search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4-netlogon: implement dcesrv_netr_DsRAddressToSitenamesExW
[Samba/aatanasov.git] / source4 / smbd / service_named_pipe.c
blob96d572e8131eae8774cfb8ed8422a5bd876d4abd
1 /*
2 Unix SMB/CIFS implementation.
3
4 helper functions for NAMED PIPE servers
5
6 Copyright (C) Stefan (metze) Metzmacher 2008
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include <tevent.h>
24 #include "lib/socket/socket.h"
25 #include "smbd/service.h"
26 #include "param/param.h"
27 #include "auth/session.h"
28 #include "auth/auth_sam_reply.h"
29 #include "lib/stream/packet.h"
30 #include "librpc/gen_ndr/ndr_named_pipe_auth.h"
31 #include "system/passwd.h"
32 #include "libcli/raw/smb.h"
33 #include "auth/credentials/credentials.h"
34 #include "auth/credentials/credentials_krb5.h"
35 #include <gssapi/gssapi.h>
36
37 struct named_pipe_socket {
38 const char *pipe_name;
39 const char *pipe_path;
40 const struct stream_server_ops *ops;
41 void *private_data;
42 };
43
44 struct named_pipe_connection {
45 struct stream_connection *connection;
46 struct packet_context *packet;
47 const struct named_pipe_socket *pipe_sock;
48 NTSTATUS status;
49 };
50
51 static void named_pipe_handover_connection(void *private_data)
52 {
53 struct named_pipe_connection *pipe_conn = talloc_get_type(
54 private_data, struct named_pipe_connection);
55 struct stream_connection *conn = pipe_conn->connection;
56
57 TEVENT_FD_NOT_WRITEABLE(conn->event.fde);
58
59 packet_set_socket(pipe_conn->packet, NULL);
60 packet_set_event_context(pipe_conn->packet, NULL);
61 packet_set_fde(pipe_conn->packet, NULL);
62 TALLOC_FREE(pipe_conn->packet);
63
64 if (!NT_STATUS_IS_OK(pipe_conn->status)) {
65 stream_terminate_connection(conn, nt_errstr(pipe_conn->status));
66 return;
67 }
68
69 /*
70 * remove the named_pipe layer together with its packet layer
71 */
72 conn->ops = pipe_conn->pipe_sock->ops;
73 conn->private_data = pipe_conn->pipe_sock->private_data;
74 talloc_unlink(conn, pipe_conn);
75
76 /* we're now ready to start receiving events on this stream */
77 TEVENT_FD_READABLE(conn->event.fde);
78
79 /*
80 * hand over to the real pipe implementation,
81 * now that we have setup the transport session_info
82 */
83 conn->ops->accept_connection(conn);
84
85 DEBUG(10,("named_pipe_handover_connection[%s]: succeeded\n",
86 conn->ops->name));
87 }
88
89 static NTSTATUS named_pipe_recv_auth_request(void *private_data,
90 DATA_BLOB req_blob)
91 {
92 struct named_pipe_connection *pipe_conn = talloc_get_type(
93 private_data, struct named_pipe_connection);
94 struct stream_connection *conn = pipe_conn->connection;
95 enum ndr_err_code ndr_err;
96 struct named_pipe_auth_req req;
97 union netr_Validation val;
98 struct auth_serversupplied_info *server_info;
99 struct named_pipe_auth_rep rep;
100 DATA_BLOB rep_blob;
101 NTSTATUS status;
102
103 /*
104 * make sure nothing happens on the socket untill the
105 * real implemenation takes over
106 */
107 packet_recv_disable(pipe_conn->packet);
108
109 /*
110 * TODO: check it's a root (uid == 0) pipe
111 */
112
113 ZERO_STRUCT(rep);
114 rep.level = 0;
115 rep.status = NT_STATUS_INTERNAL_ERROR;
116
117 DEBUG(10,("named_pipe_auth: req_blob.length[%u]\n",
118 (unsigned int)req_blob.length));
119 dump_data(11, req_blob.data, req_blob.length);
120
121 /* parse the passed credentials */
122 ndr_err = ndr_pull_struct_blob_all(
123 &req_blob,
124 pipe_conn,
125 lp_iconv_convenience(conn->lp_ctx),
126 &req,
127 (ndr_pull_flags_fn_t)ndr_pull_named_pipe_auth_req);
128 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
129 rep.status = ndr_map_error2ntstatus(ndr_err);
130 DEBUG(2, ("Could not unmarshall named_pipe_auth_req: %s\n",
131 nt_errstr(rep.status)));
132 goto reply;
133 }
134
135 if (DEBUGLVL(10)) {
136 NDR_PRINT_DEBUG(named_pipe_auth_req, &req);
137 }
138
139 if (strcmp(NAMED_PIPE_AUTH_MAGIC, req.magic) != 0) {
140 DEBUG(2, ("named_pipe_auth_req: invalid magic '%s' != %s\n",
141 req.magic, NAMED_PIPE_AUTH_MAGIC));
142 rep.status = NT_STATUS_INVALID_PARAMETER;
143 goto reply;
144 }
145
146 switch (req.level) {
147 case 0:
148 /*
149 * anon connection, we don't create a session info
150 * and leave it NULL
151 */
152 rep.level = 0;
153 rep.status = NT_STATUS_OK;
154 break;
155 case 1:
156 val.sam3 = &req.info.info1;
157
158 rep.level = 1;
159 rep.status = make_server_info_netlogon_validation(pipe_conn,
160 "TODO",
161 3, &val,
162 &server_info);
163 if (!NT_STATUS_IS_OK(rep.status)) {
164 DEBUG(2, ("make_server_info_netlogon_validation returned "
165 "%s\n", nt_errstr(rep.status)));
166 goto reply;
167 }
168
169 /* setup the session_info on the connection */
170 rep.status = auth_generate_session_info(conn,
171 conn->event.ctx,
172 conn->lp_ctx,
173 server_info,
174 &conn->session_info);
175 if (!NT_STATUS_IS_OK(rep.status)) {
176 DEBUG(2, ("auth_generate_session_info failed: %s\n",
177 nt_errstr(rep.status)));
178 goto reply;
179 }
180
181 break;
182 case 2:
183 rep.level = 2;
184 rep.info.info2.file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
185 rep.info.info2.device_state = 0xff | 0x0400 | 0x0100;
186 rep.info.info2.allocation_size = 4096;
187
188 if (!req.info.info2.sam_info3) {
189 /*
190 * anon connection, we don't create a session info
191 * and leave it NULL
192 */
193 rep.status = NT_STATUS_OK;
194 break;
195 }
196
197 val.sam3 = req.info.info2.sam_info3;
198
199 rep.status = make_server_info_netlogon_validation(pipe_conn,
200 val.sam3->base.account_name.string,
201 3, &val, &server_info);
202 if (!NT_STATUS_IS_OK(rep.status)) {
203 DEBUG(2, ("make_server_info_netlogon_validation returned "
204 "%s\n", nt_errstr(rep.status)));
205 goto reply;
206 }
207
208 /* setup the session_info on the connection */
209 rep.status = auth_generate_session_info(conn,
210 conn->event.ctx,
211 conn->lp_ctx,
212 server_info,
213 &conn->session_info);
214 if (!NT_STATUS_IS_OK(rep.status)) {
215 DEBUG(2, ("auth_generate_session_info failed: %s\n",
216 nt_errstr(rep.status)));
217 goto reply;
218 }
219
220 conn->session_info->session_key = data_blob_const(req.info.info2.session_key,
221 req.info.info2.session_key_length);
222 talloc_steal(conn->session_info, req.info.info2.session_key);
223
224 break;
225 case 3:
226 rep.level = 3;
227 rep.info.info3.file_type = FILE_TYPE_MESSAGE_MODE_PIPE;
228 rep.info.info3.device_state = 0xff | 0x0400 | 0x0100;
229 rep.info.info3.allocation_size = 4096;
230
231 if (!req.info.info3.sam_info3) {
232 /*
233 * anon connection, we don't create a session info
234 * and leave it NULL
235 */
236 rep.status = NT_STATUS_OK;
237 break;
238 }
239
240 val.sam3 = req.info.info3.sam_info3;
241
242 rep.status = make_server_info_netlogon_validation(pipe_conn,
243 val.sam3->base.account_name.string,
244 3, &val, &server_info);
245 if (!NT_STATUS_IS_OK(rep.status)) {
246 DEBUG(2, ("make_server_info_netlogon_validation returned "
247 "%s\n", nt_errstr(rep.status)));
248 goto reply;
249 }
250
251 /* setup the session_info on the connection */
252 rep.status = auth_generate_session_info(conn,
253 conn->event.ctx,
254 conn->lp_ctx,
255 server_info,
256 &conn->session_info);
257 if (!NT_STATUS_IS_OK(rep.status)) {
258 DEBUG(2, ("auth_generate_session_info failed: %s\n",
259 nt_errstr(rep.status)));
260 goto reply;
261 }
262
263 if (req.info.info3.gssapi_delegated_creds_length) {
264 OM_uint32 minor_status;
265 gss_buffer_desc cred_token;
266 gss_cred_id_t cred_handle;
267 int ret;
268
269 DEBUG(10, ("named_pipe_auth: delegated credentials supplied by client\n"));
270
271 cred_token.value = req.info.info3.gssapi_delegated_creds;
272 cred_token.length = req.info.info3.gssapi_delegated_creds_length;
273
274 ret = gss_import_cred(&minor_status,
275 &cred_token,
276 &cred_handle);
277 if (ret != GSS_S_COMPLETE) {
278 rep.status = NT_STATUS_INTERNAL_ERROR;
279 goto reply;
280 }
281
282 conn->session_info->credentials = cli_credentials_init(conn->session_info);
283 if (!conn->session_info->credentials) {
284 rep.status = NT_STATUS_NO_MEMORY;
285 goto reply;
286 }
287
288 cli_credentials_set_conf(conn->session_info->credentials,
289 conn->lp_ctx);
290 /* Just so we don't segfault trying to get at a username */
291 cli_credentials_set_anonymous(conn->session_info->credentials);
292
293 ret = cli_credentials_set_client_gss_creds(conn->session_info->credentials,
294 conn->event.ctx,
295 conn->lp_ctx,
296 cred_handle,
297 CRED_SPECIFIED);
298 if (ret) {
299 rep.status = NT_STATUS_INTERNAL_ERROR;
300 goto reply;
301 }
302
303 /* This credential handle isn't useful for password authentication, so ensure nobody tries to do that */
304 cli_credentials_set_kerberos_state(conn->session_info->credentials,
305 CRED_MUST_USE_KERBEROS);
306 }
307
308 conn->session_info->session_key = data_blob_const(req.info.info3.session_key,
309 req.info.info3.session_key_length);
310 talloc_steal(conn->session_info, req.info.info3.session_key);
311
312 break;
313 default:
314 DEBUG(2, ("named_pipe_auth_req: unknown level %u\n",
315 req.level));
316 rep.level = 0;
317 rep.status = NT_STATUS_INVALID_LEVEL;
318 goto reply;
319 }
320
321 reply:
322 /* create the output */
323 ndr_err = ndr_push_struct_blob(&rep_blob, pipe_conn,
324 lp_iconv_convenience(conn->lp_ctx),
325 &rep,
326 (ndr_push_flags_fn_t)ndr_push_named_pipe_auth_rep);
327 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
328 status = ndr_map_error2ntstatus(ndr_err);
329 DEBUG(2, ("Could not marshall named_pipe_auth_rep: %s\n",
330 nt_errstr(status)));
331 return status;
332 }
333
334 DEBUG(10,("named_pipe_auth reply[%u]\n", (unsigned)rep_blob.length));
335 dump_data(11, rep_blob.data, rep_blob.length);
336 if (DEBUGLVL(10)) {
337 NDR_PRINT_DEBUG(named_pipe_auth_rep, &rep);
338 }
339
340 pipe_conn->status = rep.status;
341 status = packet_send_callback(pipe_conn->packet, rep_blob,
342 named_pipe_handover_connection,
343 pipe_conn);
344 if (!NT_STATUS_IS_OK(status)) {
345 DEBUG(0, ("packet_send_callback returned %s\n",
346 nt_errstr(status)));
347 return status;
348 }
349
350 return NT_STATUS_OK;
351 }
352
353 /*
354 called when a pipe socket becomes readable
355 */
356 static void named_pipe_recv(struct stream_connection *conn, uint16_t flags)
357 {
358 struct named_pipe_connection *pipe_conn = talloc_get_type(
359 conn->private_data, struct named_pipe_connection);
360
361 DEBUG(10,("named_pipe_recv\n"));
362
363 packet_recv(pipe_conn->packet);
364 }
365
366 /*
367 called when a pipe socket becomes writable
368 */
369 static void named_pipe_send(struct stream_connection *conn, uint16_t flags)
370 {
371 struct named_pipe_connection *pipe_conn = talloc_get_type(
372 conn->private_data, struct named_pipe_connection);
373
374 packet_queue_run(pipe_conn->packet);
375 }
376
377 /*
378 handle socket recv errors
379 */
380 static void named_pipe_recv_error(void *private_data, NTSTATUS status)
381 {
382 struct named_pipe_connection *pipe_conn = talloc_get_type(
383 private_data, struct named_pipe_connection);
384
385 stream_terminate_connection(pipe_conn->connection, nt_errstr(status));
386 }
387
388 static NTSTATUS named_pipe_full_request(void *private_data, DATA_BLOB blob, size_t *size)
389 {
390 if (blob.length < 8) {
391 return STATUS_MORE_ENTRIES;
392 }
393
394 if (memcmp(NAMED_PIPE_AUTH_MAGIC, &blob.data[4], 4) != 0) {
395 DEBUG(0,("named_pipe_full_request: wrong protocol\n"));
396 *size = blob.length;
397 /* the error will be handled in named_pipe_recv_auth_request */
398 return NT_STATUS_OK;
399 }
400
401 *size = 4 + RIVAL(blob.data, 0);
402 if (*size > blob.length) {
403 return STATUS_MORE_ENTRIES;
404 }
405
406 return NT_STATUS_OK;
407 }
408
409 static void named_pipe_accept(struct stream_connection *conn)
410 {
411 struct named_pipe_socket *pipe_sock = talloc_get_type(
412 conn->private_data, struct named_pipe_socket);
413 struct named_pipe_connection *pipe_conn;
414
415 DEBUG(5,("named_pipe_accept\n"));
416
417 pipe_conn = talloc_zero(conn, struct named_pipe_connection);
418 if (!pipe_conn) {
419 stream_terminate_connection(conn, "out of memory");
420 return;
421 }
422
423 pipe_conn->packet = packet_init(pipe_conn);
424 if (!pipe_conn->packet) {
425 stream_terminate_connection(conn, "out of memory");
426 return;
427 }
428 packet_set_private(pipe_conn->packet, pipe_conn);
429 packet_set_socket(pipe_conn->packet, conn->socket);
430 packet_set_callback(pipe_conn->packet, named_pipe_recv_auth_request);
431 packet_set_full_request(pipe_conn->packet, named_pipe_full_request);
432 packet_set_error_handler(pipe_conn->packet, named_pipe_recv_error);
433 packet_set_event_context(pipe_conn->packet, conn->event.ctx);
434 packet_set_fde(pipe_conn->packet, conn->event.fde);
435 packet_set_serialise(pipe_conn->packet);
436 packet_set_initial_read(pipe_conn->packet, 8);
437
438 pipe_conn->pipe_sock = pipe_sock;
439
440 pipe_conn->connection = conn;
441 conn->private_data = pipe_conn;
442 }
443
444 static const struct stream_server_ops named_pipe_stream_ops = {
445 .name = "named_pipe",
446 .accept_connection = named_pipe_accept,
447 .recv_handler = named_pipe_recv,
448 .send_handler = named_pipe_send,
449 };
450
451 NTSTATUS stream_setup_named_pipe(struct tevent_context *event_context,
452 struct loadparm_context *lp_ctx,
453 const struct model_ops *model_ops,
454 const struct stream_server_ops *stream_ops,
455 const char *pipe_name,
456 void *private_data)
457 {
458 char *dirname;
459 struct named_pipe_socket *pipe_sock;
460 NTSTATUS status = NT_STATUS_NO_MEMORY;;
461
462 pipe_sock = talloc(event_context, struct named_pipe_socket);
463 if (pipe_sock == NULL) {
464 goto fail;
465 }
466
467 /* remember the details about the pipe */
468 pipe_sock->pipe_name = talloc_strdup(pipe_sock, pipe_name);
469 if (pipe_sock->pipe_name == NULL) {
470 goto fail;
471 }
472
473 dirname = talloc_asprintf(pipe_sock, "%s/np", lp_ncalrpc_dir(lp_ctx));
474 if (dirname == NULL) {
475 goto fail;
476 }
477
478 if (!directory_create_or_exist(dirname, geteuid(), 0700)) {
479 status = map_nt_error_from_unix(errno);
480 DEBUG(0,(__location__ ": Failed to create stream pipe directory %s - %s\n",
481 dirname, nt_errstr(status)));
482 goto fail;
483 }
484
485 if (strncmp(pipe_name, "\\pipe\\", 6) == 0) {
486 pipe_name += 6;
487 }
488
489 pipe_sock->pipe_path = talloc_asprintf(pipe_sock, "%s/%s", dirname,
490 pipe_name);
491 if (pipe_sock->pipe_path == NULL) {
492 goto fail;
493 }
494
495 talloc_free(dirname);
496
497 pipe_sock->ops = stream_ops;
498 pipe_sock->private_data = talloc_reference(pipe_sock, private_data);
499
500 status = stream_setup_socket(event_context,
501 lp_ctx,
502 model_ops,
503 &named_pipe_stream_ops,
504 "unix",
505 pipe_sock->pipe_path,
506 NULL,
507 NULL,
508 pipe_sock);
509 if (!NT_STATUS_IS_OK(status)) {
510 goto fail;
511 }
512 return NT_STATUS_OK;
513
514 fail:
515 talloc_free(pipe_sock);
516 return status;
517 }
aatanasov's samba4 branch