search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
idl: rebuild drsuapi.idl
[Samba/aatanasov.git] / source4 / smbd / service_named_pipe.c
blobf82d91e867ec0340dec8e18c4313d90901e3f4ff
1 /*
2 Unix SMB/CIFS implementation.
3
4 helper functions for NAMED PIPE servers
5
6 Copyright (C) Stefan (metze) Metzmacher 2008
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include <tevent.h>
24 #include "lib/socket/socket.h"
25 #include "smbd/service.h"
26 #include "param/param.h"
27 #include "auth/session.h"
28 #include "auth/auth_sam_reply.h"
29 #include "lib/stream/packet.h"
30 #include "librpc/gen_ndr/ndr_named_pipe_auth.h"
31 #include "system/passwd.h"
32 #include "libcli/raw/smb.h"
33
34 struct named_pipe_socket {
35 const char *pipe_name;
36 const char *pipe_path;
37 const struct stream_server_ops *ops;
38 void *private_data;
39 };
40
41 struct named_pipe_connection {
42 struct stream_connection *connection;
43 struct packet_context *packet;
44 const struct named_pipe_socket *pipe_sock;
45 NTSTATUS status;
46 };
47
48 static void named_pipe_handover_connection(void *private_data)
49 {
50 struct named_pipe_connection *pipe_conn = talloc_get_type(
51 private_data, struct named_pipe_connection);
52 struct stream_connection *conn = pipe_conn->connection;
53
54 TEVENT_FD_NOT_WRITEABLE(conn->event.fde);
55
56 if (!NT_STATUS_IS_OK(pipe_conn->status)) {
57 stream_terminate_connection(conn, nt_errstr(pipe_conn->status));
58 return;
59 }
60
61 /*
62 * remove the named_pipe layer together with its packet layer
63 */
64 conn->ops = pipe_conn->pipe_sock->ops;
65 conn->private_data = pipe_conn->pipe_sock->private_data;
66 talloc_free(pipe_conn);
67
68 /* we're now ready to start receiving events on this stream */
69 TEVENT_FD_READABLE(conn->event.fde);
70
71 /*
72 * hand over to the real pipe implementation,
73 * now that we have setup the transport session_info
74 */
75 conn->ops->accept_connection(conn);
76
77 DEBUG(10,("named_pipe_handover_connection[%s]: succeeded\n",
78 conn->ops->name));
79 }
80
81 static NTSTATUS named_pipe_recv_auth_request(void *private_data,
82 DATA_BLOB req_blob)
83 {
84 struct named_pipe_connection *pipe_conn = talloc_get_type(
85 private_data, struct named_pipe_connection);
86 struct stream_connection *conn = pipe_conn->connection;
87 enum ndr_err_code ndr_err;
88 struct named_pipe_auth_req req;
89 union netr_Validation val;
90 struct auth_serversupplied_info *server_info;
91 struct named_pipe_auth_rep rep;
92 DATA_BLOB rep_blob;
93 NTSTATUS status;
94
95 /*
96 * make sure nothing happens on the socket untill the
97 * real implemenation takes over
98 */
99 packet_recv_disable(pipe_conn->packet);
100
101 /*
102 * TODO: check it's a root (uid == 0) pipe
103 */
104
105 ZERO_STRUCT(rep);
106 rep.level = 0;
107 rep.status = NT_STATUS_INTERNAL_ERROR;
108
109 DEBUG(10,("named_pipe_auth: req_blob.length[%u]\n",
110 (unsigned int)req_blob.length));
111 dump_data(11, req_blob.data, req_blob.length);
112
113 /* parse the passed credentials */
114 ndr_err = ndr_pull_struct_blob_all(
115 &req_blob,
116 pipe_conn,
117 lp_iconv_convenience(conn->lp_ctx),
118 &req,
119 (ndr_pull_flags_fn_t)ndr_pull_named_pipe_auth_req);
120 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
121 rep.status = ndr_map_error2ntstatus(ndr_err);
122 DEBUG(2, ("Could not unmarshall named_pipe_auth_req: %s\n",
123 nt_errstr(rep.status)));
124 goto reply;
125 }
126
127 if (DEBUGLVL(10)) {
128 NDR_PRINT_DEBUG(named_pipe_auth_req, &req);
129 }
130
131 if (strcmp(NAMED_PIPE_AUTH_MAGIC, req.magic) != 0) {
132 DEBUG(2, ("named_pipe_auth_req: invalid magic '%s' != %s\n",
133 req.magic, NAMED_PIPE_AUTH_MAGIC));
134 rep.status = NT_STATUS_INVALID_PARAMETER;
135 goto reply;
136 }
137
138 switch (req.level) {
139 case 0:
140 /*
141 * anon connection, we don't create a session info
142 * and leave it NULL
143 */
144 rep.level = 0;
145 rep.status = NT_STATUS_OK;
146 break;
147 case 1:
148 val.sam3 = &req.info.info1;
149
150 rep.level = 1;
151 rep.status = make_server_info_netlogon_validation(pipe_conn,
152 "TODO",
153 3, &val,
154 &server_info);
155 if (!NT_STATUS_IS_OK(rep.status)) {
156 DEBUG(2, ("make_server_info_netlogon_validation returned "
157 "%s\n", nt_errstr(rep.status)));
158 goto reply;
159 }
160
161 /* setup the session_info on the connection */
162 rep.status = auth_generate_session_info(conn,
163 conn->event.ctx,
164 conn->lp_ctx,
165 server_info,
166 &conn->session_info);
167 if (!NT_STATUS_IS_OK(rep.status)) {
168 DEBUG(2, ("auth_generate_session_info failed: %s\n",
169 nt_errstr(rep.status)));
170 goto reply;
171 }
172
173 break;
174 case 2:
175 rep.level = 2;
176 rep.info.info2.file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
177 rep.info.info2.device_state = 0xff | 0x0400 | 0x0100;
178 rep.info.info2.allocation_size = 4096;
179
180 if (!req.info.info2.sam_info3) {
181 /*
182 * anon connection, we don't create a session info
183 * and leave it NULL
184 */
185 rep.status = NT_STATUS_OK;
186 break;
187 }
188
189 val.sam3 = req.info.info2.sam_info3;
190
191 rep.status = make_server_info_netlogon_validation(pipe_conn,
192 val.sam3->base.account_name.string,
193 3, &val, &server_info);
194 if (!NT_STATUS_IS_OK(rep.status)) {
195 DEBUG(2, ("make_server_info_netlogon_validation returned "
196 "%s\n", nt_errstr(rep.status)));
197 goto reply;
198 }
199
200 /* setup the session_info on the connection */
201 rep.status = auth_generate_session_info(conn,
202 conn->event.ctx,
203 conn->lp_ctx,
204 server_info,
205 &conn->session_info);
206 if (!NT_STATUS_IS_OK(rep.status)) {
207 DEBUG(2, ("auth_generate_session_info failed: %s\n",
208 nt_errstr(rep.status)));
209 goto reply;
210 }
211
212 conn->session_info->session_key = data_blob_const(req.info.info2.session_key,
213 req.info.info2.session_key_length);
214 talloc_steal(conn->session_info, req.info.info2.session_key);
215
216 break;
217 default:
218 DEBUG(2, ("named_pipe_auth_req: unknown level %u\n",
219 req.level));
220 rep.level = 0;
221 rep.status = NT_STATUS_INVALID_LEVEL;
222 goto reply;
223 }
224
225 reply:
226 /* create the output */
227 ndr_err = ndr_push_struct_blob(&rep_blob, pipe_conn,
228 lp_iconv_convenience(conn->lp_ctx),
229 &rep,
230 (ndr_push_flags_fn_t)ndr_push_named_pipe_auth_rep);
231 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
232 status = ndr_map_error2ntstatus(ndr_err);
233 DEBUG(2, ("Could not marshall named_pipe_auth_rep: %s\n",
234 nt_errstr(status)));
235 return status;
236 }
237
238 DEBUG(10,("named_pipe_auth reply[%u]\n", rep_blob.length));
239 dump_data(11, rep_blob.data, rep_blob.length);
240 if (DEBUGLVL(10)) {
241 NDR_PRINT_DEBUG(named_pipe_auth_rep, &rep);
242 }
243
244 pipe_conn->status = rep.status;
245 status = packet_send_callback(pipe_conn->packet, rep_blob,
246 named_pipe_handover_connection,
247 pipe_conn);
248 if (!NT_STATUS_IS_OK(status)) {
249 DEBUG(0, ("packet_send_callback returned %s\n",
250 nt_errstr(status)));
251 return status;
252 }
253
254 return NT_STATUS_OK;
255 }
256
257 /*
258 called when a pipe socket becomes readable
259 */
260 static void named_pipe_recv(struct stream_connection *conn, uint16_t flags)
261 {
262 struct named_pipe_connection *pipe_conn = talloc_get_type(
263 conn->private_data, struct named_pipe_connection);
264
265 DEBUG(10,("named_pipe_recv\n"));
266
267 packet_recv(pipe_conn->packet);
268 }
269
270 /*
271 called when a pipe socket becomes writable
272 */
273 static void named_pipe_send(struct stream_connection *conn, uint16_t flags)
274 {
275 struct named_pipe_connection *pipe_conn = talloc_get_type(
276 conn->private_data, struct named_pipe_connection);
277
278 packet_queue_run(pipe_conn->packet);
279 }
280
281 /*
282 handle socket recv errors
283 */
284 static void named_pipe_recv_error(void *private_data, NTSTATUS status)
285 {
286 struct named_pipe_connection *pipe_conn = talloc_get_type(
287 private_data, struct named_pipe_connection);
288
289 stream_terminate_connection(pipe_conn->connection, nt_errstr(status));
290 }
291
292 static NTSTATUS named_pipe_full_request(void *private_data, DATA_BLOB blob, size_t *size)
293 {
294 if (blob.length < 8) {
295 return STATUS_MORE_ENTRIES;
296 }
297
298 if (memcmp(NAMED_PIPE_AUTH_MAGIC, &blob.data[4], 4) != 0) {
299 DEBUG(0,("named_pipe_full_request: wrong protocol\n"));
300 *size = blob.length;
301 /* the error will be handled in named_pipe_recv_auth_request */
302 return NT_STATUS_OK;
303 }
304
305 *size = 4 + RIVAL(blob.data, 0);
306 if (*size > blob.length) {
307 return STATUS_MORE_ENTRIES;
308 }
309
310 return NT_STATUS_OK;
311 }
312
313 static void named_pipe_accept(struct stream_connection *conn)
314 {
315 struct named_pipe_socket *pipe_sock = talloc_get_type(
316 conn->private_data, struct named_pipe_socket);
317 struct named_pipe_connection *pipe_conn;
318
319 DEBUG(5,("named_pipe_accept\n"));
320
321 pipe_conn = talloc_zero(conn, struct named_pipe_connection);
322 if (!pipe_conn) {
323 stream_terminate_connection(conn, "out of memory");
324 return;
325 }
326
327 pipe_conn->packet = packet_init(pipe_conn);
328 if (!pipe_conn->packet) {
329 stream_terminate_connection(conn, "out of memory");
330 return;
331 }
332 packet_set_private(pipe_conn->packet, pipe_conn);
333 packet_set_socket(pipe_conn->packet, conn->socket);
334 packet_set_callback(pipe_conn->packet, named_pipe_recv_auth_request);
335 packet_set_full_request(pipe_conn->packet, named_pipe_full_request);
336 packet_set_error_handler(pipe_conn->packet, named_pipe_recv_error);
337 packet_set_event_context(pipe_conn->packet, conn->event.ctx);
338 packet_set_fde(pipe_conn->packet, conn->event.fde);
339 packet_set_serialise(pipe_conn->packet);
340 packet_set_initial_read(pipe_conn->packet, 8);
341
342 pipe_conn->pipe_sock = pipe_sock;
343
344 pipe_conn->connection = conn;
345 conn->private_data = pipe_conn;
346 }
347
348 static const struct stream_server_ops named_pipe_stream_ops = {
349 .name = "named_pipe",
350 .accept_connection = named_pipe_accept,
351 .recv_handler = named_pipe_recv,
352 .send_handler = named_pipe_send,
353 };
354
355 NTSTATUS stream_setup_named_pipe(struct tevent_context *event_context,
356 struct loadparm_context *lp_ctx,
357 const struct model_ops *model_ops,
358 const struct stream_server_ops *stream_ops,
359 const char *pipe_name,
360 void *private_data)
361 {
362 char *dirname;
363 struct named_pipe_socket *pipe_sock;
364 NTSTATUS status = NT_STATUS_NO_MEMORY;;
365
366 pipe_sock = talloc(event_context, struct named_pipe_socket);
367 if (pipe_sock == NULL) {
368 goto fail;
369 }
370
371 /* remember the details about the pipe */
372 pipe_sock->pipe_name = talloc_strdup(pipe_sock, pipe_name);
373 if (pipe_sock->pipe_name == NULL) {
374 goto fail;
375 }
376
377 dirname = talloc_asprintf(pipe_sock, "%s/np", lp_ncalrpc_dir(lp_ctx));
378 if (dirname == NULL) {
379 goto fail;
380 }
381
382 if (!directory_create_or_exist(dirname, geteuid(), 0700)) {
383 status = map_nt_error_from_unix(errno);
384 goto fail;
385 }
386
387 if (strncmp(pipe_name, "\\pipe\\", 6) == 0) {
388 pipe_name += 6;
389 }
390
391 pipe_sock->pipe_path = talloc_asprintf(pipe_sock, "%s/%s", dirname,
392 pipe_name);
393 if (pipe_sock->pipe_path == NULL) {
394 goto fail;
395 }
396
397 talloc_free(dirname);
398
399 pipe_sock->ops = stream_ops;
400 pipe_sock->private_data = talloc_reference(pipe_sock, private_data);
401
402 status = stream_setup_socket(event_context,
403 lp_ctx,
404 model_ops,
405 &named_pipe_stream_ops,
406 "unix",
407 pipe_sock->pipe_path,
408 NULL,
409 NULL,
410 pipe_sock);
411 if (!NT_STATUS_IS_OK(status)) {
412 goto fail;
413 }
414 return NT_STATUS_OK;
415
416 fail:
417 talloc_free(pipe_sock);
418 return status;
419 }
aatanasov's samba4 branch