2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 * Copyright (C) Andrew Tridgell 1992-1997,
5 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
6 * Copyright (C) Jeremy Allison 2001.
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
25 #define DBGC_CLASS DBGC_RPC_SRV
27 /* This is the max handles across all instances of a pipe name. */
29 #define MAX_OPEN_POLS 1024
32 /****************************************************************************
33 Hack as handles need to be persisant over lsa pipe closes so long as a samr
35 ****************************************************************************/
37 static bool is_samr_lsa_pipe(const char *pipe_name
)
39 return (strstr(pipe_name
, "samr") || strstr(pipe_name
, "lsa"));
42 /****************************************************************************
43 Initialise a policy handle list on a pipe. Handle list is shared between all
44 pipes of the same name.
45 ****************************************************************************/
47 bool init_pipe_handle_list(pipes_struct
*p
, const char *pipe_name
)
50 struct handle_list
*hl
;
52 for (plist
= get_first_internal_pipe();
54 plist
= get_next_internal_pipe(plist
)) {
55 if (strequal(plist
->name
, pipe_name
)) {
58 if (is_samr_lsa_pipe(plist
->name
)
59 && is_samr_lsa_pipe(pipe_name
)) {
61 * samr and lsa share a handle space (same process
69 hl
= plist
->pipe_handles
;
75 * First open, we have to create the handle list
77 hl
= SMB_MALLOC_P(struct handle_list
);
83 DEBUG(10,("init_pipe_handles: created handle list for pipe %s\n", pipe_name
));
87 * One more pipe is using this list.
93 * Point this pipe at this list.
98 DEBUG(10,("init_pipe_handles: pipe_handles ref count = %lu for pipe %s\n",
99 (unsigned long)p
->pipe_handles
->pipe_ref_count
, pipe_name
));
104 /****************************************************************************
105 find first available policy slot. creates a policy handle for you.
106 ****************************************************************************/
108 bool create_policy_hnd(pipes_struct
*p
, POLICY_HND
*hnd
, void (*free_fn
)(void *), void *data_ptr
)
110 static uint32 pol_hnd_low
= 0;
111 static uint32 pol_hnd_high
= 0;
112 time_t t
= time(NULL
);
116 if (p
->pipe_handles
->count
> MAX_OPEN_POLS
) {
117 DEBUG(0,("create_policy_hnd: ERROR: too many handles (%d) on this pipe.\n",
118 (int)p
->pipe_handles
->count
));
122 pol
= SMB_MALLOC_P(struct policy
);
124 DEBUG(0,("create_policy_hnd: ERROR: out of memory!\n"));
130 pol
->data_ptr
= data_ptr
;
131 pol
->free_fn
= free_fn
;
134 if (pol_hnd_low
== 0)
137 SIVAL(&pol
->pol_hnd
.handle_type
, 0 , 0); /* first bit must be null */
138 SIVAL(&pol
->pol_hnd
.uuid
.time_low
, 0 , pol_hnd_low
); /* second bit is incrementing */
139 SSVAL(&pol
->pol_hnd
.uuid
.time_mid
, 0 , pol_hnd_high
); /* second bit is incrementing */
140 SSVAL(&pol
->pol_hnd
.uuid
.time_hi_and_version
, 0 , (pol_hnd_high
>>16)); /* second bit is incrementing */
142 /* split the current time into two 16 bit values */
144 SSVAL(pol
->pol_hnd
.uuid
.clock_seq
, 0, (t
>>16)); /* something random */
145 SSVAL(pol
->pol_hnd
.uuid
.node
, 0, t
); /* something random */
147 SIVAL(pol
->pol_hnd
.uuid
.node
, 2, sys_getpid()); /* something more random */
149 DLIST_ADD(p
->pipe_handles
->Policy
, pol
);
150 p
->pipe_handles
->count
++;
154 DEBUG(4,("Opened policy hnd[%d] ", (int)p
->pipe_handles
->count
));
155 dump_data(4, (uint8
*)hnd
, sizeof(*hnd
));
160 /****************************************************************************
161 find policy by handle - internal version.
162 ****************************************************************************/
164 static struct policy
*find_policy_by_hnd_internal(pipes_struct
*p
, POLICY_HND
*hnd
, void **data_p
)
172 for (i
= 0, pol
=p
->pipe_handles
->Policy
;pol
;pol
=pol
->next
, i
++) {
173 if (memcmp(&pol
->pol_hnd
, hnd
, sizeof(*hnd
)) == 0) {
174 DEBUG(4,("Found policy hnd[%d] ", (int)i
));
175 dump_data(4, (uint8
*)hnd
, sizeof(*hnd
));
177 *data_p
= pol
->data_ptr
;
182 DEBUG(4,("Policy not found: "));
183 dump_data(4, (uint8
*)hnd
, sizeof(*hnd
));
185 p
->bad_handle_fault_state
= True
;
190 /****************************************************************************
191 find policy by handle
192 ****************************************************************************/
194 bool find_policy_by_hnd(pipes_struct
*p
, POLICY_HND
*hnd
, void **data_p
)
196 return find_policy_by_hnd_internal(p
, hnd
, data_p
) == NULL
? False
: True
;
199 /****************************************************************************
201 ****************************************************************************/
203 bool close_policy_hnd(pipes_struct
*p
, POLICY_HND
*hnd
)
205 struct policy
*pol
= find_policy_by_hnd_internal(p
, hnd
, NULL
);
208 DEBUG(3,("Error closing policy\n"));
212 DEBUG(3,("Closed policy\n"));
214 if (pol
->free_fn
&& pol
->data_ptr
)
215 (*pol
->free_fn
)(pol
->data_ptr
);
217 p
->pipe_handles
->count
--;
219 DLIST_REMOVE(p
->pipe_handles
->Policy
, pol
);
228 /****************************************************************************
229 Close a pipe - free the handle list if it was the last pipe reference.
230 ****************************************************************************/
232 void close_policy_by_pipe(pipes_struct
*p
)
234 p
->pipe_handles
->pipe_ref_count
--;
236 if (p
->pipe_handles
->pipe_ref_count
== 0) {
238 * Last pipe open on this list - free the list.
240 while (p
->pipe_handles
->Policy
)
241 close_policy_hnd(p
, &p
->pipe_handles
->Policy
->pol_hnd
);
243 p
->pipe_handles
->Policy
= NULL
;
244 p
->pipe_handles
->count
= 0;
246 SAFE_FREE(p
->pipe_handles
);
247 DEBUG(10,("close_policy_by_pipe: deleted handle list for pipe %s\n", p
->name
));
251 /*******************************************************************
252 Shall we allow access to this rpc? Currently this function
253 implements the 'restrict anonymous' setting by denying access to
254 anonymous users if the restrict anonymous level is > 0. Further work
255 will be checking a security descriptor to determine whether a user
256 token has enough access to access the pipe.
257 ********************************************************************/
259 bool pipe_access_check(pipes_struct
*p
)
261 /* Don't let anonymous users access this RPC if restrict
264 if (lp_restrict_anonymous() > 0) {
266 /* schannel, so we must be ok */
267 if (p
->pipe_bound
&& (p
->auth
.auth_type
== PIPE_AUTH_TYPE_SCHANNEL
)) {
271 if (p
->server_info
->guest
) {