diff options
| -rw-r--r-- | source3/include/proto.h | 16 | ||||
| -rw-r--r-- | source3/include/rpc_svcctl.h | 60 | ||||
| -rw-r--r-- | source3/rpc_parse/parse_svc.c | 186 | ||||
| -rw-r--r-- | source3/rpc_server/srv_svcctl.c | 76 |
4 files changed, 329 insertions, 9 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 918ef80f80..95307f4334 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2504,6 +2504,22 @@ void svc_io_q_open_sc_man(char *desc, SVC_Q_OPEN_SC_MAN *q_u, prs_struct *ps, in void make_svc_r_open_sc_man(SVC_R_OPEN_SC_MAN *r_u, POLICY_HND *hnd, uint32 status) ; void svc_io_r_open_sc_man(char *desc, SVC_R_OPEN_SC_MAN *r_u, prs_struct *ps, int depth); +void make_svc_q_open_service(SVC_Q_OPEN_SERVICE *q_u, + POLICY_HND *hnd, + char *server, + uint32 des_access) ; +void svc_io_q_open_service(char *desc, SVC_Q_OPEN_SERVICE *q_u, prs_struct *ps, int depth); +void make_svc_r_open_service(SVC_R_OPEN_SERVICE *r_u, POLICY_HND *hnd, + uint32 status) ; +void svc_io_r_open_service(char *desc, SVC_R_OPEN_SERVICE *r_u, prs_struct *ps, int depth); +void make_svc_query_svc_cfg(QUERY_SERVICE_CONFIG *q_u, + uint32 service_type, uint32 start_type, + uint32 error_control, + char* bin_path_name, char* load_order_grp, + uint32 tag_id, + char* dependencies, char* service_start_name, + char* display_name); +void svc_io_query_svc_cfg(char *desc, QUERY_SERVICE_CONFIG *q_u, prs_struct *ps, int depth); void make_svc_q_enum_svcs_status(SVC_Q_ENUM_SVCS_STATUS *q_c, POLICY_HND *hnd, uint32 service_type, uint32 service_state, uint32 buf_size, uint32 resume_hnd ); diff --git a/source3/include/rpc_svcctl.h b/source3/include/rpc_svcctl.h index 451fdaa459..dc7d48d6b3 100644 --- a/source3/include/rpc_svcctl.h +++ b/source3/include/rpc_svcctl.h @@ -28,6 +28,8 @@ /* svcctl pipe */ #define SVC_OPEN_SC_MAN 0x0f #define SVC_ENUM_SVCS_STATUS 0x0e +#define SVC_QUERY_SVC_CONFIG 0x11 +#define SVC_OPEN_SERVICE 0x10 #define SVC_CLOSE 0x00 @@ -52,6 +54,45 @@ typedef struct r_svc_open_sc_man_info } SVC_R_OPEN_SC_MAN; +/* SVC_Q_OPEN_SERVICE */ +typedef struct q_svc_open_service_info +{ + POLICY_HND scman_pol; + UNISTR2 uni_srv_name; /* unicode server name starting with '\\' */ + uint32 des_access; /* 0x80000004 - SC_MANAGER_xxxx */ + +} SVC_Q_OPEN_SERVICE; + +/* SVC_R_OPEN_SERVICE */ +typedef struct r_svc_open_service_info +{ + POLICY_HND pol; + uint32 status; /* return status */ + +} SVC_R_OPEN_SERVICE; + + +/* QUERY_SERVICE_CONFIG */ +typedef struct query_service_config_info +{ + uint32 service_type; + uint32 start_type; + uint32 error_control; + uint32 ptr_bin_path_name; + uint32 ptr_load_order_grp; + uint32 tag_id; + uint32 ptr_dependencies; + uint32 ptr_service_start_name; + uint32 ptr_display_name; + + UNISTR2 uni_bin_path_name; + UNISTR2 uni_load_order_grp; + UNISTR2 uni_dependencies; + UNISTR2 uni_service_start_name; + UNISTR2 uni_display_name; + +} QUERY_SERVICE_CONFIG; + /* SVC_STATUS */ typedef struct svc_status_info { @@ -98,6 +139,25 @@ typedef struct r_svc_enum_svcs_status_info } SVC_R_ENUM_SVCS_STATUS; +/* SVC_Q_QUERY_SVC_CONFIG */ +typedef struct q_svc_query_svc_cfg_info +{ + POLICY_HND pol; + uint32 buf_size; + +} SVC_Q_QUERY_SVC_CONFIG; + + +/* SVC_R_QUERY_SVC_CONFIG */ +typedef struct r_svc_query_svc_cfg_info +{ + QUERY_SERVICE_CONFIG *cfg; + uint32 buf_size; + uint32 status; /* return status */ + +} SVC_R_QUERY_SVC_CONFIG; + + /* SVC_Q_CLOSE */ typedef struct q_svc_close_info { diff --git a/source3/rpc_parse/parse_svc.c b/source3/rpc_parse/parse_svc.c index 2ebab5aea5..912582f35e 100644 --- a/source3/rpc_parse/parse_svc.c +++ b/source3/rpc_parse/parse_svc.c @@ -96,6 +96,131 @@ void svc_io_r_open_sc_man(char *desc, SVC_R_OPEN_SC_MAN *r_u, prs_struct *ps, i } /******************************************************************* + make_svc_q_open_service + ********************************************************************/ +void make_svc_q_open_service(SVC_Q_OPEN_SERVICE *q_u, + POLICY_HND *hnd, + char *server, + uint32 des_access) +{ + DEBUG(5,("make_svc_q_open_service\n")); + + memcpy(&(q_u->scman_pol), hnd, sizeof(q_u->scman_pol)); + make_unistr2(&(q_u->uni_srv_name), server, strlen(server)+1); + q_u->des_access = des_access; + +} + +/******************************************************************* +reads or writes a SVC_Q_OPEN_SERVICE structure. +********************************************************************/ +void svc_io_q_open_service(char *desc, SVC_Q_OPEN_SERVICE *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) return; + + prs_debug(ps, depth, desc, "svc_io_q_open_service"); + depth++; + + prs_align(ps); + + smb_io_pol_hnd("", &(q_u->scman_pol), ps, depth); + prs_align(ps); + + smb_io_unistr2("", &(q_u->uni_srv_name), 1, ps, depth); + prs_align(ps); + + prs_uint32("des_access", ps, depth, &(q_u->des_access)); + prs_align(ps); +} + +/******************************************************************* + make_svc_r_open_service + ********************************************************************/ +void make_svc_r_open_service(SVC_R_OPEN_SERVICE *r_u, POLICY_HND *hnd, + uint32 status) +{ + DEBUG(5,("make_svc_r_unknown_0: %d\n", __LINE__)); + + memcpy(&(r_u->pol), hnd, sizeof(r_u->pol)); + r_u->status = status; +} + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +void svc_io_r_open_service(char *desc, SVC_R_OPEN_SERVICE *r_u, prs_struct *ps, int depth) +{ + if (r_u == NULL) return; + + prs_debug(ps, depth, desc, "svc_io_r_open_service"); + depth++; + + prs_align(ps); + + smb_io_pol_hnd("", &(r_u->pol), ps, depth); + + prs_uint32("status ", ps, depth, &(r_u->status)); +} + +/******************************************************************* + make_svc_query_svc_cfg + ********************************************************************/ +void make_svc_query_svc_cfg(QUERY_SERVICE_CONFIG *q_u, + uint32 service_type, uint32 start_type, + uint32 error_control, + char* bin_path_name, char* load_order_grp, + uint32 tag_id, + char* dependencies, char* service_start_name, + char* disp_name) +{ + DEBUG(5,("make_svc_query_svc_cfg\n")); + + q_u->service_type = service_type; + q_u->start_type = start_type; + q_u->error_control = error_control; + make_buf_unistr2(&(q_u->uni_bin_path_name ), &(q_u->ptr_bin_path_name ), bin_path_name ); + make_buf_unistr2(&(q_u->uni_load_order_grp ), &(q_u->ptr_load_order_grp ), load_order_grp ); + q_u->tag_id = tag_id; + make_buf_unistr2(&(q_u->uni_dependencies ), &(q_u->ptr_dependencies ), dependencies ); + make_buf_unistr2(&(q_u->uni_service_start_name), &(q_u->ptr_service_start_name), service_start_name); + make_buf_unistr2(&(q_u->uni_display_name ), &(q_u->ptr_display_name ), disp_name ); +} + +/******************************************************************* +reads or writes a QUERY_SERVICE_CONFIG structure. +********************************************************************/ +void svc_io_query_svc_cfg(char *desc, QUERY_SERVICE_CONFIG *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) return; + + prs_debug(ps, depth, desc, "svc_io_query_svc_cfg"); + depth++; + + prs_align(ps); + + prs_uint32("service_type ", ps, depth, &(q_u->service_type )); + prs_uint32("start_type ", ps, depth, &(q_u->start_type )); + prs_uint32("error_control ", ps, depth, &(q_u->error_control )); + prs_uint32("ptr_bin_path_name ", ps, depth, &(q_u->ptr_bin_path_name )); + prs_uint32("ptr_load_order_grp ", ps, depth, &(q_u->ptr_load_order_grp )); + prs_uint32("tag_id ", ps, depth, &(q_u->tag_id )); + prs_uint32("ptr_dependencies ", ps, depth, &(q_u->ptr_dependencies )); + prs_uint32("ptr_service_start_name", ps, depth, &(q_u->ptr_service_start_name)); + prs_uint32("ptr_display_name ", ps, depth, &(q_u->ptr_display_name )); + + smb_io_unistr2("uni_bin_path_name ", &(q_u->uni_bin_path_name ), q_u->ptr_bin_path_name , ps, depth); + prs_align(ps); + smb_io_unistr2("uni_load_order_grp ", &(q_u->uni_load_order_grp ), q_u->ptr_load_order_grp , ps, depth); + prs_align(ps); + smb_io_unistr2("uni_dependencies ", &(q_u->uni_dependencies ), q_u->ptr_dependencies , ps, depth); + prs_align(ps); + smb_io_unistr2("uni_service_start_name", &(q_u->uni_service_start_name), q_u->ptr_service_start_name, ps, depth); + prs_align(ps); + smb_io_unistr2("uni_display_name ", &(q_u->uni_display_name ), q_u->ptr_display_name , ps, depth); + prs_align(ps); +} + +/******************************************************************* makes an SVC_Q_ENUM_SVCS_STATUS structure. ********************************************************************/ void make_svc_q_enum_svcs_status(SVC_Q_ENUM_SVCS_STATUS *q_c, POLICY_HND *hnd, @@ -333,6 +458,67 @@ void svc_io_svc_status(char *desc, SVC_STATUS *svc, prs_struct *ps, int depth) } /******************************************************************* +makes an SVC_Q_QUERY_SVC_CONFIG structure. +********************************************************************/ +void make_svc_q_query_svc_config(SVC_Q_QUERY_SVC_CONFIG *q_c, POLICY_HND *hnd, + uint32 buf_size) +{ + if (q_c == NULL || hnd == NULL) return; + + DEBUG(5,("make_svc_q_query_svc_config\n")); + + memcpy(&(q_c->pol), hnd, sizeof(q_c->pol)); + q_c->buf_size = buf_size; +} + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +void svc_io_q_query_svc_config(char *desc, SVC_Q_QUERY_SVC_CONFIG *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) return; + + prs_debug(ps, depth, desc, "svc_io_q_query_svc_config"); + depth++; + + prs_align(ps); + + smb_io_pol_hnd("", &(q_u->pol), ps, depth); + prs_align(ps); + prs_uint32("buf_size", ps, depth, &(q_u->buf_size)); +} + +/******************************************************************* +makes an SVC_R_QUERY_SVC_CONFIG structure. +********************************************************************/ +void make_svc_r_query_svc_config(SVC_R_QUERY_SVC_CONFIG *r_c, + uint32 buf_size) +{ + if (r_c == NULL) return; + + DEBUG(5,("make_svc_r_query_svc_config\n")); + + r_c->buf_size = buf_size; +} + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +void svc_io_r_query_svc_config(char *desc, SVC_R_QUERY_SVC_CONFIG *r_u, prs_struct *ps, int depth) +{ + if (r_u == NULL) return; + + prs_debug(ps, depth, desc, "svc_io_r_query_svc_config"); + depth++; + + prs_align(ps); + + svc_io_query_svc_cfg("cfg", r_u->cfg, ps, depth); + prs_uint32("buf_size", ps, depth, &(r_u->buf_size)); + prs_uint32("status ", ps, depth, &(r_u->status )); +} + +/******************************************************************* makes an SVC_Q_CLOSE structure. ********************************************************************/ void make_svc_q_close(SVC_Q_CLOSE *q_c, POLICY_HND *hnd) diff --git a/source3/rpc_server/srv_svcctl.c b/source3/rpc_server/srv_svcctl.c index 6cf9b8cd22..6e8841f18a 100644 --- a/source3/rpc_server/srv_svcctl.c +++ b/source3/rpc_server/srv_svcctl.c @@ -71,6 +71,61 @@ static void api_svc_close( uint16 vuid, prs_struct *data, /******************************************************************* + svc_reply_open_service + ********************************************************************/ +static void svc_reply_open_service(SVC_Q_OPEN_SERVICE *q_u, + prs_struct *rdata) +{ + uint32 status = 0; + POLICY_HND pol; + SVC_R_OPEN_SERVICE r_u; + fstring name; + + DEBUG(5,("svc_open_service: %d\n", __LINE__)); + + if (status == 0x0 && find_lsa_policy_by_hnd(&q_u->scman_pol) == -1) + { + status = 0xC000000 | NT_STATUS_INVALID_HANDLE; + } + + if (status == 0x0 && !open_lsa_policy_hnd(&pol)) + { + status = 0xC000000 | NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */ + } + + fstrcpy(name, unistr2_to_str(&q_u->uni_srv_name)); + + if (status == 0x0) + { + DEBUG(5,("svc_open_service: %s\n", name)); + /* lkcl XXXX do a check on the name, here */ + } + + if (status == 0x0 && !set_lsa_policy_reg_name(&pol, name)) + { + status = 0xC000000 | NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */ + } + + make_svc_r_open_service(&r_u, &pol, status); + + /* store the response in the SMB stream */ + svc_io_r_open_service("", &r_u, rdata, 0); + + DEBUG(5,("svc_open_service: %d\n", __LINE__)); +} + +/******************************************************************* + api_svc_open_service + ********************************************************************/ +static void api_svc_open_service( uint16 vuid, prs_struct *data, + prs_struct *rdata ) +{ + SVC_Q_OPEN_SERVICE q_u; + svc_io_q_open_service("", &q_u, data, 0); + svc_reply_open_service(&q_u, rdata); +} + +/******************************************************************* svc_reply_open_sc_man ********************************************************************/ static void svc_reply_open_sc_man(SVC_Q_OPEN_SC_MAN *q_u, @@ -145,7 +200,7 @@ static void svc_reply_enum_svcs_status(SVC_Q_ENUM_SVCS_STATUS *q_u, int buf_size = 0; int i = get_enum_hnd(&q_u->resume_hnd); uint32 resume_hnd = 0; - int max_buf_size = 0x80; + int max_buf_size = 0x10000; ZERO_STRUCT(r_u); @@ -161,7 +216,6 @@ static void svc_reply_enum_svcs_status(SVC_Q_ENUM_SVCS_STATUS *q_u, DEBUG(5,("svc_enum_svcs_status:\n")); while (dummy_services[i] != NULL) { - ENUM_SRVC_STATUS *svc = NULL; buf_size += strlen(dummy_services[i] + 1) * 2; @@ -170,12 +224,15 @@ static void svc_reply_enum_svcs_status(SVC_Q_ENUM_SVCS_STATUS *q_u, DEBUG(10,("buf_size: %d q_u->buf_size: %d\n", buf_size, q_u->buf_size)); + if (buf_size >= max_buf_size) + { + resume_hnd = i; + break; + } + if (buf_size > q_u->buf_size) { - if (buf_size >= max_buf_size) - { - resume_hnd = i; - } + dos_status = ERRmoredata; break; } @@ -238,10 +295,11 @@ static void api_svc_enum_svcs_status( uint16 vuid, prs_struct *data, ********************************************************************/ static struct api_struct api_svc_cmds[] = { - { "SVC_CLOSE" , SVC_CLOSE , api_svc_close }, - { "SVC_OPEN_SC_MAN" , SVC_OPEN_SC_MAN , api_svc_open_sc_man }, + { "SVC_CLOSE" , SVC_CLOSE , api_svc_close }, + { "SVC_OPEN_SC_MAN" , SVC_OPEN_SC_MAN , api_svc_open_sc_man }, + { "SVC_OPEN_SERVICE" , SVC_OPEN_SERVICE , api_svc_open_service }, { "SVC_ENUM_SVCS_STATUS", SVC_ENUM_SVCS_STATUS, api_svc_enum_svcs_status }, - { NULL, 0 , NULL } + { NULL , 0 , NULL } }; /******************************************************************* |