2 Unix SMB/Netbios implementation.
3 Generic infrstructure for RPC Daemons
4 Copyright (C) Simo Sorce 2010
5 Copyright (C) Andrew Bartlett 2011
6 Copyright (C) Andreas Schneider 2011
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "rpc_server/rpc_pipes.h"
24 #include "rpc_server/rpc_server.h"
25 #include "rpc_server/rpc_config.h"
27 #include "librpc/gen_ndr/netlogon.h"
28 #include "librpc/gen_ndr/auth.h"
29 #include "lib/tsocket/tsocket.h"
30 #include "libcli/named_pipe_auth/npa_tstream.h"
31 #include "../auth/auth_sam_reply.h"
33 #include "rpc_server/rpc_ncacn_np.h"
34 #include "rpc_server/srv_pipe_hnd.h"
35 #include "rpc_server/srv_pipe.h"
37 #define SERVER_TCP_LOW_PORT 1024
38 #define SERVER_TCP_HIGH_PORT 1300
40 static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx,
41 struct auth_session_info **session_info)
45 status = make_session_info_guest(mem_ctx, session_info);
46 if (!NT_STATUS_IS_OK(status)) {
53 /* Creates a pipes_struct and initializes it with the information
54 * sent from the client */
55 int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
56 struct messaging_context *msg_ctx,
57 const char *pipe_name,
58 enum dcerpc_transport_t transport,
59 bool ncalrpc_as_system,
60 const struct tsocket_address *local_address,
61 const struct tsocket_address *remote_address,
62 struct auth_session_info *session_info,
63 struct pipes_struct **_p,
66 struct pipes_struct *p;
69 ret = make_base_pipes_struct(mem_ctx, msg_ctx, pipe_name,
70 transport, RPC_LITTLE_ENDIAN,
72 remote_address, local_address, &p);
78 if (session_info->unix_token && session_info->unix_info && session_info->security_token) {
79 /* Don't call create_local_token(), we already have the full details here */
80 p->session_info = talloc_steal(p, session_info);
83 DEBUG(0, ("Supplied session_info in make_server_pipes_struct was incomplete!"));
92 /* Start listening on the appropriate unix socket and setup all is needed to
93 * dispatch requests to the pipes rpc implementation */
95 struct dcerpc_ncacn_listen_state {
96 struct ndr_syntax_id syntax_id;
104 struct tevent_context *ev_ctx;
105 struct messaging_context *msg_ctx;
106 dcerpc_ncacn_disconnect_fn disconnect_fn;
109 static void named_pipe_listener(struct tevent_context *ev,
110 struct tevent_fd *fde,
114 int create_named_pipe_socket(const char *pipe_name)
120 * As lp_ncalrpc_dir() should have 0755, but
121 * lp_ncalrpc_dir()/np should have 0700, we need to
122 * create lp_ncalrpc_dir() first.
124 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
125 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
126 lp_ncalrpc_dir(), strerror(errno)));
130 np_dir = talloc_asprintf(talloc_tos(), "%s/np", lp_ncalrpc_dir());
132 DEBUG(0, ("Out of memory\n"));
136 if (!directory_create_or_exist_strict(np_dir, geteuid(), 0700)) {
137 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
138 np_dir, strerror(errno)));
142 fd = create_pipe_sock(np_dir, pipe_name, 0700);
144 DEBUG(0, ("Failed to create pipe socket! [%s/%s]\n",
149 DEBUG(10, ("Openened pipe socket fd %d for %s\n", fd, pipe_name));
156 bool setup_named_pipe_socket(const char *pipe_name,
157 struct tevent_context *ev_ctx,
158 struct messaging_context *msg_ctx)
160 struct dcerpc_ncacn_listen_state *state;
161 struct tevent_fd *fde;
164 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
166 DEBUG(0, ("Out of memory\n"));
169 state->ep.name = talloc_strdup(state, pipe_name);
170 if (state->ep.name == NULL) {
171 DEBUG(0, ("Out of memory\n"));
174 state->fd = create_named_pipe_socket(pipe_name);
175 if (state->fd == -1) {
179 rc = listen(state->fd, 5);
181 DEBUG(0, ("Failed to listen on pipe socket %s: %s\n",
182 pipe_name, strerror(errno)));
186 state->ev_ctx = ev_ctx;
187 state->msg_ctx = msg_ctx;
189 DEBUG(10, ("Openened pipe socket fd %d for %s\n",
190 state->fd, pipe_name));
192 fde = tevent_add_fd(ev_ctx,
193 state, state->fd, TEVENT_FD_READ,
194 named_pipe_listener, state);
196 DEBUG(0, ("Failed to add event handler!\n"));
200 tevent_fd_set_auto_close(fde);
204 if (state->fd != -1) {
211 static void named_pipe_listener(struct tevent_context *ev,
212 struct tevent_fd *fde,
216 struct dcerpc_ncacn_listen_state *state =
217 talloc_get_type_abort(private_data,
218 struct dcerpc_ncacn_listen_state);
219 struct sockaddr_un sunaddr;
223 /* TODO: should we have a limit to the number of clients ? */
225 len = sizeof(sunaddr);
227 sd = accept(state->fd,
228 (struct sockaddr *)(void *)&sunaddr, &len);
231 if (errno != EINTR) {
232 DEBUG(6, ("Failed to get a valid socket [%s]\n",
238 DEBUG(6, ("Accepted socket %d\n", sd));
240 named_pipe_accept_function(state->ev_ctx,
247 /* This is the core of the rpc server.
248 * Accepts connections from clients and process requests using the appropriate
249 * dispatcher table. */
251 static int named_pipe_destructor(struct named_pipe_client *npc)
254 npc->term_fn(npc->private_data);
259 struct named_pipe_client *named_pipe_client_init(TALLOC_CTX *mem_ctx,
260 struct tevent_context *ev_ctx,
261 struct messaging_context *msg_ctx,
262 const char *pipe_name,
263 named_pipe_termination_fn *term_fn,
265 uint16_t device_state,
266 uint64_t allocation_size,
269 struct named_pipe_client *npc;
271 npc = talloc_zero(mem_ctx, struct named_pipe_client);
273 DEBUG(0, ("Out of memory!\n"));
276 talloc_set_destructor(npc, named_pipe_destructor);
278 npc->pipe_name = talloc_strdup(npc, pipe_name);
279 if (npc->pipe_name == NULL) {
280 DEBUG(0, ("Out of memory!\n"));
286 npc->msg_ctx = msg_ctx;
287 npc->term_fn = term_fn;
288 npc->private_data = private_data;
290 npc->file_type = file_type;
291 npc->device_state = device_state;
292 npc->allocation_size = allocation_size;
297 static void named_pipe_accept_done(struct tevent_req *subreq);
299 void named_pipe_accept_function(struct tevent_context *ev_ctx,
300 struct messaging_context *msg_ctx,
301 const char *pipe_name, int fd,
302 named_pipe_termination_fn *term_fn,
305 struct named_pipe_client *npc;
306 struct tstream_context *plain;
307 struct tevent_req *subreq;
310 npc = talloc_zero(ev_ctx, struct named_pipe_client);
312 DEBUG(0, ("Out of memory!\n"));
317 npc->pipe_name = talloc_strdup(npc, pipe_name);
318 if (npc->pipe_name == NULL) {
319 DEBUG(0, ("Out of memory!\n"));
325 npc->msg_ctx = msg_ctx;
326 npc->term_fn = term_fn;
327 npc->private_data = private_data;
329 talloc_set_destructor(npc, named_pipe_destructor);
331 /* make sure socket is in NON blocking state */
332 ret = set_blocking(fd, false);
334 DEBUG(2, ("Failed to make socket non-blocking\n"));
340 ret = tstream_bsd_existing_socket(npc, fd, &plain);
342 DEBUG(2, ("Failed to create tstream socket\n"));
348 npc->file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
349 npc->device_state = 0xff | 0x0400 | 0x0100;
350 npc->allocation_size = 4096;
352 subreq = tstream_npa_accept_existing_send(npc, npc->ev, plain,
355 npc->allocation_size);
357 DEBUG(2, ("Failed to start async accept procedure\n"));
362 tevent_req_set_callback(subreq, named_pipe_accept_done, npc);
365 static void named_pipe_packet_done(struct tevent_req *subreq);
367 static void named_pipe_accept_done(struct tevent_req *subreq)
369 struct auth_session_info_transport *session_info_transport;
370 struct named_pipe_client *npc =
371 tevent_req_callback_data(subreq, struct named_pipe_client);
375 ret = tstream_npa_accept_existing_recv(subreq, &error, npc,
381 &session_info_transport);
383 npc->session_info = talloc_move(npc, &session_info_transport->session_info);
387 DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
393 ret = make_server_pipes_struct(npc,
395 npc->pipe_name, NCACN_NP,
396 false, npc->server, npc->client, npc->session_info,
399 DEBUG(2, ("Failed to create pipes_struct! (%s)\n",
404 npc->write_queue = tevent_queue_create(npc, "np_server_write_queue");
405 if (!npc->write_queue) {
406 DEBUG(2, ("Failed to set up write queue!\n"));
410 /* And now start receiving and processing packets */
411 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
413 DEBUG(2, ("Failed to start receving packets\n"));
416 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
420 DEBUG(2, ("Fatal error. Terminating client(%s) connection!\n",
422 /* terminate client connection */
427 void named_pipe_packet_process(struct tevent_req *subreq)
429 struct named_pipe_client *npc =
430 tevent_req_callback_data(subreq, struct named_pipe_client);
431 struct _output_data *out = &npc->p->out_data;
432 DATA_BLOB recv_buffer = data_blob_null;
433 struct ncacn_packet *pkt;
442 status = dcerpc_read_ncacn_packet_recv(subreq, npc, &pkt, &recv_buffer);
444 if (!NT_STATUS_IS_OK(status)) {
448 data_left = recv_buffer.length;
449 data = (char *)recv_buffer.data;
453 data_used = process_incoming_data(npc->p, data, data_left);
455 DEBUG(3, ("Failed to process dceprc request!\n"));
456 status = NT_STATUS_UNEXPECTED_IO_ERROR;
460 data_left -= data_used;
464 /* Do not leak this buffer, npc is a long lived context */
465 talloc_free(recv_buffer.data);
468 /* this is needed because of the way DCERPC Binds work in
469 * the RPC marshalling code */
470 to_send = out->frag.length - out->current_pdu_sent;
473 npc->iov = talloc_zero(npc, struct iovec);
475 status = NT_STATUS_NO_MEMORY;
480 npc->iov[0].iov_base = out->frag.data
481 + out->current_pdu_sent;
482 npc->iov[0].iov_len = to_send;
484 out->current_pdu_sent += to_send;
487 /* this condition is false for bind packets, or when we haven't
488 * yet got a full request, and need to wait for more data from
490 while (out->data_sent_length < out->rdata.length) {
492 ok = create_next_pdu(npc->p);
494 DEBUG(3, ("Failed to create next PDU!\n"));
495 status = NT_STATUS_UNEXPECTED_IO_ERROR;
499 npc->iov = talloc_realloc(npc, npc->iov,
500 struct iovec, npc->count + 1);
502 status = NT_STATUS_NO_MEMORY;
506 npc->iov[npc->count].iov_base = out->frag.data;
507 npc->iov[npc->count].iov_len = out->frag.length;
512 /* we still don't have a complete request, go back and wait for more
514 if (npc->count == 0) {
515 /* Wait for the next packet */
516 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
518 DEBUG(2, ("Failed to start receving packets\n"));
519 status = NT_STATUS_NO_MEMORY;
522 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
526 DEBUG(10, ("Sending %u fragments in a total of %u bytes\n",
527 (unsigned int)npc->count,
528 (unsigned int)npc->p->out_data.data_sent_length));
530 for (i = 0; i < npc->count; i++) {
531 DEBUG(10, ("Sending PDU number: %d, PDU Length: %u\n",
533 (unsigned int)npc->iov[i].iov_len));
534 dump_data(11, (const uint8_t *)npc->iov[i].iov_base,
535 npc->iov[i].iov_len);
537 subreq = tstream_writev_queue_send(npc,
544 DEBUG(2, ("Failed to send packet\n"));
545 status = NT_STATUS_NO_MEMORY;
548 tevent_req_set_callback(subreq, named_pipe_packet_done, npc);
554 DEBUG(2, ("Fatal error(%s). "
555 "Terminating client(%s) connection!\n",
556 nt_errstr(status), npc->client_name));
557 /* terminate client connection */
562 static void named_pipe_packet_done(struct tevent_req *subreq)
564 struct named_pipe_client *npc =
565 tevent_req_callback_data(subreq, struct named_pipe_client);
569 ret = tstream_writev_queue_recv(subreq, &sys_errno);
572 DEBUG(2, ("Writev failed!\n"));
576 if (tevent_queue_length(npc->write_queue) > 0) {
580 /* clear out any data that may have been left around */
582 TALLOC_FREE(npc->iov);
583 data_blob_free(&npc->p->in_data.data);
584 data_blob_free(&npc->p->out_data.frag);
585 data_blob_free(&npc->p->out_data.rdata);
587 talloc_free_children(npc->p->mem_ctx);
589 /* Wait for the next packet */
590 subreq = dcerpc_read_ncacn_packet_send(npc, npc->ev, npc->tstream);
592 DEBUG(2, ("Failed to start receving packets\n"));
596 tevent_req_set_callback(subreq, named_pipe_packet_process, npc);
600 DEBUG(2, ("Fatal error(%s). "
601 "Terminating client(%s) connection!\n",
602 strerror(sys_errno), npc->client_name));
603 /* terminate client connection */
608 /********************************************************************
609 * Start listening on the tcp/ip socket
610 ********************************************************************/
612 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
613 struct tevent_fd *fde,
617 int create_tcpip_socket(const struct sockaddr_storage *ifss, uint16_t *port)
624 for (i = SERVER_TCP_LOW_PORT; i <= SERVER_TCP_HIGH_PORT; i++) {
625 fd = open_socket_in(SOCK_STREAM,
636 fd = open_socket_in(SOCK_STREAM,
643 DEBUG(0, ("Failed to create socket on port %u!\n", *port));
647 DEBUG(10, ("Opened tcpip socket fd %d for port %u\n", fd, *port));
652 uint16_t setup_dcerpc_ncacn_tcpip_socket(struct tevent_context *ev_ctx,
653 struct messaging_context *msg_ctx,
654 const struct sockaddr_storage *ifss,
657 struct dcerpc_ncacn_listen_state *state;
658 struct tevent_fd *fde;
661 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
663 DEBUG(0, ("setup_dcerpc_ncacn_tcpip_socket: Out of memory\n"));
668 state->ep.port = port;
669 state->disconnect_fn = NULL;
671 state->fd = create_tcpip_socket(ifss, &state->ep.port);
672 if (state->fd == -1) {
676 state->ev_ctx = ev_ctx;
677 state->msg_ctx = msg_ctx;
679 /* ready to listen */
680 set_socket_options(state->fd, "SO_KEEPALIVE");
681 set_socket_options(state->fd, lp_socket_options());
683 /* Set server socket to non-blocking for the accept. */
684 set_blocking(state->fd, false);
686 rc = listen(state->fd, SMBD_LISTEN_BACKLOG);
688 DEBUG(0,("setup_tcpip_socket: listen - %s\n", strerror(errno)));
692 DEBUG(10, ("setup_tcpip_socket: openened socket fd %d for port %u\n",
693 state->fd, state->ep.port));
695 fde = tevent_add_fd(state->ev_ctx,
699 dcerpc_ncacn_tcpip_listener,
702 DEBUG(0, ("setup_tcpip_socket: Failed to add event handler!\n"));
706 tevent_fd_set_auto_close(fde);
708 return state->ep.port;
710 if (state->fd != -1) {
718 static void dcerpc_ncacn_tcpip_listener(struct tevent_context *ev,
719 struct tevent_fd *fde,
723 struct dcerpc_ncacn_listen_state *state =
724 talloc_get_type_abort(private_data,
725 struct dcerpc_ncacn_listen_state);
726 struct tsocket_address *cli_addr = NULL;
727 struct tsocket_address *srv_addr = NULL;
728 struct sockaddr_storage addr;
729 socklen_t in_addrlen = sizeof(addr);
733 s = accept(state->fd, (struct sockaddr *)(void *) &addr, &in_addrlen);
735 if (errno != EINTR) {
736 DEBUG(0,("tcpip_listener accept: %s\n",
742 rc = tsocket_address_bsd_from_sockaddr(state,
743 (struct sockaddr *)(void *) &addr,
751 rc = getsockname(s, (struct sockaddr *)(void *) &addr, &in_addrlen);
757 rc = tsocket_address_bsd_from_sockaddr(state,
758 (struct sockaddr *)(void *) &addr,
766 DEBUG(6, ("tcpip_listener: Accepted socket %d\n", s));
768 dcerpc_ncacn_accept(state->ev_ctx,
778 /********************************************************************
779 * Start listening on the ncalrpc socket
780 ********************************************************************/
782 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
783 struct tevent_fd *fde,
787 int create_dcerpc_ncalrpc_socket(const char *name)
795 if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
796 DEBUG(0, ("Failed to create ncalrpc directory %s - %s\n",
797 lp_ncalrpc_dir(), strerror(errno)));
801 fd = create_pipe_sock(lp_ncalrpc_dir(), name, 0755);
803 DEBUG(0, ("Failed to create ncalrpc socket! [%s/%s]\n",
804 lp_ncalrpc_dir(), name));
808 DEBUG(10, ("Openened ncalrpc socket fd %d for %s\n", fd, name));
813 bool setup_dcerpc_ncalrpc_socket(struct tevent_context *ev_ctx,
814 struct messaging_context *msg_ctx,
816 dcerpc_ncacn_disconnect_fn fn)
818 struct dcerpc_ncacn_listen_state *state;
819 struct tevent_fd *fde;
822 state = talloc(ev_ctx, struct dcerpc_ncacn_listen_state);
824 DEBUG(0, ("Out of memory\n"));
829 state->disconnect_fn = fn;
835 state->ep.name = talloc_strdup(state, name);
836 if (state->ep.name == NULL) {
837 DEBUG(0, ("Out of memory\n"));
842 state->fd = create_dcerpc_ncalrpc_socket(name);
843 if (state->fd == -1) {
847 rc = listen(state->fd, 5);
849 DEBUG(0, ("Failed to listen on ncalrpc socket %s: %s\n",
850 name, strerror(errno)));
854 state->ev_ctx = ev_ctx;
855 state->msg_ctx = msg_ctx;
857 /* Set server socket to non-blocking for the accept. */
858 set_blocking(state->fd, false);
860 fde = tevent_add_fd(state->ev_ctx,
864 dcerpc_ncalrpc_listener,
867 DEBUG(0, ("Failed to add event handler for ncalrpc!\n"));
871 tevent_fd_set_auto_close(fde);
875 if (state->fd != -1) {
883 static void dcerpc_ncalrpc_listener(struct tevent_context *ev,
884 struct tevent_fd *fde,
888 struct dcerpc_ncacn_listen_state *state =
889 talloc_get_type_abort(private_data,
890 struct dcerpc_ncacn_listen_state);
891 struct tsocket_address *cli_addr = NULL;
892 struct sockaddr_un sunaddr;
893 struct sockaddr *addr = (struct sockaddr *)(void *)&sunaddr;
894 socklen_t len = sizeof(sunaddr);
898 ZERO_STRUCT(sunaddr);
900 sd = accept(state->fd, addr, &len);
902 if (errno != EINTR) {
903 DEBUG(0, ("ncalrpc accept() failed: %s\n", strerror(errno)));
908 rc = tsocket_address_bsd_from_sockaddr(state,
916 DEBUG(10, ("Accepted ncalrpc socket %d\n", sd));
918 dcerpc_ncacn_accept(state->ev_ctx,
923 state->disconnect_fn);
926 struct dcerpc_ncacn_conn {
927 enum dcerpc_transport_t transport;
931 struct pipes_struct *p;
932 dcerpc_ncacn_disconnect_fn disconnect_fn;
934 struct tevent_context *ev_ctx;
935 struct messaging_context *msg_ctx;
937 struct tstream_context *tstream;
938 struct tevent_queue *send_queue;
940 struct tsocket_address *client;
942 struct tsocket_address *server;
944 struct auth_session_info *session_info;
950 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq);
951 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq);
953 void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
954 struct messaging_context *msg_ctx,
955 enum dcerpc_transport_t transport,
957 struct tsocket_address *cli_addr,
958 struct tsocket_address *srv_addr,
960 dcerpc_ncacn_disconnect_fn fn) {
961 struct dcerpc_ncacn_conn *ncacn_conn;
962 struct tevent_req *subreq;
963 bool system_user = false;
971 DEBUG(10, ("dcerpc_ncacn_accept\n"));
973 ncacn_conn = talloc_zero(ev_ctx, struct dcerpc_ncacn_conn);
974 if (ncacn_conn == NULL) {
975 DEBUG(0, ("Out of memory!\n"));
980 ncacn_conn->transport = transport;
981 ncacn_conn->ev_ctx = ev_ctx;
982 ncacn_conn->msg_ctx = msg_ctx;
983 ncacn_conn->sock = s;
984 ncacn_conn->disconnect_fn = fn;
986 ncacn_conn->client = talloc_move(ncacn_conn, &cli_addr);
987 if (tsocket_address_is_inet(ncacn_conn->client, "ip")) {
988 ncacn_conn->client_name =
989 tsocket_address_inet_addr_string(ncacn_conn->client,
992 ncacn_conn->client_name =
993 tsocket_address_unix_path(ncacn_conn->client,
996 if (ncacn_conn->client_name == NULL) {
997 DEBUG(0, ("Out of memory!\n"));
998 talloc_free(ncacn_conn);
1003 if (srv_addr != NULL) {
1004 ncacn_conn->server = talloc_move(ncacn_conn, &srv_addr);
1006 ncacn_conn->server_name =
1007 tsocket_address_inet_addr_string(ncacn_conn->server,
1009 if (ncacn_conn->server_name == NULL) {
1010 DEBUG(0, ("Out of memory!\n"));
1011 talloc_free(ncacn_conn);
1017 switch (transport) {
1019 pipe_name = tsocket_address_string(ncacn_conn->client,
1021 if (pipe_name == NULL) {
1023 talloc_free(ncacn_conn);
1029 rc = getpeereid(s, &uid, &gid);
1031 DEBUG(2, ("Failed to get ncalrpc connecting "
1032 "uid - %s!\n", strerror(errno)));
1034 if (uid == sec_initial_uid()) {
1040 pipe_name = talloc_strdup(ncacn_conn,
1042 if (pipe_name == NULL) {
1044 talloc_free(ncacn_conn);
1049 DEBUG(0, ("unknown dcerpc transport: %u!\n",
1051 talloc_free(ncacn_conn);
1056 rc = set_blocking(s, false);
1058 DEBUG(2, ("Failed to set dcerpc socket to non-blocking\n"));
1059 talloc_free(ncacn_conn);
1065 * As soon as we have tstream_bsd_existing_socket set up it will
1066 * take care of closing the socket.
1068 rc = tstream_bsd_existing_socket(ncacn_conn, s, &ncacn_conn->tstream);
1070 DEBUG(2, ("Failed to create tstream socket for dcerpc\n"));
1071 talloc_free(ncacn_conn);
1076 if (ncacn_conn->session_info == NULL) {
1077 status = auth_anonymous_session_info(ncacn_conn,
1078 &ncacn_conn->session_info);
1079 if (!NT_STATUS_IS_OK(status)) {
1080 DEBUG(2, ("Failed to create "
1081 "auth_anonymous_session_info - %s\n",
1082 nt_errstr(status)));
1083 talloc_free(ncacn_conn);
1088 rc = make_server_pipes_struct(ncacn_conn,
1089 ncacn_conn->msg_ctx,
1091 ncacn_conn->transport,
1095 ncacn_conn->session_info,
1099 DEBUG(2, ("Failed to create pipe struct - %s",
1100 strerror(sys_errno)));
1101 talloc_free(ncacn_conn);
1105 ncacn_conn->send_queue = tevent_queue_create(ncacn_conn,
1106 "dcerpc send queue");
1107 if (ncacn_conn->send_queue == NULL) {
1108 DEBUG(0, ("Out of memory!\n"));
1109 talloc_free(ncacn_conn);
1113 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1115 ncacn_conn->tstream);
1116 if (subreq == NULL) {
1117 DEBUG(2, ("Failed to send ncacn packet\n"));
1118 talloc_free(ncacn_conn);
1122 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1124 DEBUG(10, ("dcerpc_ncacn_accept done\n"));
1129 static void dcerpc_ncacn_packet_process(struct tevent_req *subreq)
1131 struct dcerpc_ncacn_conn *ncacn_conn =
1132 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1134 struct _output_data *out = &ncacn_conn->p->out_data;
1135 DATA_BLOB recv_buffer = data_blob_null;
1136 struct ncacn_packet *pkt;
1144 status = dcerpc_read_ncacn_packet_recv(subreq, ncacn_conn, &pkt, &recv_buffer);
1145 TALLOC_FREE(subreq);
1146 if (!NT_STATUS_IS_OK(status)) {
1147 if (ncacn_conn->disconnect_fn != NULL) {
1148 ok = ncacn_conn->disconnect_fn(ncacn_conn->p);
1150 DEBUG(3, ("Failed to call disconnect function\n"));
1156 data_left = recv_buffer.length;
1157 data = (char *) recv_buffer.data;
1160 data_used = process_incoming_data(ncacn_conn->p, data, data_left);
1161 if (data_used < 0) {
1162 DEBUG(3, ("Failed to process dcerpc request!\n"));
1163 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1167 data_left -= data_used;
1171 /* Do not leak this buffer */
1172 talloc_free(recv_buffer.data);
1176 * This is needed because of the way DCERPC binds work in the RPC
1179 to_send = out->frag.length - out->current_pdu_sent;
1182 DEBUG(10, ("Current_pdu_len = %u, "
1183 "current_pdu_sent = %u "
1184 "Returning %u bytes\n",
1185 (unsigned int)out->frag.length,
1186 (unsigned int)out->current_pdu_sent,
1187 (unsigned int)to_send));
1189 ncacn_conn->iov = talloc_zero(ncacn_conn, struct iovec);
1190 if (ncacn_conn->iov == NULL) {
1191 status = NT_STATUS_NO_MEMORY;
1192 DEBUG(3, ("Out of memory!\n"));
1195 ncacn_conn->count = 1;
1197 ncacn_conn->iov[0].iov_base = out->frag.data
1198 + out->current_pdu_sent;
1199 ncacn_conn->iov[0].iov_len = to_send;
1201 out->current_pdu_sent += to_send;
1205 * This condition is false for bind packets, or when we haven't yet got
1206 * a full request, and need to wait for more data from the client
1208 while (out->data_sent_length < out->rdata.length) {
1209 ok = create_next_pdu(ncacn_conn->p);
1211 DEBUG(3, ("Failed to create next PDU!\n"));
1212 status = NT_STATUS_UNEXPECTED_IO_ERROR;
1216 ncacn_conn->iov = talloc_realloc(ncacn_conn,
1219 ncacn_conn->count + 1);
1220 if (ncacn_conn->iov == NULL) {
1221 DEBUG(3, ("Out of memory!\n"));
1222 status = NT_STATUS_NO_MEMORY;
1226 ncacn_conn->iov[ncacn_conn->count].iov_base = out->frag.data;
1227 ncacn_conn->iov[ncacn_conn->count].iov_len = out->frag.length;
1229 DEBUG(10, ("PDU number: %d, PDU Length: %u\n",
1230 (unsigned int) ncacn_conn->count,
1231 (unsigned int) ncacn_conn->iov[ncacn_conn->count].iov_len));
1232 dump_data(11, (const uint8_t *) ncacn_conn->iov[ncacn_conn->count].iov_base,
1233 ncacn_conn->iov[ncacn_conn->count].iov_len);
1234 ncacn_conn->count++;
1238 * We still don't have a complete request, go back and wait for more
1241 if (ncacn_conn->count == 0) {
1242 /* Wait for the next packet */
1243 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1245 ncacn_conn->tstream);
1246 if (subreq == NULL) {
1247 DEBUG(2, ("Failed to start receving packets\n"));
1248 status = NT_STATUS_NO_MEMORY;
1251 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1255 DEBUG(10, ("Sending a total of %u bytes\n",
1256 (unsigned int)ncacn_conn->p->out_data.data_sent_length));
1258 subreq = tstream_writev_queue_send(ncacn_conn,
1260 ncacn_conn->tstream,
1261 ncacn_conn->send_queue,
1264 if (subreq == NULL) {
1265 DEBUG(2, ("Failed to send packet\n"));
1266 status = NT_STATUS_NO_MEMORY;
1270 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_done, ncacn_conn);
1274 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1275 ncacn_conn->client_name, nt_errstr(status)));
1277 /* Terminate client connection */
1278 talloc_free(ncacn_conn);
1282 static void dcerpc_ncacn_packet_done(struct tevent_req *subreq)
1284 struct dcerpc_ncacn_conn *ncacn_conn =
1285 tevent_req_callback_data(subreq, struct dcerpc_ncacn_conn);
1286 NTSTATUS status = NT_STATUS_OK;
1290 rc = tstream_writev_queue_recv(subreq, &sys_errno);
1291 TALLOC_FREE(subreq);
1293 DEBUG(2, ("Writev failed!\n"));
1294 status = map_nt_error_from_unix(sys_errno);
1298 /* clear out any data that may have been left around */
1299 ncacn_conn->count = 0;
1300 TALLOC_FREE(ncacn_conn->iov);
1301 data_blob_free(&ncacn_conn->p->in_data.data);
1302 data_blob_free(&ncacn_conn->p->out_data.frag);
1303 data_blob_free(&ncacn_conn->p->out_data.rdata);
1305 talloc_free_children(ncacn_conn->p->mem_ctx);
1307 /* Wait for the next packet */
1308 subreq = dcerpc_read_ncacn_packet_send(ncacn_conn,
1310 ncacn_conn->tstream);
1311 if (subreq == NULL) {
1312 DEBUG(2, ("Failed to start receving packets\n"));
1313 status = NT_STATUS_NO_MEMORY;
1317 tevent_req_set_callback(subreq, dcerpc_ncacn_packet_process, ncacn_conn);
1321 DEBUG(3, ("Terminating client(%s) connection! - '%s'\n",
1322 ncacn_conn->client_name, nt_errstr(status)));
1324 /* Terminate client connection */
1325 talloc_free(ncacn_conn);
1329 /* vim: set ts=8 sw=8 noet cindent syntax=c.doxygen: */