **argv) 154 154 { 155 155 struct registry_key *ret = NULL; … … 177 177 178 178 static WERROR cmd_pwd(struct regshell_context *ctx, 179 int argc, c har **argv)179 int argc, const char **argv) 180 180 { 181 181 if (ctx->predef) { … … 186 186 } 187 187 188 static WERROR cmd_set(struct regshell_context *ctx, int argc, c har **argv)188 static WERROR cmd_set(struct regshell_context *ctx, int argc, const char **argv) 189 189 { 190 190 struct registry_value val; … … 210 210 } 211 211 212 static WERROR cmd_ck(struct regshell_context *ctx, int argc, c har **argv)212 static WERROR cmd_ck(struct regshell_context *ctx, int argc, const char **argv) 213 213 { 214 214 struct registry_key *nkey = NULL; … … 239 239 } 240 240 241 static WERROR cmd_print(struct regshell_context *ctx, int argc, c har **argv)241 static WERROR cmd_print(struct regshell_context *ctx, int argc, const char **argv) 242 242 { 243 243 uint32_t value_type; … … 263 263 } 264 264 265 static WERROR cmd_ls(struct regshell_context *ctx, int argc, c har **argv)265 static WERROR cmd_ls(struct regshell_context *ctx, int argc, const char **argv) 266 266 { 267 267 unsigned int i; … … 293 293 return WERR_OK; 294 294 } 295 static WERROR cmd_mkkey(struct regshell_context *ctx, int argc, c har **argv)295 static WERROR cmd_mkkey(struct regshell_context *ctx, int argc, const char **argv) 296 296 { 297 297 struct registry_key *tmp; … … 315 315 316 316 static WERROR cmd_rmkey(struct regshell_context *ctx, 317 int argc, c har **argv)317 int argc, const char **argv) 318 318 { 319 319 WERROR error; … … 335 335 } 336 336 337 static WERROR cmd_rmval(struct regshell_context *ctx, int argc, c har **argv)337 static WERROR cmd_rmval(struct regshell_context *ctx, int argc, const char **argv) 338 338 { 339 339 WERROR error; … … 356 356 357 357 _NORETURN_ static WERROR cmd_exit(struct regshell_context *ctx, 358 int argc, c har **argv)358 int argc, const char **argv) 359 359 { 360 360 exit(0); 361 361 } 362 362 363 static WERROR cmd_help(struct regshell_context *ctx, int, c har **);363 static WERROR cmd_help(struct regshell_context *ctx, int, const char **); 364 364 365 365 static struct { … … 367 367 const char *alias; 368 368 const char *help; 369 WERROR (*handle)(struct regshell_context *ctx, int argc, c har **argv);369 WERROR (*handle)(struct regshell_context *ctx, int argc, const char **argv); 370 370 } regshell_cmds[] = { 371 371 {"ck", "cd", "Change current key", cmd_ck }, … … 385 385 386 386 static WERROR cmd_help(struct regshell_context *ctx, 387 int argc, c har **argv)387 int argc, const char **argv) 388 388 { 389 389 unsigned int i; … … 400 400 { 401 401 int argc; 402 c har **argv = NULL;402 const char **argv = NULL; 403 403 int ret, i; 404 404 405 if ((ret = poptParseArgvString(line, &argc, (const char ***)&argv)) != 0) {405 if ((ret = poptParseArgvString(line, &argc, &argv)) != 0) { 406 406 fprintf(stderr, "regshell: %s\n", poptStrerror(ret)); 407 407 return WERR_INVALID_PARAM; … … 429 429 char **matches; 430 430 size_t len, samelen=0; 431 unsignedint i, count=1;431 int i, count=1; 432 432 433 433 matches = malloc_array_p(char *, MAX_COMPLETIONS); … … 509 509 break; 510 510 } else { 511 int n; 512 511 513 printf("Error creating completion list: %s\n", 512 514 win_errstr(status)); 515 516 for (n = j; n >= 0; n--) { 517 SAFE_FREE(matches[n]); 518 } 519 SAFE_FREE(matches); 513 520 talloc_free(mem_ctx); 514 521 return NULL; … … 545 552 } 546 553 547 int main(int argc, c har **argv)554 int main(int argc, const char **argv) 548 555 { 549 556 int opt; … … 564 571 }; 565 572 566 pc = poptGetContext(argv[0], argc, (const char **)argv, long_options,0);573 pc = poptGetContext(argv[0], argc, argv, long_options,0); 567 574 568 575 while((opt = poptGetNextOpt(pc)) != -1) { -
vendor/current/source4/lib/registry/tools/regtree.c
r740 r988 93 93 94 94 mem_ctx = talloc_init("sec_desc"); 95 if ( NT_STATUS_IS_ERR(reg_get_sec_desc(mem_ctx, p, &sec_desc))) {95 if (!W_ERROR_IS_OK(reg_get_sec_desc(mem_ctx, p, &sec_desc))) { 96 96 DEBUG(0, ("Error getting security descriptor\n")); 97 97 } … … 99 99 } 100 100 101 int main(int argc, c har **argv)101 int main(int argc, const char **argv) 102 102 { 103 103 int opt; … … 123 123 }; 124 124 125 pc = poptGetContext(argv[0], argc, (const char **)argv, long_options,0);125 pc = poptGetContext(argv[0], argc, argv, long_options,0); 126 126 127 127 while((opt = poptGetNextOpt(pc)) != -1) { -
vendor/current/source4/lib/registry/util.c
r740 r988 27 27 const DATA_BLOB data) 28 28 { 29 size_t converted_size = 0; 29 30 char *ret = NULL; 30 31 … … 38 39 CH_UTF16, CH_UNIX, 39 40 data.data, data.length, 40 (void **)&ret, NULL, false);41 (void **)&ret, &converted_size); 41 42 break; 42 43 case REG_DWORD: … … 163 164 data_str, strlen(data_str)+1, 164 165 (void **)&data->data, 165 &data->length , false);166 &data->length); 166 167 break; 167 168 case REG_MULTI_SZ: -
vendor/current/source4/lib/registry/wscript_build
r740 r988 12 12 13 13 bld.SAMBA_LIBRARY('registry', 14 source='interface.c util.c samba.c patchfile_dotreg.c patchfile_preg.c patchfile.c regf.c hive.c local.c ldb.c dir.c rpc.c', 15 pc_files='registry.pc', 16 public_deps='samba-util TDR_REGF ldb RPC_NDR_WINREG ldbsamba util_reg', 17 public_headers='registry.h', 18 vnum='0.0.1' 14 source='interface.c util.c samba.c patchfile_dotreg.c patchfile_preg.c patchfile.c regf.c hive.c local.c ldb.c rpc.c', 15 public_deps='dcerpc samba-util TDR_REGF ldb RPC_NDR_WINREG ldbsamba util_reg', 16 private_headers='registry.h', 17 private_library=True 19 18 ) 20 19 -
vendor/current/source4/lib/samba3/samba3.h
r414 r988 26 26 struct samr_Password *smbpasswd_gethexpwd(TALLOC_CTX *mem_ctx, const char *p); 27 27 char *smbpasswd_sethexpwd(TALLOC_CTX *mem_ctx, struct samr_Password *pwd, uint16_t acb_info); 28 uint16_t smbpasswd_decode_acb_info(const char *p);29 28 char *smbpasswd_encode_acb_info(TALLOC_CTX *mem_ctx, uint16_t acb_info); 30 29 -
vendor/current/source4/lib/samba3/smbpasswd.c
r414 r988 111 111 } 112 112 113 /*! Decode the account control bits (ACB) info from a string. */114 115 uint16_t smbpasswd_decode_acb_info(const char *p)116 {117 uint16_t acb_info = 0;118 bool finished = false;119 120 /*121 * Check if the account type bits have been encoded after the122 * NT password (in the form [NDHTUWSLXI]).123 */124 125 if (*p != '[') return 0;126 127 for (p++; *p && !finished; p++)128 {129 switch (*p) {130 case 'N': /* 'N'o password. */131 acb_info |= ACB_PWNOTREQ;132 break;133 case 'D': /* 'D'isabled. */134 acb_info |= ACB_DISABLED;135 break;136 case 'H': /* 'H'omedir required. */137 acb_info |= ACB_HOMDIRREQ;138 break;139 case 'T': /* 'T'emp account. */140 acb_info |= ACB_TEMPDUP;141 break;142 case 'U': /* 'U'ser account (normal). */143 acb_info |= ACB_NORMAL;144 break;145 case 'M': /* 'M'NS logon user account. What is this ? */146 acb_info |= ACB_MNS;147 break;148 case 'W': /* 'W'orkstation account. */149 acb_info |= ACB_WSTRUST;150 break;151 case 'S': /* 'S'erver account. */152 acb_info |= ACB_SVRTRUST;153 break;154 case 'L': /* 'L'ocked account. */155 acb_info |= ACB_AUTOLOCK;156 break;157 case 'X': /* No 'X'piry on password */158 acb_info |= ACB_PWNOEXP;159 break;160 case 'I': /* 'I'nterdomain trust account. */161 acb_info |= ACB_DOMTRUST;162 break;163 164 case ' ':165 break;166 case ':':167 case '\n':168 case ']':169 default:170 finished = true;171 break;172 }173 }174 175 return acb_info;176 }177 178 113 /*! Encode account control bits (ACBs) into a string. */ 179 114 -
vendor/current/source4/lib/socket/access.c
r740 r988 28 28 29 29 The code has been considerably changed from the original. Bug reports 30 should be sent to samba @samba.org30 should be sent to samba-technical@lists.samba.org 31 31 */ 32 32 … … 250 250 251 251 /* return true if access should be allowed */ 252 bool allow_access(TALLOC_CTX *mem_ctx,253 254 252 bool socket_allow_access(TALLOC_CTX *mem_ctx, 253 const char **deny_list, const char **allow_list, 254 const char *cname, const char *caddr) 255 255 { 256 256 bool ret; … … 347 347 } 348 348 349 ret = allow_access(mem_ctx, deny_list, allow_list, name, addr->addr);349 ret = socket_allow_access(mem_ctx, deny_list, allow_list, name, addr->addr); 350 350 351 351 if (ret) { -
vendor/current/source4/lib/socket/connect.c
r414 r988 59 59 } 60 60 61 fde = event_add_fd(result->event_ctx, result,61 fde = tevent_add_fd(result->event_ctx, result, 62 62 socket_get_fd(state->sock), 63 EVENT_FD_READ|EVENT_FD_WRITE,63 TEVENT_FD_READ|TEVENT_FD_WRITE, 64 64 socket_connect_handler, result); 65 65 composite_nomem(fde, result); -
vendor/current/source4/lib/socket/connect_multi.c
r740 r988 34 34 */ 35 35 struct connect_multi_state { 36 struct socket_address *server_address; 36 struct socket_address **server_address; 37 unsigned num_address, current_address, current_port; 37 38 int num_ports; 38 39 uint16_t *ports; … … 42 43 43 44 int num_connects_sent, num_connects_recv; 45 46 struct socket_connect_multi_ex *ex; 44 47 }; 45 48 … … 59 62 static void connect_multi_next_socket(struct composite_context *result); 60 63 static void continue_one(struct composite_context *creq); 64 static void continue_one_ex(struct tevent_req *subreq); 65 66 /* 67 setup an async socket_connect, with multiple ports 68 */ 69 _PUBLIC_ struct composite_context *socket_connect_multi_ex_send( 70 TALLOC_CTX *mem_ctx, 71 const char *server_name, 72 int num_server_ports, 73 uint16_t *server_ports, 74 struct resolve_context *resolve_ctx, 75 struct tevent_context *event_ctx, 76 struct socket_connect_multi_ex *ex) 77 { 78 struct composite_context *result; 79 struct connect_multi_state *multi; 80 int i; 81 82 struct nbt_name name; 83 struct composite_context *creq; 84 85 result = talloc_zero(mem_ctx, struct composite_context); 86 if (result == NULL) return NULL; 87 result->state = COMPOSITE_STATE_IN_PROGRESS; 88 result->event_ctx = event_ctx; 89 90 multi = talloc_zero(result, struct connect_multi_state); 91 if (composite_nomem(multi, result)) goto failed; 92 result->private_data = multi; 93 94 multi->num_ports = num_server_ports; 95 multi->ports = talloc_array(multi, uint16_t, multi->num_ports); 96 if (composite_nomem(multi->ports, result)) goto failed; 97 98 for (i=0; i<multi->num_ports; i++) { 99 multi->ports[i] = server_ports[i]; 100 } 101 102 multi->ex = ex; 103 104 /* 105 we don't want to do the name resolution separately 106 for each port, so start it now, then only start on 107 the real sockets once we have an IP 108 */ 109 make_nbt_name_server(&name, server_name); 110 111 creq = resolve_name_all_send(resolve_ctx, multi, 0, multi->ports[0], &name, result->event_ctx); 112 if (composite_nomem(creq, result)) goto failed; 113 114 composite_continue(result, creq, continue_resolve_name, result); 115 116 return result; 117 118 119 failed: 120 composite_error(result, result->status); 121 return result; 122 } 123 124 /* 125 start connecting to the next socket/port in the list 126 */ 127 static void connect_multi_next_socket(struct composite_context *result) 128 { 129 struct connect_multi_state *multi = talloc_get_type(result->private_data, 130 struct connect_multi_state); 131 struct connect_one_state *state; 132 struct composite_context *creq; 133 int next = multi->num_connects_sent; 134 135 if (next == multi->num_address * multi->num_ports) { 136 /* don't do anything, just wait for the existing ones to finish */ 137 return; 138 } 139 140 if (multi->current_address == multi->num_address) { 141 multi->current_address = 0; 142 multi->current_port += 1; 143 } 144 multi->num_connects_sent += 1; 145 146 if (multi->server_address == NULL || multi->server_address[multi->current_address] == NULL) { 147 composite_error(result, NT_STATUS_OBJECT_NAME_NOT_FOUND); 148 return; 149 } 150 151 state = talloc(multi, struct connect_one_state); 152 if (composite_nomem(state, result)) return; 153 154 state->result = result; 155 result->status = socket_create(multi->server_address[multi->current_address]->family, 156 SOCKET_TYPE_STREAM, &state->sock, 0); 157 if (!composite_is_ok(result)) return; 158 159 state->addr = socket_address_copy(state, multi->server_address[multi->current_address]); 160 if (composite_nomem(state->addr, result)) return; 161 162 socket_address_set_port(state->addr, multi->ports[multi->current_port]); 163 164 talloc_steal(state, state->sock); 165 166 creq = socket_connect_send(state->sock, NULL, 167 state->addr, 0, 168 result->event_ctx); 169 if (composite_nomem(creq, result)) return; 170 talloc_steal(state, creq); 171 172 multi->current_address++; 173 composite_continue(result, creq, continue_one, state); 174 175 /* if there are more ports / addresses to go then setup a timer to fire when we have waited 176 for a couple of milli-seconds, when that goes off we try the next port regardless 177 of whether this port has completed */ 178 if (multi->num_ports * multi->num_address > multi->num_connects_sent) { 179 /* note that this timer is a child of the single 180 connect attempt state, so it will go away when this 181 request completes */ 182 tevent_add_timer(result->event_ctx, state, 183 timeval_current_ofs_usec(MULTI_PORT_DELAY), 184 connect_multi_timer, result); 185 } 186 } 187 188 /* 189 a timer has gone off telling us that we should try the next port 190 */ 191 static void connect_multi_timer(struct tevent_context *ev, 192 struct tevent_timer *te, 193 struct timeval tv, void *p) 194 { 195 struct composite_context *result = talloc_get_type(p, struct composite_context); 196 connect_multi_next_socket(result); 197 } 198 199 200 /* 201 recv name resolution reply then send the next connect 202 */ 203 static void continue_resolve_name(struct composite_context *creq) 204 { 205 struct composite_context *result = talloc_get_type(creq->async.private_data, 206 struct composite_context); 207 struct connect_multi_state *multi = talloc_get_type(result->private_data, 208 struct connect_multi_state); 209 struct socket_address **addr; 210 unsigned i; 211 212 result->status = resolve_name_all_recv(creq, multi, &addr, NULL); 213 if (!composite_is_ok(result)) return; 214 215 for(i=0; addr[i]; i++); 216 multi->num_address = i; 217 multi->server_address = talloc_steal(multi, addr); 218 219 connect_multi_next_socket(result); 220 } 221 222 /* 223 one of our socket_connect_send() calls hash finished. If it got a 224 connection or there are none left then we are done 225 */ 226 static void continue_one(struct composite_context *creq) 227 { 228 struct connect_one_state *state = talloc_get_type(creq->async.private_data, 229 struct connect_one_state); 230 struct composite_context *result = state->result; 231 struct connect_multi_state *multi = talloc_get_type(result->private_data, 232 struct connect_multi_state); 233 NTSTATUS status; 234 235 status = socket_connect_recv(creq); 236 237 if (multi->ex) { 238 struct tevent_req *subreq; 239 240 subreq = multi->ex->establish_send(state, 241 result->event_ctx, 242 state->sock, 243 state->addr, 244 multi->ex->private_data); 245 if (composite_nomem(subreq, result)) return; 246 tevent_req_set_callback(subreq, continue_one_ex, state); 247 return; 248 } 249 250 multi->num_connects_recv++; 251 252 if (NT_STATUS_IS_OK(status)) { 253 multi->sock = talloc_steal(multi, state->sock); 254 multi->result_port = state->addr->port; 255 } 256 257 talloc_free(state); 258 259 if (NT_STATUS_IS_OK(status) || 260 multi->num_connects_recv == (multi->num_address * multi->num_ports)) { 261 result->status = status; 262 composite_done(result); 263 return; 264 } 265 266 /* try the next port */ 267 connect_multi_next_socket(result); 268 } 269 270 /* 271 one of our multi->ex->establish_send() calls hash finished. If it got a 272 connection or there are none left then we are done 273 */ 274 static void continue_one_ex(struct tevent_req *subreq) 275 { 276 struct connect_one_state *state = 277 tevent_req_callback_data(subreq, 278 struct connect_one_state); 279 struct composite_context *result = state->result; 280 struct connect_multi_state *multi = 281 talloc_get_type_abort(result->private_data, 282 struct connect_multi_state); 283 NTSTATUS status; 284 multi->num_connects_recv++; 285 286 status = multi->ex->establish_recv(subreq); 287 TALLOC_FREE(subreq); 288 289 if (NT_STATUS_IS_OK(status)) { 290 multi->sock = talloc_steal(multi, state->sock); 291 multi->result_port = state->addr->port; 292 } 293 294 talloc_free(state); 295 296 if (NT_STATUS_IS_OK(status) || 297 multi->num_connects_recv == (multi->num_address * multi->num_ports)) { 298 result->status = status; 299 composite_done(result); 300 return; 301 } 302 303 /* try the next port */ 304 connect_multi_next_socket(result); 305 } 306 307 /* 308 async recv routine for socket_connect_multi() 309 */ 310 _PUBLIC_ NTSTATUS socket_connect_multi_ex_recv(struct composite_context *ctx, 311 TALLOC_CTX *mem_ctx, 312 struct socket_context **sock, 313 uint16_t *port) 314 { 315 NTSTATUS status = composite_wait(ctx); 316 if (NT_STATUS_IS_OK(status)) { 317 struct connect_multi_state *multi = 318 talloc_get_type(ctx->private_data, 319 struct connect_multi_state); 320 *sock = talloc_steal(mem_ctx, multi->sock); 321 *port = multi->result_port; 322 } 323 talloc_free(ctx); 324 return status; 325 } 326 327 NTSTATUS socket_connect_multi_ex(TALLOC_CTX *mem_ctx, 328 const char *server_address, 329 int num_server_ports, uint16_t *server_ports, 330 struct resolve_context *resolve_ctx, 331 struct tevent_context *event_ctx, 332 struct socket_connect_multi_ex *ex, 333 struct socket_context **result, 334 uint16_t *result_port) 335 { 336 struct composite_context *ctx = 337 socket_connect_multi_ex_send(mem_ctx, server_address, 338 num_server_ports, server_ports, 339 resolve_ctx, 340 event_ctx, 341 ex); 342 return socket_connect_multi_ex_recv(ctx, mem_ctx, result, result_port); 343 } 61 344 62 345 /* … … 71 354 struct tevent_context *event_ctx) 72 355 { 73 struct composite_context *result; 74 struct connect_multi_state *multi; 75 int i; 76 77 struct nbt_name name; 78 struct composite_context *creq; 79 80 result = talloc_zero(mem_ctx, struct composite_context); 81 if (result == NULL) return NULL; 82 result->state = COMPOSITE_STATE_IN_PROGRESS; 83 result->event_ctx = event_ctx; 84 85 multi = talloc_zero(result, struct connect_multi_state); 86 if (composite_nomem(multi, result)) goto failed; 87 result->private_data = multi; 88 89 multi->num_ports = num_server_ports; 90 multi->ports = talloc_array(multi, uint16_t, multi->num_ports); 91 if (composite_nomem(multi->ports, result)) goto failed; 92 93 for (i=0; i<multi->num_ports; i++) { 94 multi->ports[i] = server_ports[i]; 95 } 96 97 /* 98 we don't want to do the name resolution separately 99 for each port, so start it now, then only start on 100 the real sockets once we have an IP 101 */ 102 make_nbt_name_server(&name, server_name); 103 104 creq = resolve_name_all_send(resolve_ctx, multi, 0, multi->ports[0], &name, result->event_ctx); 105 if (composite_nomem(creq, result)) goto failed; 106 107 composite_continue(result, creq, continue_resolve_name, result); 108 109 return result; 110 111 112 failed: 113 composite_error(result, result->status); 114 return result; 115 } 116 117 /* 118 start connecting to the next socket/port in the list 119 */ 120 static void connect_multi_next_socket(struct composite_context *result) 121 { 122 struct connect_multi_state *multi = talloc_get_type(result->private_data, 123 struct connect_multi_state); 124 struct connect_one_state *state; 125 struct composite_context *creq; 126 int next = multi->num_connects_sent; 127 128 if (next == multi->num_ports) { 129 /* don't do anything, just wait for the existing ones to finish */ 130 return; 131 } 132 133 multi->num_connects_sent += 1; 134 135 state = talloc(multi, struct connect_one_state); 136 if (composite_nomem(state, result)) return; 137 138 state->result = result; 139 result->status = socket_create("ipv4", SOCKET_TYPE_STREAM, &state->sock, 0); 140 if (!composite_is_ok(result)) return; 141 142 state->addr = socket_address_copy(state, multi->server_address); 143 if (composite_nomem(state->addr, result)) return; 144 145 socket_address_set_port(state->addr, multi->ports[next]); 146 147 talloc_steal(state, state->sock); 148 149 creq = socket_connect_send(state->sock, NULL, 150 state->addr, 0, 151 result->event_ctx); 152 if (composite_nomem(creq, result)) return; 153 talloc_steal(state, creq); 154 155 composite_continue(result, creq, continue_one, state); 156 157 /* if there are more ports to go then setup a timer to fire when we have waited 158 for a couple of milli-seconds, when that goes off we try the next port regardless 159 of whether this port has completed */ 160 if (multi->num_ports > multi->num_connects_sent) { 161 /* note that this timer is a child of the single 162 connect attempt state, so it will go away when this 163 request completes */ 164 event_add_timed(result->event_ctx, state, 165 timeval_current_ofs(0, MULTI_PORT_DELAY), 166 connect_multi_timer, result); 167 } 168 } 169 170 /* 171 a timer has gone off telling us that we should try the next port 172 */ 173 static void connect_multi_timer(struct tevent_context *ev, 174 struct tevent_timer *te, 175 struct timeval tv, void *p) 176 { 177 struct composite_context *result = talloc_get_type(p, struct composite_context); 178 connect_multi_next_socket(result); 179 } 180 181 182 /* 183 recv name resolution reply then send the next connect 184 */ 185 static void continue_resolve_name(struct composite_context *creq) 186 { 187 struct composite_context *result = talloc_get_type(creq->async.private_data, 188 struct composite_context); 189 struct connect_multi_state *multi = talloc_get_type(result->private_data, 190 struct connect_multi_state); 191 struct socket_address **addr; 192 193 result->status = resolve_name_all_recv(creq, multi, &addr, NULL); 194 if (!composite_is_ok(result)) return; 195 196 /* Let's just go for the first for now */ 197 multi->server_address = addr[0]; 198 199 connect_multi_next_socket(result); 200 } 201 202 /* 203 one of our socket_connect_send() calls hash finished. If it got a 204 connection or there are none left then we are done 205 */ 206 static void continue_one(struct composite_context *creq) 207 { 208 struct connect_one_state *state = talloc_get_type(creq->async.private_data, 209 struct connect_one_state); 210 struct composite_context *result = state->result; 211 struct connect_multi_state *multi = talloc_get_type(result->private_data, 212 struct connect_multi_state); 213 NTSTATUS status; 214 multi->num_connects_recv++; 215 216 status = socket_connect_recv(creq); 217 218 if (NT_STATUS_IS_OK(status)) { 219 multi->sock = talloc_steal(multi, state->sock); 220 multi->result_port = state->addr->port; 221 } 222 223 talloc_free(state); 224 225 if (NT_STATUS_IS_OK(status) || 226 multi->num_connects_recv == multi->num_ports) { 227 result->status = status; 228 composite_done(result); 229 return; 230 } 231 232 /* try the next port */ 233 connect_multi_next_socket(result); 356 return socket_connect_multi_ex_send(mem_ctx, 357 server_name, 358 num_server_ports, 359 server_ports, 360 resolve_ctx, 361 event_ctx, 362 NULL); /* ex */ 234 363 } 235 364 … … 242 371 uint16_t *port) 243 372 { 244 NTSTATUS status = composite_wait(ctx); 245 if (NT_STATUS_IS_OK(status)) { 246 struct connect_multi_state *multi = 247 talloc_get_type(ctx->private_data, 248 struct connect_multi_state); 249 *sock = talloc_steal(mem_ctx, multi->sock); 250 *port = multi->result_port; 251 } 252 talloc_free(ctx); 253 return status; 373 return socket_connect_multi_ex_recv(ctx, mem_ctx, sock, port); 254 374 } 255 375 … … 262 382 uint16_t *result_port) 263 383 { 264 struct composite_context *ctx = 265 socket_connect_multi_send(mem_ctx, server_address, 266 num_server_ports, server_ports, 267 resolve_ctx, 268 event_ctx); 269 return socket_connect_multi_recv(ctx, mem_ctx, result, result_port); 270 } 384 return socket_connect_multi_ex(mem_ctx, 385 server_address, 386 num_server_ports, 387 server_ports, 388 resolve_ctx, 389 event_ctx, 390 NULL, /* ex */ 391 result, 392 result_port); 393 } -
vendor/current/source4/lib/socket/interface.c
r740 r988 22 22 #include "includes.h" 23 23 #include "system/network.h" 24 #include "param/param.h" 24 25 #include "lib/socket/netif.h" 25 26 #include "../lib/util/util_net.h" 26 27 #include "../lib/util/dlinklist.h" 27 28 28 /* *used for network interfaces */29 /* used for network interfaces */ 29 30 struct interface { 30 31 struct interface *next, *prev; 31 struct in_addr ip; 32 struct in_addr nmask; 32 char *name; 33 int flags; 34 struct sockaddr_storage ip; 35 struct sockaddr_storage netmask; 36 struct sockaddr_storage bcast; 33 37 const char *ip_s; 34 38 const char *bcast_s; … … 46 50 Try and find an interface that matches an ip. If we cannot, return NULL 47 51 **************************************************************************/ 48 static struct interface *iface_find(struct interface *interfaces, 49 struct in_addr ip, bool CheckMask) 50 { 51 struct interface *i; 52 if (is_zero_ip_v4(ip)) return interfaces; 53 54 for (i=interfaces;i;i=i->next) 55 if (CheckMask) { 56 if (same_net_v4(i->ip,ip,i->nmask)) return i; 57 } else if (i->ip.s_addr == ip.s_addr) return i; 52 static struct interface *iface_list_find(struct interface *interfaces, 53 const struct sockaddr *ip, 54 bool check_mask) 55 { 56 struct interface *i; 57 58 if (is_address_any(ip)) { 59 return interfaces; 60 } 61 62 for (i=interfaces;i;i=i->next) { 63 if (check_mask) { 64 if (same_net(ip, (struct sockaddr *)&i->ip, (struct sockaddr *)&i->netmask)) { 65 return i; 66 } 67 } else if (sockaddr_equal((struct sockaddr *)&i->ip, ip)) { 68 return i; 69 } 70 } 58 71 59 72 return NULL; 60 73 } 61 62 74 63 75 /**************************************************************************** 64 76 add an interface to the linked list of interfaces 65 77 ****************************************************************************/ 66 static void add_interface(TALLOC_CTX *mem_ctx, struct in_addr ip, struct in_addr nmask, struct interface **interfaces) 67 { 78 static void add_interface(TALLOC_CTX *mem_ctx, const struct iface_struct *ifs, struct interface **interfaces, 79 bool enable_ipv6) 80 { 81 char addr[INET6_ADDRSTRLEN]; 68 82 struct interface *iface; 69 struct in_addr bcast; 70 71 if (iface_find(*interfaces, ip, false)) { 72 DEBUG(3,("not adding duplicate interface %s\n",inet_ntoa(ip))); 83 84 if (iface_list_find(*interfaces, (const struct sockaddr *)&ifs->ip, false)) { 85 DEBUG(3,("add_interface: not adding duplicate interface %s\n", 86 print_sockaddr(addr, sizeof(addr), &ifs->ip) )); 87 return; 88 } 89 90 if (ifs->ip.ss_family == AF_INET && 91 !(ifs->flags & (IFF_BROADCAST|IFF_LOOPBACK))) { 92 DEBUG(3,("not adding non-broadcast interface %s\n", 93 ifs->name )); 94 return; 95 } 96 97 if (!enable_ipv6 && ifs->ip.ss_family != AF_INET) { 73 98 return; 74 99 } … … 80 105 ZERO_STRUCTPN(iface); 81 106 82 iface->ip = ip; 83 iface->nmask = nmask; 84 bcast.s_addr = MKBCADDR(iface->ip.s_addr, iface->nmask.s_addr); 107 iface->name = talloc_strdup(iface, ifs->name); 108 if (!iface->name) { 109 SAFE_FREE(iface); 110 return; 111 } 112 iface->flags = ifs->flags; 113 iface->ip = ifs->ip; 114 iface->netmask = ifs->netmask; 115 iface->bcast = ifs->bcast; 85 116 86 117 /* keep string versions too, to avoid people tripping over the implied 87 118 static in inet_ntoa() */ 88 iface->ip_s = talloc_strdup(iface, inet_ntoa(iface->ip)); 89 iface->nmask_s = talloc_strdup(iface, inet_ntoa(iface->nmask)); 90 91 if (nmask.s_addr != ~0) { 92 iface->bcast_s = talloc_strdup(iface, inet_ntoa(bcast)); 93 } 94 95 DLIST_ADD_END(*interfaces, iface, struct interface *); 96 97 DEBUG(3,("added interface ip=%s nmask=%s\n", iface->ip_s, iface->nmask_s)); 98 } 99 100 119 print_sockaddr(addr, sizeof(addr), &iface->ip); 120 DEBUG(4,("added interface %s ip=%s ", 121 iface->name, addr)); 122 iface->ip_s = talloc_strdup(iface, addr); 123 124 print_sockaddr(addr, sizeof(addr), 125 &iface->bcast); 126 DEBUG(4,("bcast=%s ", addr)); 127 iface->bcast_s = talloc_strdup(iface, addr); 128 129 print_sockaddr(addr, sizeof(addr), 130 &iface->netmask); 131 DEBUG(4,("netmask=%s\n", addr)); 132 iface->nmask_s = talloc_strdup(iface, addr); 133 134 /* 135 this needs to be a ADD_END, as some tests (such as the 136 spoolss notify test) depend on the interfaces ordering 137 */ 138 DLIST_ADD_END(*interfaces, iface); 139 } 101 140 102 141 /** … … 115 154 struct iface_struct *probed_ifaces, 116 155 int total_probed, 117 struct interface **local_interfaces) 118 { 119 struct in_addr ip, nmask; 156 struct interface **local_interfaces, 157 bool enable_ipv6) 158 { 159 struct sockaddr_storage ss; 160 struct sockaddr_storage ss_mask; 161 struct sockaddr_storage ss_net; 162 struct sockaddr_storage ss_bcast; 163 struct iface_struct ifs; 120 164 char *p; 121 char *address; 122 int i, added=0; 123 124 ip.s_addr = 0; 125 nmask.s_addr = 0; 126 165 int i; 166 bool added=false; 167 bool goodaddr = false; 168 127 169 /* first check if it is an interface name */ 128 170 for (i=0;i<total_probed;i++) { 129 171 if (gen_fnmatch(token, probed_ifaces[i].name) == 0) { 130 add_interface(mem_ctx, probed_ifaces[i].ip, 131 probed_ifaces[i].netmask, 132 local_interfaces); 133 added = 1; 134 } 135 } 136 if (added) return; 172 add_interface(mem_ctx, &probed_ifaces[i], 173 local_interfaces, enable_ipv6); 174 added = true; 175 } 176 } 177 if (added) { 178 return; 179 } 180 181 p = strchr_m(token, ';'); 182 if (p != NULL) { 183 /* 184 * skip smbd-specific extra data: 185 * link speed, capabilities, and interface index 186 */ 187 *p = 0; 188 } 137 189 138 190 /* maybe it is a DNS name */ 139 191 p = strchr_m(token,'/'); 140 if (!p) { 141 /* don't try to do dns lookups on wildcard names */ 142 if (strpbrk(token, "*?") != NULL) { 192 if (p == NULL) { 193 if (!interpret_string_addr(&ss, token, 0)) { 194 DEBUG(2, ("interpret_interface: Can't find address " 195 "for %s\n", token)); 143 196 return; 144 197 } 145 ip.s_addr = interpret_addr2(token).s_addr; 198 146 199 for (i=0;i<total_probed;i++) { 147 if (ip.s_addr == probed_ifaces[i].ip.s_addr) { 148 add_interface(mem_ctx, probed_ifaces[i].ip, 149 probed_ifaces[i].netmask, 150 local_interfaces); 200 if (sockaddr_equal((struct sockaddr *)&ss, (struct sockaddr *)&probed_ifaces[i].ip)) { 201 add_interface(mem_ctx, &probed_ifaces[i], 202 local_interfaces, enable_ipv6); 151 203 return; 152 204 } 153 205 } 154 DEBUG(2,("can't determine netmask for %s\n", token)); 155 return; 156 } 157 158 address = talloc_strdup(mem_ctx, token); 159 p = strchr_m(address,'/'); 206 DEBUG(2,("interpret_interface: " 207 "can't determine interface for %s\n", 208 token)); 209 return; 210 } 160 211 161 212 /* parse it into an IP address/netmasklength pair */ 162 *p++ = 0; 163 164 ip.s_addr = interpret_addr2(address).s_addr; 213 *p = 0; 214 goodaddr = interpret_string_addr(&ss, token, 0); 215 *p++ = '/'; 216 217 if (!goodaddr) { 218 DEBUG(2,("interpret_interface: " 219 "can't determine interface for %s\n", 220 token)); 221 return; 222 } 165 223 166 224 if (strlen(p) > 2) { 167 nmask.s_addr = interpret_addr2(p).s_addr; 225 goodaddr = interpret_string_addr(&ss_mask, p, 0); 226 if (!goodaddr) { 227 DEBUG(2,("interpret_interface: " 228 "can't determine netmask from %s\n", 229 p)); 230 return; 231 } 168 232 } else { 169 nmask.s_addr = htonl(((ALLONES >> atoi(p)) ^ ALLONES)); 170 } 171 172 /* maybe the first component was a broadcast address */ 173 if (ip.s_addr == MKBCADDR(ip.s_addr, nmask.s_addr) || 174 ip.s_addr == MKNETADDR(ip.s_addr, nmask.s_addr)) { 233 char *endp = NULL; 234 unsigned long val = strtoul(p, &endp, 0); 235 if (p == endp || (endp && *endp != '\0')) { 236 DEBUG(2,("interpret_interface: " 237 "can't determine netmask value from %s\n", 238 p)); 239 return; 240 } 241 if (!make_netmask(&ss_mask, &ss, val)) { 242 DEBUG(2,("interpret_interface: " 243 "can't apply netmask value %lu from %s\n", 244 val, 245 p)); 246 return; 247 } 248 } 249 250 make_bcast(&ss_bcast, &ss, &ss_mask); 251 make_net(&ss_net, &ss, &ss_mask); 252 253 /* Maybe the first component was a broadcast address. */ 254 if (sockaddr_equal((struct sockaddr *)&ss_bcast, (struct sockaddr *)&ss) || 255 sockaddr_equal((struct sockaddr *)&ss_net, (struct sockaddr *)&ss)) { 175 256 for (i=0;i<total_probed;i++) { 176 if (same_net_v4(ip, probed_ifaces[i].ip, nmask)) { 177 add_interface(mem_ctx, probed_ifaces[i].ip, nmask, 178 local_interfaces); 179 talloc_free(address); 257 if (same_net((struct sockaddr *)&ss, 258 (struct sockaddr *)&probed_ifaces[i].ip, 259 (struct sockaddr *)&ss_mask)) { 260 /* Temporarily replace netmask on 261 * the detected interface - user knows 262 * best.... */ 263 struct sockaddr_storage saved_mask = 264 probed_ifaces[i].netmask; 265 probed_ifaces[i].netmask = ss_mask; 266 DEBUG(2,("interpret_interface: " 267 "using netmask value %s from " 268 "config file on interface %s\n", 269 p, 270 probed_ifaces[i].name)); 271 add_interface(mem_ctx, &probed_ifaces[i], 272 local_interfaces, enable_ipv6); 273 probed_ifaces[i].netmask = saved_mask; 180 274 return; 181 275 } 182 276 } 183 DEBUG(2,("Can't determine ip for broadcast address %s\n", address)); 184 talloc_free(address); 185 return; 186 } 187 188 add_interface(mem_ctx, ip, nmask, local_interfaces); 189 talloc_free(address); 277 DEBUG(2,("interpret_interface: Can't determine ip for " 278 "broadcast address %s\n", 279 token)); 280 return; 281 } 282 283 /* Just fake up the interface definition. User knows best. */ 284 285 DEBUG(2,("interpret_interface: Adding interface %s\n", 286 token)); 287 288 ZERO_STRUCT(ifs); 289 (void)strlcpy(ifs.name, token, sizeof(ifs.name)); 290 ifs.flags = IFF_BROADCAST; 291 ifs.ip = ss; 292 ifs.netmask = ss_mask; 293 ifs.bcast = ss_bcast; 294 add_interface(mem_ctx, &ifs, 295 local_interfaces, enable_ipv6); 190 296 } 191 297 … … 194 300 load the list of network interfaces 195 301 **/ 196 void load_interface s(TALLOC_CTX *mem_ctx, const char **interfaces, struct interface **local_interfaces)197 { 198 const char **ptr = interfaces;302 void load_interface_list(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, struct interface **local_interfaces) 303 { 304 const char **ptr = lpcfg_interfaces(lp_ctx); 199 305 int i; 200 struct iface_struct ifaces[MAX_INTERFACES]; 201 struct in_addr loopback_ip; 306 struct iface_struct *ifaces = NULL; 202 307 int total_probed; 308 bool enable_ipv6 = lpcfg_parm_bool(lp_ctx, NULL, "ipv6", "enable", true); 203 309 204 310 *local_interfaces = NULL; 205 311 206 loopback_ip = interpret_addr2("127.0.0.1");207 208 312 /* probe the kernel for interfaces */ 209 total_probed = get_interfaces( ifaces, MAX_INTERFACES);313 total_probed = get_interfaces(mem_ctx, &ifaces); 210 314 211 315 /* if we don't have a interfaces line then use all interfaces … … 216 320 } 217 321 for (i=0;i<total_probed;i++) { 218 if (ifaces[i].ip.s_addr != loopback_ip.s_addr) { 219 add_interface(mem_ctx, ifaces[i].ip, 220 ifaces[i].netmask, local_interfaces); 322 if (!is_loopback_addr((struct sockaddr *)&ifaces[i].ip)) { 323 add_interface(mem_ctx, &ifaces[i], local_interfaces, enable_ipv6); 221 324 } 222 325 } … … 224 327 225 328 while (ptr && *ptr) { 226 interpret_interface(mem_ctx, *ptr, ifaces, total_probed, local_interfaces );329 interpret_interface(mem_ctx, *ptr, ifaces, total_probed, local_interfaces, enable_ipv6); 227 330 ptr++; 228 331 } … … 231 334 DEBUG(0,("WARNING: no network interfaces found\n")); 232 335 } 336 talloc_free(ifaces); 233 337 } 234 338 … … 236 340 how many interfaces do we have 237 341 **/ 238 int iface_ count(struct interface *ifaces)342 int iface_list_count(struct interface *ifaces) 239 343 { 240 344 int ret = 0; … … 249 353 return IP of the Nth interface 250 354 **/ 251 const char *iface_ n_ip(struct interface *ifaces, int n)355 const char *iface_list_n_ip(struct interface *ifaces, int n) 252 356 { 253 357 struct interface *i; … … 262 366 } 263 367 368 369 /** 370 return the first IPv4 interface address we have registered 371 **/ 372 const char *iface_list_first_v4(struct interface *ifaces) 373 { 374 struct interface *i; 375 376 for (i=ifaces; i; i=i->next) { 377 if (i->ip.ss_family == AF_INET) { 378 return i->ip_s; 379 } 380 } 381 return NULL; 382 } 383 384 /** 385 return the first IPv6 interface address we have registered 386 **/ 387 static const char *iface_list_first_v6(struct interface *ifaces) 388 { 389 struct interface *i; 390 391 #ifdef HAVE_IPV6 392 for (i=ifaces; i; i=i->next) { 393 if (i->ip.ss_family == AF_INET6) { 394 return i->ip_s; 395 } 396 } 397 #endif 398 return NULL; 399 } 400 401 /** 402 check if an interface is IPv4 403 **/ 404 bool iface_list_n_is_v4(struct interface *ifaces, int n) 405 { 406 struct interface *i; 407 408 for (i=ifaces;i && n;i=i->next) 409 n--; 410 411 if (i) { 412 return i->ip.ss_family == AF_INET; 413 } 414 return false; 415 } 416 264 417 /** 265 418 return bcast of the Nth interface 266 419 **/ 267 const char *iface_ n_bcast(struct interface *ifaces, int n)420 const char *iface_list_n_bcast(struct interface *ifaces, int n) 268 421 { 269 422 struct interface *i; … … 281 434 return netmask of the Nth interface 282 435 **/ 283 const char *iface_ n_netmask(struct interface *ifaces, int n)436 const char *iface_list_n_netmask(struct interface *ifaces, int n) 284 437 { 285 438 struct interface *i; … … 298 451 our first interface if none match 299 452 */ 300 const char *iface_ best_ip(struct interface *ifaces, const char *dest)453 const char *iface_list_best_ip(struct interface *ifaces, const char *dest) 301 454 { 302 455 struct interface *iface; 303 struct in_addr ip; 304 305 ip.s_addr = interpret_addr(dest); 306 iface = iface_find(ifaces, ip, true); 456 struct sockaddr_storage ss; 457 458 if (!interpret_string_addr(&ss, dest, AI_NUMERICHOST)) { 459 return iface_list_n_ip(ifaces, 0); 460 } 461 iface = iface_list_find(ifaces, (const struct sockaddr *)&ss, true); 307 462 if (iface) { 308 463 return iface->ip_s; 309 464 } 310 return iface_n_ip(ifaces, 0); 465 #ifdef HAVE_IPV6 466 if (ss.ss_family == AF_INET6) { 467 return iface_list_first_v6(ifaces); 468 } 469 #endif 470 return iface_list_first_v4(ifaces); 311 471 } 312 472 … … 314 474 return true if an IP is one one of our local networks 315 475 */ 316 bool iface_is_local(struct interface *ifaces, const char *dest) 317 { 318 struct in_addr ip; 319 320 ip.s_addr = interpret_addr(dest); 321 if (iface_find(ifaces, ip, true)) { 476 bool iface_list_is_local(struct interface *ifaces, const char *dest) 477 { 478 struct sockaddr_storage ss; 479 480 if (!interpret_string_addr(&ss, dest, AI_NUMERICHOST)) { 481 return false; 482 } 483 if (iface_list_find(ifaces, (const struct sockaddr *)&ss, true)) { 322 484 return true; 323 485 } … … 328 490 return true if a IP matches a IP/netmask pair 329 491 */ 330 bool iface_same_net(const char *ip1, const char *ip2, const char *netmask) 331 { 332 return same_net_v4(interpret_addr2(ip1), 333 interpret_addr2(ip2), 334 interpret_addr2(netmask)); 335 } 492 bool iface_list_same_net(const char *ip1, const char *ip2, const char *netmask) 493 { 494 struct sockaddr_storage ip1_ss, ip2_ss, nm_ss; 495 496 if (!interpret_string_addr(&ip1_ss, ip1, AI_NUMERICHOST)) { 497 return false; 498 } 499 if (!interpret_string_addr(&ip2_ss, ip2, AI_NUMERICHOST)) { 500 return false; 501 } 502 if (!interpret_string_addr(&nm_ss, netmask, AI_NUMERICHOST)) { 503 return false; 504 } 505 506 return same_net((struct sockaddr *)&ip1_ss, 507 (struct sockaddr *)&ip2_ss, 508 (struct sockaddr *)&nm_ss); 509 } 510 511 /** 512 return the list of wildcard interfaces 513 this will include the IPv4 0.0.0.0, and may include IPv6 :: 514 */ 515 char **iface_list_wildcard(TALLOC_CTX *mem_ctx) 516 { 517 char **ret; 518 #ifdef HAVE_IPV6 519 ret = str_list_make(mem_ctx, "::,0.0.0.0", NULL); 520 #else 521 ret = str_list_make(mem_ctx, "0.0.0.0", NULL); 522 #endif 523 return ret; 524 } -
vendor/current/source4/lib/socket/netif.h
r414 r988 21 21 22 22 #include "system/network.h" 23 24 struct iface_struct { 25 char name[16]; 26 struct in_addr ip; 27 struct in_addr netmask; 28 }; 29 30 struct interface; 31 32 #define MAX_INTERFACES 128 33 34 #ifndef AUTOCONF_TEST 23 #include "lib/socket/interfaces.h" 35 24 #include "lib/socket/netif_proto.h" 36 #endif -
vendor/current/source4/lib/socket/socket.c
r740 r988 353 353 int ret; 354 354 355 if (!a) { 356 return NULL; 357 } 355 358 if (a->sockaddr) { 356 359 ret = tsocket_address_bsd_from_sockaddr(mem_ctx, … … 452 455 fd = dup(sock->fd); 453 456 if (fd == -1) { 454 return map_nt_error_from_unix (errno);457 return map_nt_error_from_unix_common(errno); 455 458 } 456 459 close(sock->fd); … … 474 477 } 475 478 479 if (strcmp(family, "ip") == 0 && is_ipaddress_v6(host)) { 480 /* leaving as "ip" would force IPv4 */ 481 family = "ipv6"; 482 } 483 476 484 addr->family = family; 477 485 addr->addr = talloc_strdup(addr, host); … … 499 507 return NULL; 500 508 } 501 addr->family = NULL; 509 switch (sockaddr->sa_family) { 510 case AF_INET: 511 addr->family = "ipv4"; 512 break; 513 #ifdef HAVE_IPV6 514 case AF_INET6: 515 addr->family = "ipv6"; 516 break; 517 #endif 518 case AF_UNIX: 519 addr->family = "unix"; 520 break; 521 } 502 522 addr->addr = NULL; 503 523 addr->port = 0; … … 508 528 } 509 529 addr->sockaddrlen = sockaddrlen; 530 return addr; 531 } 532 533 534 /* 535 Create a new socket_address from sockaddr_storage 536 */ 537 _PUBLIC_ struct socket_address *socket_address_from_sockaddr_storage(TALLOC_CTX *mem_ctx, 538 const struct sockaddr_storage *sockaddr, 539 uint16_t port) 540 { 541 struct socket_address *addr = talloc_zero(mem_ctx, struct socket_address); 542 char addr_str[INET6_ADDRSTRLEN+1]; 543 const char *str; 544 545 if (!addr) { 546 return NULL; 547 } 548 addr->port = port; 549 switch (sockaddr->ss_family) { 550 case AF_INET: 551 addr->family = "ipv4"; 552 break; 553 #ifdef HAVE_IPV6 554 case AF_INET6: 555 addr->family = "ipv6"; 556 break; 557 #endif 558 default: 559 talloc_free(addr); 560 return NULL; 561 } 562 563 str = print_sockaddr(addr_str, sizeof(addr_str), sockaddr); 564 if (str == NULL) { 565 talloc_free(addr); 566 return NULL; 567 } 568 addr->addr = talloc_strdup(addr, str); 569 if (addr->addr == NULL) { 570 talloc_free(addr); 571 return NULL; 572 } 573 510 574 return addr; 511 575 } … … 568 632 } 569 633 570 enum SOCK_OPT_TYPES {OPT_BOOL,OPT_INT,OPT_ON};571 572 static const struct {573 const char *name;574 int level;575 int option;576 int value;577 int opttype;578 } socket_options[] = {579 {"SO_KEEPALIVE", SOL_SOCKET, SO_KEEPALIVE, 0, OPT_BOOL},580 {"SO_REUSEADDR", SOL_SOCKET, SO_REUSEADDR, 0, OPT_BOOL},581 {"SO_BROADCAST", SOL_SOCKET, SO_BROADCAST, 0, OPT_BOOL},582 #ifdef TCP_NODELAY583 {"TCP_NODELAY", IPPROTO_TCP, TCP_NODELAY, 0, OPT_BOOL},584 #endif585 #ifdef IPTOS_LOWDELAY586 {"IPTOS_LOWDELAY", IPPROTO_IP, IP_TOS, IPTOS_LOWDELAY, OPT_ON},587 #endif588 #ifdef IPTOS_THROUGHPUT589 {"IPTOS_THROUGHPUT", IPPROTO_IP, IP_TOS, IPTOS_THROUGHPUT, OPT_ON},590 #endif591 #ifdef SO_REUSEPORT592 {"SO_REUSEPORT", SOL_SOCKET, SO_REUSEPORT, 0, OPT_BOOL},593 #endif594 #ifdef SO_SNDBUF595 {"SO_SNDBUF", SOL_SOCKET, SO_SNDBUF, 0, OPT_INT},596 #endif597 #ifdef SO_RCVBUF598 {"SO_RCVBUF", SOL_SOCKET, SO_RCVBUF, 0, OPT_INT},599 #endif600 #ifdef SO_SNDLOWAT601 {"SO_SNDLOWAT", SOL_SOCKET, SO_SNDLOWAT, 0, OPT_INT},602 #endif603 #ifdef SO_RCVLOWAT604 {"SO_RCVLOWAT", SOL_SOCKET, SO_RCVLOWAT, 0, OPT_INT},605 #endif606 #ifdef SO_SNDTIMEO607 {"SO_SNDTIMEO", SOL_SOCKET, SO_SNDTIMEO, 0, OPT_INT},608 #endif609 #ifdef SO_RCVTIMEO610 {"SO_RCVTIMEO", SOL_SOCKET, SO_RCVTIMEO, 0, OPT_INT},611 #endif612 {NULL,0,0,0,0}};613 614 615 /**616 Set user socket options.617 **/618 _PUBLIC_ void set_socket_options(int fd, const char *options)619 {620 const char **options_list = (const char **)str_list_make(NULL, options, " \t,");621 int j;622 623 if (!options_list)624 return;625 626 for (j = 0; options_list[j]; j++) {627 const char *tok = options_list[j];628 int ret=0,i;629 int value = 1;630 char *p;631 bool got_value = false;632 633 if ((p = strchr(tok,'='))) {634 *p = 0;635 value = atoi(p+1);636 got_value = true;637 }638 639 for (i=0;socket_options[i].name;i++)640 if (strequal(socket_options[i].name,tok))641 break;642 643 if (!socket_options[i].name) {644 DEBUG(0,("Unknown socket option %s\n",tok));645 continue;646 }647 648 switch (socket_options[i].opttype) {649 case OPT_BOOL:650 case OPT_INT:651 ret = setsockopt(fd,socket_options[i].level,652 socket_options[i].option,(char *)&value,sizeof(int));653 break;654 655 case OPT_ON:656 if (got_value)657 DEBUG(0,("syntax error - %s does not take a value\n",tok));658 659 {660 int on = socket_options[i].value;661 ret = setsockopt(fd,socket_options[i].level,662 socket_options[i].option,(char *)&on,sizeof(int));663 }664 break;665 }666 667 if (ret != 0)668 DEBUG(0,("Failed to set socket option %s (Error %s)\n",tok, strerror(errno) ));669 }670 671 talloc_free(options_list);672 }673 674 634 /* 675 635 set some flags on a socket -
vendor/current/source4/lib/socket/socket.h
r740 r988 175 175 struct sockaddr *sockaddr, 176 176 size_t addrlen); 177 struct sockaddr_storage; 178 struct socket_address *socket_address_from_sockaddr_storage(TALLOC_CTX *mem_ctx, 179 const struct sockaddr_storage *sockaddr, 180 uint16_t port); 177 181 _PUBLIC_ void socket_address_set_port(struct socket_address *a, 178 182 uint16_t port); … … 180 184 const struct socket_address *oaddr); 181 185 const struct socket_ops *socket_getops_byname(const char *name, enum socket_type type); 182 bool allow_access(TALLOC_CTX *mem_ctx,183 184 186 bool socket_allow_access(TALLOC_CTX *mem_ctx, 187 const char **deny_list, const char **allow_list, 188 const char *cname, const char *caddr); 185 189 bool socket_check_access(struct socket_context *sock, 186 190 const char *service_name, … … 198 202 uint32_t flags, 199 203 struct tevent_context *ev); 204 205 struct socket_connect_multi_ex { 206 void *private_data; 207 struct tevent_req *(*establish_send)(TALLOC_CTX *mem_ctx, 208 struct tevent_context *ev, 209 struct socket_context *sock, 210 struct socket_address *addr, 211 void *private_data); 212 NTSTATUS (*establish_recv)(struct tevent_req *req); 213 }; 214 struct composite_context *socket_connect_multi_ex_send(TALLOC_CTX *mem_ctx, 215 const char *server_address, 216 int num_server_ports, 217 uint16_t *server_ports, 218 struct resolve_context *resolve_ctx, 219 struct tevent_context *event_ctx, 220 struct socket_connect_multi_ex *ex); 221 NTSTATUS socket_connect_multi_ex_recv(struct composite_context *ctx, 222 TALLOC_CTX *mem_ctx, 223 struct socket_context **result, 224 uint16_t *port); 225 NTSTATUS socket_connect_multi_ex(TALLOC_CTX *mem_ctx, const char *server_address, 226 int num_server_ports, uint16_t *server_ports, 227 struct resolve_context *resolve_ctx, 228 struct tevent_context *event_ctx, 229 struct socket_connect_multi_ex *ex, 230 struct socket_context **result, 231 uint16_t *port); 200 232 201 233 struct composite_context *socket_connect_multi_send(TALLOC_CTX *mem_ctx, -
vendor/current/source4/lib/socket/socket_ip.c
r740 r988 28 28 #include "lib/util/util_net.h" 29 29 30 _PUBLIC_ const struct socket_ops *socket_ipv4_ops(enum socket_type type); 31 _PUBLIC_ const struct socket_ops *socket_ipv6_ops(enum socket_type type); 32 30 33 static NTSTATUS ipv4_init(struct socket_context *sock) 31 34 { … … 45 48 sock->fd = socket(PF_INET, type, 0); 46 49 if (sock->fd == -1) { 47 return map_nt_error_from_unix(errno); 48 } 50 return map_nt_error_from_unix_common(errno); 51 } 52 53 smb_set_close_on_exec(sock->fd); 49 54 50 55 sock->backend_name = "ipv4"; … … 56 61 static void ip_close(struct socket_context *sock) 57 62 { 58 close(sock->fd); 63 if (sock->fd != -1) { 64 close(sock->fd); 65 sock->fd = -1; 66 } 59 67 } 60 68 … … 68 76 ret = getsockopt(sock->fd, SOL_SOCKET, SO_ERROR, &error, &len); 69 77 if (ret == -1) { 70 return map_nt_error_from_unix (errno);78 return map_nt_error_from_unix_common(errno); 71 79 } 72 80 if (error != 0) { 73 return map_nt_error_from_unix (error);81 return map_nt_error_from_unix_common(error); 74 82 } 75 83 … … 77 85 ret = set_blocking(sock->fd, false); 78 86 if (ret == -1) { 79 return map_nt_error_from_unix (errno);87 return map_nt_error_from_unix_common(errno); 80 88 } 81 89 } … … 100 108 ret = bind(sock->fd, my_address->sockaddr, my_address->sockaddrlen); 101 109 if (ret == -1) { 102 return map_nt_error_from_unix (errno);110 return map_nt_error_from_unix_common(errno); 103 111 } 104 112 } else if (my_address) { … … 117 125 ret = bind(sock->fd, (struct sockaddr *)&my_addr, sizeof(my_addr)); 118 126 if (ret == -1) { 119 return map_nt_error_from_unix (errno);127 return map_nt_error_from_unix_common(errno); 120 128 } 121 129 } … … 125 133 ret = connect(sock->fd, srv_address->sockaddr, srv_address->sockaddrlen); 126 134 if (ret == -1) { 127 return map_nt_error_from_unix (errno);135 return map_nt_error_from_unix_common(errno); 128 136 } 129 137 } else { … … 145 153 ret = connect(sock->fd, (const struct sockaddr *)&srv_addr, sizeof(srv_addr)); 146 154 if (ret == -1) { 147 return map_nt_error_from_unix (errno);155 return map_nt_error_from_unix_common(errno); 148 156 } 149 157 } … … 184 192 185 193 if (ret == -1) { 186 return map_nt_error_from_unix (errno);194 return map_nt_error_from_unix_common(errno); 187 195 } 188 196 … … 190 198 ret = listen(sock->fd, queue_size); 191 199 if (ret == -1) { 192 return map_nt_error_from_unix (errno);200 return map_nt_error_from_unix_common(errno); 193 201 } 194 202 } … … 197 205 ret = set_blocking(sock->fd, false); 198 206 if (ret == -1) { 199 return map_nt_error_from_unix (errno);207 return map_nt_error_from_unix_common(errno); 200 208 } 201 209 } … … 218 226 new_fd = accept(sock->fd, (struct sockaddr *)&cli_addr, &cli_addr_len); 219 227 if (new_fd == -1) { 220 return map_nt_error_from_unix (errno);228 return map_nt_error_from_unix_common(errno); 221 229 } 222 230 … … 225 233 if (ret == -1) { 226 234 close(new_fd); 227 return map_nt_error_from_unix (errno);235 return map_nt_error_from_unix_common(errno); 228 236 } 229 237 } … … 266 274 return NT_STATUS_END_OF_FILE; 267 275 } else if (gotlen == -1) { 268 return map_nt_error_from_unix (errno);276 return map_nt_error_from_unix_common(errno); 269 277 } 270 278 … … 309 317 } else if (gotlen == -1) { 310 318 talloc_free(src); 311 return map_nt_error_from_unix (errno);319 return map_nt_error_from_unix_common(errno); 312 320 } 313 321 … … 340 348 len = send(sock->fd, blob->data, blob->length, 0); 341 349 if (len == -1) { 342 return map_nt_error_from_unix (errno);350 return map_nt_error_from_unix_common(errno); 343 351 } 344 352 … … 381 389 } 382 390 if (len == -1) { 383 return map_nt_error_from_unix (errno);391 return map_nt_error_from_unix_common(errno); 384 392 } 385 393 … … 516 524 return NT_STATUS_OK; 517 525 } 518 return map_nt_error_from_unix (errno);526 return map_nt_error_from_unix_common(errno); 519 527 } 520 528 … … 602 610 sock->fd = socket(PF_INET6, type, 0); 603 611 if (sock->fd == -1) { 604 return map_nt_error_from_unix(errno); 605 } 612 return map_nt_error_from_unix_common(errno); 613 } 614 615 smb_set_close_on_exec(sock->fd); 606 616 607 617 sock->backend_name = "ipv6"; … … 621 631 ret = bind(sock->fd, my_address->sockaddr, my_address->sockaddrlen); 622 632 if (ret == -1) { 623 return map_nt_error_from_unix (errno);633 return map_nt_error_from_unix_common(errno); 624 634 } 625 635 } else if (my_address) { … … 636 646 ret = bind(sock->fd, (struct sockaddr *)&my_addr, sizeof(my_addr)); 637 647 if (ret == -1) { 638 return map_nt_error_from_unix (errno);648 return map_nt_error_from_unix_common(errno); 639 649 } 640 650 } … … 659 669 } 660 670 if (ret == -1) { 661 return map_nt_error_from_unix (errno);671 return map_nt_error_from_unix_common(errno); 662 672 } 663 673 … … 665 675 } 666 676 677 /* 678 fix the sin6_scope_id based on the address interface 679 */ 680 static void fix_scope_id(struct sockaddr_in6 *in6, 681 const char *address) 682 { 683 const char *p = strchr(address, '%'); 684 if (p != NULL) { 685 in6->sin6_scope_id = if_nametoindex(p+1); 686 } 687 } 688 689 667 690 static NTSTATUS ipv6_listen(struct socket_context *sock, 668 669 691 const struct socket_address *my_address, 692 int queue_size, uint32_t flags) 670 693 { 671 694 struct sockaddr_in6 my_addr; … … 678 701 ret = bind(sock->fd, my_address->sockaddr, my_address->sockaddrlen); 679 702 } else { 703 int one = 1; 680 704 ip_addr = interpret_addr6(my_address->addr); 681 705 … … 684 708 my_addr.sin6_port = htons(my_address->port); 685 709 my_addr.sin6_family = PF_INET6; 686 687 ret = bind(sock->fd, (struct sockaddr *)&my_addr, sizeof(my_addr)); 710 fix_scope_id(&my_addr, my_address->addr); 711 712 /* when binding on ipv6 we always want to only bind on v6 */ 713 ret = setsockopt(sock->fd, IPPROTO_IPV6, IPV6_V6ONLY, 714 (const void *)&one, sizeof(one)); 715 if (ret != -1) { 716 ret = bind(sock->fd, (struct sockaddr *)&my_addr, sizeof(my_addr)); 717 } 688 718 } 689 719 690 720 if (ret == -1) { 691 return map_nt_error_from_unix (errno);721 return map_nt_error_from_unix_common(errno); 692 722 } 693 723 … … 695 725 ret = listen(sock->fd, queue_size); 696 726 if (ret == -1) { 697 return map_nt_error_from_unix (errno);727 return map_nt_error_from_unix_common(errno); 698 728 } 699 729 } … … 702 732 ret = set_blocking(sock->fd, false); 703 733 if (ret == -1) { 704 return map_nt_error_from_unix (errno);734 return map_nt_error_from_unix_common(errno); 705 735 } 706 736 } … … 723 753 new_fd = accept(sock->fd, (struct sockaddr *)&cli_addr, &cli_addr_len); 724 754 if (new_fd == -1) { 725 return map_nt_error_from_unix (errno);755 return map_nt_error_from_unix_common(errno); 726 756 } 727 757 … … 730 760 if (ret == -1) { 731 761 close(new_fd); 732 return map_nt_error_from_unix (errno);762 return map_nt_error_from_unix_common(errno); 733 763 } 734 764 } … … 794 824 } else if (gotlen == -1) { 795 825 talloc_free(src); 796 return map_nt_error_from_unix (errno);826 return map_nt_error_from_unix_common(errno); 797 827 } 798 828 … … 845 875 } 846 876 if (len == -1) { 847 return map_nt_error_from_unix (errno);877 return map_nt_error_from_unix_common(errno); 848 878 } 849 879 -
vendor/current/source4/lib/socket/socket_unix.c
r414 r988 26 26 #include "system/filesys.h" 27 27 28 _PUBLIC_ const struct socket_ops *socket_unixdom_ops(enum socket_type type); 28 29 29 30 … … 33 34 static NTSTATUS unixdom_error(int ernum) 34 35 { 35 return map_nt_error_from_unix (ernum);36 return map_nt_error_from_unix_common(ernum); 36 37 } 37 38 … … 53 54 sock->fd = socket(PF_UNIX, type, 0); 54 55 if (sock->fd == -1) { 55 return map_nt_error_from_unix (errno);56 return map_nt_error_from_unix_common(errno); 56 57 } 57 58 sock->private_data = NULL; 58 59 59 60 sock->backend_name = "unix"; 61 62 smb_set_close_on_exec(sock->fd); 60 63 61 64 return NT_STATUS_OK; … … 76 79 ret = getsockopt(sock->fd, SOL_SOCKET, SO_ERROR, &error, &len); 77 80 if (ret == -1) { 78 return map_nt_error_from_unix (errno);81 return map_nt_error_from_unix_common(errno); 79 82 } 80 83 if (error != 0) { 81 return map_nt_error_from_unix (error);84 return map_nt_error_from_unix_common(error); 82 85 } 83 86 … … 85 88 ret = set_blocking(sock->fd, false); 86 89 if (ret == -1) { 87 return map_nt_error_from_unix (errno);90 return map_nt_error_from_unix_common(errno); 88 91 } 89 92 } … … 111 114 ZERO_STRUCT(srv_addr); 112 115 srv_addr.sun_family = AF_UNIX; 113 s trncpy(srv_addr.sun_path, srv_address->addr, sizeof(srv_addr.sun_path));116 snprintf(srv_addr.sun_path, sizeof(srv_addr.sun_path), "%s", srv_address->addr); 114 117 115 118 ret = connect(sock->fd, (const struct sockaddr *)&srv_addr, sizeof(srv_addr)); … … 146 149 ZERO_STRUCT(my_addr); 147 150 my_addr.sun_family = AF_UNIX; 148 s trncpy(my_addr.sun_path, my_address->addr, sizeof(my_addr.sun_path));149 151 snprintf(my_addr.sun_path, sizeof(my_addr.sun_path), "%s", my_address->addr); 152 150 153 ret = bind(sock->fd, (struct sockaddr *)&my_addr, sizeof(my_addr)); 151 154 } … … 194 197 if (ret == -1) { 195 198 close(new_fd); 196 return map_nt_error_from_unix(errno); 197 } 198 } 199 return map_nt_error_from_unix_common(errno); 200 } 201 } 202 203 smb_set_close_on_exec(new_fd); 199 204 200 205 (*new_sock) = talloc(NULL, struct socket_context); … … 259 264 const struct socket_address *dest) 260 265 { 266 struct sockaddr_un srv_addr; 267 const struct sockaddr *sa; 268 socklen_t sa_len; 261 269 ssize_t len; 270 262 271 *sendlen = 0; 263 272 264 273 if (dest->sockaddr) { 265 len = sendto(sock->fd, blob->data, blob->length, 0,266 dest->sockaddr, dest->sockaddrlen);274 sa = dest->sockaddr; 275 sa_len = dest->sockaddrlen; 267 276 } else { 268 struct sockaddr_un srv_addr;269 270 277 if (strlen(dest->addr)+1 > sizeof(srv_addr.sun_path)) { 271 278 return NT_STATUS_OBJECT_PATH_INVALID; 272 279 } 273 280 274 281 ZERO_STRUCT(srv_addr); 275 282 srv_addr.sun_family = AF_UNIX; 276 strncpy(srv_addr.sun_path, dest->addr, sizeof(srv_addr.sun_path)); 277 278 len = sendto(sock->fd, blob->data, blob->length, 0, 279 (struct sockaddr *)&srv_addr, sizeof(srv_addr)); 280 } 283 snprintf(srv_addr.sun_path, sizeof(srv_addr.sun_path), "%s", 284 dest->addr); 285 sa = (struct sockaddr *) &srv_addr; 286 sa_len = sizeof(srv_addr); 287 } 288 289 len = sendto(sock->fd, blob->data, blob->length, 0, sa, sa_len); 290 291 /* retry once */ 292 if (len == -1 && errno == EMSGSIZE) { 293 /* round up in 1K increments */ 294 int bufsize = ((blob->length + 1023) & (~1023)); 295 if (setsockopt(sock->fd, SOL_SOCKET, SO_SNDBUF, &bufsize, 296 sizeof(bufsize)) == -1) 297 { 298 return map_nt_error_from_unix_common(EMSGSIZE); 299 } 300 len = sendto(sock->fd, blob->data, blob->length, 0, sa, sa_len); 301 } 302 281 303 if (len == -1) { 282 return map_nt_error_from_unix (errno);304 return map_nt_error_from_unix_common(errno); 283 305 } 284 306 … … 302 324 static struct socket_address *unixdom_get_peer_addr(struct socket_context *sock, TALLOC_CTX *mem_ctx) 303 325 { 304 struct sockaddr_ in *peer_addr;326 struct sockaddr_un *peer_addr; 305 327 socklen_t len = sizeof(*peer_addr); 306 328 struct socket_address *peer; … … 313 335 314 336 peer->family = sock->backend_name; 315 peer_addr = talloc(peer, struct sockaddr_ in);337 peer_addr = talloc(peer, struct sockaddr_un); 316 338 if (!peer_addr) { 317 339 talloc_free(peer); … … 341 363 static struct socket_address *unixdom_get_my_addr(struct socket_context *sock, TALLOC_CTX *mem_ctx) 342 364 { 343 struct sockaddr_ in *local_addr;365 struct sockaddr_un *local_addr; 344 366 socklen_t len = sizeof(*local_addr); 345 367 struct socket_address *local; … … 352 374 353 375 local->family = sock->backend_name; 354 local_addr = talloc(local, struct sockaddr_ in);376 local_addr = talloc(local, struct sockaddr_un); 355 377 if (!local_addr) { 356 378 talloc_free(local); … … 390 412 return NT_STATUS_OK; 391 413 } 392 return map_nt_error_from_unix (errno);414 return map_nt_error_from_unix_common(errno); 393 415 } 394 416 -
vendor/current/source4/lib/socket/testsuite.c
r740 r988 26 26 #include "lib/socket/netif.h" 27 27 #include "torture/torture.h" 28 #include "torture/local/proto.h" 28 29 #include "param/param.h" 29 30 #include "libcli/resolve/resolve.h" … … 43 44 struct interface *ifaces; 44 45 45 load_interface s(tctx, lpcfg_interfaces(tctx->lp_ctx), &ifaces);46 load_interface_list(tctx, tctx->lp_ctx, &ifaces); 46 47 47 48 status = socket_create("ip", SOCKET_TYPE_DGRAM, &sock1, 0); … … 54 55 55 56 localhost = socket_address_from_strings(sock1, sock1->backend_name, 56 iface_ best_ip(ifaces, "127.0.0.1"), 0);57 iface_list_best_ip(ifaces, "127.0.0.1"), 0); 57 58 58 59 torture_assert(tctx, localhost, "Localhost not found"); … … 63 64 srv_addr = socket_get_my_addr(sock1, mem_ctx); 64 65 torture_assert(tctx, srv_addr != NULL && 65 strcmp(srv_addr->addr, iface_ best_ip(ifaces, "127.0.0.1")) == 0,66 strcmp(srv_addr->addr, iface_list_best_ip(ifaces, "127.0.0.1")) == 0, 66 67 talloc_asprintf(tctx, 67 68 "Expected server address of %s but got %s", 68 iface_ best_ip(ifaces, "127.0.0.1"), srv_addr ? srv_addr->addr : NULL));69 iface_list_best_ip(ifaces, "127.0.0.1"), srv_addr ? srv_addr->addr : NULL)); 69 70 70 71 torture_comment(tctx, "server port is %d\n", srv_addr->port); … … 136 137 talloc_steal(mem_ctx, sock2); 137 138 138 load_interface s(tctx, lpcfg_interfaces(tctx->lp_ctx), &ifaces);139 load_interface_list(tctx, tctx->lp_ctx, &ifaces); 139 140 localhost = socket_address_from_strings(sock1, sock1->backend_name, 140 iface_ best_ip(ifaces, "127.0.0.1"), 0);141 iface_list_best_ip(ifaces, "127.0.0.1"), 0); 141 142 torture_assert(tctx, localhost, "Localhost not found"); 142 143 … … 148 149 "Unexpected socket_get_my_addr NULL\n"); 149 150 150 torture_assert_str_equal(tctx, srv_addr->addr, iface_ best_ip(ifaces, "127.0.0.1"),151 torture_assert_str_equal(tctx, srv_addr->addr, iface_list_best_ip(ifaces, "127.0.0.1"), 151 152 "Unexpected server address"); 152 153 -
vendor/current/source4/lib/socket/wscript_build
r740 r988 2 2 3 3 bld.SAMBA_LIBRARY('netif', 4 source='interface.c netif.c',5 autoproto='netif_proto.h',6 deps='samba-util',7 private_library=True8 )4 source='interface.c', 5 deps='samba-util interfaces samba-hostconfig', 6 private_library=True, 7 autoproto='netif_proto.h' 8 ) 9 9 10 10 bld.SAMBA_MODULE('socket_ip', 11 11 source='socket_ip.c', 12 12 subsystem='samba_socket', 13 deps=' errors',13 deps='samba-errors', 14 14 internal_module=True 15 15 ) … … 25 25 source='socket.c access.c connect_multi.c connect.c', 26 26 public_deps='talloc LIBTSOCKET', 27 deps=' LIBCLI_COMPOSITELIBCLI_RESOLVE socket_ip socket_unix'27 deps='cli_composite LIBCLI_RESOLVE socket_ip socket_unix' 28 28 ) 29 29 -
vendor/current/source4/lib/stream/packet.c
r740 r988 252 252 253 253 if (pc->processing) { 254 EVENT_FD_NOT_READABLE(pc->fde);254 TEVENT_FD_NOT_READABLE(pc->fde); 255 255 pc->processing++; 256 256 return; … … 259 259 if (pc->recv_disable) { 260 260 pc->recv_need_enable = true; 261 EVENT_FD_NOT_READABLE(pc->fde);261 TEVENT_FD_NOT_READABLE(pc->fde); 262 262 return; 263 263 } … … 425 425 if (pc->processing) { 426 426 if (pc->processing > 1) { 427 EVENT_FD_READABLE(pc->fde);427 TEVENT_FD_READABLE(pc->fde); 428 428 } 429 429 pc->processing = 0; … … 458 458 } 459 459 460 event_add_timed(pc->ev, pc, timeval_zero(), packet_next_event, pc);460 tevent_add_timer(pc->ev, pc, timeval_zero(), packet_next_event, pc); 461 461 } 462 462 … … 477 477 if (pc->recv_need_enable) { 478 478 pc->recv_need_enable = false; 479 EVENT_FD_READABLE(pc->fde);479 TEVENT_FD_READABLE(pc->fde); 480 480 } 481 481 pc->recv_disable = false; 482 482 if (pc->num_read != 0 && pc->packet_size >= pc->num_read) { 483 event_add_timed(pc->ev, pc, timeval_zero(), packet_next_event, pc);483 tevent_add_timer(pc->ev, pc, timeval_zero(), packet_next_event, pc); 484 484 } 485 485 } … … 524 524 /* we're out of requests to send, so don't wait for write 525 525 events any more */ 526 EVENT_FD_NOT_WRITEABLE(pc->fde);526 TEVENT_FD_NOT_WRITEABLE(pc->fde); 527 527 } 528 528 … … 542 542 NT_STATUS_HAVE_NO_MEMORY(el); 543 543 544 DLIST_ADD_END(pc->send_queue, el , struct send_element *);544 DLIST_ADD_END(pc->send_queue, el); 545 545 el->blob = blob; 546 546 el->nsent = 0; … … 562 562 } 563 563 564 EVENT_FD_WRITEABLE(pc->fde);564 TEVENT_FD_WRITEABLE(pc->fde); 565 565 566 566 return NT_STATUS_OK; … … 584 584 return STATUS_MORE_ENTRIES; 585 585 } 586 *size = 4 + smb_len(blob.data); 586 /* 587 * Note: that we use smb_len_tcp() instead 588 * of smb_len_nbt() as this function is not 589 * used for nbt and the source4 copy 590 * of smb_len() was smb_len_tcp() 591 */ 592 *size = 4 + smb_len_tcp(blob.data); 587 593 if (*size > blob.length) { 588 594 return STATUS_MORE_ENTRIES; … … 607 613 return NT_STATUS_OK; 608 614 } 615 616 _PUBLIC_ NTSTATUS packet_full_request_u16(void *private_data, DATA_BLOB blob, size_t *size) 617 { 618 if (blob.length < 2) { 619 return STATUS_MORE_ENTRIES; 620 } 621 *size = 2 + RSVAL(blob.data, 0); 622 if (*size > blob.length) { 623 return STATUS_MORE_ENTRIES; 624 } 625 return NT_STATUS_OK; 626 } -
vendor/current/source4/lib/stream/packet.h
r740 r988 62 62 NTSTATUS packet_full_request_nbt(void *private_data, DATA_BLOB blob, size_t *size); 63 63 NTSTATUS packet_full_request_u32(void *private_data, DATA_BLOB blob, size_t *size); 64 NTSTATUS packet_full_request_u16(void *private_data, DATA_BLOB blob, size_t *size); 64 65 65 66 -
vendor/current/source4/lib/tls/tls.c
r740 r988 1 /* 1 /* 2 2 Unix SMB/CIFS implementation. 3 3 … … 7 7 Copyright (C) Stefan Metzmacher 2004 8 8 Copyright (C) Andrew Bartlett 2006 9 9 10 10 This program is free software; you can redistribute it and/or modify 11 11 it under the terms of the GNU General Public License as published by 12 12 the Free Software Foundation; either version 3 of the License, or 13 13 (at your option) any later version. 14 14 15 15 This program is distributed in the hope that it will be useful, 16 16 but WITHOUT ANY WARRANTY; without even the implied warranty of 17 17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 18 GNU General Public License for more details. 19 19 20 20 You should have received a copy of the GNU General Public License 21 21 along with this program. If not, see <http://www.gnu.org/licenses/>. … … 23 23 24 24 #include "includes.h" 25 #include "system/filesys.h" 25 26 #include "lib/events/events.h" 26 27 #include "lib/socket/socket.h" … … 29 30 30 31 #if ENABLE_GNUTLS 31 #include "gnutls/gnutls.h"32 33 #define DH_BITS 102432 #include <gnutls/gnutls.h> 33 34 #define DH_BITS 2048 34 35 35 36 #if defined(HAVE_GNUTLS_DATUM) && !defined(HAVE_GNUTLS_DATUM_T) … … 42 43 gnutls_dh_params dh_params; 43 44 bool tls_enabled; 45 const char *tls_priority; 44 46 }; 45 47 #endif … … 115 117 NTSTATUS status; 116 118 size_t nread; 117 119 118 120 if (tls->have_first_byte) { 119 121 *(uint8_t *)buf = tls->first_byte; … … 127 129 } 128 130 if (NT_STATUS_IS_ERR(status)) { 129 EVENT_FD_NOT_READABLE(tls->fde);130 EVENT_FD_NOT_WRITEABLE(tls->fde);131 TEVENT_FD_NOT_READABLE(tls->fde); 132 TEVENT_FD_NOT_WRITEABLE(tls->fde); 131 133 errno = EBADF; 132 134 return -1; 133 135 } 134 136 if (!NT_STATUS_IS_OK(status)) { 135 EVENT_FD_READABLE(tls->fde);137 TEVENT_FD_READABLE(tls->fde); 136 138 errno = EAGAIN; 137 139 return -1; 138 140 } 139 141 if (tls->output_pending) { 140 EVENT_FD_WRITEABLE(tls->fde);142 TEVENT_FD_WRITEABLE(tls->fde); 141 143 } 142 144 if (size != nread) { 143 EVENT_FD_READABLE(tls->fde);145 TEVENT_FD_READABLE(tls->fde); 144 146 } 145 147 return nread; … … 153 155 struct tls_context *tls = talloc_get_type(ptr, struct tls_context); 154 156 NTSTATUS status; 155 size_t nwritten ;157 size_t nwritten, total_nwritten = 0; 156 158 DATA_BLOB b; 157 159 … … 163 165 b.length = size; 164 166 165 status = socket_send(tls->socket, &b, &nwritten); 166 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) { 167 errno = EAGAIN; 168 return -1; 169 } 170 if (!NT_STATUS_IS_OK(status)) { 171 EVENT_FD_WRITEABLE(tls->fde); 172 return -1; 173 } 174 if (size != nwritten) { 175 EVENT_FD_WRITEABLE(tls->fde); 176 } 177 return nwritten; 167 /* Cope with socket_wrapper 1500 byte chunking for PCAP */ 168 do { 169 status = socket_send(tls->socket, &b, &nwritten); 170 171 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) { 172 errno = EAGAIN; 173 return -1; 174 } 175 if (!NT_STATUS_IS_OK(status)) { 176 TEVENT_FD_WRITEABLE(tls->fde); 177 return -1; 178 } 179 180 total_nwritten += nwritten; 181 182 if (size == nwritten) { 183 break; 184 } 185 186 b.data += nwritten; 187 b.length -= nwritten; 188 189 TEVENT_FD_WRITEABLE(tls->fde); 190 } while (b.length); 191 192 return total_nwritten; 178 193 } 179 194 … … 202 217 return NT_STATUS_OK; 203 218 } 204 219 205 220 ret = gnutls_handshake(tls->session); 206 221 if (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN) { 207 222 if (gnutls_record_get_direction(tls->session) == 1) { 208 EVENT_FD_WRITEABLE(tls->fde);223 TEVENT_FD_WRITEABLE(tls->fde); 209 224 } 210 225 return STATUS_MORE_ENTRIES; … … 264 279 receive data either by tls or normal socket_recv 265 280 */ 266 static NTSTATUS tls_socket_recv(struct socket_context *sock, void *buf, 281 static NTSTATUS tls_socket_recv(struct socket_context *sock, void *buf, 267 282 size_t wantlen, size_t *nread) 268 283 { … … 299 314 if (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN) { 300 315 if (gnutls_record_get_direction(tls->session) == 1) { 301 EVENT_FD_WRITEABLE(tls->fde);316 TEVENT_FD_WRITEABLE(tls->fde); 302 317 } 303 318 tls->interrupted = true; … … 315 330 send data either by tls or normal socket_recv 316 331 */ 317 static NTSTATUS tls_socket_send(struct socket_context *sock, 332 static NTSTATUS tls_socket_send(struct socket_context *sock, 318 333 const DATA_BLOB *blob, size_t *sendlen) 319 334 { … … 335 350 if (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN) { 336 351 if (gnutls_record_get_direction(tls->session) == 1) { 337 EVENT_FD_WRITEABLE(tls->fde);352 TEVENT_FD_WRITEABLE(tls->fde); 338 353 } 339 354 tls->interrupted = true; … … 357 372 struct tls_params *params; 358 373 int ret; 374 struct stat st; 359 375 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); 360 376 const char *keyfile = lpcfg_tls_keyfile(tmp_ctx, lp_ctx); … … 376 392 } 377 393 394 params->tls_priority = lpcfg_tls_priority(lp_ctx); 395 378 396 if (!file_exist(cafile)) { 379 397 char *hostname = talloc_asprintf(mem_ctx, "%s.%s", … … 381 399 lpcfg_dnsdomain(lp_ctx)); 382 400 if (hostname == NULL) { 401 ret = GNUTLS_E_MEMORY_ERROR; 383 402 goto init_failed; 384 403 } … … 387 406 } 388 407 408 if (file_exist(keyfile) && 409 !file_check_permissions(keyfile, geteuid(), 0600, &st)) 410 { 411 DEBUG(0, ("Invalid permissions on TLS private key file '%s':\n" 412 "owner uid %u should be %u, mode 0%o should be 0%o\n" 413 "This is known as CVE-2013-4476.\n" 414 "Removing all tls .pem files will cause an " 415 "auto-regeneration with the correct permissions.\n", 416 keyfile, 417 (unsigned int)st.st_uid, geteuid(), 418 (unsigned int)(st.st_mode & 0777), 0600)); 419 talloc_free(tmp_ctx); 420 return NULL; 421 } 422 389 423 ret = gnutls_global_init(); 390 424 if (ret < 0) goto init_failed; … … 394 428 395 429 if (cafile && *cafile) { 396 ret = gnutls_certificate_set_x509_trust_file(params->x509_cred, cafile, 397 GNUTLS_X509_FMT_PEM); 430 ret = gnutls_certificate_set_x509_trust_file(params->x509_cred, cafile, 431 GNUTLS_X509_FMT_PEM); 398 432 if (ret < 0) { 399 433 DEBUG(0,("TLS failed to initialise cafile %s\n", cafile)); … … 403 437 404 438 if (crlfile && *crlfile) { 405 ret = gnutls_certificate_set_x509_crl_file(params->x509_cred, 406 crlfile, 439 ret = gnutls_certificate_set_x509_crl_file(params->x509_cred, 440 crlfile, 407 441 GNUTLS_X509_FMT_PEM); 408 442 if (ret < 0) { … … 411 445 } 412 446 } 413 414 ret = gnutls_certificate_set_x509_key_file(params->x509_cred, 447 448 ret = gnutls_certificate_set_x509_key_file(params->x509_cred, 415 449 certfile, keyfile, 416 450 GNUTLS_X509_FMT_PEM); 417 451 if (ret < 0) { 418 DEBUG(0,("TLS failed to initialise certfile %s and keyfile %s\n", 452 DEBUG(0,("TLS failed to initialise certfile %s and keyfile %s\n", 419 453 certfile, keyfile)); 420 454 goto init_failed; 421 455 } 422 423 456 424 457 ret = gnutls_dh_params_init(¶ms->dh_params); 425 458 if (ret < 0) goto init_failed; … … 435 468 } 436 469 dhparms.size = size; 437 470 438 471 ret = gnutls_dh_params_import_pkcs3(params->dh_params, &dhparms, GNUTLS_X509_FMT_PEM); 439 472 if (ret < 0) goto init_failed; … … 442 475 if (ret < 0) goto init_failed; 443 476 } 444 477 445 478 gnutls_certificate_set_dh_params(params->x509_cred, params->dh_params); 446 479 … … 461 494 setup for a new connection 462 495 */ 463 struct socket_context *tls_init_server(struct tls_params *params, 496 struct socket_context *tls_init_server(struct tls_params *params, 464 497 struct socket_context *socket_ctx, 465 struct tevent_fd *fde, 498 struct tevent_fd *fde, 466 499 const char *plain_chars) 467 500 { … … 470 503 struct socket_context *new_sock; 471 504 NTSTATUS nt_status; 472 473 nt_status = socket_create_with_ops(socket_ctx, &tls_socket_ops, &new_sock, 474 SOCKET_TYPE_STREAM, 505 const char *error_pos; 506 507 nt_status = socket_create_with_ops(socket_ctx, &tls_socket_ops, &new_sock, 508 SOCKET_TYPE_STREAM, 475 509 socket_ctx->flags | SOCKET_FLAG_ENCRYPT); 476 510 if (!NT_STATUS_IS_OK(nt_status)) { … … 498 532 talloc_set_destructor(tls, tls_destructor); 499 533 500 TLSCHECK(gnutls_set_default_priority(tls->session)); 501 TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, 534 ret = gnutls_priority_set_direct(tls->session, 535 params->tls_priority, 536 &error_pos); 537 if (ret != GNUTLS_E_SUCCESS) { 538 DEBUG(0,("TLS %s - %s. Check 'tls priority' option at '%s'\n", 539 __location__, gnutls_strerror(ret), error_pos)); 540 talloc_free(new_sock); 541 return NULL; 542 } 543 544 TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, 502 545 params->x509_cred)); 503 546 gnutls_certificate_server_set_request(tls->session, GNUTLS_CERT_REQUEST); … … 506 549 gnutls_transport_set_pull_function(tls->session, (gnutls_pull_func)tls_pull); 507 550 gnutls_transport_set_push_function(tls->session, (gnutls_push_func)tls_push); 551 #if GNUTLS_VERSION_MAJOR < 3 508 552 gnutls_transport_set_lowat(tls->session, 0); 553 #endif 509 554 510 555 tls->plain_chars = plain_chars; … … 520 565 tls->tls_enabled = true; 521 566 tls->interrupted = false; 522 567 523 568 new_sock->state = SOCKET_STATE_SERVER_CONNECTED; 524 569 … … 531 576 } 532 577 533 534 /*535 setup for a new client connection536 */537 struct socket_context *tls_init_client(struct socket_context *socket_ctx,538 struct tevent_fd *fde,539 const char *ca_path)540 {541 struct tls_context *tls;542 int ret = 0;543 const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };544 struct socket_context *new_sock;545 NTSTATUS nt_status;546 547 nt_status = socket_create_with_ops(socket_ctx, &tls_socket_ops, &new_sock,548 SOCKET_TYPE_STREAM,549 socket_ctx->flags | SOCKET_FLAG_ENCRYPT);550 if (!NT_STATUS_IS_OK(nt_status)) {551 return NULL;552 }553 554 tls = talloc(new_sock, struct tls_context);555 if (tls == NULL) return NULL;556 557 tls->socket = socket_ctx;558 talloc_steal(tls, socket_ctx);559 tls->fde = fde;560 561 new_sock->private_data = tls;562 563 gnutls_global_init();564 565 gnutls_certificate_allocate_credentials(&tls->xcred);566 gnutls_certificate_set_x509_trust_file(tls->xcred, ca_path, GNUTLS_X509_FMT_PEM);567 TLSCHECK(gnutls_init(&tls->session, GNUTLS_CLIENT));568 TLSCHECK(gnutls_set_default_priority(tls->session));569 gnutls_certificate_type_set_priority(tls->session, cert_type_priority);570 TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred));571 572 talloc_set_destructor(tls, tls_destructor);573 574 gnutls_transport_set_ptr(tls->session, (gnutls_transport_ptr)tls);575 gnutls_transport_set_pull_function(tls->session, (gnutls_pull_func)tls_pull);576 gnutls_transport_set_push_function(tls->session, (gnutls_push_func)tls_push);577 gnutls_transport_set_lowat(tls->session, 0);578 tls->tls_detect = false;579 580 tls->output_pending = false;581 tls->done_handshake = false;582 tls->have_first_byte = false;583 tls->tls_enabled = true;584 tls->interrupted = false;585 586 new_sock->state = SOCKET_STATE_CLIENT_CONNECTED;587 588 return new_sock;589 590 failed:591 DEBUG(0,("TLS init connection failed - %s\n", gnutls_strerror(ret)));592 tls->tls_enabled = false;593 return new_sock;594 }595 578 596 579 static NTSTATUS tls_socket_set_option(struct socket_context *sock, const char *option, const char *val) … … 639 622 }; 640 623 641 bool tls_support(struct tls_params *params)642 {643 return params->tls_enabled;644 }645 646 624 #else 647 625 … … 657 635 setup for a new connection 658 636 */ 659 struct socket_context *tls_init_server(struct tls_params *params, 637 struct socket_context *tls_init_server(struct tls_params *params, 660 638 struct socket_context *socket, 661 struct tevent_fd *fde, 639 struct tevent_fd *fde, 662 640 const char *plain_chars) 663 641 { … … 666 644 667 645 668 /*669 setup for a new client connection670 */671 struct socket_context *tls_init_client(struct socket_context *socket,672 struct tevent_fd *fde,673 const char *ca_path)674 {675 return NULL;676 }677 678 bool tls_support(struct tls_params *params)679 {680 return false;681 }682 683 646 #endif 684 647 -
vendor/current/source4/lib/tls/tls.h
r740 r988 46 46 const char *plain_chars); 47 47 48 /* 49 call tls_init_client() on each new client connection 50 */ 51 struct socket_context *tls_init_client(struct socket_context *sock, 52 struct tevent_fd *fde, 53 const char *cafile); 48 void tls_cert_generate(TALLOC_CTX *mem_ctx, 49 const char *hostname, 50 const char *keyfile, const char *certfile, 51 const char *cafile); 54 52 55 53 /* … … 59 57 60 58 61 /*62 true if tls support is compiled in63 */64 bool tls_support(struct tls_params *parms);65 66 59 const struct socket_ops *socket_tls_ops(enum socket_type type); 67 60 … … 69 62 struct tstream_tls_params; 70 63 64 enum tls_verify_peer_state { 65 TLS_VERIFY_PEER_NO_CHECK = 0, 66 #define TLS_VERIFY_PEER_NO_CHECK_STRING "no_check" 67 68 TLS_VERIFY_PEER_CA_ONLY = 10, 69 #define TLS_VERIFY_PEER_CA_ONLY_STRING "ca_only" 70 71 TLS_VERIFY_PEER_CA_AND_NAME_IF_AVAILABLE = 20, 72 #define TLS_VERIFY_PEER_CA_AND_NAME_IF_AVAILABLE_STRING \ 73 "ca_and_name_if_available" 74 75 TLS_VERIFY_PEER_CA_AND_NAME = 30, 76 #define TLS_VERIFY_PEER_CA_AND_NAME_STRING "ca_and_name" 77 78 TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE = 9999, 79 #define TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE_STRING \ 80 "as_strict_as_possible" 81 }; 82 83 const char *tls_verify_peer_string(enum tls_verify_peer_state verify_peer); 84 71 85 NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx, 72 86 const char *ca_file, 73 87 const char *crl_file, 88 const char *tls_priority, 89 enum tls_verify_peer_state verify_peer, 90 const char *peer_name, 74 91 struct tstream_tls_params **_tlsp); 75 92 … … 82 99 const char *crl_file, 83 100 const char *dhp_file, 101 const char *tls_priority, 84 102 struct tstream_tls_params **_params); 85 103 … … 91 109 struct tstream_tls_params *tls_params, 92 110 const char *location); 93 #define tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params) ;\111 #define tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params) \ 94 112 _tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params, __location__) 95 113 -
vendor/current/source4/lib/tls/tls_tstream.c
r740 r988 20 20 #include "includes.h" 21 21 #include "system/network.h" 22 #include "system/filesys.h" 23 #include "system/time.h" 22 24 #include "../util/tevent_unix.h" 23 25 #include "../lib/tsocket/tsocket.h" 24 26 #include "../lib/tsocket/tsocket_internal.h" 27 #include "../lib/util/util_net.h" 25 28 #include "lib/tls/tls.h" 26 29 27 30 #if ENABLE_GNUTLS 28 #include "gnutls/gnutls.h" 29 30 #define DH_BITS 1024 31 #include <gnutls/gnutls.h> 32 #include <gnutls/x509.h> 33 34 #define DH_BITS 2048 31 35 32 36 #if defined(HAVE_GNUTLS_DATUM) && !defined(HAVE_GNUTLS_DATUM_T) … … 34 38 #endif 35 39 40 /* 41 * define our own values in a high range 42 */ 43 #ifndef HAVE_DECL_GNUTLS_CERT_EXPIRED 44 #define GNUTLS_CERT_EXPIRED 0x10000000 45 #define REQUIRE_CERT_TIME_CHECKS 1 46 #endif 47 #ifndef HAVE_DECL_GNUTLS_CERT_NOT_ACTIVATED 48 #define GNUTLS_CERT_NOT_ACTIVATED 0x20000000 49 #ifndef REQUIRE_CERT_TIME_CHECKS 50 #define REQUIRE_CERT_TIME_CHECKS 1 51 #endif 52 #endif 53 #ifndef HAVE_DECL_GNUTLS_CERT_UNEXPECTED_OWNER 54 #define GNUTLS_CERT_UNEXPECTED_OWNER 0x40000000 55 #endif 56 36 57 #endif /* ENABLE_GNUTLS */ 58 59 const char *tls_verify_peer_string(enum tls_verify_peer_state verify_peer) 60 { 61 switch (verify_peer) { 62 case TLS_VERIFY_PEER_NO_CHECK: 63 return TLS_VERIFY_PEER_NO_CHECK_STRING; 64 65 case TLS_VERIFY_PEER_CA_ONLY: 66 return TLS_VERIFY_PEER_CA_ONLY_STRING; 67 68 case TLS_VERIFY_PEER_CA_AND_NAME_IF_AVAILABLE: 69 return TLS_VERIFY_PEER_CA_AND_NAME_IF_AVAILABLE_STRING; 70 71 case TLS_VERIFY_PEER_CA_AND_NAME: 72 return TLS_VERIFY_PEER_CA_AND_NAME_STRING; 73 74 case TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE: 75 return TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE_STRING; 76 } 77 78 return "unknown tls_verify_peer_state"; 79 } 37 80 38 81 static const struct tstream_context_ops tstream_tls_ops; … … 45 88 gnutls_session tls_session; 46 89 #endif /* ENABLE_GNUTLS */ 90 91 enum tls_verify_peer_state verify_peer; 92 const char *peer_name; 47 93 48 94 struct tevent_context *current_ev; … … 868 914 gnutls_certificate_credentials x509_cred; 869 915 gnutls_dh_params dh_params; 916 const char *tls_priority; 870 917 #endif /* ENABLE_GNUTLS */ 871 918 bool tls_enabled; 919 enum tls_verify_peer_state verify_peer; 920 const char *peer_name; 872 921 }; 873 922 … … 895 944 const char *ca_file, 896 945 const char *crl_file, 946 const char *tls_priority, 947 enum tls_verify_peer_state verify_peer, 948 const char *peer_name, 897 949 struct tstream_tls_params **_tlsp) 898 950 { … … 911 963 912 964 talloc_set_destructor(tlsp, tstream_tls_params_destructor); 965 966 tlsp->verify_peer = verify_peer; 967 if (peer_name != NULL) { 968 tlsp->peer_name = talloc_strdup(tlsp, peer_name); 969 if (tlsp->peer_name == NULL) { 970 talloc_free(tlsp); 971 return NT_STATUS_NO_MEMORY; 972 } 973 } else if (tlsp->verify_peer >= TLS_VERIFY_PEER_CA_AND_NAME) { 974 DEBUG(0,("TLS failed to missing peer_name - " 975 "with 'tls verify peer = %s'\n", 976 tls_verify_peer_string(tlsp->verify_peer))); 977 talloc_free(tlsp); 978 return NT_STATUS_INVALID_PARAMETER_MIX; 979 } 913 980 914 981 ret = gnutls_certificate_allocate_credentials(&tlsp->x509_cred); … … 919 986 } 920 987 921 if (ca_file && *ca_file ) {988 if (ca_file && *ca_file && file_exist(ca_file)) { 922 989 ret = gnutls_certificate_set_x509_trust_file(tlsp->x509_cred, 923 990 ca_file, … … 929 996 return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; 930 997 } 931 } 932 933 if (crl_file && *crl_file) { 998 } else if (tlsp->verify_peer >= TLS_VERIFY_PEER_CA_ONLY) { 999 DEBUG(0,("TLS failed to missing cafile %s - " 1000 "with 'tls verify peer = %s'\n", 1001 ca_file, 1002 tls_verify_peer_string(tlsp->verify_peer))); 1003 talloc_free(tlsp); 1004 return NT_STATUS_INVALID_PARAMETER_MIX; 1005 } 1006 1007 if (crl_file && *crl_file && file_exist(crl_file)) { 934 1008 ret = gnutls_certificate_set_x509_crl_file(tlsp->x509_cred, 935 1009 crl_file, … … 941 1015 return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; 942 1016 } 1017 } else if (tlsp->verify_peer >= TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE) { 1018 DEBUG(0,("TLS failed to missing crlfile %s - " 1019 "with 'tls verify peer = %s'\n", 1020 crl_file, 1021 tls_verify_peer_string(tlsp->verify_peer))); 1022 talloc_free(tlsp); 1023 return NT_STATUS_INVALID_PARAMETER_MIX; 1024 } 1025 1026 tlsp->tls_priority = talloc_strdup(tlsp, tls_priority); 1027 if (tlsp->tls_priority == NULL) { 1028 talloc_free(tlsp); 1029 return NT_STATUS_NO_MEMORY; 943 1030 } 944 1031 … … 964 1051 struct tevent_req *req; 965 1052 struct tstream_tls_connect_state *state; 1053 const char *error_pos; 966 1054 #if ENABLE_GNUTLS 967 1055 struct tstream_tls *tlss; 968 1056 int ret; 969 static const int cert_type_priority[] = {970 GNUTLS_CRT_X509,971 GNUTLS_CRT_OPENPGP,972 0973 };974 1057 #endif /* ENABLE_GNUTLS */ 975 1058 … … 993 1076 994 1077 tlss->plain_stream = plain_stream; 1078 tlss->verify_peer = tls_params->verify_peer; 1079 if (tls_params->peer_name != NULL) { 1080 tlss->peer_name = talloc_strdup(tlss, tls_params->peer_name); 1081 if (tevent_req_nomem(tlss->peer_name, req)) { 1082 return tevent_req_post(req, ev); 1083 } 1084 } 995 1085 996 1086 tlss->current_ev = ev; … … 1007 1097 } 1008 1098 1009 ret = gnutls_set_default_priority(tlss->tls_session); 1099 ret = gnutls_priority_set_direct(tlss->tls_session, 1100 tls_params->tls_priority, 1101 &error_pos); 1010 1102 if (ret != GNUTLS_E_SUCCESS) { 1011 DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret))); 1103 DEBUG(0,("TLS %s - %s. Check 'tls priority' option at '%s'\n", 1104 __location__, gnutls_strerror(ret), error_pos)); 1012 1105 tevent_req_error(req, EINVAL); 1013 1106 return tevent_req_post(req, ev); 1014 1107 } 1015 1016 gnutls_certificate_type_set_priority(tlss->tls_session, cert_type_priority);1017 1108 1018 1109 ret = gnutls_credentials_set(tlss->tls_session, … … 1030 1121 gnutls_transport_set_push_function(tlss->tls_session, 1031 1122 (gnutls_push_func)tstream_tls_push_function); 1123 #if GNUTLS_VERSION_MAJOR < 3 1032 1124 gnutls_transport_set_lowat(tlss->tls_session, 0); 1125 #endif 1033 1126 1034 1127 tlss->handshake.req = req; … … 1063 1156 return 0; 1064 1157 } 1065 1066 extern void tls_cert_generate(TALLOC_CTX *, const char *, const char *, const char *, const char *);1067 1158 1068 1159 /* … … 1077 1168 const char *crl_file, 1078 1169 const char *dhp_file, 1170 const char *tls_priority, 1079 1171 struct tstream_tls_params **_tlsp) 1080 1172 { … … 1082 1174 #if ENABLE_GNUTLS 1083 1175 int ret; 1176 struct stat st; 1084 1177 1085 1178 if (!enabled || key_file == NULL || *key_file == 0) { … … 1107 1200 tls_cert_generate(tlsp, dns_host_name, 1108 1201 key_file, cert_file, ca_file); 1202 } 1203 1204 if (file_exist(key_file) && 1205 !file_check_permissions(key_file, geteuid(), 0600, &st)) 1206 { 1207 DEBUG(0, ("Invalid permissions on TLS private key file '%s':\n" 1208 "owner uid %u should be %u, mode 0%o should be 0%o\n" 1209 "This is known as CVE-2013-4476.\n" 1210 "Removing all tls .pem files will cause an " 1211 "auto-regeneration with the correct permissions.\n", 1212 key_file, 1213 (unsigned int)st.st_uid, geteuid(), 1214 (unsigned int)(st.st_mode & 0777), 0600)); 1215 return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; 1109 1216 } 1110 1217 … … 1192 1299 gnutls_certificate_set_dh_params(tlsp->x509_cred, tlsp->dh_params); 1193 1300 1301 tlsp->tls_priority = talloc_strdup(tlsp, tls_priority); 1302 if (tlsp->tls_priority == NULL) { 1303 talloc_free(tlsp); 1304 return NT_STATUS_NO_MEMORY; 1305 } 1306 1194 1307 tlsp->tls_enabled = true; 1195 1308 … … 1218 1331 struct tstream_tls_accept_state *state; 1219 1332 struct tstream_tls *tlss; 1333 const char *error_pos; 1220 1334 #if ENABLE_GNUTLS 1221 1335 int ret; … … 1255 1369 } 1256 1370 1257 ret = gnutls_set_default_priority(tlss->tls_session); 1371 ret = gnutls_priority_set_direct(tlss->tls_session, 1372 tlsp->tls_priority, 1373 &error_pos); 1258 1374 if (ret != GNUTLS_E_SUCCESS) { 1259 DEBUG(0,("TLS %s - %s\n", __location__, gnutls_strerror(ret))); 1375 DEBUG(0,("TLS %s - %s. Check 'tls priority' option at '%s'\n", 1376 __location__, gnutls_strerror(ret), error_pos)); 1260 1377 tevent_req_error(req, EINVAL); 1261 1378 return tevent_req_post(req, ev); … … 1279 1396 gnutls_transport_set_push_function(tlss->tls_session, 1280 1397 (gnutls_push_func)tstream_tls_push_function); 1398 #if GNUTLS_VERSION_MAJOR < 3 1281 1399 gnutls_transport_set_lowat(tlss->tls_session, 0); 1400 #endif 1282 1401 1283 1402 tlss->handshake.req = req; … … 1329 1448 } 1330 1449 1450 if (tlss->verify_peer >= TLS_VERIFY_PEER_CA_ONLY) { 1451 unsigned int status = UINT32_MAX; 1452 bool ip = true; 1453 const char *hostname = NULL; 1454 #ifndef HAVE_GNUTLS_CERTIFICATE_VERIFY_PEERS3 1455 bool need_crt_checks = false; 1456 #endif 1457 1458 if (tlss->peer_name != NULL) { 1459 ip = is_ipaddress(tlss->peer_name); 1460 } 1461 1462 if (!ip) { 1463 hostname = tlss->peer_name; 1464 } 1465 1466 if (tlss->verify_peer == TLS_VERIFY_PEER_CA_ONLY) { 1467 hostname = NULL; 1468 } 1469 1470 if (tlss->verify_peer >= TLS_VERIFY_PEER_CA_AND_NAME) { 1471 if (hostname == NULL) { 1472 DEBUG(1,("TLS %s - no hostname available for " 1473 "verify_peer[%s] and peer_name[%s]\n", 1474 __location__, 1475 tls_verify_peer_string(tlss->verify_peer), 1476 tlss->peer_name)); 1477 tlss->error = EINVAL; 1478 tevent_req_error(req, tlss->error); 1479 return; 1480 } 1481 } 1482 1483 #ifdef HAVE_GNUTLS_CERTIFICATE_VERIFY_PEERS3 1484 ret = gnutls_certificate_verify_peers3(tlss->tls_session, 1485 hostname, 1486 &status); 1487 if (ret != GNUTLS_E_SUCCESS) { 1488 DEBUG(1,("TLS %s - %s\n", __location__, gnutls_strerror(ret))); 1489 tlss->error = EIO; 1490 tevent_req_error(req, tlss->error); 1491 return; 1492 } 1493 #else /* not HAVE_GNUTLS_CERTIFICATE_VERIFY_PEERS3 */ 1494 ret = gnutls_certificate_verify_peers2(tlss->tls_session, &status); 1495 if (ret != GNUTLS_E_SUCCESS) { 1496 DEBUG(1,("TLS %s - %s\n", __location__, gnutls_strerror(ret))); 1497 tlss->error = EIO; 1498 tevent_req_error(req, tlss->error); 1499 return; 1500 } 1501 1502 if (status == 0) { 1503 if (hostname != NULL) { 1504 need_crt_checks = true; 1505 } 1506 #ifdef REQUIRE_CERT_TIME_CHECKS 1507 need_crt_checks = true; 1508 #endif 1509 } 1510 1511 if (need_crt_checks) { 1512 gnutls_x509_crt crt; 1513 const gnutls_datum *cert_list; 1514 unsigned int cert_list_size = 0; 1515 #ifdef REQUIRE_CERT_TIME_CHECKS 1516 time_t now = time(NULL); 1517 time_t tret = -1; 1518 #endif 1519 1520 cert_list = gnutls_certificate_get_peers(tlss->tls_session, 1521 &cert_list_size); 1522 if (cert_list == NULL) { 1523 cert_list_size = 0; 1524 } 1525 if (cert_list_size == 0) { 1526 DEBUG(1,("TLS %s - cert_list_size == 0\n", 1527 __location__)); 1528 tlss->error = EIO; 1529 tevent_req_error(req, tlss->error); 1530 return; 1531 } 1532 1533 ret = gnutls_x509_crt_init(&crt); 1534 if (ret != GNUTLS_E_SUCCESS) { 1535 DEBUG(1,("TLS %s - %s\n", __location__, 1536 gnutls_strerror(ret))); 1537 tlss->error = EIO; 1538 tevent_req_error(req, tlss->error); 1539 return; 1540 } 1541 ret = gnutls_x509_crt_import(crt, 1542 &cert_list[0], 1543 GNUTLS_X509_FMT_DER); 1544 if (ret != GNUTLS_E_SUCCESS) { 1545 DEBUG(1,("TLS %s - %s\n", __location__, 1546 gnutls_strerror(ret))); 1547 gnutls_x509_crt_deinit(crt); 1548 tlss->error = EIO; 1549 tevent_req_error(req, tlss->error); 1550 return; 1551 } 1552 1553 if (hostname != NULL) { 1554 ret = gnutls_x509_crt_check_hostname(crt, 1555 hostname); 1556 if (ret == 0) { 1557 status |= GNUTLS_CERT_INVALID; 1558 status |= GNUTLS_CERT_UNEXPECTED_OWNER; 1559 } 1560 } 1561 1562 #ifndef HAVE_DECL_GNUTLS_CERT_NOT_ACTIVATED 1563 /* 1564 * GNUTLS_CERT_NOT_ACTIVATED is defined by ourself 1565 */ 1566 tret = gnutls_x509_crt_get_activation_time(crt); 1567 if ((tret == -1) || (now > tret)) { 1568 status |= GNUTLS_CERT_INVALID; 1569 status |= GNUTLS_CERT_NOT_ACTIVATED; 1570 } 1571 #endif 1572 #ifndef HAVE_DECL_GNUTLS_CERT_EXPIRED 1573 /* 1574 * GNUTLS_CERT_EXPIRED is defined by ourself 1575 */ 1576 tret = gnutls_certificate_expiration_time_peers(tlss->tls_session); 1577 if ((tret == -1) || (now > tret)) { 1578 status |= GNUTLS_CERT_INVALID; 1579 status |= GNUTLS_CERT_EXPIRED; 1580 } 1581 #endif 1582 gnutls_x509_crt_deinit(crt); 1583 } 1584 #endif 1585 1586 if (status != 0) { 1587 DEBUG(1,("TLS %s - check failed for " 1588 "verify_peer[%s] and peer_name[%s] " 1589 "status 0x%x (%s%s%s%s%s%s%s%s)\n", 1590 __location__, 1591 tls_verify_peer_string(tlss->verify_peer), 1592 tlss->peer_name, 1593 status, 1594 status & GNUTLS_CERT_INVALID ? "invalid " : "", 1595 status & GNUTLS_CERT_REVOKED ? "revoked " : "", 1596 status & GNUTLS_CERT_SIGNER_NOT_FOUND ? 1597 "signer_not_found " : "", 1598 status & GNUTLS_CERT_SIGNER_NOT_CA ? 1599 "signer_not_ca " : "", 1600 status & GNUTLS_CERT_INSECURE_ALGORITHM ? 1601 "insecure_algorithm " : "", 1602 status & GNUTLS_CERT_NOT_ACTIVATED ? 1603 "not_activated " : "", 1604 status & GNUTLS_CERT_EXPIRED ? 1605 "expired " : "", 1606 status & GNUTLS_CERT_UNEXPECTED_OWNER ? 1607 "unexptected_owner " : "")); 1608 tlss->error = EINVAL; 1609 tevent_req_error(req, tlss->error); 1610 return; 1611 } 1612 } 1613 1331 1614 tevent_req_done(req); 1332 1615 #else /* ENABLE_GNUTLS */ -
vendor/current/source4/lib/tls/tlscert.c
r740 r988 21 21 22 22 #include "includes.h" 23 #include "lib/tls/tls.h" 23 24 24 25 #if ENABLE_GNUTLS 25 #include "gnutls/gnutls.h"26 #include "gnutls/x509.h"27 #if HAVE_GCRYPT_H26 #include <gnutls/gnutls.h> 27 #include <gnutls/x509.h> 28 #if defined(HAVE_GCRYPT_H) && !defined(HAVE_GNUTLS3) 28 29 #include <gcrypt.h> 29 30 #endif 30 31 31 32 #define ORGANISATION_NAME "Samba Administration" 32 #define UNIT_NAME "Samba - temporary autogenerated certificate" 33 #define CA_NAME "Samba - temporary autogenerated CA certificate" 34 #define UNIT_NAME "Samba - temporary autogenerated HOST certificate" 33 35 #define LIFETIME 700*24*60*60 34 #define DH_BITS 102436 #define RSA_BITS 4096 35 37 36 38 /* … … 70 72 hostname)); 71 73 72 #if def HAVE_GCRYPT_H74 #if defined(HAVE_GCRYPT_H) && !defined(HAVE_GNUTLS3) 73 75 DEBUG(3,("Enabling QUICK mode in gcrypt\n")); 74 76 gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0); … … 77 79 DEBUG(3,("Generating private key\n")); 78 80 TLSCHECK(gnutls_x509_privkey_init(&key)); 79 TLSCHECK(gnutls_x509_privkey_generate(key, GNUTLS_PK_RSA, DH_BITS, 0));81 TLSCHECK(gnutls_x509_privkey_generate(key, GNUTLS_PK_RSA, RSA_BITS, 0)); 80 82 81 83 DEBUG(3,("Generating CA private key\n")); 82 84 TLSCHECK(gnutls_x509_privkey_init(&cakey)); 83 TLSCHECK(gnutls_x509_privkey_generate(cakey, GNUTLS_PK_RSA, DH_BITS, 0));85 TLSCHECK(gnutls_x509_privkey_generate(cakey, GNUTLS_PK_RSA, RSA_BITS, 0)); 84 86 85 87 DEBUG(3,("Generating CA certificate\n")); … … 90 92 TLSCHECK(gnutls_x509_crt_set_dn_by_oid(cacrt, 91 93 GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME, 0, 92 UNIT_NAME, strlen(UNIT_NAME)));94 CA_NAME, strlen(CA_NAME))); 93 95 TLSCHECK(gnutls_x509_crt_set_dn_by_oid(cacrt, 94 96 GNUTLS_OID_X520_COMMON_NAME, 0, … … 98 100 TLSCHECK(gnutls_x509_crt_set_activation_time(cacrt, activation)); 99 101 TLSCHECK(gnutls_x509_crt_set_expiration_time(cacrt, expiry)); 100 TLSCHECK(gnutls_x509_crt_set_ca_status(cacrt, 0)); 101 #ifdef GNUTLS_KP_TLS_WWW_SERVER 102 TLSCHECK(gnutls_x509_crt_set_key_purpose_oid(cacrt, GNUTLS_KP_TLS_WWW_SERVER, 0)); 103 #endif 102 TLSCHECK(gnutls_x509_crt_set_ca_status(cacrt, 1)); 103 TLSCHECK(gnutls_x509_crt_set_key_usage(cacrt, GNUTLS_KEY_KEY_CERT_SIGN | GNUTLS_KEY_CRL_SIGN)); 104 104 TLSCHECK(gnutls_x509_crt_set_version(cacrt, 3)); 105 105 TLSCHECK(gnutls_x509_crt_get_key_id(cacrt, 0, keyid, &keyidsize)); … … 134 134 #endif 135 135 TLSCHECK(gnutls_x509_crt_sign(crt, crt, key)); 136 TLSCHECK(gnutls_x509_crt_sign(crt, cacrt, cakey)); 136 137 137 138 DEBUG(3,("Exporting TLS keys\n")); … … 153 154 bufsize = sizeof(buf); 154 155 TLSCHECK(gnutls_x509_privkey_export(key, GNUTLS_X509_FMT_PEM, buf, &bufsize)); 155 if (!file_save (keyfile, buf, bufsize)) {156 if (!file_save_mode(keyfile, buf, bufsize, 0600)) { 156 157 DEBUG(0,("Unable to save privatekey in %s parent dir exists ?\n", keyfile)); 157 158 goto failed; -
vendor/current/source4/lib/tls/wscript
r740 r988 18 18 conf.SET_TARGET_TYPE('gcrypt', 'DISABLED') 19 19 conf.SET_TARGET_TYPE('gpg-error', 'DISABLED') 20 if 'AD_DC_BUILD_IS_ENABLED' in conf.env: 21 conf.fatal("--disable-gnutls given: Building the AD DC requires GnuTLS (eg libgnutls-dev, gnutls-devel) for ldaps:// support and for the BackupKey protocol") 20 22 return 21 23 22 conf.check_cfg(package='gnutls', 23 args='"gnutls >= 1.4.0 gnutls != 2.2.4 gnutls != 2.8.0 gnutls != 2.8.1" --cflags --libs', 24 msg='Checking for gnutls >= 1.4.0 and broken versions', mandatory=False) 24 if Options.options.with_system_mitkrb5 and conf.env.AD_DC_BUILD_IS_ENABLED: 25 conf.CHECK_CFG(package='gnutls', 26 args='"gnutls >= 3.4.7" --cflags --libs', 27 msg='Checking for gnutls >= 3.4.7', 28 mandatory=True) 29 conf.DEFINE('HAVE_GNUTLS_3_4_7', 1) 30 conf.DEFINE('HAVE_GNUTLS3', 1) 31 else: 32 if conf.CHECK_CFG(package='gnutls', 33 args='"gnutls >= 3.4.7" --cflags --libs', 34 msg='Checking for gnutls >= 3.4.7', 35 mandatory=False): 36 conf.DEFINE('HAVE_GNUTLS_3_4_7', 1) 37 conf.DEFINE('HAVE_GNUTLS3', 1) 38 elif conf.CHECK_CFG(package='gnutls', 39 args='"gnutls >= 3.0.0" --cflags --libs', 40 msg='Checking for gnutls >= 3.0.0s', mandatory=False): 41 conf.DEFINE('HAVE_GNUTLS3', 1) 42 else: 43 conf.CHECK_CFG(package='gnutls', 44 args='"gnutls >= 1.4.0 gnutls != 2.2.4 gnutls != 2.8.0 gnutls != 2.8.1" --cflags --libs', 45 msg='Checking for gnutls >= 1.4.0 and broken versions', mandatory=False) 25 46 26 47 if 'HAVE_GNUTLS' in conf.env: 27 48 conf.DEFINE('ENABLE_GNUTLS', 1) 49 else: 50 if 'AD_DC_BUILD_IS_ENABLED' in conf.env: 51 conf.fatal("Building the AD DC requires GnuTLS (eg libgnutls-dev, gnutls-devel) for ldaps:// support and for the BackupKey protocol") 28 52 29 53 conf.CHECK_FUNCS_IN('gnutls_global_init', 'gnutls', 30 54 headers='gnutls/gnutls.h') 55 56 conf.CHECK_FUNCS_IN('gnutls_certificate_verify_peers3', 'gnutls', 57 headers='gnutls/gnutls.h') 58 conf.CHECK_DECLS('GNUTLS_CERT_EXPIRED GNUTLS_CERT_NOT_ACTIVATED GNUTLS_CERT_UNEXPECTED_OWNER', 59 headers='gnutls/gnutls.h gnutls/x509.h') 31 60 32 61 conf.CHECK_VARIABLE('gnutls_x509_crt_set_version', … … 43 72 headers='gnutls/gnutls.h', lib='gnutls') 44 73 45 conf.CHECK_FUNCS_IN('gcry_control', 'gcrypt', headers='gcrypt.h') 46 conf.CHECK_FUNCS_IN('gpg_err_code_from_errno', 'gpg-error') 74 # GnuTLS3 moved to libnettle, so only do this in the < 3.0 case 75 if not 'HAVE_GNUTLS3' in conf.env: 76 conf.CHECK_FUNCS_IN('gcry_control', 'gcrypt', headers='gcrypt.h') 77 conf.CHECK_FUNCS_IN('gpg_err_code_from_errno', 'gpg-error') 78 else: 79 conf.SET_TARGET_TYPE('gcrypt', 'DISABLED') 80 conf.SET_TARGET_TYPE('gpg-error', 'DISABLED') 47 81 48 82 … … 50 84 bld.SAMBA_SUBSYSTEM('LIBTLS', 51 85 source='tls.c tlscert.c tls_tstream.c', 52 public_deps='talloc gnutls gcrypt samba-hostconfig samba_socket LIBTSOCKET tevent UTIL_TEVENT'86 public_deps='talloc gnutls gcrypt samba-hostconfig samba_socket LIBTSOCKET tevent tevent-util' 53 87 ) -
vendor/current/source4/lib/wmi/tools/wmis.c
r414 r988 103 103 struct GUID clsid; 104 104 struct GUID iid; 105 WERROR result, coresult; 105 WERROR result; 106 HRESULT coresult; 106 107 struct IUnknown **mqi; 107 108 struct IWbemLevel1Login *pL; -
vendor/current/source4/lib/wmi/wmi_wrap.c
r414 r988 187 187 188 188 if (SWIG_ConvertPtr(obj,vptr,ty.flags) != -1) { 189 / / success code189 /* success code */ 190 190 } else { 191 / /fail code191 /*fail code */ 192 192 } 193 193 … … 196 196 int res = SWIG_ConvertPtr(obj,vptr,ty.flags); 197 197 if (SWIG_IsOK(res)) { 198 / / success code198 /* success code */ 199 199 } else { 200 / / fail code200 /* fail code */ 201 201 } 202 202 … … 206 206 int res = SWIG_ConvertPtr(obj,(void **)(&ptr),ty.flags); 207 207 if (SWIG_IsOK(res)) { 208 / / success code208 /* success code */ 209 209 if (SWIG_IsNewObj(res) { 210 210 ... … … 214 214 } 215 215 } else { 216 / / fail code216 /* fail code */ 217 217 } 218 218 … … 240 240 241 241 Finally, if the SWIG_CASTRANK_MODE is enabled, the result code 242 allows to return the 'cast rank', for example, if you have this242 allows one to return the 'cast rank', for example, if you have this 243 243 244 244 int food(double) … … 247 247 and you call 248 248 249 food(1) / / cast rank '1' (1 -> 1.0)250 fooi(1) / / cast rank '0'249 food(1) /* cast rank '1' (1 -> 1.0) */ 250 fooi(1) /* cast rank '0' */ 251 251 252 252 just use the SWIG_AddCast()/SWIG_CheckState() -
vendor/current/source4/lib/wmi/wmicore.c
r414 r988 58 58 struct GUID clsid; 59 59 struct GUID iid; 60 WERROR result, coresult; 60 WERROR result; 61 HRESULT coresult; 61 62 struct IUnknown **mqi; 62 63 struct IWbemLevel1Login *pL;
Note:
See TracChangeset
for help on using the changeset viewer.
