This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
+#include "../lib/util/dlinklist.h"
+#include "rpc_server/dcerpc_server.h"
+#include "libcli/security/security.h"
+#include "auth/session.h"
+
+/*
+ destroy a rpc handle
+*/
+static int dcesrv_handle_destructor(struct dcesrv_handle *h)
+{
+ DLIST_REMOVE(h->assoc_group->handles, h);
+ return 0;
+}
+
/*
allocate a new rpc handle
*/
-struct dcesrv_handle *dcesrv_handle_new(struct dcesrv_connection *dce_conn,
- uint8 handle_type)
+_PUBLIC_ struct dcesrv_handle *dcesrv_handle_new(struct dcesrv_connection_context *context,
+ uint8_t handle_type)
{
- TALLOC_CTX *mem_ctx;
struct dcesrv_handle *h;
+ struct dom_sid *sid;
- mem_ctx = talloc_init("rpc handle type %d\n", handle_type);
- if (!mem_ctx) {
- return NULL;
- }
- h = talloc(mem_ctx, sizeof(*h));
+ /*
+ * For simplicty, ensure we abort here for an interface that has no handles (programmer error)
+ */
+ SMB_ASSERT((context->iface->flags & DCESRV_INTERFACE_FLAGS_HANDLES_NOT_USED) == 0);
+
+ sid = &context->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
+
+ h = talloc_zero(context->conn->assoc_group, struct dcesrv_handle);
if (!h) {
- talloc_destroy(mem_ctx);
return NULL;
}
- h->mem_ctx = mem_ctx;
h->data = NULL;
- h->destroy = NULL;
-
+ h->sid = dom_sid_dup(h, sid);
+ if (h->sid == NULL) {
+ talloc_free(h);
+ return NULL;
+ }
+ h->assoc_group = context->conn->assoc_group;
+ h->iface = context->iface;
h->wire_handle.handle_type = handle_type;
- uuid_generate_random(&h->wire_handle.uuid);
+ h->wire_handle.uuid = GUID_random();
- DLIST_ADD(dce_conn->handles, h);
+ DLIST_ADD(context->conn->assoc_group->handles, h);
- return h;
-}
+ talloc_set_destructor(h, dcesrv_handle_destructor);
-/*
- destroy a rpc handle
-*/
-void dcesrv_handle_destroy(struct dcesrv_connection *dce_conn,
- struct dcesrv_handle *h)
-{
- if (h->destroy) {
- h->destroy(dce_conn, h);
- }
- DLIST_REMOVE(dce_conn->handles, h);
- talloc_destroy(h->mem_ctx);
+ return h;
}
-
-/*
+/**
find an internal handle given a wire handle. If the wire handle is NULL then
allocate a new handle
*/
-struct dcesrv_handle *dcesrv_handle_fetch(struct dcesrv_connection *dce_conn,
- struct policy_handle *p,
- uint8 handle_type)
+_PUBLIC_ struct dcesrv_handle *dcesrv_handle_fetch(
+ struct dcesrv_connection_context *context,
+ const struct policy_handle *p,
+ uint8_t handle_type)
{
struct dcesrv_handle *h;
+ struct dom_sid *sid;
+
+ /*
+ * For simplicty, ensure we abort here for an interface that has no handles (programmer error)
+ */
+ SMB_ASSERT((context->iface->flags & DCESRV_INTERFACE_FLAGS_HANDLES_NOT_USED) == 0);
- if (policy_handle_empty(p)) {
- return dcesrv_handle_new(dce_conn, handle_type);
+ sid = &context->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
+
+ if (ndr_policy_handle_empty(p)) {
+ /* TODO: we should probably return a NULL handle here */
+ return dcesrv_handle_new(context, handle_type);
}
- for (h=dce_conn->handles; h; h=h->next) {
+ for (h=context->conn->assoc_group->handles; h; h=h->next) {
if (h->wire_handle.handle_type == p->handle_type &&
- uuid_equal(&p->uuid, &h->wire_handle.uuid)) {
+ GUID_equal(&p->uuid, &h->wire_handle.uuid)) {
if (handle_type != DCESRV_HANDLE_ANY &&
p->handle_type != handle_type) {
DEBUG(0,("client gave us the wrong handle type (%d should be %d)\n",
p->handle_type, handle_type));
return NULL;
}
+ if (!dom_sid_equal(h->sid, sid)) {
+ DEBUG(0,(__location__ ": Attempt to use invalid sid %s - %s\n",
+ dom_sid_string(context, h->sid),
+ dom_sid_string(context, sid)));
+ return NULL;
+ }
+ if (h->iface != context->iface) {
+ DEBUG(0,(__location__ ": Attempt to use invalid iface\n"));
+ return NULL;
+ }
return h;
}
}