From d8875c286d2be49c01703d8fd58bbc1842054bd9 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 26 Feb 2007 05:37:19 +0000 Subject: [PATCH] r21535: - fixed a crash in the RAW-ACLS test. When a dcerpc_pipe is created using the pattern in the clilsa code, it didn't fill in the p->binding structure. This affects nearly all users of dcerpc_pipe_open_smb(), so the simplest fix is to ensure that dcerpc_pipe_open_smb() initialises the binding if its not already there. - re-enable the RAW-ACLS test --- source/libcli/util/clilsa.c | 2 +- source/librpc/rpc/dcerpc.c | 1 + source/librpc/rpc/dcerpc_connect.c | 6 +++--- source/librpc/rpc/dcerpc_smb.c | 19 ++++++++++++++++--- source/librpc/rpc/dcerpc_smb2.c | 7 ++++--- source/script/tests/test_posix.sh | 2 +- source/torture/rpc/samba3rpc.c | 12 ++++++------ source/winbind/wb_async_helpers.c | 2 +- source/winbind/wb_connect_lsa.c | 2 +- source/winbind/wb_connect_sam.c | 2 +- source/winbind/wb_init_domain.c | 2 +- 11 files changed, 36 insertions(+), 21 deletions(-) diff --git a/source/libcli/util/clilsa.c b/source/libcli/util/clilsa.c index e491d1c9eee..cd9a02deb1b 100644 --- a/source/libcli/util/clilsa.c +++ b/source/libcli/util/clilsa.c @@ -86,7 +86,7 @@ static NTSTATUS smblsa_connect(struct smbcli_state *cli) } /* open the LSA pipe */ - status = dcerpc_pipe_open_smb(lsa->pipe->conn, lsa->ipc_tree, DCERPC_LSARPC_NAME); + status = dcerpc_pipe_open_smb(lsa->pipe, lsa->ipc_tree, DCERPC_LSARPC_NAME); if (!NT_STATUS_IS_OK(status)) { talloc_free(lsa); return status; diff --git a/source/librpc/rpc/dcerpc.c b/source/librpc/rpc/dcerpc.c index 0a7417a13f9..328ddf445e1 100644 --- a/source/librpc/rpc/dcerpc.c +++ b/source/librpc/rpc/dcerpc.c @@ -110,6 +110,7 @@ struct dcerpc_pipe *dcerpc_pipe_init(TALLOC_CTX *mem_ctx, struct event_context * p->last_fault_code = 0; p->context_id = 0; p->request_timeout = DCERPC_REQUEST_TIMEOUT; + p->binding = NULL; ZERO_STRUCT(p->syntax); ZERO_STRUCT(p->transfer_syntax); diff --git a/source/librpc/rpc/dcerpc_connect.c b/source/librpc/rpc/dcerpc_connect.c index 38a707725db..38610c0c21c 100644 --- a/source/librpc/rpc/dcerpc_connect.c +++ b/source/librpc/rpc/dcerpc_connect.c @@ -78,7 +78,7 @@ static void continue_smb_connect(struct composite_context *ctx) s->io.pipe_name = s->io.binding->endpoint; /* send named pipe open request */ - open_ctx = dcerpc_pipe_open_smb_send(s->io.pipe->conn, s->tree, s->io.pipe_name); + open_ctx = dcerpc_pipe_open_smb_send(s->io.pipe, s->tree, s->io.pipe_name); if (composite_nomem(open_ctx, c)) return; composite_continue(c, open_ctx, continue_pipe_open_smb, c); @@ -192,7 +192,7 @@ static void continue_smb2_connect(struct composite_context *ctx) s->io.pipe_name = s->io.binding->endpoint; /* send named pipe open request */ - open_req = dcerpc_pipe_open_smb2_send(s->io.pipe->conn, s->tree, s->io.pipe_name); + open_req = dcerpc_pipe_open_smb2_send(s->io.pipe, s->tree, s->io.pipe_name); if (composite_nomem(open_req, c)) return; composite_continue(c, open_req, continue_pipe_open_smb2, c); @@ -969,7 +969,7 @@ struct composite_context* dcerpc_secondary_connection_send(struct dcerpc_pipe *p return c; } - pipe_smb_req = dcerpc_pipe_open_smb_send(s->pipe2->conn, s->tree, + pipe_smb_req = dcerpc_pipe_open_smb_send(s->pipe2, s->tree, s->binding->endpoint); composite_continue(c, pipe_smb_req, continue_open_smb, c); return c; diff --git a/source/librpc/rpc/dcerpc_smb.c b/source/librpc/rpc/dcerpc_smb.c index 1a80de75a8e..d6d2cf0dfbf 100644 --- a/source/librpc/rpc/dcerpc_smb.c +++ b/source/librpc/rpc/dcerpc_smb.c @@ -390,13 +390,26 @@ struct pipe_open_smb_state { static void pipe_open_recv(struct smbcli_request *req); -struct composite_context *dcerpc_pipe_open_smb_send(struct dcerpc_connection *c, +struct composite_context *dcerpc_pipe_open_smb_send(struct dcerpc_pipe *p, struct smbcli_tree *tree, const char *pipe_name) { struct composite_context *ctx; struct pipe_open_smb_state *state; struct smbcli_request *req; + struct dcerpc_connection *c = p->conn; + + /* if we don't have a binding on this pipe yet, then create one */ + if (p->binding == NULL) { + NTSTATUS status; + char *s = talloc_asprintf(p, "ncacn_np:%s", tree->session->transport->socket->hostname); + if (s == NULL) return NULL; + status = dcerpc_parse_binding(p, s, &p->binding); + talloc_free(s); + if (!NT_STATUS_IS_OK(status)) { + return NULL; + } + } ctx = composite_create(c, c->event_ctx); if (ctx == NULL) return NULL; @@ -494,11 +507,11 @@ NTSTATUS dcerpc_pipe_open_smb_recv(struct composite_context *c) return status; } -NTSTATUS dcerpc_pipe_open_smb(struct dcerpc_connection *c, +NTSTATUS dcerpc_pipe_open_smb(struct dcerpc_pipe *p, struct smbcli_tree *tree, const char *pipe_name) { - struct composite_context *ctx = dcerpc_pipe_open_smb_send(c, tree, + struct composite_context *ctx = dcerpc_pipe_open_smb_send(p, tree, pipe_name); return dcerpc_pipe_open_smb_recv(ctx); } diff --git a/source/librpc/rpc/dcerpc_smb2.c b/source/librpc/rpc/dcerpc_smb2.c index 845884115cd..20d1c7c211c 100644 --- a/source/librpc/rpc/dcerpc_smb2.c +++ b/source/librpc/rpc/dcerpc_smb2.c @@ -362,7 +362,7 @@ struct pipe_open_smb2_state { static void pipe_open_recv(struct smb2_request *req); -struct composite_context *dcerpc_pipe_open_smb2_send(struct dcerpc_connection *c, +struct composite_context *dcerpc_pipe_open_smb2_send(struct dcerpc_pipe *p, struct smb2_tree *tree, const char *pipe_name) { @@ -370,6 +370,7 @@ struct composite_context *dcerpc_pipe_open_smb2_send(struct dcerpc_connection *c struct pipe_open_smb2_state *state; struct smb2_create io; struct smb2_request *req; + struct dcerpc_connection *c = p->conn; ctx = composite_create(c, c->event_ctx); if (ctx == NULL) return NULL; @@ -463,11 +464,11 @@ NTSTATUS dcerpc_pipe_open_smb2_recv(struct composite_context *c) return status; } -NTSTATUS dcerpc_pipe_open_smb2(struct dcerpc_connection *c, +NTSTATUS dcerpc_pipe_open_smb2(struct dcerpc_pipe *p, struct smb2_tree *tree, const char *pipe_name) { - struct composite_context *ctx = dcerpc_pipe_open_smb2_send(c, tree, pipe_name); + struct composite_context *ctx = dcerpc_pipe_open_smb2_send(p, tree, pipe_name); return dcerpc_pipe_open_smb2_recv(ctx); } diff --git a/source/script/tests/test_posix.sh b/source/script/tests/test_posix.sh index 220261f3457..8f9013df624 100755 --- a/source/script/tests/test_posix.sh +++ b/source/script/tests/test_posix.sh @@ -28,7 +28,7 @@ tests="$base $raw $smb2" # # please add tests you want to be skipped here! # -skipped="BASE-CHARSET BASE-DEFER_OPEN BASE-DELAYWRITE RAW-COMPOSITE RAW-OPLOCK RAW-ACLS BASE-IOMETER" +skipped="BASE-CHARSET BASE-DEFER_OPEN BASE-DELAYWRITE RAW-COMPOSITE RAW-OPLOCK BASE-IOMETER" skipped="$skipped BASE-SAMBA3ERROR BASE-CASETABLE BASE-NTTRANS BASE-BENCH-HOLDCON BASE-SCAN-MAXFID" skipped="$skipped RAW-BENCH-OPLOCK RAW-SAMBA3HIDE RAW-SAMBA3CLOSEERR RAW-SAMBA3CHECKFSP RAW-SAMBA3BADPATH" skipped="$skipped RAW-SCAN-EAMAX SMB2-LOCK SMB2-NOTIFY" diff --git a/source/torture/rpc/samba3rpc.c b/source/torture/rpc/samba3rpc.c index c6be028a924..096aecea0b6 100644 --- a/source/torture/rpc/samba3rpc.c +++ b/source/torture/rpc/samba3rpc.c @@ -107,7 +107,7 @@ BOOL torture_bind_authcontext(struct torture_context *torture) goto done; } - status = dcerpc_pipe_open_smb(lsa_pipe->conn, cli->tree, "\\lsarpc"); + status = dcerpc_pipe_open_smb(lsa_pipe, cli->tree, "\\lsarpc"); if (!NT_STATUS_IS_OK(status)) { d_printf("dcerpc_pipe_open_smb failed: %s\n", nt_errstr(status)); @@ -223,7 +223,7 @@ static BOOL bindtest(struct smbcli_state *cli, goto done; } - status = dcerpc_pipe_open_smb(lsa_pipe->conn, cli->tree, "\\lsarpc"); + status = dcerpc_pipe_open_smb(lsa_pipe, cli->tree, "\\lsarpc"); if (!NT_STATUS_IS_OK(status)) { d_printf("dcerpc_pipe_open_smb failed: %s\n", nt_errstr(status)); @@ -362,7 +362,7 @@ static NTSTATUS get_usr_handle(struct smbcli_state *cli, goto fail; } - status = dcerpc_pipe_open_smb(samr_pipe->conn, cli->tree, "\\samr"); + status = dcerpc_pipe_open_smb(samr_pipe, cli->tree, "\\samr"); if (!NT_STATUS_IS_OK(status)) { d_printf("dcerpc_pipe_open_smb failed: %s\n", nt_errstr(status)); @@ -822,7 +822,7 @@ static BOOL auth2(struct smbcli_state *cli, goto done; } - status = dcerpc_pipe_open_smb(net_pipe->conn, cli->tree, "\\netlogon"); + status = dcerpc_pipe_open_smb(net_pipe, cli->tree, "\\netlogon"); if (!NT_STATUS_IS_OK(status)) { d_printf("dcerpc_pipe_open_smb failed: %s\n", nt_errstr(status)); @@ -923,7 +923,7 @@ static BOOL schan(struct smbcli_state *cli, goto done; } - status = dcerpc_pipe_open_smb(net_pipe->conn, cli->tree, "\\netlogon"); + status = dcerpc_pipe_open_smb(net_pipe, cli->tree, "\\netlogon"); if (!NT_STATUS_IS_OK(status)) { d_printf("dcerpc_pipe_open_smb failed: %s\n", nt_errstr(status)); @@ -1374,7 +1374,7 @@ static NTSTATUS pipe_bind_smb(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - status = dcerpc_pipe_open_smb(result->conn, tree, pipe_name); + status = dcerpc_pipe_open_smb(result, tree, pipe_name); if (!NT_STATUS_IS_OK(status)) { d_printf("dcerpc_pipe_open_smb failed: %s\n", nt_errstr(status)); diff --git a/source/winbind/wb_async_helpers.c b/source/winbind/wb_async_helpers.c index 3a560a9a94f..11d675d2e90 100644 --- a/source/winbind/wb_async_helpers.c +++ b/source/winbind/wb_async_helpers.c @@ -81,7 +81,7 @@ struct composite_context *wb_get_schannel_creds_send(TALLOC_CTX *mem_ctx, goto failed; } - creq = dcerpc_pipe_open_smb_send(state->p->conn, tree, "\\netlogon"); + creq = dcerpc_pipe_open_smb_send(state->p, tree, "\\netlogon"); if (creq == NULL) { c->status = NT_STATUS_NO_MEMORY; goto failed; diff --git a/source/winbind/wb_connect_lsa.c b/source/winbind/wb_connect_lsa.c index 815e1319621..6ba14a2f17c 100644 --- a/source/winbind/wb_connect_lsa.c +++ b/source/winbind/wb_connect_lsa.c @@ -72,7 +72,7 @@ struct composite_context *wb_init_lsa_send(TALLOC_CTX *mem_ctx, state->lsa_pipe = dcerpc_pipe_init(state, result->event_ctx); if (state->lsa_pipe == NULL) goto failed; - ctx = dcerpc_pipe_open_smb_send(state->lsa_pipe->conn, tree, + ctx = dcerpc_pipe_open_smb_send(state->lsa_pipe, tree, "\\lsarpc"); ctx->async.fn = init_lsa_recv_pipe; ctx->async.private_data = state; diff --git a/source/winbind/wb_connect_sam.c b/source/winbind/wb_connect_sam.c index 5e5a33d2c1b..393c5f84378 100644 --- a/source/winbind/wb_connect_sam.c +++ b/source/winbind/wb_connect_sam.c @@ -80,7 +80,7 @@ struct composite_context *wb_connect_sam_send(TALLOC_CTX *mem_ctx, state->samr_pipe = dcerpc_pipe_init(state, result->event_ctx); if (state->samr_pipe == NULL) goto failed; - ctx = dcerpc_pipe_open_smb_send(state->samr_pipe->conn, tree, + ctx = dcerpc_pipe_open_smb_send(state->samr_pipe, tree, "\\samr"); ctx->async.fn = connect_samr_recv_pipe; ctx->async.private_data = state; diff --git a/source/winbind/wb_init_domain.c b/source/winbind/wb_init_domain.c index 409f5f2b23f..8700dd637e5 100644 --- a/source/winbind/wb_init_domain.c +++ b/source/winbind/wb_init_domain.c @@ -193,7 +193,7 @@ static void init_domain_recv_netlogoncreds(struct composite_context *ctx) return; } - ctx = dcerpc_pipe_open_smb_send(state->domain->netlogon_pipe->conn, + ctx = dcerpc_pipe_open_smb_send(state->domain->netlogon_pipe, tree, "\\netlogon"); composite_continue(state->ctx, ctx, init_domain_recv_netlogonpipe, state); -- 2.11.4.GIT