Beispiel #1
0
static NTSTATUS gp_extension_init_module(TALLOC_CTX *mem_ctx,
					 const char *name,
					 struct gp_extension **gpext)
{
	NTSTATUS status;
	struct gp_extension *ext = NULL;

	ext = talloc_zero(mem_ctx, struct gp_extension);
	NT_STATUS_HAVE_NO_MEMORY(gpext);

	ext->methods = get_methods_by_name(extensions, name);
	if (!ext->methods) {

		status = smb_probe_module(SAMBA_SUBSYSTEM_GPEXT,
					  name);
		if (!NT_STATUS_IS_OK(status)) {
			return status;
		}

		ext->methods = get_methods_by_name(extensions, name);
		if (!ext->methods) {
			return NT_STATUS_DLL_INIT_FAILED;
		}
	}

	*gpext = ext;

	return NT_STATUS_OK;
}
static void test_samba_module_probe(void **state)
{
	NTSTATUS status;

	status = smb_probe_module("auth", "skel");
	assert_true(NT_STATUS_IS_OK(status));
}
Beispiel #3
0
/**
 * Is a named pipe known?
 * @param[in] pipename		Just the filename
 * @result			Do we want to serve this?
 */
bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax)
{
	NTSTATUS status;

	if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
		DEBUG(10, ("refusing spoolss access\n"));
		return false;
	}

	if (rpc_srv_get_pipe_interface_by_cli_name(pipename, syntax)) {
		return true;
	}

	status = smb_probe_module("rpc", pipename);
	if (!NT_STATUS_IS_OK(status)) {
		DEBUG(10, ("is_known_pipename: %s unknown\n", pipename));
		return false;
	}
	DEBUG(10, ("is_known_pipename: %s loaded dynamically\n", pipename));

	/*
	 * Scan the list again for the interface id
	 */
	if (rpc_srv_get_pipe_interface_by_cli_name(pipename, syntax)) {
		return true;
	}

	DEBUG(10, ("is_known_pipename: pipe %s did not register itself!\n",
		   pipename));

	return false;
}
Beispiel #4
0
bool load_auth_module(struct auth_context *auth_context, 
		      const char *module, auth_methods **ret) 
{
	static bool initialised_static_modules = False;

	struct auth_init_function_entry *entry;
	char *module_name = smb_xstrdup(module);
	char *module_params = NULL;
	char *p;
	bool good = False;

	/* Initialise static modules if not done so yet */
	if(!initialised_static_modules) {
		static_init_auth;
		initialised_static_modules = True;
	}

	DEBUG(5,("load_auth_module: Attempting to find an auth method to match %s\n",
		 module));

	p = strchr(module_name, ':');
	if (p) {
		*p = 0;
		module_params = p+1;
		trim_char(module_params, ' ', ' ');
	}

	trim_char(module_name, ' ', ' ');

	entry = auth_find_backend_entry(module_name);

	if (entry == NULL) {
		if (NT_STATUS_IS_OK(smb_probe_module("auth", module_name))) {
			entry = auth_find_backend_entry(module_name);
		}
	}

	if (entry != NULL) {
		if (!NT_STATUS_IS_OK(entry->init(auth_context, module_params, ret))) {
			DEBUG(0,("load_auth_module: auth method %s did not correctly init\n",
				 module_name));
		} else {
			DEBUG(5,("load_auth_module: auth method %s has a valid init\n",
				 module_name));
			good = True;
		}
	} else {
		DEBUG(0,("load_auth_module: can't find auth method %s!\n", module_name));
	}

	SAFE_FREE(module_name);
	return good;
}
static void test_samba_module_probe_dummy(void **state)
{
	const char *module_env;
	NTSTATUS status;

	status = smb_probe_module("rpc", "test_dummy_module");
	assert_true(NT_STATUS_IS_OK(status));

	module_env = getenv("UNITTEST_DUMMY_MODULE_LOADED");
	assert_non_null(module_env);
	assert_string_equal(module_env, "TRUE");
}
/**
 * Initialize a domain structure
 * @param[in] mem_ctx		memory context for the result
 * @param[in] domainname	which domain is this for
 * @param[in] modulename	which backend module
 * @param[in] params		parameter to pass to the init function
 * @result The initialized structure
 */
static struct idmap_domain *idmap_init_domain(TALLOC_CTX *mem_ctx,
					      const char *domainname,
					      const char *modulename,
					      const char *params)
{
	struct idmap_domain *result;
	NTSTATUS status;

	result = talloc_zero(mem_ctx, struct idmap_domain);
	if (result == NULL) {
		DEBUG(0, ("talloc failed\n"));
		return NULL;
	}

	result->name = talloc_strdup(result, domainname);
	if (result->name == NULL) {
		DEBUG(0, ("talloc failed\n"));
		goto fail;
	}

	result->methods = get_methods(modulename);
	if (result->methods == NULL) {
		DEBUG(3, ("idmap backend %s not found\n", modulename));

		status = smb_probe_module("idmap", modulename);
		if (!NT_STATUS_IS_OK(status)) {
			DEBUG(3, ("Could not probe idmap module %s\n",
				  modulename));
			goto fail;
		}

		result->methods = get_methods(modulename);
	}
	if (result->methods == NULL) {
		DEBUG(1, ("idmap backend %s not found\n", modulename));
		goto fail;
	}

	status = result->methods->init(result, params);
	if (!NT_STATUS_IS_OK(status)) {
		DEBUG(1, ("idmap initialization returned %s\n",
			  nt_errstr(status)));
		goto fail;
	}

	talloc_set_destructor(result, close_domain_destructor);

	return result;

fail:
	TALLOC_FREE(result);
	return NULL;
}
Beispiel #7
0
BOOL idmap_init(const char **remote_backend)
{
	if (!backends)
		static_init_idmap;

	if (!cache_map) {
		cache_map = get_methods("tdb", True);

		if (!cache_map) {
			DEBUG(0, ("idmap_init: could not find tdb cache backend!\n"));
			return False;
		}
		
		if (!NT_STATUS_IS_OK(cache_map->init( NULL ))) {
			DEBUG(0, ("idmap_init: could not initialise tdb cache backend!\n"));
			return False;
		}
	}
	
	if ((remote_map == NULL) && (remote_backend != NULL) &&
	    (*remote_backend != NULL) && (**remote_backend != '\0'))  {
		char *rem_backend = smb_xstrdup(*remote_backend);
		fstring params = "";
		char *pparams;
		
		/* get any mode parameters passed in */
		
		if ( (pparams = strchr( rem_backend, ':' )) != NULL ) {
			*pparams = '\0';
			pparams++;
			fstrcpy( params, pparams );
		}
		
		DEBUG(3, ("idmap_init: using '%s' as remote backend\n", rem_backend));
		
		if((remote_map = get_methods(rem_backend, False)) ||
		    (NT_STATUS_IS_OK(smb_probe_module("idmap", rem_backend)) && 
		    (remote_map = get_methods(rem_backend, False)))) {
			if (!NT_STATUS_IS_OK(remote_map->init(params))) {
				DEBUG(0, ("idmap_init: failed to initialize remote backend!\n"));
				return False;
			}
		} else {
			DEBUG(0, ("idmap_init: could not load remote backend '%s'\n", rem_backend));
			SAFE_FREE(rem_backend);
			return False;
		}
		SAFE_FREE(rem_backend);
	}

	return True;
}
static void test_samba_module_probe_slash(void **state)
{
	char dummy_module_path[4096] = {0};
	const char *module_env;
	NTSTATUS status;

	snprintf(dummy_module_path,
		 sizeof(dummy_module_path),
		 "%s/bin/modules/rpc/test_dummy_module.so",
		 SRCDIR);

	status = smb_probe_module("rpc", dummy_module_path);
	assert_true(NT_STATUS_IS_ERR(status));

	module_env = getenv("UNITTEST_DUMMY_MODULE_LOADED");
	assert_null(module_env);
}
Beispiel #9
0
/**
 * Initialize a domain structure
 * @param[in] mem_ctx		memory context for the result
 * @param[in] domainname	which domain is this for
 * @param[in] modulename	which backend module
 * @param[in] check_range	whether range checking should be done
 * @result The initialized structure
 */
static struct idmap_domain *idmap_init_domain(TALLOC_CTX *mem_ctx,
					      const char *domainname,
					      const char *modulename,
					      bool check_range)
{
	struct idmap_domain *result;
	NTSTATUS status;
	char *config_option = NULL;
	const char *range;

	result = talloc_zero(mem_ctx, struct idmap_domain);
	if (result == NULL) {
		DEBUG(0, ("talloc failed\n"));
		return NULL;
	}

	result->name = talloc_strdup(result, domainname);
	if (result->name == NULL) {
		DEBUG(0, ("talloc failed\n"));
		goto fail;
	}

	/*
	 * load ranges and read only information from the config
	 */

	config_option = talloc_asprintf(result, "idmap config %s",
					result->name);
	if (config_option == NULL) {
		DEBUG(0, ("Out of memory!\n"));
		goto fail;
	}

	range = lp_parm_const_string(-1, config_option, "range", NULL);
	if (range == NULL) {
		DEBUG(1, ("idmap range not specified for domain %s\n",
			  result->name));
		if (check_range) {
			goto fail;
		}
	} else if (sscanf(range, "%u - %u", &result->low_id,
			  &result->high_id) != 2)
	{
		DEBUG(1, ("invalid range '%s' specified for domain "
			  "'%s'\n", range, result->name));
		if (check_range) {
			goto fail;
		}
	}

	result->read_only = lp_parm_bool(-1, config_option, "read only", false);

	talloc_free(config_option);

	if (result->low_id > result->high_id) {
		DEBUG(1, ("Error: invalid idmap range detected: %lu - %lu\n",
			  (unsigned long)result->low_id,
			  (unsigned long)result->high_id));
		if (check_range) {
			goto fail;
		}
	}

	result->methods = get_methods(modulename);
	if (result->methods == NULL) {
		DEBUG(3, ("idmap backend %s not found\n", modulename));

		status = smb_probe_module("idmap", modulename);
		if (!NT_STATUS_IS_OK(status)) {
			DEBUG(3, ("Could not probe idmap module %s\n",
				  modulename));
			goto fail;
		}

		result->methods = get_methods(modulename);
	}
	if (result->methods == NULL) {
		DEBUG(1, ("idmap backend %s not found\n", modulename));
		goto fail;
	}

	status = result->methods->init(result);
	if (!NT_STATUS_IS_OK(status)) {
		DEBUG(1, ("idmap initialization returned %s\n",
			  nt_errstr(status)));
		goto fail;
	}

	return result;

fail:
	TALLOC_FREE(result);
	return NULL;
}
Beispiel #10
0
static NTSTATUS multisam_init(struct pdb_methods **pdb_method, const char *location)
{
	NTSTATUS nt_status;
	int i;
	struct multisam_data *data;

	multisam_debug_level = debug_add_class("multisam");
	if (multisam_debug_level == -1) {
		multisam_debug_level = DBGC_ALL;
		DEBUG(0,
			  ("multisam: Couldn't register custom debugging class!\n"));
	}

	if ( !NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method )) ) {
		return nt_status;
	}

	data = talloc(*pdb_method, struct multisam_data);
	(*pdb_method)->private_data = data;

	/* Create default_methods with default functions (as in pdb_interface.c) */
	if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( &(data->default_methods)))) {
		DEBUG(0, ("Could not create default pdb_method\n"));
		return nt_status;
	}
	
	(*pdb_method)->name = "multisam";

	/* Mandatory implementation */
	(*pdb_method)->setsampwent = multisam_setsampwent;
	(*pdb_method)->endsampwent = multisam_endsampwent;
	(*pdb_method)->getsampwent = multisam_getsampwent;
	(*pdb_method)->getsampwnam = multisam_getsampwnam;
	(*pdb_method)->getsampwsid = multisam_getsampwsid;
	(*pdb_method)->add_sam_account = multisam_add_sam_account;
	(*pdb_method)->update_sam_account = multisam_update_sam_account;
	(*pdb_method)->delete_sam_account = multisam_delete_sam_account;
	(*pdb_method)->rename_sam_account = multisam_rename_sam_account;
	(*pdb_method)->rid_algorithm = multisam_rid_algorithm;
	(*pdb_method)->new_rid = multisam_dummy_new_rid;

	(*pdb_method)->create_user = multisam_create_user;
	(*pdb_method)->delete_user = multisam_delete_user;
	(*pdb_method)->uid_to_rid = multisam_uid_to_rid;
	(*pdb_method)->gid_to_sid = multisam_gid_to_sid;
	(*pdb_method)->sid_to_id = multisam_sid_to_id;
	

	/* Not yet implemented here */
#if 0
	(*pdb_method)->update_login_attempts = multisam_update_login_attempts;
	(*pdb_method)->getgrsid = multisam_getgrsid;
	(*pdb_method)->getgrgid = multisam_getgrgid;
	(*pdb_method)->getgrnam = multisam_getgrnam;
	(*pdb_method)->create_dom_group = multisam_create_dom_group;
	(*pdb_method)->delete_dom_group = multisam_delete_dom_group;
	(*pdb_method)->enum_group_mapping = multisam_enum_group_mapping;
	(*pdb_method)->enum_group_members = multisam_enum_group_members;
	(*pdb_method)->enum_group_memberships = multisam_enum_group_memberships;
	(*pdb_method)->add_groupmem = multisam_add_groupmem;
	(*pdb_method)->del_groupmem = multisam_del_groupmem;
	(*pdb_method)->find_alias = multisam_find_alias;
	(*pdb_method)->create_alias = multisam_create_alias;
	(*pdb_method)->delete_alias = multisam_delete_alias;
	(*pdb_method)->get_aliasinfo = multisam_get_aliasinfo;
	(*pdb_method)->set_aliasinfo = multisam_set_aliasinfo;
	(*pdb_method)->add_aliasmem = multisam_add_aliasmem;
	(*pdb_method)->del_aliasmem = multisam_del_aliasmem;
	(*pdb_method)->enum_aliasmem = multisam_enum_aliasmem;
	(*pdb_method)->enum_alias_memberships = multisam_alias_memberships;
	(*pdb_method)->lookup_rids = multisam_lookup_rids;
	(*pdb_method)->get_account_policy = multisam_get_account_policy;
	(*pdb_method)->set_account_policy = multisam_set_account_policy;
	(*pdb_method)->get_seq_num = multisam_get_seq_num;
	(*pdb_method)->search_users = multisam_search_users;
	(*pdb_method)->search_groups = multisam_search_groups;
	(*pdb_method)->search_aliases = multisam_search_aliases;
#endif

	if (!location) {
		DEBUG(0, ("No identifier specified. Check the Samba HOWTO Collection for details\n"));
		return NT_STATUS_INVALID_PARAMETER;
	}

	data->location = talloc_strdup(data, location);
	data->names = str_list_make_talloc(data, data->location, NULL);
	data->num_backends = str_list_count((const char **)data->names);
	data->locations = talloc_array(data, char *, data->num_backends);
	data->methods = talloc_array(data, struct pdb_methods *, data->num_backends);

	for (i = 0; i < data->num_backends; i++) {
		struct pdb_init_function_entry *entry = NULL;

		data->locations[i] = strchr(data->names[i], ':');
		if (data->locations[i]) {
			*(data->locations[i]) = '\0';
			data->locations[i]++;
		}

		entry = pdb_find_backend_entry(data->names[i]);
		if (!entry) {
			DEBUG(2,("No builtin backend found, trying to load plugin\n"));
			if(NT_STATUS_IS_OK(smb_probe_module("pdb", data->names[i])) && !(entry = pdb_find_backend_entry(data->names[i]))) {
				DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", data->names[i]));
				return NT_STATUS_UNSUCCESSFUL;
			}
		}
		if (!entry) {
			DEBUG(0, ("Unable to find multisam backend %d: %s\n", i, data->names[i]));
			return NT_STATUS_UNSUCCESSFUL;
		}
		
		DEBUG(2, ("Found entry point. Loading multisam backend %d: %s\n", i, data->names[i]));
		nt_status = entry->init(&data->methods[i], data->locations[i]);
		
		if (NT_STATUS_IS_ERR(nt_status)) {
			return nt_status;
		}
		/* These functions are only used on LDAP now.. */
		if (!IS_DEFAULT(data->methods[i], add_group_mapping_entry))
			(*pdb_method)->add_group_mapping_entry = multisam_add_group_mapping_entry;
		if (!IS_DEFAULT(data->methods[i], update_group_mapping_entry))
			(*pdb_method)->update_group_mapping_entry = multisam_update_group_mapping_entry;
		if (!IS_DEFAULT(data->methods[i], delete_group_mapping_entry))
			(*pdb_method)->delete_group_mapping_entry = multisam_delete_group_mapping_entry;
	}	
	return NT_STATUS_OK;
}
Beispiel #11
0
static bool api_pipe_bind_req(struct pipes_struct *p,
				struct ncacn_packet *pkt)
{
	struct dcerpc_auth auth_info = {0};
	uint16_t assoc_gid;
	unsigned int auth_type = DCERPC_AUTH_TYPE_NONE;
	NTSTATUS status;
	struct ndr_syntax_id id;
	uint8_t pfc_flags = 0;
	union dcerpc_payload u;
	struct dcerpc_ack_ctx bind_ack_ctx;
	DATA_BLOB auth_resp = data_blob_null;
	DATA_BLOB auth_blob = data_blob_null;
	const struct ndr_interface_table *table;

	/* No rebinds on a bound pipe - use alter context. */
	if (p->pipe_bound) {
		DEBUG(2,("Rejecting bind request on bound rpc connection\n"));
		return setup_bind_nak(p, pkt);
	}

	if (pkt->u.bind.num_contexts == 0) {
		DEBUG(0, ("api_pipe_bind_req: no rpc contexts around\n"));
		goto err_exit;
	}

	/*
	 * Try and find the correct pipe name to ensure
	 * that this is a pipe name we support.
	 */
	id = pkt->u.bind.ctx_list[0].abstract_syntax;

	table = ndr_table_by_uuid(&id.uuid);
	if (table == NULL) {
		DEBUG(0,("unknown interface\n"));
		return false;
	}

	if (rpc_srv_pipe_exists_by_id(&id)) {
		DEBUG(3, ("api_pipe_bind_req: %s -> %s rpc service\n",
			  rpc_srv_get_pipe_cli_name(&id),
			  rpc_srv_get_pipe_srv_name(&id)));
	} else {
		status = smb_probe_module(
			"rpc", dcerpc_default_transport_endpoint(pkt,
				NCACN_NP, table));

		if (NT_STATUS_IS_ERR(status)) {
			DEBUG(3,("api_pipe_bind_req: Unknown rpc service name "
                                 "%s in bind request.\n",
				 ndr_interface_name(&id.uuid,
						    id.if_version)));

			return setup_bind_nak(p, pkt);
		}

		if (rpc_srv_get_pipe_interface_by_cli_name(
				dcerpc_default_transport_endpoint(pkt,
					NCACN_NP, table),
				&id)) {
			DEBUG(3, ("api_pipe_bind_req: %s -> %s rpc service\n",
				  rpc_srv_get_pipe_cli_name(&id),
				  rpc_srv_get_pipe_srv_name(&id)));
		} else {
			DEBUG(0, ("module %s doesn't provide functions for "
				  "pipe %s!\n",
				  ndr_interface_name(&id.uuid,
						     id.if_version),
				  ndr_interface_name(&id.uuid,
						     id.if_version)));
			return setup_bind_nak(p, pkt);
		}
	}

	DEBUG(5,("api_pipe_bind_req: make response. %d\n", __LINE__));

	if (pkt->u.bind.assoc_group_id != 0) {
		assoc_gid = pkt->u.bind.assoc_group_id;
	} else {
		assoc_gid = 0x53f0;
	}

	/*
	 * Create the bind response struct.
	 */

	/* If the requested abstract synt uuid doesn't match our client pipe,
		reject the bind_ack & set the transfer interface synt to all 0's,
		ver 0 (observed when NT5 attempts to bind to abstract interfaces
		unknown to NT4)
		Needed when adding entries to a DACL from NT5 - SK */

	if (check_bind_req(p,
			&pkt->u.bind.ctx_list[0].abstract_syntax,
			&pkt->u.bind.ctx_list[0].transfer_syntaxes[0],
			pkt->u.bind.ctx_list[0].context_id)) {

		bind_ack_ctx.result = 0;
		bind_ack_ctx.reason.value = 0;
		bind_ack_ctx.syntax = pkt->u.bind.ctx_list[0].transfer_syntaxes[0];
	} else {
		p->pipe_bound = False;
		/* Rejection reason: abstract syntax not supported */
		bind_ack_ctx.result = DCERPC_BIND_PROVIDER_REJECT;
		bind_ack_ctx.reason.value = DCERPC_BIND_REASON_ASYNTAX;
		bind_ack_ctx.syntax = ndr_syntax_id_null;
	}

	/*
	 * Check if this is an authenticated bind request.
	 */
	if (pkt->auth_length) {
		/* Quick length check. Won't catch a bad auth footer,
		 * prevents overrun. */

		if (pkt->frag_length < RPC_HEADER_LEN +
					DCERPC_AUTH_TRAILER_LENGTH +
					pkt->auth_length) {
			DEBUG(0,("api_pipe_bind_req: auth_len (%u) "
				"too long for fragment %u.\n",
				(unsigned int)pkt->auth_length,
				(unsigned int)pkt->frag_length));
			goto err_exit;
		}

		/*
		 * Decode the authentication verifier.
		 */
		status = dcerpc_pull_dcerpc_auth(pkt,
						 &pkt->u.bind.auth_info,
						 &auth_info, p->endian);
		if (!NT_STATUS_IS_OK(status)) {
			DEBUG(0, ("Unable to unmarshall dcerpc_auth.\n"));
			goto err_exit;
		}

		auth_type = auth_info.auth_type;

		/* Work out if we have to sign or seal etc. */
		switch (auth_info.auth_level) {
		case DCERPC_AUTH_LEVEL_INTEGRITY:
			p->auth.auth_level = DCERPC_AUTH_LEVEL_INTEGRITY;
			break;
		case DCERPC_AUTH_LEVEL_PRIVACY:
			p->auth.auth_level = DCERPC_AUTH_LEVEL_PRIVACY;
			break;
		case DCERPC_AUTH_LEVEL_CONNECT:
			p->auth.auth_level = DCERPC_AUTH_LEVEL_CONNECT;
			break;
		default:
			DEBUG(0, ("Unexpected auth level (%u).\n",
				(unsigned int)auth_info.auth_level ));
			goto err_exit;
		}

		switch (auth_type) {
		case DCERPC_AUTH_TYPE_NONE:
			break;

		default:
			if (!pipe_auth_generic_bind(p, pkt,
						    &auth_info, &auth_resp)) {
				goto err_exit;
			}
			break;
		}
	}

	if (auth_type == DCERPC_AUTH_TYPE_NONE) {
		/* Unauthenticated bind request. */
		/* We're finished - no more packets. */
		p->auth.auth_type = DCERPC_AUTH_TYPE_NONE;
		/* We must set the pipe auth_level here also. */
		p->auth.auth_level = DCERPC_AUTH_LEVEL_NONE;
		p->pipe_bound = True;
		/* The session key was initialized from the SMB
		 * session in make_internal_rpc_pipe_p */
	}

	ZERO_STRUCT(u.bind_ack);
	u.bind_ack.max_xmit_frag = RPC_MAX_PDU_FRAG_LEN;
	u.bind_ack.max_recv_frag = RPC_MAX_PDU_FRAG_LEN;
	u.bind_ack.assoc_group_id = assoc_gid;

	/* name has to be \PIPE\xxxxx */
	u.bind_ack.secondary_address =
			talloc_asprintf(pkt, "\\PIPE\\%s",
					rpc_srv_get_pipe_srv_name(&id));
	if (!u.bind_ack.secondary_address) {
		DEBUG(0, ("Out of memory!\n"));
		goto err_exit;
	}
	u.bind_ack.secondary_address_size =
				strlen(u.bind_ack.secondary_address) + 1;

	u.bind_ack.num_results = 1;
	u.bind_ack.ctx_list = &bind_ack_ctx;

	/* NOTE: We leave the auth_info empty so we can calculate the padding
	 * later and then append the auth_info --simo */

	/*
	 * Marshall directly into the outgoing PDU space. We
	 * must do this as we need to set to the bind response
	 * header and are never sending more than one PDU here.
	 */

	pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST;

	if (p->auth.hdr_signing) {
		pfc_flags |= DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN;
	}

	status = dcerpc_push_ncacn_packet(p->mem_ctx,
					  DCERPC_PKT_BIND_ACK,
					  pfc_flags,
					  auth_resp.length,
					  pkt->call_id,
					  &u,
					  &p->out_data.frag);
	if (!NT_STATUS_IS_OK(status)) {
		DEBUG(0, ("Failed to marshall bind_ack packet. (%s)\n",
			  nt_errstr(status)));
	}

	if (auth_resp.length) {

		status = dcerpc_push_dcerpc_auth(pkt,
						 auth_type,
						 auth_info.auth_level,
						 0,
						 1, /* auth_context_id */
						 &auth_resp,
						 &auth_blob);
		if (!NT_STATUS_IS_OK(status)) {
			DEBUG(0, ("Marshalling of dcerpc_auth failed.\n"));
			goto err_exit;
		}
	}

	/* Now that we have the auth len store it into the right place in
	 * the dcerpc header */
	dcerpc_set_frag_length(&p->out_data.frag,
				p->out_data.frag.length + auth_blob.length);

	if (auth_blob.length) {

		if (!data_blob_append(p->mem_ctx, &p->out_data.frag,
					auth_blob.data, auth_blob.length)) {
			DEBUG(0, ("Append of auth info failed.\n"));
			goto err_exit;
		}
	}

	/*
	 * Setup the lengths for the initial reply.
	 */

	p->out_data.data_sent_length = 0;
	p->out_data.current_pdu_sent = 0;

	TALLOC_FREE(auth_blob.data);
	return True;

  err_exit:

	data_blob_free(&p->out_data.frag);
	TALLOC_FREE(auth_blob.data);
	return setup_bind_nak(p, pkt);
}
Beispiel #12
0
BOOL vfs_init_custom(connection_struct *conn, const char *vfs_object)
{
	vfs_op_tuple *ops;
	char *module_name = NULL;
	char *module_param = NULL, *p;
	int i;
	vfs_handle_struct *handle;
	struct vfs_init_function_entry *entry;
	
	if (!conn||!vfs_object||!vfs_object[0]) {
		DEBUG(0,("vfs_init_custon() called with NULL pointer or emtpy vfs_object!\n"));
		return False;
	}

	if(!backends) {
		static_init_vfs;
	}

	DEBUG(3, ("Initialising custom vfs hooks from [%s]\n", vfs_object));

	module_name = smb_xstrdup(vfs_object);

	p = strchr_m(module_name, ':');

	if (p) {
		*p = 0;
		module_param = p+1;
		trim_char(module_param, ' ', ' ');
	}

	trim_char(module_name, ' ', ' ');

	/* First, try to load the module with the new module system */
	if((entry = vfs_find_backend_entry(module_name)) || 
	   (NT_STATUS_IS_OK(smb_probe_module("vfs", module_name)) && 
		(entry = vfs_find_backend_entry(module_name)))) {

		DEBUGADD(5,("Successfully loaded vfs module [%s] with the new modules system\n", vfs_object));
		
	 	if ((ops = entry->vfs_op_tuples) == NULL) {
	 		DEBUG(0, ("entry->vfs_op_tuples==NULL for [%s] failed\n", vfs_object));
	 		SAFE_FREE(module_name);
	 		return False;
	 	}
	} else {
		DEBUG(0,("Can't find a vfs module [%s]\n",vfs_object));
		SAFE_FREE(module_name);
		return False;
	}

	handle = TALLOC_ZERO_P(conn->mem_ctx,vfs_handle_struct);
	if (!handle) {
		DEBUG(0,("TALLOC_ZERO() failed!\n"));
		SAFE_FREE(module_name);
		return False;
	}
	memcpy(&handle->vfs_next, &conn->vfs, sizeof(struct vfs_ops));
	handle->conn = conn;
	if (module_param) {
		handle->param = talloc_strdup(conn->mem_ctx, module_param);
	}
	DLIST_ADD(conn->vfs_handles, handle);

 	for(i=0; ops[i].op != NULL; i++) {
		DEBUG(5, ("Checking operation #%d (type %d, layer %d)\n", i, ops[i].type, ops[i].layer));
		if(ops[i].layer == SMB_VFS_LAYER_OPAQUE) {
			/* If this operation was already made opaque by different module, it
			 * will be overridden here.
			 */
			DEBUGADD(5, ("Making operation type %d opaque [module %s]\n", ops[i].type, vfs_object));
			vfs_set_operation(&conn->vfs_opaque, ops[i].type, handle, ops[i].op);
		}
		/* Change current VFS disposition*/
		DEBUGADD(5, ("Accepting operation type %d from module %s\n", ops[i].type, vfs_object));
		vfs_set_operation(&conn->vfs, ops[i].type, handle, ops[i].op);
	}

	SAFE_FREE(module_name);
	return True;
}
Beispiel #13
0
bool vfs_init_custom(connection_struct *conn, const char *vfs_object)
{
	char *module_path = NULL;
	char *module_name = NULL;
	char *module_param = NULL, *p;
	vfs_handle_struct *handle;
	const struct vfs_init_function_entry *entry;

	if (!conn||!vfs_object||!vfs_object[0]) {
		DEBUG(0,("vfs_init_custon() called with NULL pointer or emtpy vfs_object!\n"));
		return False;
	}

	if(!backends) {
		static_init_vfs;
	}

	DEBUG(3, ("Initialising custom vfs hooks from [%s]\n", vfs_object));

	module_path = smb_xstrdup(vfs_object);

	p = strchr_m(module_path, ':');

	if (p) {
		*p = 0;
		module_param = p+1;
		trim_char(module_param, ' ', ' ');
	}

	trim_char(module_path, ' ', ' ');

	module_name = smb_xstrdup(module_path);

	if ((module_name[0] == '/') &&
	    (strcmp(module_path, DEFAULT_VFS_MODULE_NAME) != 0)) {

		/*
		 * Extract the module name from the path. Just use the base
		 * name of the last path component.
		 */

		SAFE_FREE(module_name);
		module_name = smb_xstrdup(strrchr_m(module_path, '/')+1);

		p = strchr_m(module_name, '.');

		if (p != NULL) {
			*p = '\0';
		}
	}

	/* First, try to load the module with the new module system */
	entry = vfs_find_backend_entry(module_name);
	if (!entry) {
		NTSTATUS status;

		DEBUG(5, ("vfs module [%s] not loaded - trying to load...\n",
			  vfs_object));

		status = smb_probe_module("vfs", module_path);
		if (!NT_STATUS_IS_OK(status)) {
			DEBUG(0, ("error probing vfs module '%s': %s\n",
				  module_path, nt_errstr(status)));
			goto fail;
		}

		entry = vfs_find_backend_entry(module_name);
		if (!entry) {
			DEBUG(0,("Can't find a vfs module [%s]\n",vfs_object));
			goto fail;
		}
	}

	DEBUGADD(5,("Successfully loaded vfs module [%s] with the new modules system\n", vfs_object));

	handle = TALLOC_ZERO_P(conn, vfs_handle_struct);
	if (!handle) {
		DEBUG(0,("TALLOC_ZERO() failed!\n"));
		goto fail;
	}
	handle->conn = conn;
	handle->fns = entry->fns;
	if (module_param) {
		handle->param = talloc_strdup(conn, module_param);
	}
	DLIST_ADD(conn->vfs_handles, handle);

	SAFE_FREE(module_path);
	SAFE_FREE(module_name);
	return True;

 fail:
	SAFE_FREE(module_path);
	SAFE_FREE(module_name);
	return False;
}