struct dcesrv_call_state;
struct dcesrv_auth;
struct dcesrv_connection_context;
+struct dcesrv_iface_state;
struct dcesrv_interface {
const char *name;
struct ndr_syntax_id syntax_id;
/* this function is called when the client binds to this interface */
- NTSTATUS (*bind)(struct dcesrv_call_state *, const struct dcesrv_interface *, uint32_t if_version);
+ NTSTATUS (*bind)(struct dcesrv_connection_context *, const struct dcesrv_interface *);
/* this function is called when the client disconnects the endpoint */
void (*unbind)(struct dcesrv_connection_context *, const struct dcesrv_interface *);
/* the state of an ongoing dcerpc call */
struct dcesrv_call_state {
struct dcesrv_call_state *next, *prev;
+ struct dcesrv_auth *auth_state;
struct dcesrv_connection *conn;
struct dcesrv_connection_context *context;
struct ncacn_packet pkt;
struct dcesrv_assoc_group *assoc_group;
struct policy_handle wire_handle;
struct dom_sid *sid;
+ enum dcerpc_AuthLevel min_auth_level;
const struct dcesrv_interface *iface;
void *data;
};
struct gensec_security *gensec_security;
struct auth_session_info *session_info;
NTSTATUS (*session_key_fn)(struct dcesrv_auth *, DATA_BLOB *session_key);
- bool client_hdr_signing;
- bool hdr_signing;
+ bool auth_started;
bool auth_finished;
bool auth_invalid;
};
/* the ndr function table for the chosen interface */
const struct dcesrv_interface *iface;
- /* private data for the interface implementation */
- void *private_data;
-
/*
* the minimum required auth level for this interface
*/
const struct tsocket_address *remote_address;
/* the current authentication state */
- struct dcesrv_auth auth_state;
+ struct dcesrv_auth *default_auth_state;
+ bool client_hdr_signing;
+ bool support_hdr_signing;
+ bool negotiated_hdr_signing;
/*
* remember which pdu types are allowed
*/
bool allow_bind;
- bool allow_auth3;
bool allow_alter;
- bool allow_request;
/* the association group the connection belongs to */
struct dcesrv_assoc_group *assoc_group;
*/
const struct ndr_syntax_id *preferred_transfer;
- /* the negotiated bind time features */
- uint16_t bind_time_features;
-
/*
* This is used to block the connection during
* pending authentication.
struct dcesrv_assoc_group {
/* the wire id */
uint32_t id;
-
+
+ /* The transport this is valid on */
+ enum dcerpc_transport_t transport;
+
/* list of handles in this association group */
struct dcesrv_handle *handles;
+ /*
+ * list of iface states per assoc/conn
+ */
+ struct dcesrv_iface_state *iface_states;
+
/* parent context */
struct dcesrv_context *dce_ctx;
- /* Remote association group ID (if proxied) */
- uint32_t proxied_id;
+ /* the negotiated bind time features */
+ uint16_t bind_time_features;
};
/* server-wide context information for the dcerpc server */
struct dcesrv_endpoint *next, *prev;
/* the type and location of the endpoint */
struct dcerpc_binding *ep_description;
+ /* the secondary endpoint description for the BIND_ACK */
+ struct dcerpc_binding *ep_2nd_description;
/* the security descriptor for smb named pipes */
struct security_descriptor *sd;
/* the list of interfaces available on this endpoint */
NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx,
const char *ep_name,
+ const char *ncacn_np_secondary_endpoint,
const struct dcesrv_interface *iface,
const struct security_descriptor *sd);
NTSTATUS dcerpc_register_ep_server(const struct dcesrv_endpoint_server *ep_server);
*/
_PUBLIC_ struct auth_session_info *dcesrv_call_session_info(struct dcesrv_call_state *dce_call);
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_integrity(struct dcesrv_call_state *dce_call,
+/**
+ * retrieve auth type/level from a dce_call
+ */
+_PUBLIC_ void dcesrv_call_auth_info(struct dcesrv_call_state *dce_call,
+ enum dcerpc_AuthType *auth_type,
+ enum dcerpc_AuthLevel *auth_level);
+
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_integrity(struct dcesrv_connection_context *context,
const struct dcesrv_interface *iface);
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_privacy(struct dcesrv_call_state *dce_call,
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_privacy(struct dcesrv_connection_context *context,
const struct dcesrv_interface *iface);
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_reject_connect(struct dcesrv_call_state *dce_call,
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_reject_connect(struct dcesrv_connection_context *context,
const struct dcesrv_interface *iface);
-_PUBLIC_ NTSTATUS dcesrv_interface_bind_allow_connect(struct dcesrv_call_state *dce_call,
+_PUBLIC_ NTSTATUS dcesrv_interface_bind_allow_connect(struct dcesrv_connection_context *context,
const struct dcesrv_interface *iface);
+_PUBLIC_ NTSTATUS _dcesrv_iface_state_store_assoc(
+ struct dcesrv_call_state *call,
+ uint64_t magic,
+ void *ptr,
+ const char *location);
+#define dcesrv_iface_state_store_assoc(call, magic, ptr) \
+ _dcesrv_iface_state_store_assoc((call), (magic), (ptr), \
+ __location__)
+_PUBLIC_ void *_dcesrv_iface_state_find_assoc(
+ struct dcesrv_call_state *call,
+ uint64_t magic);
+#define dcesrv_iface_state_find_assoc(call, magic, _type) \
+ talloc_get_type( \
+ _dcesrv_iface_state_find_assoc((call), (magic)), \
+ _type)
+
+_PUBLIC_ NTSTATUS _dcesrv_iface_state_store_conn(
+ struct dcesrv_call_state *call,
+ uint64_t magic,
+ void *_pptr,
+ const char *location);
+#define dcesrv_iface_state_store_conn(call, magic, ptr) \
+ _dcesrv_iface_state_store_conn((call), (magic), (ptr), \
+ __location__)
+_PUBLIC_ void *_dcesrv_iface_state_find_conn(
+ struct dcesrv_call_state *call,
+ uint64_t magic);
+#define dcesrv_iface_state_find_conn(call, magic, _type) \
+ talloc_get_type( \
+ _dcesrv_iface_state_find_conn((call), (magic)), \
+ _type)
+
#endif /* SAMBA_DCERPC_SERVER_H */