2 Unix SMB/Netbios implementation.
3 Generic infrstructure for RPC Daemons
4 Copyright (C) Simo Sorce 2010
5 Copyright (C) Andrew Bartlett 2011
6 Copyright (C) Andreas Schneider 2011
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "rpc_server/rpc_pipes.h"
24 #include "rpc_server/rpc_server.h"
26 #include "librpc/gen_ndr/netlogon.h"
27 #include "librpc/gen_ndr/auth.h"
28 #include "lib/tsocket/tsocket.h"
29 #include "libcli/named_pipe_auth/npa_tstream.h"
30 #include "../auth/auth_sam_reply.h"
32 #include "rpc_server/rpc_ncacn_np.h"
33 #include "rpc_server/srv_pipe_hnd.h"
34 #include "rpc_server/srv_pipe.h"
36 #define SERVER_TCP_LOW_PORT 1024
37 #define SERVER_TCP_HIGH_PORT 1300
39 static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx,
40 struct auth_session_info **session_info)
44 status = make_session_info_guest(mem_ctx, session_info);
45 if (!NT_STATUS_IS_OK(status)) {
52 /* Creates a pipes_struct and initializes it with the information
53 * sent from the client */
54 static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
55 struct messaging_context *msg_ctx,
56 const char *pipe_name,
57 enum dcerpc_transport_t transport,
58 bool ncalrpc_as_system,
59 const struct tsocket_address *local_address,
60 const struct tsocket_address *remote_address,
61 struct auth_session_info *session_info,
62 struct pipes_struct **_p,
65 struct pipes_struct *p;
69 ret = make_base_pipes_struct(mem_ctx, msg_ctx, pipe_name,
70 transport, RPC_LITTLE_ENDIAN,
72 remote_address, local_address, &p);
78 if (session_info->unix_token && session_info->unix_info && session_info->security_token) {
79 /* Don't call create_local_token(), we already have the full details here */
80 p->session_info = talloc_steal(p, session_info);
83 struct auth_user_info_dc *auth_user_info_dc;
84 struct auth_serversupplied_info *server_info;
85 struct netr_SamInfo3 *info3;
87 /* Fake up an auth_user_info_dc for now, to make an info3, to make the session_info structure */
88 auth_user_info_dc = talloc_zero(p, struct auth_user_info_dc);
89 if (!auth_user_info_dc) {
95 auth_user_info_dc->num_sids = session_info->security_token->num_sids;
96 auth_user_info_dc->sids = session_info->security_token->sids;
97 auth_user_info_dc->info = session_info->info;
98 auth_user_info_dc->user_session_key = session_info->session_key;
100 /* This creates the input structure that make_server_info_info3 is looking for */
101 status = auth_convert_user_info_dc_saminfo3(p, auth_user_info_dc,
104 if (!NT_STATUS_IS_OK(status)) {
105 DEBUG(1, ("Failed to convert auth_user_info_dc into netr_SamInfo3\n"));
111 status = make_server_info_info3(p,
112 info3->base.account_name.string,
113 info3->base.domain.string,
114 &server_info, info3);
115 if (!NT_STATUS_IS_OK(status)) {
116 DEBUG(1, ("Failed to init server info\n"));
123 * Some internal functions need a local token to determine access to
126 status = create_local_token(p, server_info, &session_info->session_key, &p->session_info);
127 talloc_free(server_info);
128 if (!NT_STATUS_IS_OK(status)) {
129 DEBUG(1, ("Failed to init local auth token\n"));
140 /* Start listening on the appropriate unix socket and setup all is needed to
141 * dispatch requests to the pipes rpc implementation */
143 struct dcerpc_ncacn_listen_state {
144 struct ndr_syntax_id syntax_id;
152 struct tevent_context *ev_ctx;
153 struct messaging_context *msg_ctx;
154 dcerpc_ncacn_disconnect_fn disconnect_fn;
157 static void named_pipe_listener(struct tevent_context *ev,
158 struct tevent_fd *fde,
162 bool setup_named_pipe_socket(const char *pipe_name,
163 struct tevent_context *ev_ctx,
164 struct messaging_context *msg_ctx)
166 struct dcerpc_ncacn_listen_state *state;
167 struct tevent_fd *fde;
170 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
172 DEBUG(0, ("Out of memory\n"));
175 state->ep.name = talloc_strdup(state, pipe_name);
176 if (state->ep.name == NULL) {
177 DEBUG(0, ("Out of memory\n"));
182 state->ev_ctx = ev_ctx;
183 state->msg_ctx = msg_ctx;
186 * As lp_ncalrpc_dir() should have 0755, but
187 * lp_ncalrpc_dir()/np should have 0700, we need to
188 * create lp_ncalrpc_dir() first.
190 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
191 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
192 lp_ncalrpc_dir(), strerror(errno)));
196 np_dir = talloc_asprintf(state, "%s/np", lp_ncalrpc_dir());
198 DEBUG(0, ("Out of memory\n"));
202 if (!directory_create_or_exist(np_dir, geteuid(), 0700)) {
203 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
204 np_dir, strerror(errno)));
208 state->fd = create_pipe_sock(np_dir, pipe_name, 0700);
209 if (state->fd == -1) {
210 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
216 DEBUG(10, ("Openened pipe socket fd %d for %s\n",
217 state->fd, pipe_name));
219 fde = tevent_add_fd(ev_ctx,
220 state, state->fd, TEVENT_FD_READ,
221 named_pipe_listener, state);
223 DEBUG(0, ("Failed to add event handler!\n"));
227 tevent_fd_set_auto_close(fde);
231 if (state->fd != -1) {
238 static void named_pipe_accept_function(struct tevent_context *ev_ctx,
239 struct messaging_context *msg_ctx,
240 const char *pipe_name,
243 static void named_pipe_listener(struct tevent_context *ev,
244 struct tevent_fd *fde,
248 struct dcerpc_ncacn_listen_state *state =
249 talloc_get_type_abort(private_data,
250 struct dcerpc_ncacn_listen_state);
251 struct sockaddr_un sunaddr;
255 /* TODO: should we have a limit to the number of clients ? */
257 len = sizeof(sunaddr);
259 sd = accept(state->fd,
260 (struct sockaddr *)(void *)&sunaddr, &len);
263 if (errno != EINTR) {
264 DEBUG(6, ("Failed to get a valid socket [%s]\n",
270 DEBUG(6, ("Accepted socket %d\n", sd));
272 named_pipe_accept_function(state->ev_ctx,
279 /* This is the core of the rpc server.
280 * Accepts connections from clients and process requests using the appropriate
281 * dispatcher table. */
283 struct named_pipe_client {
284 const char *pipe_name;
286 struct tevent_context *ev;
287 struct messaging_context *msg_ctx;
290 uint16_t device_state;
291 uint64_t allocation_size;
293 struct tstream_context *tstream;
295 struct tsocket_address *client;
297 struct tsocket_address *server;
300 struct auth_session_info *session_info;
302 struct pipes_struct *p;
304 struct tevent_queue *write_queue;
310 static void named_pipe_accept_done(struct tevent_req *subreq);
312 static void named_pipe_accept_function(struct tevent_context *ev_ctx,
313 struct messaging_context *msg_ctx,
314 const char *pipe_name,
317 struct named_pipe_client *npc;
318 struct tstream_context *plain;
319 struct tevent_req *subreq;
322 npc = talloc_zero(NULL, struct named_pipe_client);
324 DEBUG(0, ("Out of memory!\n"));
329 npc->pipe_name = talloc_strdup(npc, pipe_name);
330 if (npc->pipe_name == NULL) {
331 DEBUG(0, ("Out of memory!\n"));
337 npc->msg_ctx = msg_ctx;
339 /* make sure socket is in NON blocking state */
340 ret = set_blocking(fd, false);
342 DEBUG(2, ("Failed to make socket non-blocking\n"));
348 ret = tstream_bsd_existing_socket(npc, fd, &plain);
350 DEBUG(2, ("Failed to create tstream socket\n"));
356 npc->file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
357 npc->device_state = 0xff | 0x0400 | 0x0100;
358 npc->allocation_size = 4096;
360 subreq = tstream_npa_accept_existing_send(npc, npc->ev, plain,
363 npc->allocation_size);
365 DEBUG(2, ("Failed to start async accept procedure\n"));
370 tevent_req_set_callback(subreq, named_pipe_accept_done, npc);
373 static void named_pipe_packet_process(struct tevent_req *subreq);
374 static void named_pipe_packet_done(struct tevent_req *subreq);
376 static void named_pipe_accept_done(struct tevent_req *subreq)
378 struct auth_session_info_transport *session_info_transport;
379 struct named_pipe_client *npc =
380 tevent_req_callback_data(subreq, struct named_pipe_client);
384 ret = tstream_npa_accept_existing_recv(subreq, &error, npc,
390 &session_info_transport);
392 npc->session_info = talloc_move(npc, &session_info_transport->session_info);
396 DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
402 ret = make_server_pipes_struct(npc,
404 npc->pipe_name, NCACN_NP,
405 false, npc->server, npc->client, npc->session_info,
408 DEBUG(2, ("Failed to create pipes_struct! (%s)\n",
413 npc->write_queue = tevent_queue_create(npc, "np_server_write_queue");
414 if (!npc->write_queue) {
415 DEBUG(2, ("Failed to set up write queue!\n"));
419 /* And now start receiving and processing packets */
420 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
422 DEBUG(2, ("Failed to start receving packets\n"));
425 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
429 DEBUG(2, ("Fatal error. Terminating client(%s) connection!\n",
431 /* terminate client connection */
436 static void named_pipe_packet_process(struct tevent_req *subreq)
438 struct named_pipe_client *npc =
439 tevent_req_callback_data(subreq, struct named_pipe_client);
440 struct _output_data *out = &npc->p->out_data;
441 DATA_BLOB recv_buffer = data_blob_null;
442 struct ncacn_packet *pkt;
450 status = dcerpc_read_ncacn_packet_recv(subreq, npc, &pkt, &recv_buffer);
452 if (!NT_STATUS_IS_OK(status)) {
456 data_left = recv_buffer.length;
457 data = (char *)recv_buffer.data;
461 data_used = process_incoming_data(npc->p, data, data_left);
463 DEBUG(3, ("Failed to process dceprc request!\n"));
464 status = NT_STATUS_UNEXPECTED_IO_ERROR;
468 data_left -= data_used;
472 /* Do not leak this buffer, npc is a long lived context */
473 talloc_free(recv_buffer.data);
476 /* this is needed because of the way DCERPC Binds work in
477 * the RPC marshalling code */
478 to_send = out->frag.length - out->current_pdu_sent;
481 DEBUG(10, ("Current_pdu_len = %u, "
482 "current_pdu_sent = %u "
483 "Returning %u bytes\n",
484 (unsigned int)out->frag.length,
485 (unsigned int)out->current_pdu_sent,
486 (unsigned int)to_send));
488 npc->iov = talloc_zero(npc, struct iovec);
490 status = NT_STATUS_NO_MEMORY;
495 npc->iov[0].iov_base = out->frag.data
496 + out->current_pdu_sent;
497 npc->iov[0].iov_len = to_send;
499 out->current_pdu_sent += to_send;
502 /* this condition is false for bind packets, or when we haven't
503 * yet got a full request, and need to wait for more data from
505 while (out->data_sent_length < out->rdata.length) {
507 ok = create_next_pdu(npc->p);
509 DEBUG(3, ("Failed to create next PDU!\n"));
510 status = NT_STATUS_UNEXPECTED_IO_ERROR;
514 npc->iov = talloc_realloc(npc, npc->iov,
515 struct iovec, npc->count + 1);
517 status = NT_STATUS_NO_MEMORY;
521 npc->iov[npc->count].iov_base = out->frag.data;
522 npc->iov[npc->count].iov_len = out->frag.length;
524 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
525 (unsigned int)npc->count,
526 (unsigned int)npc->iov[npc->count].iov_len));
527 dump_data(11, (const uint8_t *)npc->iov[npc->count].iov_base,
528 npc->iov[npc->count].iov_len);
532 /* we still don't have a complete request, go back and wait for more
534 if (npc->count == 0) {
535 /* Wait for the next packet */
536 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
538 DEBUG(2, ("Failed to start receving packets\n"));
539 status = NT_STATUS_NO_MEMORY;
542 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
546 DEBUG(10, ("Sending a total of %u bytes\n",
547 (unsigned int)npc->p->out_data.data_sent_length));
549 subreq = tstream_writev_queue_send(npc, npc->ev,
552 npc->iov, npc->count);
554 DEBUG(2, ("Failed to send packet\n"));
555 status = NT_STATUS_NO_MEMORY;
558 tevent_req_set_callback(subreq, named_pipe_packet_done, npc);
562 DEBUG(2, ("Fatal error(%s). "
563 "Terminating client(%s) connection!\n",
564 nt_errstr(status), npc->client_name));
565 /* terminate client connection */
570 static void named_pipe_packet_done(struct tevent_req *subreq)
572 struct named_pipe_client *npc =
573 tevent_req_callback_data(subreq, struct named_pipe_client);
577 ret = tstream_writev_queue_recv(subreq, &sys_errno);
580 DEBUG(2, ("Writev failed!\n"));
584 /* clear out any data that may have been left around */
586 TALLOC_FREE(npc->iov);
587 data_blob_free(&npc->p->in_data.data);
588 data_blob_free(&npc->p->out_data.frag);
589 data_blob_free(&npc->p->out_data.rdata);
591 /* Wait for the next packet */
592 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
594 DEBUG(2, ("Failed to start receving packets\n"));
598 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
602 DEBUG(2, ("Fatal error(%s). "
603 "Terminating client(%s) connection!\n",
604 strerror(sys_errno), npc->client_name));
605 /* terminate client connection */
610 static void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
611 struct messaging_context *msg_ctx,
612 enum dcerpc_transport_t transport,
614 struct tsocket_address *cli_addr,
615 struct tsocket_address *srv_addr,
617 dcerpc_ncacn_disconnect_fn fn);
619 /********************************************************************
620 * Start listening on the tcp/ip socket
621 ********************************************************************/
623 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
624 struct tevent_fd *fde,
628 uint16_t setup_dcerpc_ncacn_tcpip_socket(struct tevent_context *ev_ctx,
629 struct messaging_context *msg_ctx,
630 const struct sockaddr_storage *ifss,
633 struct dcerpc_ncacn_listen_state *state;
634 struct tevent_fd *fde;
637 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
639 DEBUG(0, ("setup_dcerpc_ncacn_tcpip_socket: Out of memory\n"));
644 state->ep.port = port;
645 state->disconnect_fn = NULL;
647 if (state->ep.port == 0) {
650 for (i = SERVER_TCP_LOW_PORT; i <= SERVER_TCP_HIGH_PORT; i++) {
651 state->fd = open_socket_in(SOCK_STREAM,
662 state->fd = open_socket_in(SOCK_STREAM,
668 if (state->fd == -1) {
669 DEBUG(0, ("setup_dcerpc_ncacn_tcpip_socket: Failed to create "
670 "socket on port %u!\n", state->ep.port));
674 state->ev_ctx = ev_ctx;
675 state->msg_ctx = msg_ctx;
677 /* ready to listen */
678 set_socket_options(state->fd, "SO_KEEPALIVE");
679 set_socket_options(state->fd, lp_socket_options());
681 /* Set server socket to non-blocking for the accept. */
682 set_blocking(state->fd, false);
684 rc = listen(state->fd, SMBD_LISTEN_BACKLOG);
686 DEBUG(0,("setup_tcpip_socket: listen - %s\n", strerror(errno)));
690 DEBUG(10, ("setup_tcpip_socket: openened socket fd %d for port %u\n",
691 state->fd, state->ep.port));
693 fde = tevent_add_fd(state->ev_ctx,
697 dcerpc_ncacn_tcpip_listener,
700 DEBUG(0, ("setup_tcpip_socket: Failed to add event handler!\n"));
704 tevent_fd_set_auto_close(fde);
706 return state->ep.port;
708 if (state->fd != -1) {
716 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
717 struct tevent_fd *fde,
721 struct dcerpc_ncacn_listen_state *state =
722 talloc_get_type_abort(private_data,
723 struct dcerpc_ncacn_listen_state);
724 struct tsocket_address *cli_addr = NULL;
725 struct tsocket_address *srv_addr = NULL;
726 struct sockaddr_storage addr;
727 socklen_t in_addrlen = sizeof(addr);
731 s = accept(state->fd, (struct sockaddr *)(void *) &addr, &in_addrlen);
733 if (errno != EINTR) {
734 DEBUG(0,("tcpip_listener accept: %s\n",
740 rc = tsocket_address_bsd_from_sockaddr(state,
741 (struct sockaddr *)(void *) &addr,
749 rc = getsockname(s, (struct sockaddr *)(void *) &addr, &in_addrlen);
755 rc = tsocket_address_bsd_from_sockaddr(state,
756 (struct sockaddr *)(void *) &addr,
764 DEBUG(6, ("tcpip_listener: Accepted socket %d\n", s));
766 dcerpc_ncacn_accept(state->ev_ctx,
776 /********************************************************************
777 * Start listening on the ncalrpc socket
778 ********************************************************************/
780 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
781 struct tevent_fd *fde,
785 bool setup_dcerpc_ncalrpc_socket(struct tevent_context *ev_ctx,
786 struct messaging_context *msg_ctx,
788 dcerpc_ncacn_disconnect_fn fn)
790 struct dcerpc_ncacn_listen_state *state;
791 struct tevent_fd *fde;
793 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
795 DEBUG(0, ("Out of memory\n"));
800 state->disconnect_fn = fn;
805 state->ep.name = talloc_strdup(state, name);
807 if (state->ep.name == NULL) {
808 DEBUG(0, ("Out of memory\n"));
813 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
814 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
815 lp_ncalrpc_dir(), strerror(errno)));
819 state->fd = create_pipe_sock(lp_ncalrpc_dir(), name, 0755);
820 if (state->fd == -1) {
821 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
822 lp_ncalrpc_dir(), name));
826 DEBUG(10, ("Openened pipe socket fd %d for %s\n", state->fd, name));
828 state->ev_ctx = ev_ctx;
829 state->msg_ctx = msg_ctx;
831 /* Set server socket to non-blocking for the accept. */
832 set_blocking(state->fd, false);
834 fde = tevent_add_fd(state->ev_ctx,
838 dcerpc_ncalrpc_listener,
841 DEBUG(0, ("Failed to add event handler for ncalrpc!\n"));
845 tevent_fd_set_auto_close(fde);
849 if (state->fd != -1) {
857 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
858 struct tevent_fd *fde,
862 struct dcerpc_ncacn_listen_state *state =
863 talloc_get_type_abort(private_data,
864 struct dcerpc_ncacn_listen_state);
865 struct tsocket_address *cli_addr = NULL;
866 struct sockaddr_un sunaddr;
867 struct sockaddr *addr = (struct sockaddr *)(void *)&sunaddr;
868 socklen_t len = sizeof(sunaddr);
872 ZERO_STRUCT(sunaddr);
874 sd = accept(state->fd, addr, &len);
876 if (errno != EINTR) {
877 DEBUG(0, ("ncalrpc accept() failed: %s\n", strerror(errno)));
882 rc = tsocket_address_bsd_from_sockaddr(state,
890 DEBUG(10, ("Accepted ncalrpc socket %d\n", sd));
892 dcerpc_ncacn_accept(state->ev_ctx,
897 state->disconnect_fn);
900 struct dcerpc_ncacn_conn {
901 enum dcerpc_transport_t transport;
905 struct pipes_struct *p;
906 dcerpc_ncacn_disconnect_fn disconnect_fn;
908 struct tevent_context *ev_ctx;
909 struct messaging_context *msg_ctx;
911 struct tstream_context *tstream;
912 struct tevent_queue *send_queue;
914 struct tsocket_address *client;
916 struct tsocket_address *server;
918 struct auth_session_info *session_info;
924 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq);
925 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq);
927 static void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
928 struct messaging_context *msg_ctx,
929 enum dcerpc_transport_t transport,
931 struct tsocket_address *cli_addr,
932 struct tsocket_address *srv_addr,
934 dcerpc_ncacn_disconnect_fn fn) {
935 struct dcerpc_ncacn_conn *ncacn_conn;
936 struct tevent_req *subreq;
938 const char *srv_str = NULL;
939 bool system_user = false;
946 DEBUG(10, ("dcerpc_ncacn_accept\n"));
948 ncacn_conn = talloc_zero(ev_ctx, struct dcerpc_ncacn_conn);
949 if (ncacn_conn == NULL) {
950 DEBUG(0, ("Out of memory!\n"));
955 ncacn_conn->transport = transport;
956 ncacn_conn->ev_ctx = ev_ctx;
957 ncacn_conn->msg_ctx = msg_ctx;
958 ncacn_conn->sock = s;
959 ncacn_conn->disconnect_fn = fn;
961 ncacn_conn->client = talloc_move(ncacn_conn, &cli_addr);
962 if (tsocket_address_is_inet(ncacn_conn->client, "ip")) {
963 ncacn_conn->client_name =
964 tsocket_address_inet_addr_string(ncacn_conn->client,
967 ncacn_conn->client_name =
968 tsocket_address_unix_path(ncacn_conn->client,
971 if (ncacn_conn->client_name == NULL) {
972 DEBUG(0, ("Out of memory!\n"));
973 talloc_free(ncacn_conn);
978 if (srv_addr != NULL) {
979 ncacn_conn->server = talloc_move(ncacn_conn, &srv_addr);
981 ncacn_conn->server_name =
982 tsocket_address_inet_addr_string(ncacn_conn->server,
984 if (ncacn_conn->server_name == NULL) {
985 DEBUG(0, ("Out of memory!\n"));
986 talloc_free(ncacn_conn);
994 pipe_name = tsocket_address_string(ncacn_conn->client,
996 if (pipe_name == NULL) {
998 talloc_free(ncacn_conn);
1004 rc = sys_getpeereid(s, &uid);
1006 DEBUG(2, ("Failed to get ncalrpc connecting uid!"));
1008 if (uid == sec_initial_uid()) {
1013 pipe_name = talloc_strdup(ncacn_conn,
1015 if (pipe_name == NULL) {
1017 talloc_free(ncacn_conn);
1022 DEBUG(0, ("unknown dcerpc transport: %u!\n",
1024 talloc_free(ncacn_conn);
1029 rc = set_blocking(s, false);
1031 DEBUG(2, ("Failed to set dcerpc socket to non-blocking\n"));
1032 talloc_free(ncacn_conn);
1038 * As soon as we have tstream_bsd_existing_socket set up it will
1039 * take care of closing the socket.
1041 rc = tstream_bsd_existing_socket(ncacn_conn, s, &ncacn_conn->tstream);
1043 DEBUG(2, ("Failed to create tstream socket for dcerpc\n"));
1044 talloc_free(ncacn_conn);
1049 if (tsocket_address_is_inet(ncacn_conn->client, "ip")) {
1050 cli_str = ncacn_conn->client_name;
1055 if (ncacn_conn->server != NULL) {
1056 if (tsocket_address_is_inet(ncacn_conn->server, "ip")) {
1057 srv_str = ncacn_conn->server_name;
1063 if (ncacn_conn->session_info == NULL) {
1064 status = auth_anonymous_session_info(ncacn_conn,
1065 &ncacn_conn->session_info);
1066 if (!NT_STATUS_IS_OK(status)) {
1067 DEBUG(2, ("Failed to create "
1068 "auth_anonymous_session_info - %s\n",
1069 nt_errstr(status)));
1070 talloc_free(ncacn_conn);
1075 rc = make_server_pipes_struct(ncacn_conn,
1076 ncacn_conn->msg_ctx,
1078 ncacn_conn->transport,
1082 ncacn_conn->session_info,
1086 DEBUG(2, ("Failed to create pipe struct - %s",
1087 strerror(sys_errno)));
1088 talloc_free(ncacn_conn);
1092 ncacn_conn->send_queue = tevent_queue_create(ncacn_conn,
1093 "dcerpc send queue");
1094 if (ncacn_conn->send_queue == NULL) {
1095 DEBUG(0, ("Out of memory!\n"));
1096 talloc_free(ncacn_conn);
1100 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1102 ncacn_conn->tstream);
1103 if (subreq == NULL) {
1104 DEBUG(2, ("Failed to send ncacn packet\n"));
1105 talloc_free(ncacn_conn);
1109 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1111 DEBUG(10, ("dcerpc_ncacn_accept done\n"));
1116 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq)
1118 struct dcerpc_ncacn_conn *ncacn_conn =
1119 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1121 struct _output_data *out = &ncacn_conn->p->out_data;
1122 DATA_BLOB recv_buffer = data_blob_null;
1123 struct ncacn_packet *pkt;
1131 status = dcerpc_read_ncacn_packet_recv(subreq, ncacn_conn, &pkt, &recv_buffer);
1132 TALLOC_FREE(subreq);
1133 if (!NT_STATUS_IS_OK(status)) {
1134 if (ncacn_conn->disconnect_fn != NULL) {
1135 ok = ncacn_conn->disconnect_fn(ncacn_conn->p);
1137 DEBUG(3, ("Failed to call disconnect function\n"));
1143 data_left = recv_buffer.length;
1144 data = (char *) recv_buffer.data;
1147 data_used = process_incoming_data(ncacn_conn->p, data, data_left);
1148 if (data_used < 0) {
1149 DEBUG(3, ("Failed to process dcerpc request!\n"));
1150 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1154 data_left -= data_used;
1158 /* Do not leak this buffer */
1159 talloc_free(recv_buffer.data);
1163 * This is needed because of the way DCERPC binds work in the RPC
1166 to_send = out->frag.length - out->current_pdu_sent;
1169 DEBUG(10, ("Current_pdu_len = %u, "
1170 "current_pdu_sent = %u "
1171 "Returning %u bytes\n",
1172 (unsigned int)out->frag.length,
1173 (unsigned int)out->current_pdu_sent,
1174 (unsigned int)to_send));
1176 ncacn_conn->iov = talloc_zero(ncacn_conn, struct iovec);
1177 if (ncacn_conn->iov == NULL) {
1178 status = NT_STATUS_NO_MEMORY;
1179 DEBUG(3, ("Out of memory!\n"));
1182 ncacn_conn->count = 1;
1184 ncacn_conn->iov[0].iov_base = out->frag.data
1185 + out->current_pdu_sent;
1186 ncacn_conn->iov[0].iov_len = to_send;
1188 out->current_pdu_sent += to_send;
1192 * This condition is false for bind packets, or when we haven't yet got
1193 * a full request, and need to wait for more data from the client
1195 while (out->data_sent_length < out->rdata.length) {
1196 ok = create_next_pdu(ncacn_conn->p);
1198 DEBUG(3, ("Failed to create next PDU!\n"));
1199 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1203 ncacn_conn->iov = talloc_realloc(ncacn_conn,
1206 ncacn_conn->count + 1);
1207 if (ncacn_conn->iov == NULL) {
1208 DEBUG(3, ("Out of memory!\n"));
1209 status = NT_STATUS_NO_MEMORY;
1213 ncacn_conn->iov[ncacn_conn->count].iov_base = out->frag.data;
1214 ncacn_conn->iov[ncacn_conn->count].iov_len = out->frag.length;
1216 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
1217 (unsigned int) ncacn_conn->count,
1218 (unsigned int) ncacn_conn->iov[ncacn_conn->count].iov_len));
1219 dump_data(11, (const uint8_t *) ncacn_conn->iov[ncacn_conn->count].iov_base,
1220 ncacn_conn->iov[ncacn_conn->count].iov_len);
1221 ncacn_conn->count++;
1225 * We still don't have a complete request, go back and wait for more
1228 if (ncacn_conn->count == 0) {
1229 /* Wait for the next packet */
1230 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1232 ncacn_conn->tstream);
1233 if (subreq == NULL) {
1234 DEBUG(2, ("Failed to start receving packets\n"));
1235 status = NT_STATUS_NO_MEMORY;
1238 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1242 DEBUG(10, ("Sending a total of %u bytes\n",
1243 (unsigned int)ncacn_conn->p->out_data.data_sent_length));
1245 subreq = tstream_writev_queue_send(ncacn_conn,
1247 ncacn_conn->tstream,
1248 ncacn_conn->send_queue,
1251 if (subreq == NULL) {
1252 DEBUG(2, ("Failed to send packet\n"));
1253 status = NT_STATUS_NO_MEMORY;
1257 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_done, ncacn_conn);
1261 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1262 ncacn_conn->client_name, nt_errstr(status)));
1264 /* Terminate client connection */
1265 talloc_free(ncacn_conn);
1269 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq)
1271 struct dcerpc_ncacn_conn *ncacn_conn =
1272 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1273 NTSTATUS status = NT_STATUS_OK;
1277 rc = tstream_writev_queue_recv(subreq, &sys_errno);
1278 TALLOC_FREE(subreq);
1280 DEBUG(2, ("Writev failed!\n"));
1281 status = map_nt_error_from_unix(sys_errno);
1285 /* clear out any data that may have been left around */
1286 ncacn_conn->count = 0;
1287 TALLOC_FREE(ncacn_conn->iov);
1288 data_blob_free(&ncacn_conn->p->in_data.data);
1289 data_blob_free(&ncacn_conn->p->out_data.frag);
1290 data_blob_free(&ncacn_conn->p->out_data.rdata);
1292 /* Wait for the next packet */
1293 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1295 ncacn_conn->tstream);
1296 if (subreq == NULL) {
1297 DEBUG(2, ("Failed to start receving packets\n"));
1298 status = NT_STATUS_NO_MEMORY;
1302 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1306 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1307 ncacn_conn->client_name, nt_errstr(status)));
1309 /* Terminate client connection */
1310 talloc_free(ncacn_conn);
1314 /* vim: set ts=8 sw=8 noet cindent syntax=c.doxygen: */
git.samba.org / mat / samba.git / blob