2 Unix SMB/Netbios implementation.
3 Generic infrstructure for RPC Daemons
4 Copyright (C) Simo Sorce 2010
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "rpc_server/rpc_server.h"
24 #include "librpc/gen_ndr/netlogon.h"
25 #include "librpc/gen_ndr/auth.h"
26 #include "lib/tsocket/tsocket.h"
27 #include "libcli/named_pipe_auth/npa_tstream.h"
28 #include "../auth/auth_sam_reply.h"
30 #include "rpc_server/rpc_ncacn_np.h"
31 #include "rpc_server/srv_pipe_hnd.h"
32 #include "rpc_server/srv_pipe.h"
34 #define SERVER_TCP_LOW_PORT 1024
35 #define SERVER_TCP_HIGH_PORT 1300
37 static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx,
38 struct auth_session_info **session_info)
40 struct auth_session_info *i;
41 struct auth_serversupplied_info *s;
42 struct auth_user_info_dc *u;
43 union netr_Validation val;
46 i = talloc_zero(mem_ctx, struct auth_session_info);
48 return NT_STATUS_NO_MEMORY;
51 status = make_server_info_guest(i, &s);
52 if (!NT_STATUS_IS_OK(status)) {
56 i->security_token = s->security_token;
57 i->session_key = s->session_key;
61 status = make_user_info_dc_netlogon_validation(mem_ctx,
66 if (!NT_STATUS_IS_OK(status)) {
67 DEBUG(0, ("conversion of info3 into user_info_dc failed!\n"));
70 i->info = talloc_move(i, &u->info);
78 /* Creates a pipes_struct and initializes it with the information
79 * sent from the client */
80 static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
81 const char *pipe_name,
82 enum dcerpc_transport_t transport,
83 bool ncalrpc_as_system,
84 const struct tsocket_address *local_address,
85 const struct tsocket_address *remote_address,
86 struct auth_session_info *session_info,
87 struct pipes_struct **_p,
90 struct netr_SamInfo3 *info3;
91 struct auth_user_info_dc *auth_user_info_dc;
92 struct pipes_struct *p;
93 struct auth_serversupplied_info *server_info;
96 p = talloc_zero(mem_ctx, struct pipes_struct);
102 p->transport = transport;
103 p->ncalrpc_as_system = ncalrpc_as_system;
105 p->mem_ctx = talloc_named(p, 0, "pipe %s %p", pipe_name, p);
112 data_blob_free(&p->in_data.data);
113 data_blob_free(&p->in_data.pdu);
115 p->endian = RPC_LITTLE_ENDIAN;
117 /* Fake up an auth_user_info_dc for now, to make an info3, to make the session_info structure */
118 auth_user_info_dc = talloc_zero(p, struct auth_user_info_dc);
119 if (!auth_user_info_dc) {
125 auth_user_info_dc->num_sids = session_info->security_token->num_sids;
126 auth_user_info_dc->sids = session_info->security_token->sids;
127 auth_user_info_dc->info = session_info->info;
128 auth_user_info_dc->user_session_key = session_info->session_key;
130 /* This creates the input structure that make_server_info_info3 is looking for */
131 status = auth_convert_user_info_dc_saminfo3(p, auth_user_info_dc,
134 if (!NT_STATUS_IS_OK(status)) {
135 DEBUG(1, ("Failed to convert auth_user_info_dc into netr_SamInfo3\n"));
141 status = make_server_info_info3(p,
142 info3->base.account_name.string,
143 info3->base.domain.string,
144 &server_info, info3);
145 if (!NT_STATUS_IS_OK(status)) {
146 DEBUG(1, ("Failed to init server info\n"));
153 * Some internal functions need a local token to determine access to
156 status = create_local_token(p, server_info, &session_info->session_key, &p->session_info);
157 talloc_free(server_info);
158 if (!NT_STATUS_IS_OK(status)) {
159 DEBUG(1, ("Failed to init local auth token\n"));
165 /* Now override the session_info->security_token with the exact
166 * security_token we were given from the other side,
167 * regardless of what we just calculated */
168 p->session_info->security_token = talloc_move(p->session_info, &session_info->security_token);
170 p->remote_address = tsocket_address_copy(remote_address, p);
171 if (p->remote_address == NULL) {
177 p->client_id = talloc_zero(p, struct client_address);
178 if (p->client_id == NULL) {
184 if (tsocket_address_is_inet(p->remote_address, "ip")) {
185 p->client_id->name = tsocket_address_inet_addr_string(p->remote_address,
188 p->client_id->name = talloc_strdup(p->client_id, "");
190 if (p->client_id->name == NULL) {
195 strlcpy(p->client_id->addr,
196 p->client_id->name, sizeof(p->client_id->addr));
198 if (local_address != NULL) {
199 p->local_address = tsocket_address_copy(local_address, p);
200 if (p->local_address == NULL) {
206 p->server_id = talloc_zero(p, struct client_address);
207 if (p->server_id == NULL) {
212 if (tsocket_address_is_inet(p->local_address, "ip")) {
213 p->server_id->name = tsocket_address_inet_addr_string(p->local_address,
216 p->server_id->name = talloc_strdup(p->server_id, "");
218 if (p->server_id->name == NULL) {
224 strlcpy(p->server_id->addr,
226 sizeof(p->server_id->addr));
229 talloc_set_destructor(p, close_internal_rpc_pipe_hnd);
235 /* Start listening on the appropriate unix socket and setup all is needed to
236 * dispatch requests to the pipes rpc implementation */
238 struct dcerpc_ncacn_listen_state {
239 struct ndr_syntax_id syntax_id;
247 struct tevent_context *ev_ctx;
248 struct messaging_context *msg_ctx;
249 dcerpc_ncacn_disconnect_fn disconnect_fn;
252 static void named_pipe_listener(struct tevent_context *ev,
253 struct tevent_fd *fde,
257 bool setup_named_pipe_socket(const char *pipe_name,
258 struct tevent_context *ev_ctx)
260 struct dcerpc_ncacn_listen_state *state;
261 struct tevent_fd *fde;
264 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
266 DEBUG(0, ("Out of memory\n"));
269 state->ep.name = talloc_strdup(state, pipe_name);
270 if (state->ep.name == NULL) {
271 DEBUG(0, ("Out of memory\n"));
277 * As lp_ncalrpc_dir() should have 0755, but
278 * lp_ncalrpc_dir()/np should have 0700, we need to
279 * create lp_ncalrpc_dir() first.
281 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
282 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
283 lp_ncalrpc_dir(), strerror(errno)));
287 np_dir = talloc_asprintf(state, "%s/np", lp_ncalrpc_dir());
289 DEBUG(0, ("Out of memory\n"));
293 if (!directory_create_or_exist(np_dir, geteuid(), 0700)) {
294 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
295 np_dir, strerror(errno)));
299 state->fd = create_pipe_sock(np_dir, pipe_name, 0700);
300 if (state->fd == -1) {
301 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
306 DEBUG(10, ("Openened pipe socket fd %d for %s\n",
307 state->fd, pipe_name));
309 fde = tevent_add_fd(ev_ctx,
310 state, state->fd, TEVENT_FD_READ,
311 named_pipe_listener, state);
313 DEBUG(0, ("Failed to add event handler!\n"));
317 tevent_fd_set_auto_close(fde);
321 if (state->fd != -1) {
328 static void named_pipe_accept_function(const char *pipe_name, int fd);
330 static void named_pipe_listener(struct tevent_context *ev,
331 struct tevent_fd *fde,
335 struct dcerpc_ncacn_listen_state *state =
336 talloc_get_type_abort(private_data,
337 struct dcerpc_ncacn_listen_state);
338 struct sockaddr_un sunaddr;
342 /* TODO: should we have a limit to the number of clients ? */
344 len = sizeof(sunaddr);
346 sd = accept(state->fd,
347 (struct sockaddr *)(void *)&sunaddr, &len);
350 if (errno != EINTR) {
351 DEBUG(6, ("Failed to get a valid socket [%s]\n",
357 DEBUG(6, ("Accepted socket %d\n", sd));
359 named_pipe_accept_function(state->ep.name, sd);
363 /* This is the core of the rpc server.
364 * Accepts connections from clients and process requests using the appropriate
365 * dispatcher table. */
367 struct named_pipe_client {
368 const char *pipe_name;
370 struct tevent_context *ev;
371 struct messaging_context *msg_ctx;
374 uint16_t device_state;
375 uint64_t allocation_size;
377 struct tstream_context *tstream;
379 struct tsocket_address *client;
381 struct tsocket_address *server;
384 struct auth_session_info *session_info;
386 struct pipes_struct *p;
388 struct tevent_queue *write_queue;
394 static void named_pipe_accept_done(struct tevent_req *subreq);
396 static void named_pipe_accept_function(const char *pipe_name, int fd)
398 struct named_pipe_client *npc;
399 struct tstream_context *plain;
400 struct tevent_req *subreq;
403 npc = talloc_zero(NULL, struct named_pipe_client);
405 DEBUG(0, ("Out of memory!\n"));
409 npc->pipe_name = pipe_name;
410 npc->ev = server_event_context();
411 npc->msg_ctx = server_messaging_context();
413 /* make sure socket is in NON blocking state */
414 ret = set_blocking(fd, false);
416 DEBUG(2, ("Failed to make socket non-blocking\n"));
422 ret = tstream_bsd_existing_socket(npc, fd, &plain);
424 DEBUG(2, ("Failed to create tstream socket\n"));
430 npc->file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
431 npc->device_state = 0xff | 0x0400 | 0x0100;
432 npc->allocation_size = 4096;
434 subreq = tstream_npa_accept_existing_send(npc, npc->ev, plain,
437 npc->allocation_size);
439 DEBUG(2, ("Failed to start async accept procedure\n"));
444 tevent_req_set_callback(subreq, named_pipe_accept_done, npc);
447 static void named_pipe_packet_process(struct tevent_req *subreq);
448 static void named_pipe_packet_done(struct tevent_req *subreq);
450 static void named_pipe_accept_done(struct tevent_req *subreq)
452 struct auth_session_info_transport *session_info_transport;
453 struct named_pipe_client *npc =
454 tevent_req_callback_data(subreq, struct named_pipe_client);
458 ret = tstream_npa_accept_existing_recv(subreq, &error, npc,
464 &session_info_transport);
466 npc->session_info = talloc_move(npc, &session_info_transport->session_info);
470 DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
476 ret = make_server_pipes_struct(npc,
477 npc->pipe_name, NCACN_NP,
478 false, npc->server, npc->client, npc->session_info,
481 DEBUG(2, ("Failed to create pipes_struct! (%s)\n",
485 npc->p->msg_ctx = npc->msg_ctx;
487 npc->write_queue = tevent_queue_create(npc, "np_server_write_queue");
488 if (!npc->write_queue) {
489 DEBUG(2, ("Failed to set up write queue!\n"));
493 /* And now start receiving and processing packets */
494 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
496 DEBUG(2, ("Failed to start receving packets\n"));
499 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
503 DEBUG(2, ("Fatal error. Terminating client(%s) connection!\n",
505 /* terminate client connection */
510 static void named_pipe_packet_process(struct tevent_req *subreq)
512 struct named_pipe_client *npc =
513 tevent_req_callback_data(subreq, struct named_pipe_client);
514 struct _output_data *out = &npc->p->out_data;
515 DATA_BLOB recv_buffer = data_blob_null;
516 struct ncacn_packet *pkt;
524 status = dcerpc_read_ncacn_packet_recv(subreq, npc, &pkt, &recv_buffer);
526 if (!NT_STATUS_IS_OK(status)) {
530 data_left = recv_buffer.length;
531 data = (char *)recv_buffer.data;
535 data_used = process_incoming_data(npc->p, data, data_left);
537 DEBUG(3, ("Failed to process dceprc request!\n"));
538 status = NT_STATUS_UNEXPECTED_IO_ERROR;
542 data_left -= data_used;
546 /* Do not leak this buffer, npc is a long lived context */
547 talloc_free(recv_buffer.data);
550 /* this is needed because of the way DCERPC Binds work in
551 * the RPC marshalling code */
552 to_send = out->frag.length - out->current_pdu_sent;
555 DEBUG(10, ("Current_pdu_len = %u, "
556 "current_pdu_sent = %u "
557 "Returning %u bytes\n",
558 (unsigned int)out->frag.length,
559 (unsigned int)out->current_pdu_sent,
560 (unsigned int)to_send));
562 npc->iov = talloc_zero(npc, struct iovec);
564 status = NT_STATUS_NO_MEMORY;
569 npc->iov[0].iov_base = out->frag.data
570 + out->current_pdu_sent;
571 npc->iov[0].iov_len = to_send;
573 out->current_pdu_sent += to_send;
576 /* this condition is false for bind packets, or when we haven't
577 * yet got a full request, and need to wait for more data from
579 while (out->data_sent_length < out->rdata.length) {
581 ok = create_next_pdu(npc->p);
583 DEBUG(3, ("Failed to create next PDU!\n"));
584 status = NT_STATUS_UNEXPECTED_IO_ERROR;
588 npc->iov = talloc_realloc(npc, npc->iov,
589 struct iovec, npc->count + 1);
591 status = NT_STATUS_NO_MEMORY;
595 npc->iov[npc->count].iov_base = out->frag.data;
596 npc->iov[npc->count].iov_len = out->frag.length;
598 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
599 (unsigned int)npc->count,
600 (unsigned int)npc->iov[npc->count].iov_len));
601 dump_data(11, (const uint8_t *)npc->iov[npc->count].iov_base,
602 npc->iov[npc->count].iov_len);
606 /* we still don't have a complete request, go back and wait for more
608 if (npc->count == 0) {
609 /* Wait for the next packet */
610 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
612 DEBUG(2, ("Failed to start receving packets\n"));
613 status = NT_STATUS_NO_MEMORY;
616 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
620 DEBUG(10, ("Sending a total of %u bytes\n",
621 (unsigned int)npc->p->out_data.data_sent_length));
623 subreq = tstream_writev_queue_send(npc, npc->ev,
626 npc->iov, npc->count);
628 DEBUG(2, ("Failed to send packet\n"));
629 status = NT_STATUS_NO_MEMORY;
632 tevent_req_set_callback(subreq, named_pipe_packet_done, npc);
636 DEBUG(2, ("Fatal error(%s). "
637 "Terminating client(%s) connection!\n",
638 nt_errstr(status), npc->client_name));
639 /* terminate client connection */
644 static void named_pipe_packet_done(struct tevent_req *subreq)
646 struct named_pipe_client *npc =
647 tevent_req_callback_data(subreq, struct named_pipe_client);
651 ret = tstream_writev_queue_recv(subreq, &sys_errno);
654 DEBUG(2, ("Writev failed!\n"));
658 /* clear out any data that may have been left around */
660 TALLOC_FREE(npc->iov);
661 data_blob_free(&npc->p->in_data.data);
662 data_blob_free(&npc->p->out_data.frag);
663 data_blob_free(&npc->p->out_data.rdata);
665 /* Wait for the next packet */
666 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
668 DEBUG(2, ("Failed to start receving packets\n"));
672 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
676 DEBUG(2, ("Fatal error(%s). "
677 "Terminating client(%s) connection!\n",
678 strerror(sys_errno), npc->client_name));
679 /* terminate client connection */
684 static void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
685 struct messaging_context *msg_ctx,
686 enum dcerpc_transport_t transport,
689 struct tsocket_address *cli_addr,
690 struct tsocket_address *srv_addr,
692 dcerpc_ncacn_disconnect_fn fn);
694 /********************************************************************
695 * Start listening on the tcp/ip socket
696 ********************************************************************/
698 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
699 struct tevent_fd *fde,
703 uint16_t setup_dcerpc_ncacn_tcpip_socket(struct tevent_context *ev_ctx,
704 struct messaging_context *msg_ctx,
705 const struct sockaddr_storage *ifss,
708 struct dcerpc_ncacn_listen_state *state;
709 struct tevent_fd *fde;
712 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
714 DEBUG(0, ("setup_dcerpc_ncacn_tcpip_socket: Out of memory\n"));
719 state->ep.port = port;
720 state->disconnect_fn = NULL;
722 if (state->ep.port == 0) {
725 for (i = SERVER_TCP_LOW_PORT; i <= SERVER_TCP_HIGH_PORT; i++) {
726 state->fd = open_socket_in(SOCK_STREAM,
737 state->fd = open_socket_in(SOCK_STREAM,
743 if (state->fd == -1) {
744 DEBUG(0, ("setup_dcerpc_ncacn_tcpip_socket: Failed to create "
745 "socket on port %u!\n", state->ep.port));
749 state->ev_ctx = ev_ctx;
750 state->msg_ctx = msg_ctx;
752 /* ready to listen */
753 set_socket_options(state->fd, "SO_KEEPALIVE");
754 set_socket_options(state->fd, lp_socket_options());
756 /* Set server socket to non-blocking for the accept. */
757 set_blocking(state->fd, false);
759 rc = listen(state->fd, SMBD_LISTEN_BACKLOG);
761 DEBUG(0,("setup_tcpip_socket: listen - %s\n", strerror(errno)));
765 DEBUG(10, ("setup_tcpip_socket: openened socket fd %d for port %u\n",
766 state->fd, state->ep.port));
768 fde = tevent_add_fd(state->ev_ctx,
772 dcerpc_ncacn_tcpip_listener,
775 DEBUG(0, ("setup_tcpip_socket: Failed to add event handler!\n"));
779 tevent_fd_set_auto_close(fde);
781 return state->ep.port;
783 if (state->fd != -1) {
791 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
792 struct tevent_fd *fde,
796 struct dcerpc_ncacn_listen_state *state =
797 talloc_get_type_abort(private_data,
798 struct dcerpc_ncacn_listen_state);
799 struct tsocket_address *cli_addr = NULL;
800 struct tsocket_address *srv_addr = NULL;
801 struct sockaddr_storage addr;
802 socklen_t in_addrlen = sizeof(addr);
806 s = accept(state->fd, (struct sockaddr *)(void *) &addr, &in_addrlen);
808 if (errno != EINTR) {
809 DEBUG(0,("tcpip_listener accept: %s\n",
815 rc = tsocket_address_bsd_from_sockaddr(state,
816 (struct sockaddr *)(void *) &addr,
824 rc = getsockname(s, (struct sockaddr *)(void *) &addr, &in_addrlen);
830 rc = tsocket_address_bsd_from_sockaddr(state,
831 (struct sockaddr *)(void *) &addr,
839 DEBUG(6, ("tcpip_listener: Accepted socket %d\n", s));
841 dcerpc_ncacn_accept(state->ev_ctx,
852 /********************************************************************
853 * Start listening on the ncalrpc socket
854 ********************************************************************/
856 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
857 struct tevent_fd *fde,
861 bool setup_dcerpc_ncalrpc_socket(struct tevent_context *ev_ctx,
862 struct messaging_context *msg_ctx,
864 dcerpc_ncacn_disconnect_fn fn)
866 struct dcerpc_ncacn_listen_state *state;
867 struct tevent_fd *fde;
869 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
871 DEBUG(0, ("Out of memory\n"));
876 state->disconnect_fn = fn;
881 state->ep.name = talloc_strdup(state, name);
883 if (state->ep.name == NULL) {
884 DEBUG(0, ("Out of memory\n"));
889 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
890 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
891 lp_ncalrpc_dir(), strerror(errno)));
895 state->fd = create_pipe_sock(lp_ncalrpc_dir(), name, 0755);
896 if (state->fd == -1) {
897 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
898 lp_ncalrpc_dir(), name));
902 DEBUG(10, ("Openened pipe socket fd %d for %s\n", state->fd, name));
904 state->ev_ctx = ev_ctx;
905 state->msg_ctx = msg_ctx;
907 /* Set server socket to non-blocking for the accept. */
908 set_blocking(state->fd, false);
910 fde = tevent_add_fd(state->ev_ctx,
914 dcerpc_ncalrpc_listener,
917 DEBUG(0, ("Failed to add event handler for ncalrpc!\n"));
921 tevent_fd_set_auto_close(fde);
925 if (state->fd != -1) {
933 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
934 struct tevent_fd *fde,
938 struct dcerpc_ncacn_listen_state *state =
939 talloc_get_type_abort(private_data,
940 struct dcerpc_ncacn_listen_state);
941 struct tsocket_address *cli_addr = NULL;
942 struct sockaddr_un sunaddr;
943 struct sockaddr *addr = (struct sockaddr *)(void *)&sunaddr;
944 socklen_t len = sizeof(sunaddr);
948 ZERO_STRUCT(sunaddr);
950 sd = accept(state->fd, addr, &len);
952 if (errno != EINTR) {
953 DEBUG(0, ("ncalrpc accept() failed: %s\n", strerror(errno)));
958 rc = tsocket_address_bsd_from_sockaddr(state,
966 DEBUG(10, ("Accepted ncalrpc socket %d\n", sd));
968 dcerpc_ncacn_accept(state->ev_ctx,
973 state->disconnect_fn);
976 struct dcerpc_ncacn_conn {
977 enum dcerpc_transport_t transport;
986 struct pipes_struct *p;
987 dcerpc_ncacn_disconnect_fn disconnect_fn;
989 struct tevent_context *ev_ctx;
990 struct messaging_context *msg_ctx;
992 struct tstream_context *tstream;
993 struct tevent_queue *send_queue;
995 struct tsocket_address *client;
997 struct tsocket_address *server;
999 struct auth_session_info *session_info;
1005 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq);
1006 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq);
1008 static void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
1009 struct messaging_context *msg_ctx,
1010 enum dcerpc_transport_t transport,
1013 struct tsocket_address *cli_addr,
1014 struct tsocket_address *srv_addr,
1016 dcerpc_ncacn_disconnect_fn fn) {
1017 struct dcerpc_ncacn_conn *ncacn_conn;
1018 struct tevent_req *subreq;
1019 const char *cli_str;
1020 const char *srv_str = NULL;
1021 bool system_user = false;
1028 DEBUG(10, ("dcerpc_ncacn_accept\n"));
1030 ncacn_conn = talloc_zero(ev_ctx, struct dcerpc_ncacn_conn);
1031 if (ncacn_conn == NULL) {
1032 DEBUG(0, ("Out of memory!\n"));
1037 ncacn_conn->transport = transport;
1038 ncacn_conn->ev_ctx = ev_ctx;
1039 ncacn_conn->msg_ctx = msg_ctx;
1040 ncacn_conn->sock = s;
1041 ncacn_conn->disconnect_fn = fn;
1043 ncacn_conn->client = talloc_move(ncacn_conn, &cli_addr);
1044 if (tsocket_address_is_inet(ncacn_conn->client, "ip")) {
1045 ncacn_conn->client_name =
1046 tsocket_address_inet_addr_string(ncacn_conn->client,
1049 ncacn_conn->client_name =
1050 tsocket_address_unix_path(ncacn_conn->client,
1053 if (ncacn_conn->client_name == NULL) {
1054 DEBUG(0, ("Out of memory!\n"));
1055 talloc_free(ncacn_conn);
1060 if (srv_addr != NULL) {
1061 ncacn_conn->server = talloc_move(ncacn_conn, &srv_addr);
1063 ncacn_conn->server_name =
1064 tsocket_address_inet_addr_string(ncacn_conn->server,
1066 if (ncacn_conn->server_name == NULL) {
1067 DEBUG(0, ("Out of memory!\n"));
1068 talloc_free(ncacn_conn);
1074 switch (transport) {
1076 ncacn_conn->ep.port = port;
1078 pipe_name = tsocket_address_string(ncacn_conn->client,
1080 if (pipe_name == NULL) {
1082 talloc_free(ncacn_conn);
1088 rc = sys_getpeereid(s, &uid);
1090 DEBUG(2, ("Failed to get ncalrpc connecting uid!"));
1092 if (uid == sec_initial_uid()) {
1097 ncacn_conn->ep.name = talloc_strdup(ncacn_conn, name);
1098 if (ncacn_conn->ep.name == NULL) {
1100 talloc_free(ncacn_conn);
1104 pipe_name = talloc_strdup(ncacn_conn,
1106 if (pipe_name == NULL) {
1108 talloc_free(ncacn_conn);
1113 DEBUG(0, ("unknown dcerpc transport: %u!\n",
1115 talloc_free(ncacn_conn);
1120 rc = set_blocking(s, false);
1122 DEBUG(2, ("Failed to set dcerpc socket to non-blocking\n"));
1123 talloc_free(ncacn_conn);
1129 * As soon as we have tstream_bsd_existing_socket set up it will
1130 * take care of closing the socket.
1132 rc = tstream_bsd_existing_socket(ncacn_conn, s, &ncacn_conn->tstream);
1134 DEBUG(2, ("Failed to create tstream socket for dcerpc\n"));
1135 talloc_free(ncacn_conn);
1140 if (tsocket_address_is_inet(ncacn_conn->client, "ip")) {
1141 cli_str = ncacn_conn->client_name;
1146 if (ncacn_conn->server != NULL) {
1147 if (tsocket_address_is_inet(ncacn_conn->server, "ip")) {
1148 srv_str = ncacn_conn->server_name;
1154 if (ncacn_conn->session_info == NULL) {
1155 status = auth_anonymous_session_info(ncacn_conn,
1156 &ncacn_conn->session_info);
1157 if (!NT_STATUS_IS_OK(status)) {
1158 DEBUG(2, ("Failed to create "
1159 "auth_anonymous_session_info - %s\n",
1160 nt_errstr(status)));
1161 talloc_free(ncacn_conn);
1166 rc = make_server_pipes_struct(ncacn_conn,
1168 ncacn_conn->transport,
1172 ncacn_conn->session_info,
1176 DEBUG(2, ("Failed to create pipe struct - %s",
1177 strerror(sys_errno)));
1178 talloc_free(ncacn_conn);
1182 ncacn_conn->send_queue = tevent_queue_create(ncacn_conn,
1183 "dcerpc send queue");
1184 if (ncacn_conn->send_queue == NULL) {
1185 DEBUG(0, ("Out of memory!\n"));
1186 talloc_free(ncacn_conn);
1190 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1192 ncacn_conn->tstream);
1193 if (subreq == NULL) {
1194 DEBUG(2, ("Failed to send ncacn packet\n"));
1195 talloc_free(ncacn_conn);
1199 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1201 DEBUG(10, ("dcerpc_ncacn_accept done\n"));
1206 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq)
1208 struct dcerpc_ncacn_conn *ncacn_conn =
1209 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1211 struct _output_data *out = &ncacn_conn->p->out_data;
1212 DATA_BLOB recv_buffer = data_blob_null;
1213 struct ncacn_packet *pkt;
1221 status = dcerpc_read_ncacn_packet_recv(subreq, ncacn_conn, &pkt, &recv_buffer);
1222 TALLOC_FREE(subreq);
1223 if (!NT_STATUS_IS_OK(status)) {
1224 if (ncacn_conn->disconnect_fn != NULL) {
1225 ok = ncacn_conn->disconnect_fn(ncacn_conn->p);
1227 DEBUG(3, ("Failed to call disconnect function\n"));
1233 data_left = recv_buffer.length;
1234 data = (char *) recv_buffer.data;
1237 data_used = process_incoming_data(ncacn_conn->p, data, data_left);
1238 if (data_used < 0) {
1239 DEBUG(3, ("Failed to process dcerpc request!\n"));
1240 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1244 data_left -= data_used;
1248 /* Do not leak this buffer */
1249 talloc_free(recv_buffer.data);
1253 * This is needed because of the way DCERPC binds work in the RPC
1256 to_send = out->frag.length - out->current_pdu_sent;
1259 DEBUG(10, ("Current_pdu_len = %u, "
1260 "current_pdu_sent = %u "
1261 "Returning %u bytes\n",
1262 (unsigned int)out->frag.length,
1263 (unsigned int)out->current_pdu_sent,
1264 (unsigned int)to_send));
1266 ncacn_conn->iov = talloc_zero(ncacn_conn, struct iovec);
1267 if (ncacn_conn->iov == NULL) {
1268 status = NT_STATUS_NO_MEMORY;
1269 DEBUG(3, ("Out of memory!\n"));
1272 ncacn_conn->count = 1;
1274 ncacn_conn->iov[0].iov_base = out->frag.data
1275 + out->current_pdu_sent;
1276 ncacn_conn->iov[0].iov_len = to_send;
1278 out->current_pdu_sent += to_send;
1282 * This condition is false for bind packets, or when we haven't yet got
1283 * a full request, and need to wait for more data from the client
1285 while (out->data_sent_length < out->rdata.length) {
1286 ok = create_next_pdu(ncacn_conn->p);
1288 DEBUG(3, ("Failed to create next PDU!\n"));
1289 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1293 ncacn_conn->iov = talloc_realloc(ncacn_conn,
1296 ncacn_conn->count + 1);
1297 if (ncacn_conn->iov == NULL) {
1298 DEBUG(3, ("Out of memory!\n"));
1299 status = NT_STATUS_NO_MEMORY;
1303 ncacn_conn->iov[ncacn_conn->count].iov_base = out->frag.data;
1304 ncacn_conn->iov[ncacn_conn->count].iov_len = out->frag.length;
1306 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
1307 (unsigned int) ncacn_conn->count,
1308 (unsigned int) ncacn_conn->iov[ncacn_conn->count].iov_len));
1309 dump_data(11, (const uint8_t *) ncacn_conn->iov[ncacn_conn->count].iov_base,
1310 ncacn_conn->iov[ncacn_conn->count].iov_len);
1311 ncacn_conn->count++;
1315 * We still don't have a complete request, go back and wait for more
1318 if (ncacn_conn->count == 0) {
1319 /* Wait for the next packet */
1320 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1322 ncacn_conn->tstream);
1323 if (subreq == NULL) {
1324 DEBUG(2, ("Failed to start receving packets\n"));
1325 status = NT_STATUS_NO_MEMORY;
1328 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1332 DEBUG(10, ("Sending a total of %u bytes\n",
1333 (unsigned int)ncacn_conn->p->out_data.data_sent_length));
1335 subreq = tstream_writev_queue_send(ncacn_conn,
1337 ncacn_conn->tstream,
1338 ncacn_conn->send_queue,
1341 if (subreq == NULL) {
1342 DEBUG(2, ("Failed to send packet\n"));
1343 status = NT_STATUS_NO_MEMORY;
1347 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_done, ncacn_conn);
1351 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1352 ncacn_conn->client_name, nt_errstr(status)));
1354 /* Terminate client connection */
1355 talloc_free(ncacn_conn);
1359 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq)
1361 struct dcerpc_ncacn_conn *ncacn_conn =
1362 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1363 NTSTATUS status = NT_STATUS_OK;
1367 rc = tstream_writev_queue_recv(subreq, &sys_errno);
1368 TALLOC_FREE(subreq);
1370 DEBUG(2, ("Writev failed!\n"));
1371 status = map_nt_error_from_unix(sys_errno);
1375 /* clear out any data that may have been left around */
1376 ncacn_conn->count = 0;
1377 TALLOC_FREE(ncacn_conn->iov);
1378 data_blob_free(&ncacn_conn->p->in_data.data);
1379 data_blob_free(&ncacn_conn->p->out_data.frag);
1380 data_blob_free(&ncacn_conn->p->out_data.rdata);
1382 /* Wait for the next packet */
1383 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1385 ncacn_conn->tstream);
1386 if (subreq == NULL) {
1387 DEBUG(2, ("Failed to start receving packets\n"));
1388 status = NT_STATUS_NO_MEMORY;
1392 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1396 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1397 ncacn_conn->client_name, nt_errstr(status)));
1399 /* Terminate client connection */
1400 talloc_free(ncacn_conn);
1404 /* vim: set ts=8 sw=8 noet cindent syntax=c.doxygen: */