/*
- Unix SMB/Netbios implementation.
- Version 1.9.
+ Unix SMB/CIFS implementation.
SMB parameters and setup
Copyright (C) Andrew Tridgell 1992-1997
Copyright (C) Luke Kenneth Casson Leighton 1996-1997
Copyright (C) Paul Ashton 1997
+ Copyright (C) Jeremy Allison 2000-2004
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
#ifndef _NT_DOMAIN_H /* _NT_DOMAIN_H */
#define _NT_DOMAIN_H
+/*
+ * A bunch of stuff that was put into smb.h
+ * in the NTDOM branch - it didn't belong there.
+ */
+
+typedef struct _prs_struct {
+ BOOL io; /* parsing in or out of data stream */
+ /*
+ * If the (incoming) data is big-endian. On output we are
+ * always little-endian.
+ */
+ BOOL bigendian_data;
+ uint8 align; /* data alignment */
+ BOOL is_dynamic; /* Do we own this memory or not ? */
+ uint32 data_offset; /* Current working offset into data. */
+ uint32 buffer_size; /* Current allocated size of the buffer. */
+ uint32 grow_size; /* size requested via prs_grow() calls */
+ char *data_p; /* The buffer itself. */
+ TALLOC_CTX *mem_ctx; /* When unmarshalling, use this.... */
+ const char *sess_key; /* If we have to do encrypt/decrypt on the fly. */
+} prs_struct;
-/* dce/rpc support */
-#include "rpc_dce.h"
+/*
+ * Defines for io member of prs_struct.
+ */
-/* miscellaneous structures / defines */
-#include "rpc_misc.h"
+#define MARSHALL 0
+#define UNMARSHALL 1
-/* security descriptor structures */
-#include "rpc_secdes.h"
+#define MARSHALLING(ps) (!(ps)->io)
+#define UNMARSHALLING(ps) ((ps)->io)
-/* different dce/rpc pipes */
-#include "rpc_lsa.h"
-#include "rpc_netlogon.h"
-#include "rpc_reg.h"
-#include "rpc_samr.h"
-#include "rpc_srvsvc.h"
-#include "rpc_svcctl.h"
-#include "rpc_wkssvc.h"
-#include "rpc_atsvc.h"
-#include "rpc_spoolss.h"
-#include "rpc_eventlog.h"
+#define RPC_BIG_ENDIAN 1
+#define RPC_LITTLE_ENDIAN 0
-/*
- * A bunch of stuff that was put into smb.h
- * in the NTDOM branch - it didn't belong there.
+#define RPC_PARSE_ALIGN 4
+
+typedef struct _output_data {
+ /*
+ * Raw RPC output data. This does not include RPC headers or footers.
+ */
+ prs_struct rdata;
+
+ /* The amount of data sent from the current rdata struct. */
+ uint32 data_sent_length;
+
+ /*
+ * The current PDU being returned. This inclues
+ * headers, data and authentication footer.
+ */
+ unsigned char current_pdu[RPC_MAX_PDU_FRAG_LEN];
+
+ /* The amount of data in the current_pdu buffer. */
+ uint32 current_pdu_len;
+
+ /* The amount of data sent from the current PDU. */
+ uint32 current_pdu_sent;
+} output_data;
+
+typedef struct _input_data {
+ /*
+ * This is the current incoming pdu. The data here
+ * is collected via multiple writes until a complete
+ * pdu is seen, then the data is copied into the in_data
+ * structure. The maximum size of this is 0x1630 (RPC_MAX_PDU_FRAG_LEN).
+ */
+ unsigned char current_in_pdu[RPC_MAX_PDU_FRAG_LEN];
+
+ /*
+ * The amount of data needed to complete the in_pdu.
+ * If this is zero, then we are at the start of a new
+ * pdu.
+ */
+ uint32 pdu_needed_len;
+
+ /*
+ * The amount of data received so far in the in_pdu.
+ * If this is zero, then we are at the start of a new
+ * pdu.
+ */
+ uint32 pdu_received_len;
+
+ /*
+ * This is the collection of input data with all
+ * the rpc headers and auth footers removed.
+ * The maximum length of this (1Mb) is strictly enforced.
+ */
+ prs_struct data;
+} input_data;
+
+/*
+ * Handle database - stored per pipe.
*/
+
+struct policy {
+ struct policy *next, *prev;
+
+ POLICY_HND pol_hnd;
+
+ void *data_ptr;
+ void (*free_fn)(void *);
+};
+
+struct handle_list {
+ struct policy *Policy; /* List of policies. */
+ size_t count; /* Current number of handles. */
+ size_t pipe_ref_count; /* Number of pipe handles referring to this list. */
+};
+
+/* Domain controller authentication protocol info */
+struct dcinfo {
+ uint32 sequence; /* "timestamp" from client. */
+ DOM_CHAL seed_chal;
+ DOM_CHAL clnt_chal; /* Client credential */
+ DOM_CHAL srv_chal; /* Server credential */
-typedef struct
-{
- struct mem_buf *data; /* memory buffer */
- uint32 offset; /* offset currently being accessed in memory buffer */
- uint8 align; /* data alignment */
- BOOL io; /* parsing in or out of data stream */
- BOOL error; /* error occurred */
+ unsigned char sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
+ unsigned char mach_pw[16]; /* md4(machine password) */
-} prs_struct;
+ fstring mach_acct; /* Machine name we've authenticated. */
+
+ fstring remote_machine; /* Machine name we've authenticated. */
+ fstring domain;
+
+ BOOL challenge_sent;
+ BOOL authenticated;
+};
+
+typedef struct pipe_rpc_fns {
+
+ struct pipe_rpc_fns *next, *prev;
+
+ /* RPC function table associated with the current rpc_bind (associated by context) */
+
+ struct api_struct *cmds;
+ int n_cmds;
+ uint32 context_id;
+
+} PIPE_RPC_FNS;
+
+/*
+ * Different auth types we support.
+ * Can't keep in sync with wire values as spnego wraps different auth methods.
+ */
+
+enum pipe_auth_type { PIPE_AUTH_TYPE_NONE = 0, PIPE_AUTH_TYPE_NTLMSSP, PIPE_AUTH_TYPE_SCHANNEL,
+ PIPE_AUTH_TYPE_SPNEGO_NTLMSSP, PIPE_AUTH_TYPE_KRB5, PIPE_AUTH_TYPE_SPNEGO_KRB5 };
-typedef struct pipes_struct
-{
+/* Possible auth levels - keep these in sync with the wire values. */
+enum pipe_auth_level { PIPE_AUTH_LEVEL_NONE = 0,
+ PIPE_AUTH_LEVEL_CONNECT = 1, /* We treat as NONE. */
+ PIPE_AUTH_LEVEL_INTEGRITY = 5, /* Sign. */
+ PIPE_AUTH_LEVEL_PRIVACY = 6 /* Seal. */
+};
+
+/* auth state for krb5. */
+struct kerberos_auth_struct {
+ const char *service_principal;
+ DATA_BLOB session_key;
+};
+
+/* auth state for schannel. */
+struct schannel_auth_struct {
+ unsigned char sess_key[16];
+ uint32 seq_num;
+};
+
+/* auth state for all bind types. */
+
+struct pipe_auth_data {
+ enum pipe_auth_type auth_type; /* switch for union below. */
+ enum pipe_auth_level auth_level;
+ union {
+ struct schannel_auth_struct *schannel_auth;
+ AUTH_NTLMSSP_STATE *auth_ntlmssp_state;
+/* struct kerberos_auth_struct *kerberos_auth; TO BE ADDED... */
+ } a_u;
+ void (*auth_data_free_func)(struct pipe_auth_data *);
+};
+
+/*
+ * DCE/RPC-specific samba-internal-specific handling of data on
+ * NamedPipes.
+ */
+
+typedef struct pipes_struct {
struct pipes_struct *next, *prev;
+
+ connection_struct *conn;
+ uint16 vuid; /* points to the unauthenticated user that opened this pipe. */
+
+ fstring name;
+ fstring pipe_srv_name;
+
+ /* linked list of rpc dispatch tables associated
+ with the open rpc contexts */
+
+ PIPE_RPC_FNS *contexts;
+
+ RPC_HDR hdr; /* Incoming RPC header. */
+ RPC_HDR_REQ hdr_req; /* Incoming request header. */
+
+ /* This context is used for pipe state storage and is freed when the pipe is closed. */
+ TALLOC_CTX *pipe_state_mem_ctx;
+
+ struct pipe_auth_data auth;
+
+ struct dcinfo *dc; /* Keeps the creds data from netlogon. */
+
+ /*
+ * Credentials used for the pipe operations
+ */
+
+ struct current_user pipe_user;
+ DATA_BLOB session_key;
+
+ /*
+ * Set to true when an RPC bind has been done on this pipe.
+ */
+
+ BOOL pipe_bound;
+
+ /*
+ * Set to true when we should return fault PDU's for everything.
+ */
+
+ BOOL fault_state;
+
+ /*
+ * Set to true when we should return fault PDU's for a bad handle.
+ */
+
+ BOOL bad_handle_fault_state;
+
+ /*
+ * Set to true when the backend does not support a call.
+ */
+
+ BOOL rng_fault_state;
+
+ /*
+ * Set to RPC_BIG_ENDIAN when dealing with big-endian PDU's
+ */
+
+ BOOL endian;
+
+ /*
+ * Struct to deal with multiple pdu inputs.
+ */
+
+ input_data in_data;
+
+ /*
+ * Struct to deal with multiple pdu outputs.
+ */
+
+ output_data out_data;
+
+ /* This context is used for PDU data and is freed between each pdu.
+ Don't use for pipe state storage. */
+ TALLOC_CTX *mem_ctx;
+
+ /* handle database to use on this pipe. */
+ struct handle_list *pipe_handles;
+
+} pipes_struct;
+
+typedef struct smb_np_struct {
+ struct smb_np_struct *next, *prev;
int pnum;
connection_struct *conn;
- uint16 vuid;
+ uint16 vuid; /* points to the unauthenticated user that opened this pipe. */
BOOL open; /* open connection */
uint16 device_state;
uint16 priority;
fstring name;
- fstring pipe_srv_name;
- prs_struct rhdr; /* output header */
- prs_struct rdata; /* output data */
- prs_struct rdata_i; /* output data (intermediate, for fragments) */
- prs_struct rauth; /* output authentication verifier */
- prs_struct rverf; /* output verifier */
- prs_struct rntlm; /* output ntlmssp */
-
- RPC_HDR hdr;
- RPC_HDR_BA hdr_ba;
- RPC_HDR_RB hdr_rb;
- RPC_HDR_REQ hdr_req;
- RPC_HDR_RESP hdr_resp;
- RPC_HDR_AUTH auth_info;
- RPC_HDR_AUTHA autha_info;
-
- RPC_AUTH_NTLMSSP_VERIFIER auth_verifier;
- RPC_AUTH_NTLMSSP_NEG ntlmssp_neg;
- RPC_AUTH_NTLMSSP_CHAL ntlmssp_chal;
- RPC_AUTH_NTLMSSP_RESP ntlmssp_resp;
- RPC_AUTH_NTLMSSP_CHK ntlmssp_chk;
-
- BOOL ntlmssp_auth;
- BOOL ntlmssp_validated;
- unsigned char ntlmssp_hash[258];
- uint32 ntlmssp_seq_num;
- fstring user_name;
- fstring domain;
- fstring wks;
+ /* When replying to an SMBtrans, this is the maximum amount of
+ data that can be sent in the initial reply. */
+ int max_trans_reply;
- uint32 file_offset;
- uint32 prev_pdu_file_offset;
- uint32 hdr_offsets;
+ /*
+ * NamedPipe state information.
+ *
+ * (e.g. typecast a np_struct, above).
+ */
+ void *np_state;
-} pipes_struct;
+ /*
+ * NamedPipe functions, to be called to perform
+ * Named Pipe transactions on request from an
+ * SMB client.
+ */
-struct api_struct
-{
- char *name;
- uint8 opnum;
- void (*fn) (pipes_struct*, prs_struct*, prs_struct*);
-};
+ /* call to create a named pipe connection.
+ * returns: state information representing the connection.
+ * is stored in np_state, above.
+ */
+ void * (*namedpipe_create)(char *pipe_name,
+ connection_struct *conn, uint16 vuid);
-struct mem_desc
-{
- /* array memory offsets */
- uint32 start;
- uint32 end;
-};
-
-struct mem_buf
-{
- BOOL dynamic; /* True iff data has been dynamically allocated
- (and therefore can be freed) */
- char *data;
- uint32 data_size;
- uint32 data_used;
+ /* call to perform a write / read namedpipe transaction.
+ * TransactNamedPipe is weird: it returns whether there
+ * is more data outstanding to be read, and the
+ * caller is expected to take note and follow up with
+ * read requests.
+ */
+ ssize_t (*namedpipe_transact)(void *np_state,
+ char *data, int len,
+ char *rdata, int rlen,
+ BOOL *pipe_outstanding);
- uint32 margin; /* safety margin when reallocing. */
- /* this can be abused quite nicely */
- uint8 align; /* alignment of data structures (smb, dce/rpc, udp etc) */
+ /* call to perform a write namedpipe operation
+ */
+ ssize_t (*namedpipe_write)(void * np_state,
+ char *data, size_t n);
- struct mem_desc offset;
+ /* call to perform a read namedpipe operation.
+ *
+ * NOTE: the only reason that the pipe_outstanding
+ * argument is here is because samba does not use
+ * the namedpipe_transact function yet: instead,
+ * it performs the same as what namedpipe_transact
+ * does - a write, followed by a read.
+ *
+ * when samba is modified to use namedpipe_transact,
+ * the pipe_outstanding argument may be removed.
+ */
+ ssize_t (*namedpipe_read)(void * np_state,
+ char *data, size_t max_len,
+ BOOL *pipe_outstanding);
- struct mem_buf *next;
-};
+ /* call to close a namedpipe.
+ * function is expected to perform all cleanups
+ * necessary, free all memory etc.
+ *
+ * returns True if cleanup was successful (not that
+ * we particularly care).
+ */
+ BOOL (*namedpipe_close)(void * np_state);
-struct acct_info
-{
- fstring acct_name; /* account name */
- fstring acct_desc; /* account description */
- uint32 rid; /* domain-relative RID */
+} smb_np_struct;
+
+struct api_struct {
+ const char *name;
+ uint8 opnum;
+ BOOL (*fn) (pipes_struct *);
};
-#endif /* _NT_DOMAIN_H */
+typedef struct {
+ uint32 rid;
+ const char *name;
+} rid_name;
+/*
+ * higher order functions for use with msrpc client code
+ */
+
+#define PRINT_INFO_FN(fn)\
+ void (*fn)(const char*, uint32, uint32, void *const *const)
+#define JOB_INFO_FN(fn)\
+ void (*fn)(const char*, const char*, uint32, uint32, void *const *const)
+
+/* end higher order functions */
+
+typedef struct {
+ uint32 size;
+ prs_struct prs;
+ uint32 struct_start;
+ uint32 string_at_end;
+} RPC_BUFFER;
+
+#endif /* _NT_DOMAIN_H */