source3/include/ntdomain.h

   1 /*
   2    Unix SMB/CIFS implementation.
   3    SMB parameters and setup
   4    Copyright (C) Andrew Tridgell 1992-1997
   5    Copyright (C) Luke Kenneth Casson Leighton 1996-1997
   6    Copyright (C) Paul Ashton 1997
   7    Copyright (C) Jeremy Allison 2000-2004
   8
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 */
  22
  23 #ifndef _NT_DOMAIN_H /* _NT_DOMAIN_H */
  24 #define _NT_DOMAIN_H
  25
  26 /*
  27  * A bunch of stuff that was put into smb.h
  28  * in the NTDOM branch - it didn't belong there.
  29  */
  30
  31 typedef struct _prs_struct {
  32         bool io; /* parsing in or out of data stream */
  33         /*
  34          * If the (incoming) data is big-endian. On output we are
  35          * always little-endian.
  36          */
  37         bool bigendian_data;
  38         uint8 align; /* data alignment */
  39         bool is_dynamic; /* Do we own this memory or not ? */
  40         uint32 data_offset; /* Current working offset into data. */
  41         uint32 buffer_size; /* Current allocated size of the buffer. */
  42         uint32 grow_size; /* size requested via prs_grow() calls */
  43         char *data_p; /* The buffer itself. */
  44         TALLOC_CTX *mem_ctx; /* When unmarshalling, use this.... */
  45         const char *sess_key; /* If we have to do encrypt/decrypt on the fly. */
  46 } prs_struct;
  47
  48 /*
  49  * Defines for io member of prs_struct.
  50  */
  51
  52 #define MARSHALL 0
  53 #define UNMARSHALL 1
  54
  55 #define MARSHALLING(ps) (!(ps)->io)
  56 #define UNMARSHALLING(ps) ((ps)->io)
  57
  58 #define RPC_BIG_ENDIAN          1
  59 #define RPC_LITTLE_ENDIAN       0
  60
  61 #define RPC_PARSE_ALIGN 4
  62
  63 typedef struct _output_data {
  64         /*
  65          * Raw RPC output data. This does not include RPC headers or footers.
  66          */
  67         prs_struct rdata;
  68
  69         /* The amount of data sent from the current rdata struct. */
  70         uint32 data_sent_length;
  71
  72         /*
  73          * The current PDU being returned. This inclues
  74          * headers, data and authentication footer.
  75          */
  76         unsigned char current_pdu[RPC_MAX_PDU_FRAG_LEN];
  77
  78         /* The amount of data in the current_pdu buffer. */
  79         uint32 current_pdu_len;
  80
  81         /* The amount of data sent from the current PDU. */
  82         uint32 current_pdu_sent;
  83 } output_data;
  84
  85 typedef struct _input_data {
  86         /*
  87          * This is the current incoming pdu. The data here
  88          * is collected via multiple writes until a complete
  89          * pdu is seen, then the data is copied into the in_data
  90          * structure. The maximum size of this is 0x1630 (RPC_MAX_PDU_FRAG_LEN).
  91          */
  92         unsigned char current_in_pdu[RPC_MAX_PDU_FRAG_LEN];
  93
  94         /*
  95          * The amount of data needed to complete the in_pdu.
  96          * If this is zero, then we are at the start of a new
  97          * pdu.
  98          */
  99         uint32 pdu_needed_len;
 100
 101         /*
 102          * The amount of data received so far in the in_pdu.
 103          * If this is zero, then we are at the start of a new
 104          * pdu.
 105          */
 106         uint32 pdu_received_len;
 107
 108         /*
 109          * This is the collection of input data with all
 110          * the rpc headers and auth footers removed.
 111          * The maximum length of this (1Mb) is strictly enforced.
 112          */
 113         prs_struct data;
 114 } input_data;
 115
 116 /*
 117  * Handle database - stored per pipe.
 118  */
 119
 120 struct policy {
 121         struct policy *next, *prev;
 122
 123         POLICY_HND pol_hnd;
 124
 125         void *data_ptr;
 126         void (*free_fn)(void *);
 127 };
 128
 129 struct handle_list {
 130         struct policy *Policy;  /* List of policies. */
 131         size_t count;                   /* Current number of handles. */
 132         size_t pipe_ref_count;  /* Number of pipe handles referring to this list. */
 133 };
 134
 135 /* Domain controller authentication protocol info */
 136 struct dcinfo {
 137         uint32 sequence; /* "timestamp" from client. */
 138         struct netr_Credential seed_chal;
 139         struct netr_Credential clnt_chal; /* Client credential */
 140         struct netr_Credential srv_chal;  /* Server credential */
 141
 142         unsigned char  sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
 143         unsigned char  mach_pw[16];   /* md4(machine password) */
 144
 145         fstring mach_acct;  /* Machine name we've authenticated. */
 146
 147         fstring remote_machine;  /* Machine name we've authenticated. */
 148         fstring domain;
 149
 150         bool challenge_sent;
 151         bool authenticated;
 152 };
 153
 154 typedef struct pipe_rpc_fns {
 155
 156         struct pipe_rpc_fns *next, *prev;
 157
 158         /* RPC function table associated with the current rpc_bind (associated by context) */
 159
 160         const struct api_struct *cmds;
 161         int n_cmds;
 162         uint32 context_id;
 163
 164 } PIPE_RPC_FNS;
 165
 166 /*
 167  * Different auth types we support.
 168  * Can't keep in sync with wire values as spnego wraps different auth methods.
 169  */
 170
 171 enum pipe_auth_type { PIPE_AUTH_TYPE_NONE = 0, PIPE_AUTH_TYPE_NTLMSSP, PIPE_AUTH_TYPE_SCHANNEL,
 172                         PIPE_AUTH_TYPE_SPNEGO_NTLMSSP, PIPE_AUTH_TYPE_KRB5, PIPE_AUTH_TYPE_SPNEGO_KRB5 };
 173
 174 /* Possible auth levels - keep these in sync with the wire values. */
 175 enum pipe_auth_level { PIPE_AUTH_LEVEL_NONE = 0,
 176                         PIPE_AUTH_LEVEL_CONNECT = 1,    /* We treat as NONE. */
 177                         PIPE_AUTH_LEVEL_INTEGRITY = 5,  /* Sign. */
 178                         PIPE_AUTH_LEVEL_PRIVACY = 6     /* Seal. */
 179 };
 180
 181 /* auth state for krb5. */
 182 struct kerberos_auth_struct {
 183         const char *service_principal;
 184         DATA_BLOB session_key;
 185 };
 186
 187 /* auth state for schannel. */
 188 struct schannel_auth_struct {
 189         unsigned char sess_key[16];
 190         uint32 seq_num;
 191 };
 192
 193 /* auth state for all bind types. */
 194
 195 struct pipe_auth_data {
 196         enum pipe_auth_type auth_type; /* switch for union below. */
 197         enum pipe_auth_level auth_level;
 198         union {
 199                 struct schannel_auth_struct *schannel_auth;
 200                 AUTH_NTLMSSP_STATE *auth_ntlmssp_state;
 201 /*              struct kerberos_auth_struct *kerberos_auth; TO BE ADDED... */
 202         } a_u;
 203         void (*auth_data_free_func)(struct pipe_auth_data *);
 204 };
 205
 206 /*
 207  * DCE/RPC-specific samba-internal-specific handling of data on
 208  * NamedPipes.
 209  */
 210
 211 typedef struct pipes_struct {
 212         struct pipes_struct *next, *prev;
 213
 214         char client_address[INET6_ADDRSTRLEN];
 215
 216         struct auth_serversupplied_info *server_info;
 217
 218         fstring name;
 219         fstring pipe_srv_name;
 220
 221         /* linked list of rpc dispatch tables associated
 222            with the open rpc contexts */
 223
 224         PIPE_RPC_FNS *contexts;
 225
 226         RPC_HDR hdr; /* Incoming RPC header. */
 227         RPC_HDR_REQ hdr_req; /* Incoming request header. */
 228
 229         struct pipe_auth_data auth;
 230
 231         struct dcinfo *dc; /* Keeps the creds data from netlogon. */
 232
 233         /*
 234          * Unix user name and credentials used when a pipe is authenticated.
 235          */
 236
 237         struct current_user pipe_user;
 238
 239         /*
 240          * Set to true when an RPC bind has been done on this pipe.
 241          */
 242
 243         bool pipe_bound;
 244
 245         /*
 246          * Set to true when we should return fault PDU's for everything.
 247          */
 248
 249         bool fault_state;
 250
 251         /*
 252          * Set to true when we should return fault PDU's for a bad handle.
 253          */
 254
 255         bool bad_handle_fault_state;
 256
 257         /*
 258          * Set to true when the backend does not support a call.
 259          */
 260
 261         bool rng_fault_state;
 262
 263         /*
 264          * Set to RPC_BIG_ENDIAN when dealing with big-endian PDU's
 265          */
 266
 267         bool endian;
 268
 269         /*
 270          * Struct to deal with multiple pdu inputs.
 271          */
 272
 273         input_data in_data;
 274
 275         /*
 276          * Struct to deal with multiple pdu outputs.
 277          */
 278
 279         output_data out_data;
 280
 281         /* This context is used for PDU data and is freed between each pdu.
 282                 Don't use for pipe state storage. */
 283         TALLOC_CTX *mem_ctx;
 284
 285         /* handle database to use on this pipe. */
 286         struct handle_list *pipe_handles;
 287
 288 } pipes_struct;
 289
 290 struct api_struct {
 291         const char *name;
 292         uint8 opnum;
 293         bool (*fn) (pipes_struct *);
 294 };
 295
 296 typedef struct {
 297         uint32 rid;
 298         const char *name;
 299 } rid_name;
 300
 301 /*
 302  * higher order functions for use with msrpc client code
 303  */
 304
 305 #define PRINT_INFO_FN(fn)\
 306         void (*fn)(const char*, uint32, uint32, void  *const *const)
 307 #define JOB_INFO_FN(fn)\
 308         void (*fn)(const char*, const char*, uint32, uint32, void *const *const)
 309
 310 /* end higher order functions */
 311
 312 typedef struct {
 313         uint32 size;
 314         prs_struct prs;
 315         uint32 struct_start;
 316         uint32 string_at_end;
 317 } RPC_BUFFER;
 318
 319 #endif /* _NT_DOMAIN_H */