9afc16ff503902009622fbf0eef9bddc90271991
[kai/samba.git] / source3 / rpc_server / rpc_ncacn_np.c
1 /*
2  *  Unix SMB/CIFS implementation.
3  *  RPC Pipe client / server routines
4  *  Copyright (C) Andrew Tridgell              1992-1998,
5  *  Largely re-written : 2005
6  *  Copyright (C) Jeremy Allison                1998 - 2005
7  *  Copyright (C) Simo Sorce                    2010
8  *
9  *  This program is free software; you can redistribute it and/or modify
10  *  it under the terms of the GNU General Public License as published by
11  *  the Free Software Foundation; either version 3 of the License, or
12  *  (at your option) any later version.
13  *
14  *  This program is distributed in the hope that it will be useful,
15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  *  GNU General Public License for more details.
18  *
19  *  You should have received a copy of the GNU General Public License
20  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
21  */
22
23 #include "includes.h"
24 #include "rpc_client/cli_pipe.h"
25 #include "rpc_server/srv_pipe_internal.h"
26 #include "rpc_dce.h"
27 #include "../libcli/named_pipe_auth/npa_tstream.h"
28 #include "rpc_server/rpc_ncacn_np.h"
29 #include "librpc/gen_ndr/netlogon.h"
30 #include "librpc/gen_ndr/auth.h"
31 #include "../auth/auth_sam_reply.h"
32 #include "auth.h"
33
34 #undef DBGC_CLASS
35 #define DBGC_CLASS DBGC_RPC_SRV
36
37 static int pipes_open;
38
39 static struct pipes_struct *InternalPipes;
40
41 /* TODO
42  * the following prototypes are declared here to avoid
43  * code being moved about too much for a patch to be
44  * disrupted / less obvious.
45  *
46  * these functions, and associated functions that they
47  * call, should be moved behind a .so module-loading
48  * system _anyway_.  so that's the next step...
49  */
50
51 /****************************************************************************
52  Internal Pipe iterator functions.
53 ****************************************************************************/
54
55 struct pipes_struct *get_first_internal_pipe(void)
56 {
57         return InternalPipes;
58 }
59
60 struct pipes_struct *get_next_internal_pipe(struct pipes_struct *p)
61 {
62         return p->next;
63 }
64
65 static void free_pipe_rpc_context_internal( PIPE_RPC_FNS *list )
66 {
67         PIPE_RPC_FNS *tmp = list;
68         PIPE_RPC_FNS *tmp2;
69
70         while (tmp) {
71                 tmp2 = tmp->next;
72                 SAFE_FREE(tmp);
73                 tmp = tmp2;
74         }
75
76         return;
77 }
78
79 bool check_open_pipes(void)
80 {
81         struct pipes_struct *p;
82
83         for (p = InternalPipes; p != NULL; p = p->next) {
84                 if (num_pipe_handles(p) != 0) {
85                         return true;
86                 }
87         }
88         return false;
89 }
90
91 /****************************************************************************
92  Close an rpc pipe.
93 ****************************************************************************/
94
95 int close_internal_rpc_pipe_hnd(struct pipes_struct *p)
96 {
97         if (!p) {
98                 DEBUG(0,("Invalid pipe in close_internal_rpc_pipe_hnd\n"));
99                 return False;
100         }
101
102         TALLOC_FREE(p->auth.auth_ctx);
103
104         free_pipe_rpc_context_internal( p->contexts );
105
106         /* Free the handles database. */
107         close_policy_by_pipe(p);
108
109         DLIST_REMOVE(InternalPipes, p);
110
111         ZERO_STRUCTP(p);
112
113         return 0;
114 }
115
116 /****************************************************************************
117  Make an internal namedpipes structure
118 ****************************************************************************/
119
120 struct pipes_struct *make_internal_rpc_pipe_p(TALLOC_CTX *mem_ctx,
121                                               const struct ndr_syntax_id *syntax,
122                                               struct client_address *client_id,
123                                               const struct auth_serversupplied_info *session_info,
124                                               struct messaging_context *msg_ctx)
125 {
126         struct pipes_struct *p;
127
128         DEBUG(4,("Create pipe requested %s\n",
129                  get_pipe_name_from_syntax(talloc_tos(), syntax)));
130
131         p = TALLOC_ZERO_P(mem_ctx, struct pipes_struct);
132
133         if (!p) {
134                 DEBUG(0,("ERROR! no memory for pipes_struct!\n"));
135                 return NULL;
136         }
137
138         p->mem_ctx = talloc_named(p, 0, "pipe %s %p",
139                                  get_pipe_name_from_syntax(talloc_tos(),
140                                                            syntax), p);
141         if (p->mem_ctx == NULL) {
142                 DEBUG(0,("open_rpc_pipe_p: talloc_init failed.\n"));
143                 TALLOC_FREE(p);
144                 return NULL;
145         }
146
147         if (!init_pipe_handles(p, syntax)) {
148                 DEBUG(0,("open_rpc_pipe_p: init_pipe_handles failed.\n"));
149                 TALLOC_FREE(p);
150                 return NULL;
151         }
152
153         p->session_info = copy_serverinfo(p, session_info);
154         if (p->session_info == NULL) {
155                 DEBUG(0, ("open_rpc_pipe_p: copy_serverinfo failed\n"));
156                 close_policy_by_pipe(p);
157                 TALLOC_FREE(p);
158                 return NULL;
159         }
160
161         p->msg_ctx = msg_ctx;
162
163         DLIST_ADD(InternalPipes, p);
164
165         p->client_id = client_id;
166
167         p->endian = RPC_LITTLE_ENDIAN;
168
169         p->syntax = *syntax;
170         p->transport = NCALRPC;
171
172         DEBUG(4,("Created internal pipe %s (pipes_open=%d)\n",
173                  get_pipe_name_from_syntax(talloc_tos(), syntax), pipes_open));
174
175         talloc_set_destructor(p, close_internal_rpc_pipe_hnd);
176
177         return p;
178 }
179
180 static NTSTATUS rpcint_dispatch(struct pipes_struct *p,
181                                 TALLOC_CTX *mem_ctx,
182                                 uint32_t opnum,
183                                 const DATA_BLOB *in_data,
184                                 DATA_BLOB *out_data)
185 {
186         uint32_t num_cmds = rpc_srv_get_pipe_num_cmds(&p->syntax);
187         const struct api_struct *cmds = rpc_srv_get_pipe_cmds(&p->syntax);
188         uint32_t i;
189         bool ok;
190
191         /* set opnum */
192         p->opnum = opnum;
193
194         for (i = 0; i < num_cmds; i++) {
195                 if (cmds[i].opnum == opnum && cmds[i].fn != NULL) {
196                         break;
197                 }
198         }
199
200         if (i == num_cmds) {
201                 return NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE;
202         }
203
204         p->in_data.data = *in_data;
205         p->out_data.rdata = data_blob_null;
206
207         ok = cmds[i].fn(p);
208         p->in_data.data = data_blob_null;
209         if (!ok) {
210                 data_blob_free(&p->out_data.rdata);
211                 talloc_free_children(p->mem_ctx);
212                 return NT_STATUS_RPC_CALL_FAILED;
213         }
214
215         if (p->fault_state) {
216                 p->fault_state = false;
217                 data_blob_free(&p->out_data.rdata);
218                 talloc_free_children(p->mem_ctx);
219                 return NT_STATUS_RPC_CALL_FAILED;
220         }
221
222         if (p->bad_handle_fault_state) {
223                 p->bad_handle_fault_state = false;
224                 data_blob_free(&p->out_data.rdata);
225                 talloc_free_children(p->mem_ctx);
226                 return NT_STATUS_RPC_SS_CONTEXT_MISMATCH;
227         }
228
229         if (p->rng_fault_state) {
230                 p->rng_fault_state = false;
231                 data_blob_free(&p->out_data.rdata);
232                 talloc_free_children(p->mem_ctx);
233                 return NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE;
234         }
235
236         *out_data = p->out_data.rdata;
237         talloc_steal(mem_ctx, out_data->data);
238         p->out_data.rdata = data_blob_null;
239
240         talloc_free_children(p->mem_ctx);
241         return NT_STATUS_OK;
242 }
243
244 struct rpcint_bh_state {
245         struct pipes_struct *p;
246 };
247
248 static bool rpcint_bh_is_connected(struct dcerpc_binding_handle *h)
249 {
250         struct rpcint_bh_state *hs = dcerpc_binding_handle_data(h,
251                                      struct rpcint_bh_state);
252
253         if (!hs->p) {
254                 return false;
255         }
256
257         return true;
258 }
259
260 static uint32_t rpcint_bh_set_timeout(struct dcerpc_binding_handle *h,
261                                       uint32_t timeout)
262 {
263         /* TODO: implement timeouts */
264         return UINT32_MAX;
265 }
266
267 struct rpcint_bh_raw_call_state {
268         DATA_BLOB in_data;
269         DATA_BLOB out_data;
270         uint32_t out_flags;
271 };
272
273 static struct tevent_req *rpcint_bh_raw_call_send(TALLOC_CTX *mem_ctx,
274                                                   struct tevent_context *ev,
275                                                   struct dcerpc_binding_handle *h,
276                                                   const struct GUID *object,
277                                                   uint32_t opnum,
278                                                   uint32_t in_flags,
279                                                   const uint8_t *in_data,
280                                                   size_t in_length)
281 {
282         struct rpcint_bh_state *hs =
283                 dcerpc_binding_handle_data(h,
284                 struct rpcint_bh_state);
285         struct tevent_req *req;
286         struct rpcint_bh_raw_call_state *state;
287         bool ok;
288         NTSTATUS status;
289
290         req = tevent_req_create(mem_ctx, &state,
291                                 struct rpcint_bh_raw_call_state);
292         if (req == NULL) {
293                 return NULL;
294         }
295         state->in_data.data = discard_const_p(uint8_t, in_data);
296         state->in_data.length = in_length;
297
298         ok = rpcint_bh_is_connected(h);
299         if (!ok) {
300                 tevent_req_nterror(req, NT_STATUS_INVALID_CONNECTION);
301                 return tevent_req_post(req, ev);
302         }
303
304         /* TODO: allow async */
305         status = rpcint_dispatch(hs->p, state, opnum,
306                                  &state->in_data,
307                                  &state->out_data);
308         if (!NT_STATUS_IS_OK(status)) {
309                 tevent_req_nterror(req, status);
310                 return tevent_req_post(req, ev);
311         }
312
313         tevent_req_done(req);
314         return tevent_req_post(req, ev);
315 }
316
317 static NTSTATUS rpcint_bh_raw_call_recv(struct tevent_req *req,
318                                         TALLOC_CTX *mem_ctx,
319                                         uint8_t **out_data,
320                                         size_t *out_length,
321                                         uint32_t *out_flags)
322 {
323         struct rpcint_bh_raw_call_state *state =
324                 tevent_req_data(req,
325                 struct rpcint_bh_raw_call_state);
326         NTSTATUS status;
327
328         if (tevent_req_is_nterror(req, &status)) {
329                 tevent_req_received(req);
330                 return status;
331         }
332
333         *out_data = talloc_move(mem_ctx, &state->out_data.data);
334         *out_length = state->out_data.length;
335         *out_flags = 0;
336         tevent_req_received(req);
337         return NT_STATUS_OK;
338 }
339
340 struct rpcint_bh_disconnect_state {
341         uint8_t _dummy;
342 };
343
344 static struct tevent_req *rpcint_bh_disconnect_send(TALLOC_CTX *mem_ctx,
345                                                 struct tevent_context *ev,
346                                                 struct dcerpc_binding_handle *h)
347 {
348         struct rpcint_bh_state *hs = dcerpc_binding_handle_data(h,
349                                      struct rpcint_bh_state);
350         struct tevent_req *req;
351         struct rpcint_bh_disconnect_state *state;
352         bool ok;
353
354         req = tevent_req_create(mem_ctx, &state,
355                                 struct rpcint_bh_disconnect_state);
356         if (req == NULL) {
357                 return NULL;
358         }
359
360         ok = rpcint_bh_is_connected(h);
361         if (!ok) {
362                 tevent_req_nterror(req, NT_STATUS_INVALID_CONNECTION);
363                 return tevent_req_post(req, ev);
364         }
365
366         /*
367          * TODO: do a real async disconnect ...
368          *
369          * For now the caller needs to free pipes_struct
370          */
371         hs->p = NULL;
372
373         tevent_req_done(req);
374         return tevent_req_post(req, ev);
375 }
376
377 static NTSTATUS rpcint_bh_disconnect_recv(struct tevent_req *req)
378 {
379         NTSTATUS status;
380
381         if (tevent_req_is_nterror(req, &status)) {
382                 tevent_req_received(req);
383                 return status;
384         }
385
386         tevent_req_received(req);
387         return NT_STATUS_OK;
388 }
389
390 static bool rpcint_bh_ref_alloc(struct dcerpc_binding_handle *h)
391 {
392         return true;
393 }
394
395 static void rpcint_bh_do_ndr_print(struct dcerpc_binding_handle *h,
396                                    int ndr_flags,
397                                    const void *_struct_ptr,
398                                    const struct ndr_interface_call *call)
399 {
400         void *struct_ptr = discard_const(_struct_ptr);
401
402         if (DEBUGLEVEL < 11) {
403                 return;
404         }
405
406         if (ndr_flags & NDR_IN) {
407                 ndr_print_function_debug(call->ndr_print,
408                                          call->name,
409                                          ndr_flags,
410                                          struct_ptr);
411         }
412         if (ndr_flags & NDR_OUT) {
413                 ndr_print_function_debug(call->ndr_print,
414                                          call->name,
415                                          ndr_flags,
416                                          struct_ptr);
417         }
418 }
419
420 static const struct dcerpc_binding_handle_ops rpcint_bh_ops = {
421         .name                   = "rpcint",
422         .is_connected           = rpcint_bh_is_connected,
423         .set_timeout            = rpcint_bh_set_timeout,
424         .raw_call_send          = rpcint_bh_raw_call_send,
425         .raw_call_recv          = rpcint_bh_raw_call_recv,
426         .disconnect_send        = rpcint_bh_disconnect_send,
427         .disconnect_recv        = rpcint_bh_disconnect_recv,
428
429         .ref_alloc              = rpcint_bh_ref_alloc,
430         .do_ndr_print           = rpcint_bh_do_ndr_print,
431 };
432
433 static NTSTATUS rpcint_binding_handle_ex(TALLOC_CTX *mem_ctx,
434                         const struct ndr_syntax_id *abstract_syntax,
435                         const struct ndr_interface_table *ndr_table,
436                         struct client_address *client_id,
437                         const struct auth_serversupplied_info *session_info,
438                         struct messaging_context *msg_ctx,
439                         struct dcerpc_binding_handle **binding_handle)
440 {
441         struct dcerpc_binding_handle *h;
442         struct rpcint_bh_state *hs;
443
444         if (ndr_table) {
445                 abstract_syntax = &ndr_table->syntax_id;
446         }
447
448         h = dcerpc_binding_handle_create(mem_ctx,
449                                          &rpcint_bh_ops,
450                                          NULL,
451                                          ndr_table,
452                                          &hs,
453                                          struct rpcint_bh_state,
454                                          __location__);
455         if (h == NULL) {
456                 return NT_STATUS_NO_MEMORY;
457         }
458         hs->p = make_internal_rpc_pipe_p(hs,
459                                          abstract_syntax,
460                                          client_id,
461                                          session_info,
462                                          msg_ctx);
463         if (hs->p == NULL) {
464                 TALLOC_FREE(h);
465                 return NT_STATUS_NO_MEMORY;
466         }
467
468         *binding_handle = h;
469         return NT_STATUS_OK;
470 }
471 /**
472  * @brief Create a new DCERPC Binding Handle which uses a local dispatch function.
473  *
474  * @param[in]  mem_ctx  The memory context to use.
475  *
476  * @param[in]  ndr_table Normally the ndr_table_<name>.
477  *
478  * @param[in]  client_id The info about the connected client.
479  *
480  * @param[in]  serversupplied_info The server supplied authentication function.
481  *
482  * @param[in]  msg_ctx   The messaging context that can be used by the server
483  *
484  * @param[out] binding_handle  A pointer to store the connected
485  *                             dcerpc_binding_handle
486  *
487  * @return              NT_STATUS_OK on success, a corresponding NT status if an
488  *                      error occured.
489  *
490  * @code
491  *   struct dcerpc_binding_handle *winreg_binding;
492  *   NTSTATUS status;
493  *
494  *   status = rpcint_binding_handle(tmp_ctx,
495  *                                  &ndr_table_winreg,
496  *                                  p->client_id,
497  *                                  p->session_info,
498  *                                  p->msg_ctx
499  *                                  &winreg_binding);
500  * @endcode
501  */
502 NTSTATUS rpcint_binding_handle(TALLOC_CTX *mem_ctx,
503                                const struct ndr_interface_table *ndr_table,
504                                struct client_address *client_id,
505                                const struct auth_serversupplied_info *session_info,
506                                struct messaging_context *msg_ctx,
507                                struct dcerpc_binding_handle **binding_handle)
508 {
509         return rpcint_binding_handle_ex(mem_ctx, NULL, ndr_table, client_id,
510                                         session_info, msg_ctx, binding_handle);
511 }
512
513 /**
514  * @internal
515  *
516  * @brief Create a new RPC client context which uses a local transport.
517  *
518  * This creates a local transport. It is a shortcut to directly call the server
519  * functions and avoid marschalling.
520  *
521  * @param[in]  mem_ctx  The memory context to use.
522  *
523  * @param[in]  abstract_syntax Normally the syntax_id of the autogenerated
524  *                             ndr_table_<name>.
525  *
526  * @param[in]  serversupplied_info The server supplied authentication function.
527  *
528  * @param[in]  client_id The client address information.
529  *
530  * @param[in]  msg_ctx  The messaging context to use.
531  *
532  * @param[out] presult  A pointer to store the connected rpc client pipe.
533  *
534  * @return              NT_STATUS_OK on success, a corresponding NT status if an
535  *                      error occured.
536  *
537  * @code
538  *   struct rpc_pipe_client *winreg_pipe;
539  *   NTSTATUS status;
540  *
541  *   status = rpc_pipe_open_internal(tmp_ctx,
542  *                                   &ndr_table_winreg.syntax_id,
543  *                                   p->session_info,
544  *                                   client_id,
545  *                                   &winreg_pipe);
546  * @endcode
547  */
548 NTSTATUS rpc_pipe_open_internal(TALLOC_CTX *mem_ctx,
549                                 const struct ndr_syntax_id *abstract_syntax,
550                                 const struct auth_serversupplied_info *serversupplied_info,
551                                 struct client_address *client_id,
552                                 struct messaging_context *msg_ctx,
553                                 struct rpc_pipe_client **presult)
554 {
555         struct rpc_pipe_client *result;
556         NTSTATUS status;
557
558         result = TALLOC_ZERO_P(mem_ctx, struct rpc_pipe_client);
559         if (result == NULL) {
560                 return NT_STATUS_NO_MEMORY;
561         }
562
563         result->abstract_syntax = *abstract_syntax;
564         result->transfer_syntax = ndr_transfer_syntax;
565
566         if (client_id == NULL) {
567                 static struct client_address unknown;
568                 strlcpy(unknown.addr, "<UNKNOWN>", sizeof(unknown.addr));
569                 unknown.name = "<UNKNOWN>";
570                 client_id = &unknown;
571         }
572
573         result->max_xmit_frag = -1;
574         result->max_recv_frag = -1;
575
576         status = rpcint_binding_handle_ex(result,
577                                           abstract_syntax,
578                                           NULL,
579                                           client_id,
580                                           serversupplied_info,
581                                           msg_ctx,
582                                           &result->binding_handle);
583         if (!NT_STATUS_IS_OK(status)) {
584                 TALLOC_FREE(result);
585                 return status;
586         }
587
588         *presult = result;
589         return NT_STATUS_OK;
590 }
591
592 /****************************************************************************
593  * External pipes functions
594  ***************************************************************************/
595
596
597 struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
598                                 const char *pipe_name,
599                                 const struct tsocket_address *local_address,
600                                 const struct tsocket_address *remote_address,
601                                 const struct auth_serversupplied_info *session_info)
602 {
603         struct np_proxy_state *result;
604         char *socket_np_dir;
605         const char *socket_dir;
606         struct tevent_context *ev;
607         struct tevent_req *subreq;
608         struct auth_session_info_transport *session_info_t;
609         struct auth_user_info_dc *user_info_dc;
610         union netr_Validation val;
611         NTSTATUS status;
612         bool ok;
613         int ret;
614         int sys_errno;
615
616         result = talloc(mem_ctx, struct np_proxy_state);
617         if (result == NULL) {
618                 DEBUG(0, ("talloc failed\n"));
619                 return NULL;
620         }
621
622         result->read_queue = tevent_queue_create(result, "np_read");
623         if (result->read_queue == NULL) {
624                 DEBUG(0, ("tevent_queue_create failed\n"));
625                 goto fail;
626         }
627
628         result->write_queue = tevent_queue_create(result, "np_write");
629         if (result->write_queue == NULL) {
630                 DEBUG(0, ("tevent_queue_create failed\n"));
631                 goto fail;
632         }
633
634         ev = s3_tevent_context_init(talloc_tos());
635         if (ev == NULL) {
636                 DEBUG(0, ("s3_tevent_context_init failed\n"));
637                 goto fail;
638         }
639
640         socket_dir = lp_parm_const_string(
641                 GLOBAL_SECTION_SNUM, "external_rpc_pipe", "socket_dir",
642                 lp_ncalrpc_dir());
643         if (socket_dir == NULL) {
644                 DEBUG(0, ("externan_rpc_pipe:socket_dir not set\n"));
645                 goto fail;
646         }
647         socket_np_dir = talloc_asprintf(talloc_tos(), "%s/np", socket_dir);
648         if (socket_np_dir == NULL) {
649                 DEBUG(0, ("talloc_asprintf failed\n"));
650                 goto fail;
651         }
652
653         session_info_t = talloc_zero(talloc_tos(), struct auth_session_info_transport);
654         if (session_info_t == NULL) {
655                 DEBUG(0, ("talloc failed\n"));
656                 goto fail;
657         }
658
659         /* Send the named_pipe_auth server the user's full token */
660         session_info_t->security_token = session_info->security_token;
661         session_info_t->session_key = session_info->user_session_key;
662
663         val.sam3 = session_info->info3;
664
665         /* Convert into something we can build a struct
666          * auth_session_info_transport from.  Most of the work here
667          * will be to convert the SIDS, which we will then ignore, but
668          * this is the easier way to handle it */
669         status = make_user_info_dc_netlogon_validation(talloc_tos(), "", 3, &val, &user_info_dc);
670         if (!NT_STATUS_IS_OK(status)) {
671                 DEBUG(0, ("conversion of info3 into user_info_dc failed!\n"));
672                 goto fail;
673         }
674
675         session_info_t->info = talloc_move(session_info_t, &user_info_dc->info);
676         talloc_free(user_info_dc);
677
678         become_root();
679         subreq = tstream_npa_connect_send(talloc_tos(), ev,
680                                           socket_np_dir,
681                                           pipe_name,
682                                           remote_address, /* client_addr */
683                                           NULL, /* client_name */
684                                           local_address, /* server_addr */
685                                           NULL, /* server_name */
686                                           session_info_t);
687         if (subreq == NULL) {
688                 unbecome_root();
689                 DEBUG(0, ("tstream_npa_connect_send to %s for pipe %s and "
690                           "user %s\\%s failed\n",
691                           socket_np_dir, pipe_name, session_info_t->info->domain_name,
692                           session_info_t->info->account_name));
693                 goto fail;
694         }
695         ok = tevent_req_poll(subreq, ev);
696         unbecome_root();
697         if (!ok) {
698                 DEBUG(0, ("tevent_req_poll to %s for pipe %s and user %s\\%s "
699                           "failed for tstream_npa_connect: %s\n",
700                           socket_np_dir, pipe_name, session_info_t->info->domain_name,
701                           session_info_t->info->account_name,
702                           strerror(errno)));
703                 goto fail;
704
705         }
706         ret = tstream_npa_connect_recv(subreq, &sys_errno,
707                                        result,
708                                        &result->npipe,
709                                        &result->file_type,
710                                        &result->device_state,
711                                        &result->allocation_size);
712         TALLOC_FREE(subreq);
713         if (ret != 0) {
714                 DEBUG(0, ("tstream_npa_connect_recv  to %s for pipe %s and "
715                           "user %s\\%s failed: %s\n",
716                           socket_np_dir, pipe_name, session_info_t->info->domain_name,
717                           session_info_t->info->account_name,
718                           strerror(sys_errno)));
719                 goto fail;
720         }
721
722         return result;
723
724  fail:
725         TALLOC_FREE(result);
726         return NULL;
727 }
728
729 static NTSTATUS rpc_pipe_open_external(TALLOC_CTX *mem_ctx,
730                                 const char *pipe_name,
731                                 const struct ndr_syntax_id *abstract_syntax,
732                                 const struct auth_serversupplied_info *session_info,
733                                 struct rpc_pipe_client **_result)
734 {
735         struct tsocket_address *local, *remote;
736         struct rpc_pipe_client *result = NULL;
737         struct np_proxy_state *proxy_state = NULL;
738         struct pipe_auth_data *auth;
739         NTSTATUS status;
740         int ret;
741
742         /* this is an internal connection, fake up ip addresses */
743         ret = tsocket_address_inet_from_strings(talloc_tos(), "ip",
744                                                 NULL, 0, &local);
745         if (ret) {
746                 return NT_STATUS_NO_MEMORY;
747         }
748         ret = tsocket_address_inet_from_strings(talloc_tos(), "ip",
749                                                 NULL, 0, &remote);
750         if (ret) {
751                 return NT_STATUS_NO_MEMORY;
752         }
753
754         proxy_state = make_external_rpc_pipe_p(mem_ctx, pipe_name,
755                                                 local, remote, session_info);
756         if (!proxy_state) {
757                 return NT_STATUS_UNSUCCESSFUL;
758         }
759
760         result = talloc_zero(mem_ctx, struct rpc_pipe_client);
761         if (result == NULL) {
762                 status = NT_STATUS_NO_MEMORY;
763                 goto done;
764         }
765
766         result->abstract_syntax = *abstract_syntax;
767         result->transfer_syntax = ndr_transfer_syntax;
768
769         result->desthost = get_myname(result);
770         result->srv_name_slash = talloc_asprintf_strupper_m(
771                 result, "\\\\%s", result->desthost);
772         if ((result->desthost == NULL) || (result->srv_name_slash == NULL)) {
773                 status = NT_STATUS_NO_MEMORY;
774                 goto done;
775         }
776
777         result->max_xmit_frag = RPC_MAX_PDU_FRAG_LEN;
778         result->max_recv_frag = RPC_MAX_PDU_FRAG_LEN;
779
780         status = rpc_transport_tstream_init(result,
781                                             &proxy_state->npipe,
782                                             &result->transport);
783         if (!NT_STATUS_IS_OK(status)) {
784                 goto done;
785         }
786
787         result->binding_handle = rpccli_bh_create(result);
788         if (result->binding_handle == NULL) {
789                 status = NT_STATUS_NO_MEMORY;
790                 DEBUG(0, ("Failed to create binding handle.\n"));
791                 goto done;
792         }
793
794         result->auth = talloc_zero(result, struct pipe_auth_data);
795         if (!result->auth) {
796                 status = NT_STATUS_NO_MEMORY;
797                 goto done;
798         }
799         result->auth->auth_type = DCERPC_AUTH_TYPE_NONE;
800         result->auth->auth_level = DCERPC_AUTH_LEVEL_NONE;
801
802         status = rpccli_anon_bind_data(result, &auth);
803         if (!NT_STATUS_IS_OK(status)) {
804                 DEBUG(0, ("Failed to initialize anonymous bind.\n"));
805                 goto done;
806         }
807
808         status = rpc_pipe_bind(result, auth);
809         if (!NT_STATUS_IS_OK(status)) {
810                 DEBUG(0, ("Failed to bind external pipe.\n"));
811                 goto done;
812         }
813
814 done:
815         if (!NT_STATUS_IS_OK(status)) {
816                 TALLOC_FREE(result);
817         }
818         TALLOC_FREE(proxy_state);
819         *_result = result;
820         return status;
821 }
822
823 /**
824  * @brief Create a new RPC client context which uses a local dispatch function.
825  *
826  * @param mem_ctx       The memory context on which thje pipe will ultimately
827  *                      be allocated
828  * @param name          The pipe name to connect to.
829  * @param session_info  Credentials to use for the connection.
830  * @param pipe          [in|out] Checks if a pipe is connected, and connects it
831  *                               if not
832  *
833  * @return              NT_STATUS_OK on success, a corresponding NT status if
834  *                      an error occured.
835  */
836
837 NTSTATUS rpc_pipe_open_interface(TALLOC_CTX *mem_ctx,
838                                  const struct ndr_syntax_id *syntax,
839                                  const struct auth_serversupplied_info *session_info,
840                                  struct client_address *client_id,
841                                  struct messaging_context *msg_ctx,
842                                  struct rpc_pipe_client **cli_pipe)
843 {
844         struct rpc_pipe_client *cli = NULL;
845         const char *server_type;
846         const char *pipe_name;
847         NTSTATUS status;
848         TALLOC_CTX *tmp_ctx;
849
850         if (cli_pipe && rpccli_is_connected(*cli_pipe)) {
851                 return NT_STATUS_OK;
852         } else {
853                 TALLOC_FREE(*cli_pipe);
854         }
855
856         tmp_ctx = talloc_stackframe();
857         if (tmp_ctx == NULL) {
858                 return NT_STATUS_NO_MEMORY;
859         }
860
861         pipe_name = get_pipe_name_from_syntax(tmp_ctx, syntax);
862         if (pipe_name == NULL) {
863                 status = NT_STATUS_INVALID_PARAMETER;
864                 goto done;
865         }
866
867         while (pipe_name[0] == '\\') {
868                 pipe_name++;
869         }
870
871         DEBUG(5, ("Connecting to %s pipe.\n", pipe_name));
872
873         server_type = lp_parm_const_string(GLOBAL_SECTION_SNUM,
874                                            "rpc_server", pipe_name,
875                                            "embedded");
876
877         if (StrCaseCmp(server_type, "embedded") == 0) {
878                 status = rpc_pipe_open_internal(tmp_ctx,
879                                                 syntax, session_info,
880                                                 client_id, msg_ctx,
881                                                 &cli);
882                 if (!NT_STATUS_IS_OK(status)) {
883                         goto done;
884                 }
885         } else if (StrCaseCmp(server_type, "daemon") == 0 ||
886                    StrCaseCmp(server_type, "external") == 0) {
887                 /* It would be nice to just use rpc_pipe_open_ncalrpc() but
888                  * for now we need to use the special proxy setup to connect
889                  * to spoolssd. */
890
891                 status = rpc_pipe_open_external(tmp_ctx,
892                                                 pipe_name, syntax,
893                                                 session_info,
894                                                 &cli);
895                 if (!NT_STATUS_IS_OK(status)) {
896                         goto done;
897                 }
898         } else {
899                 status = NT_STATUS_NOT_IMPLEMENTED;
900                 DEBUG(0, ("Wrong servertype specified in config file: %s",
901                           nt_errstr(status)));
902                 goto done;
903         }
904
905         status = NT_STATUS_OK;
906 done:
907         if (NT_STATUS_IS_OK(status)) {
908                 *cli_pipe = talloc_move(mem_ctx, &cli);
909         }
910         TALLOC_FREE(tmp_ctx);
911         return status;
912 }