BACKPORT-MARKER: v4-19-witness-backports-for-dcesrv-bug-14356.txt

Revert "DEBUG part3"

This reverts commit 5bb2366f67ef06c328ddd1a6d0269e2687c26053.

Revert "DEBUG librpc/rpc/dcesrv_auth.c AUTH3 failing machine account"

This reverts commit 1951885bae0fedc9a94c9a3b44d355ffd06afb9c.

DEBUG librpc/rpc/dcesrv_auth.c AUTH3 failing machine account

rm selftest/knownfail.d/dcerpc-auth-pad

FIX8 if (a->auth_type != auth_type) => auth_invalid

FIX8 sq dcesrv_auth_prepare_auth3

FIX8 auth3 fault codes

FIX8 SQ auth3 with 4 legs results in DCERPC_NCA_S_PROTO_ERROR => no
fault, just a delayed one

FIX8 auth3 with 4 legs results in DCERPC_NCA_S_PROTO_ERROR

FIX8 auth3 check against call->conn->transport_max_recv_frag

FIX8 librpc/rpc/dcesrv better fault codes dcesrv_auth_prepare_auth3

FIX7 sq2 fix default_auth_level_connect auth_invalid => FAULT_ACCESS_DENIED

FIX7 fix default_auth_level_connect auth_invalid => FAULT_ACCESS_DENIED

TEST5 test_no_auth_ctx_request

TEST3 LATER python/samba/tests/dcerpc/raw_testcase.py get_invalid_creds

TEST7 fix comment in test_spnego_change_auth_type1

gensec:spnego: ignore trailing bytes in SPNEGO_SERVER_START state - selftest/knownfail.d/dcerpc-auth-pad

gensec:spnego: ignore trailing bytes in SPNEGO_SERVER_START state

This matches Windows (at least Server 2012_R2).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

gensec:ntlmssp: only allow messages up to 2888 bytes - selftest/knownfail.d/dcerpc-auth-pad

gensec:ntlmssp: only allow messages up to 2888 bytes

This matches Windows (at least Server 2012_R2).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

dcesrv_core: alter_context logon failures should result in DCERPC_FAULT_ACCESS_DENIED test_spnego_change_auth_type1 selftest/knownfail.d/dcerpc-auth-pad

dcesrv_core: alter_context logon failures should result in DCERPC_FAULT_ACCESS_DENIED

We should use DCERPC_FAULT_ACCESS_DENIED as default for
gensec status results of e.g. NT_STATUS_LOGON_FAILURE or
NT_STATUS_INVALID_PARAMTER.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

dcesrv_core: a failure from gensec_update results in NAK_REASON_INVALID_CHECKSUM selftest/knownfail.d/dcerpc-auth-pad

dcesrv_core: a failure from gensec_update results in NAK_REASON_INVALID_CHECKSUM

We already report that for gensec_start_mech_by_authtype() failures,
but we also need to do that for any invalid authentication.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

dcerpc_util: let dcerpc_pull_auth_trailer() ignore data_and_pad for bind, alter, auth3 selftest/knownfail.d/dcerpc-auth-pad

dcerpc_util: let dcerpc_pull_auth_trailer() ignore data_and_pad for bind, alter, auth3

Sometimes Windows sends 3 presentation contexts (NDR32, NDR64,
BindTimeFeatureNegotiation) in the first BIND of an association.

Binding an additional connection to the association seems to
reuse the BIND buffer and just changes the num_contexts field from
3 to 2 and leaves the BindTimeFeatureNegotiation context as padding
in places.

Note, the auth_pad_length field is send as 0 in that case,
which means we need to ignore it completely, as well as any
padding before the auth header.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

dcerpc_util: let dcerpc_pull_auth_trailer() expose the reject reason selftest/knownfail.d/dcerpc-auth-pad

dcerpc_util: let dcerpc_pull_auth_trailer() expose the reject reason

If dcerpc_pull_auth_trailer() returns NT_STATUS_RPC_PROTOCOL_ERROR
it will return the BIND reject code in auth->auth_context_id.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

dcerpc_util: let dcerpc_pull_auth_trailer() check that auth_offset is 4 bytes aligned selftest/knownfail.d/dcerpc-auth-pad

dcerpc_util: let dcerpc_pull_auth_trailer() check that auth_offset is 4 bytes aligned

That what Windows (at least 2012_R2) also asserts.

It also makes sure that ndr_pull_dcerpc_auth() will
start with ndr->offset = 0 and don't tries to eat
possible padding.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

TEST2 TODO test_schannel_invalid_bind selftest/knownfail.d/dcerpc-auth-pad

TEST2 TODO test_schannel_invalid_bind

TEST1b test_spnego_connect_bind_auth_align[4|2] selftest/knownfail.d/dcerpc-auth-pad

TEST1b test_spnego_connect_bind_auth_align[4|2]

TEST1 python/samba/tests/dcerpc/raw_protocol.py selftest/knownfail.d/dcerpc-auth-pad

TEST1 python/samba/tests/dcerpc/raw_protocol.py

dcesrv_core: introduce dcesrv_connection->transport_max_recv_frag

The max fragment size depends on the transport.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

tests/dcerpc/raw_protocol: run test_neg_xmit_ffff_ffff over tcp and smb

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

dcesrv_core: add more verbose debugging for missing association groups

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14356

Signed-off-by: Stefan Metzmacher <metze@samba.org>

DEBUG part3

BACKPORT-MARKER: v4-19-witness-backports-from-wip.txt

smb2_tcon: add "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" options

Signed-off-by: Stefan Metzmacher <metze@samba.org>

python:tests/rpcd_witness_samba_only: add tests for 'net witness force-response'

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:utils: add 'net witness force-response'

This allows generating any possible AsyncNotify response
for the specified selection of witness registrations
from rpcd_witness_registration.tdb.

This can be used by developers to test the (windows)
client behavior to specific AsyncNotify responses.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

python:tests/rpcd_witness_samba_only: add tests for 'net witness force-unregister'

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:utils: add 'net witness force-unregister'

This allows removing of the specified selection
of witness registrations from rpcd_witness_registration.tdb.

Any pending AsyncNotify will get WERR_NOT_FOUND.

Typically this triggers a clean re-registration on the client.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

python:tests/rpcd_witness_samba_only: add tests for 'net witness {client,share}-move'

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:utils: add 'net witness client-move' and 'net witness share-move'

These can be used to generate CLIENT_MOVE or SHARE_MOVE message
to the specified selection of witness registrations from
rpcd_witness_registration.tdb

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:rpc_server/witness: add handling of MSG_RPCD_WITNESS_REGISTRATION_UPDATE messages

This implements the server side features for the
'net witness [client-move,...]' commands in the end.

These are administrator driven notifications for the witness client.

RPCD_WITNESS_REGISTRATION_UPDATE_FORCE_RESPONSE and
RPCD_WITNESS_REGISTRATION_UPDATE_FORCE_UNREGISTER will be very useful
for later automated testing.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:rpcd_witness.idl: add rpcd_witness_registration_updateB message definitions

This will be used for rpcd_witness_registration_updateB messages
in 'net witness [client-move,...]' commands later.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

messaging.idl: add MSG_RPCD_WITNESS_REGISTRATION_UPDATE

This will be used for rpcd_witness_registration_updateB messages
in 'net witness [client-move,...]' commands later.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

python:tests/rpcd_witness_samba_only: add tests for 'net witness list'

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:utils: add 'net witness list' command

It lists the entries from the rpcd_witness_registration.tdb.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:rpc_server/witness: let Register[Ex] store rpcd_witness_registration.tdb records

This will allow 'net witness list' to be implemented in the end.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:rpcd_witness.idl: introduce definitions for rpcd_witness_registration.tdb records

A rpcd_witness_registration.tdb will be added shortly in order to
implement useful 'net witness [list,client-move,...]' commands
in the end.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

python/blackbox: add rpcd_witness_samba_only.py test

This tests the witness service and its interaction with
ctdb.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

python/tests: add TestCase.get_loadparm(s3=True) support

This will be used for tests with registry shares,
as the top level loadparm system doesn't support them.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

script/autobuild.py: also pass PYTHONPATH to make test of 'samba-ctdb'

Otherwise tests won't find the custom tdb python bindings

Signed-off-by: Stefan Metzmacher <metze@samba.org>

selftest/Samba: export CTDB_PREFIX in clusteredmember testenv

It means ctdb/tests/local_daemons.sh will be easily useable

Signed-off-by: Stefan Metzmacher <metze@samba.org>

selftest/Samba3: start samba_dcerpcd in clusteredmember

This enables the rpcd_witness to be available.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

selftest/Samba3: remove unused variable in setup_clusteredmember

Signed-off-by: Stefan Metzmacher <metze@samba.org>

selftest/Samba3: get NETBIOSNAME correct for clusteredmember

It was missed in commit
7598b9069d3b983f8eb3b89b8459ec993ee43c80

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:rpc_server/witness: add implementation based on CTDB_SRVID_IPREALLOCATED and ctdbd_all_ip_foreach()

The design is relatively simple in the end:

- We use ctdbd_all_ip_foreach() in order to build an
  in memory list of interfaces(ip addresses) and
  record if:
  - they are currently available or not
  - if they node local or not

- The current list is would we use for the
  GetInterfaceList() call.

- Register[Ex] will create an in memory structure
  holding a queue for pending AsyncNotify requests.

- Unregister() will cancel pending AsyncNotify requests and
  let them return NOT_FOUND.

- CTDB_SRVID_IPREALLOCATED messages will cause we refresh
  with ctdbd_all_ip_foreach():
  - this will detect changes in the interface state
    and remove stale interfaces.
  - for each change the list of registrations is checked
    for a matching ip address and a RESOURCE_CHANGE
    will be scheduled in the queue of the registration,
    the started queue will trigger AsyncNotify responses

- We also register the connections with ctdb in order
  to give other nodes a chance to generate tickle-acks
  for the witness tcp connections.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:rpc_server: add basic rpcd_witness template

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:ctdbd_conn: add ctdbd_all_ip_foreach() helper

This can we used to traverse through all ip addresses ctdb knows
about.

The caller can select node ips and/or public ips.

This will we useful to monitor the addresses from a witness
service...

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:ctdbd_conn: split out ctdbd_control_get_nodemap()

This will simplify future changes...

Signed-off-by: Stefan Metzmacher <metze@samba.org>

s3:ctdbd_conn: pass vnn to ctdbd_control_get_public_ips()

In future we also want to ask other nodes for their public_ips.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

witness.idl: make witness_interfaceList public to that ndr_print works in python

Signed-off-by: Stefan Metzmacher <metze@samba.org>

smbstatus: let --json include session.{creation,expiration,auth}_time

This is very useful in order to predict NETWORK_SESSION_EXPIRED
messages...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

selftest: make get_loadparm a classmethod

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 18fd2e4ff35e4ec3491a1836c1896c1417126b08)

BACKPORT-MARKER: v4-19-witness-backports-from-txt

dcesrv_reply: just drop responses if the connection is already terminating

There's no reason to waste resources...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jan  9 11:26:55 UTC 2024 on atb-devel-224

(cherry picked from commit 1b6ef968d8370757cb472a1e3bfe030f8066c50d)

dcesrv_core: add dcesrv_call_state->subreq in order to allow tevent_req_cancel() on termination

Requests might be cancelled if the connection got disconnected,
we got an ORPHANED or CO_CANCEL pdu.

But this is all opt-in for the backends to choose.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit e829f5d8ec3a77acb52a22d45e61dcce03762a10)

witness.idl: add flag(NDR_PAHEX) to some hex based enums

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 87e37e73a9ba13ed92a33a385a387b225b2b9190)

witness.idl: make some types public in order to be used elsewhere

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 290b0b04ae41b835f864bba02b1320693ef199d3)

witness.idl: Set cifs as auth service name for the witness interface

Windows clients use the 'cifs' service name to bind to the witness interface.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 5beef87816d103a729508ce88368c30c87b1fa4e)

tdb: fix python/tdbdump.py example

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 78ec47a6674db65d738305cf00861aa711886a43)

examples/scripts: add smbXsrvdump

A simple python tool to dump smbXsrv TDB databases.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 3c73d201d454a88135757065a2b238e6d94a1ac9)

smbXsrv.idl: add python bindings

This is useful for some scripting examples and debugging...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 8e850685a1052a16bea402df3e8057218080c373)

smbstatus: let --json dump also session channels

This makes if easier to see how tcp connections belong
to a session or client_guid.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit b96ce32f826ba03384e6a7535200d7e18354fc4b)

smbstatus: let --json report the client_guid a session belongs to

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 3f92a684abb577b84d01b8f9124a7a459635d851)

smbXsrv_session: store session_global->client_guid

This is very useful for debugging...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit c1c326ebccb272acc918a97aff5b659cc299c9e5)

s3:sessionid: export smbXsrv_session_global via sessionid->global

This will allow smbstatus --json to dump more details.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 88b1c8723b30930585514dacd472e4941c69220c)

lib/util: let is_zero_addr() return true for AF_UNSPEC

It means the completely zero'ed structure is detected
as zero address, as AF_UNSPEC is 0.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit d52f7279063817055b6816d9f8372e374c90f75f)

s3:smbd multichannel: improve smbXsrv_connection_dbg()

client_guid as well as local and remote address help a lot
for debugging...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 10b084f824f839497405665b904cd54f8f5ff703)

s3:smbd multichannel: let a cross-node session binding NT_STATUS_REQUEST_NOT_ACCEPTED

This is better than NT_STATUS_USER_SESSION_DELETED, as it means the
client can keep it's session alive. Otherwise a windows client believes
the whole session is gone and all other channels are invalid.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 475784d63e9381e8a76cd666842686c1b8d2d0b4)

s3:smbd multichannel: always allow multichannel to the ip of the queried connection

We can announce the ip of the current connection even if it's
a moveable cluster address... as the client is already connected to it.

This change means in a typical ctdb cluster, where we only have public
addresses, the client can at least have more than one multichannel'ed
connection to the public ip.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 8a3707e3ed96df43c8f825527deb7d27fe0c6be8)

libcli/security: remove PRIMARY_{USER,GROUP}_SID_INDEX defines from security.h

These and more are also defined in security_token.h, which is later included
from security.h anyway.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit f94d2ed13e6aa54e7e4e4cc292c565de1711a2a9)

libcli/smb: add new SMB2_SHAREFLAG_ defines in smb2_constants.h

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 6331d33ae498e03368422e585c3e47cfc73dfdb2)

ctdb: add comments to "addip"/"delip" when CTDB_{CONTROL,EVENT,SRVID}_IPREALLOCATED happens

"addip"/"delip" are different from "moveip" so they don't need to
call ipreallocate() nor send_ipreallocated_control_to_nodes().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 62654f0aeb1909129e87df061186509560859bed)

ctdb: let "moveip" end with CTDB_CONTROL_IPREALLOCATED to all connected nodes

This matches the behavior of takeover_send/recv() from
ctdb_takeover_helper.c.

It means we consistently call the ipreallocated event scripts
and also send CTDB_SRVID_IPREALLOCATED after moving ips.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 589ebabc95eef0c301a47696e82c0ac341027597)

ctdb: remove unused ctdb_message_disable_ip_check()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit 2c6b455bd7656b4e43d1f4ea488f06cd7918586b)

ctdb: let "moveip" also use disable_takeover_runs()

That makes the behavior more consistent compared to a takeover run
started from the within ctdbd.

The behavior is the same but ctdb_message_disable_ip_check() used
a legacy code path and the next commits will also touch some
of the moveip logic...

The logic and comments are copied from control_reloadips().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit cad1969b171766a5264973e7bfb5f9f7295421b6)

ctdb: send a CTDB_SRVID_IPREALLOCATED message after CTDB_EVENT_IPREALLOCATED

Event scripts run the "ipreallocated" hook in order to notice that some ip addresses
in the cluster potentially changed.

CTDB_SRVID_IPREALLOCATED gives C code a chance to get notified as well once the event
scripts are finished.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
(cherry picked from commit b1d0d5d51422f377c2e989ea6dacb2aa5794082b)

s4:rpc_server/epmapper: use ndr_syntax_id_equal() in dcesrv_epm_Map() to match the request

This matches it much easier to understand.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 5ec5496df40e6015ec8de6133a406bb50efebe35)

s4:rpc_server/epmapper: check dcerpc_floor_get_uuid_full() result in dcesrv_epm_Map()

This already checks for EPM_PROTOCOL_UUID and simplifies the logic.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 53e4fe647ec3f840836340cf9eac4f79b8794aad)

s4:rpc_server: simplify logic in dcesrv_epm_Map matching

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit dfdb8736c750079bc42d274a416c9f7ea3f820dc)

librpc/rpc: also get the 2nd half of the ndr_syntax_id from a floor

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 7a7a38b870dd8f0b384e290b8e9e18305bf54f90)

librpc/rpc: add dcerpc_floor_pack_uuid_full() helper function

This handles the full syntax with split major and minor version,
from lhs and rhs.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 1058382d048bc368a3825cb295d9aeabf0ef9b10)