2 Unix SMB/Netbios implementation.
3 Generic infrstructure for RPC Daemons
4 Copyright (C) Simo Sorce 2010
5 Copyright (C) Andrew Bartlett 2011
6 Copyright (C) Andreas Schneider 2011
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "rpc_server/rpc_pipes.h"
24 #include "rpc_server/rpc_server.h"
25 #include "rpc_server/rpc_config.h"
27 #include "librpc/gen_ndr/netlogon.h"
28 #include "librpc/gen_ndr/auth.h"
29 #include "lib/tsocket/tsocket.h"
30 #include "libcli/named_pipe_auth/npa_tstream.h"
31 #include "../auth/auth_sam_reply.h"
33 #include "rpc_server/rpc_ncacn_np.h"
34 #include "rpc_server/srv_pipe_hnd.h"
35 #include "rpc_server/srv_pipe.h"
37 #define SERVER_TCP_LOW_PORT 1024
38 #define SERVER_TCP_HIGH_PORT 1300
40 static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx,
41 struct auth_session_info **session_info)
45 status = make_session_info_guest(mem_ctx, session_info);
46 if (!NT_STATUS_IS_OK(status)) {
53 /* Creates a pipes_struct and initializes it with the information
54 * sent from the client */
55 static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
56 struct messaging_context *msg_ctx,
57 const char *pipe_name,
58 enum dcerpc_transport_t transport,
59 bool ncalrpc_as_system,
60 const struct tsocket_address *local_address,
61 const struct tsocket_address *remote_address,
62 struct auth_session_info *session_info,
63 struct pipes_struct **_p,
66 struct pipes_struct *p;
70 ret = make_base_pipes_struct(mem_ctx, msg_ctx, pipe_name,
71 transport, RPC_LITTLE_ENDIAN,
73 remote_address, local_address, &p);
79 if (session_info->unix_token && session_info->unix_info && session_info->security_token) {
80 /* Don't call create_local_token(), we already have the full details here */
81 p->session_info = talloc_steal(p, session_info);
84 struct auth_user_info_dc *auth_user_info_dc;
85 struct auth_serversupplied_info *server_info;
86 struct netr_SamInfo3 *info3;
88 /* Fake up an auth_user_info_dc for now, to make an info3, to make the session_info structure */
89 auth_user_info_dc = talloc_zero(p, struct auth_user_info_dc);
90 if (!auth_user_info_dc) {
96 auth_user_info_dc->num_sids = session_info->security_token->num_sids;
97 auth_user_info_dc->sids = session_info->security_token->sids;
98 auth_user_info_dc->info = session_info->info;
99 auth_user_info_dc->user_session_key = session_info->session_key;
101 /* This creates the input structure that make_server_info_info3 is looking for */
102 status = auth_convert_user_info_dc_saminfo3(p, auth_user_info_dc,
105 if (!NT_STATUS_IS_OK(status)) {
106 DEBUG(1, ("Failed to convert auth_user_info_dc into netr_SamInfo3\n"));
112 status = make_server_info_info3(p,
113 info3->base.account_name.string,
114 info3->base.domain.string,
115 &server_info, info3);
116 if (!NT_STATUS_IS_OK(status)) {
117 DEBUG(1, ("Failed to init server info\n"));
124 * Some internal functions need a local token to determine access to
127 status = create_local_token(p, server_info, &session_info->session_key, info3->base.account_name.string,
129 talloc_free(server_info);
130 if (!NT_STATUS_IS_OK(status)) {
131 DEBUG(1, ("Failed to init local auth token\n"));
142 /* Start listening on the appropriate unix socket and setup all is needed to
143 * dispatch requests to the pipes rpc implementation */
145 struct dcerpc_ncacn_listen_state {
146 struct ndr_syntax_id syntax_id;
154 struct tevent_context *ev_ctx;
155 struct messaging_context *msg_ctx;
156 dcerpc_ncacn_disconnect_fn disconnect_fn;
159 static void named_pipe_listener(struct tevent_context *ev,
160 struct tevent_fd *fde,
164 int create_named_pipe_socket(const char *pipe_name)
170 * As lp_ncalrpc_dir() should have 0755, but
171 * lp_ncalrpc_dir()/np should have 0700, we need to
172 * create lp_ncalrpc_dir() first.
174 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
175 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
176 lp_ncalrpc_dir(), strerror(errno)));
180 np_dir = talloc_asprintf(talloc_tos(), "%s/np", lp_ncalrpc_dir());
182 DEBUG(0, ("Out of memory\n"));
186 if (!directory_create_or_exist(np_dir, geteuid(), 0700)) {
187 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
188 np_dir, strerror(errno)));
192 fd = create_pipe_sock(np_dir, pipe_name, 0700);
194 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
199 DEBUG(10, ("Openened pipe socket fd %d for %s\n", fd, pipe_name));
206 bool setup_named_pipe_socket(const char *pipe_name,
207 struct tevent_context *ev_ctx,
208 struct messaging_context *msg_ctx)
210 struct dcerpc_ncacn_listen_state *state;
211 struct tevent_fd *fde;
213 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
215 DEBUG(0, ("Out of memory\n"));
218 state->ep.name = talloc_strdup(state, pipe_name);
219 if (state->ep.name == NULL) {
220 DEBUG(0, ("Out of memory\n"));
223 state->fd = create_named_pipe_socket(pipe_name);
224 if (state->fd == -1) {
228 state->ev_ctx = ev_ctx;
229 state->msg_ctx = msg_ctx;
231 DEBUG(10, ("Openened pipe socket fd %d for %s\n",
232 state->fd, pipe_name));
234 fde = tevent_add_fd(ev_ctx,
235 state, state->fd, TEVENT_FD_READ,
236 named_pipe_listener, state);
238 DEBUG(0, ("Failed to add event handler!\n"));
242 tevent_fd_set_auto_close(fde);
246 if (state->fd != -1) {
253 static void named_pipe_listener(struct tevent_context *ev,
254 struct tevent_fd *fde,
258 struct dcerpc_ncacn_listen_state *state =
259 talloc_get_type_abort(private_data,
260 struct dcerpc_ncacn_listen_state);
261 struct sockaddr_un sunaddr;
265 /* TODO: should we have a limit to the number of clients ? */
267 len = sizeof(sunaddr);
269 sd = accept(state->fd,
270 (struct sockaddr *)(void *)&sunaddr, &len);
273 if (errno != EINTR) {
274 DEBUG(6, ("Failed to get a valid socket [%s]\n",
280 DEBUG(6, ("Accepted socket %d\n", sd));
282 named_pipe_accept_function(state->ev_ctx,
289 /* This is the core of the rpc server.
290 * Accepts connections from clients and process requests using the appropriate
291 * dispatcher table. */
293 struct named_pipe_client {
294 const char *pipe_name;
296 struct tevent_context *ev;
297 struct messaging_context *msg_ctx;
300 uint16_t device_state;
301 uint64_t allocation_size;
303 struct tstream_context *tstream;
305 struct tsocket_address *client;
307 struct tsocket_address *server;
310 struct auth_session_info *session_info;
312 struct pipes_struct *p;
314 struct tevent_queue *write_queue;
319 named_pipe_termination_fn *term_fn;
323 static int named_pipe_destructor(struct named_pipe_client *npc)
326 npc->term_fn(npc->private_data);
331 static void named_pipe_accept_done(struct tevent_req *subreq);
333 void named_pipe_accept_function(struct tevent_context *ev_ctx,
334 struct messaging_context *msg_ctx,
335 const char *pipe_name, int fd,
336 named_pipe_termination_fn *term_fn,
339 struct named_pipe_client *npc;
340 struct tstream_context *plain;
341 struct tevent_req *subreq;
344 npc = talloc_zero(ev_ctx, struct named_pipe_client);
346 DEBUG(0, ("Out of memory!\n"));
351 npc->pipe_name = talloc_strdup(npc, pipe_name);
352 if (npc->pipe_name == NULL) {
353 DEBUG(0, ("Out of memory!\n"));
359 npc->msg_ctx = msg_ctx;
360 npc->term_fn = term_fn;
361 npc->private_data = private_data;
363 talloc_set_destructor(npc, named_pipe_destructor);
365 /* make sure socket is in NON blocking state */
366 ret = set_blocking(fd, false);
368 DEBUG(2, ("Failed to make socket non-blocking\n"));
374 ret = tstream_bsd_existing_socket(npc, fd, &plain);
376 DEBUG(2, ("Failed to create tstream socket\n"));
382 npc->file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
383 npc->device_state = 0xff | 0x0400 | 0x0100;
384 npc->allocation_size = 4096;
386 subreq = tstream_npa_accept_existing_send(npc, npc->ev, plain,
389 npc->allocation_size);
391 DEBUG(2, ("Failed to start async accept procedure\n"));
396 tevent_req_set_callback(subreq, named_pipe_accept_done, npc);
399 static void named_pipe_packet_process(struct tevent_req *subreq);
400 static void named_pipe_packet_done(struct tevent_req *subreq);
402 static void named_pipe_accept_done(struct tevent_req *subreq)
404 struct auth_session_info_transport *session_info_transport;
405 struct named_pipe_client *npc =
406 tevent_req_callback_data(subreq, struct named_pipe_client);
410 ret = tstream_npa_accept_existing_recv(subreq, &error, npc,
416 &session_info_transport);
418 npc->session_info = talloc_move(npc, &session_info_transport->session_info);
422 DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
428 ret = make_server_pipes_struct(npc,
430 npc->pipe_name, NCACN_NP,
431 false, npc->server, npc->client, npc->session_info,
434 DEBUG(2, ("Failed to create pipes_struct! (%s)\n",
439 npc->write_queue = tevent_queue_create(npc, "np_server_write_queue");
440 if (!npc->write_queue) {
441 DEBUG(2, ("Failed to set up write queue!\n"));
445 /* And now start receiving and processing packets */
446 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
448 DEBUG(2, ("Failed to start receving packets\n"));
451 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
455 DEBUG(2, ("Fatal error. Terminating client(%s) connection!\n",
457 /* terminate client connection */
462 static void named_pipe_packet_process(struct tevent_req *subreq)
464 struct named_pipe_client *npc =
465 tevent_req_callback_data(subreq, struct named_pipe_client);
466 struct _output_data *out = &npc->p->out_data;
467 DATA_BLOB recv_buffer = data_blob_null;
468 struct ncacn_packet *pkt;
477 status = dcerpc_read_ncacn_packet_recv(subreq, npc, &pkt, &recv_buffer);
479 if (!NT_STATUS_IS_OK(status)) {
483 data_left = recv_buffer.length;
484 data = (char *)recv_buffer.data;
488 data_used = process_incoming_data(npc->p, data, data_left);
490 DEBUG(3, ("Failed to process dceprc request!\n"));
491 status = NT_STATUS_UNEXPECTED_IO_ERROR;
495 data_left -= data_used;
499 /* Do not leak this buffer, npc is a long lived context */
500 talloc_free(recv_buffer.data);
503 /* this is needed because of the way DCERPC Binds work in
504 * the RPC marshalling code */
505 to_send = out->frag.length - out->current_pdu_sent;
508 npc->iov = talloc_zero(npc, struct iovec);
510 status = NT_STATUS_NO_MEMORY;
515 npc->iov[0].iov_base = out->frag.data
516 + out->current_pdu_sent;
517 npc->iov[0].iov_len = to_send;
519 out->current_pdu_sent += to_send;
522 /* this condition is false for bind packets, or when we haven't
523 * yet got a full request, and need to wait for more data from
525 while (out->data_sent_length < out->rdata.length) {
527 ok = create_next_pdu(npc->p);
529 DEBUG(3, ("Failed to create next PDU!\n"));
530 status = NT_STATUS_UNEXPECTED_IO_ERROR;
534 npc->iov = talloc_realloc(npc, npc->iov,
535 struct iovec, npc->count + 1);
537 status = NT_STATUS_NO_MEMORY;
541 npc->iov[npc->count].iov_base = out->frag.data;
542 npc->iov[npc->count].iov_len = out->frag.length;
547 /* we still don't have a complete request, go back and wait for more
549 if (npc->count == 0) {
550 /* Wait for the next packet */
551 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
553 DEBUG(2, ("Failed to start receving packets\n"));
554 status = NT_STATUS_NO_MEMORY;
557 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
561 DEBUG(10, ("Sending %u fragments in a total of %u bytes\n",
562 (unsigned int)npc->count,
563 (unsigned int)npc->p->out_data.data_sent_length));
565 for (i = 0; i < npc->count; i++) {
566 DEBUG(10, ("Sending PDU number: %d, PDU Length: %u\n",
568 (unsigned int)npc->iov[i].iov_len));
569 dump_data(11, (const uint8_t *)npc->iov[i].iov_base,
570 npc->iov[i].iov_len);
572 subreq = tstream_writev_queue_send(npc,
579 DEBUG(2, ("Failed to send packet\n"));
580 status = NT_STATUS_NO_MEMORY;
583 tevent_req_set_callback(subreq, named_pipe_packet_done, npc);
589 DEBUG(2, ("Fatal error(%s). "
590 "Terminating client(%s) connection!\n",
591 nt_errstr(status), npc->client_name));
592 /* terminate client connection */
597 static void named_pipe_packet_done(struct tevent_req *subreq)
599 struct named_pipe_client *npc =
600 tevent_req_callback_data(subreq, struct named_pipe_client);
604 ret = tstream_writev_queue_recv(subreq, &sys_errno);
607 DEBUG(2, ("Writev failed!\n"));
611 if (tevent_queue_length(npc->write_queue) > 0) {
615 /* clear out any data that may have been left around */
617 TALLOC_FREE(npc->iov);
618 data_blob_free(&npc->p->in_data.data);
619 data_blob_free(&npc->p->out_data.frag);
620 data_blob_free(&npc->p->out_data.rdata);
622 talloc_free_children(npc->p->mem_ctx);
624 /* Wait for the next packet */
625 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
627 DEBUG(2, ("Failed to start receving packets\n"));
631 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
635 DEBUG(2, ("Fatal error(%s). "
636 "Terminating client(%s) connection!\n",
637 strerror(sys_errno), npc->client_name));
638 /* terminate client connection */
643 /********************************************************************
644 * Start listening on the tcp/ip socket
645 ********************************************************************/
647 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
648 struct tevent_fd *fde,
652 int create_tcpip_socket(const struct sockaddr_storage *ifss, uint16_t *port)
659 for (i = SERVER_TCP_LOW_PORT; i <= SERVER_TCP_HIGH_PORT; i++) {
660 fd = open_socket_in(SOCK_STREAM,
671 fd = open_socket_in(SOCK_STREAM,
678 DEBUG(0, ("Failed to create socket on port %u!\n", *port));
682 DEBUG(10, ("Opened tcpip socket fd %d for port %u\n", fd, *port));
687 uint16_t setup_dcerpc_ncacn_tcpip_socket(struct tevent_context *ev_ctx,
688 struct messaging_context *msg_ctx,
689 const struct sockaddr_storage *ifss,
692 struct dcerpc_ncacn_listen_state *state;
693 struct tevent_fd *fde;
696 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
698 DEBUG(0, ("setup_dcerpc_ncacn_tcpip_socket: Out of memory\n"));
703 state->ep.port = port;
704 state->disconnect_fn = NULL;
706 state->fd = create_tcpip_socket(ifss, &state->ep.port);
707 if (state->fd == -1) {
711 state->ev_ctx = ev_ctx;
712 state->msg_ctx = msg_ctx;
714 /* ready to listen */
715 set_socket_options(state->fd, "SO_KEEPALIVE");
716 set_socket_options(state->fd, lp_socket_options());
718 /* Set server socket to non-blocking for the accept. */
719 set_blocking(state->fd, false);
721 rc = listen(state->fd, SMBD_LISTEN_BACKLOG);
723 DEBUG(0,("setup_tcpip_socket: listen - %s\n", strerror(errno)));
727 DEBUG(10, ("setup_tcpip_socket: openened socket fd %d for port %u\n",
728 state->fd, state->ep.port));
730 fde = tevent_add_fd(state->ev_ctx,
734 dcerpc_ncacn_tcpip_listener,
737 DEBUG(0, ("setup_tcpip_socket: Failed to add event handler!\n"));
741 tevent_fd_set_auto_close(fde);
743 return state->ep.port;
745 if (state->fd != -1) {
753 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
754 struct tevent_fd *fde,
758 struct dcerpc_ncacn_listen_state *state =
759 talloc_get_type_abort(private_data,
760 struct dcerpc_ncacn_listen_state);
761 struct tsocket_address *cli_addr = NULL;
762 struct tsocket_address *srv_addr = NULL;
763 struct sockaddr_storage addr;
764 socklen_t in_addrlen = sizeof(addr);
768 s = accept(state->fd, (struct sockaddr *)(void *) &addr, &in_addrlen);
770 if (errno != EINTR) {
771 DEBUG(0,("tcpip_listener accept: %s\n",
777 rc = tsocket_address_bsd_from_sockaddr(state,
778 (struct sockaddr *)(void *) &addr,
786 rc = getsockname(s, (struct sockaddr *)(void *) &addr, &in_addrlen);
792 rc = tsocket_address_bsd_from_sockaddr(state,
793 (struct sockaddr *)(void *) &addr,
801 DEBUG(6, ("tcpip_listener: Accepted socket %d\n", s));
803 dcerpc_ncacn_accept(state->ev_ctx,
813 /********************************************************************
814 * Start listening on the ncalrpc socket
815 ********************************************************************/
817 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
818 struct tevent_fd *fde,
822 bool setup_dcerpc_ncalrpc_socket(struct tevent_context *ev_ctx,
823 struct messaging_context *msg_ctx,
825 dcerpc_ncacn_disconnect_fn fn)
827 struct dcerpc_ncacn_listen_state *state;
828 struct tevent_fd *fde;
830 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
832 DEBUG(0, ("Out of memory\n"));
837 state->disconnect_fn = fn;
842 state->ep.name = talloc_strdup(state, name);
844 if (state->ep.name == NULL) {
845 DEBUG(0, ("Out of memory\n"));
850 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
851 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
852 lp_ncalrpc_dir(), strerror(errno)));
856 state->fd = create_pipe_sock(lp_ncalrpc_dir(), name, 0755);
857 if (state->fd == -1) {
858 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
859 lp_ncalrpc_dir(), name));
863 DEBUG(10, ("Openened pipe socket fd %d for %s\n", state->fd, name));
865 state->ev_ctx = ev_ctx;
866 state->msg_ctx = msg_ctx;
868 /* Set server socket to non-blocking for the accept. */
869 set_blocking(state->fd, false);
871 fde = tevent_add_fd(state->ev_ctx,
875 dcerpc_ncalrpc_listener,
878 DEBUG(0, ("Failed to add event handler for ncalrpc!\n"));
882 tevent_fd_set_auto_close(fde);
886 if (state->fd != -1) {
894 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
895 struct tevent_fd *fde,
899 struct dcerpc_ncacn_listen_state *state =
900 talloc_get_type_abort(private_data,
901 struct dcerpc_ncacn_listen_state);
902 struct tsocket_address *cli_addr = NULL;
903 struct sockaddr_un sunaddr;
904 struct sockaddr *addr = (struct sockaddr *)(void *)&sunaddr;
905 socklen_t len = sizeof(sunaddr);
909 ZERO_STRUCT(sunaddr);
911 sd = accept(state->fd, addr, &len);
913 if (errno != EINTR) {
914 DEBUG(0, ("ncalrpc accept() failed: %s\n", strerror(errno)));
919 rc = tsocket_address_bsd_from_sockaddr(state,
927 DEBUG(10, ("Accepted ncalrpc socket %d\n", sd));
929 dcerpc_ncacn_accept(state->ev_ctx,
934 state->disconnect_fn);
937 struct dcerpc_ncacn_conn {
938 enum dcerpc_transport_t transport;
942 struct pipes_struct *p;
943 dcerpc_ncacn_disconnect_fn disconnect_fn;
945 struct tevent_context *ev_ctx;
946 struct messaging_context *msg_ctx;
948 struct tstream_context *tstream;
949 struct tevent_queue *send_queue;
951 struct tsocket_address *client;
953 struct tsocket_address *server;
955 struct auth_session_info *session_info;
961 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq);
962 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq);
964 void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
965 struct messaging_context *msg_ctx,
966 enum dcerpc_transport_t transport,
968 struct tsocket_address *cli_addr,
969 struct tsocket_address *srv_addr,
971 dcerpc_ncacn_disconnect_fn fn) {
972 struct dcerpc_ncacn_conn *ncacn_conn;
973 struct tevent_req *subreq;
974 bool system_user = false;
981 DEBUG(10, ("dcerpc_ncacn_accept\n"));
983 ncacn_conn = talloc_zero(ev_ctx, struct dcerpc_ncacn_conn);
984 if (ncacn_conn == NULL) {
985 DEBUG(0, ("Out of memory!\n"));
990 ncacn_conn->transport = transport;
991 ncacn_conn->ev_ctx = ev_ctx;
992 ncacn_conn->msg_ctx = msg_ctx;
993 ncacn_conn->sock = s;
994 ncacn_conn->disconnect_fn = fn;
996 ncacn_conn->client = talloc_move(ncacn_conn, &cli_addr);
997 if (tsocket_address_is_inet(ncacn_conn->client, "ip")) {
998 ncacn_conn->client_name =
999 tsocket_address_inet_addr_string(ncacn_conn->client,
1002 ncacn_conn->client_name =
1003 tsocket_address_unix_path(ncacn_conn->client,
1006 if (ncacn_conn->client_name == NULL) {
1007 DEBUG(0, ("Out of memory!\n"));
1008 talloc_free(ncacn_conn);
1013 if (srv_addr != NULL) {
1014 ncacn_conn->server = talloc_move(ncacn_conn, &srv_addr);
1016 ncacn_conn->server_name =
1017 tsocket_address_inet_addr_string(ncacn_conn->server,
1019 if (ncacn_conn->server_name == NULL) {
1020 DEBUG(0, ("Out of memory!\n"));
1021 talloc_free(ncacn_conn);
1027 switch (transport) {
1029 pipe_name = tsocket_address_string(ncacn_conn->client,
1031 if (pipe_name == NULL) {
1033 talloc_free(ncacn_conn);
1039 rc = sys_getpeereid(s, &uid);
1041 DEBUG(2, ("Failed to get ncalrpc connecting uid!"));
1043 if (uid == sec_initial_uid()) {
1048 pipe_name = talloc_strdup(ncacn_conn,
1050 if (pipe_name == NULL) {
1052 talloc_free(ncacn_conn);
1057 DEBUG(0, ("unknown dcerpc transport: %u!\n",
1059 talloc_free(ncacn_conn);
1064 rc = set_blocking(s, false);
1066 DEBUG(2, ("Failed to set dcerpc socket to non-blocking\n"));
1067 talloc_free(ncacn_conn);
1073 * As soon as we have tstream_bsd_existing_socket set up it will
1074 * take care of closing the socket.
1076 rc = tstream_bsd_existing_socket(ncacn_conn, s, &ncacn_conn->tstream);
1078 DEBUG(2, ("Failed to create tstream socket for dcerpc\n"));
1079 talloc_free(ncacn_conn);
1084 if (ncacn_conn->session_info == NULL) {
1085 status = auth_anonymous_session_info(ncacn_conn,
1086 &ncacn_conn->session_info);
1087 if (!NT_STATUS_IS_OK(status)) {
1088 DEBUG(2, ("Failed to create "
1089 "auth_anonymous_session_info - %s\n",
1090 nt_errstr(status)));
1091 talloc_free(ncacn_conn);
1096 rc = make_server_pipes_struct(ncacn_conn,
1097 ncacn_conn->msg_ctx,
1099 ncacn_conn->transport,
1103 ncacn_conn->session_info,
1107 DEBUG(2, ("Failed to create pipe struct - %s",
1108 strerror(sys_errno)));
1109 talloc_free(ncacn_conn);
1113 ncacn_conn->send_queue = tevent_queue_create(ncacn_conn,
1114 "dcerpc send queue");
1115 if (ncacn_conn->send_queue == NULL) {
1116 DEBUG(0, ("Out of memory!\n"));
1117 talloc_free(ncacn_conn);
1121 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1123 ncacn_conn->tstream);
1124 if (subreq == NULL) {
1125 DEBUG(2, ("Failed to send ncacn packet\n"));
1126 talloc_free(ncacn_conn);
1130 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1132 DEBUG(10, ("dcerpc_ncacn_accept done\n"));
1137 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq)
1139 struct dcerpc_ncacn_conn *ncacn_conn =
1140 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1142 struct _output_data *out = &ncacn_conn->p->out_data;
1143 DATA_BLOB recv_buffer = data_blob_null;
1144 struct ncacn_packet *pkt;
1152 status = dcerpc_read_ncacn_packet_recv(subreq, ncacn_conn, &pkt, &recv_buffer);
1153 TALLOC_FREE(subreq);
1154 if (!NT_STATUS_IS_OK(status)) {
1155 if (ncacn_conn->disconnect_fn != NULL) {
1156 ok = ncacn_conn->disconnect_fn(ncacn_conn->p);
1158 DEBUG(3, ("Failed to call disconnect function\n"));
1164 data_left = recv_buffer.length;
1165 data = (char *) recv_buffer.data;
1168 data_used = process_incoming_data(ncacn_conn->p, data, data_left);
1169 if (data_used < 0) {
1170 DEBUG(3, ("Failed to process dcerpc request!\n"));
1171 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1175 data_left -= data_used;
1179 /* Do not leak this buffer */
1180 talloc_free(recv_buffer.data);
1184 * This is needed because of the way DCERPC binds work in the RPC
1187 to_send = out->frag.length - out->current_pdu_sent;
1190 DEBUG(10, ("Current_pdu_len = %u, "
1191 "current_pdu_sent = %u "
1192 "Returning %u bytes\n",
1193 (unsigned int)out->frag.length,
1194 (unsigned int)out->current_pdu_sent,
1195 (unsigned int)to_send));
1197 ncacn_conn->iov = talloc_zero(ncacn_conn, struct iovec);
1198 if (ncacn_conn->iov == NULL) {
1199 status = NT_STATUS_NO_MEMORY;
1200 DEBUG(3, ("Out of memory!\n"));
1203 ncacn_conn->count = 1;
1205 ncacn_conn->iov[0].iov_base = out->frag.data
1206 + out->current_pdu_sent;
1207 ncacn_conn->iov[0].iov_len = to_send;
1209 out->current_pdu_sent += to_send;
1213 * This condition is false for bind packets, or when we haven't yet got
1214 * a full request, and need to wait for more data from the client
1216 while (out->data_sent_length < out->rdata.length) {
1217 ok = create_next_pdu(ncacn_conn->p);
1219 DEBUG(3, ("Failed to create next PDU!\n"));
1220 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1224 ncacn_conn->iov = talloc_realloc(ncacn_conn,
1227 ncacn_conn->count + 1);
1228 if (ncacn_conn->iov == NULL) {
1229 DEBUG(3, ("Out of memory!\n"));
1230 status = NT_STATUS_NO_MEMORY;
1234 ncacn_conn->iov[ncacn_conn->count].iov_base = out->frag.data;
1235 ncacn_conn->iov[ncacn_conn->count].iov_len = out->frag.length;
1237 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
1238 (unsigned int) ncacn_conn->count,
1239 (unsigned int) ncacn_conn->iov[ncacn_conn->count].iov_len));
1240 dump_data(11, (const uint8_t *) ncacn_conn->iov[ncacn_conn->count].iov_base,
1241 ncacn_conn->iov[ncacn_conn->count].iov_len);
1242 ncacn_conn->count++;
1246 * We still don't have a complete request, go back and wait for more
1249 if (ncacn_conn->count == 0) {
1250 /* Wait for the next packet */
1251 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1253 ncacn_conn->tstream);
1254 if (subreq == NULL) {
1255 DEBUG(2, ("Failed to start receving packets\n"));
1256 status = NT_STATUS_NO_MEMORY;
1259 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1263 DEBUG(10, ("Sending a total of %u bytes\n",
1264 (unsigned int)ncacn_conn->p->out_data.data_sent_length));
1266 subreq = tstream_writev_queue_send(ncacn_conn,
1268 ncacn_conn->tstream,
1269 ncacn_conn->send_queue,
1272 if (subreq == NULL) {
1273 DEBUG(2, ("Failed to send packet\n"));
1274 status = NT_STATUS_NO_MEMORY;
1278 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_done, ncacn_conn);
1282 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1283 ncacn_conn->client_name, nt_errstr(status)));
1285 /* Terminate client connection */
1286 talloc_free(ncacn_conn);
1290 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq)
1292 struct dcerpc_ncacn_conn *ncacn_conn =
1293 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1294 NTSTATUS status = NT_STATUS_OK;
1298 rc = tstream_writev_queue_recv(subreq, &sys_errno);
1299 TALLOC_FREE(subreq);
1301 DEBUG(2, ("Writev failed!\n"));
1302 status = map_nt_error_from_unix(sys_errno);
1306 /* clear out any data that may have been left around */
1307 ncacn_conn->count = 0;
1308 TALLOC_FREE(ncacn_conn->iov);
1309 data_blob_free(&ncacn_conn->p->in_data.data);
1310 data_blob_free(&ncacn_conn->p->out_data.frag);
1311 data_blob_free(&ncacn_conn->p->out_data.rdata);
1313 talloc_free_children(ncacn_conn->p->mem_ctx);
1315 /* Wait for the next packet */
1316 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1318 ncacn_conn->tstream);
1319 if (subreq == NULL) {
1320 DEBUG(2, ("Failed to start receving packets\n"));
1321 status = NT_STATUS_NO_MEMORY;
1325 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1329 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1330 ncacn_conn->client_name, nt_errstr(status)));
1332 /* Terminate client connection */
1333 talloc_free(ncacn_conn);
1337 /* vim: set ts=8 sw=8 noet cindent syntax=c.doxygen: */