From 9c5f2ec12136eac5ede41ccef581b2bf934429ca Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Thu, 14 Jul 2011 10:37:49 +0200 Subject: [PATCH] s3-rpc_server: Disable listening on tcpip ports by default. --- selftest/target/Samba3.pm | 2 ++ source3/rpc_server/rpc_service_setup.c | 25 +++++++++++++++++-------- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 418240b061a..c45c8789c2b 100644 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -285,6 +285,7 @@ sub setup_plugin_s4_dc($$$$) auth methods = guest samba4 domain logons = yes rpc_server:epmapper = external + rpc_server:tcpip = no rpc_server:lsass = external rpc_server:lsarpc = external rpc_server:netlogon = external @@ -901,6 +902,7 @@ sub provision($$$$$$$) ncalrpc dir = $prefix_abs/ncalrpc rpc_server:epmapper = daemon + rpc_server:tcpip = yes resolv:host file = $dns_host_file diff --git a/source3/rpc_server/rpc_service_setup.c b/source3/rpc_server/rpc_service_setup.c index f5716cdab90..a9633fb3552 100644 --- a/source3/rpc_server/rpc_service_setup.c +++ b/source3/rpc_server/rpc_service_setup.c @@ -972,6 +972,7 @@ bool dcesrv_ep_setup(struct tevent_context *ev_ctx, struct messaging_context *msg_ctx) { struct dcerpc_binding_vector *v; + const char *rpcsrv_type; TALLOC_CTX *tmp_ctx; NTSTATUS status; bool ok; @@ -993,14 +994,22 @@ bool dcesrv_ep_setup(struct tevent_context *ev_ctx, goto done; } - status = rpc_setup_tcpip_sockets(ev_ctx, - msg_ctx, - &ndr_table_winreg, - v, - 0); - if (!NT_STATUS_IS_OK(status)) { - ok = false; - goto done; + rpcsrv_type = lp_parm_const_string(GLOBAL_SECTION_SNUM, + "rpc_server", + "tcpip", + "no"); + + if (strcasecmp_m(rpcsrv_type, "yes") == 0 || + strcasecmp_m(rpcsrv_type, "true") == 0) { + status = rpc_setup_tcpip_sockets(ev_ctx, + msg_ctx, + &ndr_table_winreg, + v, + 0); + if (!NT_STATUS_IS_OK(status)) { + ok = false; + goto done; + } } ok = rpc_setup_winreg(ev_ctx, msg_ctx, v); -- 2.11.4.GIT