This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
-#include "system/network.h"
-#include "librpc/gen_ndr/ndr_epmapper.h"
-#include "librpc/gen_ndr/ndr_dcerpc.h"
-#include "librpc/gen_ndr/ndr_misc.h"
-#include "libcli/raw/libcliraw.h"
#include "libcli/composite/composite.h"
#include "libcli/smb_composite/smb_composite.h"
+#include "lib/events/events.h"
+#include "libcli/smb2/smb2.h"
+#include "libcli/smb2/smb2_calls.h"
+#include "librpc/rpc/dcerpc.h"
+#include "auth/credentials/credentials.h"
-struct dcerpc_pipe_connect;
-
struct pipe_np_smb_state {
struct smb_composite_connect conn;
struct smbcli_tree *tree;
};
-void continue_pipe_open_smb(struct composite_context *ctx)
+/*
+ Stage 3 of ncacn_np_smb: Named pipe opened (or not)
+*/
+static void continue_pipe_open_smb(struct composite_context *ctx)
{
struct composite_context *c = talloc_get_type(ctx->async.private_data,
struct composite_context);
- struct pipe_np_smb_state *s = talloc_get_type(c->private_data,
- struct pipe_np_smb_state);
+ /* receive result of named pipe open request on smb */
c->status = dcerpc_pipe_open_smb_recv(ctx);
- if (!NT_STATUS_IS_OK(c->status)) {
-
- DEBUG(0,("Failed to open pipe %s - %s\n", s->io.pipe_name, nt_errstr(c->status)));
- composite_trigger_error(c);
- return;
- }
+ if (!composite_is_ok(c)) return;
composite_done(c);
}
-void continue_smb_connect(struct composite_context *ctx)
+/*
+ Stage 2 of ncacn_np_smb: Open a named pipe after successful smb connection
+*/
+static void continue_smb_connect(struct composite_context *ctx)
{
struct composite_context *open_ctx;
struct composite_context *c = talloc_get_type(ctx->async.private_data,
struct pipe_np_smb_state *s = talloc_get_type(c->private_data,
struct pipe_np_smb_state);
+ /* receive result of smb connect request */
c->status = smb_composite_connect_recv(ctx, c);
- if (!NT_STATUS_IS_OK(c->status)) {
-
- DEBUG(0,("Failed to connect to %s - %s\n", s->io.binding->host, nt_errstr(c->status)));
- composite_trigger_error(c);
- return;
- }
+ if (!composite_is_ok(c)) return;
+ /* prepare named pipe open parameters */
s->tree = s->conn.out.tree;
s->io.pipe_name = s->io.binding->endpoint;
- open_ctx = dcerpc_pipe_open_smb_send(s->io.pipe->conn, s->tree, s->io.pipe_name);
+ /* send named pipe open request */
+ open_ctx = dcerpc_pipe_open_smb_send(s->io.pipe, s->tree, s->io.pipe_name);
+ if (composite_nomem(open_ctx, c)) return;
composite_continue(c, open_ctx, continue_pipe_open_smb, c);
}
-/* open a rpc connection to a rpc pipe on SMB using the binding
- structure to determine the endpoint and options */
-struct composite_context *dcerpc_pipe_connect_ncacn_np_smb_send(TALLOC_CTX *tmp_ctx,
+/*
+ Initiate async open of a rpc connection to a rpc pipe on SMB using
+ the binding structure to determine the endpoint and options
+*/
+static struct composite_context *dcerpc_pipe_connect_ncacn_np_smb_send(TALLOC_CTX *mem_ctx,
struct dcerpc_pipe_connect *io)
{
struct composite_context *c;
struct composite_context *conn_req;
struct smb_composite_connect *conn;
- c = talloc_zero(tmp_ctx, struct composite_context);
+ /* composite context allocation and setup */
+ c = composite_create(mem_ctx, io->pipe->conn->event_ctx);
if (c == NULL) return NULL;
s = talloc_zero(c, struct pipe_np_smb_state);
- if (s == NULL) {
- c->status = NT_STATUS_NO_MEMORY;
- goto failed;
- }
-
- c->state = COMPOSITE_STATE_IN_PROGRESS;
+ if (composite_nomem(s, c)) return c;
c->private_data = s;
- c->event_ctx = io->pipe->conn->event_ctx;
s->io = *io;
conn = &s->conn;
+ /* prepare smb connection parameters: we're connecting to IPC$ share on
+ remote rpc server */
conn->in.dest_host = s->io.binding->host;
conn->in.port = 0;
- conn->in.called_name = strupper_talloc(tmp_ctx, s->io.binding->host);
+ conn->in.called_name = s->io.binding->target_hostname;
conn->in.service = "IPC$";
conn->in.service_type = NULL;
- conn->in.fallback_to_anonymous = False;
conn->in.workgroup = lp_workgroup();
+ /*
+ * provide proper credentials - user supplied, but allow a
+ * fallback to anonymous if this is an schannel connection
+ * (might be NT4 not allowing machine logins at session
+ * setup).
+ */
+ s->conn.in.credentials = s->io.creds;
if (s->io.binding->flags & DCERPC_SCHANNEL) {
- struct cli_credentials *anon_creds
- = cli_credentials_init(tmp_ctx);
- if (composite_nomem(anon_creds, c)) return NULL;
-
- cli_credentials_set_anonymous(anon_creds);
- cli_credentials_guess(anon_creds);
-
- s->conn.in.credentials = anon_creds;
-
+ conn->in.fallback_to_anonymous = True;
} else {
- s->conn.in.credentials = s->io.creds;
+ conn->in.fallback_to_anonymous = False;
}
+ /* send smb connect request */
conn_req = smb_composite_connect_send(conn, s->io.pipe->conn, s->io.pipe->conn->event_ctx);
+ if (composite_nomem(conn_req, c)) return c;
composite_continue(c, conn_req, continue_smb_connect, c);
+ return c;
+}
+
+
+/*
+ Receive result of a rpc connection to a rpc pipe on SMB
+*/
+static NTSTATUS dcerpc_pipe_connect_ncacn_np_smb_recv(struct composite_context *c)
+{
+ NTSTATUS status = composite_wait(c);
+
+ talloc_free(c);
+ return status;
+}
+
+
+struct pipe_np_smb2_state {
+ struct smb2_tree *tree;
+ struct dcerpc_pipe_connect io;
+};
+
+
+/*
+ Stage 3 of ncacn_np_smb: Named pipe opened (or not)
+*/
+static void continue_pipe_open_smb2(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+
+ /* receive result of named pipe open request on smb2 */
+ c->status = dcerpc_pipe_open_smb2_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ composite_done(c);
+}
+
+
+/*
+ Stage 2 of ncacn_np_smb2: Open a named pipe after successful smb2 connection
+*/
+static void continue_smb2_connect(struct composite_context *ctx)
+{
+ struct composite_context *open_req;
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+ struct pipe_np_smb2_state *s = talloc_get_type(c->private_data,
+ struct pipe_np_smb2_state);
+
+ /* receive result of smb2 connect request */
+ c->status = smb2_connect_recv(ctx, c, &s->tree);
+ if (!composite_is_ok(c)) return;
+
+ /* prepare named pipe open parameters */
+ s->io.pipe_name = s->io.binding->endpoint;
+
+ /* send named pipe open request */
+ open_req = dcerpc_pipe_open_smb2_send(s->io.pipe, s->tree, s->io.pipe_name);
+ if (composite_nomem(open_req, c)) return;
+
+ composite_continue(c, open_req, continue_pipe_open_smb2, c);
+}
+
+
+/*
+ Initiate async open of a rpc connection request on SMB2 using
+ the binding structure to determine the endpoint and options
+*/
+static struct composite_context *dcerpc_pipe_connect_ncacn_np_smb2_send(TALLOC_CTX *mem_ctx,
+ struct dcerpc_pipe_connect *io)
+{
+ struct composite_context *c;
+ struct pipe_np_smb2_state *s;
+ struct composite_context *conn_req;
+
+ /* composite context allocation and setup */
+ c = composite_create(mem_ctx, io->pipe->conn->event_ctx);
+ if (c == NULL) return NULL;
+
+ s = talloc_zero(c, struct pipe_np_smb2_state);
+ if (composite_nomem(s, c)) return c;
+ c->private_data = s;
+
+ s->io = *io;
+
+ /*
+ * provide proper credentials - user supplied or anonymous in case this is
+ * schannel connection
+ */
+ if (s->io.binding->flags & DCERPC_SCHANNEL) {
+ s->io.creds = cli_credentials_init(mem_ctx);
+ if (composite_nomem(s->io.creds, c)) return c;
+
+ cli_credentials_set_anonymous(s->io.creds);
+ cli_credentials_guess(s->io.creds);
+ }
+
+ /* send smb2 connect request */
+ conn_req = smb2_connect_send(mem_ctx, s->io.binding->host, "IPC$", s->io.creds,
+ c->event_ctx);
+ composite_continue(c, conn_req, continue_smb2_connect, c);
+ return c;
+}
+
+
+/*
+ Receive result of a rpc connection to a rpc pipe on SMB2
+*/
+static NTSTATUS dcerpc_pipe_connect_ncacn_np_smb2_recv(struct composite_context *c)
+{
+ NTSTATUS status = composite_wait(c);
+ talloc_free(c);
+ return status;
+}
+
+
+struct pipe_ip_tcp_state {
+ struct dcerpc_pipe_connect io;
+ const char *host;
+ const char *target_hostname;
+ uint32_t port;
+};
+
+
+/*
+ Stage 2 of ncacn_ip_tcp: rpc pipe opened (or not)
+*/
+static void continue_pipe_open_ncacn_ip_tcp(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+
+ /* receive result of named pipe open request on tcp/ip */
+ c->status = dcerpc_pipe_open_tcp_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ composite_done(c);
+}
+
+
+/*
+ Initiate async open of a rpc connection to a rpc pipe on TCP/IP using
+ the binding structure to determine the endpoint and options
+*/
+static struct composite_context* dcerpc_pipe_connect_ncacn_ip_tcp_send(TALLOC_CTX *mem_ctx,
+ struct dcerpc_pipe_connect *io)
+{
+ struct composite_context *c;
+ struct pipe_ip_tcp_state *s;
+ struct composite_context *pipe_req;
+
+ /* composite context allocation and setup */
+ c = composite_create(mem_ctx, io->pipe->conn->event_ctx);
+ if (c == NULL) return NULL;
+
+ s = talloc_zero(c, struct pipe_ip_tcp_state);
+ if (composite_nomem(s, c)) return c;
+ c->private_data = s;
+
+ /* store input parameters in state structure */
+ s->io = *io;
+ s->host = talloc_reference(c, io->binding->host);
+ s->target_hostname = talloc_reference(c, io->binding->target_hostname);
+ /* port number is a binding endpoint here */
+ s->port = atoi(io->binding->endpoint);
+
+ /* send pipe open request on tcp/ip */
+ pipe_req = dcerpc_pipe_open_tcp_send(s->io.pipe->conn, s->host, s->target_hostname,
+ s->port);
+ composite_continue(c, pipe_req, continue_pipe_open_ncacn_ip_tcp, c);
return c;
+}
+
-failed:
- composite_trigger_error(c);
- return NULL;
+/*
+ Receive result of a rpc connection to a rpc pipe on TCP/IP
+*/
+static NTSTATUS dcerpc_pipe_connect_ncacn_ip_tcp_recv(struct composite_context *c)
+{
+ NTSTATUS status = composite_wait(c);
+
+ talloc_free(c);
+ return status;
+}
+
+
+struct pipe_unix_state {
+ struct dcerpc_pipe_connect io;
+ const char *path;
+};
+
+
+/*
+ Stage 2 of ncacn_unix: rpc pipe opened (or not)
+*/
+static void continue_pipe_open_ncacn_unix_stream(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+
+ /* receive result of pipe open request on unix socket */
+ c->status = dcerpc_pipe_open_unix_stream_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ composite_done(c);
+}
+
+
+/*
+ Initiate async open of a rpc connection to a rpc pipe on unix socket using
+ the binding structure to determine the endpoint and options
+*/
+static struct composite_context* dcerpc_pipe_connect_ncacn_unix_stream_send(TALLOC_CTX *mem_ctx,
+ struct dcerpc_pipe_connect *io)
+{
+ struct composite_context *c;
+ struct pipe_unix_state *s;
+ struct composite_context *pipe_req;
+
+ /* composite context allocation and setup */
+ c = composite_create(mem_ctx, io->pipe->conn->event_ctx);
+ if (c == NULL) return NULL;
+
+ s = talloc_zero(c, struct pipe_unix_state);
+ if (composite_nomem(s, c)) return c;
+ c->private_data = s;
+
+ /* prepare pipe open parameters and store them in state structure
+ also, verify whether biding endpoint is not null */
+ s->io = *io;
+
+ if (!io->binding->endpoint) {
+ DEBUG(0, ("Path to unix socket not specified\n"));
+ composite_error(c, NT_STATUS_INVALID_PARAMETER);
+ return c;
+ }
+
+ s->path = talloc_strdup(c, io->binding->endpoint); /* path is a binding endpoint here */
+ if (composite_nomem(s->path, c)) return c;
+
+ /* send pipe open request on unix socket */
+ pipe_req = dcerpc_pipe_open_unix_stream_send(s->io.pipe->conn, s->path);
+ composite_continue(c, pipe_req, continue_pipe_open_ncacn_unix_stream, c);
+ return c;
}
-NTSTATUS dcerpc_pipe_connect_ncacn_np_smb_recv(struct composite_context *c)
+/*
+ Receive result of a rpc connection to a pipe on unix socket
+*/
+static NTSTATUS dcerpc_pipe_connect_ncacn_unix_stream_recv(struct composite_context *c)
{
NTSTATUS status = composite_wait(c);
}
-NTSTATUS dcerpc_pipe_connect_ncacn_np_smb(TALLOC_CTX *tmp_ctx,
- struct dcerpc_pipe_connect *io)
+struct pipe_ncalrpc_state {
+ struct dcerpc_pipe_connect io;
+};
+
+static NTSTATUS dcerpc_pipe_connect_ncalrpc_recv(struct composite_context *c);
+
+/*
+ Stage 2 of ncalrpc: rpc pipe opened (or not)
+*/
+static void continue_pipe_open_ncalrpc(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+
+ /* receive result of pipe open request on ncalrpc */
+ c->status = dcerpc_pipe_connect_ncalrpc_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ composite_done(c);
+}
+
+
+/*
+ Initiate async open of a rpc connection request on NCALRPC using
+ the binding structure to determine the endpoint and options
+*/
+static struct composite_context* dcerpc_pipe_connect_ncalrpc_send(TALLOC_CTX *mem_ctx,
+ struct dcerpc_pipe_connect *io)
{
struct composite_context *c;
- c = dcerpc_pipe_connect_ncacn_np_smb_send(tmp_ctx, io);
- return dcerpc_pipe_connect_ncacn_np_smb_recv(c);
+ struct pipe_ncalrpc_state *s;
+ struct composite_context *pipe_req;
+
+ /* composite context allocation and setup */
+ c = composite_create(mem_ctx, io->pipe->conn->event_ctx);
+ if (c == NULL) return NULL;
+
+ s = talloc_zero(c, struct pipe_ncalrpc_state);
+ if (composite_nomem(s, c)) return c;
+ c->private_data = s;
+
+ /* store input parameters in state structure */
+ s->io = *io;
+
+ /* send pipe open request */
+ pipe_req = dcerpc_pipe_open_pipe_send(s->io.pipe->conn, s->io.binding->endpoint);
+ composite_continue(c, pipe_req, continue_pipe_open_ncalrpc, c);
+ return c;
+}
+
+
+/*
+ Receive result of a rpc connection to a rpc pipe on NCALRPC
+*/
+static NTSTATUS dcerpc_pipe_connect_ncalrpc_recv(struct composite_context *c)
+{
+ NTSTATUS status = composite_wait(c);
+
+ talloc_free(c);
+ return status;
+}
+
+
+struct pipe_connect_state {
+ struct dcerpc_pipe *pipe;
+ struct dcerpc_binding *binding;
+ const struct dcerpc_interface_table *table;
+ struct cli_credentials *credentials;
+};
+
+
+static void continue_map_binding(struct composite_context *ctx);
+static void continue_connect(struct composite_context *c, struct pipe_connect_state *s);
+static void continue_pipe_connect_ncacn_np_smb2(struct composite_context *ctx);
+static void continue_pipe_connect_ncacn_np_smb(struct composite_context *ctx);
+static void continue_pipe_connect_ncacn_ip_tcp(struct composite_context *ctx);
+static void continue_pipe_connect_ncacn_unix(struct composite_context *ctx);
+static void continue_pipe_connect_ncalrpc(struct composite_context *ctx);
+static void continue_pipe_connect(struct composite_context *c, struct pipe_connect_state *s);
+static void continue_pipe_auth(struct composite_context *ctx);
+
+
+/*
+ Stage 2 of pipe_connect_b: Receive result of endpoint mapping
+*/
+static void continue_map_binding(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+ struct pipe_connect_state *s = talloc_get_type(c->private_data,
+ struct pipe_connect_state);
+
+ c->status = dcerpc_epm_map_binding_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ DEBUG(2,("Mapped to DCERPC endpoint %s\n", s->binding->endpoint));
+
+ continue_connect(c, s);
+}
+
+
+/*
+ Stage 2 of pipe_connect_b: Continue connection after endpoint is known
+*/
+static void continue_connect(struct composite_context *c, struct pipe_connect_state *s)
+{
+ struct dcerpc_pipe_connect pc;
+
+ /* potential exits to another stage by sending an async request */
+ struct composite_context *ncacn_np_smb2_req;
+ struct composite_context *ncacn_np_smb_req;
+ struct composite_context *ncacn_ip_tcp_req;
+ struct composite_context *ncacn_unix_req;
+ struct composite_context *ncalrpc_req;
+
+ /* dcerpc pipe connect input parameters */
+ pc.pipe = s->pipe;
+ pc.binding = s->binding;
+ pc.interface = s->table;
+ pc.creds = s->credentials;
+
+ /* connect dcerpc pipe depending on required transport */
+ switch (s->binding->transport) {
+ case NCACN_NP:
+ if (pc.binding->flags & DCERPC_SMB2) {
+ /* new varient of SMB a.k.a. SMB2 */
+ ncacn_np_smb2_req = dcerpc_pipe_connect_ncacn_np_smb2_send(c, &pc);
+ composite_continue(c, ncacn_np_smb2_req, continue_pipe_connect_ncacn_np_smb2, c);
+ return;
+
+ } else {
+ /* good old ordinary SMB */
+ ncacn_np_smb_req = dcerpc_pipe_connect_ncacn_np_smb_send(c, &pc);
+ composite_continue(c, ncacn_np_smb_req, continue_pipe_connect_ncacn_np_smb, c);
+ return;
+ }
+ break;
+
+ case NCACN_IP_TCP:
+ ncacn_ip_tcp_req = dcerpc_pipe_connect_ncacn_ip_tcp_send(c, &pc);
+ composite_continue(c, ncacn_ip_tcp_req, continue_pipe_connect_ncacn_ip_tcp, c);
+ return;
+
+ case NCACN_UNIX_STREAM:
+ ncacn_unix_req = dcerpc_pipe_connect_ncacn_unix_stream_send(c, &pc);
+ composite_continue(c, ncacn_unix_req, continue_pipe_connect_ncacn_unix, c);
+ return;
+
+ case NCALRPC:
+ ncalrpc_req = dcerpc_pipe_connect_ncalrpc_send(c, &pc);
+ composite_continue(c, ncalrpc_req, continue_pipe_connect_ncalrpc, c);
+ return;
+
+ default:
+ /* looks like a transport we don't support now */
+ composite_error(c, NT_STATUS_NOT_SUPPORTED);
+ }
+}
+
+
+/*
+ Stage 3 of pipe_connect_b: Receive result of pipe connect request on
+ named pipe on smb2
+*/
+static void continue_pipe_connect_ncacn_np_smb2(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+ struct pipe_connect_state *s = talloc_get_type(c->private_data,
+ struct pipe_connect_state);
+
+ c->status = dcerpc_pipe_connect_ncacn_np_smb2_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ continue_pipe_connect(c, s);
+}
+
+
+/*
+ Stage 3 of pipe_connect_b: Receive result of pipe connect request on
+ named pipe on smb
+*/
+static void continue_pipe_connect_ncacn_np_smb(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+ struct pipe_connect_state *s = talloc_get_type(c->private_data,
+ struct pipe_connect_state);
+
+ c->status = dcerpc_pipe_connect_ncacn_np_smb_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ continue_pipe_connect(c, s);
+}
+
+
+/*
+ Stage 3 of pipe_connect_b: Receive result of pipe connect request on tcp/ip
+*/
+static void continue_pipe_connect_ncacn_ip_tcp(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+ struct pipe_connect_state *s = talloc_get_type(c->private_data,
+ struct pipe_connect_state);
+
+ c->status = dcerpc_pipe_connect_ncacn_ip_tcp_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ continue_pipe_connect(c, s);
+}
+
+
+/*
+ Stage 3 of pipe_connect_b: Receive result of pipe connect request on unix socket
+*/
+static void continue_pipe_connect_ncacn_unix(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+ struct pipe_connect_state *s = talloc_get_type(c->private_data,
+ struct pipe_connect_state);
+
+ c->status = dcerpc_pipe_connect_ncacn_unix_stream_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ continue_pipe_connect(c, s);
+}
+
+
+/*
+ Stage 3 of pipe_connect_b: Receive result of pipe connect request on local rpc
+*/
+static void continue_pipe_connect_ncalrpc(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+ struct pipe_connect_state *s = talloc_get_type(c->private_data,
+ struct pipe_connect_state);
+
+ c->status = dcerpc_pipe_connect_ncalrpc_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ continue_pipe_connect(c, s);
+}
+
+
+/*
+ Stage 4 of pipe_connect_b: Start an authentication on connected dcerpc pipe
+ depending on credentials and binding flags passed.
+*/
+static void continue_pipe_connect(struct composite_context *c, struct pipe_connect_state *s)
+{
+ struct composite_context *auth_bind_req;
+
+ s->pipe->binding = s->binding;
+ if (!talloc_reference(s->pipe, s->binding)) {
+ composite_error(c, NT_STATUS_NO_MEMORY);
+ return;
+ }
+
+ auth_bind_req = dcerpc_pipe_auth_send(s->pipe, s->binding, s->table,
+ s->credentials);
+ composite_continue(c, auth_bind_req, continue_pipe_auth, c);
+}
+
+
+/*
+ Stage 5 of pipe_connect_b: Receive result of pipe authentication request
+ and say if all went ok
+*/
+static void continue_pipe_auth(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+ struct pipe_connect_state *s = talloc_get_type(c->private_data, struct pipe_connect_state);
+
+ c->status = dcerpc_pipe_auth_recv(ctx, s, &s->pipe);
+ if (!composite_is_ok(c)) return;
+
+ composite_done(c);
+}
+
+
+/*
+ handle timeouts of a dcerpc connect
+*/
+static void dcerpc_connect_timeout_handler(struct event_context *ev, struct timed_event *te,
+ struct timeval t, void *private)
+{
+ struct composite_context *c = talloc_get_type(private, struct composite_context);
+ composite_error(c, NT_STATUS_IO_TIMEOUT);
+}
+
+/*
+ start a request to open a rpc connection to a rpc pipe, using
+ specified binding structure to determine the endpoint and options
+*/
+struct composite_context* dcerpc_pipe_connect_b_send(TALLOC_CTX *parent_ctx,
+ struct dcerpc_binding *binding,
+ const struct dcerpc_interface_table *table,
+ struct cli_credentials *credentials,
+ struct event_context *ev)
+{
+ struct composite_context *c;
+ struct pipe_connect_state *s;
+ struct event_context *new_ev = NULL;
+
+ if (ev == NULL) {
+ new_ev = event_context_init(parent_ctx);
+ if (new_ev == NULL) return NULL;
+ ev = new_ev;
+ }
+
+ /* composite context allocation and setup */
+ c = composite_create(parent_ctx, ev);
+ if (c == NULL) {
+ talloc_free(new_ev);
+ return NULL;
+ }
+ talloc_steal(c, new_ev);
+
+ s = talloc_zero(c, struct pipe_connect_state);
+ if (composite_nomem(s, c)) return c;
+ c->private_data = s;
+
+ /* initialise dcerpc pipe structure */
+ s->pipe = dcerpc_pipe_init(c, ev);
+ if (composite_nomem(s->pipe, c)) return c;
+
+ /* store parameters in state structure */
+ s->binding = binding;
+ s->table = table;
+ s->credentials = credentials;
+
+ event_add_timed(c->event_ctx, c,
+ timeval_current_ofs(DCERPC_REQUEST_TIMEOUT, 0),
+ dcerpc_connect_timeout_handler, c);
+
+ switch (s->binding->transport) {
+ case NCACN_NP:
+ case NCACN_IP_TCP:
+ case NCALRPC:
+ if (!s->binding->endpoint) {
+ struct composite_context *binding_req;
+ binding_req = dcerpc_epm_map_binding_send(c, s->binding, s->table,
+ s->pipe->conn->event_ctx);
+ composite_continue(c, binding_req, continue_map_binding, c);
+ return c;
+ }
+
+ default:
+ break;
+ }
+
+ continue_connect(c, s);
+ return c;
+}
+
+
+/*
+ receive result of a request to open a rpc connection to a rpc pipe
+*/
+NTSTATUS dcerpc_pipe_connect_b_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
+ struct dcerpc_pipe **p)
+{
+ NTSTATUS status;
+ struct pipe_connect_state *s;
+
+ status = composite_wait(c);
+
+ if (NT_STATUS_IS_OK(status)) {
+ s = talloc_get_type(c->private_data, struct pipe_connect_state);
+ talloc_steal(mem_ctx, s->pipe);
+ *p = s->pipe;
+ }
+ talloc_free(c);
+ return status;
+}
+
+
+/*
+ open a rpc connection to a rpc pipe, using the specified
+ binding structure to determine the endpoint and options - sync version
+*/
+NTSTATUS dcerpc_pipe_connect_b(TALLOC_CTX *parent_ctx,
+ struct dcerpc_pipe **pp,
+ struct dcerpc_binding *binding,
+ const struct dcerpc_interface_table *table,
+ struct cli_credentials *credentials,
+ struct event_context *ev)
+{
+ struct composite_context *c;
+
+ c = dcerpc_pipe_connect_b_send(parent_ctx, binding, table,
+ credentials, ev);
+ return dcerpc_pipe_connect_b_recv(c, parent_ctx, pp);
+}
+
+
+struct pipe_conn_state {
+ struct dcerpc_pipe *pipe;
+};
+
+
+static void continue_pipe_connect_b(struct composite_context *ctx);
+
+
+/*
+ Initiate rpc connection to a rpc pipe, using the specified string
+ binding to determine the endpoint and options.
+ The string is to be parsed to a binding structure first.
+*/
+struct composite_context* dcerpc_pipe_connect_send(TALLOC_CTX *parent_ctx,
+ const char *binding,
+ const struct dcerpc_interface_table *table,
+ struct cli_credentials *credentials,
+ struct event_context *ev)
+{
+ struct composite_context *c;
+ struct pipe_conn_state *s;
+ struct dcerpc_binding *b;
+ struct composite_context *pipe_conn_req;
+ struct event_context *new_ev = NULL;
+
+ if (ev == NULL) {
+ new_ev = event_context_init(parent_ctx);
+ if (new_ev == NULL) return NULL;
+ ev = new_ev;
+ }
+
+ /* composite context allocation and setup */
+ c = composite_create(parent_ctx, ev);
+ if (c == NULL) {
+ talloc_free(new_ev);
+ return NULL;
+ }
+ talloc_steal(c, new_ev);
+
+ s = talloc_zero(c, struct pipe_conn_state);
+ if (composite_nomem(s, c)) return c;
+ c->private_data = s;
+
+ /* parse binding string to the structure */
+ c->status = dcerpc_parse_binding(c, binding, &b);
+ if (!NT_STATUS_IS_OK(c->status)) {
+ DEBUG(0, ("Failed to parse dcerpc binding '%s'\n", binding));
+ composite_error(c, c->status);
+ return c;
+ }
+
+ DEBUG(3, ("Using binding %s\n", dcerpc_binding_string(c, b)));
+
+ /*
+ start connecting to a rpc pipe after binding structure
+ is established
+ */
+ pipe_conn_req = dcerpc_pipe_connect_b_send(c, b, table,
+ credentials, ev);
+ composite_continue(c, pipe_conn_req, continue_pipe_connect_b, c);
+ return c;
+}
+
+
+/*
+ Stage 2 of pipe_connect: Receive result of actual pipe connect request
+ and say if we're done ok
+*/
+static void continue_pipe_connect_b(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+ struct pipe_conn_state *s = talloc_get_type(c->private_data,
+ struct pipe_conn_state);
+
+ c->status = dcerpc_pipe_connect_b_recv(ctx, c, &s->pipe);
+ talloc_steal(s, s->pipe);
+ if (!composite_is_ok(c)) return;
+
+ composite_done(c);
+}
+
+
+/*
+ Receive result of pipe connect (using binding string) request
+ and return connected pipe structure.
+*/
+NTSTATUS dcerpc_pipe_connect_recv(struct composite_context *c,
+ TALLOC_CTX *mem_ctx,
+ struct dcerpc_pipe **pp)
+{
+ NTSTATUS status;
+ struct pipe_conn_state *s;
+
+ status = composite_wait(c);
+ if (NT_STATUS_IS_OK(status)) {
+ s = talloc_get_type(c->private_data, struct pipe_conn_state);
+ *pp = talloc_steal(mem_ctx, s->pipe);
+ }
+ talloc_free(c);
+ return status;
+}
+
+
+/*
+ Open a rpc connection to a rpc pipe, using the specified string
+ binding to determine the endpoint and options - sync version
+*/
+NTSTATUS dcerpc_pipe_connect(TALLOC_CTX *parent_ctx,
+ struct dcerpc_pipe **pp,
+ const char *binding,
+ const struct dcerpc_interface_table *table,
+ struct cli_credentials *credentials,
+ struct event_context *ev)
+{
+ struct composite_context *c;
+ c = dcerpc_pipe_connect_send(parent_ctx, binding,
+ table,
+ credentials, ev);
+ return dcerpc_pipe_connect_recv(c, parent_ctx, pp);
+}
+
+
+struct sec_conn_state {
+ struct dcerpc_pipe *pipe;
+ struct dcerpc_pipe *pipe2;
+ struct dcerpc_binding *binding;
+ struct smbcli_tree *tree;
+};
+
+
+static void continue_open_smb(struct composite_context *ctx);
+static void continue_open_tcp(struct composite_context *ctx);
+static void continue_open_pipe(struct composite_context *ctx);
+static void continue_pipe_open(struct composite_context *c);
+
+
+/*
+ Send request to create a secondary dcerpc connection from a primary
+ connection
+*/
+struct composite_context* dcerpc_secondary_connection_send(struct dcerpc_pipe *p,
+ struct dcerpc_binding *b)
+{
+ struct composite_context *c;
+ struct sec_conn_state *s;
+ struct composite_context *pipe_smb_req;
+ struct composite_context *pipe_tcp_req;
+ struct composite_context *pipe_ncalrpc_req;
+
+ /* composite context allocation and setup */
+ c = composite_create(p, p->conn->event_ctx);
+ if (c == NULL) return NULL;
+
+ s = talloc_zero(c, struct sec_conn_state);
+ if (composite_nomem(s, c)) return c;
+ c->private_data = s;
+
+ s->pipe = p;
+ s->binding = b;
+
+ /* initialise second dcerpc pipe based on primary pipe's event context */
+ s->pipe2 = dcerpc_pipe_init(c, s->pipe->conn->event_ctx);
+ if (composite_nomem(s->pipe2, c)) return c;
+
+ /* open second dcerpc pipe using the same transport as for primary pipe */
+ switch (s->pipe->conn->transport.transport) {
+ case NCACN_NP:
+ /* get smb tree of primary dcerpc pipe opened on smb */
+ s->tree = dcerpc_smb_tree(s->pipe->conn);
+ if (!s->tree) {
+ composite_error(c, NT_STATUS_INVALID_PARAMETER);
+ return c;
+ }
+
+ pipe_smb_req = dcerpc_pipe_open_smb_send(s->pipe2, s->tree,
+ s->binding->endpoint);
+ composite_continue(c, pipe_smb_req, continue_open_smb, c);
+ return c;
+
+ case NCACN_IP_TCP:
+ pipe_tcp_req = dcerpc_pipe_open_tcp_send(s->pipe2->conn,
+ s->binding->host,
+ s->binding->target_hostname,
+ atoi(s->binding->endpoint));
+ composite_continue(c, pipe_tcp_req, continue_open_tcp, c);
+ return c;
+
+ case NCALRPC:
+ pipe_ncalrpc_req = dcerpc_pipe_open_pipe_send(s->pipe2->conn,
+ s->binding->endpoint);
+ composite_continue(c, pipe_ncalrpc_req, continue_open_pipe, c);
+ return c;
+
+ default:
+ /* looks like a transport we don't support */
+ composite_error(c, NT_STATUS_NOT_SUPPORTED);
+ }
+
+ return c;
+}
+
+
+/*
+ Stage 2 of secondary_connection: Receive result of pipe open request on smb
+*/
+static void continue_open_smb(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+
+ c->status = dcerpc_pipe_open_smb_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ continue_pipe_open(c);
+}
+
+
+/*
+ Stage 2 of secondary_connection: Receive result of pipe open request on tcp/ip
+*/
+static void continue_open_tcp(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+
+ c->status = dcerpc_pipe_open_tcp_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ continue_pipe_open(c);
+}
+
+
+/*
+ Stage 2 of secondary_connection: Receive result of pipe open request on ncalrpc
+*/
+static void continue_open_pipe(struct composite_context *ctx)
+{
+ struct composite_context *c = talloc_get_type(ctx->async.private_data,
+ struct composite_context);
+
+ c->status = dcerpc_pipe_open_pipe_recv(ctx);
+ if (!composite_is_ok(c)) return;
+
+ continue_pipe_open(c);
+}
+
+
+/*
+ Stage 3 of secondary_connection: Get binding data and flags from primary pipe
+ and say if we're done ok.
+*/
+static void continue_pipe_open(struct composite_context *c)
+{
+ struct sec_conn_state *s;
+
+ s = talloc_get_type(c->private_data, struct sec_conn_state);
+
+ s->pipe2->conn->flags = s->pipe->conn->flags;
+ s->pipe2->binding = s->binding;
+ if (!talloc_reference(s->pipe2, s->binding)) {
+ composite_error(c, NT_STATUS_NO_MEMORY);
+ return;
+ }
+
+ composite_done(c);
+}
+
+
+/*
+ Receive result of secondary rpc connection request and return
+ second dcerpc pipe.
+*/
+NTSTATUS dcerpc_secondary_connection_recv(struct composite_context *c,
+ struct dcerpc_pipe **p2)
+{
+ NTSTATUS status = composite_wait(c);
+ struct sec_conn_state *s;
+
+ s = talloc_get_type(c->private_data, struct sec_conn_state);
+
+ if (NT_STATUS_IS_OK(status)) {
+ *p2 = talloc_steal(s->pipe, s->pipe2);
+ }
+
+ talloc_free(c);
+ return status;
+}
+
+/*
+ Create a secondary dcerpc connection from a primary connection
+ - sync version
+
+ If the primary is a SMB connection then the secondary connection
+ will be on the same SMB connection, but using a new fnum
+*/
+NTSTATUS dcerpc_secondary_connection(struct dcerpc_pipe *p,
+ struct dcerpc_pipe **p2,
+ struct dcerpc_binding *b)
+{
+ struct composite_context *c;
+
+ c = dcerpc_secondary_connection_send(p, b);
+ return dcerpc_secondary_connection_recv(c, p2);
}
git.samba.org / kai / samba-autobuild / .git / blobdiff