2 Unix SMB/CIFS implementation.
4 dcerpc over standard sockets transport
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Jelmer Vernooij 2004
8 Copyright (C) Rafal Szczesniak 2006
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "lib/events/events.h"
26 #include "lib/socket/socket.h"
27 #include "lib/stream/packet.h"
28 #include "libcli/composite/composite.h"
29 #include "librpc/rpc/dcerpc.h"
30 #include "librpc/rpc/dcerpc_proto.h"
31 #include "libcli/resolve/resolve.h"
33 /* transport private information used by general socket pipe transports */
35 struct tevent_fd
*fde
;
36 struct socket_context
*sock
;
39 struct packet_context
*packet
;
40 uint32_t pending_reads
;
42 const char *path
; /* For ncacn_unix_sock and ncalrpc */
49 static void sock_dead(struct dcerpc_connection
*p
, NTSTATUS status
)
51 struct sock_private
*sock
= (struct sock_private
*)p
->transport
.private_data
;
56 packet_recv_disable(sock
->packet
);
57 packet_set_fde(sock
->packet
, NULL
);
58 packet_set_socket(sock
->packet
, NULL
);
62 talloc_free(sock
->fde
);
67 talloc_free(sock
->sock
);
71 if (NT_STATUS_EQUAL(NT_STATUS_UNSUCCESSFUL
, status
)) {
72 status
= NT_STATUS_UNEXPECTED_NETWORK_ERROR
;
75 if (NT_STATUS_EQUAL(NT_STATUS_OK
, status
)) {
76 status
= NT_STATUS_END_OF_FILE
;
79 if (p
->transport
.recv_data
) {
80 p
->transport
.recv_data(p
, NULL
, status
);
86 handle socket recv errors
88 static void sock_error_handler(void *private_data
, NTSTATUS status
)
90 struct dcerpc_connection
*p
= talloc_get_type(private_data
,
91 struct dcerpc_connection
);
96 check if a blob is a complete packet
98 static NTSTATUS
sock_complete_packet(void *private_data
, DATA_BLOB blob
, size_t *size
)
100 if (blob
.length
< DCERPC_FRAG_LEN_OFFSET
+2) {
101 return STATUS_MORE_ENTRIES
;
103 *size
= dcerpc_get_frag_length(&blob
);
104 if (*size
> blob
.length
) {
105 return STATUS_MORE_ENTRIES
;
111 process recv requests
113 static NTSTATUS
sock_process_recv(void *private_data
, DATA_BLOB blob
)
115 struct dcerpc_connection
*p
= talloc_get_type(private_data
,
116 struct dcerpc_connection
);
117 struct sock_private
*sock
= (struct sock_private
*)p
->transport
.private_data
;
118 sock
->pending_reads
--;
119 if (sock
->pending_reads
== 0) {
120 packet_recv_disable(sock
->packet
);
122 p
->transport
.recv_data(p
, &blob
, NT_STATUS_OK
);
127 called when a IO is triggered by the events system
129 static void sock_io_handler(struct tevent_context
*ev
, struct tevent_fd
*fde
,
130 uint16_t flags
, void *private_data
)
132 struct dcerpc_connection
*p
= talloc_get_type(private_data
,
133 struct dcerpc_connection
);
134 struct sock_private
*sock
= (struct sock_private
*)p
->transport
.private_data
;
136 if (flags
& EVENT_FD_WRITE
) {
137 packet_queue_run(sock
->packet
);
141 if (sock
->sock
== NULL
) {
145 if (flags
& EVENT_FD_READ
) {
146 packet_recv(sock
->packet
);
151 initiate a read request - not needed for dcerpc sockets
153 static NTSTATUS
sock_send_read(struct dcerpc_connection
*p
)
155 struct sock_private
*sock
= (struct sock_private
*)p
->transport
.private_data
;
156 sock
->pending_reads
++;
157 if (sock
->pending_reads
== 1) {
158 packet_recv_enable(sock
->packet
);
164 send an initial pdu in a multi-pdu sequence
166 static NTSTATUS
sock_send_request(struct dcerpc_connection
*p
, DATA_BLOB
*data
,
169 struct sock_private
*sock
= (struct sock_private
*)p
->transport
.private_data
;
173 if (sock
->sock
== NULL
) {
174 return NT_STATUS_CONNECTION_DISCONNECTED
;
177 blob
= data_blob_talloc(sock
->packet
, data
->data
, data
->length
);
178 if (blob
.data
== NULL
) {
179 return NT_STATUS_NO_MEMORY
;
182 status
= packet_send(sock
->packet
, blob
);
183 if (!NT_STATUS_IS_OK(status
)) {
195 shutdown sock pipe connection
197 static NTSTATUS
sock_shutdown_pipe(struct dcerpc_connection
*p
, NTSTATUS status
)
199 struct sock_private
*sock
= (struct sock_private
*)p
->transport
.private_data
;
201 if (sock
&& sock
->sock
) {
202 sock_dead(p
, status
);
209 return sock server name
211 static const char *sock_peer_name(struct dcerpc_connection
*p
)
213 struct sock_private
*sock
= talloc_get_type(p
->transport
.private_data
, struct sock_private
);
214 return sock
->server_name
;
218 return remote name we make the actual connection (good for kerberos)
220 static const char *sock_target_hostname(struct dcerpc_connection
*p
)
222 struct sock_private
*sock
= talloc_get_type(p
->transport
.private_data
, struct sock_private
);
223 return sock
->server_name
;
227 struct pipe_open_socket_state
{
228 struct dcerpc_connection
*conn
;
229 struct socket_context
*socket_ctx
;
230 struct sock_private
*sock
;
231 struct socket_address
*localaddr
;
232 struct socket_address
*server
;
233 const char *target_hostname
;
234 enum dcerpc_transport_t transport
;
238 static void continue_socket_connect(struct composite_context
*ctx
)
240 struct dcerpc_connection
*conn
;
241 struct sock_private
*sock
;
242 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
243 struct composite_context
);
244 struct pipe_open_socket_state
*s
= talloc_get_type(c
->private_data
,
245 struct pipe_open_socket_state
);
247 /* make it easier to write a function calls */
251 c
->status
= socket_connect_recv(ctx
);
252 if (!NT_STATUS_IS_OK(c
->status
)) {
253 DEBUG(0, ("Failed to connect host %s on port %d - %s\n",
254 s
->server
->addr
, s
->server
->port
,
255 nt_errstr(c
->status
)));
256 composite_error(c
, c
->status
);
261 fill in the transport methods
263 conn
->transport
.transport
= s
->transport
;
264 conn
->transport
.private_data
= NULL
;
266 conn
->transport
.send_request
= sock_send_request
;
267 conn
->transport
.send_read
= sock_send_read
;
268 conn
->transport
.recv_data
= NULL
;
270 conn
->transport
.shutdown_pipe
= sock_shutdown_pipe
;
271 conn
->transport
.peer_name
= sock_peer_name
;
272 conn
->transport
.target_hostname
= sock_target_hostname
;
274 sock
->sock
= s
->socket_ctx
;
275 sock
->pending_reads
= 0;
276 sock
->server_name
= strupper_talloc(sock
, s
->target_hostname
);
278 sock
->fde
= event_add_fd(conn
->event_ctx
, sock
->sock
, socket_get_fd(sock
->sock
),
279 EVENT_FD_READ
, sock_io_handler
, conn
);
281 conn
->transport
.private_data
= sock
;
283 sock
->packet
= packet_init(sock
);
284 if (sock
->packet
== NULL
) {
285 composite_error(c
, NT_STATUS_NO_MEMORY
);
290 packet_set_private(sock
->packet
, conn
);
291 packet_set_socket(sock
->packet
, sock
->sock
);
292 packet_set_callback(sock
->packet
, sock_process_recv
);
293 packet_set_full_request(sock
->packet
, sock_complete_packet
);
294 packet_set_error_handler(sock
->packet
, sock_error_handler
);
295 packet_set_event_context(sock
->packet
, conn
->event_ctx
);
296 packet_set_fde(sock
->packet
, sock
->fde
);
297 packet_set_serialise(sock
->packet
);
298 packet_set_initial_read(sock
->packet
, 16);
300 /* ensure we don't get SIGPIPE */
301 BlockSignals(true, SIGPIPE
);
307 static struct composite_context
*dcerpc_pipe_open_socket_send(TALLOC_CTX
*mem_ctx
,
308 struct dcerpc_connection
*cn
,
309 struct socket_address
*localaddr
,
310 struct socket_address
*server
,
311 const char *target_hostname
,
312 const char *full_path
,
313 enum dcerpc_transport_t transport
)
315 struct composite_context
*c
;
316 struct pipe_open_socket_state
*s
;
317 struct composite_context
*conn_req
;
319 c
= composite_create(mem_ctx
, cn
->event_ctx
);
320 if (c
== NULL
) return NULL
;
322 s
= talloc_zero(c
, struct pipe_open_socket_state
);
323 if (composite_nomem(s
, c
)) return c
;
327 s
->transport
= transport
;
329 s
->localaddr
= talloc_reference(c
, localaddr
);
330 if (composite_nomem(s
->localaddr
, c
)) return c
;
332 s
->server
= talloc_reference(c
, server
);
333 if (composite_nomem(s
->server
, c
)) return c
;
334 s
->target_hostname
= talloc_reference(s
, target_hostname
);
336 s
->sock
= talloc(cn
, struct sock_private
);
337 if (composite_nomem(s
->sock
, c
)) return c
;
339 c
->status
= socket_create(server
->family
, SOCKET_TYPE_STREAM
, &s
->socket_ctx
, 0);
340 if (!composite_is_ok(c
)) return c
;
342 talloc_steal(s
->sock
, s
->socket_ctx
);
344 s
->sock
->path
= talloc_reference(s
->sock
, full_path
);
346 conn_req
= socket_connect_send(s
->socket_ctx
, s
->localaddr
, s
->server
, 0,
348 composite_continue(c
, conn_req
, continue_socket_connect
, c
);
353 static NTSTATUS
dcerpc_pipe_open_socket_recv(struct composite_context
*c
)
355 NTSTATUS status
= composite_wait(c
);
361 struct pipe_tcp_state
{
363 const char *target_hostname
;
366 struct socket_address
*localaddr
;
367 struct socket_address
*srvaddr
;
368 struct resolve_context
*resolve_ctx
;
369 struct dcerpc_connection
*conn
;
373 #if 0 /* disabled till we can resolve names to ipv6 addresses */
374 static void continue_ipv6_open_socket(struct composite_context
*ctx
);
376 static void continue_ipv4_open_socket(struct composite_context
*ctx
);
377 static void continue_ip_resolve_name(struct composite_context
*ctx
);
379 static void continue_ip_resolve_name(struct composite_context
*ctx
)
381 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
382 struct composite_context
);
383 struct pipe_tcp_state
*s
= talloc_get_type(c
->private_data
,
384 struct pipe_tcp_state
);
385 struct composite_context
*sock_ipv4_req
;
387 c
->status
= resolve_name_recv(ctx
, s
, &s
->address
);
388 if (!composite_is_ok(c
)) return;
390 /* prepare server address using host ip:port and transport name */
391 s
->srvaddr
= socket_address_from_strings(s
->conn
, "ipv4", s
->address
, s
->port
);
392 if (composite_nomem(s
->srvaddr
, c
)) return;
394 /* resolve_nbt_name gives only ipv4 ... - send socket open request */
395 sock_ipv4_req
= dcerpc_pipe_open_socket_send(c
, s
->conn
, s
->localaddr
,
396 s
->srvaddr
, s
->target_hostname
,
399 composite_continue(c
, sock_ipv4_req
, continue_ipv4_open_socket
, c
);
403 Stage 2 of dcerpc_pipe_open_tcp_send: receive result of pipe open request
404 on IPv6 and send the request on IPv4 unless IPv6 transport succeeded.
406 #if 0 /* disabled till we can resolve names to ipv6 addresses */
407 static void continue_ipv6_open_socket(struct composite_context
*ctx
)
409 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
410 struct composite_context
);
411 struct pipe_tcp_state
*s
= talloc_get_type(c
->private_data
,
412 struct pipe_tcp_state
);
413 struct composite_context
*sock_ipv4_req
;
415 /* receive result of socket open request */
416 c
->status
= dcerpc_pipe_open_socket_recv(ctx
);
417 if (NT_STATUS_IS_OK(c
->status
)) {
422 talloc_free(s
->srvaddr
);
424 /* prepare server address using host:ip and transport name */
425 s
->srvaddr
= socket_address_from_strings(s
->conn
, "ipv4", s
->address
, s
->port
);
426 if (composite_nomem(s
->srvaddr
, c
)) return;
428 /* try IPv4 if IPv6 fails */
429 sock_ipv4_req
= dcerpc_pipe_open_socket_send(c
, s
->conn
, s
->localaddr
,
430 s
->srvaddr
, s
->target_hostname
,
432 composite_continue(c
, sock_ipv4_req
, continue_ipv4_open_socket
, c
);
437 Stage 2 of dcerpc_pipe_open_tcp_send: receive result of pipe open request
440 static void continue_ipv4_open_socket(struct composite_context
*ctx
)
442 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
443 struct composite_context
);
444 struct pipe_tcp_state
*s
= talloc_get_type(c
->private_data
,
445 struct pipe_tcp_state
);
447 /* receive result socket open request */
448 c
->status
= dcerpc_pipe_open_socket_recv(ctx
);
449 if (!NT_STATUS_IS_OK(c
->status
)) {
450 /* something went wrong... */
451 DEBUG(0, ("Failed to connect host %s (%s) on port %d - %s.\n",
452 s
->address
, s
->target_hostname
,
453 s
->port
, nt_errstr(c
->status
)));
455 composite_error(c
, c
->status
);
463 Send rpc pipe open request to given host:port using
466 struct composite_context
* dcerpc_pipe_open_tcp_send(struct dcerpc_connection
*conn
,
467 const char *localaddr
,
469 const char *target_hostname
,
471 struct resolve_context
*resolve_ctx
)
473 struct composite_context
*c
;
474 struct pipe_tcp_state
*s
;
475 struct composite_context
*resolve_req
;
476 struct nbt_name name
;
478 /* composite context allocation and setup */
479 c
= composite_create(conn
, conn
->event_ctx
);
480 if (c
== NULL
) return NULL
;
482 s
= talloc_zero(c
, struct pipe_tcp_state
);
483 if (composite_nomem(s
, c
)) return c
;
486 /* store input parameters in state structure */
487 s
->server
= talloc_strdup(c
, server
);
488 if (composite_nomem(s
->server
, c
)) return c
;
489 if (target_hostname
) {
490 s
->target_hostname
= talloc_strdup(c
, target_hostname
);
491 if (composite_nomem(s
->target_hostname
, c
)) return c
;
495 s
->resolve_ctx
= resolve_ctx
;
497 s
->localaddr
= socket_address_from_strings(s
, "ip", localaddr
, 0);
498 /* if there is no localaddr, we pass NULL for
499 s->localaddr, which is handled by the socket libraries as
500 meaning no local binding address specified */
503 make_nbt_name_server(&name
, server
);
504 resolve_req
= resolve_name_send(resolve_ctx
, s
, &name
, c
->event_ctx
);
505 composite_continue(c
, resolve_req
, continue_ip_resolve_name
, c
);
510 Receive result of pipe open request on tcp/ip
512 NTSTATUS
dcerpc_pipe_open_tcp_recv(struct composite_context
*c
)
515 status
= composite_wait(c
);
522 struct pipe_unix_state
{
524 struct socket_address
*srvaddr
;
525 struct dcerpc_connection
*conn
;
530 Stage 2 of dcerpc_pipe_open_unix_stream_send: receive result of pipe open
531 request on unix socket.
533 static void continue_unix_open_socket(struct composite_context
*ctx
)
535 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
536 struct composite_context
);
538 c
->status
= dcerpc_pipe_open_socket_recv(ctx
);
539 if (NT_STATUS_IS_OK(c
->status
)) {
544 composite_error(c
, c
->status
);
549 Send pipe open request on unix socket
551 struct composite_context
*dcerpc_pipe_open_unix_stream_send(struct dcerpc_connection
*conn
,
554 struct composite_context
*c
;
555 struct composite_context
*sock_unix_req
;
556 struct pipe_unix_state
*s
;
558 /* composite context allocation and setup */
559 c
= composite_create(conn
, conn
->event_ctx
);
560 if (c
== NULL
) return NULL
;
562 s
= talloc_zero(c
, struct pipe_unix_state
);
563 if (composite_nomem(s
, c
)) return c
;
566 /* store parameters in state structure */
567 s
->path
= talloc_strdup(c
, path
);
568 if (composite_nomem(s
->path
, c
)) return c
;
571 /* prepare server address using socket path and transport name */
572 s
->srvaddr
= socket_address_from_strings(conn
, "unix", s
->path
, 0);
573 if (composite_nomem(s
->srvaddr
, c
)) return c
;
575 /* send socket open request */
576 sock_unix_req
= dcerpc_pipe_open_socket_send(c
, s
->conn
, NULL
,
580 composite_continue(c
, sock_unix_req
, continue_unix_open_socket
, c
);
586 Receive result of pipe open request on unix socket
588 NTSTATUS
dcerpc_pipe_open_unix_stream_recv(struct composite_context
*c
)
590 NTSTATUS status
= composite_wait(c
);
598 Stage 2 of dcerpc_pipe_open_pipe_send: receive socket open request
600 static void continue_np_open_socket(struct composite_context
*ctx
)
602 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
603 struct composite_context
);
605 c
->status
= dcerpc_pipe_open_socket_recv(ctx
);
606 if (!composite_is_ok(c
)) return;
613 Send pipe open request on ncalrpc
615 struct composite_context
* dcerpc_pipe_open_pipe_send(struct dcerpc_connection
*conn
,
616 const char *ncalrpc_dir
,
617 const char *identifier
)
621 struct composite_context
*c
;
622 struct composite_context
*sock_np_req
;
623 struct pipe_unix_state
*s
;
625 /* composite context allocation and setup */
626 c
= composite_create(conn
, conn
->event_ctx
);
627 if (c
== NULL
) return NULL
;
629 s
= talloc_zero(c
, struct pipe_unix_state
);
630 if (composite_nomem(s
, c
)) return c
;
633 /* store parameters in state structure */
634 canon
= talloc_strdup(s
, identifier
);
635 if (composite_nomem(canon
, c
)) return c
;
638 string_replace(canon
, '/', '\\');
639 s
->path
= talloc_asprintf(canon
, "%s/%s", ncalrpc_dir
, canon
);
640 if (composite_nomem(s
->path
, c
)) return c
;
642 /* prepare server address using path and transport name */
643 s
->srvaddr
= socket_address_from_strings(conn
, "unix", s
->path
, 0);
644 if (composite_nomem(s
->srvaddr
, c
)) return c
;
646 /* send socket open request */
647 sock_np_req
= dcerpc_pipe_open_socket_send(c
, s
->conn
, NULL
, s
->srvaddr
, NULL
, s
->path
, NCALRPC
);
648 composite_continue(c
, sock_np_req
, continue_np_open_socket
, c
);
654 Receive result of pipe open request on ncalrpc
656 NTSTATUS
dcerpc_pipe_open_pipe_recv(struct composite_context
*c
)
658 NTSTATUS status
= composite_wait(c
);
666 Open a rpc pipe on a named pipe - sync version
668 NTSTATUS
dcerpc_pipe_open_pipe(struct dcerpc_connection
*conn
, const char *ncalrpc_dir
, const char *identifier
)
670 struct composite_context
*c
= dcerpc_pipe_open_pipe_send(conn
, ncalrpc_dir
, identifier
);
671 return dcerpc_pipe_open_pipe_recv(c
);
674 const char *dcerpc_unix_socket_path(struct dcerpc_connection
*p
)
676 struct sock_private
*sock
= (struct sock_private
*)p
->transport
.private_data
;
680 struct socket_address
*dcerpc_socket_peer_addr(struct dcerpc_connection
*p
, TALLOC_CTX
*mem_ctx
)
682 struct sock_private
*sock
= (struct sock_private
*)p
->transport
.private_data
;
683 return socket_get_peer_addr(sock
->sock
, mem_ctx
);