2 Unix SMB/Netbios implementation.
3 Generic infrstructure for RPC Daemons
4 Copyright (C) Simo Sorce 2010
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "rpc_server/rpc_server.h"
23 #include "librpc/gen_ndr/netlogon.h"
24 #include "registry/reg_parse_prs.h"
25 #include "lib/tsocket/tsocket.h"
26 #include "libcli/named_pipe_auth/npa_tstream.h"
28 /* Creates a pipes_struct and initializes it with the information
29 * sent from the client */
30 static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
31 const char *pipe_name,
32 const struct ndr_syntax_id id,
33 const char *client_address,
34 struct netr_SamInfo3 *info3,
35 struct pipes_struct **_p,
38 struct pipes_struct *p;
42 p = talloc_zero(mem_ctx, struct pipes_struct);
49 p->mem_ctx = talloc_named(p, 0, "pipe %s %p", pipe_name, p);
56 ok = init_pipe_handles(p, &id);
58 DEBUG(1, ("Failed to init handles\n"));
65 data_blob_free(&p->in_data.data);
66 data_blob_free(&p->in_data.pdu);
68 p->endian = RPC_LITTLE_ENDIAN;
70 status = make_server_info_info3(p,
71 info3->base.account_name.string,
72 info3->base.domain.string,
73 &p->server_info, info3);
74 if (!NT_STATUS_IS_OK(status)) {
75 DEBUG(1, ("Failed to init server info\n"));
82 * Some internal functions need a local token to determine access to
85 status = create_local_token(p->server_info);
86 if (!NT_STATUS_IS_OK(status)) {
87 DEBUG(1, ("Failed to init local auth token\n"));
93 p->client_id = talloc_zero(p, struct client_address);
99 strlcpy(p->client_id->addr,
100 client_address, sizeof(p->client_id->addr));
101 p->client_id->name = talloc_strdup(p->client_id, client_address);
102 if (p->client_id->name == NULL) {
108 talloc_set_destructor(p, close_internal_rpc_pipe_hnd);
114 /* Add some helper functions to wrap the common ncacn packet reading functions
115 * until we can share more dcerpc code */
116 struct named_pipe_read_packet_state {
117 struct ncacn_packet *pkt;
121 static void named_pipe_read_packet_done(struct tevent_req *subreq);
123 static struct tevent_req *named_pipe_read_packet_send(TALLOC_CTX *mem_ctx,
124 struct tevent_context *ev,
125 struct tstream_context *tstream)
127 struct named_pipe_read_packet_state *state;
128 struct tevent_req *req, *subreq;
130 req = tevent_req_create(mem_ctx, &state,
131 struct named_pipe_read_packet_state);
137 subreq = dcerpc_read_ncacn_packet_send(state, ev, tstream);
139 tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
140 tevent_req_post(req, ev);
143 tevent_req_set_callback(subreq, named_pipe_read_packet_done, req);
148 static void named_pipe_read_packet_done(struct tevent_req *subreq)
150 struct tevent_req *req =
151 tevent_req_callback_data(subreq, struct tevent_req);
152 struct named_pipe_read_packet_state *state =
153 tevent_req_data(req, struct named_pipe_read_packet_state);
156 status = dcerpc_read_ncacn_packet_recv(subreq, state,
160 if (!NT_STATUS_IS_OK(status)) {
161 DEBUG(3, ("Failed to receive dceprc packet!\n"));
162 tevent_req_nterror(req, status);
166 tevent_req_done(req);
169 static NTSTATUS named_pipe_read_packet_recv(struct tevent_req *req,
173 struct named_pipe_read_packet_state *state =
174 tevent_req_data(req, struct named_pipe_read_packet_state);
177 if (tevent_req_is_nterror(req, &status)) {
178 tevent_req_received(req);
182 buffer->data = talloc_move(mem_ctx, &state->buffer.data);
183 buffer->length = state->buffer.length;
185 tevent_req_received(req);
191 /* Start listening on the appropriate unix socket and setup all is needed to
192 * dispatch requests to the pipes rpc implementation */
194 struct named_pipe_listen_state {
199 static void named_pipe_listener(struct tevent_context *ev,
200 struct tevent_fd *fde,
204 bool setup_named_pipe_socket(const char *pipe_name,
205 struct tevent_context *ev_ctx)
207 struct named_pipe_listen_state *state;
208 struct tevent_fd *fde;
211 state = talloc(ev_ctx, struct named_pipe_listen_state);
213 DEBUG(0, ("Out of memory\n"));
216 state->name = talloc_strdup(state, pipe_name);
218 DEBUG(0, ("Out of memory\n"));
223 np_dir = talloc_asprintf(state, "%s/np", lp_ncalrpc_dir());
225 DEBUG(0, ("Out of memory\n"));
229 if (!directory_create_or_exist(np_dir, geteuid(), 0700)) {
230 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
231 np_dir, strerror(errno)));
235 state->fd = create_pipe_sock(np_dir, pipe_name, 0700);
236 if (state->fd == -1) {
237 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
242 DEBUG(10, ("Openened pipe socket fd %d for %s\n",
243 state->fd, pipe_name));
245 fde = tevent_add_fd(ev_ctx,
246 state, state->fd, TEVENT_FD_READ,
247 named_pipe_listener, state);
249 DEBUG(0, ("Failed to add event handler!\n"));
253 tevent_fd_set_auto_close(fde);
257 if (state->fd != -1) {
264 static void named_pipe_accept_function(const char *pipe_name, int fd);
266 static void named_pipe_listener(struct tevent_context *ev,
267 struct tevent_fd *fde,
271 struct named_pipe_listen_state *state =
272 talloc_get_type_abort(private_data,
273 struct named_pipe_listen_state);
274 struct sockaddr_un sunaddr;
278 /* TODO: should we have a limit to the number of clients ? */
280 len = sizeof(sunaddr);
283 sd = accept(state->fd,
284 (struct sockaddr *)(void *)&sunaddr, &len);
285 if (errno != EINTR) break;
289 DEBUG(6, ("Failed to get a valid socket [%s]\n",
294 DEBUG(6, ("Accepted socket %d\n", sd));
296 named_pipe_accept_function(state->name, sd);
300 /* This is the core of the rpc server.
301 * Accepts connections from clients and process requests using the appropriate
302 * dispatcher table. */
304 struct named_pipe_client {
305 const char *pipe_name;
306 struct ndr_syntax_id pipe_id;
308 struct tevent_context *ev;
309 struct messaging_context *msg_ctx;
312 uint16_t device_state;
313 uint64_t allocation_size;
315 struct tstream_context *tstream;
317 struct tsocket_address *client;
319 struct tsocket_address *server;
321 struct netr_SamInfo3 *info3;
322 DATA_BLOB session_key;
323 DATA_BLOB delegated_creds;
325 struct pipes_struct *p;
327 struct tevent_queue *write_queue;
333 static void named_pipe_accept_done(struct tevent_req *subreq);
335 static void named_pipe_accept_function(const char *pipe_name, int fd)
337 struct ndr_syntax_id syntax;
338 struct named_pipe_client *npc;
339 struct tstream_context *plain;
340 struct tevent_req *subreq;
344 ok = is_known_pipename(pipe_name, &syntax);
346 DEBUG(1, ("Unknown pipe [%s]\n", pipe_name));
351 npc = talloc_zero(NULL, struct named_pipe_client);
353 DEBUG(0, ("Out of memory!\n"));
357 npc->pipe_name = pipe_name;
358 npc->pipe_id = syntax;
359 npc->ev = server_event_context();
360 npc->msg_ctx = server_messaging_context();
362 /* make sure socket is in NON blocking state */
363 ret = set_blocking(fd, false);
365 DEBUG(2, ("Failed to make socket non-blocking\n"));
371 ret = tstream_bsd_existing_socket(npc, fd, &plain);
373 DEBUG(2, ("Failed to create tstream socket\n"));
379 npc->file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
380 npc->device_state = 0xff | 0x0400 | 0x0100;
381 npc->allocation_size = 4096;
383 subreq = tstream_npa_accept_existing_send(npc, npc->ev, plain,
386 npc->allocation_size);
388 DEBUG(2, ("Failed to start async accept procedure\n"));
393 tevent_req_set_callback(subreq, named_pipe_accept_done, npc);
396 static void named_pipe_packet_process(struct tevent_req *subreq);
397 static void named_pipe_packet_done(struct tevent_req *subreq);
399 static void named_pipe_accept_done(struct tevent_req *subreq)
401 struct named_pipe_client *npc =
402 tevent_req_callback_data(subreq, struct named_pipe_client);
403 const char *cli_addr;
407 ret = tstream_npa_accept_existing_recv(subreq, &error, npc,
415 &npc->delegated_creds);
418 DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
424 if (tsocket_address_is_inet(npc->client, "ip")) {
425 cli_addr = tsocket_address_inet_addr_string(npc->client,
427 if (cli_addr == NULL) {
435 ret = make_server_pipes_struct(npc,
436 npc->pipe_name, npc->pipe_id,
437 cli_addr, npc->info3,
440 DEBUG(2, ("Failed to create pipes_struct! (%s)\n",
444 npc->p->msg_ctx = npc->msg_ctx;
446 npc->write_queue = tevent_queue_create(npc, "np_server_write_queue");
447 if (!npc->write_queue) {
448 DEBUG(2, ("Failed to set up write queue!\n"));
452 /* And now start receaving and processing packets */
453 subreq = named_pipe_read_packet_send(npc, npc->ev, npc->tstream);
455 DEBUG(2, ("Failed to start receving packets\n"));
458 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
462 DEBUG(2, ("Fatal error. Terminating client(%s) connection!\n",
464 /* terminate client connection */
469 static void named_pipe_packet_process(struct tevent_req *subreq)
471 struct named_pipe_client *npc =
472 tevent_req_callback_data(subreq, struct named_pipe_client);
473 struct _output_data *out = &npc->p->out_data;
474 DATA_BLOB recv_buffer = data_blob_null;
482 status = named_pipe_read_packet_recv(subreq, npc, &recv_buffer);
484 if (!NT_STATUS_IS_OK(status)) {
488 data_left = recv_buffer.length;
489 data = (char *)recv_buffer.data;
493 data_used = process_incoming_data(npc->p, data, data_left);
495 DEBUG(3, ("Failed to process dceprc request!\n"));
496 status = NT_STATUS_UNEXPECTED_IO_ERROR;
500 data_left -= data_used;
504 /* Do not leak this buffer, npc is a long lived context */
505 talloc_free(recv_buffer.data);
507 /* this is needed because of the way DCERPC Binds work in
508 * the RPC marshalling code */
509 to_send = out->frag.length - out->current_pdu_sent;
512 DEBUG(10, ("Current_pdu_len = %u, "
513 "current_pdu_sent = %u "
514 "Returning %u bytes\n",
515 (unsigned int)out->frag.length,
516 (unsigned int)out->current_pdu_sent,
517 (unsigned int)to_send));
519 npc->iov = talloc_zero(npc, struct iovec);
521 status = NT_STATUS_NO_MEMORY;
526 npc->iov[0].iov_base = out->frag.data
527 + out->current_pdu_sent;
528 npc->iov[0].iov_len = to_send;
530 out->current_pdu_sent += to_send;
533 /* this condition is false for bind packets, or when we haven't
534 * yet got a full request, and need to wait for more data from
536 while (out->data_sent_length < out->rdata.length) {
538 ok = create_next_pdu(npc->p);
540 DEBUG(3, ("Failed to create next PDU!\n"));
541 status = NT_STATUS_UNEXPECTED_IO_ERROR;
545 npc->iov = talloc_realloc(npc, npc->iov,
546 struct iovec, npc->count + 1);
548 status = NT_STATUS_NO_MEMORY;
552 npc->iov[npc->count].iov_base = out->frag.data;
553 npc->iov[npc->count].iov_len = out->frag.length;
555 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
556 (unsigned int)npc->count,
557 (unsigned int)npc->iov[npc->count].iov_len));
558 dump_data(11, (const uint8_t *)npc->iov[npc->count].iov_base,
559 npc->iov[npc->count].iov_len);
563 /* we still don't have a complete request, go back and wait for more
565 if (npc->count == 0) {
566 /* Wait for the next packet */
567 subreq = named_pipe_read_packet_send(npc, npc->ev, npc->tstream);
569 DEBUG(2, ("Failed to start receving packets\n"));
570 status = NT_STATUS_NO_MEMORY;
573 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
577 DEBUG(10, ("Sending a total of %u bytes\n",
578 (unsigned int)npc->p->out_data.data_sent_length));
580 subreq = tstream_writev_queue_send(npc, npc->ev,
583 npc->iov, npc->count);
585 DEBUG(2, ("Failed to send packet\n"));
586 status = NT_STATUS_NO_MEMORY;
589 tevent_req_set_callback(subreq, named_pipe_packet_done, npc);
593 DEBUG(2, ("Fatal error(%s). "
594 "Terminating client(%s) connection!\n",
595 nt_errstr(status), npc->client_name));
596 /* terminate client connection */
601 static void named_pipe_packet_done(struct tevent_req *subreq)
603 struct named_pipe_client *npc =
604 tevent_req_callback_data(subreq, struct named_pipe_client);
608 ret = tstream_writev_queue_recv(subreq, &sys_errno);
611 DEBUG(2, ("Writev failed!\n"));
615 /* clear out any data that may have been left around */
617 TALLOC_FREE(npc->iov);
618 data_blob_free(&npc->p->in_data.data);
619 data_blob_free(&npc->p->out_data.frag);
620 data_blob_free(&npc->p->out_data.rdata);
622 /* Wait for the next packet */
623 subreq = named_pipe_read_packet_send(npc, npc->ev, npc->tstream);
625 DEBUG(2, ("Failed to start receving packets\n"));
629 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
633 DEBUG(2, ("Fatal error(%s). "
634 "Terminating client(%s) connection!\n",
635 strerror(sys_errno), npc->client_name));
636 /* terminate client connection */