s3 swat: Add XSRF protection to shares page
[Samba.git] / source4 / smbd / service_named_pipe.c
blob93ae60d69adf5fe64cb4b7280ee30183308c1387
1 /*
2 Unix SMB/CIFS implementation.
4 helper functions for NAMED PIPE servers
6 Copyright (C) Stefan (metze) Metzmacher 2008
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "includes.h"
23 #include <tevent.h>
24 #include "smbd/service.h"
25 #include "param/param.h"
26 #include "auth/session.h"
27 #include "auth/auth_sam_reply.h"
28 #include "lib/stream/packet.h"
29 #include "librpc/gen_ndr/ndr_named_pipe_auth.h"
30 #include "system/passwd.h"
31 #include "libcli/raw/smb.h"
32 #include "auth/credentials/credentials.h"
33 #include "auth/credentials/credentials_krb5.h"
35 struct named_pipe_socket {
36 const char *pipe_name;
37 const char *pipe_path;
38 const struct stream_server_ops *ops;
39 void *private_data;
42 struct named_pipe_connection {
43 struct stream_connection *connection;
44 struct packet_context *packet;
45 const struct named_pipe_socket *pipe_sock;
46 NTSTATUS status;
49 static void named_pipe_handover_connection(void *private_data)
51 struct named_pipe_connection *pipe_conn = talloc_get_type(
52 private_data, struct named_pipe_connection);
53 struct stream_connection *conn = pipe_conn->connection;
55 TEVENT_FD_NOT_WRITEABLE(conn->event.fde);
57 packet_set_socket(pipe_conn->packet, NULL);
58 packet_set_event_context(pipe_conn->packet, NULL);
59 packet_set_fde(pipe_conn->packet, NULL);
60 TALLOC_FREE(pipe_conn->packet);
62 if (!NT_STATUS_IS_OK(pipe_conn->status)) {
63 stream_terminate_connection(conn, nt_errstr(pipe_conn->status));
64 return;
68 * remove the named_pipe layer together with its packet layer
70 conn->ops = pipe_conn->pipe_sock->ops;
71 conn->private_data = pipe_conn->pipe_sock->private_data;
72 talloc_unlink(conn, pipe_conn);
74 /* we're now ready to start receiving events on this stream */
75 TEVENT_FD_READABLE(conn->event.fde);
78 * hand over to the real pipe implementation,
79 * now that we have setup the transport session_info
81 conn->ops->accept_connection(conn);
83 DEBUG(10,("named_pipe_handover_connection[%s]: succeeded\n",
84 conn->ops->name));
87 static NTSTATUS named_pipe_recv_auth_request(void *private_data,
88 DATA_BLOB req_blob)
90 struct named_pipe_connection *pipe_conn = talloc_get_type(
91 private_data, struct named_pipe_connection);
92 struct stream_connection *conn = pipe_conn->connection;
93 enum ndr_err_code ndr_err;
94 struct named_pipe_auth_req req;
95 union netr_Validation val;
96 struct auth_serversupplied_info *server_info;
97 struct named_pipe_auth_rep rep;
98 DATA_BLOB rep_blob;
99 NTSTATUS status;
102 * make sure nothing happens on the socket untill the
103 * real implemenation takes over
105 packet_recv_disable(pipe_conn->packet);
108 * TODO: check it's a root (uid == 0) pipe
111 ZERO_STRUCT(rep);
112 rep.level = 0;
113 rep.status = NT_STATUS_INTERNAL_ERROR;
115 DEBUG(10,("named_pipe_auth: req_blob.length[%u]\n",
116 (unsigned int)req_blob.length));
117 dump_data(11, req_blob.data, req_blob.length);
119 /* parse the passed credentials */
120 ndr_err = ndr_pull_struct_blob_all(
121 &req_blob,
122 pipe_conn,
123 lp_iconv_convenience(conn->lp_ctx),
124 &req,
125 (ndr_pull_flags_fn_t)ndr_pull_named_pipe_auth_req);
126 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
127 rep.status = ndr_map_error2ntstatus(ndr_err);
128 DEBUG(2, ("Could not unmarshall named_pipe_auth_req: %s\n",
129 nt_errstr(rep.status)));
130 goto reply;
133 if (DEBUGLVL(10)) {
134 NDR_PRINT_DEBUG(named_pipe_auth_req, &req);
137 if (strcmp(NAMED_PIPE_AUTH_MAGIC, req.magic) != 0) {
138 DEBUG(2, ("named_pipe_auth_req: invalid magic '%s' != %s\n",
139 req.magic, NAMED_PIPE_AUTH_MAGIC));
140 rep.status = NT_STATUS_INVALID_PARAMETER;
141 goto reply;
144 switch (req.level) {
145 case 0:
147 * anon connection, we don't create a session info
148 * and leave it NULL
150 rep.level = 0;
151 rep.status = NT_STATUS_OK;
152 break;
153 case 1:
154 val.sam3 = &req.info.info1;
156 rep.level = 1;
157 rep.status = make_server_info_netlogon_validation(pipe_conn,
158 "TODO",
159 3, &val,
160 &server_info);
161 if (!NT_STATUS_IS_OK(rep.status)) {
162 DEBUG(2, ("make_server_info_netlogon_validation returned "
163 "%s\n", nt_errstr(rep.status)));
164 goto reply;
167 /* setup the session_info on the connection */
168 rep.status = auth_generate_session_info(conn,
169 conn->event.ctx,
170 conn->lp_ctx,
171 server_info,
172 &conn->session_info);
173 if (!NT_STATUS_IS_OK(rep.status)) {
174 DEBUG(2, ("auth_generate_session_info failed: %s\n",
175 nt_errstr(rep.status)));
176 goto reply;
179 break;
180 case 2:
181 rep.level = 2;
182 rep.info.info2.file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
183 rep.info.info2.device_state = 0xff | 0x0400 | 0x0100;
184 rep.info.info2.allocation_size = 4096;
186 if (!req.info.info2.sam_info3) {
188 * anon connection, we don't create a session info
189 * and leave it NULL
191 rep.status = NT_STATUS_OK;
192 break;
195 val.sam3 = req.info.info2.sam_info3;
197 rep.status = make_server_info_netlogon_validation(pipe_conn,
198 val.sam3->base.account_name.string,
199 3, &val, &server_info);
200 if (!NT_STATUS_IS_OK(rep.status)) {
201 DEBUG(2, ("make_server_info_netlogon_validation returned "
202 "%s\n", nt_errstr(rep.status)));
203 goto reply;
206 /* setup the session_info on the connection */
207 rep.status = auth_generate_session_info(conn,
208 conn->event.ctx,
209 conn->lp_ctx,
210 server_info,
211 &conn->session_info);
212 if (!NT_STATUS_IS_OK(rep.status)) {
213 DEBUG(2, ("auth_generate_session_info failed: %s\n",
214 nt_errstr(rep.status)));
215 goto reply;
218 conn->session_info->session_key = data_blob_const(req.info.info2.session_key,
219 req.info.info2.session_key_length);
220 talloc_steal(conn->session_info, req.info.info2.session_key);
222 break;
223 case 3:
224 rep.level = 3;
225 rep.info.info3.file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
226 rep.info.info3.device_state = 0xff | 0x0400 | 0x0100;
227 rep.info.info3.allocation_size = 4096;
229 if (!req.info.info3.sam_info3) {
231 * anon connection, we don't create a session info
232 * and leave it NULL
234 rep.status = NT_STATUS_OK;
235 break;
238 val.sam3 = req.info.info3.sam_info3;
240 rep.status = make_server_info_netlogon_validation(pipe_conn,
241 val.sam3->base.account_name.string,
242 3, &val, &server_info);
243 if (!NT_STATUS_IS_OK(rep.status)) {
244 DEBUG(2, ("make_server_info_netlogon_validation returned "
245 "%s\n", nt_errstr(rep.status)));
246 goto reply;
249 /* setup the session_info on the connection */
250 rep.status = auth_generate_session_info(conn,
251 conn->event.ctx,
252 conn->lp_ctx,
253 server_info,
254 &conn->session_info);
255 if (!NT_STATUS_IS_OK(rep.status)) {
256 DEBUG(2, ("auth_generate_session_info failed: %s\n",
257 nt_errstr(rep.status)));
258 goto reply;
261 if (req.info.info3.gssapi_delegated_creds_length) {
262 OM_uint32 minor_status;
263 gss_buffer_desc cred_token;
264 gss_cred_id_t cred_handle;
265 int ret;
267 DEBUG(10, ("named_pipe_auth: delegated credentials supplied by client\n"));
269 cred_token.value = req.info.info3.gssapi_delegated_creds;
270 cred_token.length = req.info.info3.gssapi_delegated_creds_length;
272 ret = gss_import_cred(&minor_status,
273 &cred_token,
274 &cred_handle);
275 if (ret != GSS_S_COMPLETE) {
276 rep.status = NT_STATUS_INTERNAL_ERROR;
277 goto reply;
280 conn->session_info->credentials = cli_credentials_init(conn->session_info);
281 if (!conn->session_info->credentials) {
282 rep.status = NT_STATUS_NO_MEMORY;
283 goto reply;
286 cli_credentials_set_conf(conn->session_info->credentials,
287 conn->lp_ctx);
288 /* Just so we don't segfault trying to get at a username */
289 cli_credentials_set_anonymous(conn->session_info->credentials);
291 ret = cli_credentials_set_client_gss_creds(conn->session_info->credentials,
292 conn->event.ctx,
293 conn->lp_ctx,
294 cred_handle,
295 CRED_SPECIFIED);
296 if (ret) {
297 rep.status = NT_STATUS_INTERNAL_ERROR;
298 goto reply;
301 /* This credential handle isn't useful for password authentication, so ensure nobody tries to do that */
302 cli_credentials_set_kerberos_state(conn->session_info->credentials,
303 CRED_MUST_USE_KERBEROS);
306 conn->session_info->session_key = data_blob_const(req.info.info3.session_key,
307 req.info.info3.session_key_length);
308 talloc_steal(conn->session_info, req.info.info3.session_key);
310 break;
311 default:
312 DEBUG(2, ("named_pipe_auth_req: unknown level %u\n",
313 req.level));
314 rep.level = 0;
315 rep.status = NT_STATUS_INVALID_LEVEL;
316 goto reply;
319 reply:
320 /* create the output */
321 ndr_err = ndr_push_struct_blob(&rep_blob, pipe_conn,
322 lp_iconv_convenience(conn->lp_ctx),
323 &rep,
324 (ndr_push_flags_fn_t)ndr_push_named_pipe_auth_rep);
325 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
326 status = ndr_map_error2ntstatus(ndr_err);
327 DEBUG(2, ("Could not marshall named_pipe_auth_rep: %s\n",
328 nt_errstr(status)));
329 return status;
332 DEBUG(10,("named_pipe_auth reply[%u]\n", (unsigned)rep_blob.length));
333 dump_data(11, rep_blob.data, rep_blob.length);
334 if (DEBUGLVL(10)) {
335 NDR_PRINT_DEBUG(named_pipe_auth_rep, &rep);
338 pipe_conn->status = rep.status;
339 status = packet_send_callback(pipe_conn->packet, rep_blob,
340 named_pipe_handover_connection,
341 pipe_conn);
342 if (!NT_STATUS_IS_OK(status)) {
343 DEBUG(0, ("packet_send_callback returned %s\n",
344 nt_errstr(status)));
345 return status;
348 return NT_STATUS_OK;
352 called when a pipe socket becomes readable
354 static void named_pipe_recv(struct stream_connection *conn, uint16_t flags)
356 struct named_pipe_connection *pipe_conn = talloc_get_type(
357 conn->private_data, struct named_pipe_connection);
359 DEBUG(10,("named_pipe_recv\n"));
361 packet_recv(pipe_conn->packet);
365 called when a pipe socket becomes writable
367 static void named_pipe_send(struct stream_connection *conn, uint16_t flags)
369 struct named_pipe_connection *pipe_conn = talloc_get_type(
370 conn->private_data, struct named_pipe_connection);
372 packet_queue_run(pipe_conn->packet);
376 handle socket recv errors
378 static void named_pipe_recv_error(void *private_data, NTSTATUS status)
380 struct named_pipe_connection *pipe_conn = talloc_get_type(
381 private_data, struct named_pipe_connection);
383 stream_terminate_connection(pipe_conn->connection, nt_errstr(status));
386 static NTSTATUS named_pipe_full_request(void *private_data, DATA_BLOB blob, size_t *size)
388 if (blob.length < 8) {
389 return STATUS_MORE_ENTRIES;
392 if (memcmp(NAMED_PIPE_AUTH_MAGIC, &blob.data[4], 4) != 0) {
393 DEBUG(0,("named_pipe_full_request: wrong protocol\n"));
394 *size = blob.length;
395 /* the error will be handled in named_pipe_recv_auth_request */
396 return NT_STATUS_OK;
399 *size = 4 + RIVAL(blob.data, 0);
400 if (*size > blob.length) {
401 return STATUS_MORE_ENTRIES;
404 return NT_STATUS_OK;
407 static void named_pipe_accept(struct stream_connection *conn)
409 struct named_pipe_socket *pipe_sock = talloc_get_type(
410 conn->private_data, struct named_pipe_socket);
411 struct named_pipe_connection *pipe_conn;
413 DEBUG(5,("named_pipe_accept\n"));
415 pipe_conn = talloc_zero(conn, struct named_pipe_connection);
416 if (!pipe_conn) {
417 stream_terminate_connection(conn, "out of memory");
418 return;
421 pipe_conn->packet = packet_init(pipe_conn);
422 if (!pipe_conn->packet) {
423 stream_terminate_connection(conn, "out of memory");
424 return;
426 packet_set_private(pipe_conn->packet, pipe_conn);
427 packet_set_socket(pipe_conn->packet, conn->socket);
428 packet_set_callback(pipe_conn->packet, named_pipe_recv_auth_request);
429 packet_set_full_request(pipe_conn->packet, named_pipe_full_request);
430 packet_set_error_handler(pipe_conn->packet, named_pipe_recv_error);
431 packet_set_event_context(pipe_conn->packet, conn->event.ctx);
432 packet_set_fde(pipe_conn->packet, conn->event.fde);
433 packet_set_serialise(pipe_conn->packet);
434 packet_set_initial_read(pipe_conn->packet, 8);
436 pipe_conn->pipe_sock = pipe_sock;
438 pipe_conn->connection = conn;
439 conn->private_data = pipe_conn;
442 static const struct stream_server_ops named_pipe_stream_ops = {
443 .name = "named_pipe",
444 .accept_connection = named_pipe_accept,
445 .recv_handler = named_pipe_recv,
446 .send_handler = named_pipe_send,
449 NTSTATUS stream_setup_named_pipe(struct tevent_context *event_context,
450 struct loadparm_context *lp_ctx,
451 const struct model_ops *model_ops,
452 const struct stream_server_ops *stream_ops,
453 const char *pipe_name,
454 void *private_data)
456 char *dirname;
457 struct named_pipe_socket *pipe_sock;
458 NTSTATUS status = NT_STATUS_NO_MEMORY;;
460 pipe_sock = talloc(event_context, struct named_pipe_socket);
461 if (pipe_sock == NULL) {
462 goto fail;
465 /* remember the details about the pipe */
466 pipe_sock->pipe_name = talloc_strdup(pipe_sock, pipe_name);
467 if (pipe_sock->pipe_name == NULL) {
468 goto fail;
471 dirname = talloc_asprintf(pipe_sock, "%s/np", lp_ncalrpc_dir(lp_ctx));
472 if (dirname == NULL) {
473 goto fail;
476 if (!directory_create_or_exist(dirname, geteuid(), 0700)) {
477 status = map_nt_error_from_unix(errno);
478 DEBUG(0,(__location__ ": Failed to create stream pipe directory %s - %s\n",
479 dirname, nt_errstr(status)));
480 goto fail;
483 if (strncmp(pipe_name, "\\pipe\\", 6) == 0) {
484 pipe_name += 6;
487 pipe_sock->pipe_path = talloc_asprintf(pipe_sock, "%s/%s", dirname,
488 pipe_name);
489 if (pipe_sock->pipe_path == NULL) {
490 goto fail;
493 talloc_free(dirname);
495 pipe_sock->ops = stream_ops;
496 pipe_sock->private_data = talloc_reference(pipe_sock, private_data);
498 status = stream_setup_socket(event_context,
499 lp_ctx,
500 model_ops,
501 &named_pipe_stream_ops,
502 "unix",
503 pipe_sock->pipe_path,
504 NULL,
505 NULL,
506 pipe_sock);
507 if (!NT_STATUS_IS_OK(status)) {
508 goto fail;
510 return NT_STATUS_OK;
512 fail:
513 talloc_free(pipe_sock);
514 return status;