s4:rpc_server: allocate struct dcesrv_auth with talloc

author Stefan Metzmacher <metze@samba.org>

Thu, 8 Nov 2018 12:28:07 +0000 (13:28 +0100)

committer Jeremy Allison <jra@samba.org>

Sat, 12 Jan 2019 02:13:37 +0000 (03:13 +0100)
author Stefan Metzmacher <metze@samba.org>
Thu, 8 Nov 2018 12:28:07 +0000 (13:28 +0100)
committer Jeremy Allison <jra@samba.org>
Sat, 12 Jan 2019 02:13:37 +0000 (03:13 +0100)
diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c

index 5211619c09fc914401ce4e51881cda4ff1a442f2..ee53a7fbacc666d9d188daeff698971481326a9e 100644 (file)
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -531,6 +531,37 @@ _PUBLIC_ NTSTATUS dcesrv_transport_session_key(struct dcesrv_call_state *call,
         return NT_STATUS_OK;
  }
  
+static struct dcesrv_auth *dcesrv_auth_create(struct dcesrv_connection *conn)
+{
+       const struct dcesrv_endpoint *ep = conn->endpoint;
+       enum dcerpc_transport_t transport =
+               dcerpc_binding_get_transport(ep->ep_description);
+       struct dcesrv_auth *auth = NULL;
+
+       auth = talloc_zero(conn, struct dcesrv_auth);
+       if (auth == NULL) {
+               return NULL;
+       }
+
+       switch (transport) {
+       case NCACN_NP:
+               auth->session_key_fn = dcesrv_remote_session_key;
+               break;
+       case NCALRPC:
+       case NCACN_UNIX_STREAM:
+               auth->session_key_fn = dcesrv_local_fixed_session_key;
+               break;
+       default:
+               /*
+                * All other's get a NULL pointer, which
+                * results in NT_STATUS_NO_USER_SESSION_KEY
+                */
+               break;
+       }
+
+       return auth;
+}
+
  /*
    connect to a dcerpc endpoint
  */
@@ -544,8 +575,7 @@ static NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
                                  uint32_t state_flags,
                                  struct dcesrv_connection **_p)
  {
-       enum dcerpc_transport_t transport =
-               dcerpc_binding_get_transport(ep->ep_description);
+       struct dcesrv_auth *auth = NULL;
         struct dcesrv_connection *p;
  
         if (!session_info) {
@@ -555,11 +585,6 @@ static NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
         p = talloc_zero(mem_ctx, struct dcesrv_connection);
         NT_STATUS_HAVE_NO_MEMORY(p);
  
-       if (!talloc_reference(p, session_info)) {
-               talloc_free(p);
-               return NT_STATUS_NO_MEMORY;
-       }
-
         p->dce_ctx = dce_ctx;
         p->endpoint = ep;
         p->packet_log_dir = lpcfg_lock_directory(dce_ctx->lp_ctx);
@@ -572,23 +597,20 @@ static NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
         p->max_xmit_frag = 5840;
         p->max_total_request_size = DCERPC_NCACN_REQUEST_DEFAULT_MAX_SIZE;
  
-       p->auth_state.session_info = session_info;
-       switch (transport) {
-       case NCACN_NP:
-               p->auth_state.session_key_fn = dcesrv_remote_session_key;
-               break;
-       case NCALRPC:
-       case NCACN_UNIX_STREAM:
-               p->auth_state.session_key_fn = dcesrv_local_fixed_session_key;
-               break;
-       default:
-               /*
-                * All other's get a NULL pointer, which
-                * results in NT_STATUS_NO_USER_SESSION_KEY
-                */
-               break;
+       auth = dcesrv_auth_create(p);
+       if (auth == NULL) {
+               talloc_free(p);
+               return NT_STATUS_NO_MEMORY;
         }
  
+       auth->session_info = talloc_reference(auth, session_info);
+       if (auth->session_info == NULL) {
+               talloc_free(p);
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       p->default_auth_state = auth;
+
         /*
          * For now we only support NDR32.
          */
@@ -2000,7 +2022,7 @@ static NTSTATUS dcesrv_process_ncacn_packet(struct dcesrv_connection *dce_conn,
         talloc_steal(call, blob.data);
         call->pkt = *pkt;
  
-       call->auth_state = &dce_conn->auth_state;
+       call->auth_state = dce_conn->default_auth_state;
  
         talloc_set_destructor(call, dcesrv_call_dequeue);
  
diff --git a/source4/rpc_server/dcerpc_server.h b/source4/rpc_server/dcerpc_server.h

index 41613cb089947e8a94bb955c454e61b27ac1aaf7..d3c0a080b27100934552f1e011fa9e123cbe5c83 100644 (file)
--- a/source4/rpc_server/dcerpc_server.h
+++ b/source4/rpc_server/dcerpc_server.h
@@ -289,7 +289,7 @@ struct dcesrv_connection {
         const struct tsocket_address *remote_address;
  
         /* the current authentication state */
-       struct dcesrv_auth auth_state;
+       struct dcesrv_auth *default_auth_state;
  
         /*
          * remember which pdu types are allowed
diff --git a/source4/rpc_server/dcesrv_auth.c b/source4/rpc_server/dcesrv_auth.c

index a32bbea9a037ecdd084c9707dcbc9cf4bec2ab5c..23f3332ae4c31cc04f5e594d1e8fcd8729476267 100644 (file)
--- a/source4/rpc_server/dcesrv_auth.c
+++ b/source4/rpc_server/dcesrv_auth.c
@@ -122,7 +122,7 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
         auth->auth_context_id = call->in_auth_info.auth_context_id;
  
         server_credentials 
-               = cli_credentials_init(call);
+               = cli_credentials_init(auth);
         if (!server_credentials) {
                 DEBUG(1, ("Failed to init server credentials\n"));
                 return false;
@@ -136,7 +136,8 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
                 return false;
         }
  
-       status = samba_server_gensec_start(dce_conn, call->event_ctx, 
+       status = samba_server_gensec_start(auth,
+                                          call->event_ctx,
                                            call->msg_ctx,
                                            call->conn->dce_ctx->lp_ctx,
                                            server_credentials,
@@ -276,7 +277,7 @@ NTSTATUS dcesrv_auth_complete(struct dcesrv_call_state *call, NTSTATUS status)
         }
  
         status = gensec_session_info(auth->gensec_security,
-                                    dce_conn,
+                                    auth,
                                      &auth->session_info);
         if (!NT_STATUS_IS_OK(status)) {
                 DEBUG(1, ("Failed to establish session_info: %s\n",
author	Stefan Metzmacher <metze@samba.org>
	Thu, 8 Nov 2018 12:28:07 +0000 (13:28 +0100)
committer	Jeremy Allison <jra@samba.org>
	Sat, 12 Jan 2019 02:13:37 +0000 (03:13 +0100)
source4/rpc_server/dcerpc_server.c		patch \| blob \| history
source4/rpc_server/dcerpc_server.h		patch \| blob \| history
source4/rpc_server/dcesrv_auth.c		patch \| blob \| history