2 Unix SMB/Netbios implementation.
3 Generic infrstructure for RPC Daemons
4 Copyright (C) Simo Sorce 2010
5 Copyright (C) Andrew Bartlett 2011
6 Copyright (C) Andreas Schneider 2011
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "rpc_server/rpc_pipes.h"
24 #include "rpc_server/rpc_server.h"
25 #include "rpc_server/rpc_config.h"
27 #include "librpc/gen_ndr/netlogon.h"
28 #include "librpc/gen_ndr/auth.h"
29 #include "lib/tsocket/tsocket.h"
30 #include "libcli/named_pipe_auth/npa_tstream.h"
31 #include "../auth/auth_sam_reply.h"
33 #include "rpc_server/rpc_ncacn_np.h"
34 #include "rpc_server/srv_pipe_hnd.h"
35 #include "rpc_server/srv_pipe.h"
37 /* Creates a pipes_struct and initializes it with the information
38 * sent from the client */
39 int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
40 struct messaging_context *msg_ctx,
41 const char *pipe_name,
42 enum dcerpc_transport_t transport,
43 const struct tsocket_address *remote_address,
44 const struct tsocket_address *local_address,
45 struct auth_session_info **psession_info,
46 struct pipes_struct **_p,
49 struct auth_session_info *session_info = *psession_info;
50 struct pipes_struct *p;
53 ret = make_base_pipes_struct(mem_ctx, msg_ctx, pipe_name,
54 transport, RPC_LITTLE_ENDIAN,
55 remote_address, local_address, &p);
61 if ((session_info->unix_token == NULL) ||
62 (session_info->unix_info == NULL) ||
63 (session_info->security_token == NULL)) {
64 DBG_ERR("Supplied session_info was incomplete!\n");
70 /* Don't call create_local_token(), we already have the full details here */
71 p->session_info = talloc_move(p, psession_info);
77 /* Start listening on the appropriate unix socket and setup all is needed to
78 * dispatch requests to the pipes rpc implementation */
80 struct dcerpc_ncacn_listen_state {
81 struct ndr_syntax_id syntax_id;
89 struct tevent_context *ev_ctx;
90 struct messaging_context *msg_ctx;
91 dcerpc_ncacn_disconnect_fn disconnect_fn;
92 dcerpc_ncacn_termination_fn termination_fn;
93 void *termination_data;
96 static void dcesrv_ncacn_np_listener(struct tevent_context *ev,
97 struct tevent_fd *fde,
101 NTSTATUS dcesrv_create_ncacn_np_socket(const char *pipe_name, int *out_fd)
108 * As lp_ncalrpc_dir() should have 0755, but
109 * lp_ncalrpc_dir()/np should have 0700, we need to
110 * create lp_ncalrpc_dir() first.
112 if (!directory_create_or_exist(lp_ncalrpc_dir(), 0755)) {
113 status = map_nt_error_from_unix_common(errno);
114 DBG_ERR("Failed to create pipe directory %s - %s\n",
115 lp_ncalrpc_dir(), strerror(errno));
119 np_dir = talloc_asprintf(talloc_tos(), "%s/np", lp_ncalrpc_dir());
121 status = NT_STATUS_NO_MEMORY;
122 DBG_ERR("Out of memory\n");
126 if (!directory_create_or_exist_strict(np_dir, geteuid(), 0700)) {
127 status = map_nt_error_from_unix_common(errno);
128 DBG_ERR("Failed to create pipe directory %s - %s\n",
129 np_dir, strerror(errno));
133 fd = create_pipe_sock(np_dir, pipe_name, 0700);
135 status = map_nt_error_from_unix_common(errno);
136 DBG_ERR("Failed to create ncacn_np socket! '%s/%s': %s\n",
137 np_dir, pipe_name, strerror(errno));
141 DBG_DEBUG("Opened pipe socket fd %d for %s\n", fd, pipe_name);
145 status = NT_STATUS_OK;
152 NTSTATUS dcesrv_setup_ncacn_np_socket(const char *pipe_name,
153 struct tevent_context *ev_ctx,
154 struct messaging_context *msg_ctx)
156 struct dcerpc_ncacn_listen_state *state;
157 struct tevent_fd *fde;
161 state = talloc_zero(ev_ctx, struct dcerpc_ncacn_listen_state);
163 DBG_ERR("Out of memory\n");
164 return NT_STATUS_NO_MEMORY;
167 state->ep.name = talloc_strdup(state, pipe_name);
168 if (state->ep.name == NULL) {
169 DBG_ERR("Out of memory\n");
170 status = NT_STATUS_NO_MEMORY;
173 status = dcesrv_create_ncacn_np_socket(pipe_name, &state->fd);
174 if (!NT_STATUS_IS_OK(status)) {
178 rc = listen(state->fd, 5);
180 status = map_nt_error_from_unix_common(errno);
181 DBG_ERR("Failed to listen on ncacn_np socket %s: %s\n",
182 pipe_name, strerror(errno));
186 state->ev_ctx = ev_ctx;
187 state->msg_ctx = msg_ctx;
189 DBG_DEBUG("Opened pipe socket fd %d for %s\n",
190 state->fd, pipe_name);
193 fde = tevent_add_fd(ev_ctx,
194 state, state->fd, TEVENT_FD_READ,
195 dcesrv_ncacn_np_listener, state);
200 status = map_nt_error_from_unix_common(errno);
201 DBG_ERR("Failed to add event handler for ncacn_np: %s\n",
206 tevent_fd_set_auto_close(fde);
210 if (state->fd != -1) {
217 static void dcesrv_ncacn_np_listener(struct tevent_context *ev,
218 struct tevent_fd *fde,
222 struct dcerpc_ncacn_listen_state *state =
223 talloc_get_type_abort(private_data,
224 struct dcerpc_ncacn_listen_state);
225 struct samba_sockaddr addr = {
226 .sa_socklen = sizeof(struct sockaddr_un),
230 /* TODO: should we have a limit to the number of clients ? */
232 sd = accept(state->fd, &addr.u.sa, &addr.sa_socklen);
235 if (errno != EINTR) {
236 DEBUG(6, ("Failed to get a valid socket [%s]\n",
241 smb_set_close_on_exec(sd);
243 DBG_DEBUG("Accepted ncacn_np socket %s (fd: %d)\n",
244 addr.u.un.sun_path, sd);
246 named_pipe_accept_function(state->ev_ctx,
253 /* This is the core of the rpc server.
254 * Accepts connections from clients and process requests using the appropriate
255 * dispatcher table. */
257 static int named_pipe_destructor(struct named_pipe_client *npc)
260 npc->term_fn(npc->private_data);
265 struct named_pipe_client *named_pipe_client_init(TALLOC_CTX *mem_ctx,
266 struct tevent_context *ev_ctx,
267 struct messaging_context *msg_ctx,
268 const char *pipe_name,
269 named_pipe_termination_fn term_fn,
271 uint16_t device_state,
272 uint64_t allocation_size,
275 struct named_pipe_client *npc;
277 npc = talloc_zero(mem_ctx, struct named_pipe_client);
279 DEBUG(0, ("Out of memory!\n"));
282 talloc_set_destructor(npc, named_pipe_destructor);
284 npc->pipe_name = talloc_strdup(npc, pipe_name);
285 if (npc->pipe_name == NULL) {
286 DEBUG(0, ("Out of memory!\n"));
292 npc->msg_ctx = msg_ctx;
293 npc->term_fn = term_fn;
294 npc->private_data = private_data;
296 npc->file_type = file_type;
297 npc->device_state = device_state;
298 npc->allocation_size = allocation_size;
303 static void named_pipe_accept_done(struct tevent_req *subreq);
305 void named_pipe_accept_function(struct tevent_context *ev_ctx,
306 struct messaging_context *msg_ctx,
307 const char *pipe_name, int fd,
308 named_pipe_termination_fn term_fn,
311 struct named_pipe_client *npc;
312 struct tstream_context *plain;
313 struct tevent_req *subreq;
316 npc = named_pipe_client_init(
322 FILE_TYPE_MESSAGE_MODE_PIPE, /* file_type */
323 0xff | 0x0400 | 0x0100, /* device_state */
324 4096, /* allocation_size */
327 DEBUG(0, ("Out of memory!\n"));
332 /* make sure socket is in NON blocking state */
333 ret = set_blocking(fd, false);
335 DEBUG(2, ("Failed to make socket non-blocking\n"));
341 ret = tstream_bsd_existing_socket(npc, fd, &plain);
343 DEBUG(2, ("Failed to create tstream socket\n"));
349 subreq = tstream_npa_accept_existing_send(npc, npc->ev, plain,
352 npc->allocation_size);
354 DEBUG(2, ("Failed to start async accept procedure\n"));
359 tevent_req_set_callback(subreq, named_pipe_accept_done, npc);
362 static void named_pipe_packet_done(struct tevent_req *subreq);
364 static void named_pipe_accept_done(struct tevent_req *subreq)
366 struct auth_session_info_transport *session_info_transport;
367 struct named_pipe_client *npc =
368 tevent_req_callback_data(subreq, struct named_pipe_client);
372 ret = tstream_npa_accept_existing_recv(subreq, &error, npc,
374 &npc->remote_client_addr,
375 &npc->remote_client_name,
376 &npc->local_server_addr,
377 &npc->local_server_name,
378 &session_info_transport);
382 DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
388 npc->session_info = talloc_move(
389 npc, &session_info_transport->session_info);
391 ret = make_server_pipes_struct(npc,
393 npc->pipe_name, NCACN_NP,
394 npc->remote_client_addr,
395 npc->local_server_addr,
399 DEBUG(2, ("Failed to create pipes_struct! (%s)\n",
404 npc->write_queue = tevent_queue_create(npc, "np_server_write_queue");
405 if (!npc->write_queue) {
406 DEBUG(2, ("Failed to set up write queue!\n"));
410 /* And now start receiving and processing packets */
411 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
413 DEBUG(2, ("Failed to start receiving packets\n"));
416 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
420 DEBUG(2, ("Fatal error. Terminating client(%s) connection!\n",
421 npc->remote_client_name));
422 /* terminate client connection */
427 void named_pipe_packet_process(struct tevent_req *subreq)
429 struct named_pipe_client *npc =
430 tevent_req_callback_data(subreq, struct named_pipe_client);
431 struct _output_data *out = &npc->p->out_data;
432 DATA_BLOB recv_buffer = data_blob_null;
433 struct ncacn_packet *pkt;
439 status = dcerpc_read_ncacn_packet_recv(subreq, npc, &pkt, &recv_buffer);
441 if (!NT_STATUS_IS_OK(status)) {
445 /* dcerpc_read_ncacn_packet_recv() returns a full PDU */
446 npc->p->in_data.pdu_needed_len = 0;
447 npc->p->in_data.pdu = recv_buffer;
448 if (dcerpc_get_endian_flag(&recv_buffer) & DCERPC_DREP_LE) {
449 npc->p->endian = RPC_LITTLE_ENDIAN;
451 npc->p->endian = RPC_BIG_ENDIAN;
453 DEBUG(10, ("PDU is in %s Endian format!\n",
454 npc->p->endian ? "Big" : "Little"));
455 process_complete_pdu(npc->p, pkt);
457 /* reset pipe state and free PDU */
458 npc->p->in_data.pdu.length = 0;
459 talloc_free(recv_buffer.data);
462 /* this is needed because of the way DCERPC Binds work in
463 * the RPC marshalling code */
464 to_send = out->frag.length - out->current_pdu_sent;
467 npc->iov = talloc_zero(npc, struct iovec);
469 status = NT_STATUS_NO_MEMORY;
474 npc->iov[0].iov_base = out->frag.data
475 + out->current_pdu_sent;
476 npc->iov[0].iov_len = to_send;
478 out->current_pdu_sent += to_send;
481 /* this condition is false for bind packets, or when we haven't
482 * yet got a full request, and need to wait for more data from
484 while (out->data_sent_length < out->rdata.length) {
486 ok = create_next_pdu(npc->p);
488 DEBUG(3, ("Failed to create next PDU!\n"));
489 status = NT_STATUS_UNEXPECTED_IO_ERROR;
493 npc->iov = talloc_realloc(npc, npc->iov,
494 struct iovec, npc->count + 1);
496 status = NT_STATUS_NO_MEMORY;
500 npc->iov[npc->count].iov_base = out->frag.data;
501 npc->iov[npc->count].iov_len = out->frag.length;
506 /* we still don't have a complete request, go back and wait for more
508 if (npc->count == 0) {
509 /* Wait for the next packet */
510 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
512 DEBUG(2, ("Failed to start receiving packets\n"));
513 status = NT_STATUS_NO_MEMORY;
516 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
520 DBG_DEBUG("Sending %zu fragments in a total of %"PRIu32" bytes\n",
522 npc->p->out_data.data_sent_length);
524 for (i = 0; i < npc->count; i++) {
525 DBG_DEBUG("Sending PDU number: %zu, PDU Length: %zu\n",
527 npc->iov[i].iov_len);
528 dump_data(11, (const uint8_t *)npc->iov[i].iov_base,
529 npc->iov[i].iov_len);
531 subreq = tstream_writev_queue_send(npc,
538 DEBUG(2, ("Failed to send packet\n"));
539 status = NT_STATUS_NO_MEMORY;
542 tevent_req_set_callback(subreq, named_pipe_packet_done, npc);
548 DEBUG(2, ("Fatal error(%s). "
549 "Terminating client(%s) connection!\n",
550 nt_errstr(status), npc->remote_client_name));
551 /* terminate client connection */
556 static void named_pipe_packet_done(struct tevent_req *subreq)
558 struct named_pipe_client *npc =
559 tevent_req_callback_data(subreq, struct named_pipe_client);
563 ret = tstream_writev_queue_recv(subreq, &sys_errno);
566 DEBUG(2, ("Writev failed!\n"));
570 if (tevent_queue_length(npc->write_queue) > 0) {
574 if (npc->p->fault_state != 0) {
575 DEBUG(2, ("Disconnect after fault\n"));
580 /* clear out any data that may have been left around */
582 TALLOC_FREE(npc->iov);
583 data_blob_free(&npc->p->in_data.data);
584 data_blob_free(&npc->p->out_data.frag);
585 data_blob_free(&npc->p->out_data.rdata);
587 talloc_free_children(npc->p->mem_ctx);
589 /* Wait for the next packet */
590 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
592 DEBUG(2, ("Failed to start receiving packets\n"));
596 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
600 DEBUG(2, ("Fatal error(%s). "
601 "Terminating client(%s) connection!\n",
602 strerror(sys_errno), npc->remote_client_name));
603 /* terminate client connection */
608 /********************************************************************
609 * Start listening on the tcp/ip socket
610 ********************************************************************/
612 static void dcesrv_ncacn_ip_tcp_listener(struct tevent_context *ev,
613 struct tevent_fd *fde,
617 NTSTATUS dcesrv_create_ncacn_ip_tcp_socket(const struct sockaddr_storage *ifss,
626 for (i = lp_rpc_low_port(); i <= lp_rpc_high_port(); i++) {
627 fd = open_socket_in(SOCK_STREAM,
638 fd = open_socket_in(SOCK_STREAM,
645 DBG_ERR("Failed to create socket on port %u!\n", *port);
646 return NT_STATUS_UNSUCCESSFUL;
649 DBG_DEBUG("Opened ncacn_ip_tcp socket fd %d for port %u\n", fd, *port);
656 NTSTATUS dcesrv_setup_ncacn_ip_tcp_socket(struct tevent_context *ev_ctx,
657 struct messaging_context *msg_ctx,
658 const struct sockaddr_storage *ifss,
661 struct dcerpc_ncacn_listen_state *state;
662 struct tevent_fd *fde;
666 state = talloc_zero(ev_ctx, struct dcerpc_ncacn_listen_state);
668 DBG_ERR("Out of memory\n");
669 return NT_STATUS_NO_MEMORY;
673 state->ep.port = *port;
674 state->disconnect_fn = NULL;
676 status = dcesrv_create_ncacn_ip_tcp_socket(ifss, &state->ep.port,
678 if (!NT_STATUS_IS_OK(status)) {
682 state->ev_ctx = ev_ctx;
683 state->msg_ctx = msg_ctx;
685 /* ready to listen */
686 set_socket_options(state->fd, "SO_KEEPALIVE");
687 set_socket_options(state->fd, lp_socket_options());
689 /* Set server socket to non-blocking for the accept. */
690 set_blocking(state->fd, false);
692 rc = listen(state->fd, SMBD_LISTEN_BACKLOG);
694 status = map_nt_error_from_unix_common(errno);
695 DBG_ERR("Failed to listen on ncacn_ip_tcp socket: %s\n",
700 DBG_DEBUG("Opened socket fd %d for port %u\n",
701 state->fd, state->ep.port);
704 fde = tevent_add_fd(state->ev_ctx,
708 dcesrv_ncacn_ip_tcp_listener,
714 status = map_nt_error_from_unix_common(errno);
715 DBG_ERR("Failed to add event handler for ncacn_ip_tcp: %s\n",
720 tevent_fd_set_auto_close(fde);
722 *port = state->ep.port;
727 if (state->fd != -1) {
735 static void dcesrv_ncacn_ip_tcp_listener(struct tevent_context *ev,
736 struct tevent_fd *fde,
740 struct dcerpc_ncacn_listen_state *state =
741 talloc_get_type_abort(private_data,
742 struct dcerpc_ncacn_listen_state);
743 struct tsocket_address *cli_addr = NULL;
744 struct tsocket_address *srv_addr = NULL;
745 struct samba_sockaddr addr = {
746 .sa_socklen = sizeof(struct sockaddr_storage),
751 s = accept(state->fd, &addr.u.sa, &addr.sa_socklen);
753 if (errno != EINTR) {
754 DBG_ERR("Failed to accept: %s\n", strerror(errno));
758 smb_set_close_on_exec(s);
760 rc = tsocket_address_bsd_from_samba_sockaddr(state, &addr, &cli_addr);
766 rc = getsockname(s, &addr.u.sa, &addr.sa_socklen);
772 rc = tsocket_address_bsd_from_samba_sockaddr(state, &addr, &srv_addr);
778 DBG_DEBUG("Accepted ncacn_ip_tcp socket %d\n", s);
780 dcerpc_ncacn_accept(state->ev_ctx,
787 state->disconnect_fn,
788 state->termination_fn,
789 state->termination_data);
792 /********************************************************************
793 * Start listening on the ncalrpc socket
794 ********************************************************************/
796 static void dcesrv_ncalrpc_listener(struct tevent_context *ev,
797 struct tevent_fd *fde,
801 NTSTATUS dcesrv_create_ncalrpc_socket(const char *name, int *out_fd)
810 if (!directory_create_or_exist(lp_ncalrpc_dir(), 0755)) {
811 status = map_nt_error_from_unix_common(errno);
812 DBG_ERR("Failed to create ncalrpc directory '%s': %s\n",
813 lp_ncalrpc_dir(), strerror(errno));
817 fd = create_pipe_sock(lp_ncalrpc_dir(), name, 0755);
819 status = map_nt_error_from_unix_common(errno);
820 DBG_ERR("Failed to create ncalrpc socket '%s/%s': %s\n",
821 lp_ncalrpc_dir(), name, strerror(errno));
825 DBG_DEBUG("Opened ncalrpc socket fd '%d' for '%s/%s'\n",
826 fd, lp_ncalrpc_dir(), name);
836 NTSTATUS dcesrv_setup_ncalrpc_socket(struct tevent_context *ev_ctx,
837 struct messaging_context *msg_ctx,
839 dcerpc_ncacn_disconnect_fn fn)
841 struct dcerpc_ncacn_listen_state *state;
842 struct tevent_fd *fde;
846 state = talloc_zero(ev_ctx, struct dcerpc_ncacn_listen_state);
848 DBG_ERR("Out of memory\n");
849 return NT_STATUS_NO_MEMORY;
853 state->disconnect_fn = fn;
859 state->ep.name = talloc_strdup(state, name);
860 if (state->ep.name == NULL) {
861 DBG_ERR("Out of memory\n");
863 return NT_STATUS_NO_MEMORY;
866 status = dcesrv_create_ncalrpc_socket(name, &state->fd);
867 if (!NT_STATUS_IS_OK(status)) {
868 DBG_ERR("Failed to create ncalrpc socket: %s\n",
873 rc = listen(state->fd, 5);
875 status = map_nt_error_from_unix_common(errno);
876 DBG_ERR("Failed to listen on ncalrpc socket %s: %s\n",
877 name, strerror(errno));
881 state->ev_ctx = ev_ctx;
882 state->msg_ctx = msg_ctx;
884 /* Set server socket to non-blocking for the accept. */
885 set_blocking(state->fd, false);
888 fde = tevent_add_fd(state->ev_ctx,
892 dcesrv_ncalrpc_listener,
898 status = map_nt_error_from_unix_common(errno);
899 DBG_ERR("Failed to add event handler for ncalrpc: %s\n",
904 tevent_fd_set_auto_close(fde);
908 if (state->fd != -1) {
916 static void dcesrv_ncalrpc_listener(struct tevent_context *ev,
917 struct tevent_fd *fde,
921 struct dcerpc_ncacn_listen_state *state =
922 talloc_get_type_abort(private_data,
923 struct dcerpc_ncacn_listen_state);
924 struct tsocket_address *cli_addr = NULL, *srv_addr = NULL;
925 struct samba_sockaddr addr = {
926 .sa_socklen = sizeof(struct sockaddr_un),
928 struct samba_sockaddr addr_server = {
929 .sa_socklen = sizeof(struct sockaddr_un),
934 sd = accept(state->fd, &addr.u.sa, &addr.sa_socklen);
936 if (errno != EINTR) {
937 DBG_ERR("Failed to accept: %s\n", strerror(errno));
941 smb_set_close_on_exec(sd);
943 rc = tsocket_address_bsd_from_samba_sockaddr(state, &addr, &cli_addr);
949 rc = getsockname(sd, &addr_server.u.sa, &addr_server.sa_socklen);
955 rc = tsocket_address_bsd_from_samba_sockaddr(state,
963 DBG_DEBUG("Accepted ncalrpc socket %s (fd: %d)\n",
964 addr.u.un.sun_path, sd);
966 dcerpc_ncacn_accept(state->ev_ctx,
970 cli_addr, srv_addr, sd,
971 state->disconnect_fn,
972 state->termination_fn,
973 state->termination_data);
976 static int dcerpc_ncacn_conn_destructor(struct dcerpc_ncacn_conn *ncacn_conn)
978 if (ncacn_conn->disconnect_fn != NULL) {
979 bool ok = ncacn_conn->disconnect_fn(ncacn_conn->p);
981 DBG_WARNING("Failed to call disconnect function\n");
985 if (ncacn_conn->termination_fn != NULL) {
986 ncacn_conn->termination_fn(ncacn_conn->termination_data);
992 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq);
993 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq);
994 static void dcesrv_ncacn_accept_step2(struct dcerpc_ncacn_conn *ncacn_conn);
996 void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
997 struct messaging_context *msg_ctx,
998 enum dcerpc_transport_t transport,
1000 struct tsocket_address *cli_addr,
1001 struct tsocket_address *srv_addr,
1003 dcerpc_ncacn_disconnect_fn disconnect_fn,
1004 dcerpc_ncacn_termination_fn termination_fn,
1005 void *termination_data)
1007 struct dcerpc_ncacn_conn *ncacn_conn;
1010 DEBUG(10, ("dcerpc_ncacn_accept\n"));
1012 ncacn_conn = talloc_zero(ev_ctx, struct dcerpc_ncacn_conn);
1013 if (ncacn_conn == NULL) {
1014 DEBUG(0, ("Out of memory!\n"));
1018 talloc_set_destructor(ncacn_conn, dcerpc_ncacn_conn_destructor);
1020 ncacn_conn->transport = transport;
1021 ncacn_conn->ev_ctx = ev_ctx;
1022 ncacn_conn->msg_ctx = msg_ctx;
1023 ncacn_conn->sock = s;
1024 ncacn_conn->disconnect_fn = disconnect_fn;
1025 ncacn_conn->termination_fn = termination_fn;
1026 ncacn_conn->termination_data = termination_data;
1028 ncacn_conn->name = talloc_strdup(ncacn_conn, name);
1029 if (ncacn_conn->name == NULL) {
1030 DBG_ERR("Out of memory!\n");
1031 talloc_free(ncacn_conn);
1037 ncacn_conn->remote_client_addr = talloc_move(ncacn_conn, &cli_addr);
1038 if (tsocket_address_is_inet(ncacn_conn->remote_client_addr, "ip")) {
1039 ncacn_conn->remote_client_name =
1040 tsocket_address_inet_addr_string(ncacn_conn->remote_client_addr,
1043 ncacn_conn->remote_client_name =
1044 tsocket_address_unix_path(ncacn_conn->remote_client_addr,
1047 if (ncacn_conn->remote_client_name == NULL) {
1048 DEBUG(0, ("Out of memory obtaining remote socket address as a string!\n"));
1049 talloc_free(ncacn_conn);
1054 if (srv_addr != NULL) {
1055 ncacn_conn->local_server_addr = talloc_move(ncacn_conn, &srv_addr);
1057 if (tsocket_address_is_inet(ncacn_conn->local_server_addr, "ip")) {
1058 ncacn_conn->local_server_name =
1059 tsocket_address_inet_addr_string(ncacn_conn->local_server_addr,
1062 ncacn_conn->local_server_name =
1063 tsocket_address_unix_path(ncacn_conn->local_server_addr,
1066 if (ncacn_conn->local_server_name == NULL) {
1067 DEBUG(0, ("Out of memory obtaining local socket address as a string!\n"));
1068 talloc_free(ncacn_conn);
1074 rc = set_blocking(s, false);
1076 DBG_WARNING("Failed to set dcerpc socket to non-blocking\n");
1077 talloc_free(ncacn_conn);
1083 * As soon as we have tstream_bsd_existing_socket set up it will
1084 * take care of closing the socket.
1086 rc = tstream_bsd_existing_socket(ncacn_conn, s, &ncacn_conn->tstream);
1088 DBG_WARNING("Failed to create tstream socket for dcerpc\n");
1089 talloc_free(ncacn_conn);
1094 dcesrv_ncacn_accept_step2(ncacn_conn);
1097 static void dcesrv_ncacn_accept_step2(struct dcerpc_ncacn_conn *ncacn_conn)
1099 struct tevent_req *subreq = NULL;
1100 char *pipe_name = NULL;
1106 switch (ncacn_conn->transport) {
1108 pipe_name = tsocket_address_string(ncacn_conn->remote_client_addr,
1110 if (pipe_name == NULL) {
1111 talloc_free(ncacn_conn);
1117 rc = getpeereid(ncacn_conn->sock, &uid, &gid);
1119 DEBUG(2, ("Failed to get ncalrpc connecting "
1120 "uid - %s!\n", strerror(errno)));
1122 if (uid == sec_initial_uid()) {
1123 TALLOC_FREE(ncacn_conn->remote_client_addr);
1125 rc = tsocket_address_unix_from_path(ncacn_conn,
1126 AS_SYSTEM_MAGIC_PATH_TOKEN,
1127 &ncacn_conn->remote_client_addr);
1129 DEBUG(0, ("Out of memory building magic ncalrpc_as_system path!\n"));
1130 talloc_free(ncacn_conn);
1134 TALLOC_FREE(ncacn_conn->remote_client_name);
1135 ncacn_conn->remote_client_name
1136 = tsocket_address_unix_path(ncacn_conn->remote_client_addr,
1138 if (ncacn_conn->remote_client_name == NULL) {
1139 DEBUG(0, ("Out of memory getting magic ncalrpc_as_system string!\n"));
1140 talloc_free(ncacn_conn);
1148 pipe_name = talloc_strdup(ncacn_conn,
1150 if (pipe_name == NULL) {
1151 talloc_free(ncacn_conn);
1156 DEBUG(0, ("unknown dcerpc transport: %u!\n",
1157 ncacn_conn->transport));
1158 talloc_free(ncacn_conn);
1162 if (ncacn_conn->session_info == NULL) {
1165 status = make_session_info_anonymous(ncacn_conn,
1166 &ncacn_conn->session_info);
1167 if (!NT_STATUS_IS_OK(status)) {
1168 DEBUG(2, ("Failed to create "
1169 "make_session_info_anonymous - %s\n",
1170 nt_errstr(status)));
1171 talloc_free(ncacn_conn);
1176 rc = make_server_pipes_struct(ncacn_conn,
1177 ncacn_conn->msg_ctx,
1179 ncacn_conn->transport,
1180 ncacn_conn->remote_client_addr,
1181 ncacn_conn->local_server_addr,
1182 &ncacn_conn->session_info,
1186 DEBUG(2, ("Failed to create pipe struct - %s",
1187 strerror(sys_errno)));
1188 talloc_free(ncacn_conn);
1192 ncacn_conn->send_queue = tevent_queue_create(ncacn_conn,
1193 "dcerpc send queue");
1194 if (ncacn_conn->send_queue == NULL) {
1195 DEBUG(0, ("Out of memory building dcerpc send queue!\n"));
1196 talloc_free(ncacn_conn);
1200 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1202 ncacn_conn->tstream);
1203 if (subreq == NULL) {
1204 DEBUG(2, ("Failed to send ncacn packet\n"));
1205 talloc_free(ncacn_conn);
1209 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1211 DEBUG(10, ("dcerpc_ncacn_accept done\n"));
1216 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq)
1218 struct dcerpc_ncacn_conn *ncacn_conn =
1219 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1221 struct _output_data *out = &ncacn_conn->p->out_data;
1222 DATA_BLOB recv_buffer = data_blob_null;
1223 struct ncacn_packet *pkt;
1228 status = dcerpc_read_ncacn_packet_recv(subreq, ncacn_conn, &pkt, &recv_buffer);
1229 TALLOC_FREE(subreq);
1230 if (!NT_STATUS_IS_OK(status)) {
1234 /* dcerpc_read_ncacn_packet_recv() returns a full PDU */
1235 ncacn_conn->p->in_data.pdu_needed_len = 0;
1236 ncacn_conn->p->in_data.pdu = recv_buffer;
1237 if (dcerpc_get_endian_flag(&recv_buffer) & DCERPC_DREP_LE) {
1238 ncacn_conn->p->endian = RPC_LITTLE_ENDIAN;
1240 ncacn_conn->p->endian = RPC_BIG_ENDIAN;
1242 DEBUG(10, ("PDU is in %s Endian format!\n",
1243 ncacn_conn->p->endian ? "Big" : "Little"));
1244 process_complete_pdu(ncacn_conn->p, pkt);
1246 /* reset pipe state and free PDU */
1247 ncacn_conn->p->in_data.pdu.length = 0;
1248 talloc_free(recv_buffer.data);
1252 * This is needed because of the way DCERPC binds work in the RPC
1255 to_send = out->frag.length - out->current_pdu_sent;
1258 DEBUG(10, ("Current_pdu_len = %u, "
1259 "current_pdu_sent = %u "
1260 "Returning %u bytes\n",
1261 (unsigned int)out->frag.length,
1262 (unsigned int)out->current_pdu_sent,
1263 (unsigned int)to_send));
1265 ncacn_conn->iov = talloc_zero(ncacn_conn, struct iovec);
1266 if (ncacn_conn->iov == NULL) {
1267 status = NT_STATUS_NO_MEMORY;
1268 DEBUG(3, ("Out of memory!\n"));
1271 ncacn_conn->count = 1;
1273 ncacn_conn->iov[0].iov_base = out->frag.data
1274 + out->current_pdu_sent;
1275 ncacn_conn->iov[0].iov_len = to_send;
1277 out->current_pdu_sent += to_send;
1281 * This condition is false for bind packets, or when we haven't yet got
1282 * a full request, and need to wait for more data from the client
1284 while (out->data_sent_length < out->rdata.length) {
1285 ok = create_next_pdu(ncacn_conn->p);
1287 DEBUG(3, ("Failed to create next PDU!\n"));
1288 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1292 ncacn_conn->iov = talloc_realloc(ncacn_conn,
1295 ncacn_conn->count + 1);
1296 if (ncacn_conn->iov == NULL) {
1297 DEBUG(3, ("Out of memory!\n"));
1298 status = NT_STATUS_NO_MEMORY;
1302 ncacn_conn->iov[ncacn_conn->count].iov_base = out->frag.data;
1303 ncacn_conn->iov[ncacn_conn->count].iov_len = out->frag.length;
1305 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
1306 (unsigned int) ncacn_conn->count,
1307 (unsigned int) ncacn_conn->iov[ncacn_conn->count].iov_len));
1308 dump_data(11, (const uint8_t *) ncacn_conn->iov[ncacn_conn->count].iov_base,
1309 ncacn_conn->iov[ncacn_conn->count].iov_len);
1310 ncacn_conn->count++;
1314 * We still don't have a complete request, go back and wait for more
1317 if (ncacn_conn->count == 0) {
1318 /* Wait for the next packet */
1319 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1321 ncacn_conn->tstream);
1322 if (subreq == NULL) {
1323 DEBUG(2, ("Failed to start receiving packets\n"));
1324 status = NT_STATUS_NO_MEMORY;
1327 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1331 DEBUG(10, ("Sending a total of %u bytes\n",
1332 (unsigned int)ncacn_conn->p->out_data.data_sent_length));
1334 subreq = tstream_writev_queue_send(ncacn_conn,
1336 ncacn_conn->tstream,
1337 ncacn_conn->send_queue,
1340 if (subreq == NULL) {
1341 DEBUG(2, ("Failed to send packet\n"));
1342 status = NT_STATUS_NO_MEMORY;
1346 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_done, ncacn_conn);
1350 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1351 ncacn_conn->remote_client_name, nt_errstr(status)));
1353 /* Terminate client connection */
1354 talloc_free(ncacn_conn);
1358 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq)
1360 struct dcerpc_ncacn_conn *ncacn_conn =
1361 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1362 NTSTATUS status = NT_STATUS_OK;
1366 rc = tstream_writev_queue_recv(subreq, &sys_errno);
1367 TALLOC_FREE(subreq);
1369 DEBUG(2, ("Writev failed!\n"));
1370 status = map_nt_error_from_unix(sys_errno);
1374 if (ncacn_conn->p->fault_state != 0) {
1375 DEBUG(2, ("Disconnect after fault\n"));
1380 /* clear out any data that may have been left around */
1381 ncacn_conn->count = 0;
1382 TALLOC_FREE(ncacn_conn->iov);
1383 data_blob_free(&ncacn_conn->p->in_data.data);
1384 data_blob_free(&ncacn_conn->p->out_data.frag);
1385 data_blob_free(&ncacn_conn->p->out_data.rdata);
1387 talloc_free_children(ncacn_conn->p->mem_ctx);
1389 /* Wait for the next packet */
1390 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1392 ncacn_conn->tstream);
1393 if (subreq == NULL) {
1394 DEBUG(2, ("Failed to start receiving packets\n"));
1395 status = NT_STATUS_NO_MEMORY;
1399 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1403 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1404 ncacn_conn->remote_client_name, nt_errstr(status)));
1406 /* Terminate client connection */
1407 talloc_free(ncacn_conn);
1411 /* vim: set ts=8 sw=8 noet cindent syntax=c.doxygen: */