DCERPC: Difference between revisions

From SambaWiki
(→‎DCERPC merge/ TODO: see master4-dcerpc-new)
No edit summary
 
(4 intermediate revisions by 2 users not shown)
Line 8: Line 8:
=== Samba3 vs. Samba4 ===
=== Samba3 vs. Samba4 ===


We have four separate (all incomplete) implementations of DCERPC (two servers and two clients).
We have one server and two separate clients (all incomplete) implementations of DCERPC.
The aim is to merge the good parts of all implementations together and extend the result
The aim is to merge the good parts of all implementations together and extend the result
to be more feature complete.
to be more feature complete.
Line 48: Line 48:
=== Related Branches (work in progress!) ===
=== Related Branches (work in progress!) ===


* https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-dcerpc
* https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-dcerpc
* https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-dcerpc-ok
* https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-dcerpc-ok
* https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-dcerpc-base
* https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-dcerpc-base
* https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-dcerpc-new
* https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-dcerpc-new
* https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-pidl-pipe
* https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-pidl-pipe
* https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master3-gb
* https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master3-gb
* https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel
* https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel
* https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel-ok
* https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel-ok
* https://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel-base
* https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel-base
* https://gitweb.samba.org/?p=ddiss/samba.git;a=shortlog;h=refs/heads/async_fsrvp_srv_wip_xp2013
* https://git.samba.org/?p=ddiss/samba.git;a=shortlog;h=refs/heads/async_fsrvp_srv_wip_xp2013

=== Related Pages ===

* [[DCERPC_Hardening|DCERPC Hardening]]


=== Talks ===
=== Talks ===


* https://www.samba.org/~metze/presentations/2014/metze_sambaxp2014_dcerpc-handout.pdf
* https://www.samba.org/~metze/presentations/2014/StefanMetzmacher_sdc2014_dcerpc-handout.pdf

Latest revision as of 13:23, 25 November 2021

DCERPC / Overview

The samba DCERPC infrastructure should support all protocol features described in:

Samba3 vs. Samba4

We have one server and two separate clients (all incomplete) implementations of DCERPC. The aim is to merge the good parts of all implementations together and extend the result to be more feature complete.

DCERPC Design Goals

Base the whole infrastructure on talloc, tevent and tstream. All internals are fully async. This will allow us to support also the most complex problems like:

DCERPC merge/ DONE

  • pidl: generic client stub bindings based on 'struct dcerpc_binding_handle'
  • source4: change callers to explicit check r.out.result for NTSTATUS based functions
  • librpc/dcerpc: generic 'struct dcerpc_binding_handle' based infrastructure for DCERPC Calls
  • source4/librpc: provide a dcerpc_binding_handle implementation on top of the current 'dcerpc_pipe' infrastructure
  • pidl: remove old Samba4 style stub bindings
  • source3/rpc_client: provide a dcerpc_binding_handle implementation on top of the current 'rpc_pipe_client' infrastructure
  • source4/irpc: provide a dcerpc_binding_handle implementation to hide IRPC specific details.
  • python: use pidl bindings also for irpc calls.
  • source3: convert the callers to use the dcerpc_binding_handle based stubs
  • source3/rpc_client: hide rpc_cli_transport infrastructure behind a tstream implementation.
  • source4/librpc: replace dcerpc_transport infrastructure by using tstream as interface to the low level transport.

DCERPC merge/ TODO

  • let python bindings explicitly use the dcerpc_binding_handle abstraction (better handling for multiple binding handles on the same connection).
  • maybe use better ways to handle application level errors vs. exceptions in the python bindings.
  • start to think about how we can have a common code base between the dcerpc_binding_handle layer and the tstream layer... (see master4-dcerpc-new branch)
  • start to think about how to make the server part more generic... (see master4-dcerpc-new branch)

Related Branches (work in progress!)

Related Pages

Talks