source3/smbd/smb2_pipes.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    Pipe SMB reply routines
   4    Copyright (C) Andrew Tridgell 1992-1998
   5    Copyright (C) Luke Kenneth Casson Leighton 1996-1998
   6    Copyright (C) Paul Ashton  1997-1998.
   7    Copyright (C) Jeremy Allison 2005.
   8
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 */
  22 /*
  23    This file handles reply_ calls on named pipes that the server
  24    makes to handle specific protocols
  25 */
  26
  27
  28 #include "includes.h"
  29 #include "smbd/smbd.h"
  30 #include "smbd/globals.h"
  31 #include "libcli/security/security.h"
  32 #include "rpc_server/srv_pipe_hnd.h"
  33 #include "auth/auth_util.h"
  34 #include "librpc/rpc/dcerpc_helper.h"
  35
  36 NTSTATUS open_np_file(struct smb_request *smb_req, const char *name,
  37                       struct files_struct **pfsp)
  38 {
  39         struct smbXsrv_connection *xconn = smb_req->xconn;
  40         struct connection_struct *conn = smb_req->conn;
  41         struct files_struct *fsp;
  42         struct smb_filename *smb_fname = NULL;
  43         struct auth_session_info *session_info = conn->session_info;
  44         NTSTATUS status;
  45
  46         status = file_new(smb_req, conn, &fsp);
  47         if (!NT_STATUS_IS_OK(status)) {
  48                 DEBUG(0, ("file_new failed: %s\n", nt_errstr(status)));
  49                 return status;
  50         }
  51
  52         fsp->conn = conn;
  53         fsp_set_fd(fsp, -1);
  54         fsp->vuid = smb_req->vuid;
  55         fsp->fsp_flags.can_lock = false;
  56         fsp->access_mask = FILE_READ_DATA | FILE_WRITE_DATA;
  57
  58         smb_fname = synthetic_smb_fname(talloc_tos(),
  59                                         name,
  60                                         NULL,
  61                                         NULL,
  62                                         0,
  63                                         0);
  64         if (smb_fname == NULL) {
  65                 file_free(smb_req, fsp);
  66                 return NT_STATUS_NO_MEMORY;
  67         }
  68         status = fsp_set_smb_fname(fsp, smb_fname);
  69         TALLOC_FREE(smb_fname);
  70         if (!NT_STATUS_IS_OK(status)) {
  71                 file_free(smb_req, fsp);
  72                 return status;
  73         }
  74
  75         if (smb_req->smb2req != NULL && smb_req->smb2req->was_encrypted) {
  76                 struct security_token *security_token = NULL;
  77                 uint16_t dialect = xconn->smb2.server.dialect;
  78                 uint16_t srv_smb_encrypt = DCERPC_SMB_ENCRYPTION_REQUIRED;
  79                 uint16_t cipher = xconn->smb2.server.cipher;
  80                 struct dom_sid smb3_sid = global_sid_Samba_SMB3;
  81                 uint32_t i;
  82                 bool ok;
  83
  84                 session_info = copy_session_info(fsp, conn->session_info);
  85                 if (session_info == NULL) {
  86                         DBG_ERR("Failed to copy session info\n");
  87                         file_free(smb_req, fsp);
  88                         return NT_STATUS_NO_MEMORY;
  89                 }
  90                 security_token = session_info->security_token;
  91
  92                 /*
  93                  * Security check:
  94                  *
  95                  * Make sure we don't have a SMB3 SID in the security token!
  96                  */
  97                 for (i = 0; i < security_token->num_sids; i++) {
  98                         int cmp;
  99
 100                         cmp = dom_sid_compare_domain(&security_token->sids[i],
 101                                                      &smb3_sid);
 102                         if (cmp == 0) {
 103                                 DBG_ERR("ERROR: An SMB3 SID has already been "
 104                                         "detected in the security token!\n");
 105                                 file_free(smb_req, fsp);
 106                                 return NT_STATUS_ACCESS_DENIED;
 107                         }
 108                 }
 109
 110                 ok = sid_append_rid(&smb3_sid, dialect);
 111                 ok &= sid_append_rid(&smb3_sid, srv_smb_encrypt);
 112                 ok &= sid_append_rid(&smb3_sid, cipher);
 113
 114                 if (!ok) {
 115                         DBG_ERR("sid too small\n");
 116                         file_free(smb_req, fsp);
 117                         return NT_STATUS_BUFFER_TOO_SMALL;
 118                 }
 119
 120                 status = add_sid_to_array_unique(security_token,
 121                                                  &smb3_sid,
 122                                                  &security_token->sids,
 123                                                  &security_token->num_sids);
 124                 if (!NT_STATUS_IS_OK(status)) {
 125                         DBG_ERR("Failed to add SMB3 SID to security token\n");
 126                         file_free(smb_req, fsp);
 127                         return status;
 128                 }
 129
 130                 fsp->fsp_flags.encryption_required = true;
 131         }
 132
 133         status = np_open(fsp, name,
 134                          conn->sconn->remote_address,
 135                          conn->sconn->local_address,
 136                          session_info,
 137                          conn->sconn->ev_ctx,
 138                          conn->sconn->msg_ctx,
 139                          conn->sconn->dce_ctx,
 140                          &fsp->fake_file_handle);
 141         if (!NT_STATUS_IS_OK(status)) {
 142                 DEBUG(10, ("np_open(%s) returned %s\n", name,
 143                            nt_errstr(status)));
 144                 file_free(smb_req, fsp);
 145                 return status;
 146         }
 147
 148         *pfsp = fsp;
 149
 150         return NT_STATUS_OK;
 151 }