source4/ntvfs/ipc/ipc_rap.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    RAP handlers
   4
   5    Copyright (C) Volker Lendecke 2004
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 2 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program; if not, write to the Free Software
  19    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  20 */
  21
  22 #include "includes.h"
  23 #include "rap.h"
  24
  25 #define NERR_Success 0
  26 #define NERR_badpass 86
  27 #define NERR_notsupported 50
  28
  29 struct rap_string_heap {
  30         TALLOC_CTX *mem_ctx;
  31         int offset;
  32         int num_strings;
  33         const char **strings;
  34 };
  35
  36 struct rap_heap_save {
  37         int offset, num_strings;
  38 };
  39
  40 static void rap_heap_save(struct rap_string_heap *heap,
  41                           struct rap_heap_save *save)
  42 {
  43         save->offset = heap->offset;
  44         save->num_strings = heap->num_strings;
  45 }
  46
  47 static void rap_heap_restore(struct rap_string_heap *heap,
  48                              struct rap_heap_save *save)
  49 {
  50         heap->offset = save->offset;
  51         heap->num_strings = save->num_strings;
  52 }
  53
  54 struct rap_call {
  55         TALLOC_CTX *mem_ctx;
  56         uint16 callno;
  57         const char *paramdesc;
  58         const char *datadesc;
  59
  60         uint16 status;
  61         uint16 convert;
  62
  63         uint16 rcv_paramlen, rcv_datalen;
  64
  65         struct ndr_push *ndr_push_param;
  66         struct ndr_push *ndr_push_data;
  67         struct rap_string_heap *heap;
  68
  69         struct ndr_pull *ndr_pull_param;
  70         struct ndr_pull *ndr_pull_data;
  71 };
  72
  73 #define RAPNDR_FLAGS (LIBNDR_FLAG_NOALIGN|LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_NULLTERM);
  74
  75 static struct rap_call *new_rap_srv_call(TALLOC_CTX *mem_ctx,
  76                                          struct smb_trans2 *trans)
  77 {
  78         struct rap_call *call;
  79
  80         call = talloc(mem_ctx, struct rap_call);
  81
  82         if (call == NULL)
  83                 return NULL;
  84
  85         ZERO_STRUCTP(call);
  86
  87         call->mem_ctx = mem_ctx;
  88
  89         call->ndr_pull_param = ndr_pull_init_blob(&trans->in.params, mem_ctx);
  90         call->ndr_pull_param->flags = RAPNDR_FLAGS;
  91
  92         call->ndr_pull_data = ndr_pull_init_blob(&trans->in.data, mem_ctx);
  93         call->ndr_pull_data->flags = RAPNDR_FLAGS;
  94
  95         call->heap = talloc(mem_ctx, struct rap_string_heap);
  96
  97         if (call->heap == NULL)
  98                 return NULL;
  99
 100         ZERO_STRUCTP(call->heap);
 101
 102         call->heap->mem_ctx = mem_ctx;
 103
 104         return call;
 105 }
 106
 107 static NTSTATUS rap_srv_pull_word(struct rap_call *call, uint16 *result)
 108 {
 109         if (*call->paramdesc++ != 'W')
 110                 return NT_STATUS_INVALID_PARAMETER;
 111
 112         return ndr_pull_uint16(call->ndr_pull_param, NDR_SCALARS, result);
 113 }
 114
 115 static NTSTATUS rap_srv_pull_dword(struct rap_call *call, uint32 *result)
 116 {
 117         if (*call->paramdesc++ != 'D')
 118                 return NT_STATUS_INVALID_PARAMETER;
 119
 120         return ndr_pull_uint32(call->ndr_pull_param, NDR_SCALARS, result);
 121 }
 122
 123 static NTSTATUS rap_srv_pull_string(struct rap_call *call, const char **result)
 124 {
 125         char paramdesc = *call->paramdesc++;
 126
 127         if (paramdesc == 'O') {
 128                 *result = NULL;
 129                 return NT_STATUS_OK;
 130         }
 131
 132         if (paramdesc != 'z')
 133                 return NT_STATUS_INVALID_PARAMETER;
 134
 135         return ndr_pull_string(call->ndr_pull_param, NDR_SCALARS, result);
 136 }
 137
 138 static NTSTATUS rap_srv_pull_bufsize(struct rap_call *call, uint16 *bufsize)
 139 {
 140         NTSTATUS result;
 141
 142         if ( (*call->paramdesc++ != 'r') || (*call->paramdesc++ != 'L') )
 143                 return NT_STATUS_INVALID_PARAMETER;
 144
 145         result = ndr_pull_uint16(call->ndr_pull_param, NDR_SCALARS, bufsize);
 146
 147         if (!NT_STATUS_IS_OK(result))
 148                 return result;
 149
 150         call->heap->offset = *bufsize;
 151
 152         return NT_STATUS_OK;
 153 }
 154
 155 static NTSTATUS rap_srv_pull_expect_multiple(struct rap_call *call)
 156 {
 157         if ( (*call->paramdesc++ != 'e') || (*call->paramdesc++ != 'h') )
 158                 return NT_STATUS_INVALID_PARAMETER;
 159
 160         return NT_STATUS_OK;
 161 }
 162
 163 static NTSTATUS rap_push_string(struct ndr_push *data_push,
 164                                 struct rap_string_heap *heap,
 165                                 const char *str)
 166 {
 167         size_t space;
 168
 169         if (str == NULL)
 170                 str = "";
 171
 172         space = strlen(str)+1;
 173
 174         if (heap->offset < space)
 175                 return NT_STATUS_BUFFER_TOO_SMALL;
 176
 177         heap->offset -= space;
 178
 179         NDR_CHECK(ndr_push_uint16(data_push, NDR_SCALARS, heap->offset));
 180         NDR_CHECK(ndr_push_uint16(data_push, NDR_SCALARS, 0));
 181
 182         heap->strings = talloc_realloc(heap->mem_ctx,
 183                                          heap->strings,
 184                                          const char *,
 185                                          heap->num_strings + 1);
 186
 187         if (heap->strings == NULL)
 188                 return NT_STATUS_NO_MEMORY;
 189
 190         heap->strings[heap->num_strings] = str;
 191         heap->num_strings += 1;
 192
 193         return NT_STATUS_OK;
 194 }
 195
 196 #define NDR_OK(call) do { result = call; \
 197                              if (NT_STATUS_EQUAL(result, NT_STATUS_BUFFER_TOO_SMALL)) \
 198                                 goto buffer_overflow; \
 199                              if (!NT_STATUS_IS_OK(result)) \
 200                                 goto done; \
 201                         } while (0)
 202
 203 static NTSTATUS _rap_netshareenum(struct smbsrv_request *req,
 204                                   struct rap_call *call)
 205 {
 206         struct rap_NetShareEnum r;
 207         NTSTATUS result;
 208
 209         NDR_OK(rap_srv_pull_word(call, &r.in.level));
 210         NDR_OK(rap_srv_pull_bufsize(call, &r.in.bufsize));
 211         NDR_OK(rap_srv_pull_expect_multiple(call));
 212
 213         switch(r.in.level) {
 214         case 0:
 215                 if (strcmp(call->datadesc, "B13") != 0)
 216                         return NT_STATUS_INVALID_PARAMETER;
 217                 break;
 218         case 1:
 219                 if (strcmp(call->datadesc, "B13BWz") != 0)
 220                         return NT_STATUS_INVALID_PARAMETER;
 221                 break;
 222         default:
 223                 return NT_STATUS_INVALID_PARAMETER;
 224                 break;
 225         }
 226
 227         result = rap_netshareenum(req, &r);
 228
 229         if (!NT_STATUS_IS_OK(result))
 230                 return result;
 231
 232         for (r.out.count = 0; r.out.count < r.out.available; r.out.count++) {
 233
 234                 int i = r.out.count;
 235                 struct ndr_push_save data_save;
 236                 struct rap_heap_save heap_save;
 237
 238                 ndr_push_save(call->ndr_push_data, &data_save);
 239                 rap_heap_save(call->heap, &heap_save);
 240
 241                 switch(r.in.level) {
 242                 case 0:
 243                         NDR_OK(ndr_push_bytes(call->ndr_push_data,
 244                                               (const uint8_t *)r.out.info[i].info0.name,
 245                                               sizeof(r.out.info[i].info0.name)));
 246                         break;
 247                 case 1:
 248                         NDR_OK(ndr_push_bytes(call->ndr_push_data,
 249                                               (const uint8_t *)r.out.info[i].info1.name,
 250                                               sizeof(r.out.info[i].info1.name)));
 251                         NDR_OK(ndr_push_uint8(call->ndr_push_data,
 252                                               NDR_SCALARS, r.out.info[i].info1.pad));
 253                         NDR_OK(ndr_push_uint16(call->ndr_push_data,
 254                                                NDR_SCALARS, r.out.info[i].info1.type));
 255
 256                         NDR_OK(rap_push_string(call->ndr_push_data,
 257                                                call->heap,
 258                                                r.out.info[i].info1.comment));
 259
 260                         break;
 261                 }
 262
 263                 if (call->ndr_push_data->offset > call->heap->offset) {
 264
 265         buffer_overflow:
 266
 267                         ndr_push_restore(call->ndr_push_data, &data_save);
 268                         rap_heap_restore(call->heap, &heap_save);
 269                         break;
 270                 }
 271         }
 272
 273         call->status = r.out.status;
 274
 275         NDR_CHECK(ndr_push_uint16(call->ndr_push_param, NDR_SCALARS, r.out.count));
 276         NDR_CHECK(ndr_push_uint16(call->ndr_push_param, NDR_SCALARS, r.out.available));
 277
 278         result = NT_STATUS_OK;
 279
 280  done:
 281         return result;
 282 }
 283
 284 static NTSTATUS _rap_netserverenum2(struct smbsrv_request *req,
 285                                     struct rap_call *call)
 286 {
 287         struct rap_NetServerEnum2 r;
 288         NTSTATUS result;
 289
 290         NDR_OK(rap_srv_pull_word(call, &r.in.level));
 291         NDR_OK(rap_srv_pull_bufsize(call, &r.in.bufsize));
 292         NDR_OK(rap_srv_pull_expect_multiple(call));
 293         NDR_OK(rap_srv_pull_dword(call, &r.in.servertype));
 294         NDR_OK(rap_srv_pull_string(call, &r.in.domain));
 295
 296         switch(r.in.level) {
 297         case 0:
 298                 if (strcmp(call->datadesc, "B16") != 0)
 299                         return NT_STATUS_INVALID_PARAMETER;
 300                 break;
 301         case 1:
 302                 if (strcmp(call->datadesc, "B16BBDz") != 0)
 303                         return NT_STATUS_INVALID_PARAMETER;
 304                 break;
 305         default:
 306                 return NT_STATUS_INVALID_PARAMETER;
 307                 break;
 308         }
 309
 310         result = rap_netserverenum2(req, &r);
 311
 312         if (!NT_STATUS_IS_OK(result))
 313                 return result;
 314
 315         for (r.out.count = 0; r.out.count < r.out.available; r.out.count++) {
 316
 317                 int i = r.out.count;
 318                 struct ndr_push_save data_save;
 319                 struct rap_heap_save heap_save;
 320
 321                 ndr_push_save(call->ndr_push_data, &data_save);
 322                 rap_heap_save(call->heap, &heap_save);
 323
 324                 switch(r.in.level) {
 325                 case 0:
 326                         NDR_OK(ndr_push_bytes(call->ndr_push_data,
 327                                               (const uint8_t *)r.out.info[i].info0.name,
 328                                               sizeof(r.out.info[i].info0.name)));
 329                         break;
 330                 case 1:
 331                         NDR_OK(ndr_push_bytes(call->ndr_push_data,
 332                                               (const uint8_t *)r.out.info[i].info1.name,
 333                                               sizeof(r.out.info[i].info1.name)));
 334                         NDR_OK(ndr_push_uint8(call->ndr_push_data,
 335                                               NDR_SCALARS, r.out.info[i].info1.version_major));
 336                         NDR_OK(ndr_push_uint8(call->ndr_push_data,
 337                                               NDR_SCALARS, r.out.info[i].info1.version_minor));
 338                         NDR_OK(ndr_push_uint32(call->ndr_push_data,
 339                                                NDR_SCALARS, r.out.info[i].info1.servertype));
 340
 341                         NDR_OK(rap_push_string(call->ndr_push_data,
 342                                                call->heap,
 343                                                r.out.info[i].info1.comment));
 344
 345                         break;
 346                 }
 347
 348                 if (call->ndr_push_data->offset > call->heap->offset) {
 349
 350         buffer_overflow:
 351
 352                         ndr_push_restore(call->ndr_push_data, &data_save);
 353                         rap_heap_restore(call->heap, &heap_save);
 354                         break;
 355                 }
 356         }
 357
 358         call->status = r.out.status;
 359
 360         NDR_CHECK(ndr_push_uint16(call->ndr_push_param, NDR_SCALARS, r.out.count));
 361         NDR_CHECK(ndr_push_uint16(call->ndr_push_param, NDR_SCALARS, r.out.available));
 362
 363         result = NT_STATUS_OK;
 364
 365  done:
 366         return result;
 367 }
 368
 369 static NTSTATUS api_Unsupported(struct smbsrv_request *req,
 370                                 struct rap_call *call)
 371 {
 372         call->status = NERR_notsupported;
 373         call->convert = 0;
 374         return NT_STATUS_OK;
 375 }
 376
 377 static const struct
 378 {
 379         const char *name;
 380         int id;
 381         NTSTATUS (*fn)(struct smbsrv_request *req, struct rap_call *call);
 382 } api_commands[] = {
 383         {"NetShareEnum", RAP_WshareEnum, _rap_netshareenum },
 384         {"NetServerEnum2", RAP_NetServerEnum2, _rap_netserverenum2 },
 385         {NULL, -1, api_Unsupported}
 386 };
 387
 388 NTSTATUS ipc_rap_call(struct smbsrv_request *req, struct smb_trans2 *trans)
 389 {
 390         int i;
 391         NTSTATUS result;
 392         struct rap_call *call;
 393         DATA_BLOB result_param, result_data;
 394         struct ndr_push *final_param;
 395         struct ndr_push *final_data;
 396
 397         call = new_rap_srv_call(req, trans);
 398
 399         if (call == NULL)
 400                 return NT_STATUS_NO_MEMORY;
 401
 402         NDR_CHECK(ndr_pull_uint16(call->ndr_pull_param, NDR_SCALARS, &call->callno));
 403         NDR_CHECK(ndr_pull_string(call->ndr_pull_param, NDR_SCALARS,
 404                                   &call->paramdesc));
 405         NDR_CHECK(ndr_pull_string(call->ndr_pull_param, NDR_SCALARS,
 406                                   &call->datadesc));
 407
 408         call->ndr_push_param = ndr_push_init_ctx(req);
 409         call->ndr_push_data = ndr_push_init_ctx(req);
 410
 411         if ((call->ndr_push_param == NULL) || (call->ndr_push_data == NULL))
 412                 return NT_STATUS_NO_MEMORY;
 413
 414         call->ndr_push_param->flags = RAPNDR_FLAGS;
 415         call->ndr_push_data->flags = RAPNDR_FLAGS;
 416
 417         result = NT_STATUS_INVALID_SYSTEM_SERVICE;
 418
 419         for (i=0; api_commands[i].name != NULL; i++) {
 420                 if (api_commands[i].id == call->callno) {
 421                         DEBUG(5, ("Running RAP call %s\n",
 422                                   api_commands[i].name));
 423                         result = api_commands[i].fn(req, call);
 424                         break;
 425                 }
 426         }
 427
 428         if (!NT_STATUS_IS_OK(result))
 429                 return result;
 430
 431         result_param = ndr_push_blob(call->ndr_push_param);
 432         result_data = ndr_push_blob(call->ndr_push_data);
 433
 434         final_param = ndr_push_init_ctx(req);
 435         final_data = ndr_push_init_ctx(req);
 436
 437         if ((final_param == NULL) || (final_data == NULL))
 438                 return NT_STATUS_NO_MEMORY;
 439
 440         final_param->flags = RAPNDR_FLAGS;
 441         final_data->flags = RAPNDR_FLAGS;
 442
 443         NDR_CHECK(ndr_push_uint16(final_param, NDR_SCALARS, call->status));
 444         NDR_CHECK(ndr_push_uint16(final_param,
 445                                   NDR_SCALARS, call->heap->offset - result_data.length));
 446         NDR_CHECK(ndr_push_bytes(final_param, result_param.data,
 447                                  result_param.length));
 448
 449         NDR_CHECK(ndr_push_bytes(final_data, result_data.data,
 450                                  result_data.length));
 451
 452         for (i=call->heap->num_strings-1; i>=0; i--)
 453                 NDR_CHECK(ndr_push_string(final_data, NDR_SCALARS,
 454                                           call->heap->strings[i]));
 455
 456         trans->out.setup_count = 0;
 457         trans->out.setup = NULL;
 458         trans->out.params = ndr_push_blob(final_param);
 459         trans->out.data = ndr_push_blob(final_data);
 460
 461         return result;
 462 }