*/
#include "includes.h"
-#include "lib/util/dlinklist.h"
+#include "../lib/util/dlinklist.h"
#include "rpc_server/dcerpc_server.h"
+#include "libcli/security/security.h"
+#include "auth/session.h"
/*
destroy a rpc handle
*/
static int dcesrv_handle_destructor(struct dcesrv_handle *h)
{
- DLIST_REMOVE(h->context->handles, h);
- talloc_free(h);
+ DLIST_REMOVE(h->assoc_group->handles, h);
return 0;
}
allocate a new rpc handle
*/
_PUBLIC_ struct dcesrv_handle *dcesrv_handle_new(struct dcesrv_connection_context *context,
- uint8_t handle_type)
+ uint8_t handle_type)
{
struct dcesrv_handle *h;
+ struct dom_sid *sid;
- h = talloc(context, struct dcesrv_handle);
+ /*
+ * For simplicty, ensure we abort here for an interface that has no handles (programmer error)
+ */
+ SMB_ASSERT((context->iface->flags & DCESRV_INTERFACE_FLAGS_HANDLES_NOT_USED) == 0);
+
+ sid = &context->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
+
+ h = talloc_zero(context->conn->assoc_group, struct dcesrv_handle);
if (!h) {
return NULL;
}
h->data = NULL;
- h->context = context;
-
+ h->sid = dom_sid_dup(h, sid);
+ if (h->sid == NULL) {
+ talloc_free(h);
+ return NULL;
+ }
+ h->assoc_group = context->conn->assoc_group;
+ h->iface = context->iface;
h->wire_handle.handle_type = handle_type;
h->wire_handle.uuid = GUID_random();
- DLIST_ADD(context->handles, h);
+ DLIST_ADD(context->conn->assoc_group->handles, h);
talloc_set_destructor(h, dcesrv_handle_destructor);
return h;
}
-/*
+/**
find an internal handle given a wire handle. If the wire handle is NULL then
allocate a new handle
*/
-_PUBLIC_ struct dcesrv_handle *dcesrv_handle_fetch(struct dcesrv_connection_context *context,
- struct policy_handle *p,
+_PUBLIC_ struct dcesrv_handle *dcesrv_handle_fetch(
+ struct dcesrv_connection_context *context,
+ const struct policy_handle *p,
uint8_t handle_type)
{
struct dcesrv_handle *h;
+ struct dom_sid *sid;
- if (policy_handle_empty(p)) {
+ /*
+ * For simplicty, ensure we abort here for an interface that has no handles (programmer error)
+ */
+ SMB_ASSERT((context->iface->flags & DCESRV_INTERFACE_FLAGS_HANDLES_NOT_USED) == 0);
+
+ sid = &context->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
+
+ if (ndr_policy_handle_empty(p)) {
+ /* TODO: we should probably return a NULL handle here */
return dcesrv_handle_new(context, handle_type);
}
- for (h=context->handles; h; h=h->next) {
+ for (h=context->conn->assoc_group->handles; h; h=h->next) {
if (h->wire_handle.handle_type == p->handle_type &&
GUID_equal(&p->uuid, &h->wire_handle.uuid)) {
if (handle_type != DCESRV_HANDLE_ANY &&
p->handle_type, handle_type));
return NULL;
}
+ if (!dom_sid_equal(h->sid, sid)) {
+ DEBUG(0,(__location__ ": Attempt to use invalid sid %s - %s\n",
+ dom_sid_string(context, h->sid),
+ dom_sid_string(context, sid)));
+ return NULL;
+ }
+ if (h->iface != context->iface) {
+ DEBUG(0,(__location__ ": Attempt to use invalid iface\n"));
+ return NULL;
+ }
return h;
}
}