s3:rpc_server: Activate samba-dcerpcd

This is the big switch to use samba-dcerpcd for the RPC services in
source3/. It is a pretty big and unordered patch, but I don't see a
good way to split this up into more manageable pieces without
sacrificing bisectability even more. Probably I could cut out a few
small ones, but a major architechtural switch like this will always be
messy.

Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Samuel Cabrero <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>

lib/fuzzing/wscript_build

@@ -19,7 +19,7 @@ bld.SAMBA_BINARY('fuzz_tiniparser',
 
 bld.SAMBA_BINARY('fuzz_parse_lpq_entry',
                  source='fuzz_parse_lpq_entry.c',
-                 deps='fuzzing  afl-fuzz-main smbd_base',
+                 deps='fuzzing  afl-fuzz-main smbd_base PRINTING',
                  fuzzer=True)
 
 bld.SAMBA_BINARY('fuzz_oLschema2ldif',

pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm

@@ -464,73 +464,11 @@ sub boilerplate_ep_server($)
 	my $name = $interface->{NAME};
 	my $uname = uc $name;
 
-	$self->pidl("static NTSTATUS $name\__check_register_in_endpoint(const char *name, struct dcerpc_binding *binding) {");
-	$self->indent();
-	$self->pidl("enum dcerpc_transport_t transport = dcerpc_binding_get_transport(binding);");
-	$self->pidl("NTSTATUS status;");
-	$self->pidl("");
-	$self->pidl("/* If service is disabled, do not register */");
-	$self->pidl("if (rpc_service_mode(name) == RPC_SERVICE_MODE_DISABLED) {");
-	$self->indent();
-	$self->pidl("return NT_STATUS_NOT_IMPLEMENTED;");
-	$self->deindent();
-	$self->pidl("}");
-
-	$self->pidl("");
-	$self->pidl("/* If service is embedded, register only for ncacn_np");
-	$self->pidl(" * see 8466b3c85e4b835e57e41776853093f4a0edc8b8");
-	$self->pidl(" */");
-	$self->pidl("if (rpc_service_mode(name) == RPC_SERVICE_MODE_EMBEDDED && (transport != NCACN_NP && transport != NCALRPC)) {");
-	$self->indent();
-	$self->pidl("DBG_INFO(\"Interface \'$name\' not registered in endpoint \'%s\' as service is embedded\\n\", name);");
-	$self->pidl("return NT_STATUS_NOT_SUPPORTED;");
-	$self->deindent();
-	$self->pidl("}");
-
-	$self->pidl("");
-	$self->pidl("/*");
-	$self->pidl(" * If rpc service is external then change the default ncalrpc endpoint,");
-	$self->pidl(" * otherwise if the rpc daemon running this service is configured in");
-	$self->pidl(" * fork mode the forked process will race with main smbd to accept the");
-	$self->pidl(" * connections in the default ncalrpc socket, and the forked process");
-	$self->pidl(" * may not have the requested interface registered.");
-	$self->pidl(" * For example, in the ad_member test environment:");
-	$self->pidl(" *");
-	$self->pidl(" *   rpc_server:lsarpc = external");
-	$self->pidl(" *   rpc_server:samr = external");
-	$self->pidl(" *   rpc_server:netlogon = disabled");
-	$self->pidl(" *   rpc_daemon:lsasd = fork");
-	$self->pidl(" *");
-	$self->pidl(" * With these settings both, the main smbd and all the preforked lsasd");
-	$self->pidl(" * processes would be listening in the default ncalrpc socket if it is");
-	$self->pidl(" * not changed. If a client connection is accepted by one of the lsasd");
-	$self->pidl(" * worker processes and the client asks for an interface not registered");
-	$self->pidl(" * in these processes (winreg for example) it will get an error.");
-	$self->pidl(" */");
-	$self->pidl("if (rpc_service_mode(name) == RPC_SERVICE_MODE_EXTERNAL && transport == NCALRPC) {");
-	$self->indent();
-	$self->pidl("status = dcerpc_binding_set_string_option(binding, \"endpoint\", \"$uname\");");
-	$self->pidl("if (!NT_STATUS_IS_OK(status)) {");
-	$self->indent();
-	$self->pidl("return status;");
-	$self->deindent();
-	$self->pidl("}");
-	$self->deindent();
-	$self->pidl("}");
-
-	$self->pidl("");
-	$self->pidl("return NT_STATUS_OK;");
-	$self->deindent();
-	$self->pidl("}");
-	$self->pidl("");
-
 	$self->pidl("static NTSTATUS $name\__op_init_server(struct dcesrv_context *dce_ctx, const struct dcesrv_endpoint_server *ep_server)");
 	$self->pidl("{");
 	$self->indent();
 	$self->pidl("uint32_t i;");
 	$self->pidl("NTSTATUS ret;");
-	$self->pidl("struct dcerpc_binding *binding;");
-	$self->pidl("struct dcerpc_binding *binding2 = NULL;");
 	$self->pidl("");
 	$self->pidlnoindent("#ifdef DCESRV_INTERFACE_$uname\_NCACN_NP_SECONDARY_ENDPOINT");
 	$self->pidl("const char *ncacn_np_secondary_endpoint = DCESRV_INTERFACE_$uname\_NCACN_NP_SECONDARY_ENDPOINT;");
@@ -542,40 +480,7 @@ sub boilerplate_ep_server($)
 	$self->indent();
 	$self->pidl("const char *name = ndr_table_$name.endpoints->names[i];");
 	$self->pidl("");
-	$self->pidl("ret = dcerpc_parse_binding(dce_ctx, name, &binding);");
-	$self->pidl("if (NT_STATUS_IS_ERR(ret)) {");
-	$self->indent();
-	$self->pidl("DBG_ERR(\"Failed to parse binding string \'%s\'\\n\", name);");
-	$self->pidl("return ret;");
-	$self->deindent();
-	$self->pidl("}");
-	$self->pidl("");
-	$self->pidl("ret = $name\__check_register_in_endpoint(\"$name\", binding);");
-	$self->pidl("if (NT_STATUS_IS_ERR(ret)) {");
-	$self->indent();
-	$self->pidl("talloc_free(binding);");
-	$self->pidl("continue;");
-	$self->deindent();
-	$self->pidl("}");
-	$self->pidl("");
-
-	$self->pidl("if (ncacn_np_secondary_endpoint != NULL) {");
-	$self->indent();
-	$self->pidl("ret = dcerpc_parse_binding(dce_ctx, ncacn_np_secondary_endpoint, &binding2);");
-	$self->pidl("if (NT_STATUS_IS_ERR(ret)) {");
-	$self->indent();
-	$self->pidl("DBG_ERR(\"Failed to parse 2nd binding string \'%s\'\\n\", ncacn_np_secondary_endpoint);");
-	$self->pidl("TALLOC_FREE(binding);");
-	$self->pidl("return ret;");
-	$self->deindent();
-	$self->pidl("}");
-	$self->deindent();
-	$self->pidl("}");
-	$self->pidl("");
-
-	$self->pidl("ret = dcesrv_interface_register_b(dce_ctx, binding, binding2, &dcesrv_$name\_interface, NULL);");
-	$self->pidl("TALLOC_FREE(binding);");
-	$self->pidl("TALLOC_FREE(binding2);");
+	$self->pidl("ret = dcesrv_interface_register(dce_ctx, name, ncacn_np_secondary_endpoint, &dcesrv_$name\_interface, NULL);");
 	$self->pidl("if (!NT_STATUS_IS_OK(ret)) {");
 	$self->indent();
 	$self->pidl("DBG_ERR(\"Failed to register endpoint \'%s\'\\n\",name);");

selftest/in_screen

@@ -45,7 +45,7 @@ cleanup() {
     }
 
     case $ENVNAME in
-	*.nmbd|*.smbd|*.winbindd|*.samba)
+	*.nmbd|*.smbd|*.winbindd|*.samba|*.samba_dcerpcd)
 	    kill $(cat $basedir/../"${ENVNAME%\.*}"/pid/"${ENVNAME##*\.}".pid)
 	    ;;
     esac
@@ -81,7 +81,7 @@ read stdin_var
 echo "$(date) EOF on stdin" >> $basedir/$SERVERNAME.log
 
 case $ENVNAME in
-    *.nmbd|*.smbd|*.winbindd|*.samba)
+    *.nmbd|*.smbd|*.winbindd|*.samba|*.samba_dcerpcd)
 	kill $(cat $basedir/../"${ENVNAME%\.*}"/pid/"${ENVNAME##*\.}".pid)
 	;;
 esac

selftest/knownfail

@@ -90,6 +90,7 @@
 ^samba4.rpc.epmapper.*.Lookup_simple
 ^samba4.rpc.epmapper.*.Map_simple
 ^samba4.rpc.epmapper.*.Map_full
+^samba3.rpc.epmapper.*.Map_full
 ^samba4.rpc.lsalookup on ncalrpc
 ^samba4.rpc.lsalookup on ncacn_np
 ^samba4.rpc.lsalookup with seal,padcheck
@@ -342,11 +343,6 @@
 ^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_no_auth_presentation_ctx_invalid4
 ^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_spnego_change_auth_type2
 ^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_spnego_change_transfer
-# Association groups between processes not implemented yet in s3 server implementation
-^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_assoc_group_ok2\(ad_member\)
-^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_assoc_group_fail1\(ad_member\)
-^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_assoc_group_fail2\(ad_member\)
-^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_assoc_group_fail3\(ad_member\)
 # NETLOGON is disabled in any non-DC environments
 ^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_2nd_cancel_requests\(ad_member\)
 ^samba.tests.dcerpc.raw_protocol.*.TestDCERPC_BIND.test_first_08_requests\(ad_member\)
@@ -370,7 +366,6 @@
 ^samba4.rpc.echo.*on.*with.object.echo.enum.*nt4_dc
 ^samba4.rpc.echo.*on.*with.object.echo.testcall.*nt4_dc
 ^samba4.rpc.echo.*on.*with.object.echo.testcall2.*nt4_dc
-^samba4.rpc.echo.*on.*ncacn_ip_tcp.*with.object.*nt4_dc
 ^samba.tests.dcerpc.dnsserver.samba.tests.dcerpc.dnsserver.DnsserverTests.test_add_duplicate_different_type.*
 ^samba.tests.dcerpc.dnsserver.samba.tests.dcerpc.dnsserver.DnsserverTests.test_rank_none.*
 ^samba.tests.dcerpc.dnsserver.samba.tests.dcerpc.dnsserver.DnsserverTests.test_security_descriptor.*