2 Unix SMB/Netbios implementation.
3 Generic infrstructure for RPC Daemons
4 Copyright (C) Simo Sorce 2010
5 Copyright (C) Andrew Bartlett 2011
6 Copyright (C) Andreas Schneider 2011
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "rpc_server/rpc_server.h"
26 #include "librpc/gen_ndr/netlogon.h"
27 #include "librpc/gen_ndr/auth.h"
28 #include "lib/tsocket/tsocket.h"
29 #include "libcli/named_pipe_auth/npa_tstream.h"
30 #include "../auth/auth_sam_reply.h"
32 #include "rpc_server/rpc_ncacn_np.h"
33 #include "rpc_server/srv_pipe_hnd.h"
34 #include "rpc_server/srv_pipe.h"
36 #define SERVER_TCP_LOW_PORT 1024
37 #define SERVER_TCP_HIGH_PORT 1300
39 static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx,
40 struct auth_session_info **session_info)
44 status = make_session_info_guest(mem_ctx, session_info);
45 if (!NT_STATUS_IS_OK(status)) {
52 /* Creates a pipes_struct and initializes it with the information
53 * sent from the client */
54 static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
55 struct messaging_context *msg_ctx,
56 const char *pipe_name,
57 enum dcerpc_transport_t transport,
58 bool ncalrpc_as_system,
59 const struct tsocket_address *local_address,
60 const struct tsocket_address *remote_address,
61 struct auth_session_info *session_info,
62 struct pipes_struct **_p,
65 struct pipes_struct *p;
68 p = talloc_zero(mem_ctx, struct pipes_struct);
74 p->transport = transport;
75 p->ncalrpc_as_system = ncalrpc_as_system;
77 p->mem_ctx = talloc_named(p, 0, "pipe %s %p", pipe_name, p);
85 data_blob_free(&p->in_data.data);
86 data_blob_free(&p->in_data.pdu);
88 p->endian = RPC_LITTLE_ENDIAN;
90 if (session_info->unix_token && session_info->unix_info && session_info->security_token) {
91 /* Don't call create_local_token(), we already have the full details here */
92 p->session_info = talloc_steal(p, session_info);
95 struct auth_user_info_dc *auth_user_info_dc;
96 struct auth_serversupplied_info *server_info;
97 struct netr_SamInfo3 *info3;
99 /* Fake up an auth_user_info_dc for now, to make an info3, to make the session_info structure */
100 auth_user_info_dc = talloc_zero(p, struct auth_user_info_dc);
101 if (!auth_user_info_dc) {
107 auth_user_info_dc->num_sids = session_info->security_token->num_sids;
108 auth_user_info_dc->sids = session_info->security_token->sids;
109 auth_user_info_dc->info = session_info->info;
110 auth_user_info_dc->user_session_key = session_info->session_key;
112 /* This creates the input structure that make_server_info_info3 is looking for */
113 status = auth_convert_user_info_dc_saminfo3(p, auth_user_info_dc,
116 if (!NT_STATUS_IS_OK(status)) {
117 DEBUG(1, ("Failed to convert auth_user_info_dc into netr_SamInfo3\n"));
123 status = make_server_info_info3(p,
124 info3->base.account_name.string,
125 info3->base.domain.string,
126 &server_info, info3);
127 if (!NT_STATUS_IS_OK(status)) {
128 DEBUG(1, ("Failed to init server info\n"));
135 * Some internal functions need a local token to determine access to
138 status = create_local_token(p, server_info, &session_info->session_key, &p->session_info);
139 talloc_free(server_info);
140 if (!NT_STATUS_IS_OK(status)) {
141 DEBUG(1, ("Failed to init local auth token\n"));
148 p->remote_address = tsocket_address_copy(remote_address, p);
149 if (p->remote_address == NULL) {
155 if (local_address != NULL) {
156 p->local_address = tsocket_address_copy(local_address, p);
157 if (p->local_address == NULL) {
164 talloc_set_destructor(p, close_internal_rpc_pipe_hnd);
170 /* Start listening on the appropriate unix socket and setup all is needed to
171 * dispatch requests to the pipes rpc implementation */
173 struct dcerpc_ncacn_listen_state {
174 struct ndr_syntax_id syntax_id;
182 struct tevent_context *ev_ctx;
183 struct messaging_context *msg_ctx;
184 dcerpc_ncacn_disconnect_fn disconnect_fn;
187 static void named_pipe_listener(struct tevent_context *ev,
188 struct tevent_fd *fde,
192 bool setup_named_pipe_socket(const char *pipe_name,
193 struct tevent_context *ev_ctx,
194 struct messaging_context *msg_ctx)
196 struct dcerpc_ncacn_listen_state *state;
197 struct tevent_fd *fde;
200 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
202 DEBUG(0, ("Out of memory\n"));
205 state->ep.name = talloc_strdup(state, pipe_name);
206 if (state->ep.name == NULL) {
207 DEBUG(0, ("Out of memory\n"));
212 state->ev_ctx = ev_ctx;
213 state->msg_ctx = msg_ctx;
216 * As lp_ncalrpc_dir() should have 0755, but
217 * lp_ncalrpc_dir()/np should have 0700, we need to
218 * create lp_ncalrpc_dir() first.
220 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
221 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
222 lp_ncalrpc_dir(), strerror(errno)));
226 np_dir = talloc_asprintf(state, "%s/np", lp_ncalrpc_dir());
228 DEBUG(0, ("Out of memory\n"));
232 if (!directory_create_or_exist(np_dir, geteuid(), 0700)) {
233 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
234 np_dir, strerror(errno)));
238 state->fd = create_pipe_sock(np_dir, pipe_name, 0700);
239 if (state->fd == -1) {
240 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
246 DEBUG(10, ("Openened pipe socket fd %d for %s\n",
247 state->fd, pipe_name));
249 fde = tevent_add_fd(ev_ctx,
250 state, state->fd, TEVENT_FD_READ,
251 named_pipe_listener, state);
253 DEBUG(0, ("Failed to add event handler!\n"));
257 tevent_fd_set_auto_close(fde);
261 if (state->fd != -1) {
268 static void named_pipe_accept_function(struct tevent_context *ev_ctx,
269 struct messaging_context *msg_ctx,
270 const char *pipe_name,
273 static void named_pipe_listener(struct tevent_context *ev,
274 struct tevent_fd *fde,
278 struct dcerpc_ncacn_listen_state *state =
279 talloc_get_type_abort(private_data,
280 struct dcerpc_ncacn_listen_state);
281 struct sockaddr_un sunaddr;
285 /* TODO: should we have a limit to the number of clients ? */
287 len = sizeof(sunaddr);
289 sd = accept(state->fd,
290 (struct sockaddr *)(void *)&sunaddr, &len);
293 if (errno != EINTR) {
294 DEBUG(6, ("Failed to get a valid socket [%s]\n",
300 DEBUG(6, ("Accepted socket %d\n", sd));
302 named_pipe_accept_function(state->ev_ctx,
309 /* This is the core of the rpc server.
310 * Accepts connections from clients and process requests using the appropriate
311 * dispatcher table. */
313 struct named_pipe_client {
314 const char *pipe_name;
316 struct tevent_context *ev;
317 struct messaging_context *msg_ctx;
320 uint16_t device_state;
321 uint64_t allocation_size;
323 struct tstream_context *tstream;
325 struct tsocket_address *client;
327 struct tsocket_address *server;
330 struct auth_session_info *session_info;
332 struct pipes_struct *p;
334 struct tevent_queue *write_queue;
340 static void named_pipe_accept_done(struct tevent_req *subreq);
342 static void named_pipe_accept_function(struct tevent_context *ev_ctx,
343 struct messaging_context *msg_ctx,
344 const char *pipe_name,
347 struct named_pipe_client *npc;
348 struct tstream_context *plain;
349 struct tevent_req *subreq;
352 npc = talloc_zero(NULL, struct named_pipe_client);
354 DEBUG(0, ("Out of memory!\n"));
359 npc->pipe_name = talloc_strdup(npc, pipe_name);
360 if (npc->pipe_name == NULL) {
361 DEBUG(0, ("Out of memory!\n"));
367 npc->msg_ctx = msg_ctx;
369 /* make sure socket is in NON blocking state */
370 ret = set_blocking(fd, false);
372 DEBUG(2, ("Failed to make socket non-blocking\n"));
378 ret = tstream_bsd_existing_socket(npc, fd, &plain);
380 DEBUG(2, ("Failed to create tstream socket\n"));
386 npc->file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
387 npc->device_state = 0xff | 0x0400 | 0x0100;
388 npc->allocation_size = 4096;
390 subreq = tstream_npa_accept_existing_send(npc, npc->ev, plain,
393 npc->allocation_size);
395 DEBUG(2, ("Failed to start async accept procedure\n"));
400 tevent_req_set_callback(subreq, named_pipe_accept_done, npc);
403 static void named_pipe_packet_process(struct tevent_req *subreq);
404 static void named_pipe_packet_done(struct tevent_req *subreq);
406 static void named_pipe_accept_done(struct tevent_req *subreq)
408 struct auth_session_info_transport *session_info_transport;
409 struct named_pipe_client *npc =
410 tevent_req_callback_data(subreq, struct named_pipe_client);
414 ret = tstream_npa_accept_existing_recv(subreq, &error, npc,
420 &session_info_transport);
422 npc->session_info = talloc_move(npc, &session_info_transport->session_info);
426 DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
432 ret = make_server_pipes_struct(npc,
434 npc->pipe_name, NCACN_NP,
435 false, npc->server, npc->client, npc->session_info,
438 DEBUG(2, ("Failed to create pipes_struct! (%s)\n",
443 npc->write_queue = tevent_queue_create(npc, "np_server_write_queue");
444 if (!npc->write_queue) {
445 DEBUG(2, ("Failed to set up write queue!\n"));
449 /* And now start receiving and processing packets */
450 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
452 DEBUG(2, ("Failed to start receving packets\n"));
455 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
459 DEBUG(2, ("Fatal error. Terminating client(%s) connection!\n",
461 /* terminate client connection */
466 static void named_pipe_packet_process(struct tevent_req *subreq)
468 struct named_pipe_client *npc =
469 tevent_req_callback_data(subreq, struct named_pipe_client);
470 struct _output_data *out = &npc->p->out_data;
471 DATA_BLOB recv_buffer = data_blob_null;
472 struct ncacn_packet *pkt;
480 status = dcerpc_read_ncacn_packet_recv(subreq, npc, &pkt, &recv_buffer);
482 if (!NT_STATUS_IS_OK(status)) {
486 data_left = recv_buffer.length;
487 data = (char *)recv_buffer.data;
491 data_used = process_incoming_data(npc->p, data, data_left);
493 DEBUG(3, ("Failed to process dceprc request!\n"));
494 status = NT_STATUS_UNEXPECTED_IO_ERROR;
498 data_left -= data_used;
502 /* Do not leak this buffer, npc is a long lived context */
503 talloc_free(recv_buffer.data);
506 /* this is needed because of the way DCERPC Binds work in
507 * the RPC marshalling code */
508 to_send = out->frag.length - out->current_pdu_sent;
511 DEBUG(10, ("Current_pdu_len = %u, "
512 "current_pdu_sent = %u "
513 "Returning %u bytes\n",
514 (unsigned int)out->frag.length,
515 (unsigned int)out->current_pdu_sent,
516 (unsigned int)to_send));
518 npc->iov = talloc_zero(npc, struct iovec);
520 status = NT_STATUS_NO_MEMORY;
525 npc->iov[0].iov_base = out->frag.data
526 + out->current_pdu_sent;
527 npc->iov[0].iov_len = to_send;
529 out->current_pdu_sent += to_send;
532 /* this condition is false for bind packets, or when we haven't
533 * yet got a full request, and need to wait for more data from
535 while (out->data_sent_length < out->rdata.length) {
537 ok = create_next_pdu(npc->p);
539 DEBUG(3, ("Failed to create next PDU!\n"));
540 status = NT_STATUS_UNEXPECTED_IO_ERROR;
544 npc->iov = talloc_realloc(npc, npc->iov,
545 struct iovec, npc->count + 1);
547 status = NT_STATUS_NO_MEMORY;
551 npc->iov[npc->count].iov_base = out->frag.data;
552 npc->iov[npc->count].iov_len = out->frag.length;
554 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
555 (unsigned int)npc->count,
556 (unsigned int)npc->iov[npc->count].iov_len));
557 dump_data(11, (const uint8_t *)npc->iov[npc->count].iov_base,
558 npc->iov[npc->count].iov_len);
562 /* we still don't have a complete request, go back and wait for more
564 if (npc->count == 0) {
565 /* Wait for the next packet */
566 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
568 DEBUG(2, ("Failed to start receving packets\n"));
569 status = NT_STATUS_NO_MEMORY;
572 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
576 DEBUG(10, ("Sending a total of %u bytes\n",
577 (unsigned int)npc->p->out_data.data_sent_length));
579 subreq = tstream_writev_queue_send(npc, npc->ev,
582 npc->iov, npc->count);
584 DEBUG(2, ("Failed to send packet\n"));
585 status = NT_STATUS_NO_MEMORY;
588 tevent_req_set_callback(subreq, named_pipe_packet_done, npc);
592 DEBUG(2, ("Fatal error(%s). "
593 "Terminating client(%s) connection!\n",
594 nt_errstr(status), npc->client_name));
595 /* terminate client connection */
600 static void named_pipe_packet_done(struct tevent_req *subreq)
602 struct named_pipe_client *npc =
603 tevent_req_callback_data(subreq, struct named_pipe_client);
607 ret = tstream_writev_queue_recv(subreq, &sys_errno);
610 DEBUG(2, ("Writev failed!\n"));
614 /* clear out any data that may have been left around */
616 TALLOC_FREE(npc->iov);
617 data_blob_free(&npc->p->in_data.data);
618 data_blob_free(&npc->p->out_data.frag);
619 data_blob_free(&npc->p->out_data.rdata);
621 /* Wait for the next packet */
622 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
624 DEBUG(2, ("Failed to start receving packets\n"));
628 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
632 DEBUG(2, ("Fatal error(%s). "
633 "Terminating client(%s) connection!\n",
634 strerror(sys_errno), npc->client_name));
635 /* terminate client connection */
640 static void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
641 struct messaging_context *msg_ctx,
642 enum dcerpc_transport_t transport,
645 struct tsocket_address *cli_addr,
646 struct tsocket_address *srv_addr,
648 dcerpc_ncacn_disconnect_fn fn);
650 /********************************************************************
651 * Start listening on the tcp/ip socket
652 ********************************************************************/
654 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
655 struct tevent_fd *fde,
659 uint16_t setup_dcerpc_ncacn_tcpip_socket(struct tevent_context *ev_ctx,
660 struct messaging_context *msg_ctx,
661 const struct sockaddr_storage *ifss,
664 struct dcerpc_ncacn_listen_state *state;
665 struct tevent_fd *fde;
668 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
670 DEBUG(0, ("setup_dcerpc_ncacn_tcpip_socket: Out of memory\n"));
675 state->ep.port = port;
676 state->disconnect_fn = NULL;
678 if (state->ep.port == 0) {
681 for (i = SERVER_TCP_LOW_PORT; i <= SERVER_TCP_HIGH_PORT; i++) {
682 state->fd = open_socket_in(SOCK_STREAM,
693 state->fd = open_socket_in(SOCK_STREAM,
699 if (state->fd == -1) {
700 DEBUG(0, ("setup_dcerpc_ncacn_tcpip_socket: Failed to create "
701 "socket on port %u!\n", state->ep.port));
705 state->ev_ctx = ev_ctx;
706 state->msg_ctx = msg_ctx;
708 /* ready to listen */
709 set_socket_options(state->fd, "SO_KEEPALIVE");
710 set_socket_options(state->fd, lp_socket_options());
712 /* Set server socket to non-blocking for the accept. */
713 set_blocking(state->fd, false);
715 rc = listen(state->fd, SMBD_LISTEN_BACKLOG);
717 DEBUG(0,("setup_tcpip_socket: listen - %s\n", strerror(errno)));
721 DEBUG(10, ("setup_tcpip_socket: openened socket fd %d for port %u\n",
722 state->fd, state->ep.port));
724 fde = tevent_add_fd(state->ev_ctx,
728 dcerpc_ncacn_tcpip_listener,
731 DEBUG(0, ("setup_tcpip_socket: Failed to add event handler!\n"));
735 tevent_fd_set_auto_close(fde);
737 return state->ep.port;
739 if (state->fd != -1) {
747 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
748 struct tevent_fd *fde,
752 struct dcerpc_ncacn_listen_state *state =
753 talloc_get_type_abort(private_data,
754 struct dcerpc_ncacn_listen_state);
755 struct tsocket_address *cli_addr = NULL;
756 struct tsocket_address *srv_addr = NULL;
757 struct sockaddr_storage addr;
758 socklen_t in_addrlen = sizeof(addr);
762 s = accept(state->fd, (struct sockaddr *)(void *) &addr, &in_addrlen);
764 if (errno != EINTR) {
765 DEBUG(0,("tcpip_listener accept: %s\n",
771 rc = tsocket_address_bsd_from_sockaddr(state,
772 (struct sockaddr *)(void *) &addr,
780 rc = getsockname(s, (struct sockaddr *)(void *) &addr, &in_addrlen);
786 rc = tsocket_address_bsd_from_sockaddr(state,
787 (struct sockaddr *)(void *) &addr,
795 DEBUG(6, ("tcpip_listener: Accepted socket %d\n", s));
797 dcerpc_ncacn_accept(state->ev_ctx,
808 /********************************************************************
809 * Start listening on the ncalrpc socket
810 ********************************************************************/
812 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
813 struct tevent_fd *fde,
817 bool setup_dcerpc_ncalrpc_socket(struct tevent_context *ev_ctx,
818 struct messaging_context *msg_ctx,
820 dcerpc_ncacn_disconnect_fn fn)
822 struct dcerpc_ncacn_listen_state *state;
823 struct tevent_fd *fde;
825 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
827 DEBUG(0, ("Out of memory\n"));
832 state->disconnect_fn = fn;
837 state->ep.name = talloc_strdup(state, name);
839 if (state->ep.name == NULL) {
840 DEBUG(0, ("Out of memory\n"));
845 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
846 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
847 lp_ncalrpc_dir(), strerror(errno)));
851 state->fd = create_pipe_sock(lp_ncalrpc_dir(), name, 0755);
852 if (state->fd == -1) {
853 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
854 lp_ncalrpc_dir(), name));
858 DEBUG(10, ("Openened pipe socket fd %d for %s\n", state->fd, name));
860 state->ev_ctx = ev_ctx;
861 state->msg_ctx = msg_ctx;
863 /* Set server socket to non-blocking for the accept. */
864 set_blocking(state->fd, false);
866 fde = tevent_add_fd(state->ev_ctx,
870 dcerpc_ncalrpc_listener,
873 DEBUG(0, ("Failed to add event handler for ncalrpc!\n"));
877 tevent_fd_set_auto_close(fde);
881 if (state->fd != -1) {
889 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
890 struct tevent_fd *fde,
894 struct dcerpc_ncacn_listen_state *state =
895 talloc_get_type_abort(private_data,
896 struct dcerpc_ncacn_listen_state);
897 struct tsocket_address *cli_addr = NULL;
898 struct sockaddr_un sunaddr;
899 struct sockaddr *addr = (struct sockaddr *)(void *)&sunaddr;
900 socklen_t len = sizeof(sunaddr);
904 ZERO_STRUCT(sunaddr);
906 sd = accept(state->fd, addr, &len);
908 if (errno != EINTR) {
909 DEBUG(0, ("ncalrpc accept() failed: %s\n", strerror(errno)));
914 rc = tsocket_address_bsd_from_sockaddr(state,
922 DEBUG(10, ("Accepted ncalrpc socket %d\n", sd));
924 dcerpc_ncacn_accept(state->ev_ctx,
929 state->disconnect_fn);
932 struct dcerpc_ncacn_conn {
933 enum dcerpc_transport_t transport;
942 struct pipes_struct *p;
943 dcerpc_ncacn_disconnect_fn disconnect_fn;
945 struct tevent_context *ev_ctx;
946 struct messaging_context *msg_ctx;
948 struct tstream_context *tstream;
949 struct tevent_queue *send_queue;
951 struct tsocket_address *client;
953 struct tsocket_address *server;
955 struct auth_session_info *session_info;
961 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq);
962 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq);
964 static void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
965 struct messaging_context *msg_ctx,
966 enum dcerpc_transport_t transport,
969 struct tsocket_address *cli_addr,
970 struct tsocket_address *srv_addr,
972 dcerpc_ncacn_disconnect_fn fn) {
973 struct dcerpc_ncacn_conn *ncacn_conn;
974 struct tevent_req *subreq;
976 const char *srv_str = NULL;
977 bool system_user = false;
984 DEBUG(10, ("dcerpc_ncacn_accept\n"));
986 ncacn_conn = talloc_zero(ev_ctx, struct dcerpc_ncacn_conn);
987 if (ncacn_conn == NULL) {
988 DEBUG(0, ("Out of memory!\n"));
993 ncacn_conn->transport = transport;
994 ncacn_conn->ev_ctx = ev_ctx;
995 ncacn_conn->msg_ctx = msg_ctx;
996 ncacn_conn->sock = s;
997 ncacn_conn->disconnect_fn = fn;
999 ncacn_conn->client = talloc_move(ncacn_conn, &cli_addr);
1000 if (tsocket_address_is_inet(ncacn_conn->client, "ip")) {
1001 ncacn_conn->client_name =
1002 tsocket_address_inet_addr_string(ncacn_conn->client,
1005 ncacn_conn->client_name =
1006 tsocket_address_unix_path(ncacn_conn->client,
1009 if (ncacn_conn->client_name == NULL) {
1010 DEBUG(0, ("Out of memory!\n"));
1011 talloc_free(ncacn_conn);
1016 if (srv_addr != NULL) {
1017 ncacn_conn->server = talloc_move(ncacn_conn, &srv_addr);
1019 ncacn_conn->server_name =
1020 tsocket_address_inet_addr_string(ncacn_conn->server,
1022 if (ncacn_conn->server_name == NULL) {
1023 DEBUG(0, ("Out of memory!\n"));
1024 talloc_free(ncacn_conn);
1030 switch (transport) {
1032 ncacn_conn->ep.port = port;
1034 pipe_name = tsocket_address_string(ncacn_conn->client,
1036 if (pipe_name == NULL) {
1038 talloc_free(ncacn_conn);
1044 rc = sys_getpeereid(s, &uid);
1046 DEBUG(2, ("Failed to get ncalrpc connecting uid!"));
1048 if (uid == sec_initial_uid()) {
1053 ncacn_conn->ep.name = talloc_strdup(ncacn_conn, name);
1054 if (ncacn_conn->ep.name == NULL) {
1056 talloc_free(ncacn_conn);
1060 pipe_name = talloc_strdup(ncacn_conn,
1062 if (pipe_name == NULL) {
1064 talloc_free(ncacn_conn);
1069 DEBUG(0, ("unknown dcerpc transport: %u!\n",
1071 talloc_free(ncacn_conn);
1076 rc = set_blocking(s, false);
1078 DEBUG(2, ("Failed to set dcerpc socket to non-blocking\n"));
1079 talloc_free(ncacn_conn);
1085 * As soon as we have tstream_bsd_existing_socket set up it will
1086 * take care of closing the socket.
1088 rc = tstream_bsd_existing_socket(ncacn_conn, s, &ncacn_conn->tstream);
1090 DEBUG(2, ("Failed to create tstream socket for dcerpc\n"));
1091 talloc_free(ncacn_conn);
1096 if (tsocket_address_is_inet(ncacn_conn->client, "ip")) {
1097 cli_str = ncacn_conn->client_name;
1102 if (ncacn_conn->server != NULL) {
1103 if (tsocket_address_is_inet(ncacn_conn->server, "ip")) {
1104 srv_str = ncacn_conn->server_name;
1110 if (ncacn_conn->session_info == NULL) {
1111 status = auth_anonymous_session_info(ncacn_conn,
1112 &ncacn_conn->session_info);
1113 if (!NT_STATUS_IS_OK(status)) {
1114 DEBUG(2, ("Failed to create "
1115 "auth_anonymous_session_info - %s\n",
1116 nt_errstr(status)));
1117 talloc_free(ncacn_conn);
1122 rc = make_server_pipes_struct(ncacn_conn,
1123 ncacn_conn->msg_ctx,
1125 ncacn_conn->transport,
1129 ncacn_conn->session_info,
1133 DEBUG(2, ("Failed to create pipe struct - %s",
1134 strerror(sys_errno)));
1135 talloc_free(ncacn_conn);
1139 ncacn_conn->send_queue = tevent_queue_create(ncacn_conn,
1140 "dcerpc send queue");
1141 if (ncacn_conn->send_queue == NULL) {
1142 DEBUG(0, ("Out of memory!\n"));
1143 talloc_free(ncacn_conn);
1147 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1149 ncacn_conn->tstream);
1150 if (subreq == NULL) {
1151 DEBUG(2, ("Failed to send ncacn packet\n"));
1152 talloc_free(ncacn_conn);
1156 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1158 DEBUG(10, ("dcerpc_ncacn_accept done\n"));
1163 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq)
1165 struct dcerpc_ncacn_conn *ncacn_conn =
1166 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1168 struct _output_data *out = &ncacn_conn->p->out_data;
1169 DATA_BLOB recv_buffer = data_blob_null;
1170 struct ncacn_packet *pkt;
1178 status = dcerpc_read_ncacn_packet_recv(subreq, ncacn_conn, &pkt, &recv_buffer);
1179 TALLOC_FREE(subreq);
1180 if (!NT_STATUS_IS_OK(status)) {
1181 if (ncacn_conn->disconnect_fn != NULL) {
1182 ok = ncacn_conn->disconnect_fn(ncacn_conn->p);
1184 DEBUG(3, ("Failed to call disconnect function\n"));
1190 data_left = recv_buffer.length;
1191 data = (char *) recv_buffer.data;
1194 data_used = process_incoming_data(ncacn_conn->p, data, data_left);
1195 if (data_used < 0) {
1196 DEBUG(3, ("Failed to process dcerpc request!\n"));
1197 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1201 data_left -= data_used;
1205 /* Do not leak this buffer */
1206 talloc_free(recv_buffer.data);
1210 * This is needed because of the way DCERPC binds work in the RPC
1213 to_send = out->frag.length - out->current_pdu_sent;
1216 DEBUG(10, ("Current_pdu_len = %u, "
1217 "current_pdu_sent = %u "
1218 "Returning %u bytes\n",
1219 (unsigned int)out->frag.length,
1220 (unsigned int)out->current_pdu_sent,
1221 (unsigned int)to_send));
1223 ncacn_conn->iov = talloc_zero(ncacn_conn, struct iovec);
1224 if (ncacn_conn->iov == NULL) {
1225 status = NT_STATUS_NO_MEMORY;
1226 DEBUG(3, ("Out of memory!\n"));
1229 ncacn_conn->count = 1;
1231 ncacn_conn->iov[0].iov_base = out->frag.data
1232 + out->current_pdu_sent;
1233 ncacn_conn->iov[0].iov_len = to_send;
1235 out->current_pdu_sent += to_send;
1239 * This condition is false for bind packets, or when we haven't yet got
1240 * a full request, and need to wait for more data from the client
1242 while (out->data_sent_length < out->rdata.length) {
1243 ok = create_next_pdu(ncacn_conn->p);
1245 DEBUG(3, ("Failed to create next PDU!\n"));
1246 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1250 ncacn_conn->iov = talloc_realloc(ncacn_conn,
1253 ncacn_conn->count + 1);
1254 if (ncacn_conn->iov == NULL) {
1255 DEBUG(3, ("Out of memory!\n"));
1256 status = NT_STATUS_NO_MEMORY;
1260 ncacn_conn->iov[ncacn_conn->count].iov_base = out->frag.data;
1261 ncacn_conn->iov[ncacn_conn->count].iov_len = out->frag.length;
1263 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
1264 (unsigned int) ncacn_conn->count,
1265 (unsigned int) ncacn_conn->iov[ncacn_conn->count].iov_len));
1266 dump_data(11, (const uint8_t *) ncacn_conn->iov[ncacn_conn->count].iov_base,
1267 ncacn_conn->iov[ncacn_conn->count].iov_len);
1268 ncacn_conn->count++;
1272 * We still don't have a complete request, go back and wait for more
1275 if (ncacn_conn->count == 0) {
1276 /* Wait for the next packet */
1277 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1279 ncacn_conn->tstream);
1280 if (subreq == NULL) {
1281 DEBUG(2, ("Failed to start receving packets\n"));
1282 status = NT_STATUS_NO_MEMORY;
1285 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1289 DEBUG(10, ("Sending a total of %u bytes\n",
1290 (unsigned int)ncacn_conn->p->out_data.data_sent_length));
1292 subreq = tstream_writev_queue_send(ncacn_conn,
1294 ncacn_conn->tstream,
1295 ncacn_conn->send_queue,
1298 if (subreq == NULL) {
1299 DEBUG(2, ("Failed to send packet\n"));
1300 status = NT_STATUS_NO_MEMORY;
1304 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_done, ncacn_conn);
1308 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1309 ncacn_conn->client_name, nt_errstr(status)));
1311 /* Terminate client connection */
1312 talloc_free(ncacn_conn);
1316 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq)
1318 struct dcerpc_ncacn_conn *ncacn_conn =
1319 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1320 NTSTATUS status = NT_STATUS_OK;
1324 rc = tstream_writev_queue_recv(subreq, &sys_errno);
1325 TALLOC_FREE(subreq);
1327 DEBUG(2, ("Writev failed!\n"));
1328 status = map_nt_error_from_unix(sys_errno);
1332 /* clear out any data that may have been left around */
1333 ncacn_conn->count = 0;
1334 TALLOC_FREE(ncacn_conn->iov);
1335 data_blob_free(&ncacn_conn->p->in_data.data);
1336 data_blob_free(&ncacn_conn->p->out_data.frag);
1337 data_blob_free(&ncacn_conn->p->out_data.rdata);
1339 /* Wait for the next packet */
1340 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1342 ncacn_conn->tstream);
1343 if (subreq == NULL) {
1344 DEBUG(2, ("Failed to start receving packets\n"));
1345 status = NT_STATUS_NO_MEMORY;
1349 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1353 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1354 ncacn_conn->client_name, nt_errstr(status)));
1356 /* Terminate client connection */
1357 talloc_free(ncacn_conn);
1361 /* vim: set ts=8 sw=8 noet cindent syntax=c.doxygen: */