2 Unix SMB/CIFS implementation.
4 dcerpc utility functions
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Jelmer Vernooij 2004
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 find the pipe name for a local IDL interface
30 const char *idl_pipe_name(const char *uuid, uint32_t if_version)
33 for (i=0;dcerpc_pipes[i];i++) {
34 if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 &&
35 dcerpc_pipes[i]->if_version == if_version) {
36 return dcerpc_pipes[i]->name;
43 find the number of calls defined by local IDL
45 int idl_num_calls(const char *uuid, uint32_t if_version)
48 for (i=0;dcerpc_pipes[i];i++) {
49 if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 &&
50 dcerpc_pipes[i]->if_version == if_version) {
51 return dcerpc_pipes[i]->num_calls;
59 find a dcerpc interface by name
61 const struct dcerpc_interface_table *idl_iface_by_name(const char *name)
64 for (i=0;dcerpc_pipes[i];i++) {
65 if (strcasecmp(dcerpc_pipes[i]->name, name) == 0) {
66 return dcerpc_pipes[i];
73 find a dcerpc interface by uuid
75 const struct dcerpc_interface_table *idl_iface_by_uuid(const char *uuid)
78 for (i=0;dcerpc_pipes[i];i++) {
79 if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0) {
80 return dcerpc_pipes[i];
89 push a dcerpc_packet into a blob, potentially with auth info
91 NTSTATUS dcerpc_push_auth(DATA_BLOB *blob, TALLOC_CTX *mem_ctx,
92 struct dcerpc_packet *pkt,
93 struct dcerpc_auth *auth_info)
98 ndr = ndr_push_init_ctx(mem_ctx);
100 return NT_STATUS_NO_MEMORY;
103 if (!(pkt->drep[0] & DCERPC_DREP_LE)) {
104 ndr->flags |= LIBNDR_FLAG_BIGENDIAN;
108 pkt->auth_length = auth_info->credentials.length;
110 pkt->auth_length = 0;
113 status = ndr_push_dcerpc_packet(ndr, NDR_SCALARS|NDR_BUFFERS, pkt);
114 if (!NT_STATUS_IS_OK(status)) {
119 status = ndr_push_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, auth_info);
122 *blob = ndr_push_blob(ndr);
124 /* fill in the frag length */
125 dcerpc_set_frag_length(blob, blob->length);
130 #define MAX_PROTSEQ 10
132 static const struct {
134 enum dcerpc_transport_t transport;
136 enum epm_protocols protseq[MAX_PROTSEQ];
138 { "ncacn_np", NCACN_NP, 3,
139 { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_SMB, EPM_PROTOCOL_NETBIOS }},
140 { "ncacn_ip_tcp", NCACN_IP_TCP, 3,
141 { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_TCP, EPM_PROTOCOL_IP } },
142 { "ncacn_http", NCACN_HTTP, 3,
143 { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_HTTP, EPM_PROTOCOL_IP } },
144 { "ncadg_ip_udp", NCACN_IP_UDP, 3,
145 { EPM_PROTOCOL_NCADG, EPM_PROTOCOL_UDP, EPM_PROTOCOL_IP } },
146 { "ncalrpc", NCALRPC, 2,
147 { EPM_PROTOCOL_NCALRPC, EPM_PROTOCOL_PIPE } },
148 { "ncacn_unix_stream", NCACN_UNIX_STREAM, 2,
149 { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_UNIX_DS } },
150 { "ncadg_unix_dgram", NCADG_UNIX_DGRAM, 2,
151 { EPM_PROTOCOL_NCADG, EPM_PROTOCOL_UNIX_DS } },
152 { "ncacn_at_dsp", NCACN_AT_DSP, 3,
153 { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_APPLETALK, EPM_PROTOCOL_DSP } },
154 { "ncadg_at_ddp", NCADG_AT_DDP, 3,
155 { EPM_PROTOCOL_NCADG, EPM_PROTOCOL_APPLETALK, EPM_PROTOCOL_DDP } },
156 { "ncacn_vns_ssp", NCACN_VNS_SPP, 3,
157 { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_STREETTALK, EPM_PROTOCOL_VINES_SPP } },
158 { "ncacn_vns_ipc", NCACN_VNS_IPC, 3,
159 { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_STREETTALK, EPM_PROTOCOL_VINES_IPC }, },
162 static const struct {
165 } ncacn_options[] = {
166 {"sign", DCERPC_SIGN},
167 {"seal", DCERPC_SEAL},
168 {"connect", DCERPC_CONNECT},
169 {"validate", DCERPC_DEBUG_VALIDATE_BOTH},
170 {"print", DCERPC_DEBUG_PRINT_BOTH},
171 {"padcheck", DCERPC_DEBUG_PAD_CHECK},
172 {"bigendian", DCERPC_PUSH_BIGENDIAN}
178 form a binding string from a binding structure
180 const char *dcerpc_binding_string(TALLOC_CTX *mem_ctx, const struct dcerpc_binding *b)
184 const char *t_name=NULL;
186 for (i=0;i<ARRAY_SIZE(transports);i++) {
187 if (transports[i].transport == b->transport) {
188 t_name = transports[i].name;
195 if (!uuid_all_zero(&b->object)) {
196 s = talloc_asprintf(mem_ctx, "%s@", GUID_string(mem_ctx, &b->object));
199 s = talloc_asprintf_append(s, "%s:", t_name);
203 s = talloc_asprintf_append(s, "%s", b->host);
206 if (!b->endpoint && !b->options && !b->flags) {
210 s = talloc_asprintf_append(s, "[");
213 s = talloc_asprintf_append(s, "%s", b->endpoint);
216 /* this is a *really* inefficent way of dealing with strings,
217 but this is rarely called and the strings are always short,
219 for (i=0;b->options && b->options[i];i++) {
220 s = talloc_asprintf_append(s, ",%s", b->options[i]);
223 for (i=0;i<ARRAY_SIZE(ncacn_options);i++) {
224 if (b->flags & ncacn_options[i].flag) {
225 s = talloc_asprintf_append(s, ",%s", ncacn_options[i].name);
230 s = talloc_asprintf_append(s, "]");
236 parse a binding string into a dcerpc_binding structure
238 NTSTATUS dcerpc_parse_binding(TALLOC_CTX *mem_ctx, const char *s, struct dcerpc_binding *b)
240 char *options, *type;
242 int i, j, comma_count;
246 if (p && PTR_DIFF(p, s) == 36) { /* 36 is the length of a UUID */
249 status = GUID_from_string(s, &b->object);
251 if (NT_STATUS_IS_ERR(status)) {
252 DEBUG(0, ("Failed parsing UUID\n"));
258 ZERO_STRUCT(b->object);
261 b->object_version = 0;
265 return NT_STATUS_INVALID_PARAMETER;
268 type = talloc_strndup(mem_ctx, s, PTR_DIFF(p, s));
270 return NT_STATUS_NO_MEMORY;
273 for (i=0;i<ARRAY_SIZE(transports);i++) {
274 if (strcasecmp(type, transports[i].name) == 0) {
275 b->transport = transports[i].transport;
279 if (i==ARRAY_SIZE(transports)) {
280 DEBUG(0,("Unknown dcerpc transport '%s'\n", type));
281 return NT_STATUS_INVALID_PARAMETER;
288 b->host = talloc_strndup(mem_ctx, s, PTR_DIFF(p, s));
289 options = talloc_strdup(mem_ctx, p+1);
290 if (options[strlen(options)-1] != ']') {
291 return NT_STATUS_INVALID_PARAMETER;
293 options[strlen(options)-1] = 0;
295 b->host = talloc_strdup(mem_ctx, s);
300 return NT_STATUS_NO_MEMORY;
311 comma_count = count_chars(options, ',');
313 b->options = talloc_array_p(mem_ctx, const char *, comma_count+2);
315 return NT_STATUS_NO_MEMORY;
318 for (i=0; (p = strchr(options, ',')); i++) {
319 b->options[i] = talloc_strndup(mem_ctx, options, PTR_DIFF(p, options));
320 if (!b->options[i]) {
321 return NT_STATUS_NO_MEMORY;
325 b->options[i] = options;
326 b->options[i+1] = NULL;
328 /* Endpoint is first option */
329 b->endpoint = b->options[0];
330 if (strlen(b->endpoint) == 0) b->endpoint = NULL;
332 for (i=0;b->options[i];i++) {
333 b->options[i] = b->options[i+1];
336 /* some options are pre-parsed for convenience */
337 for (i=0;b->options[i];i++) {
338 for (j=0;j<ARRAY_SIZE(ncacn_options);j++) {
339 if (strcasecmp(ncacn_options[j].name, b->options[i]) == 0) {
341 b->flags |= ncacn_options[j].flag;
342 for (k=i;b->options[k];k++) {
343 b->options[k] = b->options[k+1];
351 if (b->options[0] == NULL)
357 static const char *floor_get_rhs_data(TALLOC_CTX *mem_ctx, struct epm_floor *floor)
359 switch (floor->lhs.protocol) {
360 case EPM_PROTOCOL_TCP:
361 if (floor->rhs.tcp.port == 0) return NULL;
362 return talloc_asprintf(mem_ctx, "%d", floor->rhs.tcp.port);
364 case EPM_PROTOCOL_UDP:
365 if (floor->rhs.udp.port == 0) return NULL;
366 return talloc_asprintf(mem_ctx, "%d", floor->rhs.udp.port);
368 case EPM_PROTOCOL_HTTP:
369 if (floor->rhs.http.port == 0) return NULL;
370 return talloc_asprintf(mem_ctx, "%d", floor->rhs.http.port);
372 case EPM_PROTOCOL_IP:
373 if (floor->rhs.ip.address == 0) {
379 in.s_addr = htonl(floor->rhs.ip.address);
380 return talloc_strdup(mem_ctx, inet_ntoa(in));
383 case EPM_PROTOCOL_NCACN:
386 case EPM_PROTOCOL_NCADG:
389 case EPM_PROTOCOL_SMB:
390 if (strlen(floor->rhs.smb.unc) == 0) return NULL;
391 return talloc_strdup(mem_ctx, floor->rhs.smb.unc);
393 case EPM_PROTOCOL_PIPE:
394 if (strlen(floor->rhs.pipe.path) == 0) return NULL;
395 return talloc_strdup(mem_ctx, floor->rhs.pipe.path);
397 case EPM_PROTOCOL_NETBIOS:
398 if (strlen(floor->rhs.netbios.name) == 0) return NULL;
399 return talloc_strdup(mem_ctx, floor->rhs.netbios.name);
401 case EPM_PROTOCOL_NCALRPC:
404 case EPM_PROTOCOL_VINES_SPP:
405 return talloc_asprintf(mem_ctx, "%d", floor->rhs.vines_spp.port);
407 case EPM_PROTOCOL_VINES_IPC:
408 return talloc_asprintf(mem_ctx, "%d", floor->rhs.vines_ipc.port);
410 case EPM_PROTOCOL_STREETTALK:
411 return talloc_strdup(mem_ctx, floor->rhs.streettalk.streettalk);
413 case EPM_PROTOCOL_UNIX_DS:
414 if (strlen(floor->rhs.unix_ds.path) == 0) return NULL;
415 return talloc_strdup(mem_ctx, floor->rhs.unix_ds.path);
417 case EPM_PROTOCOL_NULL:
424 static NTSTATUS floor_set_rhs_data(TALLOC_CTX *mem_ctx, struct epm_floor *floor, const char *data)
426 switch (floor->lhs.protocol) {
427 case EPM_PROTOCOL_TCP:
428 floor->rhs.tcp.port = atoi(data);
431 case EPM_PROTOCOL_UDP:
432 floor->rhs.udp.port = atoi(data);
435 case EPM_PROTOCOL_HTTP:
436 floor->rhs.http.port = atoi(data);
439 case EPM_PROTOCOL_IP:
440 floor->rhs.ip.address = 0;
442 /* Only try to put in a IPv4 address. Windows 2003 just returns
443 * 0.0.0.0 for IPv6 addresses */
444 if (strlen(data) > 0) {
445 struct addrinfo hints, *res;
447 memset(&hints, 0, sizeof(struct addrinfo));
449 hints.ai_family = AF_INET;
450 hints.ai_protocol = PF_INET;
452 if (getaddrinfo(data, NULL, &hints, &res) < 0) {
453 return NT_STATUS_BAD_NETWORK_NAME;
456 floor->rhs.ip.address = ntohl(((struct sockaddr_in *)res->ai_addr)->sin_addr.s_addr);
462 case EPM_PROTOCOL_NCACN:
463 floor->rhs.ncacn.minor_version = 0;
466 case EPM_PROTOCOL_NCADG:
467 floor->rhs.ncadg.minor_version = 0;
470 case EPM_PROTOCOL_SMB:
471 floor->rhs.smb.unc = talloc_strdup(mem_ctx, data);
472 if (!floor->rhs.smb.unc) {
473 return NT_STATUS_NO_MEMORY;
477 case EPM_PROTOCOL_PIPE:
478 floor->rhs.pipe.path = talloc_strdup(mem_ctx, data);
479 if (!floor->rhs.pipe.path) {
480 return NT_STATUS_NO_MEMORY;
484 case EPM_PROTOCOL_NETBIOS:
485 floor->rhs.netbios.name = talloc_strdup(mem_ctx, data);
486 if (!floor->rhs.netbios.name) {
487 return NT_STATUS_NO_MEMORY;
491 case EPM_PROTOCOL_NCALRPC:
494 case EPM_PROTOCOL_VINES_SPP:
495 floor->rhs.vines_spp.port = atoi(data);
498 case EPM_PROTOCOL_VINES_IPC:
499 floor->rhs.vines_ipc.port = atoi(data);
502 case EPM_PROTOCOL_STREETTALK:
503 floor->rhs.streettalk.streettalk = talloc_strdup(mem_ctx, data);
504 if (!floor->rhs.streettalk.streettalk) {
505 return NT_STATUS_NO_MEMORY;
509 case EPM_PROTOCOL_UNIX_DS:
510 floor->rhs.unix_ds.path = talloc_strdup(mem_ctx, data);
511 if (!floor->rhs.unix_ds.path) {
512 return NT_STATUS_NO_MEMORY;
516 case EPM_PROTOCOL_NULL:
520 return NT_STATUS_NOT_SUPPORTED;
523 enum dcerpc_transport_t dcerpc_transport_by_tower(struct epm_tower *tower)
527 /* Find a transport that matches this tower */
528 for (i=0;i<ARRAY_SIZE(transports);i++) {
530 if (transports[i].num_protocols != tower->num_floors - 2) {
534 for (j = 0; j < transports[i].num_protocols; j++) {
535 if (transports[i].protseq[j] != tower->floors[j+2].lhs.protocol) {
540 if (j == transports[i].num_protocols) {
541 return transports[i].transport;
545 /* Unknown transport */
549 NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, struct epm_tower *tower, struct dcerpc_binding *binding)
551 ZERO_STRUCT(binding->object);
552 binding->options = NULL;
553 binding->host = NULL;
556 binding->transport = dcerpc_transport_by_tower(tower);
558 if (binding->transport == -1) {
559 return NT_STATUS_NOT_SUPPORTED;
562 if (tower->num_floors < 1) {
566 /* Set object uuid */
567 binding->object = tower->floors[0].lhs.info.uuid.uuid;
568 binding->object_version = tower->floors[0].lhs.info.uuid.version;
570 /* Ignore floor 1, it contains the NDR version info */
572 binding->options = NULL;
575 if (tower->num_floors >= 4) {
576 binding->endpoint = floor_get_rhs_data(mem_ctx, &tower->floors[3]);
578 binding->endpoint = NULL;
581 /* Set network address */
582 if (tower->num_floors >= 5) {
583 binding->host = floor_get_rhs_data(mem_ctx, &tower->floors[4]);
588 NTSTATUS dcerpc_binding_build_tower(TALLOC_CTX *mem_ctx, struct dcerpc_binding *binding, struct epm_tower *tower)
590 const enum epm_protocols *protseq;
591 int num_protocols = -1, i;
595 for (i=0;i<ARRAY_SIZE(transports);i++) {
596 if (transports[i].transport == binding->transport) {
597 protseq = transports[i].protseq;
598 num_protocols = transports[i].num_protocols;
603 if (num_protocols == -1) {
604 DEBUG(0, ("Unable to find transport with id '%d'\n", binding->transport));
605 return NT_STATUS_UNSUCCESSFUL;
608 tower->num_floors = 2 + num_protocols;
609 tower->floors = talloc_array_p(mem_ctx, struct epm_floor, tower->num_floors);
612 tower->floors[0].lhs.protocol = EPM_PROTOCOL_UUID;
613 tower->floors[0].lhs.info.uuid.uuid = binding->object;
614 tower->floors[0].lhs.info.uuid.version = binding->object_version;
615 tower->floors[0].rhs.uuid.unknown = 0;
618 tower->floors[1].lhs.protocol = EPM_PROTOCOL_UUID;
619 tower->floors[1].lhs.info.uuid.version = NDR_GUID_VERSION;
620 tower->floors[1].rhs.uuid.unknown = 0;
621 status = GUID_from_string(NDR_GUID, &tower->floors[1].lhs.info.uuid.uuid);
622 if (NT_STATUS_IS_ERR(status)) {
626 /* Floor 2 to num_protocols */
627 for (i = 0; i < num_protocols; i++) {
628 tower->floors[2 + i].lhs.protocol = protseq[i];
629 tower->floors[2 + i].lhs.info.lhs_data = data_blob_talloc(mem_ctx, NULL, 0);
630 ZERO_STRUCT(tower->floors[2 + i].rhs);
631 floor_set_rhs_data(mem_ctx, &tower->floors[2 + i], "");
634 /* The 4th floor contains the endpoint */
635 if (num_protocols >= 2 && binding->endpoint) {
636 status = floor_set_rhs_data(mem_ctx, &tower->floors[3], binding->endpoint);
637 if (NT_STATUS_IS_ERR(status)) {
642 /* The 5th contains the network address */
643 if (num_protocols >= 3 && binding->host) {
644 status = floor_set_rhs_data(mem_ctx, &tower->floors[4], binding->host);
645 if (NT_STATUS_IS_ERR(status)) {
653 NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *binding,
654 const char *uuid, uint_t version)
656 struct dcerpc_pipe *p;
659 struct policy_handle handle;
661 struct epm_twr_t twr, *twr_r;
662 struct dcerpc_binding epmapper_binding;
665 if (!strcmp(uuid, DCERPC_EPMAPPER_UUID)) {
666 switch(binding->transport) {
667 case NCACN_IP_TCP: binding->endpoint = "135"/*FIXME*/; return NT_STATUS_OK;
668 case NCALRPC: binding->endpoint = EPMAPPER_IDENTIFIER; return NT_STATUS_OK;
669 default: return NT_STATUS_NOT_SUPPORTED;
674 ZERO_STRUCT(epmapper_binding);
675 epmapper_binding.transport = binding->transport;
676 epmapper_binding.host = binding->host;
677 epmapper_binding.options = NULL;
678 epmapper_binding.flags = 0;
679 epmapper_binding.endpoint = NULL;
681 status = dcerpc_pipe_connect_b(&p,
683 DCERPC_EPMAPPER_UUID,
684 DCERPC_EPMAPPER_VERSION,
687 if (!NT_STATUS_IS_OK(status)) {
694 status = GUID_from_string(uuid, &binding->object);
695 if (NT_STATUS_IS_ERR(status)) {
699 binding->object_version = version;
701 status = dcerpc_binding_build_tower(p, binding, &twr.tower);
702 if (NT_STATUS_IS_ERR(status)) {
706 /* with some nice pretty paper around it of course */
708 r.in.map_tower = &twr;
709 r.in.entry_handle = &handle;
711 r.out.entry_handle = &handle;
713 status = dcerpc_epm_Map(p, p, &r);
714 if (!NT_STATUS_IS_OK(status)) {
715 dcerpc_pipe_close(p);
718 if (r.out.result != 0 || r.out.num_towers != 1) {
719 dcerpc_pipe_close(p);
720 return NT_STATUS_PORT_UNREACHABLE;
723 twr_r = r.out.towers[0].twr;
725 dcerpc_pipe_close(p);
726 return NT_STATUS_PORT_UNREACHABLE;
729 if (twr_r->tower.num_floors != twr.tower.num_floors ||
730 twr_r->tower.floors[3].lhs.protocol != twr.tower.floors[3].lhs.protocol) {
731 dcerpc_pipe_close(p);
732 return NT_STATUS_PORT_UNREACHABLE;
735 binding->endpoint = floor_get_rhs_data(mem_ctx, &twr_r->tower.floors[3]);
737 dcerpc_pipe_close(p);
743 /* open a rpc connection to a rpc pipe on SMB using the binding
744 structure to determine the endpoint and options */
745 static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **p,
746 struct dcerpc_binding *binding,
747 const char *pipe_uuid,
748 uint32_t pipe_version,
750 const char *username,
751 const char *password)
755 struct smbcli_state *cli;
756 const char *pipe_name;
757 TALLOC_CTX *mem_ctx = talloc_init("dcerpc_pipe_connect_ncacn_np");
759 if (!binding->endpoint) {
760 const struct dcerpc_interface_table *table = idl_iface_by_uuid(pipe_uuid);
761 struct dcerpc_binding default_binding;
765 DEBUG(0,("Unknown interface endpoint '%s'\n", pipe_uuid));
766 talloc_destroy(mem_ctx);
767 return NT_STATUS_INVALID_PARAMETER;
770 /* Find one of the default pipes for this interface */
771 for (i = 0; i < table->endpoints->count; i++) {
772 status = dcerpc_parse_binding(mem_ctx, table->endpoints->names[i], &default_binding);
774 if (NT_STATUS_IS_OK(status) && default_binding.transport == NCACN_NP) {
775 pipe_name = default_binding.endpoint;
781 pipe_name = binding->endpoint;
784 if (!strncasecmp(pipe_name, "/pipe/", 6) ||
785 !strncasecmp(pipe_name, "\\pipe\\", 6)) {
789 if (pipe_name[0] != '\\') {
790 pipe_name = talloc_asprintf(mem_ctx, "\\%s", pipe_name);
793 if (!username || !username[0]) {
794 status = smbcli_full_connection(NULL, &cli, lp_netbios_name(),
797 "", "", NULL, 0, &retry);
799 status = smbcli_full_connection(NULL, &cli, lp_netbios_name(),
803 password, 0, &retry);
805 if (!NT_STATUS_IS_OK(status)) {
806 DEBUG(0,("Failed to connect to %s - %s\n", binding->host, nt_errstr(status)));
807 talloc_destroy(mem_ctx);
811 status = dcerpc_pipe_open_smb(p, cli->tree, pipe_name);
812 if (!NT_STATUS_IS_OK(status)) {
813 DEBUG(0,("Failed to open pipe %s - %s\n", pipe_name, nt_errstr(status)));
815 smbcli_shutdown(cli);
816 talloc_destroy(mem_ctx);
820 talloc_destroy(mem_ctx);
822 /* this ensures that the reference count is decremented so
823 a pipe close will really close the link */
824 talloc_steal(*p, cli);
826 (*p)->flags = binding->flags;
828 /* remember the binding string for possible secondary connections */
829 (*p)->binding_string = dcerpc_binding_string((*p), binding);
831 if (username && username[0] && (binding->flags & DCERPC_SCHANNEL_ANY)) {
832 status = dcerpc_bind_auth_schannel(*p, pipe_uuid, pipe_version,
833 domain, username, password);
834 } else if (username && username[0] &&
835 (binding->flags & (DCERPC_CONNECT|DCERPC_SIGN|DCERPC_SEAL))) {
836 status = dcerpc_bind_auth_ntlm(*p, pipe_uuid, pipe_version, domain, username, password);
838 status = dcerpc_bind_auth_none(*p, pipe_uuid, pipe_version);
842 if (!NT_STATUS_IS_OK(status)) {
843 DEBUG(0,("Failed to bind to uuid %s - %s\n", pipe_uuid, nt_errstr(status)));
844 dcerpc_pipe_close(*p);
852 /* open a rpc connection to a rpc pipe on SMP using the binding
853 structure to determine the endpoint and options */
854 static NTSTATUS dcerpc_pipe_connect_ncalrpc(struct dcerpc_pipe **p,
855 struct dcerpc_binding *binding,
856 const char *pipe_uuid,
857 uint32_t pipe_version,
859 const char *username,
860 const char *password)
863 TALLOC_CTX *mem_ctx = talloc_init("dcerpc_pipe_connect_ncalrpc");
865 /* Look up identifier using the epmapper */
866 if (!binding->endpoint) {
867 status = dcerpc_epm_map_binding(mem_ctx, binding, pipe_uuid, pipe_version);
868 if (!NT_STATUS_IS_OK(status)) {
869 DEBUG(0,("Failed to map DCERPC/TCP NCALRPC identifier for '%s' - %s\n",
870 pipe_uuid, nt_errstr(status)));
871 talloc_destroy(mem_ctx);
874 DEBUG(1,("Mapped to DCERPC/TCP identifier %s\n", binding->endpoint));
877 status = dcerpc_pipe_open_pipe(p, binding->endpoint);
879 if (!NT_STATUS_IS_OK(status)) {
880 DEBUG(0,("Failed to open ncalrpc pipe '%s'\n", binding->endpoint));
881 talloc_destroy(mem_ctx);
885 (*p)->flags = binding->flags;
887 /* remember the binding string for possible secondary connections */
888 (*p)->binding_string = dcerpc_binding_string((*p), binding);
890 if (username && username[0] && (binding->flags & DCERPC_SCHANNEL_ANY)) {
891 status = dcerpc_bind_auth_schannel(*p, pipe_uuid, pipe_version,
892 domain, username, password);
893 } else if (username && username[0]) {
894 status = dcerpc_bind_auth_ntlm(*p, pipe_uuid, pipe_version, domain, username, password);
896 status = dcerpc_bind_auth_none(*p, pipe_uuid, pipe_version);
899 if (!NT_STATUS_IS_OK(status)) {
900 DEBUG(0,("Failed to bind to uuid %s - %s\n",
901 pipe_uuid, nt_errstr(status)));
902 dcerpc_pipe_close(*p);
904 talloc_destroy(mem_ctx);
908 talloc_destroy(mem_ctx);
914 /* open a rpc connection to a rpc pipe on SMP using the binding
915 structure to determine the endpoint and options */
916 static NTSTATUS dcerpc_pipe_connect_ncacn_unix_stream(struct dcerpc_pipe **p,
917 struct dcerpc_binding *binding,
918 const char *pipe_uuid,
919 uint32_t pipe_version,
921 const char *username,
922 const char *password)
926 if (!binding->endpoint) {
927 DEBUG(0, ("Path to unix socket not specified\n"));
928 return NT_STATUS_INVALID_PARAMETER;
931 status = dcerpc_pipe_open_unix_stream(p, binding->endpoint);
932 if (!NT_STATUS_IS_OK(status)) {
933 DEBUG(0,("Failed to open unix socket %s\n", binding->endpoint));
937 (*p)->flags = binding->flags;
939 /* remember the binding string for possible secondary connections */
940 (*p)->binding_string = dcerpc_binding_string((*p), binding);
942 if (username && username[0] && (binding->flags & DCERPC_SCHANNEL_ANY)) {
943 status = dcerpc_bind_auth_schannel(*p, pipe_uuid, pipe_version,
944 domain, username, password);
945 } else if (username && username[0]) {
946 status = dcerpc_bind_auth_ntlm(*p, pipe_uuid, pipe_version, domain, username, password);
948 status = dcerpc_bind_auth_none(*p, pipe_uuid, pipe_version);
951 if (!NT_STATUS_IS_OK(status)) {
952 DEBUG(0,("Failed to bind to uuid %s - %s\n",
953 pipe_uuid, nt_errstr(status)));
954 dcerpc_pipe_close(*p);
962 /* open a rpc connection to a rpc pipe on SMP using the binding
963 structure to determine the endpoint and options */
964 static NTSTATUS dcerpc_pipe_connect_ncacn_ip_tcp(struct dcerpc_pipe **p,
965 struct dcerpc_binding *binding,
966 const char *pipe_uuid,
967 uint32_t pipe_version,
969 const char *username,
970 const char *password)
974 TALLOC_CTX *mem_ctx = talloc_init("connect_ncacn_ip_tcp");
976 if (!binding->endpoint) {
977 status = dcerpc_epm_map_binding(mem_ctx, binding,
978 pipe_uuid, pipe_version);
979 if (!NT_STATUS_IS_OK(status)) {
980 DEBUG(0,("Failed to map DCERPC/TCP port for '%s' - %s\n",
981 pipe_uuid, nt_errstr(status)));
984 DEBUG(1,("Mapped to DCERPC/TCP port %s\n", binding->endpoint));
987 port = atoi(binding->endpoint);
989 status = dcerpc_pipe_open_tcp(p, binding->host, port, AF_UNSPEC);
990 if (!NT_STATUS_IS_OK(status)) {
991 DEBUG(0,("Failed to connect to %s:%d\n", binding->host, port));
995 (*p)->flags = binding->flags;
997 /* remember the binding string for possible secondary connections */
998 (*p)->binding_string = dcerpc_binding_string((*p), binding);
1000 if (username && username[0] && (binding->flags & DCERPC_SCHANNEL_ANY)) {
1001 status = dcerpc_bind_auth_schannel(*p, pipe_uuid, pipe_version,
1002 domain, username, password);
1003 } else if (username && username[0]) {
1004 status = dcerpc_bind_auth_ntlm(*p, pipe_uuid, pipe_version, domain, username, password);
1006 status = dcerpc_bind_auth_none(*p, pipe_uuid, pipe_version);
1009 if (!NT_STATUS_IS_OK(status)) {
1010 DEBUG(0,("Failed to bind to uuid %s - %s\n",
1011 pipe_uuid, nt_errstr(status)));
1012 dcerpc_pipe_close(*p);
1021 /* open a rpc connection to a rpc pipe, using the specified
1022 binding structure to determine the endpoint and options */
1023 NTSTATUS dcerpc_pipe_connect_b(struct dcerpc_pipe **p,
1024 struct dcerpc_binding *binding,
1025 const char *pipe_uuid,
1026 uint32_t pipe_version,
1028 const char *username,
1029 const char *password)
1031 NTSTATUS status = NT_STATUS_INVALID_PARAMETER;
1033 switch (binding->transport) {
1035 status = dcerpc_pipe_connect_ncacn_np(p, binding, pipe_uuid, pipe_version,
1036 domain, username, password);
1039 status = dcerpc_pipe_connect_ncacn_ip_tcp(p, binding, pipe_uuid, pipe_version,
1040 domain, username, password);
1042 case NCACN_UNIX_STREAM:
1043 status = dcerpc_pipe_connect_ncacn_unix_stream(p, binding, pipe_uuid, pipe_version, domain, username, password);
1046 status = dcerpc_pipe_connect_ncalrpc(p, binding, pipe_uuid, pipe_version, domain, username, password);
1049 return NT_STATUS_NOT_SUPPORTED;
1056 /* open a rpc connection to a rpc pipe, using the specified string
1057 binding to determine the endpoint and options */
1058 NTSTATUS dcerpc_pipe_connect(struct dcerpc_pipe **p,
1059 const char *binding,
1060 const char *pipe_uuid,
1061 uint32_t pipe_version,
1063 const char *username,
1064 const char *password)
1066 struct dcerpc_binding b;
1068 TALLOC_CTX *mem_ctx;
1070 mem_ctx = talloc_init("dcerpc_pipe_connect");
1071 if (!mem_ctx) return NT_STATUS_NO_MEMORY;
1073 status = dcerpc_parse_binding(mem_ctx, binding, &b);
1074 if (!NT_STATUS_IS_OK(status)) {
1075 DEBUG(0,("Failed to parse dcerpc binding '%s'\n", binding));
1076 talloc_destroy(mem_ctx);
1080 DEBUG(3,("Using binding %s\n", dcerpc_binding_string(mem_ctx, &b)));
1082 status = dcerpc_pipe_connect_b(p, &b, pipe_uuid, pipe_version, domain, username, password);
1084 talloc_destroy(mem_ctx);
1090 create a secondary dcerpc connection from a primary connection
1092 if the primary is a SMB connection then the secondary connection
1093 will be on the same SMB connection, but use a new fnum
1095 NTSTATUS dcerpc_secondary_connection(struct dcerpc_pipe *p, struct dcerpc_pipe **p2,
1096 const char *pipe_name,
1097 const char *pipe_uuid,
1098 uint32_t pipe_version)
1100 struct smbcli_tree *tree;
1101 NTSTATUS status = NT_STATUS_INVALID_PARAMETER;
1102 struct dcerpc_binding b;
1104 switch (p->transport.transport) {
1106 tree = dcerpc_smb_tree(p);
1108 return NT_STATUS_INVALID_PARAMETER;
1111 status = dcerpc_pipe_open_smb(p2, tree, pipe_name);
1115 status = dcerpc_parse_binding(p, p->binding_string, &b);
1116 if (!NT_STATUS_IS_OK(status)) {
1119 b.flags &= ~DCERPC_AUTH_OPTIONS;
1120 status = dcerpc_pipe_connect_ncacn_ip_tcp(p2, &b, pipe_uuid,
1125 return NT_STATUS_NOT_SUPPORTED;
1128 if (!NT_STATUS_IS_OK(status)) {
1132 (*p2)->flags = p->flags;
1134 status = dcerpc_bind_auth_none(*p2, pipe_uuid, pipe_version);
1135 if (!NT_STATUS_IS_OK(status)) {
1139 return NT_STATUS_OK;
1142 NTSTATUS dcerpc_generic_session_key(struct dcerpc_pipe *p,
1143 DATA_BLOB *session_key)
1145 /* this took quite a few CPU cycles to find ... */
1146 session_key->data = discard_const_p(unsigned char, "SystemLibraryDTC");
1147 session_key->length = 16;
1148 return NT_STATUS_OK;
1152 fetch the user session key - may be default (above) or the SMB session key
1154 NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p,
1155 DATA_BLOB *session_key)
1157 return p->security_state.session_key(p, session_key);
1162 log a rpc packet in a format suitable for ndrdump. This is especially useful
1163 for sealed packets, where ethereal cannot easily see the contents
1165 this triggers on a debug level of >= 10
1167 void dcerpc_log_packet(const struct dcerpc_interface_table *ndr,
1168 uint32_t opnum, uint32_t flags, DATA_BLOB *pkt)
1170 const int num_examples = 20;
1173 if (DEBUGLEVEL < 10) return;
1175 for (i=0;i<num_examples;i++) {
1177 asprintf(&name, "%s/rpclog/%s-%u.%d.%s",
1178 lp_lockdir(), ndr->name, opnum, i,
1179 (flags&NDR_IN)?"in":"out");
1183 if (!file_exist(name, NULL)) {
1184 if (file_save(name, pkt->data, pkt->length)) {
1185 DEBUG(10,("Logged rpc packet to %s\n", name));
git.samba.org / kai / samba-autobuild / .git / blob