diff options
Diffstat (limited to 'source4/librpc')
101 files changed, 31057 insertions, 0 deletions
diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk new file mode 100644 index 0000000000..b68d5e6a69 --- /dev/null +++ b/source4/librpc/config.mk @@ -0,0 +1,744 @@ +ndrsrcdir = $(librpcsrcdir)/ndr +gen_ndrsrcdir = $(librpcsrcdir)/gen_ndr +dcerpcsrcdir = $(librpcsrcdir)/rpc + +################################################ +# Start SUBSYSTEM LIBNDR +[LIBRARY::LIBNDR] +PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBTALLOC LIBSAMBA-UTIL CHARSET \ + LIBSAMBA-HOSTCONFIG + +LIBNDR_OBJ_FILES = $(addprefix $(ndrsrcdir)/, ndr.o ndr_basic.o ndr_string.o uuid.o) + +$(eval $(call proto_header_template,$(ndrsrcdir)/libndr_proto.h,$(LIBNDR_OBJ_FILES:.o=.c))) + +PC_FILES += $(librpcsrcdir)/ndr.pc +LIBNDR_VERSION = 0.0.1 +LIBNDR_SOVERSION = 0 + +# End SUBSYSTEM LIBNDR +################################################ + +PUBLIC_HEADERS += $(ndrsrcdir)/libndr.h + +################################# +# Start BINARY ndrdump +[BINARY::ndrdump] +INSTALLDIR = BINDIR +PRIVATE_DEPENDENCIES = \ + LIBSAMBA-HOSTCONFIG \ + LIBSAMBA-UTIL \ + LIBPOPT \ + POPT_SAMBA \ + NDR_TABLE \ + LIBSAMBA-ERRORS +# FIXME: ndrdump shouldn't have to depend on RPC... +# End BINARY ndrdump +################################# + +ndrdump_OBJ_FILES = $(librpcsrcdir)/tools/ndrdump.o + +MANPAGES += $(librpcsrcdir)/tools/ndrdump.1 + +################################################ +# Start SUBSYSTEM NDR_COMPRESSION +[SUBSYSTEM::NDR_COMPRESSION] +PRIVATE_DEPENDENCIES = ZLIB LZXPRESS +PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBNDR +# End SUBSYSTEM NDR_COMPRESSION +################################################ + +NDR_COMPRESSION_OBJ_FILES = $(ndrsrcdir)/ndr_compression.o + +$(eval $(call proto_header_template,$(ndrsrcdir)/ndr_compression.h,$(NDR_COMPRESSION_OBJ_FILES:.o=.c))) + +[SUBSYSTEM::NDR_SECURITY] +PUBLIC_DEPENDENCIES = NDR_MISC LIBSECURITY + +NDR_SECURITY_OBJ_FILES = $(gen_ndrsrcdir)/ndr_security.o $(ndrsrcdir)/ndr_sec_helper.o + +PUBLIC_HEADERS += $(gen_ndrsrcdir)/security.h + +[SUBSYSTEM::NDR_AUDIOSRV] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_AUDIOSRV_OBJ_FILES = $(gen_ndrsrcdir)/ndr_audiosrv.o + +[SUBSYSTEM::NDR_DNSSERVER] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_DNSSERVER_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dnsserver.o + +[SUBSYSTEM::NDR_WINSTATION] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_WINSTATION_OBJ_FILES = $(gen_ndrsrcdir)/ndr_winstation.o + +[SUBSYSTEM::NDR_ECHO] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_ECHO_OBJ_FILES = $(gen_ndrsrcdir)/ndr_echo.o + +[SUBSYSTEM::NDR_IRPC] +PUBLIC_DEPENDENCIES = LIBNDR NDR_SECURITY NDR_NBT + +NDR_IRPC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_irpc.o + +[SUBSYSTEM::NDR_DSBACKUP] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_DSBACKUP_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dsbackup.o + +[SUBSYSTEM::NDR_EFS] +PUBLIC_DEPENDENCIES = LIBNDR NDR_SECURITY + +NDR_EFS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_efs.o + +[SUBSYSTEM::NDR_MISC] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_MISC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_misc.o $(ndrsrcdir)/ndr_misc.o + +PUBLIC_HEADERS += $(gen_ndrsrcdir)/misc.h $(gen_ndrsrcdir)/ndr_misc.h + +[SUBSYSTEM::NDR_ROT] +PUBLIC_DEPENDENCIES = LIBNDR NDR_ORPC + +NDR_ROT_OBJ_FILES = $(gen_ndrsrcdir)/ndr_rot.o + +[SUBSYSTEM::NDR_LSA] +PUBLIC_DEPENDENCIES = LIBNDR NDR_SECURITY + +NDR_LSA_OBJ_FILES = $(gen_ndrsrcdir)/ndr_lsa.o + +PUBLIC_HEADERS += $(gen_ndrsrcdir)/lsa.h + +[SUBSYSTEM::NDR_DFS] +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC + +NDR_DFS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dfs.o + +[SUBSYSTEM::NDR_FRSRPC] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_FRSRPC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_frsrpc.o + +[SUBSYSTEM::NDR_FRSAPI] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_FRSAPI_OBJ_FILES = $(gen_ndrsrcdir)/ndr_frsapi.o + +[SUBSYSTEM::NDR_DRSUAPI] +PUBLIC_DEPENDENCIES = LIBNDR NDR_COMPRESSION NDR_SECURITY NDR_SAMR ASN1_UTIL + +NDR_DRSUAPI_OBJ_FILES = $(gen_ndrsrcdir)/ndr_drsuapi.o $(ndrsrcdir)/ndr_drsuapi.o + +[SUBSYSTEM::NDR_DRSBLOBS] +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_DRSUAPI LIBCLI_DRSBLOBS + +NDR_DRSBLOBS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_drsblobs.o + +[SUBSYSTEM::NDR_SASL_HELPERS] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_SASL_HELPERS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_sasl_helpers.o + +[SUBSYSTEM::NDR_POLICYAGENT] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_POLICYAGENT_OBJ_FILES = $(gen_ndrsrcdir)/ndr_policyagent.o + +[SUBSYSTEM::NDR_UNIXINFO] +PUBLIC_DEPENDENCIES = LIBNDR NDR_SECURITY + +NDR_UNIXINFO_OBJ_FILES = $(gen_ndrsrcdir)/ndr_unixinfo.o + +[SUBSYSTEM::NDR_SAMR] +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_LSA NDR_SECURITY + +NDR_SAMR_OBJ_FILES = $(gen_ndrsrcdir)/ndr_samr.o + +PUBLIC_HEADERS += $(addprefix $(librpcsrcdir)/, gen_ndr/samr.h gen_ndr/ndr_samr.h gen_ndr/ndr_samr_c.h) + +[SUBSYSTEM::NDR_NFS4ACL] +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_SECURITY + +NDR_NFS4ACL_OBJ_FILES = $(gen_ndrsrcdir)/ndr_nfs4acl.o + +[SUBSYSTEM::NDR_SPOOLSS] +PUBLIC_DEPENDENCIES = LIBNDR NDR_SPOOLSS_BUF NDR_SECURITY + +NDR_SPOOLSS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_spoolss.o + +[SUBSYSTEM::NDR_SPOOLSS_BUF] + +NDR_SPOOLSS_BUF_OBJ_FILES = $(ndrsrcdir)/ndr_spoolss_buf.o + +$(eval $(call proto_header_template,$(ndrsrcdir)/ndr_spoolss_buf.h,$(NDR_SPOOLSS_BUF_OBJ_FILES:.o=.c))) + +[SUBSYSTEM::NDR_WKSSVC] +PUBLIC_DEPENDENCIES = LIBNDR NDR_SRVSVC NDR_MISC NDR_SECURITY + +NDR_WKSSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_wkssvc.o + +[SUBSYSTEM::NDR_SRVSVC] +PUBLIC_DEPENDENCIES = LIBNDR NDR_SVCCTL NDR_SECURITY + +NDR_SRVSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_srvsvc.o + +[SUBSYSTEM::NDR_SVCCTL] +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC + +NDR_SVCCTL_OBJ_FILES = $(gen_ndrsrcdir)/ndr_svcctl.o + +PUBLIC_HEADERS += $(addprefix $(librpcsrcdir)/, gen_ndr/ndr_svcctl.h gen_ndr/svcctl.h) + +[SUBSYSTEM::NDR_ATSVC] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_ATSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_atsvc.o + +PUBLIC_HEADERS += $(addprefix $(librpcsrcdir)/, gen_ndr/atsvc.h gen_ndr/ndr_atsvc.h) + +[SUBSYSTEM::NDR_EVENTLOG] +PUBLIC_DEPENDENCIES = LIBNDR NDR_LSA + +NDR_EVENTLOG_OBJ_FILES = $(gen_ndrsrcdir)/ndr_eventlog.o + +[SUBSYSTEM::NDR_EPMAPPER] +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC + +NDR_EPMAPPER_OBJ_FILES = $(gen_ndrsrcdir)/ndr_epmapper.o + +[SUBSYSTEM::NDR_DBGIDL] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_DBGIDL_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dbgidl.o + +[SUBSYSTEM::NDR_DSSETUP] +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC + +NDR_DSSETUP_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dssetup.o + +[SUBSYSTEM::NDR_MSGSVC] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_MSGSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_msgsvc.o + +[SUBSYSTEM::NDR_WINS] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_WINS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_wins.o + +[SUBSYSTEM::NDR_WINREG] +PUBLIC_DEPENDENCIES = LIBNDR NDR_INITSHUTDOWN NDR_SECURITY NDR_MISC + +NDR_WINREG_OBJ_FILES = $(gen_ndrsrcdir)/ndr_winreg.o + +[SUBSYSTEM::NDR_INITSHUTDOWN] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_INITSHUTDOWN_OBJ_FILES = $(gen_ndrsrcdir)/ndr_initshutdown.o + +[SUBSYSTEM::NDR_MGMT] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_MGMT_OBJ_FILES = $(gen_ndrsrcdir)/ndr_mgmt.o + +[SUBSYSTEM::NDR_PROTECTED_STORAGE] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_PROTECTED_STORAGE_OBJ_FILES = $(gen_ndrsrcdir)/ndr_protected_storage.o + +[SUBSYSTEM::NDR_ORPC] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_ORPC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_orpc.o $(ndrsrcdir)/ndr_orpc.o + +[SUBSYSTEM::NDR_OXIDRESOLVER] +PUBLIC_DEPENDENCIES = LIBNDR NDR_ORPC NDR_MISC + +NDR_OXIDRESOLVER_OBJ_FILES = $(gen_ndrsrcdir)/ndr_oxidresolver.o + +[SUBSYSTEM::NDR_REMACT] +PUBLIC_DEPENDENCIES = LIBNDR NDR_ORPC NDR_MISC + +NDR_REMACT_OBJ_FILES = $(gen_ndrsrcdir)/ndr_remact.o + +[SUBSYSTEM::NDR_WZCSVC] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_WZCSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_wzcsvc.o + +[SUBSYSTEM::NDR_BROWSER] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_BROWSER_OBJ_FILES = $(gen_ndrsrcdir)/ndr_browser.o + +[SUBSYSTEM::NDR_W32TIME] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_W32TIME_OBJ_FILES = $(gen_ndrsrcdir)/ndr_w32time.o + +[SUBSYSTEM::NDR_SCERPC] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_SCERPC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_scerpc.o + +[SUBSYSTEM::NDR_NTSVCS] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_NTSVCS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_ntsvcs.o + +[SUBSYSTEM::NDR_NETLOGON] +PUBLIC_DEPENDENCIES = LIBNDR NDR_SAMR NDR_LSA NDR_SECURITY + +NDR_NETLOGON_OBJ_FILES = $(gen_ndrsrcdir)/ndr_netlogon.o + +PUBLIC_HEADERS += $(addprefix $(librpcsrcdir)/, gen_ndr/netlogon.h) + +[SUBSYSTEM::NDR_TRKWKS] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_TRKWKS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_trkwks.o + +[SUBSYSTEM::NDR_KEYSVC] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_KEYSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_keysvc.o + +[SUBSYSTEM::NDR_KRB5PAC] +PUBLIC_DEPENDENCIES = LIBNDR NDR_NETLOGON NDR_SECURITY + +NDR_KRB5PAC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_krb5pac.o $(ndrsrcdir)/ndr_krb5pac.o + +[SUBSYSTEM::NDR_XATTR] +PUBLIC_DEPENDENCIES = LIBNDR NDR_SECURITY + +NDR_XATTR_OBJ_FILES = $(gen_ndrsrcdir)/ndr_xattr.o + +[SUBSYSTEM::NDR_OPENDB] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_OPENDB_OBJ_FILES = $(gen_ndrsrcdir)/ndr_opendb.o + +[SUBSYSTEM::NDR_NOTIFY] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_NOTIFY_OBJ_FILES = $(gen_ndrsrcdir)/ndr_notify.o + +[SUBSYSTEM::NDR_SCHANNEL] +PUBLIC_DEPENDENCIES = LIBNDR NDR_NBT + +NDR_SCHANNEL_OBJ_FILES = $(gen_ndrsrcdir)/ndr_schannel.o + +[SUBSYSTEM::NDR_NBT] +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_NBT_BUF NDR_SVCCTL NDR_SECURITY NDR_SAMR LIBCLI_NDR_NETLOGON + +NDR_NBT_OBJ_FILES = $(gen_ndrsrcdir)/ndr_nbt.o + +PUBLIC_HEADERS += $(gen_ndrsrcdir)/nbt.h + +[SUBSYSTEM::NDR_NTP_SIGND] +PUBLIC_DEPENDENCIES = LIBNDR + +NDR_NTP_SIGND_OBJ_FILES = $(gen_ndrsrcdir)/ndr_ntp_signd.o + +[SUBSYSTEM::NDR_WINSREPL] +PUBLIC_DEPENDENCIES = LIBNDR NDR_NBT + +NDR_WINSREPL_OBJ_FILES = $(gen_ndrsrcdir)/ndr_winsrepl.o + +[SUBSYSTEM::NDR_WINBIND] +PUBLIC_DEPENDENCIES = LIBNDR NDR_NETLOGON + +NDR_WINBIND_OBJ_FILES = $(gen_ndrsrcdir)/ndr_winbind.o +#PUBLIC_HEADERS += $(gen_ndrsrcdir)/winbind.h + +$(librpcsrcdir)/idl-deps: + $(PERL) $(librpcsrcdir)/idl-deps.pl $(librpcsrcdir)/idl/*.idl >$@ + +clean:: + rm -f $(librpcsrcdir)/idl-deps + +-include $(librpcsrcdir)/idl-deps + +$(gen_ndrsrcdir)/tables.c: $(IDL_NDR_PARSE_H_FILES) + @echo Generating $@ + @$(PERL) $(librpcsrcdir)/tables.pl --output=$@ $^ > $(gen_ndrsrcdir)/tables.x + @mv $(gen_ndrsrcdir)/tables.x $@ + +[SUBSYSTEM::NDR_TABLE] +PUBLIC_DEPENDENCIES = \ + NDR_AUDIOSRV NDR_ECHO NDR_DCERPC \ + NDR_DSBACKUP NDR_EFS NDR_MISC NDR_LSA NDR_DFS NDR_DRSUAPI \ + NDR_POLICYAGENT NDR_UNIXINFO NDR_SAMR NDR_SPOOLSS NDR_WKSSVC NDR_SRVSVC NDR_ATSVC \ + NDR_EVENTLOG NDR_EPMAPPER NDR_DBGIDL NDR_DSSETUP NDR_MSGSVC NDR_WINS \ + NDR_WINREG NDR_MGMT NDR_PROTECTED_STORAGE NDR_OXIDRESOLVER \ + NDR_REMACT NDR_WZCSVC NDR_BROWSER NDR_W32TIME NDR_SCERPC NDR_NTSVCS \ + NDR_NETLOGON NDR_TRKWKS NDR_KEYSVC NDR_KRB5PAC NDR_XATTR NDR_SCHANNEL \ + NDR_ROT NDR_DRSBLOBS NDR_SVCCTL NDR_NBT NDR_WINSREPL NDR_SECURITY \ + NDR_INITSHUTDOWN NDR_DNSSERVER NDR_WINSTATION NDR_IRPC NDR_OPENDB \ + NDR_SASL_HELPERS NDR_NOTIFY NDR_WINBIND NDR_FRSRPC NDR_FRSAPI NDR_NFS4ACL NDR_NTP_SIGND + +NDR_TABLE_OBJ_FILES = $(ndrsrcdir)/ndr_table.o $(gen_ndrsrcdir)/tables.o + +$(eval $(call proto_header_template,$(ndrsrcdir)/ndr_table.h,$(NDR_TABLE_OBJ_FILES:.o=.c))) + +[SUBSYSTEM::RPC_NDR_ROT] +PUBLIC_DEPENDENCIES = NDR_ROT dcerpc + +RPC_NDR_ROT_OBJ_FILES = $(gen_ndrsrcdir)/ndr_rot_c.o + +[SUBSYSTEM::RPC_NDR_AUDIOSRV] +PUBLIC_DEPENDENCIES = NDR_AUDIOSRV dcerpc + +RPC_NDR_AUDIOSRV_OBJ_FILES = $(gen_ndrsrcdir)/ndr_audiosrv_c.o + +[SUBSYSTEM::RPC_NDR_ECHO] +PUBLIC_DEPENDENCIES = dcerpc NDR_ECHO + +RPC_NDR_ECHO_OBJ_FILES = $(gen_ndrsrcdir)/ndr_echo_c.o + +[SUBSYSTEM::RPC_NDR_DSBACKUP] +PUBLIC_DEPENDENCIES = dcerpc NDR_DSBACKUP + +RPC_NDR_DSBACKUP_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dsbackup_c.o + +[SUBSYSTEM::RPC_NDR_EFS] +PUBLIC_DEPENDENCIES = dcerpc NDR_EFS + +RPC_NDR_EFS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_efs_c.o + +[SUBSYSTEM::RPC_NDR_LSA] +PUBLIC_DEPENDENCIES = dcerpc NDR_LSA + +RPC_NDR_LSA_OBJ_FILES = $(gen_ndrsrcdir)/ndr_lsa_c.o + +[SUBSYSTEM::RPC_NDR_DFS] +PUBLIC_DEPENDENCIES = dcerpc NDR_DFS + +RPC_NDR_DFS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dfs_c.o + +[SUBSYSTEM::RPC_NDR_FRSAPI] +PUBLIC_DEPENDENCIES = dcerpc NDR_FRSAPI + +RPC_NDR_FRSAPI_OBJ_FILES = $(gen_ndrsrcdir)/ndr_frsapi_c.o + +[SUBSYSTEM::RPC_NDR_DRSUAPI] +PUBLIC_DEPENDENCIES = dcerpc NDR_DRSUAPI + +RPC_NDR_DRSUAPI_OBJ_FILES = $(gen_ndrsrcdir)/ndr_drsuapi_c.o + +[SUBSYSTEM::RPC_NDR_POLICYAGENT] +PUBLIC_DEPENDENCIES = dcerpc NDR_POLICYAGENT + +RPC_NDR_POLICYAGENT_OBJ_FILES = $(gen_ndrsrcdir)/ndr_policyagent_c.o + +[SUBSYSTEM::RPC_NDR_UNIXINFO] +PUBLIC_DEPENDENCIES = dcerpc NDR_UNIXINFO + +RPC_NDR_UNIXINFO_OBJ_FILES = $(gen_ndrsrcdir)/ndr_unixinfo_c.o + +[SUBSYSTEM::RPC_NDR_IRPC] +PUBLIC_DEPENDENCIES = dcerpc NDR_IRPC + +RPC_NDR_IRPC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_irpc_c.o + +[LIBRARY::dcerpc_samr] +PUBLIC_DEPENDENCIES = dcerpc NDR_SAMR + +PC_FILES += $(librpcsrcdir)/dcerpc_samr.pc + +dcerpc_samr_VERSION = 0.0.1 +dcerpc_samr_SOVERSION = 0 +dcerpc_samr_OBJ_FILES = $(gen_ndrsrcdir)/ndr_samr_c.o + +[SUBSYSTEM::RPC_NDR_SPOOLSS] +PUBLIC_DEPENDENCIES = dcerpc NDR_SPOOLSS + +RPC_NDR_SPOOLSS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_spoolss_c.o + +[SUBSYSTEM::RPC_NDR_WKSSVC] +PUBLIC_DEPENDENCIES = dcerpc NDR_WKSSVC + +RPC_NDR_WKSSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_wkssvc_c.o + +[SUBSYSTEM::RPC_NDR_SRVSVC] +PUBLIC_DEPENDENCIES = dcerpc NDR_SRVSVC + +RPC_NDR_SRVSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_srvsvc_c.o + +[SUBSYSTEM::RPC_NDR_SVCCTL] +PUBLIC_DEPENDENCIES = dcerpc NDR_SVCCTL + +RPC_NDR_SVCCTL_OBJ_FILES = $(gen_ndrsrcdir)/ndr_svcctl_c.o + +PUBLIC_HEADERS += $(gen_ndrsrcdir)/ndr_svcctl_c.h + +[LIBRARY::dcerpc_atsvc] +PUBLIC_DEPENDENCIES = dcerpc NDR_ATSVC + +dcerpc_atsvc_VERSION = 0.0.1 +dcerpc_atsvc_SOVERSION = 0 + +dcerpc_atsvc_OBJ_FILES = $(gen_ndrsrcdir)/ndr_atsvc_c.o +PC_FILES += $(librpcsrcdir)/dcerpc_atsvc.pc + +PUBLIC_HEADERS += $(gen_ndrsrcdir)/ndr_atsvc_c.h + +[SUBSYSTEM::RPC_NDR_EVENTLOG] +PUBLIC_DEPENDENCIES = dcerpc NDR_EVENTLOG + +RPC_NDR_EVENTLOG_OBJ_FILES = $(gen_ndrsrcdir)/ndr_eventlog_c.o + +[SUBSYSTEM::RPC_NDR_EPMAPPER] +PUBLIC_DEPENDENCIES = NDR_EPMAPPER + +RPC_NDR_EPMAPPER_OBJ_FILES = $(gen_ndrsrcdir)/ndr_epmapper_c.o + +[SUBSYSTEM::RPC_NDR_DBGIDL] +PUBLIC_DEPENDENCIES = dcerpc NDR_DBGIDL + +RPC_NDR_DBGIDL_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dbgidl_c.o + +[SUBSYSTEM::RPC_NDR_DSSETUP] +PUBLIC_DEPENDENCIES = dcerpc NDR_DSSETUP + +RPC_NDR_DSSETUP_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dssetup_c.o + +[SUBSYSTEM::RPC_NDR_MSGSVC] +PUBLIC_DEPENDENCIES = dcerpc NDR_MSGSVC + +RPC_NDR_MSGSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_msgsvc_c.o + +[SUBSYSTEM::RPC_NDR_WINS] +PUBLIC_DEPENDENCIES = dcerpc NDR_WINS + +RPC_NDR_WINS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_wins_c.o + +[SUBSYSTEM::RPC_NDR_WINREG] +PUBLIC_DEPENDENCIES = dcerpc NDR_WINREG + +RPC_NDR_WINREG_OBJ_FILES = $(gen_ndrsrcdir)/ndr_winreg_c.o + +[SUBSYSTEM::RPC_NDR_INITSHUTDOWN] +PUBLIC_DEPENDENCIES = dcerpc NDR_INITSHUTDOWN + +RPC_NDR_INITSHUTDOWN_OBJ_FILES = $(gen_ndrsrcdir)/ndr_initshutdown_c.o + +[SUBSYSTEM::RPC_NDR_MGMT] +PRIVATE_DEPENDENCIES = NDR_MGMT + +RPC_NDR_MGMT_OBJ_FILES = $(gen_ndrsrcdir)/ndr_mgmt_c.o + +[SUBSYSTEM::RPC_NDR_PROTECTED_STORAGE] +PUBLIC_DEPENDENCIES = dcerpc NDR_PROTECTED_STORAGE + +RPC_NDR_PROTECTED_STORAGE_OBJ_FILES = $(gen_ndrsrcdir)/ndr_protected_storage_c.o + +[SUBSYSTEM::RPC_NDR_OXIDRESOLVER] +PUBLIC_DEPENDENCIES = dcerpc NDR_OXIDRESOLVER + +RPC_NDR_OXIDRESOLVER_OBJ_FILES = $(gen_ndrsrcdir)/ndr_oxidresolver_c.o + +[SUBSYSTEM::RPC_NDR_REMACT] +PUBLIC_DEPENDENCIES = dcerpc NDR_REMACT + +RPC_NDR_REMACT_OBJ_FILES = $(gen_ndrsrcdir)/ndr_remact_c.o + +[SUBSYSTEM::RPC_NDR_WZCSVC] +PUBLIC_DEPENDENCIES = dcerpc NDR_WZCSVC + +RPC_NDR_WZCSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_wzcsvc_c.o + +[SUBSYSTEM::RPC_NDR_W32TIME] +PUBLIC_DEPENDENCIES = dcerpc NDR_W32TIME + +RPC_NDR_W32TIME_OBJ_FILES = $(gen_ndrsrcdir)/ndr_w32time_c.o + +[SUBSYSTEM::RPC_NDR_SCERPC] +PUBLIC_DEPENDENCIES = dcerpc NDR_SCERPC + +RPC_NDR_SCERPC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_scerpc_c.o + +[SUBSYSTEM::RPC_NDR_NTSVCS] +PUBLIC_DEPENDENCIES = dcerpc NDR_NTSVCS + +RPC_NDR_NTSVCS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_ntsvcs_c.o + +[SUBSYSTEM::RPC_NDR_NETLOGON] +PUBLIC_DEPENDENCIES = NDR_NETLOGON + +RPC_NDR_NETLOGON_OBJ_FILES = $(gen_ndrsrcdir)/ndr_netlogon_c.o + +[SUBSYSTEM::RPC_NDR_TRKWKS] +PUBLIC_DEPENDENCIES = dcerpc NDR_TRKWKS + +RPC_NDR_TRKWKS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_trkwks_c.o + +[SUBSYSTEM::RPC_NDR_KEYSVC] +PUBLIC_DEPENDENCIES = dcerpc NDR_KEYSVC + +RPC_NDR_KEYSVC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_keysvc_c.o + +[SUBSYSTEM::NDR_DCERPC] +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC + +NDR_DCERPC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dcerpc.o + +PUBLIC_HEADERS += $(addprefix $(librpcsrcdir)/, gen_ndr/dcerpc.h gen_ndr/ndr_dcerpc.h) + +################################################ +# Start SUBSYSTEM dcerpc +[LIBRARY::dcerpc] +PRIVATE_DEPENDENCIES = \ + samba-socket LIBCLI_RESOLVE LIBCLI_SMB LIBCLI_SMB2 \ + LIBNDR NDR_DCERPC RPC_NDR_EPMAPPER \ + NDR_SCHANNEL RPC_NDR_NETLOGON \ + RPC_NDR_MGMT \ + gensec LIBCLI_AUTH LIBCLI_RAW \ + LP_RESOLVE +PUBLIC_DEPENDENCIES = CREDENTIALS +# End SUBSYSTEM dcerpc +################################################ + +PC_FILES += $(librpcsrcdir)/dcerpc.pc +dcerpc_VERSION = 0.0.1 +dcerpc_SOVERSION = 0 + +dcerpc_OBJ_FILES = $(addprefix $(dcerpcsrcdir)/, dcerpc.o dcerpc_auth.o dcerpc_schannel.o dcerpc_util.o binding.o \ + dcerpc_error.o dcerpc_smb.o dcerpc_smb2.o dcerpc_sock.o dcerpc_connect.o dcerpc_secondary.o) + +$(eval $(call proto_header_template,$(dcerpcsrcdir)/dcerpc_proto.h,$(dcerpc_OBJ_FILES:.o=.c))) + + +PUBLIC_HEADERS += $(addprefix $(librpcsrcdir)/, rpc/dcerpc.h \ + gen_ndr/mgmt.h gen_ndr/ndr_mgmt.h gen_ndr/ndr_mgmt_c.h \ + gen_ndr/epmapper.h gen_ndr/ndr_epmapper.h gen_ndr/ndr_epmapper_c.h) + + +[PYTHON::python_dcerpc] +LIBRARY_REALNAME = samba/dcerpc/base.$(SHLIBEXT) +PUBLIC_DEPENDENCIES = LIBCLI_SMB NDR_MISC LIBSAMBA-UTIL LIBSAMBA-HOSTCONFIG dcerpc_samr RPC_NDR_LSA DYNCONFIG swig_credentials param + +python_dcerpc_OBJ_FILES = $(dcerpcsrcdir)/pyrpc.o + +$(eval $(call python_py_module_template,samba/dcerpc/__init__.py,$(dcerpcsrcdir)/dcerpc.py)) + + +[PYTHON::python_echo] +LIBRARY_REALNAME = samba/dcerpc/echo.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_ECHO PYTALLOC param swig_credentials python_dcerpc + +python_echo_OBJ_FILES = $(gen_ndrsrcdir)/py_echo.o + +[PYTHON::python_winreg] +LIBRARY_REALNAME = samba/dcerpc/winreg.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_WINREG python_misc PYTALLOC param swig_credentials python_dcerpc_misc python_lsa python_dcerpc + +python_winreg_OBJ_FILES = $(gen_ndrsrcdir)/py_winreg.o + +[PYTHON::python_dcerpc_misc] +LIBRARY_REALNAME = samba/dcerpc/misc.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = PYTALLOC python_dcerpc + +python_dcerpc_misc_OBJ_FILES = $(gen_ndrsrcdir)/py_misc.o + +[PYTHON::python_initshutdown] +LIBRARY_REALNAME = samba/dcerpc/initshutdown.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_INITSHUTDOWN PYTALLOC param swig_credentials python_lsa python_dcerpc_security python_dcerpc + +python_initshutdown_OBJ_FILES = $(gen_ndrsrcdir)/py_initshutdown.o + +[PYTHON::python_epmapper] +LIBRARY_REALNAME = samba/dcerpc/epmapper.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = dcerpc PYTALLOC param swig_credentials python_dcerpc_misc python_dcerpc + +python_epmapper_OBJ_FILES = $(gen_ndrsrcdir)/py_epmapper.o + +[PYTHON::python_mgmt] +LIBRARY_REALNAME = samba/dcerpc/mgmt.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = PYTALLOC param swig_credentials dcerpc python_dcerpc_misc python_dcerpc + +python_mgmt_OBJ_FILES = $(gen_ndrsrcdir)/py_mgmt.o + +[PYTHON::python_atsvc] +LIBRARY_REALNAME = samba/dcerpc/atsvc.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = dcerpc_atsvc PYTALLOC param swig_credentials python_dcerpc + +python_atsvc_OBJ_FILES = $(gen_ndrsrcdir)/py_atsvc.o + +[PYTHON::python_dcerpc_nbt] +LIBRARY_REALNAME = samba/nbt.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = NDR_NBT PYTALLOC param swig_credentials python_dcerpc + +python_dcerpc_nbt_OBJ_FILES = $(gen_ndrsrcdir)/py_nbt.o + +[PYTHON::python_samr] +LIBRARY_REALNAME = samba/dcerpc/samr.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = dcerpc_samr PYTALLOC python_dcerpc_security python_lsa python_dcerpc_misc swig_credentials param python_dcerpc + +python_samr_OBJ_FILES = $(gen_ndrsrcdir)/py_samr.o + +[PYTHON::python_svcctl] +LIBRARY_REALNAME = samba/dcerpc/svcctl.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_SVCCTL PYTALLOC param swig_credentials python_dcerpc_misc python_dcerpc + +python_svcctl_OBJ_FILES = $(gen_ndrsrcdir)/py_svcctl.o + +[PYTHON::python_lsa] +LIBRARY_REALNAME = samba/dcerpc/lsa.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_LSA PYTALLOC param swig_credentials python_dcerpc_security python_dcerpc + +python_lsa_OBJ_FILES = $(gen_ndrsrcdir)/py_lsa.o + +[PYTHON::python_wkssvc] +LIBRARY_REALNAME = samba/dcerpc/wkssvc.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_WKSSVC PYTALLOC param swig_credentials python_lsa python_dcerpc_security python_dcerpc + +python_wkssvc_OBJ_FILES = $(gen_ndrsrcdir)/py_wkssvc.o + +[PYTHON::python_dfs] +LIBRARY_REALNAME = samba/dcerpc/dfs.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_DFS PYTALLOC param swig_credentials python_dcerpc_misc python_dcerpc + +python_dfs_OBJ_FILES = $(gen_ndrsrcdir)/py_dfs.o + +[PYTHON::python_unixinfo] +LIBRARY_REALNAME = samba/dcerpc/unixinfo.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_UNIXINFO PYTALLOC param swig_credentials python_dcerpc_security python_dcerpc_misc python_dcerpc + +python_unixinfo_OBJ_FILES = $(gen_ndrsrcdir)/py_unixinfo.o + +[PYTHON::python_irpc] +LIBRARY_REALNAME = samba/irpc.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_IRPC PYTALLOC param swig_credentials python_dcerpc_security python_dcerpc_misc python_dcerpc python_dcerpc_nbt + +python_irpc_OBJ_FILES = $(gen_ndrsrcdir)/py_irpc.o + +[PYTHON::python_drsuapi] +LIBRARY_REALNAME = samba/dcerpc/drsuapi.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = RPC_NDR_DRSUAPI PYTALLOC param swig_credentials python_dcerpc_misc python_dcerpc_security python_dcerpc + +python_drsuapi_OBJ_FILES = $(gen_ndrsrcdir)/py_drsuapi.o + +[PYTHON::python_dcerpc_security] +LIBRARY_REALNAME = samba/dcerpc/security.$(SHLIBEXT) +PRIVATE_DEPENDENCIES = PYTALLOC python_dcerpc_misc python_dcerpc + +python_dcerpc_security_OBJ_FILES = $(gen_ndrsrcdir)/py_security.o + +$(IDL_HEADER_FILES) $(IDL_NDR_PARSE_H_FILES) $(IDL_NDR_PARSE_C_FILES) \ + $(IDL_NDR_CLIENT_C_FILES) $(IDL_NDR_CLIENT_H_FILES) \ + $(IDL_NDR_SERVER_C_FILES) $(IDL_SWIG_FILES) \ + $(IDL_NDR_EJS_C_FILES) $(IDL_NDR_EJS_H_FILES) \ + $(IDL_NDR_PY_C_FILES) $(IDL_NDR_PY_H_FILES): idl + +idl_full:: $(pidldir)/lib/Parse/Pidl/IDL.pm $(pidldir)/lib/Parse/Pidl/Expr.pm + @CPP="$(CPP)" PIDL="$(PIDL)" $(librpcsrcdir)/scripts/build_idl.sh FULL $(librpcsrcdir)/idl $(librpcsrcdir)/gen_ndr + +idl:: $(pidldir)/lib/Parse/Pidl/IDL.pm $(pidldir)/lib/Parse/Pidl/Expr.pm + @CPP="$(CPP)" PIDL="$(PIDL)" $(librpcsrcdir)/scripts/build_idl.sh PARTIAL $(librpcsrcdir)/idl $(librpcsrcdir)/gen_ndr + + diff --git a/source4/librpc/dcerpc.pc.in b/source4/librpc/dcerpc.pc.in new file mode 100644 index 0000000000..3960f2a583 --- /dev/null +++ b/source4/librpc/dcerpc.pc.in @@ -0,0 +1,11 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +Name: dcerpc +Description: DCE/RPC client library +Requires: ndr +Version: 0.0.1 +Libs: -L${libdir} -ldcerpc +Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1 diff --git a/source4/librpc/dcerpc_atsvc.pc.in b/source4/librpc/dcerpc_atsvc.pc.in new file mode 100644 index 0000000000..060485c3fc --- /dev/null +++ b/source4/librpc/dcerpc_atsvc.pc.in @@ -0,0 +1,11 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +Name: dcerpc_atsvc +Description: DCE/RPC client library - ATSVC +Requires.private: dcerpc ndr +Version: 0.0.1 +Libs: -L${libdir} -ldcerpc_atsvc +Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1 diff --git a/source4/librpc/dcerpc_samr.pc.in b/source4/librpc/dcerpc_samr.pc.in new file mode 100644 index 0000000000..c4102237d3 --- /dev/null +++ b/source4/librpc/dcerpc_samr.pc.in @@ -0,0 +1,11 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +Name: dcerpc_samr +Description: DCE/RPC client library - SAMR +Requires.private: dcerpc ndr +Version: 0.0.1 +Libs: -L${libdir} -ldcerpc_samr +Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1 diff --git a/source4/librpc/idl-deps.pl b/source4/librpc/idl-deps.pl new file mode 100755 index 0000000000..49fba4c935 --- /dev/null +++ b/source4/librpc/idl-deps.pl @@ -0,0 +1,24 @@ +#!/usr/bin/perl +use strict; + +my %vars = (); + +foreach(@ARGV) { + my $b = $_; $b =~ s/.*\/(.*?).idl$/$1/; + push (@{$vars{IDL_FILES}}, "\$(librpcsrcdir)/idl/$b.idl"); + push (@{$vars{IDL_HEADER_FILES}}, "\$(librpcsrcdir)/gen_ndr/$b.h"); + push (@{$vars{IDL_NDR_PARSE_H_FILES}}, "\$(librpcsrcdir)/gen_ndr/ndr_$b.h"); + push (@{$vars{IDL_NDR_PARSE_C_FILES}}, "\$(librpcsrcdir)/gen_ndr/ndr_$b.c"); + push (@{$vars{IDL_NDR_CLIENT_C_FILES}}, "\$(librpcsrcdir)/gen_ndr/ndr_$b\_c.c"); + push (@{$vars{IDL_NDR_CLIENT_H_FILES}}, "\$(librpcsrcdir)/gen_ndr/ndr_$b\_c.h"); + push (@{$vars{IDL_SWIG_FILES}}, "\$(librpcsrcdir)/gen_ndr/$b.i"); + push (@{$vars{IDL_NDR_SERVER_C_FILES}}, "\$(librpcsrcdir)/gen_ndr/ndr_$b\_s.c"); + push (@{$vars{IDL_NDR_EJS_C_FILES}}, "\$(librpcsrcdir)/gen_ndr/ndr_$b\_ejs.c"); + push (@{$vars{IDL_NDR_EJS_H_FILES}}, "\$(librpcsrcdir)/gen_ndr/ndr_$b\_ejs.h"); + push (@{$vars{IDL_NDR_PY_C_FILES}}, "\$(librpcsrcdir)/gen_ndr/py_$b.c"); + push (@{$vars{IDL_NDR_PY_H_FILES}}, "\$(librpcsrcdir)/gen_ndr/py_$b.h"); +} + +foreach (keys %vars) { + print "$_ = " . join (' ', @{$vars{$_}}) . "\n"; +} diff --git a/source4/librpc/idl/IDL_LICENSE.txt b/source4/librpc/idl/IDL_LICENSE.txt new file mode 100644 index 0000000000..01ae670b69 --- /dev/null +++ b/source4/librpc/idl/IDL_LICENSE.txt @@ -0,0 +1,9 @@ +The IDL files in this directory are made available by the Samba Team +under the following license: + + Permission to use, copy, modify, and distribute these interface + definitions for any purpose is hereby granted without fee. + + This work is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/source4/librpc/idl/atsvc.idl b/source4/librpc/idl/atsvc.idl new file mode 100644 index 0000000000..75e1daa882 --- /dev/null +++ b/source4/librpc/idl/atsvc.idl @@ -0,0 +1,119 @@ +/* + atsvc interface definition +*/ + +[ uuid("1ff70682-0a51-30e8-076d-740be8cee98b"), + version(1.0), + pointer_default(unique), + helpstring("Microsoft AT-Scheduler Service"), + endpoint("ncacn_np:[\\pipe\\atsvc]", "ncalrpc:") +] interface atsvc +{ + typedef [bitmap32bit] bitmap { + First = 0x00000001, + Second = 0x00000002, + Third = 0x00000004, + Fourth = 0x00000008, + Fifth = 0x00000010, + Sixth = 0x00000020, + Seventh = 0x00000040, + Eight = 0x00000080, + Ninth = 0x00000100, + Tenth = 0x00000200, + Eleventh = 0x00000400, + Twelfth = 0x00000800, + Thitteenth = 0x00001000, + Fourteenth = 0x00002000, + Fifteenth = 0x00004000, + Sixteenth = 0x00008000, + Seventeenth = 0x00010000, + Eighteenth = 0x00020000, + Ninteenth = 0x00040000, + Twentyth = 0x00080000, + Twentyfirst = 0x00100000, + Twentysecond = 0x00200000, + Twentythird = 0x00400000, + Twentyfourth = 0x00800000, + Twentyfifth = 0x01000000, + Twentysixth = 0x02000000, + Twentyseventh = 0x04000000, + Twentyeighth = 0x08000000, + Twentyninth = 0x10000000, + Thirtieth = 0x20000000, + Thirtyfirst = 0x40000000 + } atsvc_DaysOfMonth; + + typedef [bitmap8bit] bitmap { + JOB_RUN_PERIODICALLY = 0x01, + JOB_EXEC_ERROR = 0x02, + JOB_RUNS_TODAY = 0x04, + JOB_ADD_CURRENT_DATE = 0x08, + JOB_NONINTERACTIVE = 0x10 + } atsvc_Flags; + + typedef [bitmap8bit] bitmap { + DAYSOFWEEK_MONDAY = 0x01, + DAYSOFWEEK_TUESDAY = 0x02, + DAYSOFWEEK_WEDNESDAY = 0x04, + DAYSOFWEEK_THURSDAY = 0x08, + DAYSOFWEEK_FRIDAY = 0x10, + DAYSOFWEEK_SATURDAY = 0x20, + DAYSOFWEEK_SUNDAY = 0x40 + } atsvc_DaysOfWeek; + + typedef struct { + uint32 job_time; + atsvc_DaysOfMonth days_of_month; + atsvc_DaysOfWeek days_of_week; + atsvc_Flags flags; + [string,charset(UTF16)] uint16 *command; + } atsvc_JobInfo; + + /******************/ + /* Function: 0x00 */ + [public] NTSTATUS atsvc_JobAdd( + [in,unique,string,charset(UTF16)] uint16 *servername, + [in] atsvc_JobInfo *job_info, + [out,ref] uint32 *job_id + ); + + /******************/ + /* Function: 0x01 */ + [public] NTSTATUS atsvc_JobDel( + [in,unique,string,charset(UTF16)] uint16 *servername, + [in] uint32 min_job_id, + [in] uint32 max_job_id + ); + + typedef struct { + uint32 job_id; + uint32 job_time; + atsvc_DaysOfMonth days_of_month; + atsvc_DaysOfWeek days_of_week; + atsvc_Flags flags; + [string,charset(UTF16)] uint16 *command; + } atsvc_JobEnumInfo; + + typedef struct { + uint32 entries_read; + [size_is(entries_read)] atsvc_JobEnumInfo *first_entry; + } atsvc_enum_ctr; + + /******************/ + /* Function: 0x02 */ + [public] NTSTATUS atsvc_JobEnum( + [in,unique,string,charset(UTF16)] uint16 *servername, + [in,out] atsvc_enum_ctr *ctr, + [in] uint32 preferred_max_len, + [out,ref] uint32 *total_entries, + [in,out,unique] uint32 *resume_handle + ); + + /******************/ + /* Function: 0x03 */ + [public] NTSTATUS atsvc_JobGetInfo( + [in,unique,string,charset(UTF16)] uint16 *servername, + [in] uint32 job_id, + [out] atsvc_JobInfo **job_info + ); +} diff --git a/source4/librpc/idl/audiosrv.idl b/source4/librpc/idl/audiosrv.idl new file mode 100644 index 0000000000..1b059868ff --- /dev/null +++ b/source4/librpc/idl/audiosrv.idl @@ -0,0 +1,23 @@ +[ + uuid("0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53"), + version(1.0), + pointer_default(unique), + helpstring("Audio Server") +] interface audiosrv +{ + [todo] void audiosrv_CreatezoneFactoriesList(); + [todo] void audiosrv_CreateGfxFactoriesList(); + [todo] void audiosrv_CreateGfxList(); + [todo] void audiosrv_RemoveGfx(); + [todo] void audiosrv_AddGfx(); + [todo] void audiosrv_ModifyGfx(); + [todo] void audiosrv_OpenGfx(); + [todo] void audiosrv_Logon(); + [todo] void audiosrv_Logoff(); + [todo] void audiosrv_RegisterSessionNotificationEvent(); + [todo] void audiosrv_UnregisterSessionNotificationEvent(); + [todo] void audiosrv_SessionConnectState(); + [todo] void audiosrv_DriverOpenDrvRegKey(); + [todo] void audiosrv_AdvisePreferredDeviceChange(); + [todo] void audiosrv_GetPnpInfo(); +} diff --git a/source4/librpc/idl/browser.idl b/source4/librpc/idl/browser.idl new file mode 100644 index 0000000000..5b05be9cbb --- /dev/null +++ b/source4/librpc/idl/browser.idl @@ -0,0 +1,58 @@ +[ + uuid("6bffd098-a112-3610-9833-012892020162"), + version(0.0), + helpstring("Browsing"), + pointer_default(unique), + endpoint("ncacn_np:[\\pipe\\browser]", "ncacn_ip_tcp:", "ncalrpc:") +] +interface browser +{ + /******************/ + /* Function 0x00 */ + [todo] NTSTATUS BrowserrServerEnum(); + + /******************/ + /* Function 0x01 */ + [todo] NTSTATUS BrowserrDebugCall(); + + /******************/ + /* Function 0x02 */ + [todo] NTSTATUS BrowserrQueryOtherDomains(); + + /******************/ + /* Function 0x03 */ + [todo] NTSTATUS BrowserrResetNetlogonState(); + + /******************/ + /* Function 0x04 */ + [todo] NTSTATUS BrowserrDebugTrace(); + + /******************/ + /* Function 0x05 */ + [todo] NTSTATUS BrowserrQueryStatistics(); + + /******************/ + /* Function 0x06 */ + [todo] NTSTATUS BrowserResetStatistics(); + + /******************/ + /* Function 0x07 */ + [todo] NTSTATUS NetrBrowserStatisticsClear(); + + /******************/ + /* Function 0x08 */ + [todo] NTSTATUS NetrBrowserStatisticsGet(); + + /******************/ + /* Function 0x09 */ + [todo] NTSTATUS BrowserrSetNetlogonState(); + + /******************/ + /* Function 0x0a */ + [todo] NTSTATUS BrowserrQueryEmulatedDomains(); + + /******************/ + /* Function 0x0b */ + [todo] NTSTATUS BrowserrServerEnumEx(); + +} diff --git a/source4/librpc/idl/dbgidl.idl b/source4/librpc/idl/dbgidl.idl new file mode 100644 index 0000000000..0712392f00 --- /dev/null +++ b/source4/librpc/idl/dbgidl.idl @@ -0,0 +1,9 @@ +[ + uuid("1d55b526-c137-46c5-ab79-638f2a68e869"), + version(1.0), + pointer_default(unique), + helpstring("Remote IDL debugger") +] interface dbgidl +{ + void dummy_dbgidl(); +} diff --git a/source4/librpc/idl/dcerpc.idl b/source4/librpc/idl/dcerpc.idl new file mode 100644 index 0000000000..1c6574b11b --- /dev/null +++ b/source4/librpc/idl/dcerpc.idl @@ -0,0 +1,305 @@ +#include "idl_types.h" + +/* + the base dcerpc packet definitions - not traditionally coded as IDL, + but given that pidl can handle it nicely it simplifies things a lot + to do it this way + + see http://www.opengroup.org/onlinepubs/9629399/chap12.htm for packet + layouts +*/ +import "misc.idl"; + +interface dcerpc +{ + typedef struct { + uint16 context_id; + uint8 num_transfer_syntaxes; + ndr_syntax_id abstract_syntax; + ndr_syntax_id transfer_syntaxes[num_transfer_syntaxes]; + } dcerpc_ctx_list; + + typedef struct { + uint16 max_xmit_frag; + uint16 max_recv_frag; + uint32 assoc_group_id; + uint8 num_contexts; + dcerpc_ctx_list ctx_list[num_contexts]; + [flag(NDR_ALIGN4)] DATA_BLOB _pad; + [flag(NDR_REMAINING)] DATA_BLOB auth_info; + } dcerpc_bind; + + const uint8 DCERPC_REQUEST_LENGTH = 24; + + typedef struct { + } dcerpc_empty; + + typedef [nodiscriminant] union { + [default] dcerpc_empty empty; + [case(LIBNDR_FLAG_OBJECT_PRESENT)] GUID object; + } dcerpc_object; + + typedef struct { + uint32 alloc_hint; + uint16 context_id; + uint16 opnum; + [switch_is(ndr->flags & LIBNDR_FLAG_OBJECT_PRESENT)] dcerpc_object object; + [flag(NDR_ALIGN8)] DATA_BLOB _pad; + [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier; + } dcerpc_request; + + const int DCERPC_BIND_REASON_ASYNTAX = 1; + const int DCERPC_BIND_PROVIDER_REJECT = 2; + const int DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED = 4; + const int DCERPC_BIND_REASON_INVALID_AUTH_TYPE = 8; + + typedef struct { + uint16 result; + uint16 reason; + ndr_syntax_id syntax; + } dcerpc_ack_ctx; + + typedef struct { + uint16 max_xmit_frag; + uint16 max_recv_frag; + uint32 assoc_group_id; + [value(strlen(secondary_address)+1)] uint16 secondary_address_size; + [charset(DOS)] uint8 secondary_address[secondary_address_size]; + [flag(NDR_ALIGN4)] DATA_BLOB _pad1; + uint8 num_results; + dcerpc_ack_ctx ctx_list[num_results]; + [flag(NDR_REMAINING)] DATA_BLOB auth_info; + } dcerpc_bind_ack; + + typedef struct { + uint32 num_versions; + uint32 versions[num_versions]; + } dcerpc_bind_nak_versions; + + typedef [nodiscriminant] union { + [case(DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED)] dcerpc_bind_nak_versions v; + [default] ; + } dcerpc_bind_nak_versions_ctr; + + typedef struct { + uint16 reject_reason; + [switch_is(reject_reason)] dcerpc_bind_nak_versions_ctr versions; + } dcerpc_bind_nak; + + const uint8 DCERPC_RESPONSE_LENGTH = 24; + + typedef struct { + uint32 alloc_hint; + uint16 context_id; + uint8 cancel_count; + [flag(NDR_ALIGN8)] DATA_BLOB _pad; + [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier; + } dcerpc_response; + + + const int DCERPC_FAULT_OP_RNG_ERROR = 0x1c010002; + const int DCERPC_FAULT_UNK_IF = 0x1c010003; + const int DCERPC_FAULT_NDR = 0x000006f7; + const int DCERPC_FAULT_INVALID_TAG = 0x1c000006; + const int DCERPC_FAULT_CONTEXT_MISMATCH = 0x1c00001a; + const int DCERPC_FAULT_OTHER = 0x00000001; + const int DCERPC_FAULT_ACCESS_DENIED = 0x00000005; + const int DCERPC_FAULT_CANT_PERFORM = 0x000006d8; + + /* we return this fault when we haven't yet run the test + to see what fault w2k3 returns in this case */ + const int DCERPC_FAULT_TODO = 0x00000042; + + typedef struct { + uint32 alloc_hint; + uint16 context_id; + uint8 cancel_count; + uint32 status; + [flag(NDR_REMAINING)] DATA_BLOB _pad; + } dcerpc_fault; + + /* the auth types we know about */ + typedef [enum8bit] enum { + DCERPC_AUTH_TYPE_NONE = 0, + /* this seems to be not krb5! */ + DCERPC_AUTH_TYPE_KRB5_1 = 1, + DCERPC_AUTH_TYPE_SPNEGO = 9, + DCERPC_AUTH_TYPE_NTLMSSP = 10, + DCERPC_AUTH_TYPE_KRB5 = 16, + DCERPC_AUTH_TYPE_DPA = 17, + DCERPC_AUTH_TYPE_MSN = 18, + DCERPC_AUTH_TYPE_DIGEST = 21, + DCERPC_AUTH_TYPE_SCHANNEL = 68, + DCERPC_AUTH_TYPE_MSMQ = 100 + } dcerpc_AuthType; + + typedef [enum8bit] enum { + DCERPC_AUTH_LEVEL_NONE = 1, + DCERPC_AUTH_LEVEL_CONNECT = 2, + DCERPC_AUTH_LEVEL_CALL = 3, + DCERPC_AUTH_LEVEL_PACKET = 4, + DCERPC_AUTH_LEVEL_INTEGRITY = 5, + DCERPC_AUTH_LEVEL_PRIVACY = 6 + } dcerpc_AuthLevel; + + const uint8 DCERPC_AUTH_LEVEL_DEFAULT = DCERPC_AUTH_LEVEL_CONNECT; + + typedef [public] struct { + dcerpc_AuthType auth_type; + dcerpc_AuthLevel auth_level; + uint8 auth_pad_length; + uint8 auth_reserved; + uint32 auth_context_id; + [flag(NDR_REMAINING)] DATA_BLOB credentials; + } dcerpc_auth; + + const uint8 DCERPC_AUTH_TRAILER_LENGTH = 8; + + typedef [public] struct { + uint32 _pad; + [flag(NDR_REMAINING)] DATA_BLOB auth_info; + } dcerpc_auth3; + + typedef [public] struct { + uint32 _pad; + [flag(NDR_REMAINING)] DATA_BLOB auth_info; + } dcerpc_orphaned; + + typedef [public] struct { + uint32 _pad; + [flag(NDR_REMAINING)] DATA_BLOB auth_info; + } dcerpc_co_cancel; + + typedef [public] struct { + uint32 version; + uint32 id; + } dcerpc_cl_cancel; + + typedef [public] struct { + uint32 version; + uint32 id; + boolean32 server_is_accepting; + } dcerpc_cancel_ack; + + typedef [public] struct { + uint32 version; + uint8 _pad1; + uint16 window_size; + uint32 max_tdsu; + uint32 max_frag_size; + uint16 serial_no; + uint16 selack_size; + uint32 selack[selack_size]; + } dcerpc_fack; + + typedef [public] struct { + } dcerpc_ack; + + typedef [public] struct { + } dcerpc_ping; + + typedef [public] struct { + } dcerpc_shutdown; + + typedef [public] struct { + } dcerpc_working; + + typedef [enum8bit] enum { + DCERPC_PKT_REQUEST = 0, + DCERPC_PKT_PING = 1, + DCERPC_PKT_RESPONSE = 2, + DCERPC_PKT_FAULT = 3, + DCERPC_PKT_WORKING = 4, + DCERPC_PKT_NOCALL = 5, + DCERPC_PKT_REJECT = 6, + DCERPC_PKT_ACK = 7, + DCERPC_PKT_CL_CANCEL = 8, + DCERPC_PKT_FACK = 9, + DCERPC_PKT_CANCEL_ACK = 10, + DCERPC_PKT_BIND = 11, + DCERPC_PKT_BIND_ACK = 12, + DCERPC_PKT_BIND_NAK = 13, + DCERPC_PKT_ALTER = 14, + DCERPC_PKT_ALTER_RESP = 15, + DCERPC_PKT_AUTH3 = 16, + DCERPC_PKT_SHUTDOWN = 17, + DCERPC_PKT_CO_CANCEL = 18, + DCERPC_PKT_ORPHANED = 19 + } dcerpc_pkt_type; + + typedef [nodiscriminant] union { + [case(DCERPC_PKT_REQUEST)] dcerpc_request request; + [case(DCERPC_PKT_PING)] dcerpc_ping ping; + [case(DCERPC_PKT_RESPONSE)] dcerpc_response response; + [case(DCERPC_PKT_FAULT)] dcerpc_fault fault; + [case(DCERPC_PKT_WORKING)] dcerpc_working working; + [case(DCERPC_PKT_NOCALL)] dcerpc_fack nocall; + [case(DCERPC_PKT_REJECT)] dcerpc_fault reject; + [case(DCERPC_PKT_ACK)] dcerpc_ack ack; + [case(DCERPC_PKT_CL_CANCEL)] dcerpc_cl_cancel cl_cancel; + [case(DCERPC_PKT_FACK)] dcerpc_fack fack; + [case(DCERPC_PKT_CANCEL_ACK)] dcerpc_cancel_ack cancel_ack; + [case(DCERPC_PKT_BIND)] dcerpc_bind bind; + [case(DCERPC_PKT_BIND_ACK)] dcerpc_bind_ack bind_ack; + [case(DCERPC_PKT_BIND_NAK)] dcerpc_bind_nak bind_nak; + [case(DCERPC_PKT_ALTER)] dcerpc_bind alter; + [case(DCERPC_PKT_ALTER_RESP)] dcerpc_bind_ack alter_resp; + [case(DCERPC_PKT_SHUTDOWN)] dcerpc_shutdown shutdown; + [case(DCERPC_PKT_CO_CANCEL)] dcerpc_co_cancel co_cancel; + [case(DCERPC_PKT_ORPHANED)] dcerpc_orphaned orphaned; + [case(DCERPC_PKT_AUTH3)] dcerpc_auth3 auth3; + } dcerpc_payload; + + /* pfc_flags values */ + const uint8 DCERPC_PFC_FLAG_FIRST = 0x01; /* First fragment */ + const uint8 DCERPC_PFC_FLAG_LAST = 0x02; /* Last fragment */ + const uint8 DCERPC_PFC_FLAG_PENDING_CANCEL = 0x04; /* Cancel was pending at sender */ + const uint8 DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN = DCERPC_PFC_FLAG_PENDING_CANCEL; /* depends on the pdu type */ + const uint8 DCERPC_PFC_FLAG_CONC_MPX = 0x10; /* supports concurrent multiplexing of a single connection. */ + const uint8 DCERPC_PFC_FLAG_DID_NOT_EXECUTE = 0x20; /* on a fault it means the server hasn't done anything */ + const uint8 DCERPC_PFC_FLAG_MAYBE = 0x40; /* `maybe' call semantics requested */ + const uint8 DCERPC_PFC_FLAG_OBJECT_UUID = 0x80; /* on valid guid is in the optional object field */ + + /* these offsets are needed by the signing code */ + const uint8 DCERPC_DREP_OFFSET = 4; + const uint8 DCERPC_FRAG_LEN_OFFSET = 8; + const uint8 DCERPC_AUTH_LEN_OFFSET = 10; + + /* little-endian flag */ + const uint8 DCERPC_DREP_LE = 0x10; + + typedef [public] struct { + uint8 rpc_vers; /* RPC version */ + uint8 rpc_vers_minor; /* Minor version */ + dcerpc_pkt_type ptype; /* Packet type */ + uint8 pfc_flags; /* Fragmentation flags */ + uint8 drep[4]; /* NDR data representation */ + uint16 frag_length; /* Total length of fragment */ + uint16 auth_length; /* authenticator length */ + uint32 call_id; /* Call identifier */ + [switch_is(ptype)] dcerpc_payload u; + } ncacn_packet; + + typedef [public] struct { + uint8 rpc_vers; /* RPC version (4) */ + uint8 ptype; + uint8 pfc_flags; + uint8 ncadg_flags; + uint8 drep[3]; + uint8 serial_high; + GUID object; + GUID iface; + GUID activity; + uint32 server_boot; /* Server boot time */ + uint32 iface_version; + uint32 seq_num; + uint16 opnum; + uint16 ihint; + uint16 ahint; + uint16 len; + uint16 fragnum; + uint8 auth_proto; + uint8 serial_low; + [switch_is(ptype)] dcerpc_payload u; + } ncadg_packet; +} diff --git a/source4/librpc/idl/dfs.idl b/source4/librpc/idl/dfs.idl new file mode 100644 index 0000000000..b279f555d9 --- /dev/null +++ b/source4/librpc/idl/dfs.idl @@ -0,0 +1,418 @@ +/* + dfs interface definition +*/ + +import "misc.idl"; + +[ uuid("4fc742e0-4a10-11cf-8273-00aa004ae673"), + version(3.0), + pointer_default(unique), + helpstring("Settings for Microsoft Distributed File System"), + endpoint("ncacn_np:[\\pipe\\netdfs]", "ncacn_ip_tcp:", "ncalrpc:") +] interface netdfs +{ + /******************/ + /* Function: 0x00 */ + typedef [v1_enum] enum { + DFS_MANAGER_VERSION_NT4 = 1, + DFS_MANAGER_VERSION_W2K = 2, + DFS_MANAGER_VERSION_W2K3 = 4 + } dfs_ManagerVersion; + + [public] void dfs_GetManagerVersion( + [out] dfs_ManagerVersion *version + ); + + + /******************/ + /* Function: 0x01 */ + WERROR dfs_Add ( + [in] [string,charset(UTF16)] uint16 *path, + [in] [string,charset(UTF16)] uint16 *server, + [in,unique] [string,charset(UTF16)] uint16 *share, + [in,unique] [string,charset(UTF16)] uint16 *comment, + [in] uint32 flags + ); + + /******************/ + /* Function: 0x02 */ + WERROR dfs_Remove ( + [in] [string,charset(UTF16)] uint16 *dfs_entry_path, + [in,unique] [string,charset(UTF16)] uint16 *servername, + [in,unique] [string,charset(UTF16)] uint16 *sharename + ); + + /******************/ + /* Function: 0x03 */ + + typedef struct { + } dfs_Info0; + + typedef struct { + [string,charset(UTF16)] uint16 *path; + } dfs_Info1; + + typedef [public,bitmap32bit] bitmap { + DFS_VOLUME_STATE_OK = 0x1, + DFS_VOLUME_STATE_INCONSISTENT = 0x2, + DFS_VOLUME_STATE_OFFLINE = 0x3, + DFS_VOLUME_STATE_ONLINE = 0x4, + DFS_VOLUME_STATE_STANDALONE = DFS_VOLUME_FLAVOR_STANDALONE, + DFS_VOLUME_STATE_AD_BLOB = DFS_VOLUME_FLAVOR_AD_BLOB + } dfs_VolumeState; + + typedef struct { + [string,charset(UTF16)] uint16 *path; + [string,charset(UTF16)] uint16 *comment; + dfs_VolumeState state; + uint32 num_stores; + } dfs_Info2; + + const int DFS_STORAGE_STATES = 0xf; + + /* yes, this is a bitmap */ + typedef [public,bitmap32bit] bitmap { + DFS_STORAGE_STATE_OFFLINE = 1, + DFS_STORAGE_STATE_ONLINE = 2, + DFS_STORAGE_STATE_ACTIVE = 4 + } dfs_StorageState; + + typedef struct { + dfs_StorageState state; + [string,charset(UTF16)] uint16 *server; + [string,charset(UTF16)] uint16 *share; + } dfs_StorageInfo; + + typedef struct { + [string,charset(UTF16)] uint16 *path; + [string,charset(UTF16)] uint16 *comment; + dfs_VolumeState state; + uint32 num_stores; + [size_is(num_stores)] dfs_StorageInfo *stores; + } dfs_Info3; + + typedef struct { + [string,charset(UTF16)] uint16 *path; + [string,charset(UTF16)] uint16 *comment; + dfs_VolumeState state; + uint32 timeout; + GUID guid; + uint32 num_stores; + [size_is(num_stores)] dfs_StorageInfo *stores; + } dfs_Info4; + + /* verified with dfsutil */ + typedef [public,bitmap32bit] bitmap { + DFS_PROPERTY_FLAG_INSITE_REFERRALS = 0x01, + DFS_PROPERTY_FLAG_ROOT_SCALABILITY = 0x02, + DFS_PROPERTY_FLAG_SITE_COSTING = 0x04, + DFS_PROPERTY_FLAG_TARGET_FAILBACK = 0x08, + DFS_PROPERTY_FLAG_CLUSTER_ENABLED = 0x10 /* untested */ + } dfs_PropertyFlags; + + typedef struct { + [string,charset(UTF16)] uint16 *path; + [string,charset(UTF16)] uint16 *comment; + dfs_VolumeState state; + uint32 timeout; + GUID guid; + dfs_PropertyFlags flags; + uint32 pktsize; + uint32 num_stores; + } dfs_Info5; + + typedef [v1_enum] enum { + DFS_INVALID_PRIORITY_CLASS = -1, + DFS_SITE_COST_NORMAL_PRIORITY_CLASS = 0, + DFS_GLOBAL_HIGH_PRIORITY_CLASS = 1, + DFS_SITE_COST_HIGH_PRIORITY_CLASS = 2, + DFS_SITE_COST_LOW_PRIORITY_CLASS = 3, + DFS_GLOBAL_LOW_PRIORITY_CLASS = 4 + } dfs_Target_PriorityClass; + + typedef struct { + dfs_Target_PriorityClass target_priority_class; + uint16 target_priority_rank; + uint16 reserved; + } dfs_Target_Priority; + + typedef struct { + dfs_StorageInfo info; + dfs_Target_Priority target_priority; + } dfs_StorageInfo2; + + typedef struct { + [string,charset(UTF16)] uint16 *entry_path; + [string,charset(UTF16)] uint16 *comment; + dfs_VolumeState state; + uint32 timeout; + GUID guid; + dfs_PropertyFlags flags; + uint32 pktsize; + uint16 num_stores; + [size_is(num_stores)] dfs_StorageInfo2 *stores; + } dfs_Info6; + + typedef struct { + GUID generation_guid; + } dfs_Info7; + + typedef struct { + [string,charset(UTF16)] uint16 *comment; + } dfs_Info100; + + typedef struct { + dfs_StorageState state; + } dfs_Info101; + + typedef struct { + uint32 timeout; + } dfs_Info102; + + typedef struct { + dfs_PropertyFlags flags; + } dfs_Info103; + + typedef struct { + dfs_Target_Priority priority; + } dfs_Info104; + + typedef struct { + [string,charset(UTF16)] uint16 *comment; + dfs_VolumeState state; + uint32 timeout; + uint32 property_flag_mask; + uint32 property_flags; + } dfs_Info105; + + typedef struct { + dfs_StorageState state; + dfs_Target_Priority priority; + } dfs_Info106; + + typedef struct { + [string,charset(UTF16)] uint16 *dom_root; + } dfs_Info200; + + typedef enum { + DFS_VOLUME_FLAVOR_STANDALONE = 0x100, + DFS_VOLUME_FLAVOR_AD_BLOB = 0x200 + } dfs_VolumeFlavor; + + typedef struct { + dfs_VolumeFlavor flavor; + [string,charset(UTF16)] uint16 *dom_root; + } dfs_Info300; + + typedef union { + [case(0)] dfs_Info0 *info0; + [case(1)] dfs_Info1 *info1; + [case(2)] dfs_Info2 *info2; + [case(3)] dfs_Info3 *info3; + [case(4)] dfs_Info4 *info4; + [case(5)] dfs_Info5 *info5; + [case(6)] dfs_Info6 *info6; + [case(7)] dfs_Info7 *info7; + [case(100)] dfs_Info100 *info100; + [case(101)] dfs_Info101 *info101; + [case(102)] dfs_Info102 *info102; + [case(103)] dfs_Info103 *info103; + [case(104)] dfs_Info104 *info104; + [case(105)] dfs_Info105 *info105; + [case(106)] dfs_Info106 *info106; + } dfs_Info; + + WERROR dfs_SetInfo ( + [in] [string,charset(UTF16)] uint16 dfs_entry_path[], + [in,unique] [string,charset(UTF16)] uint16 *servername, + [in,unique] [string,charset(UTF16)] uint16 *sharename, + [in] uint32 level, + [in,ref,switch_is(level)] dfs_Info *info + ); + + /******************/ + /* Function: 0x04 */ + WERROR dfs_GetInfo ( + [in] [string,charset(UTF16)] uint16 dfs_entry_path[], + [in,unique] [string,charset(UTF16)] uint16 *servername, + [in,unique] [string,charset(UTF16)] uint16 *sharename, + [in] uint32 level, + [out,switch_is(level)] dfs_Info *info + ); + + /******************/ + /* Function: 0x05 */ + + typedef struct { + uint32 count; + [size_is(count)] dfs_Info1 *s; + } dfs_EnumArray1; + + typedef struct { + uint32 count; + [size_is(count)] dfs_Info2 *s; + } dfs_EnumArray2; + + typedef struct { + uint32 count; + [size_is(count)] dfs_Info3 *s; + } dfs_EnumArray3; + + typedef struct { + uint32 count; + [size_is(count)] dfs_Info4 *s; + } dfs_EnumArray4; + + typedef struct { + uint32 count; + [size_is(count)] dfs_Info5 *s; + } dfs_EnumArray5; + + typedef struct { + uint32 count; + [size_is(count)] dfs_Info6 *s; + } dfs_EnumArray6; + + typedef struct { + uint32 count; + [size_is(count)] dfs_Info200 *s; + } dfs_EnumArray200; + + typedef struct { + uint32 count; + [size_is(count)] dfs_Info300 *s; + } dfs_EnumArray300; + + + typedef union { + [case(1)] dfs_EnumArray1 *info1; + [case(2)] dfs_EnumArray2 *info2; + [case(3)] dfs_EnumArray3 *info3; + [case(4)] dfs_EnumArray4 *info4; + [case(5)] dfs_EnumArray5 *info5; + [case(6)] dfs_EnumArray6 *info6; + [case(200)] dfs_EnumArray200 *info200; + [case(300)] dfs_EnumArray300 *info300; + } dfs_EnumInfo; + + typedef struct { + uint32 level; + [switch_is(level)] dfs_EnumInfo e; + } dfs_EnumStruct; + + WERROR dfs_Enum ( + [in] uint32 level, + [in] uint32 bufsize, + [in,out,unique] dfs_EnumStruct *info, + [in,out,unique] uint32 *total + ); + + /* Function 0x06 */ + [todo] WERROR dfs_Rename(); + + /* Function 0x07 */ + [todo] WERROR dfs_Move(); + + /* Function 0x08 */ + [todo] WERROR dfs_ManagerGetConfigInfo(); + + /* Function 0x09 */ + [todo] WERROR dfs_ManagerSendSiteInfo(); + + /* Function 0x0a */ + typedef struct { + uint32 unknown1; + [string,charset(UTF16)] uint16 *unknown2; + } dfs_UnknownStruct; + + WERROR dfs_AddFtRoot( + [in] [string,charset(UTF16)] uint16 servername[], + [in] [string,charset(UTF16)] uint16 dns_servername[], + [in] [string,charset(UTF16)] uint16 dfsname[], + [in] [string,charset(UTF16)] uint16 rootshare[], + [in] [string,charset(UTF16)] uint16 comment[], + [in] [string,charset(UTF16)] uint16 dfs_config_dn[], + [in] uint8 unknown1, + [in] uint32 flags, + [in,out,unique] dfs_UnknownStruct **unknown2 + ); + + /* Function 0x0b */ + WERROR dfs_RemoveFtRoot( + [in] [string,charset(UTF16)] uint16 servername[], + [in] [string,charset(UTF16)] uint16 dns_servername[], + [in] [string,charset(UTF16)] uint16 dfsname[], + [in] [string,charset(UTF16)] uint16 rootshare[], + [in] uint32 flags, + [in,out,unique] dfs_UnknownStruct **unknown + ); + + /* Function 0x0c */ + WERROR dfs_AddStdRoot( + [in] [string,charset(UTF16)] uint16 servername[], + [in] [string,charset(UTF16)] uint16 rootshare[], + [in] [string,charset(UTF16)] uint16 comment[], + [in] uint32 flags + ); + + /* Function 0x0d */ + WERROR dfs_RemoveStdRoot( + [in] [string,charset(UTF16)] uint16 servername[], + [in] [string,charset(UTF16)] uint16 rootshare[], + [in] uint32 flags + ); + + /* Function 0x0e */ + WERROR dfs_ManagerInitialize( + [in] [string,charset(UTF16)] uint16 *servername, + [in] uint32 flags + ); + + /* Function 0x0f */ + WERROR dfs_AddStdRootForced( + [in] [string,charset(UTF16)] uint16 servername[], + [in] [string,charset(UTF16)] uint16 rootshare[], + [in] [string,charset(UTF16)] uint16 comment[], + [in] [string,charset(UTF16)] uint16 store[] /* C:\\whatever */ + ); + + /* Function 0x10 */ + WERROR dfs_GetDcAddress( + [in] [string,charset(UTF16)] uint16 servername[], + [in,out,ref] [string,charset(UTF16)] uint16 **server_fullname, + [in,out,ref] boolean8 *is_root, + [in,out,ref] uint32 *ttl + ); + + /* Function 0x11 */ + WERROR dfs_SetDcAddress( + [in] [string,charset(UTF16)] uint16 servername[], + [in] [string,charset(UTF16)] uint16 server_fullname[], + [in] uint32 flags, + [in] uint32 ttl + ); + + /* Function 0x12 */ + WERROR dfs_FlushFtTable( + [in] [string,charset(UTF16)] uint16 servername[], + [in] [string,charset(UTF16)] uint16 rootshare[] + ); + + /* Function 0x13 */ + [todo] WERROR dfs_Add2(); + + /* Function 0x14 */ + [todo] WERROR dfs_Remove2(); + + /* Function 0x15 */ + [public] WERROR dfs_EnumEx( + [in] [string,charset(UTF16)] uint16 dfs_name[], + [in] uint32 level, + [in] uint32 bufsize, + [in,out,unique] dfs_EnumStruct *info, + [in,out,unique] uint32 *total + ); + + /* Function 0x16 */ + [todo] WERROR dfs_SetInfo2(); +} diff --git a/source4/librpc/idl/dnsserver.idl b/source4/librpc/idl/dnsserver.idl new file mode 100644 index 0000000000..86a8a14f13 --- /dev/null +++ b/source4/librpc/idl/dnsserver.idl @@ -0,0 +1,12 @@ +/* + dnsserver interface definition +*/ + +[ uuid("50abc2a4-574d-40b3-9d66-ee4fd5fba076"), + version(5.0), + pointer_default(unique), + helpstring("DNS Server") +] interface dnsserver +{ + void dnsserver_foo(); +} diff --git a/source4/librpc/idl/drsblobs.idl b/source4/librpc/idl/drsblobs.idl new file mode 100644 index 0000000000..6b1f649ff5 --- /dev/null +++ b/source4/librpc/idl/drsblobs.idl @@ -0,0 +1,510 @@ +#include "idl_types.h" + +import "drsuapi.idl", "misc.idl", "samr.idl", "lsa.idl"; + +[ + uuid("12345778-1234-abcd-0001-00000001"), + version(0.0), + pointer_default(unique), + helpstring("Active Directory Replication LDAP Blobs") +] +interface drsblobs { + typedef bitmap drsuapi_DsReplicaSyncOptions drsuapi_DsReplicaSyncOptions; + typedef bitmap drsuapi_DsReplicaNeighbourFlags drsuapi_DsReplicaNeighbourFlags; + typedef [v1_enum] enum drsuapi_DsAttributeId drsuapi_DsAttributeId; + typedef [v1_enum] enum lsa_TrustAuthType lsa_TrustAuthType; + /* + * replPropertyMetaData + * w2k uses version 1 + * w2k3 uses version 1 + */ + typedef struct { + drsuapi_DsAttributeId attid; + uint32 version; + NTTIME_1sec originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + hyper local_usn; + } replPropertyMetaData1; + + typedef struct { + uint32 count; + uint32 reserved; + replPropertyMetaData1 array[count]; + } replPropertyMetaDataCtr1; + + typedef [nodiscriminant] union { + [case(1)] replPropertyMetaDataCtr1 ctr1; + } replPropertyMetaDataCtr; + + typedef [public] struct { + uint32 version; + uint32 reserved; + [switch_is(version)] replPropertyMetaDataCtr ctr; + } replPropertyMetaDataBlob; + + void decode_replPropertyMetaData( + [in] replPropertyMetaDataBlob blob + ); + + /* + * replUpToDateVector + * w2k uses version 1 + * w2k3 uses version 2 + */ + typedef struct { + uint32 count; + uint32 reserved; + drsuapi_DsReplicaCursor cursors[count]; + } replUpToDateVectorCtr1; + + typedef struct { + uint32 count; + uint32 reserved; + drsuapi_DsReplicaCursor2 cursors[count]; + } replUpToDateVectorCtr2; + + typedef [nodiscriminant] union { + [case(1)] replUpToDateVectorCtr1 ctr1; + [case(2)] replUpToDateVectorCtr2 ctr2; + } replUpToDateVectorCtr; + + typedef [public] struct { + uint32 version; + uint32 reserved; + [switch_is(version)] replUpToDateVectorCtr ctr; + } replUpToDateVectorBlob; + + void decode_replUpToDateVector( + [in] replUpToDateVectorBlob blob + ); + + /* + * repsFrom/repsTo + * w2k uses version 1 + * w2k3 uses version 1 + */ + typedef [public,gensize] struct { + [value(strlen(dns_name)+1)] uint32 __dns_name_size; + [charset(DOS)] uint8 dns_name[__dns_name_size]; + } repsFromTo1OtherInfo; + + typedef [public,gensize,flag(NDR_PAHEX)] struct { + /* this includes the 8 bytes of the repsFromToBlob header */ + [value(ndr_size_repsFromTo1(this, ndr->flags)+8)] uint32 blobsize; + uint32 consecutive_sync_failures; + NTTIME_1sec last_success; + NTTIME_1sec last_attempt; + WERROR result_last_attempt; + [relative] repsFromTo1OtherInfo *other_info; + [value(ndr_size_repsFromTo1OtherInfo(other_info, ndr->flags))] uint32 other_info_length; + drsuapi_DsReplicaNeighbourFlags replica_flags; + uint8 schedule[84]; + uint32 reserved; + drsuapi_DsReplicaHighWaterMark highwatermark; + GUID source_dsa_obj_guid; /* the 'objectGuid' field of the CN=NTDS Settings object */ + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + GUID transport_guid; + } repsFromTo1; + + typedef [nodiscriminant] union { + [case(1)] repsFromTo1 ctr1; + } repsFromTo; + + typedef [public] struct { + uint32 version; + uint32 reserved; + [switch_is(version)] repsFromTo ctr; + } repsFromToBlob; + + void decode_repsFromTo( + [in] repsFromToBlob blob + ); + + /* + * partialAttributeSet + * w2k uses version 1 + * w2k3 uses version 1 + */ + typedef struct { + uint32 count; + drsuapi_DsAttributeId array[count]; + } partialAttributeSetCtr1; + + typedef [nodiscriminant] union { + [case(1)] partialAttributeSetCtr1 ctr1; + } partialAttributeSetCtr; + + typedef [public] struct { + uint32 version; + uint32 reserved; + [switch_is(version)] partialAttributeSetCtr ctr; + } partialAttributeSetBlob; + + void decode_partialAttributeSet( + [in] partialAttributeSetBlob blob + ); + + /* + * prefixMap + * w2k unknown + * w2k3 unknown + * samba4 uses 0x44534442 'DSDB' + * + * as we windows don't return the prefixMap attribute when you ask for + * we don't know the format, but the attribute is not replicated + * so that we can choose our own format... + */ + typedef [v1_enum] enum { + PREFIX_MAP_VERSION_DSDB = 0x44534442 + } prefixMapVersion; + + typedef [nodiscriminant] union { + [case(PREFIX_MAP_VERSION_DSDB)] drsuapi_DsReplicaOIDMapping_Ctr dsdb; + } prefixMapCtr; + + typedef [public] struct { + prefixMapVersion version; + uint32 reserved; + [switch_is(version)] prefixMapCtr ctr; + } prefixMapBlob; + + void decode_prefixMap( + [in] prefixMapBlob blob + ); + + /* + * the cookie for the LDAP dirsync control + */ + typedef [nodiscriminant,gensize] union { + [case(0)]; + [default] replUpToDateVectorBlob uptodateness_vector; + } ldapControlDirSyncExtra; + + typedef struct { + [value(3)] uint32 u1; + NTTIME time; + uint32 u2; + uint32 u3; + [value(ndr_size_ldapControlDirSyncExtra(&extra, extra.uptodateness_vector.version, 0))] + uint32 extra_length; + drsuapi_DsReplicaHighWaterMark highwatermark; + GUID guid1; + [switch_is(extra_length)] ldapControlDirSyncExtra extra; + } ldapControlDirSyncBlob; + + typedef [public,relative_base] struct { + [charset(DOS),value("MSDS")] uint8 msds[4]; + [subcontext(0)] ldapControlDirSyncBlob blob; + } ldapControlDirSyncCookie; + + void decode_ldapControlDirSync( + [in] ldapControlDirSyncCookie cookie + ); + + typedef struct { + [value(2*strlen_m(name))] uint16 name_len; + [value(strlen(data))] uint16 data_len; + uint16 reserved; /* 2 for 'Packages', 1 for 'Primary:*', but should be ignored */ + [charset(UTF16)] uint8 name[name_len]; + /* + * the data field contains data as HEX strings + * + * 'Packages': + * data contains the list of packages + * as non termiated UTF16 strings with + * a UTF16 NULL byte as separator + * + * 'Primary:Kerberos-Newer-Keys': + * ... + * + * 'Primary:Kerberos': + * ... + * + * 'Primary:WDigest': + * ... + * + * 'Primary:CLEARTEXT': + * data contains the cleartext password + * as UTF16 string encoded as HEX string + */ + [charset(DOS)] uint8 data[data_len]; + } supplementalCredentialsPackage; + + /* this are 0x30 (48) whitespaces (0x20) */ + const string SUPPLEMENTAL_CREDENTIALS_PREFIX = " "; + + typedef [flag(NDR_PAHEX)] enum { + SUPPLEMENTAL_CREDENTIALS_SIGNATURE = 0x0050 + } supplementalCredentialsSignature; + + typedef [gensize] struct { + [value(SUPPLEMENTAL_CREDENTIALS_PREFIX),charset(UTF16)] uint16 prefix[0x30]; + [value(SUPPLEMENTAL_CREDENTIALS_SIGNATURE)] supplementalCredentialsSignature signature; + uint16 num_packages; + supplementalCredentialsPackage packages[num_packages]; + } supplementalCredentialsSubBlob; + + typedef [public] struct { + [value(0)] uint32 unknown1; + [value(ndr_size_supplementalCredentialsSubBlob(&sub, ndr->flags))] uint32 __ndr_size; + [value(0)] uint32 unknown2; + [subcontext(0),subcontext_size(__ndr_size)] supplementalCredentialsSubBlob sub; + [value(0)] uint8 unknown3; + } supplementalCredentialsBlob; + + void decode_supplementalCredentials( + [in] supplementalCredentialsBlob blob + ); + + typedef [public] struct { + [flag(STR_NOTERM|NDR_REMAINING)] string_array names; + } package_PackagesBlob; + + void decode_Packages( + [in] package_PackagesBlob blob + ); + + typedef struct { + [value(2*strlen_m(string))] uint16 length; + [value(2*strlen_m(string))] uint16 size; + [relative,subcontext(0),subcontext_size(size),flag(STR_NOTERM|NDR_REMAINING)] string *string; + } package_PrimaryKerberosString; + + typedef struct { + [value(0)] uint16 reserved1; + [value(0)] uint16 reserved2; + [value(0)] uint32 reserved3; + uint32 keytype; + [value((value?value->length:0))] uint32 value_len; + [relative,subcontext(0),subcontext_size(value_len),flag(NDR_REMAINING)] DATA_BLOB *value; + } package_PrimaryKerberosKey3; + + typedef struct { + uint16 num_keys; + uint16 num_old_keys; + package_PrimaryKerberosString salt; + package_PrimaryKerberosKey3 keys[num_keys]; + package_PrimaryKerberosKey3 old_keys[num_old_keys]; + [value(0)] uint32 padding1; + [value(0)] uint32 padding2; + [value(0)] uint32 padding3; + [value(0)] uint32 padding4; + [value(0)] uint32 padding5; + } package_PrimaryKerberosCtr3; + + typedef struct { + [value(0)] uint16 reserved1; + [value(0)] uint16 reserved2; + [value(0)] uint32 reserved3; + uint32 iteration_count; + uint32 keytype; + [value((value?value->length:0))] uint32 value_len; + [relative,subcontext(0),subcontext_size(value_len),flag(NDR_REMAINING)] DATA_BLOB *value; + } package_PrimaryKerberosKey4; + + typedef struct { + uint16 num_keys; + [value(0)] uint16 num_service_keys; + uint16 num_old_keys; + uint16 num_older_keys; + package_PrimaryKerberosString salt; + uint32 default_iteration_count; + package_PrimaryKerberosKey4 keys[num_keys]; + package_PrimaryKerberosKey4 service_keys[num_service_keys]; + package_PrimaryKerberosKey4 old_keys[num_old_keys]; + package_PrimaryKerberosKey4 older_keys[num_older_keys]; + } package_PrimaryKerberosCtr4; + + typedef [nodiscriminant] union { + [case(3)] package_PrimaryKerberosCtr3 ctr3; + [case(4)] package_PrimaryKerberosCtr4 ctr4; + } package_PrimaryKerberosCtr; + + typedef [public] struct { + uint16 version; + [value(0)] uint16 flags; + [switch_is(version)] package_PrimaryKerberosCtr ctr; + } package_PrimaryKerberosBlob; + + void decode_PrimaryKerberos( + [in] package_PrimaryKerberosBlob blob + ); + + typedef [public] struct { + [flag(STR_NOTERM|NDR_REMAINING)] string cleartext; + } package_PrimaryCLEARTEXTBlob; + + void decode_PrimaryCLEARTEXT( + [in] package_PrimaryCLEARTEXTBlob blob + ); + + typedef [flag(NDR_PAHEX)] struct { + uint8 hash[16]; + } package_PrimaryWDigestHash; + + typedef [public] struct { + [value(0x31)] uint16 unknown1; + [value(0x01)] uint8 unknown2; + uint8 num_hashes; + [value(0)] uint32 unknown3; + [value(0)] udlong uuknown4; + package_PrimaryWDigestHash hashes[num_hashes]; + } package_PrimaryWDigestBlob; + + void decode_PrimaryWDigest( + [in] package_PrimaryWDigestBlob blob + ); + + typedef struct { + [value(0)] uint32 size; + } AuthInfoNone; + + typedef struct { + [value(16)] uint32 size; + samr_Password password; + } AuthInfoNT4Owf; + + /* + * the secret value is encoded as UTF16 if it's a string + * but depending the AuthType, it might also be krb5 trusts have random bytes here, so converting to UTF16 + * mayfail... + * + * TODO: We should try handle the case of a random buffer in all places + * we deal with cleartext passwords from windows + * + * so we don't use this: + * + * uint32 value_len; + * [charset(UTF16)] uint8 value[value_len]; + */ + + typedef struct { + uint32 size; + uint8 password[size]; + } AuthInfoClear; + + typedef struct { + [value(4)] uint32 size; + uint32 version; + } AuthInfoVersion; + + typedef [nodiscriminant] union { + [case(TRUST_AUTH_TYPE_NONE)] AuthInfoNone none; + [case(TRUST_AUTH_TYPE_NT4OWF)] AuthInfoNT4Owf nt4owf; + [case(TRUST_AUTH_TYPE_CLEAR)] AuthInfoClear clear; + [case(TRUST_AUTH_TYPE_VERSION)] AuthInfoVersion version; + } AuthInfo; + + typedef [public] struct { + NTTIME LastUpdateTime; + lsa_TrustAuthType AuthType; + + [switch_is(AuthType)] AuthInfo AuthInfo; + [flag(NDR_ALIGN4)] DATA_BLOB _pad; + } AuthenticationInformation; + + typedef [nopull,nopush,noprint] struct { + /* sizeis here is bogus, but this is here just for the structure */ + [size_is(1)] AuthenticationInformation array[]; + } AuthenticationInformationArray; + + typedef [public,nopull,nopush,noprint,gensize] struct { + uint32 count; + [relative] AuthenticationInformationArray *current; + [relative] AuthenticationInformationArray *previous; + } trustAuthInOutBlob; + + typedef [public] struct { + uint8 confounder[512]; + trustAuthInOutBlob outgoing; + trustAuthInOutBlob incoming; + [value(ndr_size_trustAuthInOutBlob(&outgoing, ndr->flags))] uint32 outgoing_size; + [value(ndr_size_trustAuthInOutBlob(&incoming, ndr->flags))] uint32 incoming_size; + } trustAuthInAndOutBlob; + + void decode_trustAuthInOut( + [in] trustAuthInOutBlob blob + ); + + typedef [public] struct { + uint32 marker; + DATA_BLOB data; + } DsCompressedChunk; + + typedef struct { + uint16 __size; + [size_is(__size),charset(DOS)] uint8 *string; + } ExtendedErrorAString; + + typedef struct { + uint16 __size; + [size_is(__size),charset(UTF16)] uint16 *string; + } ExtendedErrorUString; + + typedef struct { + uint16 length; + [size_is(length)] uint8 *data; + } ExtendedErrorBlob; + + typedef enum { + EXTENDED_ERROR_COMPUTER_NAME_PRESENT = 1, + EXTENDED_ERROR_COMPUTER_NAME_NOT_PRESENT= 2 + } ExtendedErrorComputerNamePresent; + + typedef [switch_type(ExtendedErrorComputerNamePresent)] union { + [case(EXTENDED_ERROR_COMPUTER_NAME_PRESENT)] ExtendedErrorUString name; + [case(EXTENDED_ERROR_COMPUTER_NAME_NOT_PRESENT)]; + } ExtendedErrorComputerNameU; + + typedef struct { + ExtendedErrorComputerNamePresent present; + [switch_is(present)] ExtendedErrorComputerNameU n; + } ExtendedErrorComputerName; + + typedef enum { + EXTENDED_ERROR_PARAM_TYPE_ASCII_STRING = 1, + EXTENDED_ERROR_PARAM_TYPE_UNICODE_STRING = 2, + EXTENDED_ERROR_PARAM_TYPE_UINT32 = 3, + EXTENDED_ERROR_PARAM_TYPE_UINT16 = 4, + EXTENDED_ERROR_PARAM_TYPE_UINT64 = 5, + EXTENDED_ERROR_PARAM_TYPE_NONE = 6, + EXTENDED_ERROR_PARAM_TYPE_BLOB = 7 + } ExtendedErrorParamType; + + typedef [switch_type(ExtendedErrorParamType)] union { + [case(EXTENDED_ERROR_PARAM_TYPE_ASCII_STRING)] ExtendedErrorAString a_string; + [case(EXTENDED_ERROR_PARAM_TYPE_UNICODE_STRING)] ExtendedErrorUString u_string; + [case(EXTENDED_ERROR_PARAM_TYPE_UINT32)] uint32 uint32; + [case(EXTENDED_ERROR_PARAM_TYPE_UINT16)] uint16 uint16; + [case(EXTENDED_ERROR_PARAM_TYPE_UINT64)] hyper uint64; + [case(EXTENDED_ERROR_PARAM_TYPE_NONE)]; + [case(EXTENDED_ERROR_PARAM_TYPE_BLOB)] ExtendedErrorBlob blob; + } ExtendedErrorParamU; + + typedef struct { + ExtendedErrorParamType type; + [switch_is(type)] ExtendedErrorParamU p; + } ExtendedErrorParam; + + typedef [public] struct { + ExtendedErrorInfo *next; + ExtendedErrorComputerName computer_name; + hyper pid; + NTTIME time; + uint32 generating_component; + WERROR status; + uint16 detection_location; + uint16 flags; + uint16 num_params; + [size_is(num_params)] ExtendedErrorParam params[]; + } ExtendedErrorInfo; + + typedef struct { + [unique] ExtendedErrorInfo *info; + } ExtendedErrorInfoPtr; + + void decode_ExtendedErrorInfo ( + [in,subcontext(0xFFFFFC01)] ExtendedErrorInfoPtr ptr + ); +} diff --git a/source4/librpc/idl/drsuapi.idl b/source4/librpc/idl/drsuapi.idl new file mode 100644 index 0000000000..cc76599be6 --- /dev/null +++ b/source4/librpc/idl/drsuapi.idl @@ -0,0 +1,1558 @@ +#include "idl_types.h" + +import "security.idl", "misc.idl", "samr.idl"; + +[ + uuid("e3514235-4b06-11d1-ab04-00c04fc2dcd2"), + version(4.0), + endpoint("ncacn_np:[\\pipe\\lsass]","ncacn_np:[\\pipe\\protected_storage]", "ncacn_ip_tcp:", "ncalrpc:"), + authservice("ldap"), + helpstring("Active Directory Replication"), + helper("librpc/ndr/ndr_drsuapi.h"), + pointer_default(unique) +] +interface drsuapi +{ + typedef bitmap samr_GroupAttrs samr_GroupAttrs; + + /*****************/ + /* Function 0x00 */ + typedef [bitmap32bit] bitmap { + DRSUAPI_SUPPORTED_EXTENSION_BASE = 0x00000001, + DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION = 0x00000002, + DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI = 0x00000004, + DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2 = 0x00000008, + DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS = 0x00000010, + DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1 = 0x00000020, + DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION = 0x00000040, + DRSUAPI_SUPPORTED_EXTENSION_00000080 = 0x00000080, + DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE = 0x00000100, + DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2 = 0x00000200, + DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION = 0x00000400, + DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2 = 0x00000800, + DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD= 0x00001000, + DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND = 0x00002000, + DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO = 0x00004000, + DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION = 0x00008000, + DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01 = 0x00010000, + DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP = 0x00020000, + DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY = 0x00040000, + DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3 = 0x00080000, + DRSUAPI_SUPPORTED_EXTENSION_00100000 = 0x00100000, + DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2 = 0x00200000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6 = 0x00400000, + DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS = 0x00800000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8 = 0x01000000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5 = 0x02000000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6 = 0x04000000, + /* + * the following 3 have the same value + * repadmin.exe /bind says that + */ + DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3 = 0x08000000, + DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7 = 0x08000000, + DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT = 0x08000000, + DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS = 0x10000000, + DRSUAPI_SUPPORTED_EXTENSION_20000000 = 0x20000000, + DRSUAPI_SUPPORTED_EXTENSION_40000000 = 0x40000000, + DRSUAPI_SUPPORTED_EXTENSION_80000000 = 0x80000000 + } drsuapi_SupportedExtensions; + + typedef [bitmap32bit] bitmap { + DRSUAPI_SUPPORTED_EXTENSION_ADAM = 0x00000001, + DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2 = 0x00000002 + } drsuapi_SupportedExtensionsExt; + + /* this is used by w2k */ + typedef struct { + drsuapi_SupportedExtensions supported_extensions; + GUID site_guid; + uint32 pid; + } drsuapi_DsBindInfo24; + + /* this is used by w2k3 */ + typedef struct { + drsuapi_SupportedExtensions supported_extensions; + GUID site_guid; + uint32 pid; + uint32 repl_epoch; + } drsuapi_DsBindInfo28; + + /* this is used by w2k8 */ + typedef struct { + drsuapi_SupportedExtensions supported_extensions; + GUID site_guid; + uint32 pid; + uint32 repl_epoch; + drsuapi_SupportedExtensionsExt supported_extensions_ext; + GUID config_dn_guid; + } drsuapi_DsBindInfo48; + + typedef struct { + [flag(NDR_REMAINING)] DATA_BLOB info; + } drsuapi_DsBindInfoFallBack; + + typedef [nodiscriminant] union { + [case(24)][subcontext(4)] drsuapi_DsBindInfo24 info24; + [case(28)][subcontext(4)] drsuapi_DsBindInfo28 info28; + [case(48)][subcontext(4)] drsuapi_DsBindInfo48 info48; + [default][subcontext(4)] drsuapi_DsBindInfoFallBack FallBack; + } drsuapi_DsBindInfo; + + /* the drsuapi_DsBindInfoCtr was this before + * typedef [flag(NDR_PAHEX)] struct { + * [range(1,10000)] uint32 length; + * [size_is(length)] uint8 data[]; + * } drsuapi_DsBindInfo; + * + * but we don't want the caller to manually decode this blob, + * so we're doing it here + */ + + typedef struct { + [range(1,10000)] uint32 length; + [switch_is(length)] drsuapi_DsBindInfo info; + } drsuapi_DsBindInfoCtr; + + /* this is a magic guid you need to pass to DsBind to make drsuapi_DsWriteAccountSpn() work + * + * maybe the bind_guid could also be the invocation_id see drsuapi_DsReplicaConnection04 + */ + const char *DRSUAPI_DS_BIND_GUID = "e24d201a-4fd6-11d1-a3da-0000f875ae0d"; + /* + * this magic guid are needed to fetch the whole tree with drsuapi_DsGetNCChanges() + * as administrator and this values are also used in the destination_dsa_guid field + * of drsuapi_DsGetNCChangesReq5/8 and the source_dsa_guid is zero. + */ + const char *DRSUAPI_DS_BIND_GUID_W2K = "6abec3d1-3054-41c8-a362-5a0c5b7d5d71"; + const char *DRSUAPI_DS_BIND_GUID_W2K3 = "6afab99c-6e26-464a-975f-f58f105218bc"; + + [public] WERROR drsuapi_DsBind( + [in,unique] GUID *bind_guid, + [in,out,unique] drsuapi_DsBindInfoCtr *bind_info, + [out] policy_handle *bind_handle + ); + + /*****************/ + /* Function 0x01 */ + WERROR drsuapi_DsUnbind( + [in,out] policy_handle *bind_handle + ); + + /*****************/ + /* Function 0x02 */ + typedef [public,gensize] struct { + [value(ndr_size_drsuapi_DsReplicaObjectIdentifier(r, ndr->flags)-4)] uint32 __ndr_size; + [value(ndr_size_dom_sid28(&sid, ndr->flags))] uint32 __ndr_size_sid; + GUID guid; + dom_sid28 sid; + [value(strlen_m(dn))] uint32 __ndr_size_dn; + [charset(UTF16),size_is(__ndr_size_dn+1)] uint16 dn[]; + } drsuapi_DsReplicaObjectIdentifier; + + typedef [public] bitmap { + DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_SYNC_WRITEABLE = 0x00000002, + DRSUAPI_DS_REPLICA_SYNC_PERIODIC = 0x00000004, + DRSUAPI_DS_REPLICA_SYNC_INTERSITE_MESSAGING = 0x00000008, + DRSUAPI_DS_REPLICA_SYNC_ALL_SOURCES = 0x00000010, + DRSUAPI_DS_REPLICA_SYNC_FULL = 0x00000020, + DRSUAPI_DS_REPLICA_SYNC_URGENT = 0x00000040, + DRSUAPI_DS_REPLICA_SYNC_NO_DISCARD = 0x00000080, + DRSUAPI_DS_REPLICA_SYNC_FORCE = 0x00000100, + DRSUAPI_DS_REPLICA_SYNC_ADD_REFERENCE = 0x00000200, + DRSUAPI_DS_REPLICA_SYNC_NEVER_COMPLETED = 0x00000400, + DRSUAPI_DS_REPLICA_SYNC_TWO_WAY = 0x00000800, + DRSUAPI_DS_REPLICA_SYNC_NEVER_NOTIFY = 0x00001000, + DRSUAPI_DS_REPLICA_SYNC_INITIAL = 0x00002000, + DRSUAPI_DS_REPLICA_SYNC_USE_COMPRESSION = 0x00004000, + DRSUAPI_DS_REPLICA_SYNC_ABANDONED = 0x00008000, + DRSUAPI_DS_REPLICA_SYNC_INITIAL_IN_PROGRESS = 0x00010000, + DRSUAPI_DS_REPLICA_SYNC_PARTIAL_ATTRIBUTE_SET = 0x00020000, + DRSUAPI_DS_REPLICA_SYNC_REQUEUE = 0x00040000, + DRSUAPI_DS_REPLICA_SYNC_NOTIFICATION = 0x00080000, + DRSUAPI_DS_REPLICA_SYNC_ASYNCHRONOUS_REPLICA = 0x00100000, + DRSUAPI_DS_REPLICA_SYNC_CRITICAL = 0x00200000, + DRSUAPI_DS_REPLICA_SYNC_FULL_IN_PROGRESS = 0x00400000, + DRSUAPI_DS_REPLICA_SYNC_PREEMPTED = 0x00800000 + } drsuapi_DsReplicaSyncOptions; + + typedef struct { + drsuapi_DsReplicaObjectIdentifier *naming_context; + GUID source_dsa_guid; + astring *other_info; /* I assume this is related to the repsFromTo1OtherInfo dns_name */ + drsuapi_DsReplicaSyncOptions options; + } drsuapi_DsReplicaSyncRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsReplicaSyncRequest1 req1; + } drsuapi_DsReplicaSyncRequest; + + WERROR drsuapi_DsReplicaSync( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,switch_is(level)] drsuapi_DsReplicaSyncRequest req + ); + + /*****************/ + /* Function 0x03 */ + typedef [public] struct { + hyper tmp_highest_usn; /* updated after each object update */ + hyper reserved_usn; + hyper highest_usn; /* updated after a full replication cycle */ + } drsuapi_DsReplicaHighWaterMark; + + typedef [public] struct { + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + hyper highest_usn; /* updated after a full replication cycle */ + } drsuapi_DsReplicaCursor; + + typedef struct { + [value(1)] uint32 version; + [value(0)] uint32 reserved1; + [range(0,0x100000)] uint32 count; + [value(0)] uint32 reserved2; + [size_is(count)] drsuapi_DsReplicaCursor cursors[]; + } drsuapi_DsReplicaCursorCtrEx; + + typedef [public] bitmap { + /* the _WRITEABLE flag indicates a replication with all attributes + * + * --metze + */ + DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE = 0x00000010, + DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP = 0x00000020, + DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS = 0x00000040, + DRSUAPI_DS_REPLICA_NEIGHBOUR_USE_ASYNC_INTERSIDE_TRANSPORT = 0x00000080, + DRSUAPI_DS_REPLICA_NEIGHBOUR_TWO_WAY_SYNC = 0x00000200, + DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS = 0x00000800, + DRSUAPI_DS_REPLICA_NEIGHBOUR_FULL_IN_PROGRESS = 0x00001000, /* was 0x00010000, */ + DRSUAPI_DS_REPLICA_NEIGHBOUR_FULL_NEXT_PACKET = 0x00002000, /* was 0x00020000, */ + DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED = 0x00200000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_PREEMPTED = 0x01000000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_IGNORE_CHANGE_NOTIFICATIONS = 0x04000000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_DISABLE_SCHEDULED_SYNC = 0x08000000, + /* + * the following NOTE applies to DsGetNCChangesRequest5: + * - the data is only compressed when 10 or more objects are replicated + * - but there could also be a size limit of 35 KBytes or something like that + * - the reply is DsGetNCChangesCtr2 + * - maybe the same applies to DsGetNCChangesRequest8... + * + * --metze + */ + DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES = 0x10000000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_NO_CHANGE_NOTIFICATIONS = 0x20000000, + DRSUAPI_DS_REPLICA_NEIGHBOUR_PARTIAL_ATTRIBUTE_SET = 0x40000000 + } drsuapi_DsReplicaNeighbourFlags; + + typedef [flag(NDR_PAHEX),v1_enum] enum { + DRSUAPI_EXOP_NONE = 0x00000000, + DRSUAPI_EXOP_FSMO_REQ_ROLE = 0x00000001, + DRSUAPI_EXOP_FSMO_RID_ALLOC = 0x00000002, + DRSUAPI_EXOP_FSMO_RID_REQ_ROLE = 0x00000003, + DRSUAPI_EXOP_FSMO_REQ_PDC = 0x00000004, + DRSUAPI_EXOP_FSMO_ABANDON_ROLE = 0x00000005, + DRSUAPI_EXOP_REPL_OBJ = 0x00000006, + DRSUAPI_EXOP_REPL_SECRET = 0x00000007 + } drsuapi_DsExtendedOperation; + + typedef [flag(NDR_PAHEX),v1_enum] enum { + DRSUAPI_EXOP_ERR_NONE = 0x00000000, + DRSUAPI_EXOP_ERR_SUCCESS = 0x00000001, + DRSUAPI_EXOP_ERR_UNKNOWN_OP = 0x00000002, + DRSUAPI_EXOP_ERR_FSMO_NOT_OWNER = 0x00000003, + DRSUAPI_EXOP_ERR_UPDATE_ERR = 0x00000004, + DRSUAPI_EXOP_ERR_EXCEPTION = 0x00000005, + DRSUAPI_EXOP_ERR_UNKNOWN_CALLER = 0x00000006, + DRSUAPI_EXOP_ERR_RID_ALLOC = 0x00000007, + DRSUAPI_EXOP_ERR_FSMO_OWNER_DELETED = 0x00000008, + DRSUAPI_EXOP_ERR_FMSO_PENDING_OP = 0x00000009, + DRSUAPI_EXOP_ERR_MISMATCH = 0x0000000A, + DRSUAPI_EXOP_ERR_COULDNT_CONTACT = 0x0000000B, + DRSUAPI_EXOP_ERR_FSMO_REFUSING_ROLES = 0x0000000C, + DRSUAPI_EXOP_ERR_DIR_ERROR = 0x0000000D, + DRSUAPI_EXOP_ERR_FSMO_MISSING_SETTINGS = 0x0000000E, + DRSUAPI_EXOP_ERR_ACCESS_DENIED = 0x0000000F, + DRSUAPI_EXOP_ERR_PARAM_ERROR = 0x00000010 + } drsuapi_DsExtendedError; + + typedef struct { + GUID destination_dsa_guid; + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + [ref] drsuapi_DsReplicaObjectIdentifier *naming_context; + drsuapi_DsReplicaHighWaterMark highwatermark; + drsuapi_DsReplicaCursorCtrEx *uptodateness_vector; + drsuapi_DsReplicaNeighbourFlags replica_flags; + uint32 max_object_count; /* w2k3 uses min(133,max(100,max_object_count)) */ + uint32 max_ndr_size; /* w2k3 seems to ignore this */ + drsuapi_DsExtendedOperation extended_op; + hyper fsmo_info; + } drsuapi_DsGetNCChangesRequest5; + + /* + * In DRSUAPI all attributes with syntax 2.5.5.2 + * are identified by uint32 values + * + * the following table shows the mapping used between the two representations + * e.g. - objectClass 'nTDSDSA' has governsID: 1.2.840.113556.1.5.7000.47 + * and a UINT32-ID of '0x0017002F'. + * - so the OID 1.2.840.113556.1.5.7000.47 is splitted into a + * OID-prefix: 1.2.840.113556.1.5.7000 + * and a value: 47 => 0x2F + * - the mapping table gives a UINT32-prefix: 0x00170000 + * - and the UINT32-ID is 0x0017002F = 0x00170000 | 0x2F + * + * This prefix mapping table is replied in the drsuapi_DsReplicaOIDMapping_Ctr + * array. The following are the default mappings of w2k3 + * + * OID-prefix => UINT32-Id prefix + * + * 2.5.4.* => 0x00000000 (standard attributes RFC2256 core.schema) + * 2.5.6.* => 0x00010000 (standard object classes RFC2256 core.schema) + * 1.2.840.113556.1.2.* => 0x00020000 + * 1.2.840.113556.1.3.* => 0x00030000 + * 2.5.5.* => 0x00080000 (attributeSyntax OID's) + * 1.2.840.113556.1.4.* => 0x00090000 + * 1.2.840.113556.1.5.* => 0x000A0000 + * 2.16.840.1.113730.3.* => 0x00140000 + * 0.9.2342.19200300.100.1.* => 0x00150000 + * 2.16.840.1.113730.3.1.* => 0x00160000 + * 1.2.840.113556.1.5.7000.* => 0x00170000 + * 2.5.21.* => 0x00180000 (attrs for SubSchema) + * 2.5.18.* => 0x00190000 (createTimeStamp,modifyTimeStamp, SubSchema) + * 2.5.20.* => 0x001A0000 + * 1.3.6.1.4.1.1466.101.119.* => 0x001B0000 (dynamicObject, entryTTL) + * 2.16.840.1.113730.3.2.* => 0x001C0000 + * 1.3.6.1.4.1.250.1.* => 0x001D0000 + * 1.2.840.113549.1.9.* => 0x001E0000 (unstructuredAddress,unstructuredName) + * 0.9.2342.19200300.100.4.* => 0x001F0000 + * + * Here's a list of used 'attributeSyntax' OID's + * + * 2.5.5.1 => Object(DS-DN) string + * struct drsuapi_DsObjectIdentifier3 + * + * 2.5.5.2 => OID-string + * => all values are represented as uint32 values in drsuapi + * => governsID, attributeID and attributeSyntax returned as OID-Strings in LDAP + * => mayContain, mustContain and all other attributes with 2.5.5.2 syntax + * are returned as attribute names + * + * 2.5.5.4 => String(Teletex) case-insensitive string with teletex charset + * + * 2.5.5.5 => String(IA5) case-sensitive string + * + * 2.5.5.6 => String(Numeric) + * => eg. internationalISDNNumber + * + * 2.5.5.7 => Object(DN-Binary) B:<byte count>:<bytes>:<object DN> + * => e.g. wellKnownObjects + * + * 2.5.5.8 => BOOL + * + * 2.5.5.9 => int32 + * + * 2.5.5.10 => DATA_BLOB + * => struct GUID + * + * 2.5.5.11 => LDAP timestring + * => NTTIME_1sec + * + * 2.5.5.12 => String(Unicode) case-insensitive string + * => 'standard strings' + * + * 2.5.5.13 => Object(Presentation-Address) string + * => used in objectClass applicationEntity + * + * 2.5.5.14 => Object(DN-String) S:<char count>:<string>:<object DN> + * => not used + * + * 2.5.5.15 => ntSecurityDescriptor + * + * 2.5.5.16 => int64 + * + * 2.5.5.17 => dom_sid + */ + typedef [nopush,nopull] struct { + [range(0,10000),value(ndr_size_drsuapi_DsReplicaOID_oid(oid, 0))] uint32 __ndr_size; + [size_is(__ndr_size),charset(DOS)] uint8 *oid; /* it's encoded with asn1_write_OID_String() */ + } drsuapi_DsReplicaOID; + + typedef struct { + uint32 id_prefix; + drsuapi_DsReplicaOID oid; + } drsuapi_DsReplicaOIDMapping; + + typedef [public] struct { + [range(0,0x100000)] uint32 num_mappings; + [size_is(num_mappings)] drsuapi_DsReplicaOIDMapping *mappings; + } drsuapi_DsReplicaOIDMapping_Ctr; + + typedef [flag(NDR_PAHEX),v1_enum] enum { + DRSUAPI_OBJECTCLASS_top = 0x00010000, + DRSUAPI_OBJECTCLASS_classSchema = 0x0003000d, + DRSUAPI_OBJECTCLASS_attributeSchema = 0x0003000e + } drsuapi_DsObjectClassId; + + typedef [flag(NDR_PAHEX),v1_enum,public] enum { + DRSUAPI_ATTRIBUTE_objectClass = 0x00000000, + DRSUAPI_ATTRIBUTE_description = 0x0000000d, + DRSUAPI_ATTRIBUTE_member = 0x0000001f, + DRSUAPI_ATTRIBUTE_instanceType = 0x00020001, + DRSUAPI_ATTRIBUTE_whenCreated = 0x00020002, + DRSUAPI_ATTRIBUTE_hasMasterNCs = 0x0002000e, + DRSUAPI_ATTRIBUTE_governsID = 0x00020016, + DRSUAPI_ATTRIBUTE_attributeID = 0x0002001e, + DRSUAPI_ATTRIBUTE_attributeSyntax = 0x00020020, + DRSUAPI_ATTRIBUTE_isSingleValued = 0x00020021, + DRSUAPI_ATTRIBUTE_rangeLower = 0x00020022, + DRSUAPI_ATTRIBUTE_rangeUpper = 0x00020023, + DRSUAPI_ATTRIBUTE_dMDLocation = 0x00020024, + DRSUAPI_ATTRIBUTE_objectVersion = 0x0002004c, + DRSUAPI_ATTRIBUTE_invocationId = 0x00020073, + DRSUAPI_ATTRIBUTE_showInAdvancedViewOnly = 0x000200a9, + DRSUAPI_ATTRIBUTE_adminDisplayName = 0x000200c2, + DRSUAPI_ATTRIBUTE_adminDescription = 0x000200e2, + DRSUAPI_ATTRIBUTE_oMSyntax = 0x000200e7, + DRSUAPI_ATTRIBUTE_ntSecurityDescriptor = 0x00020119, + DRSUAPI_ATTRIBUTE_searchFlags = 0x0002014e, + DRSUAPI_ATTRIBUTE_lDAPDisplayName = 0x000201cc, + DRSUAPI_ATTRIBUTE_name = 0x00090001, + DRSUAPI_ATTRIBUTE_currentValue = 0x0009001b, + DRSUAPI_ATTRIBUTE_objectSid = 0x00090092, + DRSUAPI_ATTRIBUTE_schemaIDGUID = 0x00090094, + DRSUAPI_ATTRIBUTE_dBCSPwd = 0x00090037,/* lmPwdHash */ + DRSUAPI_ATTRIBUTE_unicodePwd = 0x0009005a,/* ntPwdHash */ + DRSUAPI_ATTRIBUTE_ntPwdHistory = 0x0009005e, + DRSUAPI_ATTRIBUTE_priorValue = 0x00090064, + DRSUAPI_ATTRIBUTE_supplementalCredentials = 0x0009007d, + DRSUAPI_ATTRIBUTE_trustAuthIncoming = 0x00090081, + DRSUAPI_ATTRIBUTE_trustAuthOutgoing = 0x00090087, + DRSUAPI_ATTRIBUTE_lmPwdHistory = 0x000900a0, + DRSUAPI_ATTRIBUTE_sAMAccountName = 0x000900dd, + DRSUAPI_ATTRIBUTE_fSMORoleOwner = 0x00090171, + DRSUAPI_ATTRIBUTE_systemFlags = 0x00090177, + DRSUAPI_ATTRIBUTE_serverReference = 0x00090203, + DRSUAPI_ATTRIBUTE_serverReferenceBL = 0x00090204, + DRSUAPI_ATTRIBUTE_initialAuthIncoming = 0x0009021b, + DRSUAPI_ATTRIBUTE_initialAuthOutgoing = 0x0009021c, + DRSUAPI_ATTRIBUTE_wellKnownObjects = 0x0009026a, + DRSUAPI_ATTRIBUTE_isMemberOfPartialAttributeSet = 0x0009027f, + DRSUAPI_ATTRIBUTE_objectCategory = 0x0009030e, + DRSUAPI_ATTRIBUTE_gPLink = 0x0009037b, + DRSUAPI_ATTRIBUTE_msDS_Behavior_Version = 0x000905b3, + DRSUAPI_ATTRIBUTE_msDS_KeyVersionNumber = 0x000906f6, + DRSUAPI_ATTRIBUTE_msDS_HasDomainNCs = 0x0009071c, + DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs = 0x0009072c + } drsuapi_DsAttributeId; + + typedef struct { + [value(1)] uint32 version; + [value(0)] uint32 reserved1; + [range(1,0x100000)] uint32 num_attids; + [size_is(num_attids)] drsuapi_DsAttributeId attids[]; + } drsuapi_DsPartialAttributeSet; + + typedef struct { + GUID destination_dsa_guid; + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + [ref] drsuapi_DsReplicaObjectIdentifier *naming_context; + drsuapi_DsReplicaHighWaterMark highwatermark; + drsuapi_DsReplicaCursorCtrEx *uptodateness_vector; + drsuapi_DsReplicaNeighbourFlags replica_flags; + uint32 max_object_count; /* w2k3 uses min(133,max(100,max_object_count)) */ + uint32 max_ndr_size; /* w2k3 seems to ignore this */ + drsuapi_DsExtendedOperation extended_op; + hyper fsmo_info; + drsuapi_DsPartialAttributeSet *partial_attribute_set; + drsuapi_DsPartialAttributeSet *partial_attribute_set_ex; + drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr; + } drsuapi_DsGetNCChangesRequest8; + + typedef [switch_type(int32)] union { + [case(5)] drsuapi_DsGetNCChangesRequest5 req5; + [case(8)] drsuapi_DsGetNCChangesRequest8 req8; + } drsuapi_DsGetNCChangesRequest; + + typedef [public] struct { + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + hyper highest_usn; /* updated after a full replication cycle */ + NTTIME last_sync_success; + } drsuapi_DsReplicaCursor2; + + typedef struct { + [value(2)] uint32 version; + [value(0)] uint32 reserved1; + [range(0,0x100000)] uint32 count; + [value(0)] uint32 reserved2; + [size_is(count)] drsuapi_DsReplicaCursor2 cursors[]; + } drsuapi_DsReplicaCursor2CtrEx; + + /* Generic DATA_BLOB values */ + typedef struct { + [range(0,10485760),value(ndr_size_DATA_BLOB(0,blob,0))] uint32 __ndr_size; + DATA_BLOB *blob; + } drsuapi_DsAttributeValue; + + typedef struct { + [range(0,10485760)] uint32 num_values; + [size_is(num_values)] drsuapi_DsAttributeValue *values; + } drsuapi_DsAttributeValueCtr; + + /* DN String values */ + typedef [public,gensize] struct { + [value(ndr_size_drsuapi_DsReplicaObjectIdentifier3(r, ndr->flags))] uint32 __ndr_size; + [value(ndr_size_dom_sid28(&sid,ndr->flags))] uint32 __ndr_size_sid; + GUID guid; + dom_sid28 sid; + [value(strlen_m(dn))] uint32 __ndr_size_dn; + [charset(UTF16)] uint16 dn[__ndr_size_dn+1]; + } drsuapi_DsReplicaObjectIdentifier3; + + typedef [public,gensize] struct { + [value(ndr_size_drsuapi_DsReplicaObjectIdentifier3Binary(r, ndr->flags))] uint32 __ndr_size; + [value(ndr_size_dom_sid28(&sid,ndr->flags))] uint32 __ndr_size_sid; + GUID guid; + dom_sid28 sid; + [value(strlen_m(dn))] uint32 __ndr_size_dn; + [charset(UTF16)] uint16 dn[__ndr_size_dn+1]; + [value(binary.length + 4)] uint32 __ndr_size_binary; + [flag(NDR_REMAINING)] DATA_BLOB binary; + } drsuapi_DsReplicaObjectIdentifier3Binary; + + typedef [public] struct { + drsuapi_DsAttributeId attid; + drsuapi_DsAttributeValueCtr value_ctr; + } drsuapi_DsReplicaAttribute; + + typedef struct { + [range(0,1048576)] uint32 num_attributes; + [size_is(num_attributes)] drsuapi_DsReplicaAttribute *attributes; + } drsuapi_DsReplicaAttributeCtr; + + typedef [public] bitmap { + DRSUAPI_DS_REPLICA_OBJECT_FROM_MASTER = 0x00000001, + DRSUAPI_DS_REPLICA_OBJECT_DYNAMIC = 0x00000002, + DRSUAPI_DS_REPLICA_OBJECT_REMOTE_MODIFY = 0x00010000 + } drsuapi_DsReplicaObjectFlags; + + typedef [public] struct { + drsuapi_DsReplicaObjectIdentifier *identifier; + drsuapi_DsReplicaObjectFlags flags; + drsuapi_DsReplicaAttributeCtr attribute_ctr; + } drsuapi_DsReplicaObject; + + typedef struct { + uint32 version; + NTTIME_1sec originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + } drsuapi_DsReplicaMetaData; + + typedef [public] struct { + [range(0,1048576)] uint32 count; + [size_is(count)] drsuapi_DsReplicaMetaData meta_data[]; + } drsuapi_DsReplicaMetaDataCtr; + + typedef [public,noprint] struct { + drsuapi_DsReplicaObjectListItemEx *next_object; + drsuapi_DsReplicaObject object; + boolean32 is_nc_prefix; + GUID *parent_object_guid; + drsuapi_DsReplicaMetaDataCtr *meta_data_ctr; + } drsuapi_DsReplicaObjectListItemEx; + + typedef [public,gensize] struct { + GUID source_dsa_guid; /* the 'objectGUID' field of the CN=NTDS Settings object */ + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + drsuapi_DsReplicaObjectIdentifier *naming_context; + drsuapi_DsReplicaHighWaterMark old_highwatermark; + drsuapi_DsReplicaHighWaterMark new_highwatermark; + drsuapi_DsReplicaCursorCtrEx *uptodateness_vector; + drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr; + drsuapi_DsExtendedError extended_ret; /* w2k sends the nc_object_count value here */ + uint32 object_count; + /* this +55 is sometimes +56, so I don't know where this comes from... --metze */ + [value(ndr_size_drsuapi_DsGetNCChangesCtr1(r,ndr->flags)+55)] uint32 __ndr_size; + drsuapi_DsReplicaObjectListItemEx *first_object; + boolean32 more_data; + } drsuapi_DsGetNCChangesCtr1; + + /* + * if the DRSUAPI_DS_LINKED_ATTRIBUTE_FLAG_ACTIVE flag + * isn't there it means the value is deleted + */ + typedef [public] bitmap { + DRSUAPI_DS_LINKED_ATTRIBUTE_FLAG_ACTIVE = 0x00000001 + } drsuapi_DsLinkedAttributeFlags; + + typedef [public] struct { + drsuapi_DsReplicaObjectIdentifier *identifier; + drsuapi_DsAttributeId attid; + drsuapi_DsAttributeValue value; + drsuapi_DsLinkedAttributeFlags flags; + NTTIME_1sec originating_add_time; + drsuapi_DsReplicaMetaData meta_data; + } drsuapi_DsReplicaLinkedAttribute; + + typedef [public,gensize] struct { + GUID source_dsa_guid; /* the 'objectGUID' field of the CN=NTDS Settings object */ + GUID source_dsa_invocation_id; /* the 'invocationId' field of the CN=NTDS Settings object */ + drsuapi_DsReplicaObjectIdentifier *naming_context; + drsuapi_DsReplicaHighWaterMark old_highwatermark; + drsuapi_DsReplicaHighWaterMark new_highwatermark; + drsuapi_DsReplicaCursor2CtrEx *uptodateness_vector; + drsuapi_DsReplicaOIDMapping_Ctr mapping_ctr; + drsuapi_DsExtendedError extended_ret; + uint32 object_count; + /* this +55 is sometimes +56, so I don't know where this comes from... --metze */ + [value(ndr_size_drsuapi_DsGetNCChangesCtr6(r,ndr->flags)+55)] uint32 __ndr_size; + drsuapi_DsReplicaObjectListItemEx *first_object; + boolean32 more_data; + uint32 nc_object_count; /* estimated amount of objects in the whole NC */ + uint32 nc_linked_attributes_count; /* estimated amount of linked values in the whole NC */ + [range(0,1048576)] uint32 linked_attributes_count; + [size_is(linked_attributes_count)] drsuapi_DsReplicaLinkedAttribute *linked_attributes; + WERROR drs_error; + } drsuapi_DsGetNCChangesCtr6; + + typedef [public] struct { + [subcontext(0xFFFFFC01)] drsuapi_DsGetNCChangesCtr1 ctr1; + } drsuapi_DsGetNCChangesCtr1TS; + + typedef [public] struct { + [subcontext(0xFFFFFC01)] drsuapi_DsGetNCChangesCtr6 ctr6; + } drsuapi_DsGetNCChangesCtr6TS; + + typedef [nopush] struct { + uint32 decompressed_length; + uint32 compressed_length; + [subcontext(4),subcontext_size(compressed_length), + compression(NDR_COMPRESSION_MSZIP,compressed_length,decompressed_length)] + drsuapi_DsGetNCChangesCtr1TS *ts; + } drsuapi_DsGetNCChangesMSZIPCtr1; + + typedef [nopush] struct { + uint32 decompressed_length; + uint32 compressed_length; + [subcontext(4),subcontext_size(compressed_length), + compression(NDR_COMPRESSION_MSZIP,compressed_length,decompressed_length)] + drsuapi_DsGetNCChangesCtr6TS *ts; + } drsuapi_DsGetNCChangesMSZIPCtr6; + + typedef [nopush] struct { + uint32 decompressed_length; + uint32 compressed_length; + [subcontext(4),subcontext_size(compressed_length), + compression(NDR_COMPRESSION_XPRESS,compressed_length,decompressed_length)] + drsuapi_DsGetNCChangesCtr1TS *ts; + } drsuapi_DsGetNCChangesXPRESSCtr1; + + typedef [nopush] struct { + uint32 decompressed_length; + uint32 compressed_length; + [subcontext(4),subcontext_size(compressed_length), + compression(NDR_COMPRESSION_XPRESS,compressed_length,decompressed_length)] + drsuapi_DsGetNCChangesCtr6TS *ts; + } drsuapi_DsGetNCChangesXPRESSCtr6; + + typedef [enum16bit] enum { + DRSUAPI_COMPRESSION_TYPE_MSZIP = 2, + DRSUAPI_COMPRESSION_TYPE_XPRESS = 3 + } drsuapi_DsGetNCChangesCompressionType; + + typedef [nodiscriminant,flag(NDR_PAHEX)] union { + [case(1|(DRSUAPI_COMPRESSION_TYPE_MSZIP<<16))] drsuapi_DsGetNCChangesMSZIPCtr1 mszip1; + [case(6|(DRSUAPI_COMPRESSION_TYPE_MSZIP<<16))] drsuapi_DsGetNCChangesMSZIPCtr6 mszip6; + [case(1|(DRSUAPI_COMPRESSION_TYPE_XPRESS<<16))] drsuapi_DsGetNCChangesXPRESSCtr1 xpress1; + [case(6|(DRSUAPI_COMPRESSION_TYPE_XPRESS<<16))] drsuapi_DsGetNCChangesXPRESSCtr6 xpress6; + } drsuapi_DsGetNCChangesCompressedCtr; + + typedef struct { + drsuapi_DsGetNCChangesMSZIPCtr1 mszip1; + } drsuapi_DsGetNCChangesCtr2; + + typedef struct { + [range(0,6)] int32 level; + [range(2,3)] drsuapi_DsGetNCChangesCompressionType type; + [switch_is(level | (type<<16))] drsuapi_DsGetNCChangesCompressedCtr ctr; + } drsuapi_DsGetNCChangesCtr7; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetNCChangesCtr1 ctr1; + [case(2)] drsuapi_DsGetNCChangesCtr2 ctr2; + [case(6)] drsuapi_DsGetNCChangesCtr6 ctr6; + [case(7)] drsuapi_DsGetNCChangesCtr7 ctr7; + } drsuapi_DsGetNCChangesCtr; + + WERROR drsuapi_DsGetNCChanges( + [in] policy_handle *bind_handle, + [in,out,ref] int32 *level, + [in,switch_is(*level)] drsuapi_DsGetNCChangesRequest req, + [out,switch_is(*level)] drsuapi_DsGetNCChangesCtr ctr + ); + + /*****************/ + /* Function 0x04 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_UPDATE_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_UPDATE_WRITEABLE = 0x00000002, + DRSUAPI_DS_REPLICA_UPDATE_ADD_REFERENCE = 0x00000004, + DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE = 0x00000008, + DRSUAPI_DS_REPLICA_UPDATE_0x00000010 = 0x00000010 + } drsuapi_DsReplicaUpdateRefsOptions; + + typedef struct { + [ref] drsuapi_DsReplicaObjectIdentifier *naming_context; + [ref,charset(DOS),string] uint8 *dest_dsa_dns_name; + GUID dest_dsa_guid; + drsuapi_DsReplicaUpdateRefsOptions options; + } drsuapi_DsReplicaUpdateRefsRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsReplicaUpdateRefsRequest1 req1; + } drsuapi_DsReplicaUpdateRefsRequest; + + WERROR drsuapi_DsReplicaUpdateRefs( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,switch_is(level)] drsuapi_DsReplicaUpdateRefsRequest req + ); + + /*****************/ + /* Function 0x05 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_ADD_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_ADD_WRITEABLE = 0x00000002 + /* TODO ... */ + } drsuapi_DsReplicaAddOptions; + + [todo] WERROR DRSUAPI_REPLICA_ADD(); + + /*****************/ + /* Function 0x06 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_DELETE_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_DELETE_WRITEABLE = 0x00000002 + /* TODO ... */ + } drsuapi_DsReplicaDeleteOptions; + + [todo] WERROR DRSUAPI_REPLICA_DEL(); + + /*****************/ + /* Function 0x07 */ + typedef bitmap { + DRSUAPI_DS_REPLICA_MODIFY_ASYNCHRONOUS_OPERATION = 0x00000001, + DRSUAPI_DS_REPLICA_MODIFY_WRITEABLE = 0x00000002 + } drsuapi_DsReplicaModifyOptions; + + [todo] WERROR DRSUAPI_REPLICA_MODIFY(); + + /*****************/ + /* Function 0x08 */ + [todo] WERROR DRSUAPI_VERIFY_NAMES(); + + /*****************/ + /* Function 0x09 */ + + /* how are type 4 and 7 different from 2 and 3 ? */ + typedef [v1_enum] enum { + DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_AND_DOMAIN_GROUPS = 1, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS = 2, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS = 3, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS2 = 4, + DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_GROUPS = 5, + DRSUAPI_DS_MEMBERSHIP_TYPE_GROUPMEMBERS = 6, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS2 = 7 + } drsuapi_DsMembershipType; + + typedef struct { + NTSTATUS status; + [range(0,10000)] uint32 num_memberships; + [range(0,10000)] uint32 num_sids; + [size_is(num_memberships)] drsuapi_DsReplicaObjectIdentifier **info_array; + [size_is(num_memberships)] samr_GroupAttrs *group_attrs; + [size_is(num_sids)] dom_sid28 **sids; + } drsuapi_DsGetMembershipsCtr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1; + } drsuapi_DsGetMembershipsCtr; + + const int DRSUAPI_DS_MEMBERSHIP_FLAG_GROUP_ATTR = 0x1; + + typedef struct { + [range(1,10000)] uint32 count; + [size_is(count)] drsuapi_DsReplicaObjectIdentifier **info_array; + uint32 flags; + drsuapi_DsMembershipType type; + drsuapi_DsReplicaObjectIdentifier *domain; + } drsuapi_DsGetMembershipsRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsRequest1 req1; + } drsuapi_DsGetMembershipsRequest; + + [todo] WERROR drsuapi_DsGetMemberships( + [in] policy_handle *bind_handle, + [in,out] int32 level, + [in] [switch_is(level)] drsuapi_DsGetMembershipsRequest req, + [out] [switch_is(level)] drsuapi_DsGetMembershipsCtr ctr + ); + + /*****************/ + /* Function 0x0a */ + [todo] WERROR DRSUAPI_INTER_DOMAIN_MOVE(); + + /*****************/ + /* Function 0x0b */ + typedef struct { + uint32 unknown1; + uint32 unknown2; + [range(0,0x00A00000)] uint32 length; + [size_is(length)] uint8 *data; + } drsuapi_DsGetNT4ChangeLogRequest1; + + typedef [switch_type(uint32)] union { + [case(1)] drsuapi_DsGetNT4ChangeLogRequest1 req1; + } drsuapi_DsGetNT4ChangeLogRequest; + + typedef struct { + [range(0,0x00A00000)] uint32 length1; + [range(0,0x00A00000)] uint32 length2; + hyper unknown1; + NTTIME time2; + hyper unknown3; + NTTIME time4; + hyper unknown5; + NTTIME time6; + NTSTATUS status; + [size_is(length1)] uint8 *data1; + [size_is(length2)] uint8 *data2; + } drsuapi_DsGetNT4ChangeLogInfo1; + + typedef [switch_type(uint32)] union { + [case(1)] drsuapi_DsGetNT4ChangeLogInfo1 info1; + } drsuapi_DsGetNT4ChangeLogInfo; + + [todo] WERROR drsuapi_DsGetNT4ChangeLog( + [in] policy_handle *bind_handle, + [in,out] uint32 level, + [in] [switch_is(level)] drsuapi_DsGetNT4ChangeLogRequest req, + [out] [switch_is(level)] drsuapi_DsGetNT4ChangeLogInfo info + ); + + /*****************/ + /* Function 0x0c */ + typedef [v1_enum] enum { + DRSUAPI_DS_NAME_STATUS_OK = 0, + DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR = 1, + DRSUAPI_DS_NAME_STATUS_NOT_FOUND = 2, + DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE = 3, + DRSUAPI_DS_NAME_STATUS_NO_MAPPING = 4, + DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY = 5, + DRSUAPI_DS_NAME_STATUS_NO_SYNTACTICAL_MAPPING = 6, + DRSUAPI_DS_NAME_STATUS_TRUST_REFERRAL = 7 + } drsuapi_DsNameStatus; + + typedef [v1_enum] enum { + DRSUAPI_DS_NAME_FLAG_NO_FLAGS = 0x0, + DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY = 0x1, + DRSUAPI_DS_NAME_FLAG_EVAL_AT_DC = 0x2, + DRSUAPI_DS_NAME_FLAG_GCVERIFY = 0x4, + DRSUAPI_DS_NAME_FLAG_TRUST_REFERRAL = 0x8 + } drsuapi_DsNameFlags; + + typedef [v1_enum] enum { + DRSUAPI_DS_NAME_FORMAT_UKNOWN = 0, + DRSUAPI_DS_NAME_FORMAT_FQDN_1779 = 1, + DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT = 2, + DRSUAPI_DS_NAME_FORMAT_DISPLAY = 3, + DRSUAPI_DS_NAME_FORMAT_GUID = 6, + DRSUAPI_DS_NAME_FORMAT_CANONICAL = 7, + DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL = 8, + DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX = 9, + DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL = 10, + DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY = 11, + DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN = 12 + } drsuapi_DsNameFormat; + + typedef struct { + [string,charset(UTF16)] uint16 *str; + } drsuapi_DsNameString; + + typedef struct { + uint32 codepage; /* 0x000004e4 - 1252 is german codepage*/ + uint32 language; /* 0x00000407 - german language ID*/ + drsuapi_DsNameFlags format_flags; + drsuapi_DsNameFormat format_offered; + drsuapi_DsNameFormat format_desired; + [range(1,10000)] uint32 count; + [size_is(count)] drsuapi_DsNameString *names; + } drsuapi_DsNameRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsNameRequest1 req1; + } drsuapi_DsNameRequest; + + typedef struct { + drsuapi_DsNameStatus status; + [charset(UTF16),string] uint16 *dns_domain_name; + [charset(UTF16),string] uint16 *result_name; + } drsuapi_DsNameInfo1; + + typedef struct { + uint32 count; + [size_is(count)] drsuapi_DsNameInfo1 *array; + } drsuapi_DsNameCtr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsNameCtr1 *ctr1; + } drsuapi_DsNameCtr; + + WERROR drsuapi_DsCrackNames( + [in] policy_handle *bind_handle, + [in, out] int32 level, + [in,switch_is(level)] drsuapi_DsNameRequest req, + [out,switch_is(level)] drsuapi_DsNameCtr ctr + ); + + /*****************/ + /* Function 0x0d */ + typedef [v1_enum] enum { + DRSUAPI_DS_SPN_OPERATION_ADD = 0, + DRSUAPI_DS_SPN_OPERATION_REPLACE= 1, + DRSUAPI_DS_SPN_OPERATION_DELETE = 2 + } drsuapi_DsSpnOperation; + + typedef struct { + drsuapi_DsSpnOperation operation; + uint32 unknown1; + [charset(UTF16),string] uint16 *object_dn; + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsNameString *spn_names; + } drsuapi_DsWriteAccountSpnRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsWriteAccountSpnRequest1 req1; + } drsuapi_DsWriteAccountSpnRequest; + + typedef struct { + WERROR status; + } drsuapi_DsWriteAccountSpnResult1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsWriteAccountSpnResult1 res1; + } drsuapi_DsWriteAccountSpnResult; + + WERROR drsuapi_DsWriteAccountSpn( + [in] policy_handle *bind_handle, + [in,out] int32 level, + [in,switch_is(level)] drsuapi_DsWriteAccountSpnRequest req, + [out,switch_is(level)] drsuapi_DsWriteAccountSpnResult res + ); + + /*****************/ + /* Function 0x0e */ + typedef struct { + [charset(UTF16),string] uint16 *server_dn; + [charset(UTF16),string] uint16 *domain_dn; + uint32 unknown; /* 0x000000001 */ + } drsuapi_DsRemoveDSServerRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsRemoveDSServerRequest1 req1; + } drsuapi_DsRemoveDSServerRequest; + + typedef struct { + WERROR status; + } drsuapi_DsRemoveDSServerResult1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsRemoveDSServerResult1 res1; + } drsuapi_DsRemoveDSServerResult; + + WERROR drsuapi_DsRemoveDSServer( + [in] policy_handle *bind_handle, + [in,out] int32 level, + [in,switch_is(level)] drsuapi_DsRemoveDSServerRequest req, + [out,switch_is(level)] drsuapi_DsRemoveDSServerResult res + ); + + /*****************/ + /* Function 0x0f */ + [todo] WERROR DRSUAPI_REMOVE_DS_DOMAIN(); + + /*****************/ + /* Function 0x10 */ + typedef struct { + [charset(UTF16),string] uint16 *domain_name; /* netbios or dns */ + int32 level; /* specifies the switch level for the request */ + } drsuapi_DsGetDCInfoRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetDCInfoRequest1 req1; + } drsuapi_DsGetDCInfoRequest; + + typedef struct { + [charset(UTF16),string] uint16 *netbios_name; + [charset(UTF16),string] uint16 *dns_name; + [charset(UTF16),string] uint16 *site_name; + [charset(UTF16),string] uint16 *computer_dn; + [charset(UTF16),string] uint16 *server_dn; + uint32 is_pdc; + uint32 is_enabled; + } drsuapi_DsGetDCInfo1; + + typedef struct { + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsGetDCInfo1 *array; + } drsuapi_DsGetDCInfoCtr1; + + typedef struct { + [charset(UTF16),string] uint16 *netbios_name; + [charset(UTF16),string] uint16 *dns_name; + [charset(UTF16),string] uint16 *site_name; + [charset(UTF16),string] uint16 *site_dn; + [charset(UTF16),string] uint16 *computer_dn; + [charset(UTF16),string] uint16 *server_dn; + [charset(UTF16),string] uint16 *ntds_dn; + uint32 is_pdc; + uint32 is_enabled; + uint32 is_gc; + GUID site_guid; + GUID computer_guid; + GUID server_guid; + GUID ntds_guid; + } drsuapi_DsGetDCInfo2; + + typedef struct { + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsGetDCInfo2 *array; + } drsuapi_DsGetDCInfoCtr2; + + /* + * this represents an active connection to the + * Directory System Agent (DSA) + * this can be via LDAP or DRSUAPI + */ + typedef struct { + [flag(NDR_BIG_ENDIAN)] ipv4address client_ip_address; + uint32 unknown2; + uint32 connection_time; /* in seconds */ + uint32 unknown4; + uint32 unknown5; + uint32 unknown6; + /* + * client_account can be the following: + * "W2K3\Administrator" + * "Administrator@W2K3" + * "cn=Administrator,cn=Users,DC=w2k3,DC=vmnet1,DC=vm,DC=base" + * "" + * or NULL + */ + [charset(UTF16),string] uint16 *client_account; + } drsuapi_DsGetDCConnection01; + + typedef struct { + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsGetDCConnection01 *array; + } drsuapi_DsGetDCConnectionCtr01; + + typedef [v1_enum] enum { + DRSUAPI_DC_INFO_CTR_1 = 1, + DRSUAPI_DC_INFO_CTR_2 = 2, + DRSUAPI_DC_CONNECTION_CTR_01 = -1 + } drsuapi_DsGetDCInfoCtrLevels; + + typedef [switch_type(int32)] union { + [case(DRSUAPI_DC_INFO_CTR_1)] drsuapi_DsGetDCInfoCtr1 ctr1; + [case(DRSUAPI_DC_INFO_CTR_2)] drsuapi_DsGetDCInfoCtr2 ctr2; + [case(DRSUAPI_DC_CONNECTION_CTR_01)] drsuapi_DsGetDCConnectionCtr01 ctr01; + } drsuapi_DsGetDCInfoCtr; + + WERROR drsuapi_DsGetDomainControllerInfo( + [in] policy_handle *bind_handle, + [in] int32 level, + [in,switch_is(level)] drsuapi_DsGetDCInfoRequest req, + [out] int32 level_out, + [out,switch_is(level_out)] drsuapi_DsGetDCInfoCtr ctr + ); + + /*****************/ + /* Function 0x11 */ + typedef [public,noprint] struct { + drsuapi_DsReplicaObjectListItem *next_object; + drsuapi_DsReplicaObject object; + } drsuapi_DsReplicaObjectListItem; + + /* + * The DsAddEntry() call which creates a nTDSDSA object, + * also adds a servicePrincipalName in the following form + * to the computer account of the new domain controller + * referenced by the "serverReferenece" attribute. + * + * E3514235-4B06-11D1-AB04-00C04FC2DCD2/<new-ntdsdsa-object-guid-as-string>/<domain-dns-name> + * + * also note that the "serverReference" isn't added to the new object! + */ + const char *DRSUAPI_NTDSDSA_KRB5_SERVICE_GUID = "E3514235-4B06-11D1-AB04-00C04FC2DCD2"; + + /* + * please note the the current idl + * for DsAddEntry does only parse + * what I saw between 2 w2k3 boxes + * in my dssync experiments I got some other replies + * so all I want to say is that this is very incomplete yet... + * --metze + */ + typedef struct { + drsuapi_DsReplicaObjectListItem first_object; + } drsuapi_DsAddEntryRequest2; + + typedef [switch_type(int32)] union { + [case(2)] drsuapi_DsAddEntryRequest2 req2; + } drsuapi_DsAddEntryRequest; + + typedef struct { + uint32 unknown1; + WERROR status; + uint32 unknown2; + uint16 unknown3; + } drsuapi_DsAddEntryErrorInfoX; + + typedef struct { + [range(0,10485760)] uint32 size; + [size_is(size)] uint8 *data; + } drsuapi_DsAddEntryExtraErrorBuffer; + + typedef struct { + drsuapi_DsAddEntryErrorInfoX error; + drsuapi_DsAttributeId attid; + uint32 unknown2; + drsuapi_DsAddEntryExtraErrorBuffer buffer; + } drsuapi_DsAddEntryExtraError1; + + typedef /*[noprint]*/ struct { + drsuapi_DsAddEntryErrorListItem1 *next; + drsuapi_DsAddEntryExtraError1 error; + } drsuapi_DsAddEntryErrorListItem1; + + typedef struct { + drsuapi_DsReplicaObjectIdentifier *id; + WERROR status; + drsuapi_DsAddEntryErrorListItem1 first; + } drsuapi_DsAddEntryErrorInfo1; + + typedef [switch_type(uint32)] union { + [case(1)] drsuapi_DsAddEntryErrorInfo1 error1; +/* [case(2)] drsuapi_DsAddEntryErrorInfo2 error2; + [case(3)] drsuapi_DsAddEntryErrorInfo3 error3; +*/ [case(4)] drsuapi_DsAddEntryErrorInfoX errorX; + [case(5)] drsuapi_DsAddEntryErrorInfoX errorX; + [case(6)] drsuapi_DsAddEntryErrorInfoX errorX; + [case(7)] drsuapi_DsAddEntryErrorInfoX errorX; + } drsuapi_DsAddEntryErrorInfo; + + typedef struct { + WERROR status; + uint32 level; + [switch_is(level)] drsuapi_DsAddEntryErrorInfo *info; + } drsuapi_DsAddEntryError1; + + typedef [switch_type(uint32)] union { + [case(1)] drsuapi_DsAddEntryError1 info1; + } drsuapi_DsAddEntryError; + + typedef struct { + GUID guid; + dom_sid28 sid; + } drsuapi_DsReplicaObjectIdentifier2; + + typedef struct { + drsuapi_DsReplicaObjectIdentifier *id; + uint32 unknown1; + drsuapi_DsAddEntryErrorInfoX error; + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsReplicaObjectIdentifier2 *objects; + } drsuapi_DsAddEntryCtr2; + + typedef struct { + drsuapi_DsReplicaObjectIdentifier *id; + uint32 level; + [switch_is(level)] drsuapi_DsAddEntryError *error; + [range(0,10000)] uint32 count; + [size_is(count)] drsuapi_DsReplicaObjectIdentifier2 *objects; + } drsuapi_DsAddEntryCtr3; + + typedef [switch_type(int32)] union { + [case(2)] drsuapi_DsAddEntryCtr2 ctr2; + [case(3)] drsuapi_DsAddEntryCtr3 ctr3; + } drsuapi_DsAddEntryCtr; + + [public] WERROR drsuapi_DsAddEntry( + [in] policy_handle *bind_handle, + [in,out] int32 level, + [in,switch_is(level)] drsuapi_DsAddEntryRequest req, + [out,switch_is(level)] drsuapi_DsAddEntryCtr ctr + ); + + /*****************/ + /* Function 0x12 */ + [todo] WERROR DRSUAPI_EXECUTE_KCC(); + + /*****************/ + /* Function 0x13 */ + typedef [v1_enum] enum { + DRSUAPI_DS_REPLICA_GET_INFO = 1, + DRSUAPI_DS_REPLICA_GET_INFO2 = 2 + } drsuapi_DsReplicaGetInfoLevel; + + typedef [v1_enum] enum { + DRSUAPI_DS_REPLICA_INFO_NEIGHBORS = 0, + DRSUAPI_DS_REPLICA_INFO_CURSORS = 1, + DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA = 2, + DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES = 3, + DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES = 4, + DRSUAPI_DS_REPLICA_INFO_PENDING_OPS = 5, + DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA = 6, + DRSUAPI_DS_REPLICA_INFO_CURSORS2 = 7, + DRSUAPI_DS_REPLICA_INFO_CURSORS3 = 8, + DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2 = 9, + DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2 = 10, + DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02 = -2, + DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04 = -4, + DRSUAPI_DS_REPLICA_INFO_CURSORS05 = -5, + DRSUAPI_DS_REPLICA_INFO_06 = -6 + } drsuapi_DsReplicaInfoType; + + typedef struct { + drsuapi_DsReplicaInfoType info_type; + [charset(UTF16),string] uint16 *object_dn; + GUID guid1; + } drsuapi_DsReplicaGetInfoRequest1; + + typedef struct { + drsuapi_DsReplicaInfoType info_type; + [charset(UTF16),string] uint16 *object_dn; + GUID guid1; + uint32 unknown1; + [charset(UTF16),string] uint16 *string1; + [charset(UTF16),string] uint16 *string2; + uint32 unknown2; + } drsuapi_DsReplicaGetInfoRequest2; + + typedef [switch_type(drsuapi_DsReplicaGetInfoLevel)] union { + [case(DRSUAPI_DS_REPLICA_GET_INFO)] drsuapi_DsReplicaGetInfoRequest1 req1; + [case(DRSUAPI_DS_REPLICA_GET_INFO2)] drsuapi_DsReplicaGetInfoRequest2 req2; + } drsuapi_DsReplicaGetInfoRequest; + + typedef struct { + [charset(UTF16),string] uint16 *naming_context_dn; + [charset(UTF16),string] uint16 *source_dsa_obj_dn; + [charset(UTF16),string] uint16 *source_dsa_address; + [charset(UTF16),string] uint16 *transport_obj_dn; + drsuapi_DsReplicaNeighbourFlags replica_flags; + uint32 reserved; + GUID naming_context_obj_guid; + GUID source_dsa_obj_guid; + GUID source_dsa_invocation_id; + GUID transport_obj_guid; + hyper tmp_highest_usn; + hyper highest_usn; + NTTIME last_success; + NTTIME last_attempt; + WERROR result_last_attempt; + uint32 consecutive_sync_failures; + } drsuapi_DsReplicaNeighbour; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaNeighbour array[]; + } drsuapi_DsReplicaNeighbourCtr; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaCursor array[]; + } drsuapi_DsReplicaCursorCtr; + + typedef struct { + [charset(UTF16),string] uint16 *attribute_name; + uint32 version; + NTTIME originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + hyper local_usn; + } drsuapi_DsReplicaObjMetaData; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaObjMetaData array[]; + } drsuapi_DsReplicaObjMetaDataCtr; + + typedef struct { + [charset(UTF16),string] uint16 *dsa_obj_dn; + GUID dsa_obj_guid; + NTTIME first_failure; + uint32 num_failures; + WERROR last_result; + } drsuapi_DsReplicaKccDsaFailure; + + typedef struct { + uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaKccDsaFailure array[]; + } drsuapi_DsReplicaKccDsaFailuresCtr; + + typedef enum { + DRSUAPI_DS_REPLICA_OP_TYPE_SYNC = 0, + DRSUAPI_DS_REPLICA_OP_TYPE_ADD = 1, + DRSUAPI_DS_REPLICA_OP_TYPE_DELETE = 2, + DRSUAPI_DS_REPLICA_OP_TYPE_MODIFY = 3, + DRSUAPI_DS_REPLICA_OP_TYPE_UPDATE_REFS = 4 + } drsuapi_DsReplicaOpType; + + typedef [switch_type(drsuapi_DsReplicaOpType)] union { + [case(DRSUAPI_DS_REPLICA_OP_TYPE_SYNC)] drsuapi_DsReplicaSyncOptions sync; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_ADD)] drsuapi_DsReplicaAddOptions add; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_DELETE)] drsuapi_DsReplicaDeleteOptions delete; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_MODIFY)] drsuapi_DsReplicaModifyOptions modify; + [case(DRSUAPI_DS_REPLICA_OP_TYPE_UPDATE_REFS)] drsuapi_DsReplicaUpdateRefsOptions update_refs; + [default] uint32 unknown; + } drsuapi_DsRplicaOpOptions; + + typedef struct { + NTTIME operation_start; + uint32 serial_num; /* unique till reboot */ + uint32 priority; + drsuapi_DsReplicaOpType operation_type; + [switch_is(operation_type)] drsuapi_DsRplicaOpOptions options; + [charset(UTF16),string] uint16 *nc_dn; + [charset(UTF16),string] uint16 *remote_dsa_obj_dn; + [charset(UTF16),string] uint16 *remote_dsa_address; + GUID nc_obj_guid; + GUID remote_dsa_obj_guid; + } drsuapi_DsReplicaOp; + + typedef struct { + NTTIME time; + uint32 count; + [size_is(count)] drsuapi_DsReplicaOp array[]; + } drsuapi_DsReplicaOpCtr; + + typedef struct { + [charset(UTF16),string] uint16 *attribute_name; + [charset(UTF16),string] uint16 *object_dn; + [value(ndr_size_DATA_BLOB(0,binary,0))] uint32 __ndr_size_binary; + DATA_BLOB *binary; + NTTIME deleted; + NTTIME created; + uint32 version; + NTTIME originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + hyper local_usn; + } drsuapi_DsReplicaAttrValMetaData; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaAttrValMetaData array[]; + } drsuapi_DsReplicaAttrValMetaDataCtr; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaCursor2 array[]; + } drsuapi_DsReplicaCursor2Ctr; + + typedef struct { + GUID source_dsa_invocation_id; + hyper highest_usn; + NTTIME last_sync_success; + [charset(UTF16),string] uint16 *source_dsa_obj_dn; + } drsuapi_DsReplicaCursor3; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaCursor3 array[]; + } drsuapi_DsReplicaCursor3Ctr; + + typedef struct { + [charset(UTF16),string] uint16 *attribute_name; + uint32 version; + NTTIME originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + hyper local_usn; + [charset(UTF16),string] uint16 *originating_dsa_dn; + } drsuapi_DsReplicaObjMetaData2; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaObjMetaData2 array[]; + } drsuapi_DsReplicaObjMetaData2Ctr; + + typedef struct { + [charset(UTF16),string] uint16 *attribute_name; + [charset(UTF16),string] uint16 *object_dn; + [value(ndr_size_DATA_BLOB(0,binary,0))] uint32 __ndr_size_binary; + DATA_BLOB *binary; + NTTIME deleted; + NTTIME created; + uint32 version; + NTTIME originating_change_time; + GUID originating_invocation_id; + hyper originating_usn; + hyper local_usn; + [charset(UTF16),string] uint16 *originating_dsa_dn; + } drsuapi_DsReplicaAttrValMetaData2; + + typedef struct { + uint32 count; + int32 enumeration_context; + [size_is(count)] drsuapi_DsReplicaAttrValMetaData2 array[]; + } drsuapi_DsReplicaAttrValMetaData2Ctr; + + typedef struct { + hyper u1; /* session number? */ + uint32 u2; + uint32 u3; + GUID bind_guid; + NTTIME_1sec bind_time; + [flag(NDR_BIG_ENDIAN)] ipv4address client_ip_address; + uint32 u5; /* this is the same value the client used as pid in the DsBindInfoX struct */ + } drsuapi_DsReplicaConnection04; + + typedef struct { + [range(0,10000)] uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplicaConnection04 array[]; + } drsuapi_DsReplicaConnection04Ctr; + + typedef struct { + [charset(UTF16),string] uint16 *str1; + uint32 u1; + uint32 u2; + uint32 u3; + uint32 u4; + uint32 u5; + hyper u6; + uint32 u7; + } drsuapi_DsReplica06; + + typedef struct { + [range(0,256)] uint32 count; + uint32 reserved; + [size_is(count)] drsuapi_DsReplica06 array[]; + } drsuapi_DsReplica06Ctr; + + typedef [switch_type(drsuapi_DsReplicaInfoType)] union { + [case(DRSUAPI_DS_REPLICA_INFO_NEIGHBORS)] drsuapi_DsReplicaNeighbourCtr *neighbours; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS)] drsuapi_DsReplicaCursorCtr *cursors; + [case(DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA)] drsuapi_DsReplicaObjMetaDataCtr *objmetadata; + [case(DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES)] drsuapi_DsReplicaKccDsaFailuresCtr *connectfailures; + [case(DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES)] drsuapi_DsReplicaKccDsaFailuresCtr *linkfailures; + [case(DRSUAPI_DS_REPLICA_INFO_PENDING_OPS)] drsuapi_DsReplicaOpCtr *pendingops; + [case(DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA)] drsuapi_DsReplicaAttrValMetaDataCtr *attrvalmetadata; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS2)] drsuapi_DsReplicaCursor2Ctr *cursors2; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS3)] drsuapi_DsReplicaCursor3Ctr *cursors3; + [case(DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2)] drsuapi_DsReplicaObjMetaData2Ctr *objmetadata2; + [case(DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2)] drsuapi_DsReplicaAttrValMetaData2Ctr *attrvalmetadata2; + [case(DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02)] drsuapi_DsReplicaNeighbourCtr *neighbours02; + [case(DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04)] drsuapi_DsReplicaConnection04Ctr *connections04; + [case(DRSUAPI_DS_REPLICA_INFO_CURSORS05)] drsuapi_DsReplicaCursorCtrEx *cursors05; + [case(DRSUAPI_DS_REPLICA_INFO_06)] drsuapi_DsReplica06Ctr *i06; + } drsuapi_DsReplicaInfo; + + WERROR drsuapi_DsReplicaGetInfo( + [in] policy_handle *bind_handle, + [in] drsuapi_DsReplicaGetInfoLevel level, + [in,switch_is(level)] drsuapi_DsReplicaGetInfoRequest req, + [out] drsuapi_DsReplicaInfoType info_type, + [out,switch_is(info_type)] drsuapi_DsReplicaInfo info + ); + + /*****************/ + /* Function 0x14 */ + [todo] WERROR DRSUAPI_ADD_SID_HISTORY(); + + /*****************/ + /* Function 0x15 */ + + typedef struct { + [range(0,10000)] uint32 num_entries; + [size_is(num_entries)] drsuapi_DsGetMembershipsCtr1 **ctrl_array; + } drsuapi_DsGetMemberships2Ctr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1; + } drsuapi_DsGetMemberships2Ctr; + + typedef struct { + [range(1,10000)] uint32 num_req; + [size_is(num_req)] drsuapi_DsGetMembershipsRequest1 **req_array; + } drsuapi_DsGetMemberships2Request1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMemberships2Request1 req1; + } drsuapi_DsGetMemberships2Request; + + WERROR drsuapi_DsGetMemberships2( + [in] policy_handle *bind_handle, + [in,out] int32 level, + [in] [switch_is(level)] drsuapi_DsGetMemberships2Request req, + [out] [switch_is(level)] drsuapi_DsGetMemberships2Ctr ctr + ); + + + /*****************/ + /* Function 0x16 */ + [todo] WERROR DRSUAPI_REPLICA_VERIFY_OBJECTS(); + + /*****************/ + /* Function 0x17 */ + [todo] WERROR DRSUAPI_GET_OBJECT_EXISTENCE(); + + /*****************/ + /* Function 0x18 */ + typedef struct { + WERROR error_code; + uint32 site_cost; + } drsuapi_DsSiteCostInfo; + + typedef struct { + [range(0,10000)] uint32 num_info; + [size_is(num_info)] drsuapi_DsSiteCostInfo *info; + uint32 unknown; + } drsuapi_QuerySitesByCostCtr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_QuerySitesByCostCtr1 ctr1; + } drsuapi_QuerySitesByCostCtr; + + typedef struct { + [charset(UTF16),string] uint16 *site_from; + [range(1,10000)] uint32 num_req; + [size_is(num_req)] [charset(UTF16),string] uint16 **site_to; + uint32 flags; + } drsuapi_QuerySitesByCostRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_QuerySitesByCostRequest1 req1; + } drsuapi_QuerySitesByCostRequest; + + WERROR drsuapi_QuerySitesByCost( + [in] policy_handle *bind_handle, + [in] int32 level, + [in] [switch_is(level)] drsuapi_QuerySitesByCostRequest req, + [out] int32 level_out, + [out] [switch_is(level_out)] drsuapi_QuerySitesByCostCtr ctr + ); +} diff --git a/source4/librpc/idl/dsbackup.idl b/source4/librpc/idl/dsbackup.idl new file mode 100644 index 0000000000..72e8bf9c2b --- /dev/null +++ b/source4/librpc/idl/dsbackup.idl @@ -0,0 +1,34 @@ +[ + uuid("ecec0d70-a603-11d0-96b1-00a0c91ece30"), + version(1.0), + pointer_default(unique), + helpstring("Backup support for Active Directory") +] interface ad_backup +{ + [todo] void HrRBackupPrepare(); + [todo] void HrRBackupEnd(); + [todo] void HrRBackupGetAttachmentInformation(); + [todo] void HrRBackupOpenFile(); + [todo] void HrRBackupRead(); + [todo] void HrRBackupClose(); + [todo] void HrRBackupGetBackupLogs(); + [todo] void HrRBackupTruncateLogs(); + [todo] void HrRBackupPing(); +} + +[ + uuid("16e0cf3a-a604-11d0-96b1-00a0c91ece30"), + version(1.0), + pointer_default(unique), + helpstring("Restoring Active Directory backups") +] interface ad_restore +{ + [todo] void HrRIsNTDSOnline(); + [todo] void HrRRestorePrepare(); + [todo] void HrRRestoreRegister(); + [todo] void HrRRestoreRegisterComplete(); + [todo] void HrRRestoreGetDatabaseLocations(); + [todo] void HrRRestoreEnd(); + [todo] void HrRRestoreSetCurrentLogNumber(); + [todo] void HrRRestoreCheckLogsForBackup(); +} diff --git a/source4/librpc/idl/dssetup.idl b/source4/librpc/idl/dssetup.idl new file mode 100644 index 0000000000..14de9f7633 --- /dev/null +++ b/source4/librpc/idl/dssetup.idl @@ -0,0 +1,101 @@ +/* + dssetup interface definition +*/ + +import "misc.idl"; + +[ + uuid("3919286a-b10c-11d0-9ba8-00c04fd92ef5"), + version(0.0), + endpoint("ncacn_np:[\\pipe\\lsarpc]", "ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"), + pointer_default(unique), + helpstring("Active Directory Setup") +] interface dssetup +{ + /**********************************************/ + /* Function 0x00 */ + + typedef enum { + DS_ROLE_STANDALONE_WORKSTATION = 0, + DS_ROLE_MEMBER_WORKSTATION = 1, + DS_ROLE_STANDALONE_SERVER = 2, + DS_ROLE_MEMBER_SERVER = 3, + DS_ROLE_BACKUP_DC = 4, + DS_ROLE_PRIMARY_DC = 5 + } dssetup_DsRole; + + typedef [bitmap32bit] bitmap { + DS_ROLE_PRIMARY_DS_RUNNING = 0x00000001, + DS_ROLE_PRIMARY_DS_MIXED_MODE = 0x00000002, + DS_ROLE_UPGRADE_IN_PROGRESS = 0x00000004, + DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT = 0x01000000 + } dssetup_DsRoleFlags; + + typedef struct { + dssetup_DsRole role; + dssetup_DsRoleFlags flags; + [charset(UTF16),string] uint16 *domain; + [charset(UTF16),string] uint16 *dns_domain; + [charset(UTF16),string] uint16 *forest; + GUID domain_guid; + } dssetup_DsRolePrimaryDomInfoBasic; + + typedef [v1_enum] enum { + DS_ROLE_NOT_UPGRADING = 0, + DS_ROLE_UPGRADING = 1 + } dssetup_DsUpgrade; + + typedef enum { + DS_ROLE_PREVIOUS_UNKNOWN = 0, + DS_ROLE_PREVIOUS_PRIMARY = 1, + DS_ROLE_PREVIOUS_BACKUP = 2 + } dssetup_DsPrevious; + + typedef struct { + dssetup_DsUpgrade upgrading; + dssetup_DsPrevious previous_role; + } dssetup_DsRoleUpgradeStatus; + + typedef enum { + DS_ROLE_OP_IDLE = 0, + DS_ROLE_OP_ACTIVE = 1, + DS_ROLE_OP_NEEDS_REBOOT = 2 + } dssetup_DsRoleOp; + + typedef struct { + dssetup_DsRoleOp status; + } dssetup_DsRoleOpStatus; + + typedef enum { + DS_ROLE_BASIC_INFORMATION = 1, + DS_ROLE_UPGRADE_STATUS = 2, + DS_ROLE_OP_STATUS = 3 + } dssetup_DsRoleInfoLevel; + + typedef [switch_type(dssetup_DsRoleInfoLevel)] union { + [case(DS_ROLE_BASIC_INFORMATION)] dssetup_DsRolePrimaryDomInfoBasic basic; + [case(DS_ROLE_UPGRADE_STATUS)] dssetup_DsRoleUpgradeStatus upgrade; + [case(DS_ROLE_OP_STATUS)] dssetup_DsRoleOpStatus opstatus; + } dssetup_DsRoleInfo; + + WERROR dssetup_DsRoleGetPrimaryDomainInformation( + [in] dssetup_DsRoleInfoLevel level, + [out,switch_is(level),unique] dssetup_DsRoleInfo *info + ); + + /* + w2k3 has removed all the calls below from their implementation. + These stubs are left here only as a way of documenting the names + of the calls in case they ever turn up on the wire. + */ + [todo] WERROR dssetup_DsRoleDnsNameToFlatName(); + [todo] WERROR dssetup_DsRoleDcAsDc(); + [todo] WERROR dssetup_DsRoleDcAsReplica(); + [todo] WERROR dssetup_DsRoleDemoteDc(); + [todo] WERROR dssetup_DsRoleGetDcOperationProgress(); + [todo] WERROR dssetup_DsRoleGetDcOperationResults(); + [todo] WERROR dssetup_DsRoleCancel(); + [todo] WERROR dssetup_DsRoleServerSaveStateForUpgrade(); + [todo] WERROR dssetup_DsRoleUpgradeDownlevelServer(); + [todo] WERROR dssetup_DsRoleAbortDownlevelServerUpgrade(); +} diff --git a/source4/librpc/idl/echo.idl b/source4/librpc/idl/echo.idl new file mode 100644 index 0000000000..bf1e318674 --- /dev/null +++ b/source4/librpc/idl/echo.idl @@ -0,0 +1,127 @@ + +[ + uuid("60a15ec5-4de8-11d7-a637-005056a20182"), + endpoint("ncacn_np:[\\pipe\\rpcecho]", "ncacn_ip_tcp:", "ncalrpc:"), + pointer_default(unique), + version(1.0), + helpstring("Simple echo pipe") +] +interface rpcecho +{ + /* Add one to an integer */ + void echo_AddOne( + [in] uint32 in_data, + [out] uint32 *out_data + ); + /* Echo an array of bytes back at the caller */ + void echo_EchoData( + [in] uint32 len, + [in] [size_is(len)] uint8 in_data[], + [out] [size_is(len)] uint8 out_data[] + ); + /* Sink data to the server */ + void echo_SinkData( + [in] uint32 len, + [in,size_is(len)] uint8 data[] + ); + /* Source data from server */ + void echo_SourceData( + [in] uint32 len, + [out,size_is(len)] uint8 data[] + ); + + /* test strings */ + void echo_TestCall ( + [in,string,charset(UTF16)] uint16 *s1, + [out,string,charset(UTF16)] uint16 **s2 + ); + + + /* test some alignment issues */ + typedef [public] struct { + uint8 v; + } echo_info1; + + typedef struct { + uint16 v; + } echo_info2; + + typedef struct { + uint32 v; + } echo_info3; + + struct echo_info4 { + hyper v; + }; + + typedef struct { + uint8 v1; + hyper v2; + } echo_info5; + + typedef struct { + uint8 v1; + echo_info1 info1; + } echo_info6; + + typedef struct { + uint8 v1; + struct echo_info4 info4; + } echo_info7; + + typedef [switch_type(uint16)] union { + [case(1)] echo_info1 info1; + [case(2)] echo_info2 info2; + [case(3)] echo_info3 info3; + [case(4)] struct echo_info4 info4; + [case(5)] echo_info5 info5; + [case(6)] echo_info6 info6; + [case(7)] echo_info7 info7; + } echo_Info; + + NTSTATUS echo_TestCall2 ( + [in] uint16 level, + [out,switch_is(level)] echo_Info *info + ); + + uint32 echo_TestSleep( + [in] uint32 seconds + ); + + typedef enum { + ECHO_ENUM1 = 1, + ECHO_ENUM2 = 2 + } echo_Enum1; + + typedef [v1_enum] enum { + ECHO_ENUM1_32 = 1, + ECHO_ENUM2_32 = 2 + } echo_Enum1_32; + + typedef struct { + echo_Enum1 e1; + echo_Enum1_32 e2; + } echo_Enum2; + + typedef [switch_type(uint16)] union { + [case(ECHO_ENUM1)] echo_Enum1 e1; + [case(ECHO_ENUM2)] echo_Enum2 e2; + } echo_Enum3; + + void echo_TestEnum( + [in,out,ref] echo_Enum1 *foo1, + [in,out,ref] echo_Enum2 *foo2, + [in,out,ref,switch_is(*foo1)] echo_Enum3 *foo3 + ); + + typedef struct { + uint32 x; + [size_is(x)] uint16 surrounding[*]; + } echo_Surrounding; + + void echo_TestSurrounding( + [in,out,ref] echo_Surrounding *data + ); + + uint16 echo_TestDoublePointer([in] uint16 ***data); +} diff --git a/source4/librpc/idl/efs.idl b/source4/librpc/idl/efs.idl new file mode 100644 index 0000000000..4279b08d13 --- /dev/null +++ b/source4/librpc/idl/efs.idl @@ -0,0 +1,108 @@ +/* + IDL definitions from original packet-dcerpc-efs.c + by Jean-Baptiste Marchand +*/ + +import "security.idl"; + +[ + uuid("c681d488-d850-11d0-8c52-00c04fd90f7e"), + version(1.0), + pointer_default(unique) +] interface efs +{ + +WERROR EfsRpcOpenFileRaw( + [out,ref] policy_handle *pvContext, + [in] [charset(UTF16),string] uint16 FileName[], + [in] uint32 Flags + ); + +[todo] WERROR EfsRpcReadFileRaw( + [in,ref] policy_handle *pvContext +/* incomplete */ +); + + +[todo] WERROR EfsRpcWriteFileRaw( + [in,ref] policy_handle *pvContext +/* incomplete */ +); + +void EfsRpcCloseRaw( + [in,out,ref] policy_handle *pvContext +); + +WERROR EfsRpcEncryptFileSrv( + [in] [charset(UTF16),string] uint16 Filename[] +); + +WERROR EfsRpcDecryptFileSrv( + [in] [charset(UTF16),string] uint16 FileName[], + [in] uint32 Reserved +); + +typedef struct { + uint32 cbData; + [size_is(cbData), unique] uint8 *pbData; +} EFS_HASH_BLOB; + +typedef struct { + uint32 cbTotalLength; + [unique] dom_sid *pUserSid; + [unique] EFS_HASH_BLOB *pHash; + [unique] [charset(UTF16),string] uint16 *lpDisplayInformation; +} ENCRYPTION_CERTIFICATE_HASH; + +typedef struct { + uint32 nCert_Hash; + /* this is a pointer to an array of pointers */ + [size_is(nCert_Hash)] ENCRYPTION_CERTIFICATE_HASH *pUsers[*]; +} ENCRYPTION_CERTIFICATE_HASH_LIST; + +WERROR EfsRpcQueryUsersOnFile( + [in] [charset(UTF16),string] uint16 FileName[], + [out,ref,unique] ENCRYPTION_CERTIFICATE_HASH_LIST **pUsers +); + +WERROR EfsRpcQueryRecoveryAgents( + [in] [charset(UTF16),string] uint16 FileName[], + [out,ref,unique] ENCRYPTION_CERTIFICATE_HASH_LIST **pRecoveryAgents +); + +[todo] WERROR EfsRpcRemoveUsersFromFile( + [in] [charset(UTF16),string] uint16 FileName[] + /* [in] ENCRYPTION_CERTIFICATE_LIST Hashes*/ +); + +[todo] WERROR EfsRpcAddUsersToFile( + [in] [charset(UTF16),string] uint16 FileName[] + /* [in] ENCRYPTION_CERTIFICATE_LIST Hashes*/ +); + +typedef struct { + uint32 dwCertEncodingType; + uint32 cbData; + [size_is(cbData)] [unique] uint8 *pbData; +} EFS_CERTIFICATE_BLOB; + +typedef struct { + uint32 TotalLength; + [unique] dom_sid *pUserSid; + [unique] EFS_CERTIFICATE_BLOB *pCertBlob; +} ENCRYPTION_CERTIFICATE; + +WERROR EfsRpcSetFileEncryptionKey( + [in] [unique] ENCRYPTION_CERTIFICATE *pEncryptionCertificate +); + +[todo] WERROR EfsRpcNotSupported( +); + +[todo] WERROR EfsRpcFileKeyInfo( +); + +[todo] WERROR EfsRpcDuplicateEncryptionInfoFile( +); + +} diff --git a/source4/librpc/idl/epmapper.idl b/source4/librpc/idl/epmapper.idl new file mode 100644 index 0000000000..ea04878094 --- /dev/null +++ b/source4/librpc/idl/epmapper.idl @@ -0,0 +1,314 @@ +#include "idl_types.h" + +/* + endpoint mapper interface + Related links: + http://www.opengroup.org/onlinepubs/9629399/apdxo.htm : The official IDL for this pipe + http://www.opengroup.org/onlinepubs/9629399/apdxl.htm : Details on towers +http://www.opengroup.org/onlinepubs/9629399/chap6.htm#tagcjh_11_02_03_01: binding strings + +*/ + +import "misc.idl"; + +[ + uuid("e1af8308-5d1f-11c9-91a4-08002b14a0fa"), + version(3.0), + endpoint("ncacn_np:[\\pipe\\epmapper]", "ncacn_ip_tcp:[135]", + "ncalrpc:[EPMAPPER]"), + helpstring("EndPoint Mapper"), + pointer_default(ptr) +] +interface epmapper +{ + + /* + note that the following IDL won't work in MIDL, and in fact + that the full towers/floors representation of epm cannot be + represented in MIDL at all. I decided to represent it using + the extended IDL syntax in pidl to make it easier to work + with. + */ + + const int EPMAPPER_STATUS_NO_MORE_ENTRIES = 0x16c9a0d6; + const int EPMAPPER_STATUS_NO_MEMORY = 0x16C9A012; + const int EPMAPPER_STATUS_OK = 0; + + + + typedef [enum8bit] enum { + + /* Level 4 and higher */ + EPM_PROTOCOL_DNET_NSP = 0x04, + EPM_PROTOCOL_OSI_TP4 = 0x05, + EPM_PROTOCOL_OSI_CLNS = 0x06, + EPM_PROTOCOL_TCP = 0x07, + EPM_PROTOCOL_UDP = 0x08, + EPM_PROTOCOL_IP = 0x09, + /* These 4 are protocol identifiers, always at level 3 or lower */ + EPM_PROTOCOL_NCADG = 0x0a, /* Connectionless RPC */ + EPM_PROTOCOL_NCACN = 0x0b, + EPM_PROTOCOL_NCALRPC = 0x0c, /* Local RPC */ + EPM_PROTOCOL_UUID = 0x0d, + EPM_PROTOCOL_IPX = 0x0e, + EPM_PROTOCOL_SMB = 0x0f, + EPM_PROTOCOL_PIPE = 0x10, + EPM_PROTOCOL_NETBIOS = 0x11, + EPM_PROTOCOL_NETBEUI = 0x12, + EPM_PROTOCOL_SPX = 0x13, + EPM_PROTOCOL_NB_IPX = 0x14, /* NetBIOS over IPX */ + EPM_PROTOCOL_DSP = 0x16, /* AppleTalk Data Stream Protocol */ + EPM_PROTOCOL_DDP = 0x17, /* AppleTalk Data Datagram Protocol */ + EPM_PROTOCOL_APPLETALK = 0x18, /* AppleTalk */ + EPM_PROTOCOL_VINES_SPP = 0x1a, + EPM_PROTOCOL_VINES_IPC = 0x1b, /* Inter Process Communication */ + EPM_PROTOCOL_STREETTALK = 0x1c, /* Vines Streettalk */ + EPM_PROTOCOL_HTTP = 0x1f, + EPM_PROTOCOL_UNIX_DS = 0x20, /* Unix domain socket */ + EPM_PROTOCOL_NULL = 0x21 + } epm_protocol; + + typedef struct { + /*FIXME */ + } epm_rhs_dnet_nsp; + + typedef struct { + /*FIXME*/ + } epm_rhs_osi_tp4; + + typedef struct { + /*FIXME*/ + } epm_rhs_osi_clns; + + typedef struct { + uint16 port; + } epm_rhs_udp; + + typedef struct { + uint16 port; + } epm_rhs_tcp; + + typedef struct { + ipv4address ipaddr; + } epm_rhs_ip; + + typedef struct { + uint16 minor_version; + } epm_rhs_ncadg; + + typedef struct { + uint16 minor_version; + } epm_rhs_ncacn; + + typedef struct { + [flag(NDR_REMAINING)] DATA_BLOB unknown; + } epm_rhs_uuid; + + typedef struct { + /*FIXME */ + } epm_rhs_ipx; + + typedef struct { + astring unc; + } epm_rhs_smb; + + typedef struct { + astring path; + } epm_rhs_pipe; + + typedef struct { + astring name; + } epm_rhs_netbios; + + typedef struct { + } epm_rhs_netbeui; + + typedef struct { + } epm_rhs_spx; + + typedef struct { + } epm_rhs_nb_ipx; + + typedef struct { + uint16 port; + } epm_rhs_http; + + typedef struct { + astring path; + } epm_rhs_unix_ds; + + typedef struct { + } epm_rhs_null; + + typedef struct { + uint16 minor_version; + } epm_rhs_ncalrpc; + + typedef struct { + } epm_rhs_appletalk; + + typedef struct { + } epm_rhs_atalk_stream; + + typedef struct { + } epm_rhs_atalk_datagram; + + typedef struct { + uint16 port; + } epm_rhs_vines_spp; + + typedef struct { + uint16 port; + } epm_rhs_vines_ipc; + + typedef struct { + astring streettalk; + } epm_rhs_streettalk; + + typedef [flag(NDR_BIG_ENDIAN),nodiscriminant] union { + [case(EPM_PROTOCOL_DNET_NSP)] epm_rhs_dnet_nsp dnet_nsp; + [case(EPM_PROTOCOL_OSI_TP4)] epm_rhs_osi_tp4 osi_tp4; + [case(EPM_PROTOCOL_OSI_CLNS)] epm_rhs_osi_clns osi_clns; + [case(EPM_PROTOCOL_TCP)] epm_rhs_tcp tcp; + [case(EPM_PROTOCOL_UDP)] epm_rhs_udp udp; + [case(EPM_PROTOCOL_IP)] epm_rhs_ip ip; + [case(EPM_PROTOCOL_NCADG)] epm_rhs_ncadg ncadg; + [case(EPM_PROTOCOL_NCACN)] epm_rhs_ncacn ncacn; + [case(EPM_PROTOCOL_NCALRPC)] epm_rhs_ncalrpc ncalrpc; + [case(EPM_PROTOCOL_UUID)] epm_rhs_uuid uuid; + [case(EPM_PROTOCOL_IPX)] epm_rhs_ipx ipx; + [case(EPM_PROTOCOL_SMB)] epm_rhs_smb smb; + [case(EPM_PROTOCOL_PIPE)] epm_rhs_pipe pipe; + [case(EPM_PROTOCOL_NETBIOS)] epm_rhs_netbios netbios; + [case(EPM_PROTOCOL_NETBEUI)] epm_rhs_netbeui netbeui; + [case(EPM_PROTOCOL_SPX)] epm_rhs_spx spx; + [case(EPM_PROTOCOL_NB_IPX)] epm_rhs_nb_ipx nb_ipx; + [case(EPM_PROTOCOL_DSP)] epm_rhs_atalk_stream atalk_stream; + [case(EPM_PROTOCOL_DDP)] epm_rhs_atalk_datagram atalk_datagram; + [case(EPM_PROTOCOL_APPLETALK)] epm_rhs_appletalk appletalk; + [case(EPM_PROTOCOL_VINES_SPP)] epm_rhs_vines_spp vines_spp; + [case(EPM_PROTOCOL_VINES_IPC)] epm_rhs_vines_ipc vines_ipc; + [case(EPM_PROTOCOL_STREETTALK)] epm_rhs_streettalk streettalk; + [case(EPM_PROTOCOL_HTTP)] epm_rhs_http http; + [case(EPM_PROTOCOL_UNIX_DS)] epm_rhs_unix_ds unix_ds; + [case(EPM_PROTOCOL_NULL)] epm_rhs_null null; + [default] [flag(NDR_REMAINING)] DATA_BLOB unknown; + } epm_rhs; + + typedef struct { + epm_protocol protocol; + [flag(NDR_REMAINING)] DATA_BLOB lhs_data; + } epm_lhs; + + typedef struct { + [subcontext(2)] epm_lhs lhs; + [subcontext(2),switch_is(lhs.protocol)] epm_rhs rhs; + } epm_floor; + + /* note that the NDR_NOALIGN flag is inherited by all nested + structures. All of the towers/floors stuff is + non-aligned. I wonder what sort of wicked substance these + guys were smoking? + */ + typedef [gensize,flag(NDR_NOALIGN|NDR_LITTLE_ENDIAN)] struct { + uint16 num_floors; + epm_floor floors[num_floors]; + } epm_tower; + + typedef struct { + [value(ndr_size_epm_tower(&tower, ndr->flags))] uint32 tower_length; + [subcontext(4)] epm_tower tower; + } epm_twr_t; + + typedef struct { + GUID object; + epm_twr_t *tower; + /* + * In theory this should be: + * [charset(DOS),string] uint8 annotation[64] + * But midl treats this as: + * [charset(DOS),string] uint8 annotation[] + * and pidl doesn't support this yet + */ + [value(0)] uint32 __annotation_offset; + [value(strlen(annotation)+1)] uint32 __annotation_length; + [charset(DOS)] uint8 annotation[__annotation_length]; + } epm_entry_t; + + typedef struct { + GUID uuid; + uint16 vers_major; + uint16 vers_minor; + } rpc_if_id_t; + + /**********************/ + /* Function 0x0 */ + error_status_t epm_Insert( + [in] uint32 num_ents, + [in,size_is(num_ents)] epm_entry_t entries[], + [in] uint32 replace + ); + + /**********************/ + /* Function 0x1 */ + error_status_t epm_Delete( + [in] uint32 num_ents, + [in, size_is(num_ents)] epm_entry_t entries[] + ); + + /**********************/ + /* Function 0x02 */ + error_status_t epm_Lookup( + [in] uint32 inquiry_type, + [in,ptr] GUID *object, + [in,ptr] rpc_if_id_t *interface_id, + [in] uint32 vers_option, + [in,out] policy_handle *entry_handle, + [in] uint32 max_ents, + [out] uint32 *num_ents, + [out, length_is(*num_ents), size_is(max_ents)] epm_entry_t entries[] + ); + + + /**********************/ + /* Function 0x03 */ + + typedef struct { + epm_twr_t *twr; + } epm_twr_p_t; + + [public] error_status_t epm_Map( + [in,ptr] GUID *object, + [in,ptr] epm_twr_t *map_tower, + [in,out] policy_handle *entry_handle, + [in] uint32 max_towers, + [out] uint32 *num_towers, + [out, length_is(*num_towers), size_is(max_towers)] epm_twr_p_t towers[] + ); + + + /**********************/ + /* Function 0x04 */ + error_status_t epm_LookupHandleFree( + [in,out] policy_handle *entry_handle + ); + + /**********************/ + /* Function 0x05 */ + error_status_t epm_InqObject( + [in] GUID *epm_object + ); + + + /**********************/ + /* Function 0x06 */ + error_status_t epm_MgmtDelete( + [in] uint32 object_speced, + [in,ptr] GUID *object, + [in,ptr] epm_twr_t *tower + ); + + /**********************/ + /* Function 0x07 */ + [todo] error_status_t epm_MapAuth(); +} diff --git a/source4/librpc/idl/eventlog.idl b/source4/librpc/idl/eventlog.idl new file mode 100644 index 0000000000..ee42300c7c --- /dev/null +++ b/source4/librpc/idl/eventlog.idl @@ -0,0 +1,179 @@ +#include "idl_types.h" + +/* + eventlog interface definition +*/ + +import "lsa.idl", "security.idl"; + +[ uuid("82273fdc-e32a-18c3-3f78-827929dc23ea"), + version(0.0), + pointer_default(unique), + helpstring("Event Logger") +] interface eventlog +{ + typedef bitmap { + EVENTLOG_SEQUENTIAL_READ = 0x0001, + EVENTLOG_SEEK_READ = 0x0002, + EVENTLOG_FORWARDS_READ = 0x0004, + EVENTLOG_BACKWARDS_READ = 0x0008 + } eventlogReadFlags; + + typedef bitmap { + EVENTLOG_SUCCESS = 0x0000, + EVENTLOG_ERROR_TYPE = 0x0001, + EVENTLOG_WARNING_TYPE = 0x0002, + EVENTLOG_INFORMATION_TYPE = 0x0004, + EVENTLOG_AUDIT_SUCCESS = 0x0008, + EVENTLOG_AUDIT_FAILURE = 0x0010 + } eventlogEventTypes; + + typedef struct { + uint16 unknown0; + uint16 unknown1; + } eventlog_OpenUnknown0; + + typedef [public] struct { + uint32 size; + uint32 reserved; + uint32 record_number; + uint32 time_generated; + uint32 time_written; + uint32 event_id; + uint16 event_type; + uint16 num_of_strings; + uint16 event_category; + uint16 reserved_flags; + uint32 closing_record_number; + uint32 stringoffset; + uint32 sid_length; + uint32 sid_offset; + uint32 data_length; + uint32 data_offset; + nstring source_name; + nstring computer_name; + nstring strings[num_of_strings]; + astring raw_data; + } eventlog_Record; + + /******************/ + /* Function: 0x00 */ + NTSTATUS eventlog_ClearEventLogW( + [in] policy_handle *handle, + [in,unique] lsa_String *unknown + ); + + /******************/ + /* Function: 0x01 */ + [todo] NTSTATUS eventlog_BackupEventLogW(); + + /******************/ + /* Function: 0x02 */ + NTSTATUS eventlog_CloseEventLog( + [in,out] policy_handle *handle + ); + + /******************/ + /* Function: 0x03 */ + [todo] NTSTATUS eventlog_DeregisterEventSource(); + + /******************/ + /* Function: 0x04 */ + NTSTATUS eventlog_GetNumRecords( + [in] policy_handle *handle, + [out] uint32 *number + ); + + /******************/ + /* Function: 0x05 */ + [todo] NTSTATUS eventlog_GetOldestRecord(); + + /******************/ + /* Function: 0x06 */ + [todo] NTSTATUS eventlog_ChangeNotify(); + + /******************/ + /* Function: 0x07 */ + NTSTATUS eventlog_OpenEventLogW( + [in,unique] eventlog_OpenUnknown0 *unknown0, + [in] lsa_String logname, + [in] lsa_String servername, + [in] uint32 unknown2, + [in] uint32 unknown3, + [out] policy_handle *handle + ); + + /******************/ + /* Function: 0x08 */ + [todo] NTSTATUS eventlog_RegisterEventSourceW(); + + /******************/ + /* Function: 0x09 */ + [todo] NTSTATUS eventlog_OpenBackupEventLogW(); + + /******************/ + /* Function: 0x0a */ + NTSTATUS eventlog_ReadEventLogW( + [in] policy_handle *handle, + [in] uint32 flags, + [in] uint32 offset, + [in] uint32 number_of_bytes, + [out,size_is(number_of_bytes)] uint8 *data, + [out] uint32 *sent_size, + [out] uint32 *real_size + ); + + /*****************/ + /* Function 0x0b */ + [todo] NTSTATUS eventlog_ReportEventW(); + + /*****************/ + /* Function 0x0c */ + [todo] NTSTATUS eventlog_ClearEventLogA(); + + /******************/ + /* Function: 0x0d */ + [todo] NTSTATUS eventlog_BackupEventLogA(); + + /*****************/ + /* Function 0x0e */ + [todo] NTSTATUS eventlog_OpenEventLogA(); + + /*****************/ + /* Function 0x0f */ + [todo] NTSTATUS eventlog_RegisterEventSourceA(); + + /*****************/ + /* Function 0x10 */ + [todo] NTSTATUS eventlog_OpenBackupEventLogA(); + + /*****************/ + /* Function 0x11 */ + [todo] NTSTATUS eventlog_ReadEventLogA(); + + /*****************/ + /* Function 0x12 */ + [todo] NTSTATUS eventlog_ReportEventA(); + + /*****************/ + /* Function 0x13 */ + [todo] NTSTATUS eventlog_RegisterClusterSvc(); + + /*****************/ + /* Function 0x14 */ + [todo] NTSTATUS eventlog_DeregisterClusterSvc(); + + /*****************/ + /* Function 0x15 */ + [todo] NTSTATUS eventlog_WriteClusterEvents(); + + /*****************/ + /* Function 0x16 */ + [todo] NTSTATUS eventlog_GetLogIntormation(); + + /*****************/ + /* Function 0x17 */ + NTSTATUS eventlog_FlushEventLog( + [in] policy_handle *handle + ); +} diff --git a/source4/librpc/idl/frsapi.idl b/source4/librpc/idl/frsapi.idl new file mode 100644 index 0000000000..11593f479a --- /dev/null +++ b/source4/librpc/idl/frsapi.idl @@ -0,0 +1,121 @@ +#include "idl_types.h" + +import "misc.idl"; + +[ + uuid("d049b186-814f-11d1-9a3c-00c04fc9b232"), + version(1.1), + endpoint("ncacn_ip_tcp:", "ncalrpc:"), + helpstring("File Replication API"), + pointer_default(unique) +] +interface frsapi +{ + /****************/ + /* Function 0x00 */ + [todo] void FRSAPI_VERIFY_PROMOTION(); + + /****************/ + /* Function 0x01 */ + [todo] void FRSAPI_PROMOTION_STATUS(); + + /****************/ + /* Function 0x02 */ + [todo] void FRSAPI_START_DEMOTION(); + + /****************/ + /* Function 0x03 */ + [todo] void FRSAPI_COMMIT_DEMOTION(); + + /****************/ + /* Function 0x04 */ + + /* The DsPollingLongInterval and DsPollingShortInterval attributes + represent registry attributes below HKLM\System\CCS\Services\NtFrs */ + + WERROR frsapi_SetDsPollingIntervalW( + [in] uint32 CurrentInterval, + [in] uint32 DsPollingLongInterval, + [in] uint32 DsPollingShortInterval + ); + + /****************/ + /* Function 0x05 */ + WERROR frsapi_GetDsPollingIntervalW( + [out] uint32 *CurrentInterval, + [out] uint32 *DsPollingLongInterval, + [out] uint32 *DsPollingShortInterval + ); + + /****************/ + /* Function 0x06 */ + [todo] void FRSAPI_VERIFY_PROMOTION_W(); + + /****************/ + /* Function 0x07 */ + typedef [v1_enum] enum { + FRSAPI_INFO_VERSION = 0, + FRSAPI_INFO_SETS = 1, + FRSAPI_INFO_DS = 2, + FRSAPI_INFO_MEMORY = 3, + FRSAPI_INFO_IDTABLE = 4, + FRSAPI_INFO_OUTLOG = 5, + FRSAPI_INFO_INLOG = 6, + FRSAPI_INFO_THREADS = 7, + FRSAPI_INFO_STAGE = 8, + FRSAPI_INFO_CONFIGTABLE = 9 + } frsapi_InfoEnum; + + typedef struct { + uint32 length; + GUID guid; + uint32 length2; + uint32 unknown1; + frsapi_InfoEnum level; + uint32 query_counter; + uint32 unknown2; + uint32 offset; + uint32 blob_len; + /* [size_is(length-offset)] uint8 *data; */ + [subcontext_size(length-offset),subcontext(0),flag(NDR_REMAINING)] DATA_BLOB blob; + } frsapi_Info; + + WERROR frsapi_InfoW( + [in] [range(0,0x10000)] uint32 length, + /* [in,out] [size_is(length)] [unique] uint8 *data */ + [in,out,unique] frsapi_Info *info + + ); + + /****************/ + /* Function 0x08 */ + typedef [v1_enum] enum { + FRSAPI_REPLICA_SET_TYPE_0 = 0x00000000, + FRSAPI_REPLICA_SET_TYPE_DOMAIN = 0x00000002, + FRSAPI_REPLICA_SET_TYPE_DFS = 0x00000003 + } frsapi_ReplicaSetType; + + WERROR frsapi_IsPathReplicated( + [in,unique] [string,charset(UTF16)] uint16 *path, + [in] frsapi_ReplicaSetType replica_set_type, + [out] uint32 *unknown1, + [out] uint32 *unknown2, + [out] uint32 *unknown3, + [out] GUID *replica_set_guid + ); + + /****************/ + /* Function 0x09 */ + [todo] void FRSAPI_WRITER_COMMAND(); + + /****************/ + /* Function 0x0a */ + /* not supported before w2k3 sp2 */ + WERROR frsapi_ForceReplication( + [in,unique] GUID *guid1, + [in,unique] GUID *guid2, + [in,unique] [charset(UTF16),string] uint16 *replica_set, + [in,unique] [charset(UTF16),string] uint16 *partner_name + ); + +} diff --git a/source4/librpc/idl/frsrpc.idl b/source4/librpc/idl/frsrpc.idl new file mode 100644 index 0000000000..1019a25b28 --- /dev/null +++ b/source4/librpc/idl/frsrpc.idl @@ -0,0 +1,168 @@ +#include "idl_types.h" + +import "misc.idl"; + +[ + uuid("f5cc59b4-4264-101a-8c59-08002b2f8426"), + version(1.1), + endpoint("ncacn_ip_tcp:", "ncalrpc:"), + helpstring("File Replication Service"), + pointer_default(unique) +] +interface frsrpc +{ + /*****************/ + /* Function 0x00 */ + + /* TAG:3 this TLV contains a GUID and the name of the server sending + * the call + */ + typedef struct { + [subcontext(4)] GUID unknown1; + [subcontext(4)] nstring source_server; + } frsrpc_FrsSendCommPktChunkDataSSRV; + + /* TAG:4 this TLV contains a GUID and the name of the destination + * server the PDU is sent to + */ + typedef struct { + [subcontext(4)] GUID unknown1; + [subcontext(4)] nstring dest_server; + } frsrpc_FrsSendCommPktChunkDataDSRV; + + /* TAG:18 this TLV contains a timestamp + */ + typedef struct { + [subcontext(4)] NTTIME time; + } frsrpc_FrsSendCommPktChunkDataTS; + + + typedef struct { + uint32 unknown1; + } frsrpc_FrsSendCommPktChunkDataA; + + typedef struct { + uint32 unknown1; + GUID unknown2; + [subcontext(4)] nstring unknown3; + } frsrpc_FrsSendCommPktChunkDataB; + + typedef struct { + uint32 unknown1; + GUID unknown2; + } frsrpc_FrsSendCommPktChunkDataC; + + typedef [nodiscriminant] union { + [default,flag(NDR_REMAINING)] DATA_BLOB blob; + [case(1)] frsrpc_FrsSendCommPktChunkDataA A; + [case(2)] frsrpc_FrsSendCommPktChunkDataA A; + [case(3)] frsrpc_FrsSendCommPktChunkDataSSRV SSRV; + [case(4)] frsrpc_FrsSendCommPktChunkDataDSRV DSRV; + [case(5)] frsrpc_FrsSendCommPktChunkDataB B; + [case(8)] frsrpc_FrsSendCommPktChunkDataB B; + [case(6)] frsrpc_FrsSendCommPktChunkDataC C; + [case(18)] frsrpc_FrsSendCommPktChunkDataTS TS; + [case(19)] frsrpc_FrsSendCommPktChunkDataA A; + } frsrpc_FrsSendCommPktChunkData; + + typedef struct { + uint16 type; + [subcontext(4),switch_is(type)] frsrpc_FrsSendCommPktChunkData data; + } frsrpc_FrsSendCommPktChunk; + + typedef [flag(NDR_NOALIGN)] struct { + frsrpc_FrsSendCommPktChunk chunk1; + frsrpc_FrsSendCommPktChunk chunk2; + frsrpc_FrsSendCommPktChunk chunk3; + frsrpc_FrsSendCommPktChunk chunk4; + frsrpc_FrsSendCommPktChunk chunk5; + frsrpc_FrsSendCommPktChunk chunk6; + frsrpc_FrsSendCommPktChunk chunk7; + frsrpc_FrsSendCommPktChunk chunk8; + frsrpc_FrsSendCommPktChunk chunk9; + } frsrpc_FrsSendCommPktChunkCtr; + + typedef struct { + uint32 unknown1; + uint32 unknown2; + uint32 unknown3; + uint32 unknown4; + uint32 tlv_size; + uint32 unknown6; + uint32 unknown7; /* This may be a UNIQUE pointer? */ + uint32 unknown8; + uint32 unknown9; + /* + * The format of this blob is this a concatenation + * of TLVs which are not really NDR encoded. + * + * The individual TLVs are encoded as : + * struct { + * uint16 type; + * [subcontext(4),switch_is(type)] chunk_data data; + * } chunk; + * + * some of the chunk are like this: + * + * struct { + * uint32 unknown; // 0x00000010 + * struct GUID guid; + * lstring string; + * } ...; + * + * + * The tags are (might be) : + * 3: Source server sending the PDU + * 4: Destination server the PDU is sent to + * 18: Timestamp + * + */ + [subcontext(4)/*,size_is(tlv_size)*/] frsrpc_FrsSendCommPktChunkCtr *chunks; + uint32 unknown10; + uint32 unknown11; + } frsrpc_FrsSendCommPktReq; + + WERROR frsrpc_FrsSendCommPkt( + [in] frsrpc_FrsSendCommPktReq req + ); + + /*****************/ + /* Function 0x01 */ + [todo] void FRSRPC_VERIFY_PROMOTION_PARENT(); + + /*****************/ + /* Function 0x02 */ + [todo] void FRSRPC_START_PROMOTION_PARENT(); + + /*****************/ + /* Function 0x03 */ + [todo] void FRSRPC_NOP(); + + /*****************/ + /* Function 0x04 */ + [todo] void FRSRPC_BACKUP_COMPLETE(); + + /*****************/ + /* Function 0x05 */ + [todo] void FRSRPC_BACKUP_COMPLETE_5(); + + /*****************/ + /* Function 0x06 */ + [todo] void FRSRPC_BACKUP_COMPLETE_6(); + + /*****************/ + /* Function 0x07 */ + [todo] void FRSRPC_BACKUP_COMPLETE_7(); + + /*****************/ + /* Function 0x08 */ + [todo] void FRSRPC_BACKUP_COMPLETE_8(); + + /*****************/ + /* Function 0x09 */ + [todo] void FRSRPC_BACKUP_COMPLETE_9(); + + /*****************/ + /* Function 0x0a */ + [todo] void FRSRPC_VERIFY_PROMOTION_PARENT_EX(); +} diff --git a/source4/librpc/idl/idl_types.h b/source4/librpc/idl/idl_types.h new file mode 100644 index 0000000000..9885ca5bf6 --- /dev/null +++ b/source4/librpc/idl/idl_types.h @@ -0,0 +1,69 @@ +#define STR_ASCII LIBNDR_FLAG_STR_ASCII +#define STR_LEN4 LIBNDR_FLAG_STR_LEN4 +#define STR_SIZE4 LIBNDR_FLAG_STR_SIZE4 +#define STR_SIZE2 LIBNDR_FLAG_STR_SIZE2 +#define STR_NOTERM LIBNDR_FLAG_STR_NOTERM +#define STR_NULLTERM LIBNDR_FLAG_STR_NULLTERM +#define STR_BYTESIZE LIBNDR_FLAG_STR_BYTESIZE +#define STR_CONFORMANT LIBNDR_FLAG_STR_CONFORMANT +#define STR_CHARLEN LIBNDR_FLAG_STR_CHARLEN +#define STR_UTF8 LIBNDR_FLAG_STR_UTF8 + +/* + a null terminated UCS2 string +*/ +#define nstring [flag(STR_NULLTERM)] string + +/* + an ascii string prefixed with [offset] [length], both 32 bits + null terminated +*/ +#define ascstr2 [flag(STR_ASCII|STR_LEN4)] string + +/* + an ascii string prefixed with [size], 32 bits +*/ +#define asclstr [flag(STR_ASCII|STR_SIZE4)] string + +/* + an ascii string prefixed with [size], 16 bits + null terminated +*/ +#define ascstr3 [flag(STR_ASCII|STR_SIZE2)] string + +/* + an ascii string prefixed with [size] [offset] [length], all 32 bits + not null terminated +*/ +#define ascstr_noterm [flag(STR_NOTERM|STR_ASCII|STR_SIZE4|STR_LEN4)] string + +/* + a null terminated ascii string +*/ +#define astring [flag(STR_ASCII|STR_NULLTERM)] string + +/* + a null terminated UTF8 string +*/ +#define utf8string [flag(STR_UTF8|STR_NULLTERM)] string + +/* + a null terminated UCS2 string +*/ +#define nstring_array [flag(STR_NULLTERM)] string_array + +#define NDR_NOALIGN LIBNDR_FLAG_NOALIGN +#define NDR_REMAINING LIBNDR_FLAG_REMAINING +#define NDR_ALIGN2 LIBNDR_FLAG_ALIGN2 +#define NDR_ALIGN4 LIBNDR_FLAG_ALIGN4 +#define NDR_ALIGN8 LIBNDR_FLAG_ALIGN8 + +/* this flag is used to force a section of IDL as little endian. It is + needed for the epmapper IDL, which is defined as always being LE */ +#define NDR_LITTLE_ENDIAN LIBNDR_FLAG_LITTLE_ENDIAN +#define NDR_BIG_ENDIAN LIBNDR_FLAG_BIGENDIAN + +/* + this is used to control formatting of uint8 arrays +*/ +#define NDR_PAHEX LIBNDR_PRINT_ARRAY_HEX diff --git a/source4/librpc/idl/initshutdown.idl b/source4/librpc/idl/initshutdown.idl new file mode 100644 index 0000000000..ac30be70dd --- /dev/null +++ b/source4/librpc/idl/initshutdown.idl @@ -0,0 +1,45 @@ +#include "idl_types.h" + +/* + initshutdown interface definition +*/ + +import "lsa.idl"; + +[ + uuid("894de0c0-0d55-11d3-a322-00c04fa321a1"), + version(1.0), + endpoint("ncacn_np:[\\pipe\\InitShutdown]"), + pointer_default(unique), + helpstring("Init shutdown service") +] interface initshutdown +{ + WERROR initshutdown_Init( + [in,unique] uint16 *hostname, + /* + * Note: lsa_String and winreg_String both result + * in WERR_INVALID_PARAM + */ + [in,unique] lsa_StringLarge *message, + [in] uint32 timeout, + [in] uint8 force_apps, + [in] uint8 reboot + ); + + WERROR initshutdown_Abort( + [in,unique] uint16 *server + ); + + WERROR initshutdown_InitEx( + [in,unique] uint16 *hostname, + /* + * Note: lsa_String and winreg_String both result + * in WERR_INVALID_PARAM + */ + [in,unique] lsa_StringLarge *message, + [in] uint32 timeout, + [in] uint8 force_apps, + [in] uint8 reboot, + [in] uint32 reason + ); +} diff --git a/source4/librpc/idl/irpc.idl b/source4/librpc/idl/irpc.idl new file mode 100644 index 0000000000..e3ea7e55e1 --- /dev/null +++ b/source4/librpc/idl/irpc.idl @@ -0,0 +1,144 @@ +#include "idl_types.h" + +import "misc.idl", "security.idl", "nbt.idl"; + +/* + definitions for irpc primitives +*/ +[ uuid("e770c620-0b06-4b5e-8d87-a26e20f28340"), + version(1.0), + pointer_default(unique) +] interface irpc +{ + typedef bitmap { + IRPC_FLAG_REPLY = 0x0001 + } irpc_flags; + + typedef [public,noejs] struct { + GUID uuid; + uint32 if_version; + uint32 callnum; + uint32 callid; + irpc_flags flags; + NTSTATUS status; + } irpc_header; + + /****************************************************** + uptime call - supported by all messaging servers + *******************************************************/ + void irpc_uptime([out,ref] NTTIME *start_time); + + /****************************************************** + management calls for the nbt server + ******************************************************/ + typedef [v1_enum] enum { + NBTD_INFO_STATISTICS + } nbtd_info_level; + + typedef struct { + hyper total_received; + hyper total_sent; + hyper query_count; + hyper register_count; + hyper release_count; + } nbtd_statistics; + + typedef [switch_type(nbtd_info_level)] union { + [case(NBTD_INFO_STATISTICS)] nbtd_statistics *stats; + } nbtd_info; + + void nbtd_information( + [in] nbtd_info_level level, + [out,switch_is(level)] nbtd_info info + ); + + /* Send a GetDCName from the privilaged port (owned by nbtd), + * and await a reply */ + + void nbtd_getdcname( + [in] astring domainname, + [in] astring ip_address, + [in] astring my_computername, + [in] astring my_accountname, + [in] uint32 account_control, + [in] dom_sid *domain_sid, + [out,unique] astring *dcname + ); + + typedef [noejs] struct { + ipv4address addr; + } nbtd_proxy_wins_addr; + + [noejs] void nbtd_proxy_wins_challenge( + [in] nbt_name name, + [in,out] uint32 num_addrs, + [in,out] nbtd_proxy_wins_addr addrs[num_addrs] + ); + + [noejs] void nbtd_proxy_wins_release_demand( + [in] nbt_name name, + [in] uint32 num_addrs, + [in] nbtd_proxy_wins_addr addrs[num_addrs] + ); + + /* + Generic Kerberos package call (on the NETLOGON pipe, as a SamLogon) + + The normal use for this call is to check the PAC signature in the KDC + + The KDC has the routines to check this, so it is easier to + proxy the request over by IRPC than set up the environment + */ + + void kdc_check_generic_kerberos( + [in] DATA_BLOB generic_request, + [out] DATA_BLOB generic_reply + ); + + /****************************************************** + management calls for the smb server + ******************************************************/ + typedef [v1_enum] enum { + SMBSRV_INFO_SESSIONS, + SMBSRV_INFO_TCONS + } smbsrv_info_level; + + typedef struct { + hyper vuid; + astring account_name; + astring domain_name; + astring client_ip; + NTTIME connect_time; + NTTIME auth_time; + NTTIME last_use_time; + } smbsrv_session_info; + + typedef struct { + uint32 num_sessions; + [size_is(num_sessions)] smbsrv_session_info *sessions; + } smbsrv_sessions; + + typedef struct { + uint32 tid; + astring share_name; + astring client_ip; + NTTIME connect_time; + NTTIME last_use_time; + } smbsrv_tcon_info; + + typedef struct { + uint32 num_tcons; + [size_is(num_tcons)] smbsrv_tcon_info *tcons; + } smbsrv_tcons; + + typedef [switch_type(smbsrv_info_level)] union { + [case(SMBSRV_INFO_SESSIONS)] smbsrv_sessions sessions; + [case(SMBSRV_INFO_TCONS)] smbsrv_tcons tcons; + } smbsrv_info; + + void smbsrv_information( + [in] smbsrv_info_level level, + [out,switch_is(level)] smbsrv_info info + ); + +} diff --git a/source4/librpc/idl/keysvc.idl b/source4/librpc/idl/keysvc.idl new file mode 100644 index 0000000000..9d05f7d8dc --- /dev/null +++ b/source4/librpc/idl/keysvc.idl @@ -0,0 +1,16 @@ +/* + cryptographic key services interface +*/ + + +/* Also seen as: 0d72a7d4-6148-11d1-b4aa-00c04fb66ea0 */ +[ + uuid("8d0ffe72-d252-11d0-bf8f-00c04fd9126b"), + pointer_default(unique), + version(1.0), + helpstring("Cryptographic Key Services") +] +interface keysvc +{ + WERROR keysvc_Unknown0(); +} diff --git a/source4/librpc/idl/krb5pac.idl b/source4/librpc/idl/krb5pac.idl new file mode 100644 index 0000000000..bddba04165 --- /dev/null +++ b/source4/librpc/idl/krb5pac.idl @@ -0,0 +1,130 @@ +/* + krb5 PAC +*/ + +#include "idl_types.h" + +import "security.idl", "netlogon.idl", "samr.idl"; + +[ + uuid("12345778-1234-abcd-0000-00000000"), + version(0.0), + pointer_default(unique), + helpstring("Active Directory KRB5 PAC") +] +interface krb5pac +{ + typedef struct { + NTTIME logon_time; + [value(2*strlen_m(account_name))] uint16 size; + [charset(UTF16)] uint8 account_name[size]; + } PAC_LOGON_NAME; + + typedef [public,flag(NDR_PAHEX)] struct { + uint32 type; + [flag(NDR_REMAINING)] DATA_BLOB signature; + } PAC_SIGNATURE_DATA; + + typedef [gensize] struct { + netr_SamInfo3 info3; + dom_sid2 *res_group_dom_sid; + samr_RidWithAttributeArray res_groups; + } PAC_LOGON_INFO; + + typedef struct { + [value(2*strlen_m(upn_name))] uint16 upn_size; + uint16 upn_offset; + [value(2*strlen_m(domain_name))] uint16 domain_size; + uint16 domain_offset; + uint16 unknown3; /* 0x01 */ + uint16 unknown4; + uint32 unknown5; + [charset(UTF16)] uint8 upn_name[upn_size+2]; + [charset(UTF16)] uint8 domain_name[domain_size+2]; + uint32 unknown6; /* padding */ + } PAC_UNKNOWN_12; + + typedef [public] struct { + PAC_LOGON_INFO *info; + } PAC_LOGON_INFO_CTR; + + typedef [public,v1_enum] enum { + PAC_TYPE_LOGON_INFO = 1, + PAC_TYPE_SRV_CHECKSUM = 6, + PAC_TYPE_KDC_CHECKSUM = 7, + PAC_TYPE_LOGON_NAME = 10, + PAC_TYPE_CONSTRAINED_DELEGATION = 11, + PAC_TYPE_UNKNOWN_12 = 12 + } PAC_TYPE; + + typedef struct { + [flag(NDR_REMAINING)] DATA_BLOB remaining; + } DATA_BLOB_REM; + + typedef [public,nodiscriminant,gensize] union { + [case(PAC_TYPE_LOGON_INFO)][subcontext(0xFFFFFC01)] PAC_LOGON_INFO_CTR logon_info; + [case(PAC_TYPE_SRV_CHECKSUM)] PAC_SIGNATURE_DATA srv_cksum; + [case(PAC_TYPE_KDC_CHECKSUM)] PAC_SIGNATURE_DATA kdc_cksum; + [case(PAC_TYPE_LOGON_NAME)] PAC_LOGON_NAME logon_name; + /* when new PAC info types are added they are supposed to be done + in such a way that they are backwards compatible with existing + servers. This makes it safe to just use a [default] for + unknown types, which lets us ignore the data */ + [default] [subcontext(0)] DATA_BLOB_REM unknown; + /* [case(PAC_TYPE_UNKNOWN_12)] PAC_UNKNOWN_12 unknown; */ + } PAC_INFO; + + typedef [public,nopush,nopull,noprint] struct { + PAC_TYPE type; + [value(_ndr_size_PAC_INFO(info, type, 0))] uint32 _ndr_size; + [relative,switch_is(type),subcontext(0),subcontext_size(_subcontext_size_PAC_INFO(r, ndr->flags)),flag(NDR_ALIGN8)] PAC_INFO *info; + [value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */ + } PAC_BUFFER; + + typedef [public] struct { + uint32 num_buffers; + uint32 version; + PAC_BUFFER buffers[num_buffers]; + } PAC_DATA; + + typedef [public] struct { + PAC_TYPE type; + uint32 ndr_size; + [relative,subcontext(0),subcontext_size(NDR_ROUND(ndr_size,8)),flag(NDR_ALIGN8)] DATA_BLOB_REM *info; + [value(0)] uint32 _pad; /* Top half of a 64 bit pointer? */ + } PAC_BUFFER_RAW; + + typedef [public] struct { + uint32 num_buffers; + uint32 version; + PAC_BUFFER_RAW buffers[num_buffers]; + } PAC_DATA_RAW; + + const int NETLOGON_GENERIC_KRB5_PAC_VALIDATE = 3; + + typedef [public] struct { + [value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] uint32 MessageType; + uint32 ChecksumLength; + int32 SignatureType; + uint32 SignatureLength; + [flag(NDR_REMAINING)] DATA_BLOB ChecksumAndSignature; + } PAC_Validate; + + void decode_pac( + [in] PAC_DATA pac + ); + + void decode_pac_raw( + [in] PAC_DATA_RAW pac + ); + + void decode_login_info( + [in] PAC_LOGON_INFO logon_info + ); + + void decode_pac_validate( + [in] PAC_Validate pac_validate + ); + + +} diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl new file mode 100644 index 0000000000..b26d50c173 --- /dev/null +++ b/source4/librpc/idl/lsa.idl @@ -0,0 +1,1164 @@ +#include "idl_types.h" + +/* + lsa interface definition +*/ + +import "misc.idl", "security.idl"; + +[ uuid("12345778-1234-abcd-ef00-0123456789ab"), + version(0.0), + endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\netlogon]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"), + pointer_default(unique), + helpstring("Local Security Authority") +] interface lsarpc +{ + typedef bitmap security_secinfo security_secinfo; + typedef bitmap kerb_EncTypes kerb_EncTypes; + + typedef [public,noejs] struct { + [value(2*strlen_m(string))] uint16 length; + [value(2*strlen_m(string))] uint16 size; + [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string; + } lsa_String; + + typedef [public] struct { + [value(2*strlen_m(string))] uint16 length; + [value(2*strlen_m_term(string))] uint16 size; + [charset(UTF16),size_is(size/2),length_is(length/2)] uint16 *string; + } lsa_StringLarge; + + typedef [public] struct { + uint32 count; + [size_is(count)] lsa_String *names; + } lsa_Strings; + + typedef [public] struct { + [value(strlen_m(string))] uint16 length; + [value(strlen_m(string))] uint16 size; + [charset(DOS),size_is(size),length_is(length)] uint8 *string; + } lsa_AsciiString; + + typedef [public] struct { + [value(strlen_m(string))] uint16 length; + [value(strlen_m_term(string))] uint16 size; + [charset(DOS),size_is(size),length_is(length)] uint8 *string; + } lsa_AsciiStringLarge; + + /******************/ + /* Function: 0x00 */ + NTSTATUS lsa_Close ( + [in,out] policy_handle *handle + ); + + + /******************/ + /* Function: 0x01 */ + [public] NTSTATUS lsa_Delete ( + [in] policy_handle *handle + ); + + + /******************/ + /* Function: 0x02 */ + typedef struct { + uint32 low; + uint32 high; + } lsa_LUID; + + typedef struct { + lsa_StringLarge name; + lsa_LUID luid; + } lsa_PrivEntry; + + typedef struct { + uint32 count; + [size_is(count)] lsa_PrivEntry *privs; + } lsa_PrivArray; + + [public] NTSTATUS lsa_EnumPrivs ( + [in] policy_handle *handle, + [in,out] uint32 *resume_handle, + [in] uint32 max_count, + [out] lsa_PrivArray *privs + ); + + /******************/ + /* Function: 0x03 */ + + NTSTATUS lsa_QuerySecurity ( + [in] policy_handle *handle, + [in] security_secinfo sec_info, + [out,unique] sec_desc_buf *sdbuf + ); + + + /******************/ + /* Function: 0x04 */ + [todo] NTSTATUS lsa_SetSecObj (); + + + /******************/ + /* Function: 0x05 */ + [todo] NTSTATUS lsa_ChangePassword (); + + + /******************/ + /* Function: 0x06 */ + typedef struct { + uint32 len; /* ignored */ + uint16 impersonation_level; + uint8 context_mode; + uint8 effective_only; + } lsa_QosInfo; + + typedef struct { + uint32 len; /* ignored */ + uint8 *root_dir; + [string,charset(UTF16)] uint16 *object_name; + uint32 attributes; + security_descriptor *sec_desc; + lsa_QosInfo *sec_qos; + } lsa_ObjectAttribute; + + /* notice the screwup with the system_name - thats why MS created + OpenPolicy2 */ + [public] NTSTATUS lsa_OpenPolicy ( + [in,unique] uint16 *system_name, + [in] lsa_ObjectAttribute *attr, + [in] uint32 access_mask, + [out] policy_handle *handle + ); + + + + /******************/ + /* Function: 0x07 */ + + typedef struct { + uint32 percent_full; + uint32 log_size; + NTTIME retention_time; + uint8 shutdown_in_progress; + NTTIME time_to_shutdown; + uint32 next_audit_record; + uint32 unknown; + } lsa_AuditLogInfo; + + typedef [v1_enum] enum { + LSA_AUDIT_POLICY_NONE=0, + LSA_AUDIT_POLICY_SUCCESS=1, + LSA_AUDIT_POLICY_FAILURE=2, + LSA_AUDIT_POLICY_ALL=(LSA_AUDIT_POLICY_SUCCESS|LSA_AUDIT_POLICY_FAILURE), + LSA_AUDIT_POLICY_CLEAR=4 + } lsa_PolicyAuditPolicy; + + typedef enum { + LSA_AUDIT_CATEGORY_SYSTEM = 0, + LSA_AUDIT_CATEGORY_LOGON = 1, + LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS = 2, + LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS = 3, + LSA_AUDIT_CATEGORY_PROCCESS_TRACKING = 4, + LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES = 5, + LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT = 6, + LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS = 7, /* only in win2k/2k3 */ + LSA_AUDIT_CATEGORY_ACCOUNT_LOGON = 8 /* only in win2k/2k3 */ + } lsa_PolicyAuditEventType; + + typedef struct { + uint32 auditing_mode; + [size_is(count)] lsa_PolicyAuditPolicy *settings; + uint32 count; + } lsa_AuditEventsInfo; + + typedef struct { + lsa_StringLarge name; + dom_sid2 *sid; + } lsa_DomainInfo; + + typedef struct { + lsa_String name; + } lsa_PDAccountInfo; + + typedef struct { + uint16 unknown; /* an midl padding bug? */ + uint16 role; + } lsa_ServerRole; + + typedef struct { + lsa_String source; + lsa_String account; + } lsa_ReplicaSourceInfo; + + typedef struct { + uint32 paged_pool; + uint32 non_paged_pool; + uint32 min_wss; + uint32 max_wss; + uint32 pagefile; + hyper unknown; + } lsa_DefaultQuotaInfo; + + typedef struct { + hyper modified_id; + NTTIME db_create_time; + } lsa_ModificationInfo; + + typedef struct { + uint8 shutdown_on_full; + } lsa_AuditFullSetInfo; + + typedef struct { + uint16 unknown; /* an midl padding bug? */ + uint8 shutdown_on_full; + uint8 log_is_full; + } lsa_AuditFullQueryInfo; + + typedef struct { + /* it's important that we use the lsa_StringLarge here, + * because otherwise windows clients result with such dns hostnames + * e.g. w2k3-client.samba4.samba.orgsamba4.samba.org + * where it should be + * w2k3-client.samba4.samba.org + */ + lsa_StringLarge name; + lsa_StringLarge dns_domain; + lsa_StringLarge dns_forest; + GUID domain_guid; + dom_sid2 *sid; + } lsa_DnsDomainInfo; + + typedef enum { + LSA_POLICY_INFO_AUDIT_LOG=1, + LSA_POLICY_INFO_AUDIT_EVENTS=2, + LSA_POLICY_INFO_DOMAIN=3, + LSA_POLICY_INFO_PD=4, + LSA_POLICY_INFO_ACCOUNT_DOMAIN=5, + LSA_POLICY_INFO_ROLE=6, + LSA_POLICY_INFO_REPLICA=7, + LSA_POLICY_INFO_QUOTA=8, + LSA_POLICY_INFO_DB=9, + LSA_POLICY_INFO_AUDIT_FULL_SET=10, + LSA_POLICY_INFO_AUDIT_FULL_QUERY=11, + LSA_POLICY_INFO_DNS=12 + } lsa_PolicyInfo; + + typedef [switch_type(uint16)] union { + [case(LSA_POLICY_INFO_AUDIT_LOG)] lsa_AuditLogInfo audit_log; + [case(LSA_POLICY_INFO_AUDIT_EVENTS)] lsa_AuditEventsInfo audit_events; + [case(LSA_POLICY_INFO_DOMAIN)] lsa_DomainInfo domain; + [case(LSA_POLICY_INFO_PD)] lsa_PDAccountInfo pd; + [case(LSA_POLICY_INFO_ACCOUNT_DOMAIN)] lsa_DomainInfo account_domain; + [case(LSA_POLICY_INFO_ROLE)] lsa_ServerRole role; + [case(LSA_POLICY_INFO_REPLICA)] lsa_ReplicaSourceInfo replica; + [case(LSA_POLICY_INFO_QUOTA)] lsa_DefaultQuotaInfo quota; + [case(LSA_POLICY_INFO_DB)] lsa_ModificationInfo db; + [case(LSA_POLICY_INFO_AUDIT_FULL_SET)] lsa_AuditFullSetInfo auditfullset; + [case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery; + [case(LSA_POLICY_INFO_DNS)] lsa_DnsDomainInfo dns; + } lsa_PolicyInformation; + + NTSTATUS lsa_QueryInfoPolicy ( + [in] policy_handle *handle, + [in] lsa_PolicyInfo level, + [out,unique,switch_is(level)] lsa_PolicyInformation *info + ); + + /******************/ + /* Function: 0x08 */ + NTSTATUS lsa_SetInfoPolicy ( + [in] policy_handle *handle, + [in] lsa_PolicyInfo level, + [in,switch_is(level)] lsa_PolicyInformation *info + ); + + /******************/ + /* Function: 0x09 */ + [todo] NTSTATUS lsa_ClearAuditLog (); + + /******************/ + /* Function: 0x0a */ + [public] NTSTATUS lsa_CreateAccount ( + [in] policy_handle *handle, + [in] dom_sid2 *sid, + [in] uint32 access_mask, + [out] policy_handle *acct_handle + ); + + /******************/ + /* NOTE: This only returns accounts that have at least + one privilege set + */ + /* Function: 0x0b */ + typedef struct { + dom_sid2 *sid; + } lsa_SidPtr; + + typedef [public] struct { + [range(0,1000)] uint32 num_sids; + [size_is(num_sids)] lsa_SidPtr *sids; + } lsa_SidArray; + + [public] NTSTATUS lsa_EnumAccounts ( + [in] policy_handle *handle, + [in,out] uint32 *resume_handle, + [in,range(0,8192)] uint32 num_entries, + [out] lsa_SidArray *sids + ); + + + /*************************************************/ + /* Function: 0x0c */ + + [public] NTSTATUS lsa_CreateTrustedDomain( + [in] policy_handle *policy_handle, + [in] lsa_DomainInfo *info, + [in] uint32 access_mask, + [out] policy_handle *trustdom_handle + ); + + + /******************/ + /* Function: 0x0d */ + + /* w2k3 treats max_size as max_domains*60 */ + const int LSA_ENUM_TRUST_DOMAIN_MULTIPLIER = 60; + + typedef struct { + uint32 count; + [size_is(count)] lsa_DomainInfo *domains; + } lsa_DomainList; + + NTSTATUS lsa_EnumTrustDom ( + [in] policy_handle *handle, + [in,out] uint32 *resume_handle, + [in] uint32 max_size, + [out] lsa_DomainList *domains + ); + + + /******************/ + /* Function: 0x0e */ + typedef [public] enum { + SID_NAME_USE_NONE = 0,/* NOTUSED */ + SID_NAME_USER = 1, /* user */ + SID_NAME_DOM_GRP = 2, /* domain group */ + SID_NAME_DOMAIN = 3, /* domain: don't know what this is */ + SID_NAME_ALIAS = 4, /* local group */ + SID_NAME_WKN_GRP = 5, /* well-known group */ + SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */ + SID_NAME_INVALID = 7, /* invalid account */ + SID_NAME_UNKNOWN = 8, /* oops. */ + SID_NAME_COMPUTER = 9 /* machine */ + } lsa_SidType; + + typedef struct { + lsa_SidType sid_type; + uint32 rid; + uint32 sid_index; + } lsa_TranslatedSid; + + typedef struct { + [range(0,1000)] uint32 count; + [size_is(count)] lsa_TranslatedSid *sids; + } lsa_TransSidArray; + + const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32; + typedef struct { + [range(0,1000)] uint32 count; + [size_is(count)] lsa_DomainInfo *domains; + uint32 max_size; + } lsa_RefDomainList; + + /* Level 1: Ask everywhere + * Level 2: Ask domain and trusted domains, no builtin and wkn + * Level 3: Only ask domain + * Level 4: W2k3ad: Only ask AD trusts + * Level 5: Only ask transitive forest trusts + * Level 6: Like 4 + */ + + typedef enum { + LSA_LOOKUP_NAMES_ALL = 1, + LSA_LOOKUP_NAMES_DOMAINS_ONLY = 2, + LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY = 3, + LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY = 4, + LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY = 5, + LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2 = 6 + } lsa_LookupNamesLevel; + + [public] NTSTATUS lsa_LookupNames ( + [in] policy_handle *handle, + [in,range(0,1000)] uint32 num_names, + [in,size_is(num_names)] lsa_String names[], + [out,unique] lsa_RefDomainList *domains, + [in,out] lsa_TransSidArray *sids, + [in] lsa_LookupNamesLevel level, + [in,out] uint32 *count + ); + + + /******************/ + /* Function: 0x0f */ + + typedef struct { + lsa_SidType sid_type; + lsa_String name; + uint32 sid_index; + } lsa_TranslatedName; + + typedef struct { + [range(0,1000)] uint32 count; + [size_is(count)] lsa_TranslatedName *names; + } lsa_TransNameArray; + + [public] NTSTATUS lsa_LookupSids ( + [in] policy_handle *handle, + [in] lsa_SidArray *sids, + [out,unique] lsa_RefDomainList *domains, + [in,out] lsa_TransNameArray *names, + [in] uint16 level, + [in,out] uint32 *count + ); + + + /* Function: 0x10 */ + [public] NTSTATUS lsa_CreateSecret( + [in] policy_handle *handle, + [in] lsa_String name, + [in] uint32 access_mask, + [out] policy_handle *sec_handle + ); + + + /*****************************************/ + /* Function: 0x11 */ + NTSTATUS lsa_OpenAccount ( + [in] policy_handle *handle, + [in] dom_sid2 *sid, + [in] uint32 access_mask, + [out] policy_handle *acct_handle + ); + + + /****************************************/ + /* Function: 0x12 */ + + typedef struct { + lsa_LUID luid; + uint32 attribute; + } lsa_LUIDAttribute; + + typedef struct { + [range(0,1000)] uint32 count; + uint32 unknown; + [size_is(count)] lsa_LUIDAttribute set[*]; + } lsa_PrivilegeSet; + + NTSTATUS lsa_EnumPrivsAccount ( + [in] policy_handle *handle, + [out,unique] lsa_PrivilegeSet *privs + ); + + + /****************************************/ + /* Function: 0x13 */ + NTSTATUS lsa_AddPrivilegesToAccount( + [in] policy_handle *handle, + [in] lsa_PrivilegeSet *privs + ); + + + /****************************************/ + /* Function: 0x14 */ + NTSTATUS lsa_RemovePrivilegesFromAccount( + [in] policy_handle *handle, + [in] uint8 remove_all, + [in,unique] lsa_PrivilegeSet *privs + ); + + /* Function: 0x15 */ + [todo] NTSTATUS lsa_GetQuotasForAccount(); + + /* Function: 0x16 */ + [todo] NTSTATUS lsa_SetQuotasForAccount(); + + /* Function: 0x17 */ + [todo] NTSTATUS lsa_GetSystemAccessAccount(); + /* Function: 0x18 */ + [todo] NTSTATUS lsa_SetSystemAccessAccount(); + + /* Function: 0x19 */ + NTSTATUS lsa_OpenTrustedDomain( + [in] policy_handle *handle, + [in] dom_sid2 *sid, + [in] uint32 access_mask, + [out] policy_handle *trustdom_handle + ); + + typedef [flag(NDR_PAHEX)] struct { + uint32 length; + uint32 size; + [size_is(size),length_is(length)] uint8 *data; + } lsa_DATA_BUF; + + typedef [flag(NDR_PAHEX)] struct { + [range(0,65536)] uint32 size; + [size_is(size)] uint8 *data; + } lsa_DATA_BUF2; + + typedef enum { + LSA_TRUSTED_DOMAIN_INFO_NAME = 1, + LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS = 2, + LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET = 3, + LSA_TRUSTED_DOMAIN_INFO_PASSWORD = 4, + LSA_TRUSTED_DOMAIN_INFO_BASIC = 5, + LSA_TRUSTED_DOMAIN_INFO_INFO_EX = 6, + LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO = 7, + LSA_TRUSTED_DOMAIN_INFO_FULL_INFO = 8, + LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL = 9, + LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL = 10, + LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL = 11, + LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL = 12, + LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES = 13 + } lsa_TrustDomInfoEnum; + + typedef [public,bitmap32bit] bitmap { + LSA_TRUST_DIRECTION_INBOUND = 0x00000001, + LSA_TRUST_DIRECTION_OUTBOUND = 0x00000002 + } lsa_TrustDirection; + + typedef [v1_enum] enum { + LSA_TRUST_TYPE_DOWNLEVEL = 0x00000001, + LSA_TRUST_TYPE_UPLEVEL = 0x00000002, + LSA_TRUST_TYPE_MIT = 0x00000003 + } lsa_TrustType; + + typedef [public,bitmap32bit] bitmap { + LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001, + LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002, + LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004, + LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008, + LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010, + LSA_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020, + LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040, + LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION = 0x00000080 + } lsa_TrustAttributes; + + typedef struct { + lsa_StringLarge netbios_name; + } lsa_TrustDomainInfoName; + + + typedef struct { + uint32 entries; + [size_is(entries)] lsa_StringLarge *netbios_names; + } lsa_TrustDomainInfoControllers; + + typedef struct { + uint32 posix_offset; + } lsa_TrustDomainInfoPosixOffset; + + typedef struct { + lsa_DATA_BUF *password; + lsa_DATA_BUF *old_password; + } lsa_TrustDomainInfoPassword; + + typedef struct { + lsa_String netbios_name; + dom_sid2 *sid; + } lsa_TrustDomainInfoBasic; + + typedef struct { + lsa_StringLarge domain_name; + lsa_StringLarge netbios_name; + dom_sid2 *sid; + lsa_TrustDirection trust_direction; + lsa_TrustType trust_type; + lsa_TrustAttributes trust_attributes; + } lsa_TrustDomainInfoInfoEx; + + typedef [public,v1_enum] enum { + TRUST_AUTH_TYPE_NONE = 0, + TRUST_AUTH_TYPE_NT4OWF = 1, + TRUST_AUTH_TYPE_CLEAR = 2, + TRUST_AUTH_TYPE_VERSION = 3 + } lsa_TrustAuthType; + + typedef struct { + NTTIME_hyper last_update_time; + lsa_TrustAuthType AuthType; + lsa_DATA_BUF2 data; + } lsa_TrustDomainInfoBuffer; + + typedef struct { + uint32 incoming_count; + lsa_TrustDomainInfoBuffer *incoming_current_auth_info; + lsa_TrustDomainInfoBuffer *incoming_previous_auth_info; + uint32 outgoing_count; + lsa_TrustDomainInfoBuffer *outgoing_current_auth_info; + lsa_TrustDomainInfoBuffer *outgoing_previous_auth_info; + } lsa_TrustDomainInfoAuthInfo; + + typedef struct { + lsa_TrustDomainInfoInfoEx info_ex; + lsa_TrustDomainInfoPosixOffset posix_offset; + lsa_TrustDomainInfoAuthInfo auth_info; + } lsa_TrustDomainInfoFullInfo; + + typedef struct { + lsa_DATA_BUF2 auth_blob; + } lsa_TrustDomainInfoAuthInfoInternal; + + typedef struct { + lsa_TrustDomainInfoInfoEx info_ex; + lsa_TrustDomainInfoPosixOffset posix_offset; + lsa_TrustDomainInfoAuthInfoInternal auth_info; + } lsa_TrustDomainInfoFullInfoInternal; + + typedef struct { + lsa_TrustDomainInfoInfoEx info_ex; + uint32 forest_trust_length; + [size_is(forest_trust_length)] uint8 *forest_trust_data; + } lsa_TrustDomainInfoInfoEx2Internal; + + typedef struct { + lsa_TrustDomainInfoInfoEx2Internal info; + lsa_TrustDomainInfoPosixOffset posix_offset; + lsa_TrustDomainInfoAuthInfo auth_info; + } lsa_TrustDomainInfoFullInfo2Internal; + + typedef struct { + kerb_EncTypes enc_types; + } lsa_TrustDomainInfoSupportedEncTypes; + + typedef [switch_type(lsa_TrustDomInfoEnum)] union { + [case(LSA_TRUSTED_DOMAIN_INFO_NAME)] + lsa_TrustDomainInfoName name; + [case(LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS)] + lsa_TrustDomainInfoControllers controllers; + [case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] + lsa_TrustDomainInfoPosixOffset posix_offset; + [case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)] + lsa_TrustDomainInfoPassword password; + [case(LSA_TRUSTED_DOMAIN_INFO_BASIC)] + lsa_TrustDomainInfoBasic info_basic; + [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)] + lsa_TrustDomainInfoInfoEx info_ex; + [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)] + lsa_TrustDomainInfoAuthInfo auth_info; + [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] + lsa_TrustDomainInfoFullInfo full_info; + [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL)] + lsa_TrustDomainInfoAuthInfoInternal auth_info_internal; + [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL)] + lsa_TrustDomainInfoFullInfoInternal full_info_internal; + [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL)] + lsa_TrustDomainInfoInfoEx2Internal info_ex2_internal; + [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL)] + lsa_TrustDomainInfoFullInfo2Internal full_info2_internal; + [case(LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES)] + lsa_TrustDomainInfoSupportedEncTypes enc_types; + } lsa_TrustedDomainInfo; + + /* Function: 0x1a */ + NTSTATUS lsa_QueryTrustedDomainInfo( + [in] policy_handle *trustdom_handle, + [in] lsa_TrustDomInfoEnum level, + [out,switch_is(level),unique] lsa_TrustedDomainInfo *info + ); + + /* Function: 0x1b */ + NTSTATUS lsa_SetInformationTrustedDomain( + [in] policy_handle *trustdom_handle, + [in] lsa_TrustDomInfoEnum level, + [in,switch_is(level)] lsa_TrustedDomainInfo *info + ); + + /* Function: 0x1c */ + [public] NTSTATUS lsa_OpenSecret( + [in] policy_handle *handle, + [in] lsa_String name, + [in] uint32 access_mask, + [out] policy_handle *sec_handle + ); + + /* Function: 0x1d */ + + [public] NTSTATUS lsa_SetSecret( + [in] policy_handle *sec_handle, + [in,unique] lsa_DATA_BUF *new_val, + [in,unique] lsa_DATA_BUF *old_val + ); + + typedef struct { + lsa_DATA_BUF *buf; + } lsa_DATA_BUF_PTR; + + /* Function: 0x1e */ + [public] NTSTATUS lsa_QuerySecret ( + [in] policy_handle *sec_handle, + [in,out,unique] lsa_DATA_BUF_PTR *new_val, + [in,out,unique] NTTIME_hyper *new_mtime, + [in,out,unique] lsa_DATA_BUF_PTR *old_val, + [in,out,unique] NTTIME_hyper *old_mtime + ); + + /* Function: 0x1f */ + NTSTATUS lsa_LookupPrivValue( + [in] policy_handle *handle, + [in] lsa_String *name, + [out] lsa_LUID *luid + ); + + + /* Function: 0x20 */ + NTSTATUS lsa_LookupPrivName ( + [in] policy_handle *handle, + [in] lsa_LUID *luid, + [out,unique] lsa_StringLarge *name + ); + + + /*******************/ + /* Function: 0x21 */ + NTSTATUS lsa_LookupPrivDisplayName ( + [in] policy_handle *handle, + [in] lsa_String *name, + [out,unique] lsa_StringLarge *disp_name, + /* see http://www.microsoft.com/globaldev/nlsweb/ for + language definitions */ + [in,out] uint16 *language_id, + [in] uint16 unknown + ); + + /*******************/ + /* Function: 0x22 */ + NTSTATUS lsa_DeleteObject ( + [in,out] policy_handle *handle + ); + + + + /*******************/ + /* Function: 0x23 */ + NTSTATUS lsa_EnumAccountsWithUserRight ( + [in] policy_handle *handle, + [in,unique] lsa_String *name, + [out] lsa_SidArray *sids + ); + + /* Function: 0x24 */ + typedef struct { + [string,charset(UTF16)] uint16 *name; + } lsa_RightAttribute; + + typedef struct { + uint32 count; + [size_is(count)] lsa_StringLarge *names; + } lsa_RightSet; + + NTSTATUS lsa_EnumAccountRights ( + [in] policy_handle *handle, + [in] dom_sid2 *sid, + [out] lsa_RightSet *rights + ); + + + /**********************/ + /* Function: 0x25 */ + NTSTATUS lsa_AddAccountRights ( + [in] policy_handle *handle, + [in] dom_sid2 *sid, + [in] lsa_RightSet *rights + ); + + /**********************/ + /* Function: 0x26 */ + NTSTATUS lsa_RemoveAccountRights ( + [in] policy_handle *handle, + [in] dom_sid2 *sid, + [in] uint32 unknown, + [in] lsa_RightSet *rights + ); + + /* Function: 0x27 */ + NTSTATUS lsa_QueryTrustedDomainInfoBySid( + [in] policy_handle *handle, + [in] dom_sid2 *dom_sid, + [in] lsa_TrustDomInfoEnum level, + [out,switch_is(level),unique] lsa_TrustedDomainInfo *info + ); + + /* Function: 0x28 */ + NTSTATUS lsa_SetTrustedDomainInfo( + [in] policy_handle *handle, + [in] dom_sid2 *dom_sid, + [in] lsa_TrustDomInfoEnum level, + [in,switch_is(level)] lsa_TrustedDomainInfo *info + ); + /* Function: 0x29 */ + NTSTATUS lsa_DeleteTrustedDomain( + [in] policy_handle *handle, + [in] dom_sid2 *dom_sid + ); + + /* Function: 0x2a */ + [todo] NTSTATUS lsa_StorePrivateData(); + /* Function: 0x2b */ + [todo] NTSTATUS lsa_RetrievePrivateData(); + + + /**********************/ + /* Function: 0x2c */ + [public] NTSTATUS lsa_OpenPolicy2 ( + [in,unique] [string,charset(UTF16)] uint16 *system_name, + [in] lsa_ObjectAttribute *attr, + [in] uint32 access_mask, + [out] policy_handle *handle + ); + + /**********************/ + /* Function: 0x2d */ + typedef struct { + lsa_String *string; + } lsa_StringPointer; + + NTSTATUS lsa_GetUserName( + [in,unique] [string,charset(UTF16)] uint16 *system_name, + [in,out,unique] lsa_String *account_name, + [in,out,unique] lsa_StringPointer *authority_name + ); + + /**********************/ + /* Function: 0x2e */ + + NTSTATUS lsa_QueryInfoPolicy2( + [in] policy_handle *handle, + [in] lsa_PolicyInfo level, + [out,unique,switch_is(level)] lsa_PolicyInformation *info + ); + + /* Function 0x2f */ + NTSTATUS lsa_SetInfoPolicy2( + [in] policy_handle *handle, + [in] lsa_PolicyInfo level, + [in,switch_is(level)] lsa_PolicyInformation *info + ); + + /**********************/ + /* Function 0x30 */ + NTSTATUS lsa_QueryTrustedDomainInfoByName( + [in] policy_handle *handle, + [in] lsa_String trusted_domain, + [in] lsa_TrustDomInfoEnum level, + [out,unique,switch_is(level)] lsa_TrustedDomainInfo *info + ); + + /**********************/ + /* Function 0x31 */ + NTSTATUS lsa_SetTrustedDomainInfoByName( + [in] policy_handle *handle, + [in] lsa_String trusted_domain, + [in] lsa_TrustDomInfoEnum level, + [in,unique,switch_is(level)] lsa_TrustedDomainInfo *info + ); + + /* Function 0x32 */ + + /* w2k3 treats max_size as max_domains*82 */ + const int LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER = 82; + + typedef struct { + uint32 count; + [size_is(count)] lsa_TrustDomainInfoInfoEx *domains; + } lsa_DomainListEx; + + NTSTATUS lsa_EnumTrustedDomainsEx ( + [in] policy_handle *handle, + [in,out] uint32 *resume_handle, + [out] lsa_DomainListEx *domains, + [in] uint32 max_size + ); + + /* Function 0x33 */ + NTSTATUS lsa_CreateTrustedDomainEx( + [in] policy_handle *policy_handle, + [in] lsa_TrustDomainInfoInfoEx *info, + [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info, + [in] uint32 access_mask, + [out] policy_handle *trustdom_handle + ); + + + /* Function 0x34 */ + NTSTATUS lsa_CloseTrustedDomainEx( + [in,out] policy_handle *handle + ); + + /* Function 0x35 */ + + /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000 + for unknown6 - gd */ + typedef struct { + uint32 enforce_restrictions; + hyper service_tkt_lifetime; + hyper user_tkt_lifetime; + hyper user_tkt_renewaltime; + hyper clock_skew; + hyper unknown6; + } lsa_DomainInfoKerberos; + + typedef struct { + uint32 blob_size; + [size_is(blob_size)] uint8 *efs_blob; + } lsa_DomainInfoEfs; + + typedef enum { + LSA_DOMAIN_INFO_POLICY_EFS=2, + LSA_DOMAIN_INFO_POLICY_KERBEROS=3 + } lsa_DomainInfoEnum; + + typedef [switch_type(uint16)] union { + [case(LSA_DOMAIN_INFO_POLICY_EFS)] lsa_DomainInfoEfs efs_info; + [case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos kerberos_info; + } lsa_DomainInformationPolicy; + + NTSTATUS lsa_QueryDomainInformationPolicy( + [in] policy_handle *handle, + [in] uint16 level, + [out,unique,switch_is(level)] lsa_DomainInformationPolicy *info + ); + + /* Function 0x36 */ + NTSTATUS lsa_SetDomainInformationPolicy( + [in] policy_handle *handle, + [in] uint16 level, + [in,unique,switch_is(level)] lsa_DomainInformationPolicy *info + ); + + /**********************/ + /* Function 0x37 */ + NTSTATUS lsa_OpenTrustedDomainByName( + [in] policy_handle *handle, + [in] lsa_String name, + [in] uint32 access_mask, + [out] policy_handle *trustdom_handle + ); + + /* Function 0x38 */ + [todo] NTSTATUS lsa_TestCall(); + + /**********************/ + /* Function 0x39 */ + + typedef struct { + lsa_SidType sid_type; + lsa_String name; + uint32 sid_index; + uint32 unknown; + } lsa_TranslatedName2; + + typedef struct { + [range(0,1000)] uint32 count; + [size_is(count)] lsa_TranslatedName2 *names; + } lsa_TransNameArray2; + + [public] NTSTATUS lsa_LookupSids2( + [in] policy_handle *handle, + [in] lsa_SidArray *sids, + [out,unique] lsa_RefDomainList *domains, + [in,out] lsa_TransNameArray2 *names, + [in] uint16 level, + [in,out] uint32 *count, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); + + /**********************/ + /* Function 0x3a */ + + typedef struct { + lsa_SidType sid_type; + uint32 rid; + uint32 sid_index; + uint32 unknown; + } lsa_TranslatedSid2; + + typedef struct { + [range(0,1000)] uint32 count; + [size_is(count)] lsa_TranslatedSid2 *sids; + } lsa_TransSidArray2; + + [public] NTSTATUS lsa_LookupNames2 ( + [in] policy_handle *handle, + [in,range(0,1000)] uint32 num_names, + [in,size_is(num_names)] lsa_String names[], + [out,unique] lsa_RefDomainList *domains, + [in,out] lsa_TransSidArray2 *sids, + [in] lsa_LookupNamesLevel level, + [in,out] uint32 *count, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); + + /* Function 0x3b */ + NTSTATUS lsa_CreateTrustedDomainEx2( + [in] policy_handle *policy_handle, + [in] lsa_TrustDomainInfoInfoEx *info, + [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info, + [in] uint32 access_mask, + [out] policy_handle *trustdom_handle + ); + + /* Function 0x3c */ + [todo] NTSTATUS lsa_CREDRWRITE(); + + /* Function 0x3d */ + [todo] NTSTATUS lsa_CREDRREAD(); + + /* Function 0x3e */ + [todo] NTSTATUS lsa_CREDRENUMERATE(); + + /* Function 0x3f */ + [todo] NTSTATUS lsa_CREDRWRITEDOMAINCREDENTIALS(); + + /* Function 0x40 */ + [todo] NTSTATUS lsa_CREDRREADDOMAINCREDENTIALS(); + + /* Function 0x41 */ + [todo] NTSTATUS lsa_CREDRDELETE(); + + /* Function 0x42 */ + [todo] NTSTATUS lsa_CREDRGETTARGETINFO(); + + /* Function 0x43 */ + [todo] NTSTATUS lsa_CREDRPROFILELOADED(); + + /**********************/ + /* Function 0x44 */ + typedef struct { + lsa_SidType sid_type; + dom_sid2 *sid; + uint32 sid_index; + uint32 unknown; + } lsa_TranslatedSid3; + + typedef struct { + [range(0,1000)] uint32 count; + [size_is(count)] lsa_TranslatedSid3 *sids; + } lsa_TransSidArray3; + + [public] NTSTATUS lsa_LookupNames3 ( + [in] policy_handle *handle, + [in,range(0,1000)] uint32 num_names, + [in,size_is(num_names)] lsa_String names[], + [out,unique] lsa_RefDomainList *domains, + [in,out] lsa_TransSidArray3 *sids, + [in] lsa_LookupNamesLevel level, + [in,out] uint32 *count, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); + + /* Function 0x45 */ + [todo] NTSTATUS lsa_CREDRGETSESSIONTYPES(); + + /* Function 0x46 */ + [todo] NTSTATUS lsa_LSARREGISTERAUDITEVENT(); + + /* Function 0x47 */ + [todo] NTSTATUS lsa_LSARGENAUDITEVENT(); + + /* Function 0x48 */ + [todo] NTSTATUS lsa_LSARUNREGISTERAUDITEVENT(); + + /* Function 0x49 */ + typedef struct { + [range(0,131072)] uint32 length; + [size_is(length)] uint8 *data; + } lsa_ForestTrustBinaryData; + + typedef struct { + dom_sid2 *domain_sid; + lsa_StringLarge dns_domain_name; + lsa_StringLarge netbios_domain_name; + } lsa_ForestTrustDomainInfo; + + typedef [switch_type(uint32)] union { + [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME)] lsa_String top_level_name; + [case(LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX)] lsa_StringLarge top_level_name_ex; + [case(LSA_FOREST_TRUST_DOMAIN_INFO)] lsa_ForestTrustDomainInfo domain_info; + [default] lsa_ForestTrustBinaryData data; + } lsa_ForestTrustData; + + typedef [v1_enum] enum { + LSA_FOREST_TRUST_TOP_LEVEL_NAME = 0, + LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX = 1, + LSA_FOREST_TRUST_DOMAIN_INFO = 2, + LSA_FOREST_TRUST_RECORD_TYPE_LAST = 3 + } lsa_ForestTrustRecordType; + + typedef struct { + uint32 flags; + lsa_ForestTrustRecordType level; + hyper unknown; + [switch_is(level)] lsa_ForestTrustData forest_trust_data; + } lsa_ForestTrustRecord; + + typedef [public] struct { + [range(0,4000)] uint32 count; + [size_is(count)] lsa_ForestTrustRecord **entries; + } lsa_ForestTrustInformation; + + NTSTATUS lsa_lsaRQueryForestTrustInformation( + [in] policy_handle *handle, + [in,ref] lsa_String *trusted_domain_name, + [in] uint16 unknown, /* level ? */ + [out,ref] lsa_ForestTrustInformation **forest_trust_info + ); + + /* Function 0x4a */ + [todo] NTSTATUS lsa_LSARSETFORESTTRUSTINFORMATION(); + + /* Function 0x4b */ + [todo] NTSTATUS lsa_CREDRRENAME(); + + /*****************/ + /* Function 0x4c */ + + [public] NTSTATUS lsa_LookupSids3( + [in] lsa_SidArray *sids, + [out,unique] lsa_RefDomainList *domains, + [in,out] lsa_TransNameArray2 *names, + [in] uint16 level, + [in,out] uint32 *count, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); + + /* Function 0x4d */ + NTSTATUS lsa_LookupNames4( + [in,range(0,1000)] uint32 num_names, + [in,size_is(num_names)] lsa_String names[], + [out,unique] lsa_RefDomainList *domains, + [in,out] lsa_TransSidArray3 *sids, + [in] lsa_LookupNamesLevel level, + [in,out] uint32 *count, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); + + /* Function 0x4e */ + [todo] NTSTATUS lsa_LSAROPENPOLICYSCE(); + + /* Function 0x4f */ + [todo] NTSTATUS lsa_LSARADTREGISTERSECURITYEVENTSOURCE(); + + /* Function 0x50 */ + [todo] NTSTATUS lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE(); + + /* Function 0x51 */ + [todo] NTSTATUS lsa_LSARADTREPORTSECURITYEVENT(); + +} diff --git a/source4/librpc/idl/mgmt.idl b/source4/librpc/idl/mgmt.idl new file mode 100644 index 0000000000..35857f26cd --- /dev/null +++ b/source4/librpc/idl/mgmt.idl @@ -0,0 +1,75 @@ +/* + dcerpc remote management interface +*/ + +import "misc.idl"; + +[ + uuid("afa8bd80-7d8a-11c9-bef4-08002b102989"), + version(1.0), + pointer_default(unique), + helpstring("DCE/RPC Remote Management") +] +interface mgmt +{ + typedef struct { + ndr_syntax_id *id; + } ndr_syntax_id_p; + + typedef struct { + uint32 count; + [size_is(count)] ndr_syntax_id_p if_id[*]; + } rpc_if_id_vector_t; + + + /***********************/ + /* Function 0x00 */ + WERROR mgmt_inq_if_ids ( + [out] rpc_if_id_vector_t **if_id_vector + ); + + + + /***********************/ + /* Function 0x01 */ + + + /* these are the array indexes in the statistics array */ + const int MGMT_STATS_CALLS_IN = 0; + const int MGMT_STATS_CALLS_OUT = 1; + const int MGMT_STATS_PKTS_IN = 2; + const int MGMT_STATS_PKTS_OUT = 3; + const int MGMT_STATS_ARRAY_MAX_SIZE = 4; + + typedef struct { + uint32 count; + [size_is(count)] uint32 statistics[*]; + } mgmt_statistics; + + WERROR mgmt_inq_stats ( + [in] uint32 max_count, + [in] uint32 unknown, + [out,ref] mgmt_statistics *statistics + ); + + + /***********************/ + /* Function 0x02 */ + boolean32 mgmt_is_server_listening ( + [out,ref] error_status_t *status + ); + + + /***********************/ + /* Function 0x03 */ + WERROR mgmt_stop_server_listening (); + + + /***********************/ + /* Function 0x04 */ + WERROR mgmt_inq_princ_name ( + [in] uint32 authn_proto, + [in] uint32 princ_name_size, + [out] [string,charset(DOS)] uint8 princ_name[] + ); +} diff --git a/source4/librpc/idl/misc.idl b/source4/librpc/idl/misc.idl new file mode 100644 index 0000000000..8331977398 --- /dev/null +++ b/source4/librpc/idl/misc.idl @@ -0,0 +1,58 @@ +/* + miscellaneous IDL structures +*/ + + +[ + pointer_default(unique) +] +interface misc +{ + typedef [public,noprint,gensize,noejs] struct { + uint32 time_low; + uint16 time_mid; + uint16 time_hi_and_version; + uint8 clock_seq[2]; + uint8 node[6]; + } GUID; + + typedef [public] struct { + GUID uuid; + uint32 if_version; + } ndr_syntax_id; + + typedef [public] struct { + uint32 handle_type; + GUID uuid; + } policy_handle; + + /* secure channel types */ + /* Only SEC_CHAN_WKSTA can forward requests to other domains. */ + + typedef [public] enum { + SEC_CHAN_WKSTA = 2, + SEC_CHAN_DOMAIN = 4, + SEC_CHAN_BDC = 6 + } netr_SchannelType; + + /* SAM database types */ + typedef [public,v1_enum] enum { + SAM_DATABASE_DOMAIN = 0, /* Domain users and groups */ + SAM_DATABASE_BUILTIN = 1, /* BUILTIN users and groups */ + SAM_DATABASE_PRIVS = 2 /* Privileges */ + } netr_SamDatabaseID; + + typedef [public,v1_enum] enum { + SAMR_REJECT_OTHER = 0, + SAMR_REJECT_TOO_SHORT = 1, + SAMR_REJECT_IN_HISTORY = 2, + SAMR_REJECT_COMPLEXITY = 5 + } samr_RejectReason; + + /* id used to identify a endpoint, possibly in a cluster */ + typedef [public] struct { + hyper id; + uint32 id2; + uint32 node; + } server_id; +} diff --git a/source4/librpc/idl/msgsvc.idl b/source4/librpc/idl/msgsvc.idl new file mode 100644 index 0000000000..d196daf06b --- /dev/null +++ b/source4/librpc/idl/msgsvc.idl @@ -0,0 +1,22 @@ +/* Works over UDP */ + +[ + uuid("17fdd703-1827-4e34-79d4-24a55c53bb37"), + version(1.0), + pointer_default(unique), + helpstring("Messaging Service") +] interface msgsvc +{ + [todo] void NetrMessageNameAdd(); + [todo] void NetrMessageNameEnum(); + [todo] void NetrMessageNameGetInfo(); + [todo] void NetrMessageNameDel(); +} + +[ + uuid("5a7b91f8-ff00-11d0-a9b2-00c04fb6e6fc"), + version(1.0) +] interface msgsvcsend +{ + [todo] void NetrSendMessage(); +} diff --git a/source4/librpc/idl/nbt.idl b/source4/librpc/idl/nbt.idl new file mode 100644 index 0000000000..63be489e0d --- /dev/null +++ b/source4/librpc/idl/nbt.idl @@ -0,0 +1,654 @@ +#include "idl_types.h" + +/* + IDL structures for NBT operations + + NBT is not traditionally encoded using IDL/NDR. This is a bit of an + experiment, and I may well switch us back to a more traditional + encoding if it doesn't work out +*/ + +import "misc.idl", "security.idl", "svcctl.idl", "samr.idl"; +[ + helper("libcli/netlogon.h", "libcli/nbt/libnbt.h") +] +interface nbt +{ + const int NBT_NAME_SERVICE_PORT = 137; + const int NBT_DGRAM_SERVICE_PORT = 138; + + typedef [bitmap16bit] bitmap { + NBT_RCODE = 0x000F, + NBT_FLAG_BROADCAST = 0x0010, + NBT_FLAG_RECURSION_AVAIL = 0x0080, + NBT_FLAG_RECURSION_DESIRED = 0x0100, + NBT_FLAG_TRUNCATION = 0x0200, + NBT_FLAG_AUTHORITIVE = 0x0400, + NBT_OPCODE = 0x7800, + NBT_FLAG_REPLY = 0x8000 + } nbt_operation; + + /* the opcodes are in the operation field, masked with + NBT_OPCODE */ + typedef enum { + NBT_OPCODE_QUERY = (0x0<<11), + NBT_OPCODE_REGISTER = (0x5<<11), + NBT_OPCODE_RELEASE = (0x6<<11), + NBT_OPCODE_WACK = (0x7<<11), + NBT_OPCODE_REFRESH = (0x8<<11), + NBT_OPCODE_REFRESH2 = (0x9<<11), + NBT_OPCODE_MULTI_HOME_REG = (0xf<<11) + } nbt_opcode; + + /* rcode values */ + typedef enum { + NBT_RCODE_OK = 0x0, + NBT_RCODE_FMT = 0x1, + NBT_RCODE_SVR = 0x2, + NBT_RCODE_NAM = 0x3, + NBT_RCODE_IMP = 0x4, + NBT_RCODE_RFS = 0x5, + NBT_RCODE_ACT = 0x6, + NBT_RCODE_CFT = 0x7 + } nbt_rcode; + + /* we support any 8bit name type, but by defining the common + ones here we get better debug displays */ + typedef [enum8bit] enum { + NBT_NAME_CLIENT = 0x00, + NBT_NAME_MS = 0x01, + NBT_NAME_USER = 0x03, + NBT_NAME_SERVER = 0x20, + NBT_NAME_PDC = 0x1B, + NBT_NAME_LOGON = 0x1C, + NBT_NAME_MASTER = 0x1D, + NBT_NAME_BROWSER = 0x1E + } nbt_name_type; + + /* the ndr parser for nbt_name is separately defined in + nbtname.c (along with the parsers for nbt_string) */ + typedef [public,nopull,nopush] struct { + string name; + string scope; + nbt_name_type type; + } nbt_name; + + typedef [public,enum16bit] enum { + NBT_QCLASS_IP = 0x01 + } nbt_qclass; + + typedef [public,enum16bit] enum { + NBT_QTYPE_ADDRESS = 0x0001, + NBT_QTYPE_NAMESERVICE = 0x0002, + NBT_QTYPE_NULL = 0x000A, + NBT_QTYPE_NETBIOS = 0x0020, + NBT_QTYPE_STATUS = 0x0021 + } nbt_qtype; + + typedef struct { + nbt_name name; + nbt_qtype question_type; + nbt_qclass question_class; + } nbt_name_question; + + /* these are the possible values of the NBT_NM_OWNER_TYPE + field */ + typedef enum { + NBT_NODE_B = 0x0000, + NBT_NODE_P = 0x2000, + NBT_NODE_M = 0x4000, + NBT_NODE_H = 0x6000 + } nbt_node_type; + + typedef [bitmap16bit] bitmap { + NBT_NM_PERMANENT = 0x0200, + NBT_NM_ACTIVE = 0x0400, + NBT_NM_CONFLICT = 0x0800, + NBT_NM_DEREGISTER = 0x1000, + NBT_NM_OWNER_TYPE = 0x6000, + NBT_NM_GROUP = 0x8000 + } nb_flags; + + typedef struct { + nb_flags nb_flags; + ipv4address ipaddr; + } nbt_rdata_address; + + typedef struct { + uint16 length; + nbt_rdata_address addresses[length/6]; + } nbt_rdata_netbios; + + typedef struct { + uint8 unit_id[6]; + uint8 jumpers; + uint8 test_result; + uint16 version_number; + uint16 period_of_statistics; + uint16 number_of_crcs; + uint16 number_alignment_errors; + uint16 number_of_collisions; + uint16 number_send_aborts; + uint32 number_good_sends; + uint32 number_good_receives; + uint16 number_retransmits; + uint16 number_no_resource_conditions; + uint16 number_free_command_blocks; + uint16 total_number_command_blocks; + uint16 max_total_number_command_blocks; + uint16 number_pending_sessions; + uint16 max_number_pending_sessions; + uint16 max_total_sessions_possible; + uint16 session_data_packet_size; + } nbt_statistics; + + typedef struct { + [charset(DOS)] uint8 name[15]; + nbt_name_type type; + nb_flags nb_flags; + } nbt_status_name; + + typedef struct { + [value(num_names * 18 + 47)] uint16 length; + uint8 num_names; + nbt_status_name names[num_names]; + nbt_statistics statistics; + } nbt_rdata_status; + + typedef struct { + uint16 length; + uint8 data[length]; + } nbt_rdata_data; + + typedef [nodiscriminant,public] union { + [case(NBT_QTYPE_NETBIOS)] nbt_rdata_netbios netbios; + [case(NBT_QTYPE_STATUS)] nbt_rdata_status status; + [default] nbt_rdata_data data; + } nbt_rdata; + +/* + * this macro works around the problem + * that we need to use nbt_rdata_data + * together with NBT_QTYPE_NETBIOS + * for WACK replies + */ + typedef [flag(LIBNDR_PRINT_ARRAY_HEX),nopush] struct { + nbt_name name; + nbt_qtype rr_type; + nbt_qclass rr_class; + uint32 ttl; + [switch_is(rr_type)] nbt_rdata rdata; + } nbt_res_rec; + + typedef [flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct { + uint16 name_trn_id; + nbt_operation operation; + uint16 qdcount; + uint16 ancount; + uint16 nscount; + uint16 arcount; + nbt_name_question questions[qdcount]; + nbt_res_rec answers[ancount]; + nbt_res_rec nsrecs[nscount]; + nbt_res_rec additional[arcount]; + [flag(NDR_REMAINING)] DATA_BLOB padding; + } nbt_name_packet; + + + /* + NBT DGRAM packets (UDP/138) + */ + + typedef [enum8bit] enum { + DGRAM_DIRECT_UNIQUE = 0x10, + DGRAM_DIRECT_GROUP = 0x11, + DGRAM_BCAST = 0x12, + DGRAM_ERROR = 0x13, + DGRAM_QUERY = 0x14, + DGRAM_QUERY_POSITIVE = 0x15, + DGRAM_QUERY_NEGATIVE = 0x16 + } dgram_msg_type; + + typedef [bitmap8bit] bitmap { + DGRAM_FLAG_MORE = 0x01, + DGRAM_FLAG_FIRST = 0x02, + DGRAM_FLAG_NODE_TYPE = 0x0C + } dgram_flags; + + typedef [enum8bit] enum { + DGRAM_NODE_B = 0x00, + DGRAM_NODE_P = 0x04, + DGRAM_NODE_M = 0x08, + DGRAM_NODE_NBDD = 0x0C + } dgram_node_type; + + /* a dgram_message is the main dgram body in general use */ + + /* the most common datagram type is a SMB_TRANSACTION + operation, where a SMB packet is used in the data section + of a dgram_message to hold a trans request, which in turn + holds a small command structure. It's a very strange beast + indeed. To make the code cleaner we define a basic SMB + packet in IDL here. This is not a general purpose SMB + packet, and won't be used in the core SMB client/server + code, but it does make working with these types of dgrams + easier */ + + const string NBT_MAILSLOT_NETLOGON = "\\MAILSLOT\\NET\\NETLOGON"; + const string NBT_MAILSLOT_NTLOGON = "\\MAILSLOT\\NET\\NTLOGON"; + const string NBT_MAILSLOT_GETDC = "\\MAILSLOT\\NET\\GETDC"; + const string NBT_MAILSLOT_BROWSE = "\\MAILSLOT\\BROWSE"; + + typedef [enum8bit] enum { + SMB_TRANSACTION = 0x25 + } smb_command; + + typedef struct { + [range(17,17),value(17)] uint8 wct; + uint16 total_param_count; + uint16 total_data_count; + uint16 max_param_count; + uint16 max_data_count; + uint8 max_setup_count; + uint8 pad; + uint16 trans_flags; + uint32 timeout; + uint16 reserved; + uint16 param_count; + uint16 param_offset; + uint16 data_count; + uint16 data_offset; + [range(3,3),value(3)] uint8 setup_count; + uint8 pad2; + uint16 opcode; + uint16 priority; + uint16 class; + [value(strlen(mailslot_name)+1+data.length)] + uint16 byte_count; + astring mailslot_name; + [flag(NDR_REMAINING)] DATA_BLOB data; + } smb_trans_body; + + typedef [nodiscriminant] union { + [case(SMB_TRANSACTION)] smb_trans_body trans; + } smb_body; + + + typedef [flag(NDR_NOALIGN|NDR_LITTLE_ENDIAN|NDR_PAHEX),public] struct { + smb_command smb_command; + uint8 err_class; + uint8 pad; + uint16 err_code; + uint8 flags; + uint16 flags2; + uint16 pid_high; + uint8 signature[8]; + uint16 reserved; + uint16 tid; + uint16 pid; + uint16 vuid; + uint16 mid; + [switch_is(smb_command)] smb_body body; + } dgram_smb_packet; + + const uint32 DGRAM_SMB = 0xff534d42; /* 0xffSMB */ + + typedef [nodiscriminant] union { + [case(DGRAM_SMB)] dgram_smb_packet smb; + } dgram_message_body; + + typedef struct { + uint16 length; + uint16 offset; + nbt_name source_name; + nbt_name dest_name; + uint32 dgram_body_type; + [switch_is(dgram_body_type)] dgram_message_body body; + } dgram_message; + + typedef [enum8bit] enum { + DGRAM_ERROR_NAME_NOT_PRESENT = 0x82, + DGRAM_ERROR_INVALID_SOURCE = 0x83, + DGRAM_ERROR_INVALID_DEST = 0x84 + } dgram_err_code; + + typedef [nodiscriminant] union { + [case(DGRAM_DIRECT_UNIQUE)] dgram_message msg; + [case(DGRAM_DIRECT_GROUP)] dgram_message msg; + [case(DGRAM_BCAST)] dgram_message msg; + [case(DGRAM_ERROR)] dgram_err_code error; + [case(DGRAM_QUERY)] nbt_name dest_name; + [case(DGRAM_QUERY_POSITIVE)] nbt_name dest_name; + [case(DGRAM_QUERY_NEGATIVE)] nbt_name dest_name; + } dgram_data; + + typedef [flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX),public] struct { + dgram_msg_type msg_type; + dgram_flags flags; + uint16 dgram_id; + ipv4address src_addr; + uint16 src_port; + [switch_is(msg_type)] dgram_data data; + } nbt_dgram_packet; + + + /****************************************** + * \MAILSLOT\NET\NETLOGON mailslot requests + * and + * \MAILSLOT\NET\NTLOGON mailslot requests + */ + + typedef [public,gensize] struct { + uint32 sa_family; + [flag(NDR_BIG_ENDIAN)] ipv4address pdc_ip; + [flag(NDR_REMAINING)] DATA_BLOB remaining; + } nbt_sockaddr; + + typedef [bitmap32bit,public] bitmap { + NBT_SERVER_PDC = 0x00000001, + NBT_SERVER_GC = 0x00000004, + NBT_SERVER_LDAP = 0x00000008, + NBT_SERVER_DS = 0x00000010, + NBT_SERVER_KDC = 0x00000020, + NBT_SERVER_TIMESERV = 0x00000040, + NBT_SERVER_CLOSEST = 0x00000080, + NBT_SERVER_WRITABLE = 0x00000100, + NBT_SERVER_GOOD_TIMESERV = 0x00000200, + NBT_SERVER_NDNC = 0x00000400, + NBT_SERVER_SEL_SEC_DOM_6 = 0x00000800, + NBT_SERVER_FUL_SEC_DOM_6 = 0x00001000, + NBT_SERVER_DS_DNS_CONTR = 0x04000000, + NBT_SERVER_DS_DNS_DOMAIN = 0x02000000, + NBT_SERVER_DS_DNS_FOREST = 0x01000000 + } nbt_server_type; + + typedef [bitmap32bit,public] bitmap { + NETLOGON_NT_VERSION_1 = 0x00000001, + NETLOGON_NT_VERSION_5 = 0x00000002, + NETLOGON_NT_VERSION_5EX = 0x00000004, + NETLOGON_NT_VERSION_5EX_WITH_IP = 0x00000008, + NETLOGON_NT_VERSION_WITH_CLOSEST_SITE = 0x00000010, + NETLOGON_NT_VERSION_AVIOD_NT4EMUL = 0x01000000, + NETLOGON_NT_VERSION_PDC = 0x10000000, + NETLOGON_NT_VERSION_IP = 0x20000000, + NETLOGON_NT_VERSION_LOCAL = 0x40000000, + NETLOGON_NT_VERSION_GC = 0x80000000 + } netlogon_nt_version_flags; + + + typedef [enum16bit,public] enum { + LOGON_PRIMARY_QUERY = 7, /* Was also NETLOGON_QUERY_FOR_PDC */ + NETLOGON_ANNOUNCE_UAS = 10, + NETLOGON_RESPONSE_FROM_PDC = 12, + LOGON_SAM_LOGON_REQUEST = 18, /* Was also NETLOGON_QUERY_FOR_PDC2, NTLOGON_SAM_LOGON */ + LOGON_SAM_LOGON_RESPONSE = 19, /* Was also NTLOGON_SAM_LOGON_REPLY */ + LOGON_SAM_LOGON_PAUSE_RESPONSE = 20, + LOGON_SAM_LOGON_USER_UNKNOWN = 21, /* Was also NTLOGON_SAM_LOGON_REPLY15 */ + LOGON_SAM_LOGON_RESPONSE_EX = 23, /* was NETLOGON_RESPONSE_FROM_PDC2 */ + LOGON_SAM_LOGON_PAUSE_RESPONSE_EX = 24, + LOGON_SAM_LOGON_USER_UNKNOWN_EX = 25 /* was NETLOGON_RESPONSE_FROM_PDC_USER */ + } netlogon_command; + + typedef bitmap samr_AcctFlags samr_AcctFlags; + + /* query to dc hand marshaled, as it has 'optional' + * parts */ + typedef [nopull,nopush] struct { + uint16 request_count; + nstring computer_name; + nstring user_name; + astring mailslot_name; + samr_AcctFlags acct_control; + [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size; + /* The manual alignment is required because this + * structure is marked flag(NDR_NOALIGN) via the + * nbt_netlogon_packet below. + * + * However, both MUST only be present if sid_size > 0 + */ + [flag(NDR_ALIGN4)] DATA_BLOB _pad; + [subcontext(0),subcontext_size(sid_size)] dom_sid0 sid; + netlogon_nt_version_flags nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } NETLOGON_SAM_LOGON_REQUEST; + + typedef [flag(NDR_NOALIGN),public] struct { + netlogon_command command; + nstring server; + nstring user_name; + nstring domain; + netlogon_nt_version_flags nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } NETLOGON_SAM_LOGON_RESPONSE_NT40; + + typedef [flag(NDR_NOALIGN),public] struct { + netlogon_command command; + nstring pdc_name; + nstring user_name; + nstring domain_name; + GUID domain_uuid; + GUID zero_uuid; + nbt_string forest; + nbt_string dns_domain; + nbt_string pdc_dns_name; + ipv4address pdc_ip; + nbt_server_type server_type; + netlogon_nt_version_flags nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } NETLOGON_SAM_LOGON_RESPONSE; + + /* response from pdc hand marshaled (we have an additional + * function that uses this structure), as it has 'optional' + * parts */ + typedef [flag(NDR_NOALIGN),public] struct { + netlogon_command command; + uint16 sbz; /* From the docs */ + nbt_server_type server_type; + GUID domain_uuid; + nbt_string forest; + nbt_string dns_domain; + nbt_string pdc_dns_name; + nbt_string domain; + nbt_string pdc_name; + nbt_string user_name; + nbt_string server_site; + nbt_string client_site; + + /* Optional on NETLOGON_NT_VERSION_5EX_WITH_IP */ + [value(ndr_size_nbt_sockaddr(&sockaddr, ndr->flags))] uint8 sockaddr_size; + [subcontext(0),subcontext_size(sockaddr_size)] nbt_sockaddr sockaddr; + + /* Optional on NETLOGON_NT_VERSION_WITH_CLOSEST_SITE */ + nbt_string next_closest_site; + + netlogon_nt_version_flags nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } NETLOGON_SAM_LOGON_RESPONSE_EX; + + /* query for pdc request */ + typedef struct { + astring computer_name; + astring mailslot_name; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_name; + netlogon_nt_version_flags nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_netlogon_query_for_pdc; + + /* response from pdc */ + typedef [flag(NDR_NOALIGN),public] struct { + netlogon_command command; + astring pdc_name; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_pdc_name; + nstring domain_name; + netlogon_nt_version_flags nt_version; + uint16 lmnt_token; + uint16 lm20_token; + } nbt_netlogon_response_from_pdc; + + typedef enum netr_SamDatabaseID netr_SamDatabaseID; + + /* used to announce SAM changes - MS-NRPC 2.2.1.5.1 */ + typedef struct { + netr_SamDatabaseID db_index; + hyper serial; + NTTIME timestamp; + } nbt_db_change_info; + + typedef struct { + uint32 serial_lo; + time_t timestamp; + uint32 pulse; + uint32 random; + astring pdc_name; + astring domain; + [flag(NDR_ALIGN2)] DATA_BLOB _pad; + nstring unicode_pdc_name; + nstring unicode_domain; + uint32 db_count; + nbt_db_change_info dbchange[db_count]; + [value(ndr_size_dom_sid0(&sid, ndr->flags))] uint32 sid_size; + [subcontext(0),subcontext_size(sid_size)] dom_sid0 sid; + uint32 message_format_version; + uint32 message_token; + } NETLOGON_DB_CHANGE; + + typedef [nodiscriminant] union { + [case(LOGON_SAM_LOGON_REQUEST)] NETLOGON_SAM_LOGON_REQUEST logon; + [case(LOGON_PRIMARY_QUERY)] nbt_netlogon_query_for_pdc pdc; + [case(NETLOGON_ANNOUNCE_UAS)] NETLOGON_DB_CHANGE uas; + } nbt_netlogon_request; + +#if 0 + [case(NETLOGON_RESPONSE_FROM_PDC)] nbt_netlogon_response_from_pdc response; + [case(NETLOGON_RESPONSE_FROM_PDC_USER)] nbt_netlogon_response_from_pdc2 response2; + + [case(LOGON_SAM_LOGON_PAUSE_RESPONSE)] NETLOGON_SAM_LOGON_RESPONSE reply; + [case(LOGON_SAM_LOGON_RESPONSE)] NETLOGON_SAM_LOGON_RESPONSE reply; + [case(LOGON_SAM_LOGON_USER_UNKNOWN)] NETLOGON_SAM_LOGON_RESPONSE reply; + [case(LOGON_SAM_LOGON_RESPONSE_EX)] NETLOGON_SAM_LOGON_RESPONSE_EX reply_ex; + [case(LOGON_SAM_LOGON_PAUSE_RESPONSE_EX)] NETLOGON_SAM_LOGON_RESPONSE_EX reply_ex; + [case(LOGON_SAM_LOGON_USER_UNKNOWN_EX)] NETLOGON_SAM_LOGON_RESPONSE_EX reply_ex; +#endif + + typedef [flag(NDR_NOALIGN),public] struct { + netlogon_command command; + [switch_is(command)] nbt_netlogon_request req; + } nbt_netlogon_packet; + + /********************************************************/ + /* \MAILSLOT\BROWSE mailslot requests */ + /* for details see http://ubiqx.org/cifs/Browsing.html */ + /********************************************************/ + typedef bitmap svcctl_ServerType svcctl_ServerType; + + typedef [enum8bit] enum { + HostAnnouncement = 1, + AnnouncementRequest = 2, + Election = 8, + GetBackupListReq = 9, + GetBackupListResp = 10, + BecomeBackup = 11, + DomainAnnouncement = 12, + MasterAnnouncement = 13, + ResetBrowserState = 14, + LocalMasterAnnouncement = 15 + } nbt_browse_opcode; + + typedef struct { + uint8 UpdateCount; + uint32 Periodicity; + [charset(DOS)] uint8 ServerName[16]; + uint8 OSMajor; + uint8 OSMinor; + svcctl_ServerType ServerType; + uint8 BroMajorVer; + uint8 BroMinorVer; + uint16 Signature; + astring Comment; + } nbt_browse_host_announcement; + + typedef struct { + uint8 Unused; + astring ResponseName; + } nbt_browse_announcement_request; + + typedef struct { + uint8 Version; + uint32 Criteria; + uint32 UpTime; /* In milliseconds */ + uint32 Reserved; /* Must be zero */ + astring ServerName; + } nbt_browse_election_request; + + typedef struct { + uint8 ReqCount; + uint32 Token; + } nbt_browse_backup_list_request; + + typedef struct { + uint8 BackupCount; + uint32 Token; + nbt_name BackupServerList[BackupCount];/* TODO: this is wrong */ + } nbt_browse_backup_list_response; + + typedef struct { + astring BrowserName; + } nbt_browse_become_backup; + + typedef struct { + uint8 UpdateCount; + uint32 Periodicity; + [charset(DOS)] uint8 ServerName[16]; + uint8 OSMajor; + uint8 OSMinor; + svcctl_ServerType ServerType; + uint32 MysteriousField; + astring Comment; + } nbt_browse_domain_announcement; + + typedef struct { + astring ServerName; + } nbt_browse_master_announcement; + + typedef struct { + uint8 Command; + } nbt_browse_reset_state; + + typedef struct { + uint8 UpdateCount; + uint32 Periodicity; + [charset(DOS)] uint8 ServerName[16]; + uint8 OSMajor; + uint8 OSMinor; + svcctl_ServerType ServerType; + uint8 BroMajorVer; + uint8 BroMinorVer; + uint16 Signature; + astring Comment; + } nbt_browse_local_master_announcement; + + typedef [nodiscriminant] union { + [case(HostAnnouncement)] nbt_browse_host_announcement host_annoucement; + [case(AnnouncementRequest)] nbt_browse_announcement_request announcement_request; + [case(Election)] nbt_browse_election_request election_request; + [case(GetBackupListReq)] nbt_browse_backup_list_request backup_list_request; + [case(GetBackupListResp)] nbt_browse_backup_list_response backup_list_response; + [case(BecomeBackup)] nbt_browse_become_backup become_backup; + [case(DomainAnnouncement)] nbt_browse_domain_announcement domain_announcement; + [case(MasterAnnouncement)] nbt_browse_master_announcement master_announcement; + [case(ResetBrowserState)] nbt_browse_reset_state reset_browser_state; + [case(LocalMasterAnnouncement)] nbt_browse_local_master_announcement local_master_announcement; + } nbt_browse_payload; + + typedef [public,flag(NDR_NOALIGN)] struct { + nbt_browse_opcode opcode; + [switch_is(opcode)] nbt_browse_payload payload; + } nbt_browse_packet; +} diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl new file mode 100644 index 0000000000..2298106851 --- /dev/null +++ b/source4/librpc/idl/netlogon.idl @@ -0,0 +1,1368 @@ +/* + netlogon interface + much of this was derived from the ethereal sources - thanks to everyone + who contributed! +*/ + +import "misc.idl", "lsa.idl", "samr.idl", "security.idl", "nbt.idl"; + +#include "idl_types.h" + +[ + uuid("12345678-1234-abcd-ef00-01234567cffb"), + version(1.0), + endpoint("ncacn_np:[\\pipe\\netlogon]","ncacn_ip_tcp:","ncalrpc:"), + pointer_default(unique) +] + +interface netlogon +{ + typedef bitmap samr_AcctFlags samr_AcctFlags; + typedef bitmap samr_GroupAttrs samr_GroupAttrs; + + /*****************/ + /* Function 0x00 */ + + typedef struct { + [string,charset(UTF16)] uint16 *account_name; + uint32 priv; + uint32 auth_flags; + uint32 logon_count; + uint32 bad_pw_count; + time_t last_logon; + time_t last_logoff; + time_t logoff_time; + time_t kickoff_time; + uint32 password_age; + time_t pw_can_change; + time_t pw_must_change; + [string,charset(UTF16)] uint16 *computer; + [string,charset(UTF16)] uint16 *domain; + [string,charset(UTF16)] uint16 *script_path; + uint32 unknown; + } netr_UasInfo; + + WERROR netr_LogonUasLogon( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 account_name[], + [in] [string,charset(UTF16)] uint16 workstation[], + [out,unique] netr_UasInfo *info + ); + + + /*****************/ + /* Function 0x01 */ + + typedef struct { + uint32 duration; + uint16 logon_count; + } netr_UasLogoffInfo; + + WERROR netr_LogonUasLogoff( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 account_name[], + [in] [string,charset(UTF16)] uint16 workstation[], + [out] netr_UasLogoffInfo info + ); + + + /*****************/ + /* Function 0x02 */ + + /* in netr_AcctLockStr size seems to be be 24, and rrenard thinks + that the structure of the bindata looks like this: + + dlong lockout_duration; + udlong reset_count; + uint32 bad_attempt_lockout; + uint32 dummy; + + but it doesn't look as though this structure is reflected at the + NDR level. Maybe it is left to the application to decode the bindata array. + */ + typedef struct { + uint16 size; + uint16 length; + [size_is(size/2),length_is(length/2)] uint16 *bindata; + } netr_AcctLockStr; + + typedef [public,bitmap32bit] bitmap { + MSV1_0_CLEARTEXT_PASSWORD_ALLOWED = 0x00000002, + MSV1_0_UPDATE_LOGON_STATISTICS = 0x00000004, + MSV1_0_RETURN_USER_PARAMETERS = 0x00000008, + MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT = 0x00000020, + MSV1_0_RETURN_PROFILE_PATH = 0x00000200, + MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT = 0x00000800 + } netr_LogonParameterControl; + + typedef struct { + lsa_String domain_name; + netr_LogonParameterControl parameter_control; /* see MSV1_0_* */ + uint32 logon_id_low; + uint32 logon_id_high; + lsa_String account_name; + lsa_String workstation; + } netr_IdentityInfo; + + typedef struct { + netr_IdentityInfo identity_info; + samr_Password lmpassword; + samr_Password ntpassword; + } netr_PasswordInfo; + + typedef [flag(NDR_PAHEX)] struct { + uint16 length; + [value(length)] uint16 size; + [size_is(length),length_is(length)] uint8 *data; + } netr_ChallengeResponse; + + typedef [flag(NDR_PAHEX)] struct { + netr_IdentityInfo identity_info; + uint8 challenge[8]; + netr_ChallengeResponse nt; + netr_ChallengeResponse lm; + } netr_NetworkInfo; + + typedef [flag(NDR_PAHEX)] struct { + netr_IdentityInfo identity_info; + lsa_String package_name; + uint32 length; + [size_is(length)] uint8 *data; + } netr_GenericInfo; + + typedef enum { + NetlogonInteractiveInformation = 1, + NetlogonNetworkInformation = 2, + NetlogonServiceInformation = 3, + NetlogonGenericInformation = 4, + NetlogonInteractiveTransitiveInformation = 5, + NetlogonNetworkTransitiveInformation = 6, + NetlogonServiceTransitiveInformation = 7 + } netr_LogonInfoClass; + + typedef [public,switch_type(netr_LogonInfoClass)] union { + [case(NetlogonInteractiveInformation)] netr_PasswordInfo *password; + [case(NetlogonNetworkInformation)] netr_NetworkInfo *network; + [case(NetlogonServiceInformation)] netr_PasswordInfo *password; + [case(NetlogonGenericInformation)] netr_GenericInfo *generic; + [case(NetlogonInteractiveTransitiveInformation)] netr_PasswordInfo *password; + [case(NetlogonNetworkTransitiveInformation)] netr_NetworkInfo *network; + [case(NetlogonServiceTransitiveInformation)] netr_PasswordInfo *password; + } netr_LogonLevel; + + typedef [public,flag(NDR_PAHEX)] struct { + uint8 key[16]; + } netr_UserSessionKey; + + typedef [public,flag(NDR_PAHEX)] struct { + uint8 key[8]; + } netr_LMSessionKey; + + /* Flags for user_flags below */ + typedef [public,bitmap32bit] bitmap { + NETLOGON_GUEST = 0x0001, + NETLOGON_NOENCRYPTION = 0x0002, + NETLOGON_CACHED_ACCOUNT = 0x0004, + NETLOGON_USED_LM_PASSWORD = 0x0008, + NETLOGON_EXTRA_SIDS = 0x0020, + NETLOGON_SUBAUTH_SESSION_KEY = 0x0040, + NETLOGON_SERVER_TRUST_ACCOUNT = 0x0080, + NETLOGON_NTLMV2_ENABLED = 0x0100, + NETLOGON_RESOURCE_GROUPS = 0x0200, + NETLOGON_PROFILE_PATH_RETURNED = 0x0400 + } netr_UserFlags; + + typedef struct { + NTTIME last_logon; + NTTIME last_logoff; + NTTIME acct_expiry; + NTTIME last_password_change; + NTTIME allow_password_change; + NTTIME force_password_change; + lsa_String account_name; + lsa_String full_name; + lsa_String logon_script; + lsa_String profile_path; + lsa_String home_directory; + lsa_String home_drive; + uint16 logon_count; + uint16 bad_password_count; + uint32 rid; + uint32 primary_gid; + samr_RidWithAttributeArray groups; + netr_UserFlags user_flags; + netr_UserSessionKey key; + lsa_StringLarge logon_server; + lsa_StringLarge domain; + dom_sid2 *domain_sid; + netr_LMSessionKey LMSessKey; + samr_AcctFlags acct_flags; + uint32 unknown[7]; + } netr_SamBaseInfo; + + typedef struct { + netr_SamBaseInfo base; + } netr_SamInfo2; + + typedef struct { + dom_sid2 *sid; + samr_GroupAttrs attributes; + } netr_SidAttr; + + typedef [public] struct { + netr_SamBaseInfo base; + uint32 sidcount; + [size_is(sidcount)] netr_SidAttr *sids; + } netr_SamInfo3; + + typedef struct { + netr_SamBaseInfo base; + uint32 sidcount; + [size_is(sidcount)] netr_SidAttr *sids; + lsa_String forest; + lsa_String principle; + uint32 unknown4[20]; + } netr_SamInfo6; + + typedef struct { + uint32 pac_size; + [size_is(pac_size)] uint8 *pac; + lsa_String logon_domain; + lsa_String logon_server; + lsa_String principal_name; + uint32 auth_size; + [size_is(auth_size)] uint8 *auth; + netr_UserSessionKey user_session_key; + uint32 expansionroom[10]; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + } netr_PacInfo; + + typedef [flag(NDR_PAHEX)] struct { + uint32 length; + [size_is(length)] uint8 *data; + } netr_GenericInfo2; + + typedef enum { + NetlogonValidationUasInfo = 1, + NetlogonValidationSamInfo = 2, + NetlogonValidationSamInfo2 = 3, + NetlogonValidationGenericInfo2 = 5, + NetlogonValidationSamInfo4 = 6 + } netr_ValidationInfoClass; + + typedef [public,switch_type(uint16)] union { + [case(NetlogonValidationSamInfo)] netr_SamInfo2 *sam2; + [case(NetlogonValidationSamInfo2)] netr_SamInfo3 *sam3; + [case(4)] netr_PacInfo *pac; + [case(NetlogonValidationGenericInfo2)] netr_GenericInfo2 *generic; + [case(NetlogonValidationSamInfo4)] netr_SamInfo6 *sam6; + } netr_Validation; + + typedef [public, flag(NDR_PAHEX)] struct { + uint8 data[8]; + } netr_Credential; + + typedef [public] struct { + netr_Credential cred; + time_t timestamp; + } netr_Authenticator; + + NTSTATUS netr_LogonSamLogon( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, + [in] netr_LogonInfoClass logon_level, + [in] [switch_is(logon_level)] netr_LogonLevel logon, + [in] uint16 validation_level, + [out] [switch_is(validation_level)] netr_Validation validation, + [out] uint8 authoritative + ); + + + /*****************/ + /* Function 0x03 */ + + NTSTATUS netr_LogonSamLogoff( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, + [in] uint16 logon_level, + [in] [switch_is(logon_level)] netr_LogonLevel logon + ); + + + + /*****************/ + /* Function 0x04 */ + + [public] NTSTATUS netr_ServerReqChallenge( + [in,unique,string,charset(UTF16)] uint16 *server_name, + [in,string,charset(UTF16)] uint16 computer_name[], + [in,out,ref] netr_Credential *credentials + ); + + + /*****************/ + /* Function 0x05 */ + + typedef enum netr_SchannelType netr_SchannelType; + + NTSTATUS netr_ServerAuthenticate( + [in,unique,string,charset(UTF16)] uint16 *server_name, + [in,string,charset(UTF16)] uint16 account_name[], + [in] netr_SchannelType secure_channel_type, + [in,string,charset(UTF16)] uint16 computer_name[], + [in,out,ref] netr_Credential *credentials + ); + + + /*****************/ + /* Function 0x06 */ + + NTSTATUS netr_ServerPasswordSet( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 account_name[], + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 computer_name[], + [in] netr_Authenticator credential, + [in] samr_Password new_password, + [out] netr_Authenticator return_authenticator + ); + + + /*****************/ + /* Function 0x07 */ + + typedef enum netr_SamDatabaseID netr_SamDatabaseID; + + typedef struct { + [string,charset(UTF16)] uint16 *account_name; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_DELETE_USER; + + typedef struct { + uint16 length; + [value(length)] uint16 size; + uint32 flags; + samr_Password pwd; + } netr_USER_KEY16; + + typedef struct { + uint16 nt_length; + [value(nt_length)] uint16 nt_size; + uint32 nt_flags; + uint16 lm_length; + [value(lm_length)] uint16 lm_size; + uint32 lm_flags; + uint8 nt_history[nt_length]; + uint8 lm_history[lm_length]; + } netr_PasswordHistory; + + typedef struct { + netr_USER_KEY16 lmpassword; + netr_USER_KEY16 ntpassword; + netr_PasswordHistory history; + } netr_USER_KEYS2; + + typedef struct { /* TODO: make this a union! */ + netr_USER_KEYS2 keys2; + } netr_USER_KEY_UNION; + + typedef [public] struct { + uint32 version; + netr_USER_KEY_UNION keys; + } netr_USER_KEYS; + + typedef struct { + boolean8 SensitiveDataFlag; + uint32 DataLength; + + /* netr_USER_KEYS encrypted with the session key */ + [size_is(DataLength)][flag(NDR_PAHEX)] uint8 *SensitiveData; + } netr_USER_PRIVATE_INFO; + + typedef struct { + lsa_String account_name; + lsa_String full_name; + uint32 rid; + uint32 primary_gid; + lsa_String home_directory; + lsa_String home_drive; + lsa_String logon_script; + lsa_String description; + lsa_String workstations; + NTTIME last_logon; + NTTIME last_logoff; + samr_LogonHours logon_hours; + uint16 bad_password_count; + uint16 logon_count; + NTTIME last_password_change; + NTTIME acct_expiry; + samr_AcctFlags acct_flags; + samr_Password lmpassword; + samr_Password ntpassword; + boolean8 nt_password_present; + boolean8 lm_password_present; + boolean8 password_expired; + lsa_String comment; + lsa_String parameters; + uint16 country_code; + uint16 code_page; + netr_USER_PRIVATE_INFO user_private_info; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String profile_path; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_USER; + + typedef struct { + lsa_String domain_name; + lsa_String oem_information; /* comment */ + dlong force_logoff_time; + uint16 min_password_length; + uint16 password_history_length; + /* yes, these are signed. They are in negative 100ns */ + dlong max_password_age; + dlong min_password_age; + udlong sequence_num; + NTTIME domain_create_time; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + netr_AcctLockStr account_lockout; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 logon_to_chgpass; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_DOMAIN; + + typedef struct { + lsa_String group_name; + uint32 rid; + uint32 attributes; + lsa_String description; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_GROUP; + + typedef struct { + lsa_String OldName; + lsa_String NewName; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_RENAME; + + typedef struct { + [size_is(num_rids)] uint32 *rids; + [size_is(num_rids)] uint32 *attribs; + uint32 num_rids; + uint32 unknown1; + uint32 unknown2; + uint32 unknown3; + uint32 unknown4; + } netr_DELTA_GROUP_MEMBER; + + typedef struct { + lsa_String alias_name; + uint32 rid; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String description; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_ALIAS; + + typedef struct { + lsa_SidArray sids; + uint32 unknown1; + uint32 unknown2; + uint32 unknown3; + uint32 unknown4; + } netr_DELTA_ALIAS_MEMBER; + + typedef struct { + uint32 pagedpoollimit; + uint32 nonpagedpoollimit; + uint32 minimumworkingsetsize; + uint32 maximumworkingsetsize; + uint32 pagefilelimit; + NTTIME timelimit; + } netr_QUOTA_LIMITS; + + typedef struct { + uint32 maxlogsize; + NTTIME auditretentionperiod; + boolean8 auditingmode; + uint32 maxauditeventcount; + [size_is(maxauditeventcount+1)] uint32 *eventauditoptions; + lsa_String primary_domain_name; + dom_sid2 *sid; + netr_QUOTA_LIMITS quota_limits; + udlong sequence_num; + NTTIME db_create_time; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_POLICY; + + typedef struct { + lsa_String domain_name; + uint32 num_controllers; + [size_is(num_controllers)] lsa_String *controller_names; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 posix_offset; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_TRUSTED_DOMAIN; + + typedef struct { + uint16 unknown; + } netr_DELTA_DELETE_TRUST; + + typedef struct { + uint32 privilege_entries; + uint32 privilege_control; + [size_is(privilege_entries)] uint32 *privilege_attrib; + [size_is(privilege_entries)] lsa_String *privilege_name; + netr_QUOTA_LIMITS quotalimits; + uint32 system_flags; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_ACCOUNT; + + typedef struct { + uint16 unknown; + } netr_DELTA_DELETE_ACCOUNT; + + typedef struct { + uint16 unknown; + } netr_DELTA_DELETE_SECRET; + + typedef struct { + uint32 len; + uint32 maxlen; + [size_is(maxlen)][length_is(len)] uint8 *cipher_data; + } netr_CIPHER_VALUE; + + typedef struct { + netr_CIPHER_VALUE current_cipher; + NTTIME current_cipher_set_time; + netr_CIPHER_VALUE old_cipher; + NTTIME old_cipher_set_time; + uint32 SecurityInformation; + sec_desc_buf sdbuf; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + lsa_String unknown4; + uint32 unknown5; + uint32 unknown6; + uint32 unknown7; + uint32 unknown8; + } netr_DELTA_SECRET; + + typedef enum { + NETR_DELTA_DOMAIN = 1, + NETR_DELTA_GROUP = 2, + NETR_DELTA_DELETE_GROUP = 3, + NETR_DELTA_RENAME_GROUP = 4, + NETR_DELTA_USER = 5, + NETR_DELTA_DELETE_USER = 6, + NETR_DELTA_RENAME_USER = 7, + NETR_DELTA_GROUP_MEMBER = 8, + NETR_DELTA_ALIAS = 9, + NETR_DELTA_DELETE_ALIAS = 10, + NETR_DELTA_RENAME_ALIAS = 11, + NETR_DELTA_ALIAS_MEMBER = 12, + NETR_DELTA_POLICY = 13, + NETR_DELTA_TRUSTED_DOMAIN = 14, + NETR_DELTA_DELETE_TRUST = 15, + NETR_DELTA_ACCOUNT = 16, + NETR_DELTA_DELETE_ACCOUNT = 17, + NETR_DELTA_SECRET = 18, + NETR_DELTA_DELETE_SECRET = 19, + NETR_DELTA_DELETE_GROUP2 = 20, + NETR_DELTA_DELETE_USER2 = 21, + NETR_DELTA_MODIFY_COUNT = 22 + } netr_DeltaEnum; + + typedef [switch_type(netr_DeltaEnum)] union { + [case(NETR_DELTA_DOMAIN)] netr_DELTA_DOMAIN *domain; + [case(NETR_DELTA_GROUP)] netr_DELTA_GROUP *group; + [case(NETR_DELTA_DELETE_GROUP)] ; /* rid only */ + [case(NETR_DELTA_RENAME_GROUP)] netr_DELTA_RENAME *rename_group; + [case(NETR_DELTA_USER)] netr_DELTA_USER *user; + [case(NETR_DELTA_DELETE_USER)] ; /* rid only */ + [case(NETR_DELTA_RENAME_USER)] netr_DELTA_RENAME *rename_user; + [case(NETR_DELTA_GROUP_MEMBER)] netr_DELTA_GROUP_MEMBER *group_member; + [case(NETR_DELTA_ALIAS)] netr_DELTA_ALIAS *alias; + [case(NETR_DELTA_DELETE_ALIAS)] ; /* rid only */ + [case(NETR_DELTA_RENAME_ALIAS)] netr_DELTA_RENAME *rename_alias; + [case(NETR_DELTA_ALIAS_MEMBER)] netr_DELTA_ALIAS_MEMBER *alias_member; + [case(NETR_DELTA_POLICY)] netr_DELTA_POLICY *policy; + [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain; + [case(NETR_DELTA_DELETE_TRUST)] netr_DELTA_DELETE_TRUST delete_trust; + [case(NETR_DELTA_ACCOUNT)] netr_DELTA_ACCOUNT *account; + [case(NETR_DELTA_DELETE_ACCOUNT)] netr_DELTA_DELETE_ACCOUNT delete_account; + [case(NETR_DELTA_SECRET)] netr_DELTA_SECRET *secret; + [case(NETR_DELTA_DELETE_SECRET)] netr_DELTA_DELETE_SECRET delete_secret; + [case(NETR_DELTA_DELETE_GROUP2)] netr_DELTA_DELETE_USER *delete_group; + [case(NETR_DELTA_DELETE_USER2)] netr_DELTA_DELETE_USER *delete_user; + [case(NETR_DELTA_MODIFY_COUNT)] udlong *modified_count; + } netr_DELTA_UNION; + + typedef [switch_type(netr_DeltaEnum)] union { + [case(NETR_DELTA_DOMAIN)] uint32 rid; + [case(NETR_DELTA_GROUP)] uint32 rid; + [case(NETR_DELTA_DELETE_GROUP)] uint32 rid; + [case(NETR_DELTA_RENAME_GROUP)] uint32 rid; + [case(NETR_DELTA_USER)] uint32 rid; + [case(NETR_DELTA_DELETE_USER)] uint32 rid; + [case(NETR_DELTA_RENAME_USER)] uint32 rid; + [case(NETR_DELTA_GROUP_MEMBER)] uint32 rid; + [case(NETR_DELTA_ALIAS)] uint32 rid; + [case(NETR_DELTA_DELETE_ALIAS)] uint32 rid; + [case(NETR_DELTA_RENAME_ALIAS)] uint32 rid; + [case(NETR_DELTA_ALIAS_MEMBER)] uint32 rid; + [case(NETR_DELTA_POLICY)] dom_sid2 *sid; + [case(NETR_DELTA_TRUSTED_DOMAIN)] dom_sid2 *sid; + [case(NETR_DELTA_DELETE_TRUST)] dom_sid2 *sid; + [case(NETR_DELTA_ACCOUNT)] dom_sid2 *sid; + [case(NETR_DELTA_DELETE_ACCOUNT)] dom_sid2 *sid; + [case(NETR_DELTA_SECRET)] [string,charset(UTF16)] uint16 *name; + [case(NETR_DELTA_DELETE_SECRET)] [string,charset(UTF16)] uint16 *name; + [case(NETR_DELTA_DELETE_GROUP2)] uint32 rid; + [case(NETR_DELTA_DELETE_USER2)] uint32 rid; + [case(NETR_DELTA_MODIFY_COUNT)] ; + } netr_DELTA_ID_UNION; + + typedef struct { + netr_DeltaEnum delta_type; + [switch_is(delta_type)] netr_DELTA_ID_UNION delta_id_union; + [switch_is(delta_type)] netr_DELTA_UNION delta_union; + } netr_DELTA_ENUM; + + typedef struct { + uint32 num_deltas; + [size_is(num_deltas)] netr_DELTA_ENUM *delta_enum; + } netr_DELTA_ENUM_ARRAY; + + + NTSTATUS netr_DatabaseDeltas( + [in] [string,charset(UTF16)] uint16 logon_server[], + [in] [string,charset(UTF16)] uint16 computername[], + [in] netr_Authenticator credential, + [in,out] netr_Authenticator return_authenticator, + [in] netr_SamDatabaseID database_id, + [in,out] udlong sequence_num, + [in] uint32 preferredmaximumlength, + [out,unique] netr_DELTA_ENUM_ARRAY *delta_enum_array + ); + + + /*****************/ + /* Function 0x08 */ + + NTSTATUS netr_DatabaseSync( + [in] [string,charset(UTF16)] uint16 logon_server[], + [in] [string,charset(UTF16)] uint16 computername[], + [in] netr_Authenticator credential, + [in,out] netr_Authenticator return_authenticator, + [in] netr_SamDatabaseID database_id, + [in,out] uint32 sync_context, + [in] uint32 preferredmaximumlength, + [out,unique] netr_DELTA_ENUM_ARRAY *delta_enum_array + ); + + + /*****************/ + /* Function 0x09 */ + + /* w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this call */ + + typedef [flag(NDR_PAHEX)] struct { + uint8 computer_name[16]; + uint32 timecreated; + uint32 serial_number; + } netr_UAS_INFO_0; + + typedef struct { + [flag(NDR_REMAINING)] DATA_BLOB blob; + } netr_AccountBuffer; + + NTSTATUS netr_AccountDeltas( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] [string,charset(UTF16)] uint16 computername[], + [in] netr_Authenticator credential, + [in,out] netr_Authenticator return_authenticator, + [in] netr_UAS_INFO_0 uas, + [in] uint32 count, + [in] uint32 level, + [in] uint32 buffersize, + [out,subcontext(4)] netr_AccountBuffer buffer, + [out] uint32 count_returned, + [out] uint32 total_entries, + [out] netr_UAS_INFO_0 recordid + ); + + + /*****************/ + /* Function 0x0A */ + + NTSTATUS netr_AccountSync( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] [string,charset(UTF16)] uint16 computername[], + [in] netr_Authenticator credential, + [in,out] netr_Authenticator return_authenticator, + [in] uint32 reference, + [in] uint32 level, + [in] uint32 buffersize, + [out,subcontext(4)] netr_AccountBuffer buffer, + [out] uint32 count_returned, + [out] uint32 total_entries, + [out] uint32 next_reference, + [in,out] netr_UAS_INFO_0 recordid + ); + + + /*****************/ + /* Function 0x0B */ + + WERROR netr_GetDcName( + [in] [string,charset(UTF16)] uint16 logon_server[], + [in,unique] [string,charset(UTF16)] uint16 *domainname, + [out,unique] [string,charset(UTF16)] uint16 *dcname + ); + + /*****************/ + /* Function 0x0C */ + + typedef struct { + uint32 flags; + uint32 pdc_connection_status; + } netr_NETLOGON_INFO_1; + + typedef struct { + uint32 flags; + uint32 pdc_connection_status; + [string,charset(UTF16)] uint16 trusted_dc_name[]; + uint32 tc_connection_status; + } netr_NETLOGON_INFO_2; + + typedef struct { + uint32 flags; + uint32 logon_attempts; + uint32 unknown1; + uint32 unknown2; + uint32 unknown3; + uint32 unknown4; + uint32 unknown5; + } netr_NETLOGON_INFO_3; + + typedef union { + [case(1)] netr_NETLOGON_INFO_1 *info1; + [case(2)] netr_NETLOGON_INFO_2 *info2; + [case(3)] netr_NETLOGON_INFO_3 *info3; + } netr_CONTROL_QUERY_INFORMATION; + + /* function_code values */ + typedef [v1_enum] enum { + NETLOGON_CONTROL_REDISCOVER = 5, + NETLOGON_CONTROL_TC_QUERY = 6, + NETLOGON_CONTROL_TRANSPORT_NOTIFY = 7, + NETLOGON_CONTROL_SET_DBFLAG = 65534 + } netr_LogonControlCode; + + WERROR netr_LogonControl( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] netr_LogonControlCode function_code, + [in] uint32 level, + [out,switch_is(level)] netr_CONTROL_QUERY_INFORMATION info + ); + + + /*****************/ + /* Function 0x0D */ + + WERROR netr_GetAnyDCName( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in,unique] [string,charset(UTF16)] uint16 *domainname, + [out,unique] [string,charset(UTF16)] uint16 *dcname + ); + + + /*****************/ + /* Function 0x0E */ + + typedef union { + [case(NETLOGON_CONTROL_REDISCOVER)] [string,charset(UTF16)] uint16 *domain; + [case(NETLOGON_CONTROL_TC_QUERY)] [string,charset(UTF16)] uint16 *domain; + [case(NETLOGON_CONTROL_TRANSPORT_NOTIFY)] [string,charset(UTF16)] uint16 *domain; + [case(NETLOGON_CONTROL_SET_DBFLAG)] uint32 debug_level; + } netr_CONTROL_DATA_INFORMATION; + + WERROR netr_LogonControl2( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] uint32 function_code, + [in] uint32 level, + [in][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION data, + [out][switch_is(level)] netr_CONTROL_QUERY_INFORMATION query + ); + + + /* If this flag is not set, then the passwords and LM session keys are + * encrypted with DES calls. (And the user session key is + * unencrypted) */ + const int NETLOGON_NEG_ARCFOUR = 0x00000004; + const int NETLOGON_NEG_128BIT = 0x00004000; + const int NETLOGON_NEG_SCHANNEL = 0x40000000; + + /*****************/ + /* Function 0x0F */ + + NTSTATUS netr_ServerAuthenticate2( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 account_name[], + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 computer_name[], + [in,out,ref] netr_Credential *credentials, + [in,out,ref] uint32 *negotiate_flags + ); + + + /*****************/ + /* Function 0x10 */ + + NTSTATUS netr_DatabaseSync2( + [in] [string,charset(UTF16)] uint16 logon_server[], + [in] [string,charset(UTF16)] uint16 computername[], + [in] netr_Authenticator credential, + [in,out] netr_Authenticator return_authenticator, + [in] netr_SamDatabaseID database_id, + [in] uint16 restart_state, + [in,out] uint32 sync_context, + [in] uint32 preferredmaximumlength, + [out,unique] netr_DELTA_ENUM_ARRAY *delta_enum_array + ); + + + /*****************/ + /* Function 0x11 */ + + /* i'm not at all sure how this call works */ + + NTSTATUS netr_DatabaseRedo( + [in] [string,charset(UTF16)] uint16 logon_server[], + [in] [string,charset(UTF16)] uint16 computername[], + [in] netr_Authenticator credential, + [in,out] netr_Authenticator return_authenticator, + [in,unique][size_is(change_log_entry_size)] uint8 *change_log_entry, + [in] uint32 change_log_entry_size, + [out,unique] netr_DELTA_ENUM_ARRAY *delta_enum_array + ); + + + /*****************/ + /* Function 0x12 */ + + WERROR netr_LogonControl2Ex( + [in,unique] [string,charset(UTF16)] uint16 *logon_server, + [in] uint32 function_code, + [in] uint32 level, + [in][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION data, + [out][switch_is(level)] netr_CONTROL_QUERY_INFORMATION query + ); + + /*****************/ + /* Function 0x13 */ + typedef struct { + uint32 length; + [size_is(length)] uint8 *data; + } netr_Blob; + + WERROR netr_NetrEnumerateTrustedDomains( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [out,ref] netr_Blob *trusted_domains_blob + ); + + /*****************/ + /* Function 0x14 */ + + /* two unkown bits still: DS_IP_VERSION_AGNOSTIC and + * DS_TRY_NEXTCLOSEST_SITE - Guenther */ + + typedef [bitmap32bit] bitmap { + DS_FORCE_REDISCOVERY = 0x00000001, + DS_DIRECTORY_SERVICE_REQUIRED = 0x00000010, + DS_DIRECTORY_SERVICE_PREFERRED = 0x00000020, + DS_GC_SERVER_REQUIRED = 0x00000040, + DS_PDC_REQUIRED = 0x00000080, + DS_BACKGROUND_ONLY = 0x00000100, + DS_IP_REQUIRED = 0x00000200, + DS_KDC_REQUIRED = 0x00000400, + DS_TIMESERV_REQUIRED = 0x00000800, + DS_WRITABLE_REQUIRED = 0x00001000, + DS_GOOD_TIMESERV_PREFERRED = 0x00002000, + DS_AVOID_SELF = 0x00004000, + DS_ONLY_LDAP_NEEDED = 0x00008000, + DS_IS_FLAT_NAME = 0x00010000, + DS_IS_DNS_NAME = 0x00020000, + DS_RETURN_DNS_NAME = 0x40000000, + DS_RETURN_FLAT_NAME = 0x80000000 + } netr_DsRGetDCName_flags; + + typedef [v1_enum] enum { + DS_ADDRESS_TYPE_INET = 1, + DS_ADDRESS_TYPE_NETBIOS = 2 + } netr_DsRGetDCNameInfo_AddressType; + + typedef [bitmap32bit] bitmap { + DS_SERVER_PDC = NBT_SERVER_PDC, + DS_SERVER_GC = NBT_SERVER_GC, + DS_SERVER_LDAP = NBT_SERVER_LDAP, + DS_SERVER_DS = NBT_SERVER_DS, + DS_SERVER_KDC = NBT_SERVER_KDC, + DS_SERVER_TIMESERV = NBT_SERVER_TIMESERV, + DS_SERVER_CLOSEST = NBT_SERVER_CLOSEST, + DS_SERVER_WRITABLE = NBT_SERVER_WRITABLE, + DS_SERVER_GOOD_TIMESERV = NBT_SERVER_GOOD_TIMESERV, + DS_SERVER_NDNC = 0x00000400, + DS_DNS_CONTROLLER = 0x20000000, + DS_DNS_DOMAIN = 0x40000000, + DS_DNS_FOREST = 0x80000000 + } netr_DsR_DcFlags; + + typedef struct { + [string,charset(UTF16)] uint16 *dc_unc; + [string,charset(UTF16)] uint16 *dc_address; + netr_DsRGetDCNameInfo_AddressType dc_address_type; + GUID domain_guid; + [string,charset(UTF16)] uint16 *domain_name; + [string,charset(UTF16)] uint16 *forest_name; + netr_DsR_DcFlags dc_flags; + [string,charset(UTF16)] uint16 *dc_site_name; + [string,charset(UTF16)] uint16 *client_site_name; + } netr_DsRGetDCNameInfo; + + WERROR netr_DsRGetDCName( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] GUID *domain_guid, + [in,unique] GUID *site_guid, + [in] netr_DsRGetDCName_flags flags, + [out,unique] netr_DsRGetDCNameInfo *info + ); + + /*****************/ + /* Function 0x15 */ + [todo] WERROR netr_NETRLOGONDUMMYROUTINE1(); + + /****************/ + /* Function 0x16 */ + [todo] WERROR netr_NETRLOGONSETSERVICEBITS(); + + /****************/ + /* Function 0x17 */ + WERROR netr_LogonGetTrustRid( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [out,ref] uint32 *rid + ); + + /****************/ + /* Function 0x18 */ + [todo] WERROR netr_NETRLOGONCOMPUTESERVERDIGEST(); + + /****************/ + /* Function 0x19 */ + [todo] WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST(); + + /****************/ + /* Function 0x1a */ + [public] NTSTATUS netr_ServerAuthenticate3( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 account_name[], + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 computer_name[], + [in,out,ref] netr_Credential *credentials, + [in,out,ref] uint32 *negotiate_flags, + [out,ref] uint32 *rid + ); + + /****************/ + /* Function 0x1b */ + + WERROR netr_DsRGetDCNameEx( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] GUID *domain_guid, + [in,unique] [string,charset(UTF16)] uint16 *site_name, + [in] netr_DsRGetDCName_flags flags, + [out,unique] netr_DsRGetDCNameInfo *info + ); + + /****************/ + /* Function 0x1c */ + WERROR netr_DsRGetSiteName( + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [out,unique] [string,charset(UTF16)] uint16 *site + ); + + /****************/ + /* Function 0x1d */ + + typedef [flag(NDR_PAHEX)] struct { + uint16 length; + uint16 size; + [size_is(size/2),length_is(length/2)] uint16 *data; + } netr_BinaryString; + + typedef struct { + netr_Blob blob; + [string,charset(UTF16)] uint16 *workstation_domain; + [string,charset(UTF16)] uint16 *workstation_site; + [string,charset(UTF16)] uint16 *unknown1; + [string,charset(UTF16)] uint16 *unknown2; + [string,charset(UTF16)] uint16 *unknown3; + [string,charset(UTF16)] uint16 *unknown4; + netr_BinaryString blob2; + lsa_String product; + lsa_String unknown5; + lsa_String unknown6; + uint32 unknown7[4]; + } netr_DomainQuery1; + + typedef union { + [case(1)] netr_DomainQuery1 *query1; + [case(2)] netr_DomainQuery1 *query1; + } netr_DomainQuery; + + typedef struct { + lsa_String domainname; + lsa_String fulldomainname; + lsa_String forest; + GUID guid; + dom_sid2 *sid; + netr_BinaryString unknown1[4]; + uint32 unknown[4]; + } netr_DomainTrustInfo; + + typedef struct { + netr_DomainTrustInfo domaininfo; + uint32 num_trusts; + [size_is(num_trusts)] netr_DomainTrustInfo *trusts; + uint32 unknown[14]; /* room for expansion? */ + } netr_DomainInfo1; + + typedef union { + [case(1)] netr_DomainInfo1 *info1; + [case(2)] netr_DomainInfo1 *info1; + } netr_DomainInfo; + + NTSTATUS netr_LogonGetDomainInfo( + [in] [string,charset(UTF16)] uint16 server_name[], + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [in,out,ref] netr_Authenticator *return_authenticator, + [in] uint32 level, + [in,switch_is(level)] netr_DomainQuery query, + [out,switch_is(level)] netr_DomainInfo info + ); + + typedef [flag(NDR_PAHEX)] struct { + uint8 data[512]; + uint32 length; + } netr_CryptPassword; + + /*****************/ + /* Function 0x1e */ + NTSTATUS netr_ServerPasswordSet2( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 account_name[], + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 computer_name[], + [in] netr_Authenticator credential, + [in] netr_CryptPassword new_password, + [out] netr_Authenticator return_authenticator + ); + + /****************/ + /* Function 0x1f */ + WERROR netr_ServerPasswordGet( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 account_name[], + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 computer_name[], + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [out,ref] samr_Password *password + ); + + /****************/ + /* Function 0x20 */ + [todo] WERROR netr_NETRLOGONSENDTOSAM(); + + /****************/ + /* Function 0x21 */ + typedef struct { + uint32 count; + [size_is(count)] lsa_String *sitename; + } netr_DsRAddressToSitenamesWCtr; + + typedef struct { + [size_is(size)] uint8 *buffer; + uint32 size; + } netr_DsRAddress; + + WERROR netr_DsRAddressToSitenamesW( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [range(0,32000)] uint32 count, + [in] [size_is(count)] [ref] netr_DsRAddress *addresses, + [out] [ref] netr_DsRAddressToSitenamesWCtr **ctr + ); + + /****************/ + /* Function 0x22 */ + WERROR netr_DsRGetDCNameEx2( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *client_account, + [in] samr_AcctFlags mask, + [in,unique] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] GUID *domain_guid, + [in,unique] [string,charset(UTF16)] uint16 *site_name, + [in] netr_DsRGetDCName_flags flags, + [out,unique] netr_DsRGetDCNameInfo *info + ); + + /****************/ + /* Function 0x23 */ + [todo] WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(); + + /****************/ + /* Function 0x24 */ + typedef [bitmap32bit] bitmap { + NETR_TRUST_FLAG_IN_FOREST = 0x00000001, + NETR_TRUST_FLAG_OUTBOUND = 0x00000002, + NETR_TRUST_FLAG_TREEROOT = 0x00000004, + NETR_TRUST_FLAG_PRIMARY = 0x00000008, + NETR_TRUST_FLAG_NATIVE = 0x00000010, + NETR_TRUST_FLAG_INBOUND = 0x00000020 + } netr_TrustFlags; + + typedef [v1_enum] enum { + NETR_TRUST_TYPE_DOWNLEVEL = 1, + NETR_TRUST_TYPE_UPLEVEL = 2, + NETR_TRUST_TYPE_MIT = 3, + NETR_TRUST_TYPE_DCE = 4 + } netr_TrustType; + + typedef [bitmap32bit] bitmap { + NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001, + NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002, + NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004, + NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008, + NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010, + NETR_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020, + NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040 + } netr_TrustAttributes; + + typedef struct { + [string,charset(UTF16)] uint16 *netbios_name; + [string,charset(UTF16)] uint16 *dns_name; + netr_TrustFlags trust_flags; + uint32 parent_index; + netr_TrustType trust_type; + netr_TrustAttributes trust_attributes; + dom_sid2 *sid; + GUID guid; + } netr_DomainTrust; + + typedef struct { + uint32 count; + [size_is(count)] netr_DomainTrust *array; + } netr_DomainTrustList; + + WERROR netr_NetrEnumerateTrustedDomainsEx( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [out,ref] netr_DomainTrustList *dom_trust_list + ); + + /****************/ + /* Function 0x25 */ + typedef struct { + uint32 count; + [size_is(count)] lsa_String *sitename; + [size_is(count)] lsa_String *subnetname; + } netr_DsRAddressToSitenamesExWCtr; + + WERROR netr_DsRAddressToSitenamesExW( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [range(0,32000)] uint32 count, + [in] [size_is(count)] [ref] netr_DsRAddress *addresses, + [out] [ref] netr_DsRAddressToSitenamesExWCtr **ctr + ); + + /****************/ + /* Function 0x26 */ + + typedef struct { + uint32 num_sites; + [size_is(num_sites)] [unique] lsa_String *sites; + } DcSitesCtr; + + WERROR netr_DsrGetDcSiteCoverageW( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [out,unique] DcSitesCtr *ctr + ); + + /****************/ + /* Function 0x27 */ + NTSTATUS netr_LogonSamLogonEx( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in] uint16 logon_level, + [in] [switch_is(logon_level)] netr_LogonLevel logon, + [in] uint16 validation_level, + [out] [switch_is(validation_level)] netr_Validation validation, + [out] uint8 authoritative, + [in,out] uint32 flags + ); + + /****************/ + /* Function 0x28 */ + + WERROR netr_DsrEnumerateDomainTrusts( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] netr_TrustFlags trust_flags, + [out] uint32 count, + [out,unique,size_is(count)] netr_DomainTrust *trusts + ); + + + /****************/ + /* Function 0x29 */ + WERROR netr_DsrDeregisterDNSHostRecords( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *domain, + [in,unique] GUID *domain_guid, + [in,unique] GUID *dsa_guid, + [in,ref] [string,charset(UTF16)] uint16 *dns_host + ); + + /****************/ + /* Function 0x2a */ + NTSTATUS netr_ServerTrustPasswordsGet( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 account_name[], + [in] netr_SchannelType secure_channel_type, + [in] [string,charset(UTF16)] uint16 computer_name[], + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [out,ref] samr_Password *password, + [out,ref] samr_Password *password2 + ); + + /****************/ + /* Function 0x2b */ + + const int DS_GFTI_UPDATE_TDO = 0x1; + + WERROR netr_DsRGetForestTrustInformation( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *trusted_domain_name, + [in] uint32 flags, + [out,ref] lsa_ForestTrustInformation **forest_trust_info + ); + + /****************/ + /* Function 0x2c */ + WERROR netr_GetForestTrustInformation( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *trusted_domain_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [in] uint32 flags, + [out,ref] lsa_ForestTrustInformation **forest_trust_info + ); + + /****************/ + /* Function 0x2d */ + + /* this is the ADS varient. I don't yet know what the "flags" are for */ + NTSTATUS netr_LogonSamLogonWithFlags( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *computer_name, + [in,unique] netr_Authenticator *credential, + [in,out,unique] netr_Authenticator *return_authenticator, + [in] uint16 logon_level, + [in] [switch_is(logon_level)] netr_LogonLevel logon, + [in] uint16 validation_level, + [out] [switch_is(validation_level)] netr_Validation validation, + [out] uint8 authoritative, + [in,out] uint32 flags + ); + + /****************/ + /* Function 0x2e */ + [todo] WERROR netr_NETRSERVERGETTRUSTINFO(); +} diff --git a/source4/librpc/idl/nfs4acl.idl b/source4/librpc/idl/nfs4acl.idl new file mode 100644 index 0000000000..3d4379ad5e --- /dev/null +++ b/source4/librpc/idl/nfs4acl.idl @@ -0,0 +1,42 @@ +#include "idl_types.h" + +/* + NFS4 ACL format on disk + see http://www.suse.de/~agruen/nfs4acl/ +*/ + +import "misc.idl", "security.idl"; + +[ uuid("18763978-8625-abc3-54ca-9892bacdf321"), + version(1.0), + pointer_default(unique) +] +interface nfs4acl +{ + const char *NFS4ACL_XATTR_NAME = "system.nfs4acl"; + + /* these structures use the same bit values and other constants as + in security.idl */ + typedef [flag(NDR_BIG_ENDIAN)] struct { + uint16 e_type; + uint16 e_flags; + uint32 e_mask; + uint32 e_id; + utf8string e_who; + [flag(NDR_ALIGN4)] DATA_BLOB _pad; + } nfs4ace; + + typedef [public,flag(NDR_BIG_ENDIAN)] struct { + uint8 a_version; + uint8 a_flags; + uint16 a_count; + uint32 a_owner_mask; + uint32 a_group_mask; + uint32 a_other_mask; + nfs4ace ace[a_count]; + } nfs4acl; + + NTSTATUS nfs4acl_test( + [in] nfs4acl acl + ); +} diff --git a/source4/librpc/idl/notify.idl b/source4/librpc/idl/notify.idl new file mode 100644 index 0000000000..6f9ad25f09 --- /dev/null +++ b/source4/librpc/idl/notify.idl @@ -0,0 +1,58 @@ +#include "idl_types.h" + +/* + IDL structures for notify change code + + this defines the structures used in the notify database code, and + the change notify buffers +*/ + +import "misc.idl"; + +[ + pointer_default(unique) +] +interface notify +{ + + /* structure used in the notify database */ + typedef [public] struct { + server_id server; + uint32 filter; /* filter to apply in this directory */ + uint32 subdir_filter; /* filter to apply in child directories */ + utf8string path; + uint32 path_len; /* saves some computation on search */ + pointer private_data; + } notify_entry; + + /* + to allow for efficient search for matching entries, we + divide them by the directory depth, with a separate array + per depth. The entries within each depth are sorted by path, + allowing for a bisection search. + + The max_mask and max_mask_subdir at each depth is the + bitwise or of the filters and subdir filters for all entries + at that depth. This allows a depth to be quickly skipped if + no entries will match the target filter + */ + typedef struct { + uint32 max_mask; + uint32 max_mask_subdir; + uint32 num_entries; + notify_entry entries[num_entries]; + } notify_depth; + + typedef [public] struct { + uint32 num_depths; + notify_depth depth[num_depths]; + } notify_array; + + /* structure sent between servers in notify messages */ + typedef [public] struct { + uint32 action; + utf8string path; + pointer private_data; + } notify_event; + +} diff --git a/source4/librpc/idl/ntp_signd.idl b/source4/librpc/idl/ntp_signd.idl new file mode 100644 index 0000000000..2b2fbc7662 --- /dev/null +++ b/source4/librpc/idl/ntp_signd.idl @@ -0,0 +1,44 @@ +/* + NTP signing IRPC interface +*/ + +#include "idl_types.h" + +[ + uuid("0da00951-5b6c-4488-9a89-750cac70920c"), + version(1.0), + pointer_default(unique) +] +interface ntp_signd +{ + + typedef [v1_enum] enum { + SIGN_TO_CLIENT = 0, + ASK_SERVER_TO_SIGN = 1, + CHECK_SERVER_SIGNATURE = 2, + SIGNING_SUCCESS = 3, + SIGNING_FAILURE = 4 + } ntp_signd_op; + + typedef [flag(NDR_BIG_ENDIAN),public] struct { + uint32 version; + ntp_signd_op op; + uint16 packet_id; + [flag(NDR_LITTLE_ENDIAN)] uint32 key_id; + [flag(NDR_REMAINING)] DATA_BLOB packet_to_sign; + + } sign_request; + + typedef [flag(NDR_BIG_ENDIAN),public] struct samba_key_out { + uint32 version; + ntp_signd_op op; + uint32 packet_id; + [flag(NDR_REMAINING)] DATA_BLOB signed_packet; + } signed_reply; + + void decode_sign_requst( + [in] sign_request request + ); + + +} diff --git a/source4/librpc/idl/ntsvcs.idl b/source4/librpc/idl/ntsvcs.idl new file mode 100644 index 0000000000..1cdf8eecaa --- /dev/null +++ b/source4/librpc/idl/ntsvcs.idl @@ -0,0 +1,77 @@ +/* + plug and play services +*/ + +[ + uuid("8d9f4e40-a03d-11ce-8f69-08003e30051b"), + version(1.0), + helpstring("Plug and Play services") +] +interface ntsvcs +{ + [todo] void PNP_Disconnect(); + [todo] void PNP_Connect(); + [todo] void PNP_GetVersion(); + [todo] void PNP_GetGlobalState(); + [todo] void PNP_InitDetection(); + [todo] void PNP_ReportLogOn(); + [todo] void PNP_ValidateDeviceInstance(); + [todo] void PNP_GetRootDeviceInstance(); + [todo] void PNP_GetRelatedDeviceInstance(); + [todo] void PNP_EnumerateSubKeys(); + [todo] void PNP_GetDeviceList(); + [todo] void PNP_GetDeviceListSize(); + [todo] void PNP_GetDepth(); + [todo] void PNP_GetDeviceRegProp(); + [todo] void PNP_SetDeviceRegProp(); + [todo] void PNP_GetClassInstance(); + [todo] void PNP_CreateKey(); + [todo] void PNP_DeleteRegistryKey(); + [todo] void PNP_GetClassCount(); + [todo] void PNP_GetClassName(); + [todo] void PNP_DeleteClassKey(); + [todo] void PNP_GetInterfaceDeviceAlias(); + [todo] void PNP_GetInterfaceDeviceList(); + [todo] void PNP_GetInterfaceDeviceListSize(); + [todo] void PNP_RegisterDeviceClassAssociation(); + [todo] void PNP_UnregisterDeviceClassAssociation(); + [todo] void PNP_GetClassRegProp(); + [todo] void PNP_SetClassRegProp(); + [todo] void PNP_CreateDevInst(); + [todo] void PNP_DeviceInstanceAction(); + [todo] void PNP_GetDeviceStatus(); + [todo] void PNP_SetDeviceProblem(); + [todo] void PNP_DisableDevInst(); + [todo] void PNP_UninstallDevInst(); + [todo] void PNP_AddID(); + [todo] void PNP_RegisterDriver(); + [todo] void PNP_QueryRemove(); + [todo] void PNP_RequestDeviceEject(); + [todo] void PNP_IsDockStationPresent(); + [todo] void PNP_RequestEjectPC(); + [todo] void PNP_HwProfFlags(); + [todo] void PNP_GetHwProfInfo(); + [todo] void PNP_AddEmptyLogConf(); + [todo] void PNP_FreeLogConf(); + [todo] void PNP_GetFirstLogConf(); + [todo] void PNP_GetNextLogConf(); + [todo] void PNP_GetLogConfPriority(); + [todo] void PNP_AddResDes(); + [todo] void PNP_FreeResDes(); + [todo] void PNP_GetNextResDes(); + [todo] void PNP_GetResDesData(); + [todo] void PNP_GetResDesDataSize(); + [todo] void PNP_ModifyResDes(); + [todo] void PNP_DetectResourceLimit(); + [todo] void PNP_QueryResConfList(); + [todo] void PNP_SetHwProf(); + [todo] void PNP_QueryArbitratorFreeData(); + [todo] void PNP_QueryArbitratorFreeSize(); + [todo] void PNP_RunDetection(); + [todo] void PNP_RegisterNotification(); + [todo] void PNP_UnregisterNotification(); + [todo] void PNP_GetCustomDevProp(); + [todo] void PNP_GetVersionInternal(); + [todo] void PNP_GetBlockedDriverInfo(); + [todo] void PNP_GetServerSideDeviceInstallFlags(); +} diff --git a/source4/librpc/idl/opendb.idl b/source4/librpc/idl/opendb.idl new file mode 100644 index 0000000000..cdbaa6cb1b --- /dev/null +++ b/source4/librpc/idl/opendb.idl @@ -0,0 +1,46 @@ +#include "idl_types.h" + +/* + IDL structures for opendb code + + this defines the structures used in the opendb database code, in + ntvfs/common/opendb.c +*/ + +import "misc.idl"; + +[ + pointer_default(unique) +] +interface opendb +{ + typedef struct { + server_id server; + uint32 stream_id; + uint32 share_access; + uint32 access_mask; + pointer file_handle; + pointer fd; + /* we need a per-entry delete on close, as well as a per-file + one, to cope with strange semantics on open */ + boolean8 delete_on_close; + boolean8 allow_level_II_oplock; + uint32 oplock_level; + } opendb_entry; + + typedef struct { + server_id server; + pointer notify_ptr; + } opendb_pending; + + typedef [public] struct { + boolean8 delete_on_close; + NTTIME open_write_time; + NTTIME changed_write_time; + utf8string path; + uint32 num_entries; + opendb_entry entries[num_entries]; + uint32 num_pending; + opendb_pending pending[num_pending]; + } opendb_file; +} diff --git a/source4/librpc/idl/orpc.idl b/source4/librpc/idl/orpc.idl new file mode 100644 index 0000000000..d023865035 --- /dev/null +++ b/source4/librpc/idl/orpc.idl @@ -0,0 +1,230 @@ +#include "idl_types.h" + +/** + DCOM interfaces + http://www.ietf.org/internet-drafts/draft-brown-dcom-v1-spec-04.txt + */ + +import "misc.idl"; + +[ + pointer_default(unique) +] +interface ObjectRpcBaseTypes +{ + /* COM_MINOR_VERSION = 1 (NT4.0, SP1, SP2, DCOM95). */ + /* - Initial Release */ + /* - Must be used when talking to downlevel machines, including */ + /* on Remote Activation calls. */ + /* COM_MINOR_VERSION = 2 (NT4.0 SP3 and beyond). */ + /* - Added ResolveOxid2 to IObjectExporter to retrieve the */ + /* COM version number of the server. Passed to the NDR engine */ + /* to fix fatal endian-ness flaw in the way OLEAUTOMATION marshals */ + /* BSTRS. Previous way used trailing padding, which is not NDR */ + /* compatible. See Bug# 69189. */ + /* COM_MINOR_VERSION = 3 (NT4.0 SP4 and DCOM95 builds 1018 and beyond) */ + /* - OLEAUT32 added two new types to the SAFEARRAY, but SAFEARRAY */ + /* previously included the "default" keyword, which prevented */ + /* downlevel NDR engines from correctly handling any extensions. */ + /* Machines with version >=5.3 don't use "default" and will */ + /* gracefully handle future extensions to SAFEARRAY. */ + /* old constants (for convenience) */ + + /* current version */ + const uint16 COM_MAJOR_VERSION = 5; + const uint16 COM_MINOR_VERSION = 1; + + /* Body Extensions */ + const string dcom_ext_debugging = "f1f19680-4d2a-11ce-a66a-0020af6e72f4"; + const string dcom_ext_extended_error = "f1f19681-4d2a-11ce-a66a-0020af6e72f4"; + + /* Component Object Model version number */ + + + typedef [public] struct + { + uint16 MajorVersion; /* Major version number */ + uint16 MinorVersion; /* Minor version number */ + } COMVERSION; + + /* enumeration of additional information present in the call packet. */ + typedef bitmap { + ORPCF_NULL = 0x00, /* no additional info in packet */ + ORPCF_LOCAL = 0x01, /* call is local to this machine */ + ORPCF_RESERVED1 = 0x02, /* reserved for local use */ + ORPCF_RESERVED2 = 0x04, /* reserved for local use */ + ORPCF_RESERVED3 = 0x08, /* reserved for local use */ + ORPCF_RESERVED4 = 0x10 /* reserved for local use */ + } ORPC_FLAGS; + + /* Extension to implicit parameters. */ + typedef [public] struct + { + GUID id; /* Extension identifier. */ + uint32 size; /* Extension size. */ + [size_is(((size+7)&~7))] uint8 data[]; /* Extension data. */ + } ORPC_EXTENT; + + + /* Array of extensions. */ + typedef struct + { + uint32 size; /* Num extents. */ + uint32 reserved; /* Must be zero. */ + [size_is(((size+1)&~1))] ORPC_EXTENT **extent; /* extents */ + } ORPC_EXTENT_ARRAY; + + + /* implicit 'this' pointer which is the first [in] parameter on */ + /* every ORPC call. */ + typedef [public] struct + { + COMVERSION version; /* COM version number */ + uint32 flags; /* ORPCF flags for presence of other data */ + uint32 reserved1; /* set to zero */ + GUID cid; /* causality id of caller */ + /* Extensions. */ + [unique] ORPC_EXTENT_ARRAY *extensions; + } ORPCTHIS; + + + /* implicit 'that' pointer which is the first [out] parameter on */ + /* every ORPC call. */ + typedef [public] struct + { + uint32 flags; /* ORPCF flags for presence of other data */ + /* Extensions. */ + [unique] ORPC_EXTENT_ARRAY *extensions; + } ORPCTHAT; + + + /* DUALSTRINGARRAYS are the return type for arrays of network addresses, */ + /* arrays of endpoints and arrays of both used in many ORPC interfaces */ + typedef [public,flag(NDR_NOALIGN)] struct + { + uint16 wTowerId; /* Cannot be zero. */ + nstring NetworkAddr; + } STRINGBINDING; + + typedef [public,nopush,nopull,noprint] struct + { + STRINGBINDING **stringbindings; + } STRINGARRAY; + + typedef [public,nopush,nopull,noprint] struct + { + STRINGBINDING **stringbindings; + SECURITYBINDING **securitybindings; + } DUALSTRINGARRAY; + + const uint16 COM_C_AUTHZ_NONE = 0xffff; + typedef [public,flag(NDR_NOALIGN)] struct + { + uint16 wAuthnSvc; /* Cannot be zero. */ + uint16 wAuthzSvc; + nstring PrincName; + } SECURITYBINDING; + + /* signature value for OBJREF (object reference, actually the */ + /* marshaled form of a COM interface). + * MEOW apparently stands for "Microsoft Extended Object Wireformat" + */ + const uint32 OBJREF_SIGNATURE = 0x574f454d; /* 'MEOW' */ + + /* flag values for OBJREF */ + typedef enum { + OBJREF_NULL = 0x0, /* NULL pointer */ + OBJREF_STANDARD = 0x1, /* standard marshaled objref */ + OBJREF_HANDLER = 0x2, /* handler marshaled objref */ + OBJREF_CUSTOM = 0x4 /* custom marshaled objref */ + } OBJREF_FLAGS; + + /* Flag values for a STDOBJREF (standard part of an OBJREF). */ + /* SORF_OXRES1 - SORF_OXRES8 are reserved for the object exporters */ + /* use only, object importers must ignore them and must not enforce MBZ. */ + typedef bitmap { + SORF_NULL = 0x0000, /* convenient for initializing SORF */ + SORF_OXRES1 = 0x0001, /* reserved for exporter */ + SORF_OXRES2 = 0x0020, /* reserved for exporter */ + SORF_OXRES3 = 0x0040, /* reserved for exporter */ + SORF_OXRES4 = 0x0080, /* reserved for exporter */ + SORF_OXRES5 = 0x0100, /* reserved for exporter */ + SORF_OXRES6 = 0x0200, /* reserved for exporter */ + SORF_OXRES7 = 0x0400, /* reserved for exporter */ + SORF_OXRES8 = 0x0800, /* reserved for exporter */ + SORF_NOPING = 0x1000 /* Pinging is not required */ + } STDOBJREF_FLAGS; + + /* standard object reference */ + typedef [public] struct + { + uint32 flags; /* STDOBJREF flags (see above) */ + uint32 cPublicRefs; /* count of references passed */ + hyper oxid; /* oxid of server with this oid */ + hyper oid; /* oid of object with this ipid */ + GUID ipid; /* ipid of interface pointer to this object */ + } STDOBJREF; + + typedef struct + { + STDOBJREF std; /* standard objref */ + STRINGARRAY saResAddr; /* resolver address */ + } u_standard; + + typedef struct + { + STDOBJREF std; /* standard objref */ + GUID clsid; /* Clsid of handler code */ + STRINGARRAY saResAddr; /* resolver address */ + } u_handler; + + typedef struct + { + GUID clsid; /* Clsid of unmarshaling code */ + uint32 cbExtension; /* size of extension data */ + uint32 size; /* size of data that follows */ + uint8 pData[size]; /* extension + class specific data */ + } u_custom; + + typedef struct + { + } u_null; + + typedef [nodiscriminant] union + { + [case(OBJREF_NULL)] u_null u_null; + [case(OBJREF_STANDARD)] u_standard u_standard; + [case(OBJREF_HANDLER)] u_handler u_handler; + [case(OBJREF_CUSTOM)] u_custom u_custom; + } OBJREF_Types; + + /* OBJREF is the format of a marshaled interface pointer. */ + typedef [public,flag(NDR_LITTLE_ENDIAN)] struct + { + uint32 signature; + uint32 flags; /* OBJREF flags (see above) */ + GUID iid; /* interface identifier */ + [switch_is(flags), switch_type(uint32)] OBJREF_Types u_objref; + } OBJREF; + + /* wire representation of a marshalled interface pointer */ + typedef [public] struct + { + uint32 size; + [subcontext(4)] OBJREF obj; + } MInterfacePointer; + + typedef [v1_enum,public] enum + { + COM_OK = 0x00000000, + COM_OUTOFMEMORY = 0x80000002, + COM_INVALIDARG = 0x80000003, + COM_NOINTERFACE = 0x80000004, + COM_ACCESSDENIED = 0x80070005, + COM_INVALID_OXID = 0x80070776, + COM_INVALID_OID = 0x80070777, + COM_INVALID_SET = 0x80070778, + COM_UNEXPECTED = 0x8000FFFF, + COM_CLSNOTFOUND = 0x80040154 + } COMRESULT; +} diff --git a/source4/librpc/idl/oxidresolver.idl b/source4/librpc/idl/oxidresolver.idl new file mode 100644 index 0000000000..95c8a1c5f0 --- /dev/null +++ b/source4/librpc/idl/oxidresolver.idl @@ -0,0 +1,94 @@ +/** + DCOM interfaces + http://www.grimes.demon.co.uk/DCOM/DCOMSpec.htm + */ + +/* + The OXID Resolver can turn a OXID (Object Exporter ID) into a + RPC binding string that can be used to contact an object + + (used by DCOM) + */ + +import "misc.idl", "orpc.idl"; + +[ + uuid("99fcfec4-5260-101b-bbcb-00aa0021347a"), + helpstring("Object Exporter ID Resolver"), + endpoint("ncacn_np:[\\pipe\\epmapper]", "ncacn_ip_tcp:[135]", "ncalrpc:"), + pointer_default(unique) +] +interface IOXIDResolver +{ +#define OXID hyper +#define SETID hyper +#define IPID GUID +#define OID GUID + + /* Method to get the protocol sequences, string bindings */ + /* and machine id for an object server given its OXID. */ + + [idempotent] WERROR ResolveOxid ( + [in] OXID pOxid, + [in] uint16 cRequestedProtseqs, + [in, size_is(cRequestedProtseqs)] uint16 arRequestedProtseqs[], + [out] DUALSTRINGARRAY **ppdsaOxidBindings, + [out,ref] IPID *pipidRemUnknown, + [out,ref] uint32 *pAuthnHint + ); + + /* Simple ping is used to ping a Set. Client machines use this */ + /* to inform the object exporter that it is still using the */ + /* members of the set. */ + /* Returns S_TRUE if the SetId is known by the object exporter, */ + /* S_FALSE if not. */ + [idempotent] WERROR SimplePing ( + [in] SETID *SetId /* Must not be zero */ + ); + + /* Complex ping is used to create sets of OIDs to ping. The */ + /* whole set can subsequently be pinged using SimplePing, */ + /* thus reducing network traffic. */ + [idempotent] WERROR ComplexPing ( + [in,out,ref] SETID *SetId, /* In of 0 on first call for new set. */ + [in] uint16 SequenceNum, + [in] uint16 cAddToSet, + [in] uint16 cDelFromSet, + /* add these OIDs to the set */ + [in, size_is(cAddToSet)] OID AddToSet[], + /*remove these OIDs from the set */ + [in, size_is(cDelFromSet)] OID DelFromSet[], + [out,ref] uint16 *PingBackoffFactor/* 2^factor = multipler */ + ); + + /* In some cases the client maybe unsure that a particular */ + /* binding will reach the server. (For example, when the oxid */ + /* bindings have more than one TCP/IP binding) This call */ + /* can be used to validate the binding */ + /* from the client. */ + [idempotent] WERROR ServerAlive (); + + /* Method to get the protocol sequences, string bindings, */ + /* RemoteUnknown IPID and COM version for an object server */ + /* given its OXID. Supported by DCOM */ + /* version 5.2 and above. Looks like that means + * Windows 2003/XP and above */ + [idempotent] WERROR ResolveOxid2 ( + [in] OXID pOxid, + [in] uint16 cRequestedProtseqs, + [in, size_is(cRequestedProtseqs)] uint16 arRequestedProtseqs[], + [out] DUALSTRINGARRAY **pdsaOxidBindings, + [out,ref] IPID *ipidRemUnknown, + [out,ref] uint32 *AuthnHint, + [out,ref] COMVERSION *ComVersion + ); + typedef struct { + COMVERSION version; + uint32 unknown1; + } COMINFO; + + [idempotent] WERROR ServerAlive2 ( + [out,ref] COMINFO *info, + [out,ref] DUALSTRINGARRAY *dualstring, + [out] uint8 unknown2[3]); +} diff --git a/source4/librpc/idl/policyagent.idl b/source4/librpc/idl/policyagent.idl new file mode 100644 index 0000000000..ab137faf27 --- /dev/null +++ b/source4/librpc/idl/policyagent.idl @@ -0,0 +1,13 @@ + +/* IPSec policy agent (Win2k) */ +[ + uuid("d335b8f6-cb31-11d0-b0f9-006097ba4e54"), + version(1.5), + pointer_default(unique), + helpstring("IPSec Policy Agent") +] interface policyagent +{ + /*****************/ + /* Function 0x00 */ + [todo] WERROR policyagent_Dummy(); +} diff --git a/source4/librpc/idl/protected_storage.idl b/source4/librpc/idl/protected_storage.idl new file mode 100644 index 0000000000..7841f91ca9 --- /dev/null +++ b/source4/librpc/idl/protected_storage.idl @@ -0,0 +1,14 @@ +/* + protected_storage interface definitions + Also seen with UUID: +*/ + +[ uuid("c9378ff1-16f7-11d0-a0b2-00aa0061426a"), + version(1.0), + pointer_default(unique) +] interface protected_storage +{ + /*****************************/ + /* Function 0x00 */ + WERROR ps_XXX (); +} diff --git a/source4/librpc/idl/remact.idl b/source4/librpc/idl/remact.idl new file mode 100644 index 0000000000..2165ecfc81 --- /dev/null +++ b/source4/librpc/idl/remact.idl @@ -0,0 +1,46 @@ +/** + DCOM interfaces + http://www.grimes.demon.co.uk/DCOM/DCOMSpec.htm + */ + +import "misc.idl", "orpc.idl"; + +[ + uuid("4d9f4ab8-7d1c-11cf-861e-0020af6e7c57"), + pointer_default(unique), + endpoint("ncalrpc:", "ncacn_ip_tcp:[135]", "ncacn_np:[\\pipe\\epmapper]") +] +interface IRemoteActivation +{ + typedef enum + { + RPC_C_IMP_LEVEL_DEFAULT = 0, + RPC_C_IMP_LEVEL_ANONYMOUS = 1, + RPC_C_IMP_LEVEL_IDENTIFY = 2, + RPC_C_IMP_LEVEL_IMPERSONATE = 3, + RPC_C_IMP_LEVEL_DELEGATE = 4 + } imp_levels; + + const uint32 MODE_GET_CLASS_OBJECT = 0xffffffff; + WERROR RemoteActivation ( + [in] ORPCTHIS this, + [out,ref] ORPCTHAT *that, + [in] GUID Clsid, + [in] [string,charset(UTF16)] uint16 *pwszObjectName, + [in] MInterfacePointer *pObjectStorage, + [in] uint32 ClientImpLevel, + [in] uint32 Mode, + [in,range(1,32768)] uint32 Interfaces, + [in,size_is(Interfaces)] GUID *pIIDs, + [in] uint16 num_protseqs, + [in, size_is(num_protseqs)] uint16 protseq[*], + [out,ref] hyper *pOxid, + [out,ref] DUALSTRINGARRAY *pdsaOxidBindings, + [out,ref] GUID *ipidRemUnknown, + [out,ref] uint32 *AuthnHint, + [out,ref] COMVERSION *ServerVersion, + [out,ref] WERROR *hr, + [out,size_is(Interfaces)] MInterfacePointer *ifaces[], + [out,size_is(Interfaces)] WERROR results[] + ); +} diff --git a/source4/librpc/idl/rot.idl b/source4/librpc/idl/rot.idl new file mode 100644 index 0000000000..78eee48807 --- /dev/null +++ b/source4/librpc/idl/rot.idl @@ -0,0 +1,44 @@ +import "orpc.idl"; + +[ + uuid("b9e79e60-3d52-11ce-aaa1-00006901293f"), + version(0.2), + pointer_default(unique), + endpoint("ncacn_np:[\\pipe\\epmapper]", "ncacn_ip_tcp:[135]", + "ncalrpc:[EPMAPPER]") +] interface rot +{ + WERROR rot_add ( + [in] uint32 flags, + [in] MInterfacePointer *unk, + [in] MInterfacePointer *moniker, + [out] uint32 *rotid + ); + + WERROR rot_remove ( + [in] uint32 rotid + ); + + WERROR rot_is_listed ( + [in] MInterfacePointer *moniker + ); + + WERROR rot_get_interface_pointer ( + [in] MInterfacePointer *moniker, + [out] MInterfacePointer *ip + ); + + WERROR rot_set_modification_time ( + [in] uint32 rotid, + [in] NTTIME *t + ); + + WERROR rot_get_modification_time ( + [in] MInterfacePointer *moniker, + [out] NTTIME *t + ); + + WERROR rot_enum ( + [out] MInterfacePointer *EnumMoniker + ); +} diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl new file mode 100644 index 0000000000..b6cce38196 --- /dev/null +++ b/source4/librpc/idl/samr.idl @@ -0,0 +1,1405 @@ +#include "idl_types.h" + +/* + samr interface definition +*/ +import "misc.idl", "lsa.idl", "security.idl"; + +/* + Thanks to Todd Sabin for some information from his samr.idl in acltools +*/ + +[ uuid("12345778-1234-abcd-ef00-0123456789ac"), + version(1.0), + endpoint("ncacn_np:[\\pipe\\samr]","ncacn_ip_tcp:", "ncalrpc:"), + pointer_default(unique) +] interface samr +{ + typedef bitmap security_secinfo security_secinfo; + + /* account control (acct_flags) bits */ + typedef [public,bitmap32bit] bitmap { + ACB_DISABLED = 0x00000001, /* 1 = User account disabled */ + ACB_HOMDIRREQ = 0x00000002, /* 1 = Home directory required */ + ACB_PWNOTREQ = 0x00000004, /* 1 = User password not required */ + ACB_TEMPDUP = 0x00000008, /* 1 = Temporary duplicate account */ + ACB_NORMAL = 0x00000010, /* 1 = Normal user account */ + ACB_MNS = 0x00000020, /* 1 = MNS logon user account */ + ACB_DOMTRUST = 0x00000040, /* 1 = Interdomain trust account */ + ACB_WSTRUST = 0x00000080, /* 1 = Workstation trust account */ + ACB_SVRTRUST = 0x00000100, /* 1 = Server trust account */ + ACB_PWNOEXP = 0x00000200, /* 1 = User password does not expire */ + ACB_AUTOLOCK = 0x00000400, /* 1 = Account auto locked */ + ACB_ENC_TXT_PWD_ALLOWED = 0x00000800, /* 1 = Encryped text password is allowed */ + ACB_SMARTCARD_REQUIRED = 0x00001000, /* 1 = Smart Card required */ + ACB_TRUSTED_FOR_DELEGATION = 0x00002000, /* 1 = Trusted for Delegation */ + ACB_NOT_DELEGATED = 0x00004000, /* 1 = Not delegated */ + ACB_USE_DES_KEY_ONLY = 0x00008000, /* 1 = Use DES key only */ + ACB_DONT_REQUIRE_PREAUTH = 0x00010000, /* 1 = Preauth not required */ + ACB_PW_EXPIRED = 0x00020000, /* 1 = Password Expired */ + ACB_NO_AUTH_DATA_REQD = 0x00080000 /* 1 = No authorization data required */ + } samr_AcctFlags; + + typedef [bitmap32bit] bitmap { + SAMR_ACCESS_CONNECT_TO_SERVER = 0x00000001, + SAMR_ACCESS_SHUTDOWN_SERVER = 0x00000002, + SAMR_ACCESS_INITIALIZE_SERVER = 0x00000004, + SAMR_ACCESS_CREATE_DOMAIN = 0x00000008, + SAMR_ACCESS_ENUM_DOMAINS = 0x00000010, + SAMR_ACCESS_OPEN_DOMAIN = 0x00000020 + } samr_ConnectAccessMask; + + typedef [bitmap32bit] bitmap { + SAMR_USER_ACCESS_GET_NAME_ETC = 0x00000001, + SAMR_USER_ACCESS_GET_LOCALE = 0x00000002, + SAMR_USER_ACCESS_SET_LOC_COM = 0x00000004, + SAMR_USER_ACCESS_GET_LOGONINFO = 0x00000008, + SAMR_USER_ACCESS_GET_ATTRIBUTES = 0x00000010, + SAMR_USER_ACCESS_SET_ATTRIBUTES = 0x00000020, + SAMR_USER_ACCESS_CHANGE_PASSWORD = 0x00000040, + SAMR_USER_ACCESS_SET_PASSWORD = 0x00000080, + SAMR_USER_ACCESS_GET_GROUPS = 0x00000100, + SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP = 0x00000200, + SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP = 0x00000400 + } samr_UserAccessMask; + + typedef [bitmap32bit] bitmap { + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 = 0x00000001, + SAMR_DOMAIN_ACCESS_SET_INFO_1 = 0x00000002, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 = 0x00000004, + SAMR_DOMAIN_ACCESS_SET_INFO_2 = 0x00000008, + SAMR_DOMAIN_ACCESS_CREATE_USER = 0x00000010, + SAMR_DOMAIN_ACCESS_CREATE_GROUP = 0x00000020, + SAMR_DOMAIN_ACCESS_CREATE_ALIAS = 0x00000040, + SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS = 0x00000080, + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS = 0x00000100, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT = 0x00000200, + SAMR_DOMAIN_ACCESS_SET_INFO_3 = 0x00000400 + } samr_DomainAccessMask; + + typedef [bitmap32bit] bitmap { + SAMR_GROUP_ACCESS_LOOKUP_INFO = 0x00000001, + SAMR_GROUP_ACCESS_SET_INFO = 0x00000002, + SAMR_GROUP_ACCESS_ADD_MEMBER = 0x00000004, + SAMR_GROUP_ACCESS_REMOVE_MEMBER = 0x00000008, + SAMR_GROUP_ACCESS_GET_MEMBERS = 0x00000010 + } samr_GroupAccessMask; + + typedef [bitmap32bit] bitmap { + SAMR_ALIAS_ACCESS_ADD_MEMBER = 0x00000001, + SAMR_ALIAS_ACCESS_REMOVE_MEMBER = 0x00000002, + SAMR_ALIAS_ACCESS_GET_MEMBERS = 0x00000004, + SAMR_ALIAS_ACCESS_LOOKUP_INFO = 0x00000008, + SAMR_ALIAS_ACCESS_SET_INFO = 0x00000010 + } samr_AliasAccessMask; + + /******************/ + /* Function: 0x00 */ + NTSTATUS samr_Connect ( + /* notice the lack of [string] */ + [in,unique] uint16 *system_name, + [in] samr_ConnectAccessMask access_mask, + [out,ref] policy_handle *connect_handle + ); + + + /******************/ + /* Function: 0x01 */ + [public] NTSTATUS samr_Close ( + [in,out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x02 */ + + NTSTATUS samr_SetSecurity ( + [in,ref] policy_handle *handle, + [in] security_secinfo sec_info, + [in,ref] sec_desc_buf *sdbuf + ); + + /******************/ + /* Function: 0x03 */ + + NTSTATUS samr_QuerySecurity ( + [in,ref] policy_handle *handle, + [in] security_secinfo sec_info, + [out,unique] sec_desc_buf *sdbuf + ); + + /******************/ + /* Function: 0x04 */ + + /* + shutdown the SAM - once you call this the SAM will be dead + */ + NTSTATUS samr_Shutdown ( + [in,ref] policy_handle *connect_handle + ); + + /******************/ + /* Function: 0x05 */ + NTSTATUS samr_LookupDomain ( + [in,ref] policy_handle *connect_handle, + [in,ref] lsa_String *domain_name, + [out,unique] dom_sid2 *sid + ); + + + /******************/ + /* Function: 0x06 */ + + typedef struct { + uint32 idx; + lsa_String name; + } samr_SamEntry; + + typedef struct { + uint32 count; + [size_is(count)] samr_SamEntry *entries; + } samr_SamArray; + + NTSTATUS samr_EnumDomains ( + [in,ref] policy_handle *connect_handle, + [in,out,ref] uint32 *resume_handle, + [in] uint32 buf_size, + [out,unique] samr_SamArray *sam, + [out] uint32 num_entries + ); + + + /************************/ + /* Function 0x07 */ + [public] NTSTATUS samr_OpenDomain( + [in,ref] policy_handle *connect_handle, + [in] samr_DomainAccessMask access_mask, + [in,ref] dom_sid2 *sid, + [out,ref] policy_handle *domain_handle + ); + + /************************/ + /* Function 0x08 */ + /* server roles */ + typedef [v1_enum] enum { + SAMR_ROLE_STANDALONE = 0, + SAMR_ROLE_DOMAIN_MEMBER = 1, + SAMR_ROLE_DOMAIN_BDC = 2, + SAMR_ROLE_DOMAIN_PDC = 3 + } samr_Role; + + /* password properties flags */ + typedef [public,bitmap32bit] bitmap { + DOMAIN_PASSWORD_COMPLEX = 0x00000001, + DOMAIN_PASSWORD_NO_ANON_CHANGE = 0x00000002, + DOMAIN_PASSWORD_NO_CLEAR_CHANGE = 0x00000004, + DOMAIN_PASSWORD_LOCKOUT_ADMINS = 0x00000008, + DOMAIN_PASSWORD_STORE_CLEARTEXT = 0x00000010, + DOMAIN_REFUSE_PASSWORD_CHANGE = 0x00000020 + } samr_PasswordProperties; + + typedef struct { + uint16 min_password_length; + uint16 password_history_length; + samr_PasswordProperties password_properties; + /* yes, these are signed. They are in negative 100ns */ + dlong max_password_age; + dlong min_password_age; + } samr_DomInfo1; + + typedef struct { + NTTIME force_logoff_time; + lsa_String oem_information; /* comment */ + lsa_String domain_name; + lsa_String primary; /* PDC name if this is a BDC */ + udlong sequence_num; + uint32 unknown2; + samr_Role role; + uint32 unknown3; + uint32 num_users; + uint32 num_groups; + uint32 num_aliases; + } samr_DomGeneralInformation; + + typedef struct { + NTTIME force_logoff_time; + } samr_DomInfo3; + + typedef struct { + lsa_String oem_information; /* comment */ + } samr_DomOEMInformation; + + typedef struct { + lsa_String domain_name; + } samr_DomInfo5; + + typedef struct { + lsa_String primary; + } samr_DomInfo6; + + typedef struct { + samr_Role role; + } samr_DomInfo7; + + typedef struct { + hyper sequence_num; + NTTIME domain_create_time; + } samr_DomInfo8; + + typedef struct { + uint32 unknown; /* w2k3 returns 1 */ + } samr_DomInfo9; + + typedef struct { + samr_DomGeneralInformation general; + hyper lockout_duration; + hyper lockout_window; + uint16 lockout_threshold; + } samr_DomGeneralInformation2; + + typedef struct { + hyper lockout_duration; + hyper lockout_window; + uint16 lockout_threshold; + } samr_DomInfo12; + + typedef struct { + hyper sequence_num; + NTTIME domain_create_time; + uint32 unknown1; + uint32 unknown2; + } samr_DomInfo13; + + typedef [switch_type(uint16)] union { + [case(1)] samr_DomInfo1 info1; + [case(2)] samr_DomGeneralInformation general; + [case(3)] samr_DomInfo3 info3; + [case(4)] samr_DomOEMInformation oem; + [case(5)] samr_DomInfo5 info5; + [case(6)] samr_DomInfo6 info6; + [case(7)] samr_DomInfo7 info7; + [case(8)] samr_DomInfo8 info8; + [case(9)] samr_DomInfo9 info9; + [case(11)] samr_DomGeneralInformation2 general2; + [case(12)] samr_DomInfo12 info12; + [case(13)] samr_DomInfo13 info13; + } samr_DomainInfo; + + NTSTATUS samr_QueryDomainInfo( + [in,ref] policy_handle *domain_handle, + [in] uint16 level, + [out,switch_is(level),unique] samr_DomainInfo *info + ); + + /************************/ + /* Function 0x09 */ + /* + only levels 1, 3, 4, 6, 7, 9, 12 are valid for this + call in w2k3 + */ + NTSTATUS samr_SetDomainInfo( + [in,ref] policy_handle *domain_handle, + [in] uint16 level, + [in,switch_is(level),ref] samr_DomainInfo *info + ); + + + /************************/ + /* Function 0x0a */ + NTSTATUS samr_CreateDomainGroup( + [in,ref] policy_handle *domain_handle, + [in,ref] lsa_String *name, + [in] samr_GroupAccessMask access_mask, + [out,ref] policy_handle *group_handle, + [out,ref] uint32 *rid + ); + + + /************************/ + /* Function 0x0b */ + NTSTATUS samr_EnumDomainGroups( + [in,ref] policy_handle *domain_handle, + [in,out,ref] uint32 *resume_handle, + [in] uint32 max_size, + [out,unique] samr_SamArray *sam, + [out] uint32 num_entries + ); + + /************************/ + /* Function 0x0c */ + NTSTATUS samr_CreateUser( + [in,ref] policy_handle *domain_handle, + [in,ref] lsa_String *account_name, + [in] samr_UserAccessMask access_mask, + [out,ref] policy_handle *user_handle, + [out,ref] uint32 *rid + ); + + /************************/ + /* Function 0x0d */ + + + /* w2k3 treats max_size as max_users*54 and sets the + resume_handle as the rid of the last user sent + */ + const int SAMR_ENUM_USERS_MULTIPLIER = 54; + + NTSTATUS samr_EnumDomainUsers( + [in,ref] policy_handle *domain_handle, + [in,out,ref] uint32 *resume_handle, + [in] samr_AcctFlags acct_flags, + [in] uint32 max_size, + [out,unique] samr_SamArray *sam, + [out] uint32 num_entries + ); + + /************************/ + /* Function 0x0e */ + NTSTATUS samr_CreateDomAlias( + [in,ref] policy_handle *domain_handle, + [in,ref] lsa_String *alias_name, + [in] samr_AliasAccessMask access_mask, + [out,ref] policy_handle *alias_handle, + [out,ref] uint32 *rid + ); + + /************************/ + /* Function 0x0f */ + NTSTATUS samr_EnumDomainAliases( + [in,ref] policy_handle *domain_handle, + [in,out,ref] uint32 *resume_handle, + [in] samr_AcctFlags acct_flags, + [out,unique] samr_SamArray *sam, + [out] uint32 num_entries + ); + + /************************/ + /* Function 0x10 */ + + typedef struct { + [range(0,1024)] uint32 count; + [size_is(count)] uint32 *ids; + } samr_Ids; + + NTSTATUS samr_GetAliasMembership( + [in,ref] policy_handle *domain_handle, + [in,ref] lsa_SidArray *sids, + [out,ref] samr_Ids *rids + ); + + /************************/ + /* Function 0x11 */ + + [public] NTSTATUS samr_LookupNames( + [in,ref] policy_handle *domain_handle, + [in,range(0,1000)] uint32 num_names, + [in,size_is(1000),length_is(num_names)] lsa_String names[], + [out] samr_Ids rids, + [out] samr_Ids types + ); + + + /************************/ + /* Function 0x12 */ + NTSTATUS samr_LookupRids( + [in,ref] policy_handle *domain_handle, + [in,range(0,1000)] uint32 num_rids, + [in,size_is(1000),length_is(num_rids)] uint32 rids[], + [out] lsa_Strings names, + [out] samr_Ids types + ); + + /************************/ + /* Function 0x13 */ + NTSTATUS samr_OpenGroup( + [in,ref] policy_handle *domain_handle, + [in] samr_GroupAccessMask access_mask, + [in] uint32 rid, + [out,ref] policy_handle *group_handle + ); + + /* Group attributes */ + typedef [public,bitmap32bit] bitmap { + SE_GROUP_MANDATORY = 0x00000001, + SE_GROUP_ENABLED_BY_DEFAULT = 0x00000002, + SE_GROUP_ENABLED = 0x00000004, + SE_GROUP_OWNER = 0x00000008, + SE_GROUP_USE_FOR_DENY_ONLY = 0x00000010, + SE_GROUP_RESOURCE = 0x20000000, + SE_GROUP_LOGON_ID = 0xC0000000 + } samr_GroupAttrs; + + /************************/ + /* Function 0x14 */ + + typedef struct { + lsa_String name; + samr_GroupAttrs attributes; + uint32 num_members; + lsa_String description; + } samr_GroupInfoAll; + + typedef struct { + samr_GroupAttrs attributes; + } samr_GroupInfoAttributes; + + typedef struct { + lsa_String description; + } samr_GroupInfoDescription; + + typedef enum { + GROUPINFOALL = 1, + GROUPINFONAME = 2, + GROUPINFOATTRIBUTES = 3, + GROUPINFODESCRIPTION = 4, + GROUPINFOALL2 = 5 + } samr_GroupInfoEnum; + + typedef [switch_type(samr_GroupInfoEnum)] union { + [case(GROUPINFOALL)] samr_GroupInfoAll all; + [case(GROUPINFONAME)] lsa_String name; + [case(GROUPINFOATTRIBUTES)] samr_GroupInfoAttributes attributes; + [case(GROUPINFODESCRIPTION)] lsa_String description; + [case(GROUPINFOALL2)] samr_GroupInfoAll all2; + } samr_GroupInfo; + + NTSTATUS samr_QueryGroupInfo( + [in,ref] policy_handle *group_handle, + [in] samr_GroupInfoEnum level, + [out,switch_is(level),unique] samr_GroupInfo *info + ); + + /************************/ + /* Function 0x15 */ + NTSTATUS samr_SetGroupInfo( + [in,ref] policy_handle *group_handle, + [in] samr_GroupInfoEnum level, + [in,switch_is(level),ref] samr_GroupInfo *info + ); + + /************************/ + /* Function 0x16 */ + NTSTATUS samr_AddGroupMember( + [in,ref] policy_handle *group_handle, + [in] uint32 rid, + [in] uint32 flags + ); + + /************************/ + /* Function 0x17 */ + NTSTATUS samr_DeleteDomainGroup( + [in,out,ref] policy_handle *group_handle + ); + + /************************/ + /* Function 0x18 */ + NTSTATUS samr_DeleteGroupMember( + [in,ref] policy_handle *group_handle, + [in] uint32 rid + ); + + + /************************/ + /* Function 0x19 */ + typedef struct { + uint32 count; + [size_is(count)] uint32 *rids; + [size_is(count)] uint32 *types; + } samr_RidTypeArray; + + NTSTATUS samr_QueryGroupMember( + [in,ref] policy_handle *group_handle, + [out,unique] samr_RidTypeArray *rids + ); + + + /************************/ + /* Function 0x1a */ + + /* + win2003 seems to accept any data at all for the two integers + below, and doesn't seem to do anything with them that I can + see. Weird. I really expected the first integer to be a rid + and the second to be the attributes for that rid member. + */ + NTSTATUS samr_SetMemberAttributesOfGroup( + [in,ref] policy_handle *group_handle, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); + + + /************************/ + /* Function 0x1b */ + NTSTATUS samr_OpenAlias ( + [in,ref] policy_handle *domain_handle, + [in] samr_AliasAccessMask access_mask, + [in] uint32 rid, + [out,ref] policy_handle *alias_handle + ); + + + /************************/ + /* Function 0x1c */ + + typedef struct { + lsa_String name; + uint32 num_members; + lsa_String description; + } samr_AliasInfoAll; + + typedef enum { + ALIASINFOALL = 1, + ALIASINFONAME = 2, + ALIASINFODESCRIPTION = 3 + } samr_AliasInfoEnum; + + typedef [switch_type(samr_AliasInfoEnum)] union { + [case(ALIASINFOALL)] samr_AliasInfoAll all; + [case(ALIASINFONAME)] lsa_String name; + [case(ALIASINFODESCRIPTION)] lsa_String description; + } samr_AliasInfo; + + NTSTATUS samr_QueryAliasInfo( + [in,ref] policy_handle *alias_handle, + [in] samr_AliasInfoEnum level, + [out,switch_is(level),unique] samr_AliasInfo *info + ); + + /************************/ + /* Function 0x1d */ + NTSTATUS samr_SetAliasInfo( + [in,ref] policy_handle *alias_handle, + [in] samr_AliasInfoEnum level, + [in,switch_is(level),ref] samr_AliasInfo *info + ); + + /************************/ + /* Function 0x1e */ + NTSTATUS samr_DeleteDomAlias( + [in,out,ref] policy_handle *alias_handle + ); + + /************************/ + /* Function 0x1f */ + NTSTATUS samr_AddAliasMember( + [in,ref] policy_handle *alias_handle, + [in,ref] dom_sid2 *sid + ); + + /************************/ + /* Function 0x20 */ + NTSTATUS samr_DeleteAliasMember( + [in,ref] policy_handle *alias_handle, + [in,ref] dom_sid2 *sid + ); + + /************************/ + /* Function 0x21 */ + NTSTATUS samr_GetMembersInAlias( + [in,ref] policy_handle *alias_handle, + [out,ref] lsa_SidArray *sids + ); + + /************************/ + /* Function 0x22 */ + [public] NTSTATUS samr_OpenUser( + [in,ref] policy_handle *domain_handle, + [in] samr_UserAccessMask access_mask, + [in] uint32 rid, + [out,ref] policy_handle *user_handle + ); + + /************************/ + /* Function 0x23 */ + NTSTATUS samr_DeleteUser( + [in,out,ref] policy_handle *user_handle + ); + + /************************/ + /* Function 0x24 */ + typedef struct { + lsa_String account_name; + lsa_String full_name; + uint32 primary_gid; + lsa_String description; + lsa_String comment; + } samr_UserInfo1; + + typedef struct { + lsa_String comment; + lsa_String unknown; /* settable, but doesn't stick. probably obsolete */ + uint16 country_code; + uint16 code_page; + } samr_UserInfo2; + + /* this is also used in samr and netlogon */ + typedef [public, flag(NDR_PAHEX)] struct { + uint16 units_per_week; + [size_is(1260), length_is(units_per_week/8)] uint8 *bits; + } samr_LogonHours; + + typedef struct { + lsa_String account_name; + lsa_String full_name; + uint32 rid; + uint32 primary_gid; + lsa_String home_directory; + lsa_String home_drive; + lsa_String logon_script; + lsa_String profile_path; + lsa_String workstations; + NTTIME last_logon; + NTTIME last_logoff; + NTTIME last_password_change; + NTTIME allow_password_change; + NTTIME force_password_change; + samr_LogonHours logon_hours; + uint16 bad_password_count; + uint16 logon_count; + samr_AcctFlags acct_flags; + } samr_UserInfo3; + + typedef struct { + samr_LogonHours logon_hours; + } samr_UserInfo4; + + typedef struct { + lsa_String account_name; + lsa_String full_name; + uint32 rid; + uint32 primary_gid; + lsa_String home_directory; + lsa_String home_drive; + lsa_String logon_script; + lsa_String profile_path; + lsa_String description; + lsa_String workstations; + NTTIME last_logon; + NTTIME last_logoff; + samr_LogonHours logon_hours; + uint16 bad_password_count; + uint16 logon_count; + NTTIME last_password_change; + NTTIME acct_expiry; + samr_AcctFlags acct_flags; + } samr_UserInfo5; + + typedef struct { + lsa_String account_name; + lsa_String full_name; + } samr_UserInfo6; + + typedef struct { + lsa_String account_name; + } samr_UserInfo7; + + typedef struct { + lsa_String full_name; + } samr_UserInfo8; + + typedef struct { + uint32 primary_gid; + } samr_UserInfo9; + + typedef struct { + lsa_String home_directory; + lsa_String home_drive; + } samr_UserInfo10; + + typedef struct { + lsa_String logon_script; + } samr_UserInfo11; + + typedef struct { + lsa_String profile_path; + } samr_UserInfo12; + + typedef struct { + lsa_String description; + } samr_UserInfo13; + + typedef struct { + lsa_String workstations; + } samr_UserInfo14; + + typedef struct { + samr_AcctFlags acct_flags; + } samr_UserInfo16; + + typedef struct { + NTTIME acct_expiry; + } samr_UserInfo17; + + typedef struct { + lsa_String parameters; + } samr_UserInfo20; + + /* this defines the bits used for fields_present in info21 */ + typedef [bitmap32bit] bitmap { + SAMR_FIELD_ACCOUNT_NAME = 0x00000001, + SAMR_FIELD_FULL_NAME = 0x00000002, + SAMR_FIELD_RID = 0x00000004, + SAMR_FIELD_PRIMARY_GID = 0x00000008, + SAMR_FIELD_DESCRIPTION = 0x00000010, + SAMR_FIELD_COMMENT = 0x00000020, + SAMR_FIELD_HOME_DIRECTORY = 0x00000040, + SAMR_FIELD_HOME_DRIVE = 0x00000080, + SAMR_FIELD_LOGON_SCRIPT = 0x00000100, + SAMR_FIELD_PROFILE_PATH = 0x00000200, + SAMR_FIELD_WORKSTATIONS = 0x00000400, + SAMR_FIELD_LAST_LOGON = 0x00000800, + SAMR_FIELD_LAST_LOGOFF = 0x00001000, + SAMR_FIELD_LOGON_HOURS = 0x00002000, + SAMR_FIELD_BAD_PWD_COUNT = 0x00004000, + SAMR_FIELD_NUM_LOGONS = 0x00008000, + SAMR_FIELD_ALLOW_PWD_CHANGE = 0x00010000, + SAMR_FIELD_FORCE_PWD_CHANGE = 0x00020000, + SAMR_FIELD_LAST_PWD_CHANGE = 0x00040000, + SAMR_FIELD_ACCT_EXPIRY = 0x00080000, + SAMR_FIELD_ACCT_FLAGS = 0x00100000, + SAMR_FIELD_PARAMETERS = 0x00200000, + SAMR_FIELD_COUNTRY_CODE = 0x00400000, + SAMR_FIELD_CODE_PAGE = 0x00800000, + SAMR_FIELD_PASSWORD = 0x01000000, /* either of these */ + SAMR_FIELD_PASSWORD2 = 0x02000000, /* two bits seems to work */ + SAMR_FIELD_PRIVATE_DATA = 0x04000000, + SAMR_FIELD_EXPIRED_FLAG = 0x08000000, + SAMR_FIELD_SEC_DESC = 0x10000000, + SAMR_FIELD_OWF_PWD = 0x20000000 + } samr_FieldsPresent; + + typedef struct { + NTTIME last_logon; + NTTIME last_logoff; + NTTIME last_password_change; + NTTIME acct_expiry; + NTTIME allow_password_change; + NTTIME force_password_change; + lsa_String account_name; + lsa_String full_name; + lsa_String home_directory; + lsa_String home_drive; + lsa_String logon_script; + lsa_String profile_path; + lsa_String description; + lsa_String workstations; + lsa_String comment; + lsa_String parameters; + lsa_String unknown1; + lsa_String unknown2; + lsa_String unknown3; + uint32 buf_count; + [size_is(buf_count)] uint8 *buffer; + uint32 rid; + uint32 primary_gid; + samr_AcctFlags acct_flags; + samr_FieldsPresent fields_present; + samr_LogonHours logon_hours; + uint16 bad_password_count; + uint16 logon_count; + uint16 country_code; + uint16 code_page; + uint8 nt_password_set; + uint8 lm_password_set; + uint8 password_expired; + uint8 unknown4; + } samr_UserInfo21; + + typedef [public, flag(NDR_PAHEX)] struct { + uint8 data[516]; + } samr_CryptPassword; + + typedef struct { + samr_UserInfo21 info; + samr_CryptPassword password; + } samr_UserInfo23; + + typedef struct { + samr_CryptPassword password; + uint8 pw_len; + } samr_UserInfo24; + + typedef [flag(NDR_PAHEX)] struct { + uint8 data[532]; + } samr_CryptPasswordEx; + + typedef struct { + samr_UserInfo21 info; + samr_CryptPasswordEx password; + } samr_UserInfo25; + + typedef struct { + samr_CryptPasswordEx password; + uint8 pw_len; + } samr_UserInfo26; + + typedef [switch_type(uint16)] union { + [case(1)] samr_UserInfo1 info1; + [case(2)] samr_UserInfo2 info2; + [case(3)] samr_UserInfo3 info3; + [case(4)] samr_UserInfo4 info4; + [case(5)] samr_UserInfo5 info5; + [case(6)] samr_UserInfo6 info6; + [case(7)] samr_UserInfo7 info7; + [case(8)] samr_UserInfo8 info8; + [case(9)] samr_UserInfo9 info9; + [case(10)] samr_UserInfo10 info10; + [case(11)] samr_UserInfo11 info11; + [case(12)] samr_UserInfo12 info12; + [case(13)] samr_UserInfo13 info13; + [case(14)] samr_UserInfo14 info14; + [case(16)] samr_UserInfo16 info16; + [case(17)] samr_UserInfo17 info17; + [case(20)] samr_UserInfo20 info20; + [case(21)] samr_UserInfo21 info21; + [case(23)] samr_UserInfo23 info23; + [case(24)] samr_UserInfo24 info24; + [case(25)] samr_UserInfo25 info25; + [case(26)] samr_UserInfo26 info26; + } samr_UserInfo; + + [public] NTSTATUS samr_QueryUserInfo( + [in,ref] policy_handle *user_handle, + [in] uint16 level, + [out,unique,switch_is(level)] samr_UserInfo *info + ); + + + /************************/ + /* Function 0x25 */ + [public] NTSTATUS samr_SetUserInfo( + [in,ref] policy_handle *user_handle, + [in] uint16 level, + [in,ref,switch_is(level)] samr_UserInfo *info + ); + + /************************/ + /* Function 0x26 */ + typedef [public, flag(NDR_PAHEX)] struct { + uint8 hash[16]; + } samr_Password; + + /* + this is a password change interface that doesn't give + the server the plaintext password. Depricated. + */ + NTSTATUS samr_ChangePasswordUser( + [in,ref] policy_handle *user_handle, + [in] boolean8 lm_present, + [in,unique] samr_Password *old_lm_crypted, + [in,unique] samr_Password *new_lm_crypted, + [in] boolean8 nt_present, + [in,unique] samr_Password *old_nt_crypted, + [in,unique] samr_Password *new_nt_crypted, + [in] boolean8 cross1_present, + [in,unique] samr_Password *nt_cross, + [in] boolean8 cross2_present, + [in,unique] samr_Password *lm_cross + ); + + /************************/ + /* Function 0x27 */ + + typedef [public] struct { + uint32 rid; + samr_GroupAttrs attributes; + } samr_RidWithAttribute; + + typedef [public] struct { + uint32 count; + [size_is(count)] samr_RidWithAttribute *rids; + } samr_RidWithAttributeArray; + + NTSTATUS samr_GetGroupsForUser( + [in,ref] policy_handle *user_handle, + [out,unique] samr_RidWithAttributeArray *rids + ); + + /************************/ + /* Function 0x28 */ + + typedef struct { + uint32 idx; + uint32 rid; + samr_AcctFlags acct_flags; + lsa_String account_name; + lsa_String description; + lsa_String full_name; + } samr_DispEntryGeneral; + + typedef struct { + uint32 count; + [size_is(count)] samr_DispEntryGeneral *entries; + } samr_DispInfoGeneral; + + typedef struct { + uint32 idx; + uint32 rid; + samr_AcctFlags acct_flags; + lsa_String account_name; + lsa_String description; + } samr_DispEntryFull; + + typedef struct { + uint32 count; + [size_is(count)] samr_DispEntryFull *entries; + } samr_DispInfoFull; + + typedef struct { + uint32 idx; + uint32 rid; + samr_GroupAttrs acct_flags; + lsa_String account_name; + lsa_String description; + } samr_DispEntryFullGroup; + + typedef struct { + uint32 count; + [size_is(count)] samr_DispEntryFullGroup *entries; + } samr_DispInfoFullGroups; + + typedef struct { + uint32 idx; + lsa_AsciiStringLarge account_name; + } samr_DispEntryAscii; + + typedef struct { + uint32 count; + [size_is(count)] samr_DispEntryAscii *entries; + } samr_DispInfoAscii; + + typedef [switch_type(uint16)] union { + [case(1)] samr_DispInfoGeneral info1;/* users */ + [case(2)] samr_DispInfoFull info2; /* trust accounts? */ + [case(3)] samr_DispInfoFullGroups info3; /* groups */ + [case(4)] samr_DispInfoAscii info4; /* users */ + [case(5)] samr_DispInfoAscii info5; /* groups */ + } samr_DispInfo; + + NTSTATUS samr_QueryDisplayInfo( + [in,ref] policy_handle *domain_handle, + [in] uint16 level, + [in] uint32 start_idx, + [in] uint32 max_entries, + [in] uint32 buf_size, + [out] uint32 total_size, + [out] uint32 returned_size, + [out,switch_is(level)] samr_DispInfo info + ); + + + /************************/ + /* Function 0x29 */ + + /* + this seems to be an alphabetic search function. The returned index + is the index for samr_QueryDisplayInfo needed to get names occurring + after the specified name. The supplied name does not need to exist + in the database (for example you can supply just a first letter for + searching starting at that letter) + + The level corresponds to the samr_QueryDisplayInfo level + */ + NTSTATUS samr_GetDisplayEnumerationIndex( + [in,ref] policy_handle *domain_handle, + [in] uint16 level, + [in] lsa_String name, + [out] uint32 idx + ); + + + + /************************/ + /* Function 0x2a */ + + /* + w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this + */ + NTSTATUS samr_TestPrivateFunctionsDomain( + [in,ref] policy_handle *domain_handle + ); + + + /************************/ + /* Function 0x2b */ + + /* + w2k3 returns NT_STATUS_NOT_IMPLEMENTED for this + */ + NTSTATUS samr_TestPrivateFunctionsUser( + [in,ref] policy_handle *user_handle + ); + + + /************************/ + /* Function 0x2c */ + + typedef struct { + uint16 min_password_length; + samr_PasswordProperties password_properties; + } samr_PwInfo; + + [public] NTSTATUS samr_GetUserPwInfo( + [in,ref] policy_handle *user_handle, + [out] samr_PwInfo info + ); + + /************************/ + /* Function 0x2d */ + NTSTATUS samr_RemoveMemberFromForeignDomain( + [in,ref] policy_handle *domain_handle, + [in,ref] dom_sid2 *sid + ); + + /************************/ + /* Function 0x2e */ + + /* + how is this different from QueryDomainInfo ?? + */ + NTSTATUS samr_QueryDomainInfo2( + [in,ref] policy_handle *domain_handle, + [in] uint16 level, + [out,unique,switch_is(level)] samr_DomainInfo *info + ); + + /************************/ + /* Function 0x2f */ + + /* + how is this different from QueryUserInfo ?? + */ + NTSTATUS samr_QueryUserInfo2( + [in,ref] policy_handle *user_handle, + [in] uint16 level, + [out,unique,switch_is(level)] samr_UserInfo *info + ); + + /************************/ + /* Function 0x30 */ + + /* + how is this different from QueryDisplayInfo?? + */ + NTSTATUS samr_QueryDisplayInfo2( + [in,ref] policy_handle *domain_handle, + [in] uint16 level, + [in] uint32 start_idx, + [in] uint32 max_entries, + [in] uint32 buf_size, + [out] uint32 total_size, + [out] uint32 returned_size, + [out,switch_is(level)] samr_DispInfo info + ); + + /************************/ + /* Function 0x31 */ + + /* + how is this different from GetDisplayEnumerationIndex ?? + */ + NTSTATUS samr_GetDisplayEnumerationIndex2( + [in,ref] policy_handle *domain_handle, + [in] uint16 level, + [in] lsa_String name, + [out] uint32 idx + ); + + + /************************/ + /* Function 0x32 */ + NTSTATUS samr_CreateUser2( + [in,ref] policy_handle *domain_handle, + [in,ref] lsa_String *account_name, + [in] samr_AcctFlags acct_flags, + [in] samr_UserAccessMask access_mask, + [out,ref] policy_handle *user_handle, + [out,ref] uint32 *access_granted, + [out,ref] uint32 *rid + ); + + + /************************/ + /* Function 0x33 */ + + /* + another duplicate. There must be a reason .... + */ + NTSTATUS samr_QueryDisplayInfo3( + [in,ref] policy_handle *domain_handle, + [in] uint16 level, + [in] uint32 start_idx, + [in] uint32 max_entries, + [in] uint32 buf_size, + [out] uint32 total_size, + [out] uint32 returned_size, + [out,switch_is(level)] samr_DispInfo info + ); + + /************************/ + /* Function 0x34 */ + NTSTATUS samr_AddMultipleMembersToAlias( + [in,ref] policy_handle *alias_handle, + [in,ref] lsa_SidArray *sids + ); + + /************************/ + /* Function 0x35 */ + NTSTATUS samr_RemoveMultipleMembersFromAlias( + [in,ref] policy_handle *alias_handle, + [in,ref] lsa_SidArray *sids + ); + + /************************/ + /* Function 0x36 */ + + NTSTATUS samr_OemChangePasswordUser2( + [in,unique] lsa_AsciiString *server, + [in,ref] lsa_AsciiString *account, + [in,unique] samr_CryptPassword *password, + [in,unique] samr_Password *hash + ); + + /************************/ + /* Function 0x37 */ + NTSTATUS samr_ChangePasswordUser2( + [in,unique] lsa_String *server, + [in,ref] lsa_String *account, + [in,unique] samr_CryptPassword *nt_password, + [in,unique] samr_Password *nt_verifier, + [in] boolean8 lm_change, + [in,unique] samr_CryptPassword *lm_password, + [in,unique] samr_Password *lm_verifier + ); + + /************************/ + /* Function 0x38 */ + NTSTATUS samr_GetDomPwInfo( + [in,unique] lsa_String *domain_name, + [out] samr_PwInfo info + ); + + /************************/ + /* Function 0x39 */ + NTSTATUS samr_Connect2( + [in,unique,string,charset(UTF16)] uint16 *system_name, + [in] samr_ConnectAccessMask access_mask, + [out,ref] policy_handle *connect_handle + ); + + /************************/ + /* Function 0x3a */ + /* + seems to be an exact alias for samr_SetUserInfo() + */ + [public] NTSTATUS samr_SetUserInfo2( + [in,ref] policy_handle *user_handle, + [in] uint16 level, + [in,ref,switch_is(level)] samr_UserInfo *info + ); + + /************************/ + /* Function 0x3b */ + /* + this one is mysterious. I have a few guesses, but nothing working yet + */ + NTSTATUS samr_SetBootKeyInformation( + [in,ref] policy_handle *connect_handle, + [in] uint32 unknown1, + [in] uint32 unknown2, + [in] uint32 unknown3 + ); + + /************************/ + /* Function 0x3c */ + NTSTATUS samr_GetBootKeyInformation( + [in,ref] policy_handle *domain_handle, + [out] uint32 unknown + ); + + /************************/ + /* Function 0x3d */ + NTSTATUS samr_Connect3( + [in,unique,string,charset(UTF16)] uint16 *system_name, + /* this unknown value seems to be completely ignored by w2k3 */ + [in] uint32 unknown, + [in] samr_ConnectAccessMask access_mask, + [out,ref] policy_handle *connect_handle + ); + + /************************/ + /* Function 0x3e */ + NTSTATUS samr_Connect4( + [in,unique,string,charset(UTF16)] uint16 *system_name, + [in] uint32 unknown, + [in] samr_ConnectAccessMask access_mask, + [out,ref] policy_handle *connect_handle + ); + + /************************/ + /* Function 0x3f */ + + typedef enum samr_RejectReason samr_RejectReason; + + typedef struct { + samr_RejectReason reason; + uint32 unknown1; + uint32 unknown2; + } samr_ChangeReject; + + NTSTATUS samr_ChangePasswordUser3( + [in,unique] lsa_String *server, + [in,ref] lsa_String *account, + [in,unique] samr_CryptPassword *nt_password, + [in,unique] samr_Password *nt_verifier, + [in] boolean8 lm_change, + [in,unique] samr_CryptPassword *lm_password, + [in,unique] samr_Password *lm_verifier, + [in,unique] samr_CryptPassword *password3, + [out,unique] samr_DomInfo1 *dominfo, + [out,unique] samr_ChangeReject *reject + ); + + /************************/ + /* Function 0x40 */ + + typedef struct { + uint32 unknown1; /* w2k3 gives 3 */ + uint32 unknown2; /* w2k3 gives 0 */ + } samr_ConnectInfo1; + + typedef union { + [case(1)] samr_ConnectInfo1 info1; + } samr_ConnectInfo; + + [public] NTSTATUS samr_Connect5( + [in,unique,string,charset(UTF16)] uint16 *system_name, + [in] samr_ConnectAccessMask access_mask, + [in,out] uint32 level, + [in,out,switch_is(level),ref] samr_ConnectInfo *info, + [out,ref] policy_handle *connect_handle + ); + + /************************/ + /* Function 0x41 */ + NTSTATUS samr_RidToSid( + [in,ref] policy_handle *domain_handle, + [in] uint32 rid, + [out,unique] dom_sid2 *sid + ); + + + /************************/ + /* Function 0x42 */ + + /* + this should set the DSRM password for the server, which is used + when booting into Directory Services Recovery Mode on a DC. Win2003 + gives me NT_STATUS_NOT_SUPPORTED + */ + + NTSTATUS samr_SetDsrmPassword( + [in,unique] lsa_String *name, + [in] uint32 unknown, + [in,unique] samr_Password *hash + ); + + + /************************/ + /* Function 0x43 */ + /************************/ + typedef [bitmap32bit] bitmap { + SAMR_VALIDATE_FIELD_PASSWORD_LAST_SET = 0x00000001, + SAMR_VALIDATE_FIELD_BAD_PASSWORD_TIME = 0x00000002, + SAMR_VALIDATE_FIELD_LOCKOUT_TIME = 0x00000004, + SAMR_VALIDATE_FIELD_BAD_PASSWORD_COUNT = 0x00000008, + SAMR_VALIDATE_FIELD_PASSWORD_HISTORY_LENGTH = 0x00000010, + SAMR_VALIDATE_FIELD_PASSWORD_HISTORY = 0x00000020 + } samr_ValidateFieldsPresent; + + typedef enum { + NetValidateAuthentication = 1, + NetValidatePasswordChange= 2, + NetValidatePasswordReset = 3 + } samr_ValidatePasswordLevel; + + /* NetApi maps samr_ValidationStatus errors to WERRORs. Haven't + * identified the mapping of + * - NERR_PasswordFilterError + * - NERR_PasswordExpired and + * - NERR_PasswordCantChange + * yet - Guenther + */ + + typedef enum { + SAMR_VALIDATION_STATUS_SUCCESS = 0, + SAMR_VALIDATION_STATUS_PASSWORD_MUST_CHANGE = 1, + SAMR_VALIDATION_STATUS_ACCOUNT_LOCKED_OUT = 2, + SAMR_VALIDATION_STATUS_BAD_PASSWORD = 4, + SAMR_VALIDATION_STATUS_PWD_HISTORY_CONFLICT = 5, + SAMR_VALIDATION_STATUS_PWD_TOO_SHORT = 6, + SAMR_VALIDATION_STATUS_PWD_TOO_LONG = 7, + SAMR_VALIDATION_STATUS_NOT_COMPLEX_ENOUGH = 8, + SAMR_VALIDATION_STATUS_PASSWORD_TOO_RECENT = 9 + } samr_ValidationStatus; + + typedef struct { + uint32 length; + [size_is(length)] uint8 *data; + } samr_ValidationBlob; + + typedef struct { + samr_ValidateFieldsPresent fields_present; + NTTIME_hyper last_password_change; + NTTIME_hyper bad_password_time; + NTTIME_hyper lockout_time; + uint32 bad_pwd_count; + uint32 pwd_history_len; + [size_is(pwd_history_len)] samr_ValidationBlob *pwd_history; + } samr_ValidatePasswordInfo; + + typedef struct { + samr_ValidatePasswordInfo info; + samr_ValidationStatus status; + } samr_ValidatePasswordRepCtr; + + typedef [switch_type(uint16)] union { + [case(1)] samr_ValidatePasswordRepCtr ctr1; + [case(2)] samr_ValidatePasswordRepCtr ctr2; + [case(3)] samr_ValidatePasswordRepCtr ctr3; + } samr_ValidatePasswordRep; + + typedef struct { + samr_ValidatePasswordInfo info; + lsa_StringLarge password; + lsa_StringLarge account; + samr_ValidationBlob hash; + boolean8 pwd_must_change_at_next_logon; + boolean8 clear_lockout; + } samr_ValidatePasswordReq3; + + typedef struct { + samr_ValidatePasswordInfo info; + lsa_StringLarge password; + lsa_StringLarge account; + samr_ValidationBlob hash; + boolean8 password_matched; + } samr_ValidatePasswordReq2; + + typedef struct { + samr_ValidatePasswordInfo info; + boolean8 password_matched; + } samr_ValidatePasswordReq1; + + typedef [switch_type(uint16)] union { + [case(1)] samr_ValidatePasswordReq1 req1; + [case(2)] samr_ValidatePasswordReq2 req2; + [case(3)] samr_ValidatePasswordReq3 req3; + } samr_ValidatePasswordReq; + + NTSTATUS samr_ValidatePassword( + [in] samr_ValidatePasswordLevel level, + [in,switch_is(level)] samr_ValidatePasswordReq req, + [out,unique,switch_is(level)] samr_ValidatePasswordRep *rep + ); +} diff --git a/source4/librpc/idl/sasl_helpers.idl b/source4/librpc/idl/sasl_helpers.idl new file mode 100644 index 0000000000..8fa4b578b9 --- /dev/null +++ b/source4/librpc/idl/sasl_helpers.idl @@ -0,0 +1,22 @@ +#include "idl_types.h" + +[ + pointer_default(unique), + helpstring("SASL helpers") +] +interface sasl_helpers { + typedef [public,flag(NDR_NOALIGN|NDR_BIG_ENDIAN|NDR_PAHEX)] struct { + [value(strlen_m(authid))] uint16 authid_length; + [charset(UTF8)] uint8 authid[authid_length]; + uint16 passwd_length; + uint8 passwd[passwd_length]; + [value(strlen_m(service))] uint16 service_length; + [charset(UTF8)] uint8 service[service_length]; + [value(strlen_m(realm))] uint16 realm_length; + [charset(UTF8)] uint8 realm[realm_length]; + } saslauthdRequest; + + void decode_saslauthd( + [in] saslauthdRequest req + ); +} diff --git a/source4/librpc/idl/scerpc.idl b/source4/librpc/idl/scerpc.idl new file mode 100644 index 0000000000..2c3c4f865f --- /dev/null +++ b/source4/librpc/idl/scerpc.idl @@ -0,0 +1,18 @@ +/* + security configuration editor interface definitions +*/ + +[ + uuid("93149ca2-973b-11d1-8c39-00c04fb984f9"), + version(0.0), + pointer_default(unique), + helpstring("Security Configuration Editor") +] +interface scerpc +{ + + /*****************/ + /* Function 0x00 */ + WERROR scerpc_Unknown0(); +} + diff --git a/source4/librpc/idl/schannel.idl b/source4/librpc/idl/schannel.idl new file mode 100644 index 0000000000..9cb9e1fb61 --- /dev/null +++ b/source4/librpc/idl/schannel.idl @@ -0,0 +1,44 @@ +#include "idl_types.h" + +/* + schannel structures +*/ + +import "netlogon.idl", "nbt.idl"; + +interface schannel +{ + /* + a schannel bind blob - used in dcerpc auth_info + on a schannel + */ + typedef struct { + astring domain; + astring workstation; + } schannel_bind_3; + + typedef struct { + astring domain; + astring workstation; + nbt_string dnsdomain; + nbt_string dnsworkstation; + } schannel_bind_23; + + typedef [nodiscriminant] union { + [case (3)] schannel_bind_3 info3; + [case (23)] schannel_bind_23 info23; + } schannel_bind_info; + + typedef [public] struct { + uint32 unknown1; /* seems to need to be 0 */ + uint32 bind_type; + [switch_is(bind_type)] schannel_bind_info u; + } schannel_bind; + + /* a bind_ack blob */ + typedef [public] struct { + uint32 unknown1; /* 1 */ + uint32 unknown2; /* 0 */ + uint32 unknown3; /* 0x006c0000 */ + } schannel_bind_ack; +} diff --git a/source4/librpc/idl/security.cnf b/source4/librpc/idl/security.cnf new file mode 100644 index 0000000000..37da8c7423 --- /dev/null +++ b/source4/librpc/idl/security.cnf @@ -0,0 +1 @@ +NOEMIT diff --git a/source4/librpc/idl/security.idl b/source4/librpc/idl/security.idl new file mode 100644 index 0000000000..80efe46453 --- /dev/null +++ b/source4/librpc/idl/security.idl @@ -0,0 +1,397 @@ +#include "idl_types.h" + +/* + security IDL structures +*/ + +import "misc.idl"; + +/* + use the same structure for dom_sid2 as dom_sid. A dom_sid2 is really + just a dom sid, but with the sub_auths represented as a conformant + array. As with all in-structure conformant arrays, the array length + is placed before the start of the structure. That's what gives rise + to the extra num_auths elemenent. We don't want the Samba code to + have to bother with such esoteric NDR details, so its easier to just + define it as a dom_sid and use pidl magic to make it all work. It + just means you need to mark a sid as a "dom_sid2" in the IDL when you + know it is of the conformant array variety +*/ +cpp_quote("#define dom_sid2 dom_sid") + +/* same struct as dom_sid but inside a 28 bytes fixed buffer in NDR */ +cpp_quote("#define dom_sid28 dom_sid") + +/* same struct as dom_sid but in a variable byte buffer, which is maybe empty in NDR */ +cpp_quote("#define dom_sid0 dom_sid") + +[ + pointer_default(unique) +] +interface security +{ + /* + access masks are divided up like this: + 0xabccdddd + where + a = generic rights bits SEC_GENERIC_ + b = flags SEC_FLAG_ + c = standard rights bits SEC_STD_ + d = object type specific bits SEC_{FILE,DIR,REG,xxx}_ + + common combinations of bits are prefixed with SEC_RIGHTS_ + */ + const int SEC_MASK_GENERIC = 0xF0000000; + const int SEC_MASK_FLAGS = 0x0F000000; + const int SEC_MASK_STANDARD = 0x00FF0000; + const int SEC_MASK_SPECIFIC = 0x0000FFFF; + + /* generic bits */ + const int SEC_GENERIC_ALL = 0x10000000; + const int SEC_GENERIC_EXECUTE = 0x20000000; + const int SEC_GENERIC_WRITE = 0x40000000; + const int SEC_GENERIC_READ = 0x80000000; + + /* flag bits */ + const int SEC_FLAG_SYSTEM_SECURITY = 0x01000000; + const int SEC_FLAG_MAXIMUM_ALLOWED = 0x02000000; + + /* standard bits */ + const int SEC_STD_DELETE = 0x00010000; + const int SEC_STD_READ_CONTROL = 0x00020000; + const int SEC_STD_WRITE_DAC = 0x00040000; + const int SEC_STD_WRITE_OWNER = 0x00080000; + const int SEC_STD_SYNCHRONIZE = 0x00100000; + const int SEC_STD_REQUIRED = 0x000F0000; + const int SEC_STD_ALL = 0x001F0000; + + /* file specific bits */ + const int SEC_FILE_READ_DATA = 0x00000001; + const int SEC_FILE_WRITE_DATA = 0x00000002; + const int SEC_FILE_APPEND_DATA = 0x00000004; + const int SEC_FILE_READ_EA = 0x00000008; + const int SEC_FILE_WRITE_EA = 0x00000010; + const int SEC_FILE_EXECUTE = 0x00000020; + const int SEC_FILE_READ_ATTRIBUTE = 0x00000080; + const int SEC_FILE_WRITE_ATTRIBUTE = 0x00000100; + const int SEC_FILE_ALL = 0x000001ff; + + /* directory specific bits */ + const int SEC_DIR_LIST = 0x00000001; + const int SEC_DIR_ADD_FILE = 0x00000002; + const int SEC_DIR_ADD_SUBDIR = 0x00000004; + const int SEC_DIR_READ_EA = 0x00000008; + const int SEC_DIR_WRITE_EA = 0x00000010; + const int SEC_DIR_TRAVERSE = 0x00000020; + const int SEC_DIR_DELETE_CHILD = 0x00000040; + const int SEC_DIR_READ_ATTRIBUTE = 0x00000080; + const int SEC_DIR_WRITE_ATTRIBUTE = 0x00000100; + + /* registry entry specific bits */ + const int SEC_REG_QUERY_VALUE = 0x00000001; + const int SEC_REG_SET_VALUE = 0x00000002; + const int SEC_REG_CREATE_SUBKEY = 0x00000004; + const int SEC_REG_ENUM_SUBKEYS = 0x00000008; + const int SEC_REG_NOTIFY = 0x00000010; + const int SEC_REG_CREATE_LINK = 0x00000020; + + /* ldap specific access bits */ + const int SEC_ADS_CREATE_CHILD = 0x00000001; + const int SEC_ADS_DELETE_CHILD = 0x00000002; + const int SEC_ADS_LIST = 0x00000004; + const int SEC_ADS_SELF_WRITE = 0x00000008; + const int SEC_ADS_READ_PROP = 0x00000010; + const int SEC_ADS_WRITE_PROP = 0x00000020; + const int SEC_ADS_DELETE_TREE = 0x00000040; + const int SEC_ADS_LIST_OBJECT = 0x00000080; + const int SEC_ADS_CONTROL_ACCESS = 0x00000100; + + /* invalid bits */ + const int SEC_MASK_INVALID = 0x0ce0fe00; + + /* generic->specific mappings for files */ + const int SEC_RIGHTS_FILE_READ = SEC_STD_READ_CONTROL | + SEC_STD_SYNCHRONIZE | + SEC_FILE_READ_DATA | + SEC_FILE_READ_ATTRIBUTE | + SEC_FILE_READ_EA; + + const int SEC_RIGHTS_FILE_WRITE = SEC_STD_READ_CONTROL | + SEC_STD_SYNCHRONIZE | + SEC_FILE_WRITE_DATA | + SEC_FILE_WRITE_ATTRIBUTE | + SEC_FILE_WRITE_EA | + SEC_FILE_APPEND_DATA; + + const int SEC_RIGHTS_FILE_EXECUTE = SEC_STD_SYNCHRONIZE | + SEC_STD_READ_CONTROL | + SEC_FILE_READ_ATTRIBUTE | + SEC_FILE_EXECUTE; + + const int SEC_RIGHTS_FILE_ALL = SEC_STD_ALL | SEC_FILE_ALL; + + /* generic->specific mappings for directories (same as files) */ + const int SEC_RIGHTS_DIR_READ = SEC_RIGHTS_FILE_READ; + const int SEC_RIGHTS_DIR_WRITE = SEC_RIGHTS_FILE_WRITE; + const int SEC_RIGHTS_DIR_EXECUTE = SEC_RIGHTS_FILE_EXECUTE; + const int SEC_RIGHTS_DIR_ALL = SEC_RIGHTS_FILE_ALL; + + + /***************************************************************/ + /* WELL KNOWN SIDS */ + + /* a NULL sid */ + const string SID_NULL = "S-1-0-0"; + + /* the world domain */ + const string NAME_WORLD = "WORLD"; + + const string SID_WORLD_DOMAIN = "S-1-1"; + const string SID_WORLD = "S-1-1-0"; + + /* SECURITY_CREATOR_SID_AUTHORITY */ + const string SID_CREATOR_OWNER_DOMAIN = "S-1-3"; + const string SID_CREATOR_OWNER = "S-1-3-0"; + const string SID_CREATOR_GROUP = "S-1-3-1"; + + /* SECURITY_NT_AUTHORITY */ + const string NAME_NT_AUTHORITY = "NT AUTHORITY"; + + const string SID_NT_AUTHORITY = "S-1-5"; + const string SID_NT_DIALUP = "S-1-5-1"; + const string SID_NT_NETWORK = "S-1-5-2"; + const string SID_NT_BATCH = "S-1-5-3"; + const string SID_NT_INTERACTIVE = "S-1-5-4"; + const string SID_NT_SERVICE = "S-1-5-6"; + const string SID_NT_ANONYMOUS = "S-1-5-7"; + const string SID_NT_PROXY = "S-1-5-8"; + const string SID_NT_ENTERPRISE_DCS = "S-1-5-9"; + const string SID_NT_SELF = "S-1-5-10"; + const string SID_NT_AUTHENTICATED_USERS = "S-1-5-11"; + const string SID_NT_RESTRICTED = "S-1-5-12"; + const string SID_NT_TERMINAL_SERVER_USERS = "S-1-5-13"; + const string SID_NT_REMOTE_INTERACTIVE = "S-1-5-14"; + const string SID_NT_THIS_ORGANISATION = "S-1-5-15"; + const string SID_NT_SYSTEM = "S-1-5-18"; + const string SID_NT_LOCAL_SERVICE = "S-1-5-19"; + const string SID_NT_NETWORK_SERVICE = "S-1-5-20"; + + /* SECURITY_BUILTIN_DOMAIN_RID */ + const string NAME_BUILTIN = "BUILTIN"; + + const string SID_BUILTIN = "S-1-5-32"; + const string SID_BUILTIN_ADMINISTRATORS = "S-1-5-32-544"; + const string SID_BUILTIN_USERS = "S-1-5-32-545"; + const string SID_BUILTIN_GUESTS = "S-1-5-32-546"; + const string SID_BUILTIN_POWER_USERS = "S-1-5-32-547"; + const string SID_BUILTIN_ACCOUNT_OPERATORS = "S-1-5-32-548"; + const string SID_BUILTIN_SERVER_OPERATORS = "S-1-5-32-549"; + const string SID_BUILTIN_PRINT_OPERATORS = "S-1-5-32-550"; + const string SID_BUILTIN_BACKUP_OPERATORS = "S-1-5-32-551"; + const string SID_BUILTIN_REPLICATOR = "S-1-5-32-552"; + const string SID_BUILTIN_RAS_SERVERS = "S-1-5-32-553"; + const string SID_BUILTIN_PREW2K = "S-1-5-32-554"; + + /* well-known domain RIDs */ + const int DOMAIN_RID_LOGON = 9; + const int DOMAIN_RID_ADMINISTRATOR = 500; + const int DOMAIN_RID_GUEST = 501; + const int DOMAIN_RID_ADMINS = 512; + const int DOMAIN_RID_USERS = 513; + const int DOMAIN_RID_DOMAIN_MEMBERS = 515; + const int DOMAIN_RID_DCS = 516; + const int DOMAIN_RID_CERT_ADMINS = 517; + const int DOMAIN_RID_SCHEMA_ADMINS = 518; + const int DOMAIN_RID_ENTERPRISE_ADMINS = 519; + + + /* + privilege IDs. Please keep the IDs below 64. If we get more + than 64 then we need to change security_token + */ + typedef enum { + SEC_PRIV_SECURITY = 1, + SEC_PRIV_BACKUP = 2, + SEC_PRIV_RESTORE = 3, + SEC_PRIV_SYSTEMTIME = 4, + SEC_PRIV_SHUTDOWN = 5, + SEC_PRIV_REMOTE_SHUTDOWN = 6, + SEC_PRIV_TAKE_OWNERSHIP = 7, + SEC_PRIV_DEBUG = 8, + SEC_PRIV_SYSTEM_ENVIRONMENT = 9, + SEC_PRIV_SYSTEM_PROFILE = 10, + SEC_PRIV_PROFILE_SINGLE_PROCESS = 11, + SEC_PRIV_INCREASE_BASE_PRIORITY = 12, + SEC_PRIV_LOAD_DRIVER = 13, + SEC_PRIV_CREATE_PAGEFILE = 14, + SEC_PRIV_INCREASE_QUOTA = 15, + SEC_PRIV_CHANGE_NOTIFY = 16, + SEC_PRIV_UNDOCK = 17, + SEC_PRIV_MANAGE_VOLUME = 18, + SEC_PRIV_IMPERSONATE = 19, + SEC_PRIV_CREATE_GLOBAL = 20, + SEC_PRIV_ENABLE_DELEGATION = 21, + SEC_PRIV_INTERACTIVE_LOGON = 22, + SEC_PRIV_NETWORK_LOGON = 23, + SEC_PRIV_REMOTE_INTERACTIVE_LOGON = 24 + } sec_privilege; + + + /* a domain SID. Note that unlike Samba3 this contains a pointer, + so you can't copy them using assignment */ + typedef [public,gensize,noprint,noejs,nosize] struct { + uint8 sid_rev_num; /**< SID revision number */ + [range(0,15)] int8 num_auths; /**< Number of sub-authorities */ + uint8 id_auth[6]; /**< Identifier Authority */ + uint32 sub_auths[num_auths]; + } dom_sid; + + typedef [bitmap8bit] bitmap { + SEC_ACE_FLAG_OBJECT_INHERIT = 0x01, + SEC_ACE_FLAG_CONTAINER_INHERIT = 0x02, + SEC_ACE_FLAG_NO_PROPAGATE_INHERIT = 0x04, + SEC_ACE_FLAG_INHERIT_ONLY = 0x08, + SEC_ACE_FLAG_INHERITED_ACE = 0x10, + SEC_ACE_FLAG_VALID_INHERIT = 0x0f, + SEC_ACE_FLAG_SUCCESSFUL_ACCESS = 0x40, + SEC_ACE_FLAG_FAILED_ACCESS = 0x80 + } security_ace_flags; + + typedef [enum8bit] enum { + SEC_ACE_TYPE_ACCESS_ALLOWED = 0, + SEC_ACE_TYPE_ACCESS_DENIED = 1, + SEC_ACE_TYPE_SYSTEM_AUDIT = 2, + SEC_ACE_TYPE_SYSTEM_ALARM = 3, + SEC_ACE_TYPE_ALLOWED_COMPOUND = 4, + SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT = 5, + SEC_ACE_TYPE_ACCESS_DENIED_OBJECT = 6, + SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT = 7, + SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT = 8 + } security_ace_type; + + typedef [bitmap32bit] bitmap { + SEC_ACE_OBJECT_TYPE_PRESENT = 0x00000001, + SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT = 0x00000002 + } security_ace_object_flags; + + typedef [nodiscriminant] union { + /* this is the 'schemaIDGUID' attribute of the attribute object in the schema naming context */ + [case(SEC_ACE_OBJECT_TYPE_PRESENT)] GUID type; + [default]; + } security_ace_object_type; + + typedef [nodiscriminant] union { + /* this is the 'schemaIDGUID' attribute of the objectclass object in the schema naming context + * (of the parent container) + */ + [case(SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT)] GUID inherited_type; + [default]; + } security_ace_object_inherited_type; + + typedef struct { + security_ace_object_flags flags; + [switch_is(flags & SEC_ACE_OBJECT_TYPE_PRESENT)] security_ace_object_type type; + [switch_is(flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT)] security_ace_object_inherited_type inherited_type; + } security_ace_object; + + typedef [nodiscriminant] union { + [case(SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT)] security_ace_object object; + [case(SEC_ACE_TYPE_ACCESS_DENIED_OBJECT)] security_ace_object object; + [case(SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT)] security_ace_object object; + [case(SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT)] security_ace_object object; + [default]; + } security_ace_object_ctr; + + typedef [public,gensize,nosize] struct { + security_ace_type type; /* SEC_ACE_TYPE_* */ + security_ace_flags flags; /* SEC_ACE_FLAG_* */ + [value(ndr_size_security_ace(r,ndr->flags))] uint16 size; + uint32 access_mask; + [switch_is(type)] security_ace_object_ctr object; + dom_sid trustee; + } security_ace; + + typedef enum { + SECURITY_ACL_REVISION_NT4 = 2, + SECURITY_ACL_REVISION_ADS = 4 + } security_acl_revision; + + const uint NT4_ACL_REVISION = SECURITY_ACL_REVISION_NT4; + + typedef [public,gensize,nosize] struct { + security_acl_revision revision; + [value(ndr_size_security_acl(r,ndr->flags))] uint16 size; + [range(0,1000)] uint32 num_aces; + security_ace aces[num_aces]; + } security_acl; + + /* default revision for new ACLs */ + typedef [enum8bit] enum { + SECURITY_DESCRIPTOR_REVISION_1 = 1 + } security_descriptor_revision; + + const int SD_REVISION = SECURITY_DESCRIPTOR_REVISION_1; + + /* security_descriptor->type bits */ + typedef [bitmap16bit] bitmap { + SEC_DESC_OWNER_DEFAULTED = 0x0001, + SEC_DESC_GROUP_DEFAULTED = 0x0002, + SEC_DESC_DACL_PRESENT = 0x0004, + SEC_DESC_DACL_DEFAULTED = 0x0008, + SEC_DESC_SACL_PRESENT = 0x0010, + SEC_DESC_SACL_DEFAULTED = 0x0020, + SEC_DESC_DACL_TRUSTED = 0x0040, + SEC_DESC_SERVER_SECURITY = 0x0080, + SEC_DESC_DACL_AUTO_INHERIT_REQ = 0x0100, + SEC_DESC_SACL_AUTO_INHERIT_REQ = 0x0200, + SEC_DESC_DACL_AUTO_INHERITED = 0x0400, + SEC_DESC_SACL_AUTO_INHERITED = 0x0800, + SEC_DESC_DACL_PROTECTED = 0x1000, + SEC_DESC_SACL_PROTECTED = 0x2000, + SEC_DESC_RM_CONTROL_VALID = 0x4000, + SEC_DESC_SELF_RELATIVE = 0x8000 + } security_descriptor_type; + + typedef [gensize,nosize,public,flag(NDR_LITTLE_ENDIAN)] struct { + security_descriptor_revision revision; + security_descriptor_type type; /* SEC_DESC_xxxx flags */ + [relative] dom_sid *owner_sid; + [relative] dom_sid *group_sid; + [relative] security_acl *sacl; /* system ACL */ + [relative] security_acl *dacl; /* user (discretionary) ACL */ + } security_descriptor; + + typedef [public] struct { + [range(0,0x40000),value(ndr_size_security_descriptor(sd,ndr->flags))] uint32 sd_size; + [subcontext(4)] security_descriptor *sd; + } sec_desc_buf; + + typedef [public] struct { + dom_sid *user_sid; + dom_sid *group_sid; + uint32 num_sids; + [size_is(num_sids)] dom_sid *sids[*]; + udlong privilege_mask; + } security_token; + + /* bits that determine which parts of a security descriptor + are being queried/set */ + typedef [public,bitmap32bit] bitmap { + SECINFO_OWNER = 0x00000001, + SECINFO_GROUP = 0x00000002, + SECINFO_DACL = 0x00000004, + SECINFO_SACL = 0x00000008, + SECINFO_UNPROTECTED_SACL = 0x10000000, + SECINFO_UNPROTECTED_DACL = 0x20000000, + SECINFO_PROTECTED_SACL = 0x40000000, + SECINFO_PROTECTED_DACL = 0x80000000 + } security_secinfo; + + typedef [public,bitmap32bit] bitmap { + KERB_ENCTYPE_DES_CBC_CRC = 0x00000001, + KERB_ENCTYPE_DES_CBC_MD5 = 0x00000002, + KERB_ENCTYPE_RC4_HMAC_MD5 = 0x00000004, + KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008, + KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010 + } kerb_EncTypes; +} diff --git a/source4/librpc/idl/spoolss.idl b/source4/librpc/idl/spoolss.idl new file mode 100644 index 0000000000..6b4b0b8a16 --- /dev/null +++ b/source4/librpc/idl/spoolss.idl @@ -0,0 +1,1571 @@ +#include "idl_types.h" + +/* + spoolss interface definitions +*/ +import "misc.idl", "security.idl", "winreg.idl"; + +[ uuid("12345678-1234-abcd-ef00-0123456789ab"), + version(1.0), + endpoint("ncacn_np:[\\pipe\\spoolss]"), + pointer_default(unique), + helpstring("Spooler SubSystem"), + helper("librpc/ndr/ndr_spoolss_buf.h") +] interface spoolss +{ + typedef [v1_enum] enum winreg_Type winreg_Type; + typedef struct { + uint16 year; + uint16 month; + uint16 day_of_week; + uint16 day; + uint16 hour; + uint16 minute; + uint16 second; + uint16 millisecond; + } spoolss_Time; + + typedef struct { + [relative] nstring *printername; + [relative] nstring *servername; + uint32 cjobs; + uint32 total_jobs; + uint32 total_bytes; + spoolss_Time time; + uint32 global_counter; + uint32 total_pages; + uint32 version; + uint32 unknown10; + uint32 unknown11; + uint32 unknown12; + uint32 session_counter; + uint32 unknown14; + uint32 printer_errors; + uint32 unknown16; + uint32 unknown17; + uint32 unknown18; + uint32 unknown19; + uint32 change_id; + uint32 unknown21; + uint32 status; + uint32 unknown23; + uint32 c_setprinter; + uint16 unknown25; + uint16 unknown26; + uint32 unknown27; + uint32 unknown28; + uint32 unknown29; + } spoolss_PrinterInfo0; + + typedef [public,gensize] struct { + [charset(UTF16)] uint16 devicename[32]; + uint16 specversion; + uint16 driverversion; + uint16 size; + [value(r->driverextra_data.length)] uint16 __driverextra_length; + uint32 fields; + uint16 orientation; + uint16 papersize; + uint16 paperlength; + uint16 paperwidth; + uint16 scale; + uint16 copies; + uint16 defaultsource; + uint16 printquality; + uint16 color; + uint16 duplex; + uint16 yresolution; + uint16 ttoption; + uint16 collate; + [charset(UTF16)] uint16 formname[32]; + uint16 logpixels; + uint32 bitsperpel; + uint32 pelswidth; + uint32 pelsheight; + uint32 displayflags; + uint32 displayfrequency; + uint32 icmmethod; + uint32 icmintent; + uint32 mediatype; + uint32 dithertype; + uint32 reserved1; + uint32 reserved2; + uint32 panningwidth; + uint32 panningheight; + [subcontext_size(__driverextra_length),subcontext(0),flag(NDR_REMAINING)] DATA_BLOB driverextra_data; + } spoolss_DeviceMode; + + typedef [public] bitmap { + PRINTER_ENUM_DEFAULT = 0x00000001, + PRINTER_ENUM_LOCAL = 0x00000002, + PRINTER_ENUM_CONNECTIONS = 0x00000004, + PRINTER_ENUM_FAVORITE = 0x00000004, + PRINTER_ENUM_NAME = 0x00000008, + PRINTER_ENUM_REMOTE = 0x00000010, + PRINTER_ENUM_SHARED = 0x00000020, + PRINTER_ENUM_NETWORK = 0x00000040, + PRINTER_ENUM_EXPAND = 0x00004000, + PRINTER_ENUM_CONTAINER = 0x00008000, + PRINTER_ENUM_ICON1 = 0x00010000, + PRINTER_ENUM_ICON2 = 0x00020000, + PRINTER_ENUM_ICON3 = 0x00040000, + PRINTER_ENUM_ICON4 = 0x00080000, + PRINTER_ENUM_ICON5 = 0x00100000, + PRINTER_ENUM_ICON6 = 0x00200000, + PRINTER_ENUM_ICON7 = 0x00400000, + PRINTER_ENUM_ICON8 = 0x00800000, + PRINTER_ENUM_HIDE = 0x01000000 + } spoolss_EnumPrinterFlags; + + typedef struct { + spoolss_EnumPrinterFlags flags; + [relative] nstring *name; + [relative] nstring *description; + [relative] nstring *comment; + } spoolss_PrinterInfo1; + + typedef bitmap { + PRINTER_ATTRIBUTE_QUEUED = 0x00000001, + PRINTER_ATTRIBUTE_DIRECT = 0x00000002, + PRINTER_ATTRIBUTE_DEFAULT = 0x00000004, + PRINTER_ATTRIBUTE_SHARED = 0x00000008, + PRINTER_ATTRIBUTE_NETWORK = 0x00000010, + PRINTER_ATTRIBUTE_HIDDEN = 0x00000020, + PRINTER_ATTRIBUTE_LOCAL = 0x00000040, + PRINTER_ATTRIBUTE_ENABLE_DEVQ = 0x00000080, + PRINTER_ATTRIBUTE_KEEPPRINTEDJOBS = 0x00000100, + PRINTER_ATTRIBUTE_DO_COMPLETE_FIRST = 0x00000200, + PRINTER_ATTRIBUTE_WORK_OFFLINE = 0x00000400, + PRINTER_ATTRIBUTE_ENABLE_BIDI = 0x00000800, + PRINTER_ATTRIBUTE_RAW_ONLY = 0x00001000, + PRINTER_ATTRIBUTE_PUBLISHED = 0x00002000, + PRINTER_ATTRIBUTE_FAX = 0x00004000, + PRINTER_ATTRIBUTE_TS = 0x00008000 + } spoolss_PrinterAttributes; + + typedef bitmap { + PRINTER_STATUS_PAUSED = 0x00000001, + PRINTER_STATUS_ERROR = 0x00000002, + PRINTER_STATUS_PENDING_DELETION = 0x00000004, + PRINTER_STATUS_PAPER_JAM = 0x00000008, + PRINTER_STATUS_PAPER_OUT = 0x00000010, + PRINTER_STATUS_MANUAL_FEED = 0x00000020, + PRINTER_STATUS_PAPER_PROBLEM = 0x00000040, + PRINTER_STATUS_OFFLINE = 0x00000080, + PRINTER_STATUS_IO_ACTIVE = 0x00000100, + PRINTER_STATUS_BUSY = 0x00000200, + PRINTER_STATUS_PRINTING = 0x00000400, + PRINTER_STATUS_OUTPUT_BIN_FULL = 0x00000800, + PRINTER_STATUS_NOT_AVAILABLE = 0x00001000, + PRINTER_STATUS_WAITING = 0x00002000, + PRINTER_STATUS_PROCESSING = 0x00004000, + PRINTER_STATUS_INITIALIZING = 0x00008000, + PRINTER_STATUS_WARMING_UP = 0x00010000, + PRINTER_STATUS_TONER_LOW = 0x00020000, + PRINTER_STATUS_NO_TONER = 0x00040000, + PRINTER_STATUS_PAGE_PUNT = 0x00080000, + PRINTER_STATUS_USER_INTERVENTION= 0x00100000, + PRINTER_STATUS_OUT_OF_MEMORY = 0x00200000, + PRINTER_STATUS_DOOR_OPEN = 0x00400000, + PRINTER_STATUS_SERVER_UNKNOWN = 0x00800000, + PRINTER_STATUS_POWER_SAVE = 0x01000000 + } spoolss_PrinterStatus; + + typedef struct { + [relative] nstring *servername; + [relative] nstring *printername; + [relative] nstring *sharename; + [relative] nstring *portname; + [relative] nstring *drivername; + [relative] nstring *comment; + [relative] nstring *location; + [relative,subcontext(0)] spoolss_DeviceMode *devmode; + [relative] nstring *sepfile; + [relative] nstring *printprocessor; + [relative] nstring *datatype; + [relative] nstring *parameters; + [relative,subcontext(0)] security_descriptor *secdesc; + spoolss_PrinterAttributes attributes; + uint32 priority; + uint32 defaultpriority; + uint32 starttime; + uint32 untiltime; + spoolss_PrinterStatus status; + uint32 cjobs; + uint32 averageppm; + } spoolss_PrinterInfo2; + + typedef struct { + [relative,subcontext(0)] security_descriptor *secdesc; + } spoolss_PrinterInfo3; + + typedef struct { + [relative] nstring *printername; + [relative] nstring *servername; + spoolss_PrinterAttributes attributes; + } spoolss_PrinterInfo4; + + typedef struct { + [relative] nstring *printername; + [relative] nstring *portname; + spoolss_PrinterAttributes attributes; + uint32 device_not_selected_timeout; + uint32 transmission_retry_timeout; + } spoolss_PrinterInfo5; + + typedef struct { + spoolss_PrinterStatus status; + } spoolss_PrinterInfo6; + + typedef bitmap { + DSPRINT_PUBLISH = 0x00000001, + DSPRINT_UPDATE = 0x00000002, + DSPRINT_UNPUBLISH = 0x00000004, + DSPRINT_REPUBLISH = 0x00000008, + DSPRINT_PENDING = 0x80000000 + } spoolss_DsPrintAction; + + typedef struct { + [relative] nstring *guid; /* text form of printer guid */ + spoolss_DsPrintAction action; + } spoolss_PrinterInfo7; + + typedef struct { + [relative,subcontext(0)] spoolss_DeviceMode *devmode; + } spoolss_DeviceModeInfo; + + typedef [nodiscriminant,relative_base,public] union { + [case(0)] spoolss_PrinterInfo0 info0; + [case(1)] spoolss_PrinterInfo1 info1; + [case(2)] spoolss_PrinterInfo2 info2; + [case(3)] spoolss_PrinterInfo3 info3; + [case(4)] spoolss_PrinterInfo4 info4; + [case(5)] spoolss_PrinterInfo5 info5; + [case(6)] spoolss_PrinterInfo6 info6; + [case(7)] spoolss_PrinterInfo7 info7; + [case(8)] spoolss_DeviceModeInfo info8; + [case(9)] spoolss_DeviceModeInfo info9; + [default]; + } spoolss_PrinterInfo; + + /******************/ + /* Function: 0x00 */ + /* we are using this as internal parsing code */ + [public,noopnum,noprint] WERROR _spoolss_EnumPrinters( + [in] spoolss_EnumPrinterFlags flags, + [in,unique] [string,charset(UTF16)] uint16 *server, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 count + ); + [public,noopnum,noprint] void __spoolss_EnumPrinters( + [in] uint32 level, + [in] uint32 count, + [out,switch_is(level)] spoolss_PrinterInfo info[count] + ); + [nopull,nopush] WERROR spoolss_EnumPrinters( + [in] spoolss_EnumPrinterFlags flags, + [in,unique] [string,charset(UTF16)] uint16 *server, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + /* what we have here is a subcontext containing an array of no discriminant unions + * and the array has no size in front + */ + [out,unique,switch_is(level),size_is(count)] spoolss_PrinterInfo *info, + [out] uint32 needed, + [out] uint32 count + ); + + /******************/ + /* Function: 0x01 */ + typedef struct { + [value(_ndr_size_spoolss_DeviceMode(devmode, ndr->flags))] uint32 _ndr_size; + [subcontext(4),subcontext_size(_ndr_size)] spoolss_DeviceMode *devmode; + } spoolss_DevmodeContainer; + + [public] WERROR spoolss_OpenPrinter( + [in,unique] [string,charset(UTF16)] uint16 *printername, + [in,unique] [string,charset(UTF16)] uint16 *datatype, + [in] spoolss_DevmodeContainer devmode_ctr, + [in] uint32 access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x02 */ + typedef struct { + uint32 job_id; + [relative] nstring *printer_name; + [relative] nstring *server_name; + [relative] nstring *user_name; + [relative] nstring *document_name; + [relative] nstring *data_type; + [relative] nstring *text_status; + uint32 status; + uint32 priority; + uint32 position; + uint32 total_pages; + uint32 pages_printed; + spoolss_Time time; + } spoolss_JobInfo1; + + typedef [nodiscriminant,relative_base,public] union { + [case(1)] spoolss_JobInfo1 info1; + [case(2)]; /* TODO */ + [case(3)]; /* TODO */ + [default]; + } spoolss_JobInfo; + + typedef struct { + uint32 level; + [switch_is(level)] spoolss_JobInfo info; + } spoolss_JobInfoContainer; + + typedef [v1_enum] enum { + SPOOLSS_JOB_CONTROL_PAUSE = 1, + SPOOLSS_JOB_CONTROL_RESUME = 2, + SPOOLSS_JOB_CONTROL_CANCEL = 3, + SPOOLSS_JOB_CONTROL_RESTART = 4, + SPOOLSS_JOB_CONTROL_DELETE = 5, + SPOOLSS_JOB_CONTROL_SEND_TO_PRINTER = 6, + SPOOLSS_JOB_CONTROL_LAST_PAGE_EJECTED = 7 + } spoolss_JobControl; + + WERROR spoolss_SetJob( + [in,ref] policy_handle *handle, + [in] uint32 job_id, + [in,unique] spoolss_JobInfoContainer *ctr, + [in] spoolss_JobControl command + ); + + /******************/ + /* Function: 0x03 */ + WERROR spoolss_GetJob( + [in,ref] policy_handle *handle, + [in] uint32 job_id, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,subcontext(4),subcontext_size(offered),switch_is(level)] spoolss_JobInfo *info, + [out] uint32 needed + ); + + /******************/ + /* Function: 0x04 */ + [public,noopnum,noprint] WERROR _spoolss_EnumJobs( + [in,ref] policy_handle *handle, + [in] uint32 firstjob, + [in] uint32 numjobs, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 count + ); + [public,noopnum,noprint] void __spoolss_EnumJobs( + [in] uint32 level, + [in] uint32 count, + [out,switch_is(level)] spoolss_JobInfo info[count] + ); + [nopull,nopush] WERROR spoolss_EnumJobs( + [in,ref] policy_handle *handle, + [in] uint32 firstjob, + [in] uint32 numjobs, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,switch_is(level),size_is(count)] spoolss_JobInfo *info, + [out] uint32 needed, + [out] uint32 count + ); + + /******************/ + /* Function: 0x05 */ + [todo] WERROR spoolss_AddPrinter( + /* This function is not implemented in Samba 3 as no + clients have been observed using it. */ + ); + + /******************/ + /* Function: 0x06 */ + [todo] WERROR spoolss_DeletePrinter( + ); + + /******************/ + /* Function: 0x07 */ + typedef [v1_enum] enum { + SPOOLSS_PRINTER_CONTROL_UNPAUSE = 0, + SPOOLSS_PRINTER_CONTROL_PAUSE = 1, + SPOOLSS_PRINTER_CONTROL_RESUME = 2, + SPOOLSS_PRINTER_CONTROL_PURGE = 3, + SPOOLSS_PRINTER_CONTROL_SET_STATUS = 4 + } spoolss_PrinterControl; + + typedef [switch_type(uint32)] union { + [case(0)] spoolss_PrinterInfo0 *info0; + [case(1)] spoolss_PrinterInfo1 *info1; + [case(2)] spoolss_PrinterInfo2 *info2; + [case(3)] spoolss_PrinterInfo3 *info3; + [case(4)] spoolss_PrinterInfo4 *info4; + [case(5)] spoolss_PrinterInfo5 *info5; + [case(6)] spoolss_PrinterInfo6 *info6; + [case(7)] spoolss_PrinterInfo7 *info7; + [case(8)] spoolss_DeviceModeInfo *info8; + [case(9)] spoolss_DeviceModeInfo *info9; + [default]; + } spoolss_SetPrinterInfo; + + WERROR spoolss_SetPrinter( + [in,ref] policy_handle *handle, + [in] uint32 level, + [in,switch_is(level)] spoolss_SetPrinterInfo info, + [in] spoolss_DevmodeContainer devmode_ctr, + [in] sec_desc_buf secdesc_ctr, + [in] spoolss_PrinterControl command + ); + + /******************/ + /* Function: 0x08 */ + [public] WERROR spoolss_GetPrinter( + [in,ref] policy_handle *handle, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,subcontext(4),subcontext_size(offered),switch_is(level)] spoolss_PrinterInfo *info, + [out] uint32 needed + ); + + /******************/ + /* Function: 0x09 */ + [todo] WERROR spoolss_AddPrinterDriver( + ); + + typedef struct { + [relative] nstring *driver_name; + } spoolss_DriverInfo1; + + typedef [v1_enum] enum { + SPOOLSS_DRIVER_VERSION_9X = 0, + SPOOLSS_DRIVER_VERSION_NT35 = 1, + SPOOLSS_DRIVER_VERSION_NT4 = 2, + SPOOLSS_DRIVER_VERSION_200X = 3 + } spoolss_DriverOSVersion; + + typedef struct { + spoolss_DriverOSVersion version; + [relative] nstring *driver_name; + [relative] nstring *architecture; + [relative] nstring *driver_path; + [relative] nstring *data_file; + [relative] nstring *config_file; + } spoolss_DriverInfo2; + + typedef struct { + spoolss_DriverOSVersion version; + [relative] nstring *driver_name; + [relative] nstring *architecture; + [relative] nstring *driver_path; + [relative] nstring *data_file; + [relative] nstring *config_file; + [relative] nstring *help_file; + [relative] nstring_array *dependent_files; + [relative] nstring *monitor_name; + [relative] nstring *default_datatype; + } spoolss_DriverInfo3; + + typedef struct { + spoolss_DriverOSVersion version; + [relative] nstring *driver_name; + [relative] nstring *architecture; + [relative] nstring *driver_path; + [relative] nstring *data_file; + [relative] nstring *config_file; + [relative] nstring *help_file; + [relative] nstring_array *dependent_files; + [relative] nstring *monitor_name; + [relative] nstring *default_datatype; + [relative] nstring_array *previous_names; + } spoolss_DriverInfo4; + + typedef struct { + spoolss_DriverOSVersion version; + [relative] nstring *driver_name; + [relative] nstring *architecture; + [relative] nstring *driver_path; + [relative] nstring *data_file; + [relative] nstring *config_file; + uint32 driver_attributes; + uint32 config_version; + uint32 driver_version; + } spoolss_DriverInfo5; + + typedef struct { + spoolss_DriverOSVersion version; + [relative] nstring *driver_name; + [relative] nstring *architecture; + [relative] nstring *driver_path; + [relative] nstring *data_file; + [relative] nstring *config_file; + [relative] nstring *help_file; + [relative] nstring_array *dependent_files; + [relative] nstring *monitor_name; + [relative] nstring *default_datatype; + [relative] nstring_array *previous_names; + NTTIME driver_data; + hyper driver_version; + [relative] nstring *manufacturer_name; + [relative] nstring *manufacturer_url; + [relative] nstring *hardware_id; + [relative] nstring *provider; + } spoolss_DriverInfo6; + + typedef [nodiscriminant,relative_base,public] union { + [case(1)] spoolss_DriverInfo1 info1; + [case(2)] spoolss_DriverInfo2 info2; + [case(3)] spoolss_DriverInfo3 info3; + [case(4)] spoolss_DriverInfo4 info4; + [case(5)] spoolss_DriverInfo5 info5; + [case(6)] spoolss_DriverInfo6 info6; + [default]; + } spoolss_DriverInfo; + + /******************/ + /* Function: 0x0a */ + [public,noopnum,noprint] WERROR _spoolss_EnumPrinterDrivers( + [in,unique] [string,charset(UTF16)] uint16 *server, + [in,unique] [string,charset(UTF16)] uint16 *environment, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 count + ); + [public,noopnum,noprint] void __spoolss_EnumPrinterDrivers( + [in] uint32 level, + [in] uint32 count, + [out,switch_is(level)] spoolss_DriverInfo info[count] + ); + [nopull,nopush] WERROR spoolss_EnumPrinterDrivers( + [in,unique] [string,charset(UTF16)] uint16 *server, + [in,unique] [string,charset(UTF16)] uint16 *environment, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,switch_is(level),size_is(count)] spoolss_DriverInfo *info, + [out] uint32 needed, + [out] uint32 count + ); + + /******************/ + /* Function: 0x0b */ + [todo] WERROR spoolss_GetPrinterDriver( + ); + + /******************/ + /* Function: 0x0c */ + typedef struct { + nstring directory_name; + } spoolss_DriverDirectoryInfo1; + + /* NOTE: it's seems that w2k3 completly ignores the level + in its server code + */ + typedef [nodiscriminant,relative_base,gensize,public] union { + [case(1)] spoolss_DriverDirectoryInfo1 info1; + [default] spoolss_DriverDirectoryInfo1 info1; + } spoolss_DriverDirectoryInfo; + + [public] WERROR spoolss_GetPrinterDriverDirectory( + [in,unique] [string,charset(UTF16)] uint16 *server, + [in,unique] [string,charset(UTF16)] uint16 *environment, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,subcontext(4),subcontext_size(offered),switch_is(level)] spoolss_DriverDirectoryInfo *info, + [out] uint32 needed + ); + + /******************/ + /* Function: 0x0d */ + WERROR spoolss_DeletePrinterDriver( + [in,ref] policy_handle *handle, + [in,unique] [string,charset(UTF16)] uint16 *server, + [in] [string,charset(UTF16)] uint16 architecture[], + [in] [string,charset(UTF16)] uint16 driver[] + ); + + /******************/ + /* Function: 0x0e */ + [todo] WERROR spoolss_AddPrintProcessor( + ); + + /******************/ + /* Function: 0x0f */ + typedef struct { + [relative] nstring *print_processor_name; + } spoolss_PrintProcessorInfo1; + + typedef [nodiscriminant,relative_base,public] union { + [case(1)] spoolss_PrintProcessorInfo1 info1; + [default]; + } spoolss_PrintProcessorInfo; + + [public,noopnum,noprint] WERROR _spoolss_EnumPrintProcessors( + [in,unique] [string,charset(UTF16)] uint16 *servername, + [in,unique] [string,charset(UTF16)] uint16 *environment, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 count + ); + [public,noopnum,noprint] void __spoolss_EnumPrintProcessors( + [in] uint32 level, + [in] uint32 count, + [out,switch_is(level)] spoolss_PrintProcessorInfo info[count] + ); + [nopull,nopush] WERROR spoolss_EnumPrintProcessors( + [in,unique] [string,charset(UTF16)] uint16 *servername, + [in,unique] [string,charset(UTF16)] uint16 *environment, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,switch_is(level),size_is(count)] spoolss_PrintProcessorInfo *info, + [out] uint32 needed, + [out] uint32 count + ); + + /******************/ + /* Function: 0x10 */ + [todo] WERROR spoolss_GetPrintProcessorDirectory( + ); + + /******************/ + /* Function: 0x11 */ + typedef struct { + [string,charset(UTF16)] uint16 *document_name; + [string,charset(UTF16)] uint16 *output_file; + [string,charset(UTF16)] uint16 *datatype; + } spoolss_DocumentInfo1; + + typedef [switch_type(uint32)] union { + [case(1)] spoolss_DocumentInfo1 *info1; + [case(2)]; /* TODO */ + [case(3)]; /* TODO */ + [default]; + } spoolss_DocumentInfo; + + WERROR spoolss_StartDocPrinter( + [in,ref] policy_handle *handle, + [in] uint32 level, + [in,switch_is(level)] spoolss_DocumentInfo info, + [out] uint32 job_id + ); + + /******************/ + /* Function: 0x12 */ + WERROR spoolss_StartPagePrinter( + [in,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x13 */ + WERROR spoolss_WritePrinter( + [in,ref] policy_handle *handle, + [in] DATA_BLOB data, + [in,value(r->in.data.length)] uint32 _data_size, + [out] uint32 num_written + ); + + /******************/ + /* Function: 0x14 */ + WERROR spoolss_EndPagePrinter( + [in,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x15 */ + WERROR spoolss_AbortPrinter( + [in,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x16 */ + WERROR spoolss_ReadPrinter( + [in,ref] policy_handle *handle, + [in] uint32 data_size, + [out] DATA_BLOB data, + [out,value(r->out.data.length)] uint32 _data_size + ); + + /******************/ + /* Function: 0x17 */ + WERROR spoolss_EndDocPrinter( + [in,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x18 */ + [todo] WERROR spoolss_AddJob( + ); + + /******************/ + /* Function: 0x19 */ + [todo] WERROR spoolss_ScheduleJob( + ); + + /******************/ + /* Function: 0x1a */ + const string SPOOLSS_ARCHITECTURE_NT_X86 = "Windows NT x86"; + + typedef [public,gensize] struct { + [value(ndr_size_spoolss_OSVersion(r,ndr->flags))] uint32 _ndr_size; + uint32 major; + uint32 minor; + uint32 build; + [value(2)] uint32 unknown; + [subcontext(0),subcontext_size(256)] nstring extra_string; + } spoolss_OSVersion; + + typedef [public,gensize] struct { + [value(ndr_size_spoolss_OSVersionEx(r,ndr->flags))] uint32 _ndr_size; + uint32 major; + uint32 minor; + uint32 build; + [value(2)] uint32 unknown1; + [subcontext(0),subcontext_size(256)] nstring extra_string; + uint32 unknown2;/* service pack number? I saw 0 from w2k3 and 1 from winxp sp1*/ + uint32 unknown3;/* hmm? w2k3: 131346(0x20112) winxp sp1: 503382272 0x1E010100 */ + } spoolss_OSVersionEx; + + typedef [v1_enum] enum { + SPOOLSS_PRINTER_DATA_TYPE_NULL = 0, + SPOOLSS_PRINTER_DATA_TYPE_STRING = 1, + SPOOLSS_PRINTER_DATA_TYPE_BINARY = 3, + SPOOLSS_PRINTER_DATA_TYPE_UINT32 = 4, + SPOOLSS_PRINTER_DATA_TYPE_STRING_ARRAY = 7 + } spoolss_PrinterDataType; + + typedef [nodiscriminant,public,gensize] union { + [case(SPOOLSS_PRINTER_DATA_TYPE_NULL)]; + [case(SPOOLSS_PRINTER_DATA_TYPE_STRING)] nstring string; + [case(SPOOLSS_PRINTER_DATA_TYPE_BINARY),flag(NDR_REMAINING)] DATA_BLOB binary; + [case(SPOOLSS_PRINTER_DATA_TYPE_UINT32)] uint32 value; + [case(SPOOLSS_PRINTER_DATA_TYPE_STRING_ARRAY)] nstring_array string_array; + [default,flag(NDR_REMAINING)] DATA_BLOB data; + } spoolss_PrinterData; + + [noopnum,noprint,public] WERROR _spoolss_GetPrinterData( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 value_name[], + [in] uint32 offered, + [out] spoolss_PrinterDataType type, + [out] DATA_BLOB data, + [out] uint32 needed + ); + [noopnum,noprint,public] void __spoolss_GetPrinterData( + [in] spoolss_PrinterDataType type, + [out,switch_is(type)] spoolss_PrinterData data + ); + [nopull,nopush,public] WERROR spoolss_GetPrinterData( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 value_name[], + [in] uint32 offered, + [out] spoolss_PrinterDataType type, + [out,subcontext(4),subcontext_size(offered),switch_is(type)] spoolss_PrinterData data, + [out] uint32 needed + ); + + /******************/ + /* Function: 0x1b */ + [noopnum,nopull,noprint,public] WERROR _spoolss_SetPrinterData( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 value_name[], + [in] spoolss_PrinterDataType type, + [in] DATA_BLOB data, + [in] uint32 _offered + ); + [noopnum,nopull,noprint,public] void __spoolss_SetPrinterData( + [in] spoolss_PrinterDataType type, + [out,switch_is(type)] spoolss_PrinterData data + ); + [nopush] WERROR spoolss_SetPrinterData( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 value_name[], + [in] spoolss_PrinterDataType type, + [in,subcontext(4),switch_is(type)] spoolss_PrinterData data, + [in,value(ndr_size_spoolss_PrinterData(&data,type,flags))] uint32 _offered + ); + + /******************/ + /* Function: 0x1c */ + [todo] WERROR spoolss_WaitForPrinterChange( + ); + + /******************/ + /* Function: 0x1d */ + [public] WERROR spoolss_ClosePrinter( + [in,out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x1e */ + typedef [v1_enum] enum { + SPOOLSS_FORM_USER = 0, + SPOOLSS_FORM_BUILTIN = 1, + SPOOLSS_FORM_PRINTER = 2 + } spoolss_FormFlags; + + typedef struct { + uint32 width; + uint32 height; + } spoolss_FormSize; + + typedef struct { + uint32 left; + uint32 top; + uint32 right; + uint32 bottom; + } spoolss_FormArea; + + typedef struct { + spoolss_FormFlags flags; + [relative] nstring *form_name; + spoolss_FormSize size; + spoolss_FormArea area; + } spoolss_FormInfo1; + + typedef [nodiscriminant,relative_base,public,gensize] union { + [case(1)] spoolss_FormInfo1 info1; + [default]; + } spoolss_FormInfo; + + typedef struct { + spoolss_FormFlags flags; + [string,charset(UTF16)] uint16 *form_name; + spoolss_FormSize size; + spoolss_FormArea area; + } spoolss_AddFormInfo1; + + typedef [switch_type(uint32)] union { + [case(1)] spoolss_AddFormInfo1 *info1; + } spoolss_AddFormInfo; + + WERROR spoolss_AddForm( + [in,ref] policy_handle *handle, + [in] uint32 level, + [in,switch_is(level)] spoolss_AddFormInfo info + ); + + /******************/ + /* Function: 0x1f */ + WERROR spoolss_DeleteForm( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 form_name[] + ); + + /******************/ + /* Function: 0x20 */ + WERROR spoolss_GetForm( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 form_name[], + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,subcontext(4),subcontext_size(offered),switch_is(level)] spoolss_FormInfo *info, + [out] uint32 needed + ); + + /******************/ + /* Function: 0x21 */ + WERROR spoolss_SetForm( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 form_name[], + [in] uint32 level, + [in,switch_is(level)] spoolss_AddFormInfo info + ); + + /******************/ + /* Function: 0x22 */ + [public,noopnum,noprint] WERROR _spoolss_EnumForms( + [in,ref] policy_handle *handle, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 count + ); + [public,noopnum,noprint] void __spoolss_EnumForms( + [in] uint32 level, + [in] uint32 count, + [out,switch_is(level)] spoolss_FormInfo info[count] + ); + [nopull,nopush] WERROR spoolss_EnumForms( + [in,ref] policy_handle *handle, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,switch_is(level),size_is(count)] spoolss_FormInfo *info, + [out] uint32 needed, + [out] uint32 count + ); + + typedef struct { + [relative] nstring *port_name; + } spoolss_PortInfo1; + + typedef bitmap { + SPOOLSS_PORT_TYPE_WRITE = 0x00000001, + SPOOLSS_PORT_TYPE_READ = 0x00000002, + SPOOLSS_PORT_TYPE_REDIRECTED = 0x00000004, + SPOOLSS_PORT_TYPE_NET_ATTACHED = 0x00000008 + } spoolss_PortType; + + typedef struct { + [relative] nstring *port_name; + [relative] nstring *monitor_name; + [relative] nstring *description; + spoolss_PortType port_type; + uint32 reserved; + } spoolss_PortInfo2; + + typedef [nodiscriminant,relative_base,public] union { + [case(1)] spoolss_PortInfo1 info1; + [case(2)] spoolss_PortInfo2 info2; + [case(3)]; /* TODO */ + [default]; + } spoolss_PortInfo; + + /******************/ + /* Function: 0x23 */ + [public,noopnum,noprint] WERROR _spoolss_EnumPorts( + [in,unique] [string,charset(UTF16)] uint16 *servername, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 count + ); + [public,noopnum,noprint] void __spoolss_EnumPorts( + [in] uint32 level, + [in] uint32 count, + [out,switch_is(level)] spoolss_PortInfo info[count] + ); + [nopull,nopush] WERROR spoolss_EnumPorts( + [in,unique] [string,charset(UTF16)] uint16 *servername, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,switch_is(level),size_is(count)] spoolss_PortInfo *info, + [out] uint32 needed, + [out] uint32 count + ); + + /******************/ + /* Function: 0x24 */ + typedef struct { + [relative] nstring *monitor_name; + } spoolss_MonitorInfo1; + + typedef struct { + [relative] nstring *monitor_name; + [relative] nstring *environment; + [relative] nstring *dll_name; + } spoolss_MonitorInfo2; + + typedef [nodiscriminant,relative_base,public] union { + [case(1)] spoolss_MonitorInfo1 info1; + [case(2)] spoolss_MonitorInfo2 info2; + [default]; + } spoolss_MonitorInfo; + + [public,noopnum,noprint] WERROR _spoolss_EnumMonitors( + [in,unique] [string,charset(UTF16)] uint16 *servername, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 count + ); + [public,noopnum,noprint] void __spoolss_EnumMonitors( + [in] uint32 level, + [in] uint32 count, + [out,switch_is(level)] spoolss_MonitorInfo info[count] + ); + [nopull,nopush] WERROR spoolss_EnumMonitors( + [in,unique] [string,charset(UTF16)] uint16 *servername, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [out,unique,switch_is(level),size_is(count)] spoolss_MonitorInfo *info, + [out] uint32 needed, + [out] uint32 count + ); + + /******************/ + /* Function: 0x25 */ + WERROR spoolss_AddPort( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] uint32 unknown, + [in] [string,charset(UTF16)] uint16 monitor_name[] + ); + + /******************/ + /* Function: 0x26 */ + [todo] WERROR spoolss_ConfigurePort( + ); + + /******************/ + /* Function: 0x27 */ + [todo] WERROR spoolss_DeletePort( + ); + + /******************/ + /* Function: 0x28 */ + [todo] WERROR spoolss_CreatePrinterIC( + ); + + /******************/ + /* Function: 0x29 */ + [todo] WERROR spoolss_PlayGDIScriptOnPrinterIC( + ); + + /******************/ + /* Function: 0x2a */ + [todo] WERROR spoolss_DeletePrinterIC( + ); + + /******************/ + /* Function: 0x2b */ + [todo] WERROR spoolss_AddPrinterConnection( + ); + + /******************/ + /* Function: 0x2c */ + [todo] WERROR spoolss_DeletePrinterConnection( + ); + + /******************/ + /* Function: 0x2d */ + [todo] WERROR spoolss_PrinterMessageBox( + /* Marked as obsolete in MSDN. "Not necessary and has + no effect". */ + ); + + /******************/ + /* Function: 0x2e */ + [todo] WERROR spoolss_AddMonitor( + ); + + /******************/ + /* Function: 0x2f */ + [todo] WERROR spoolss_DeleteMonitor( + ); + + /******************/ + /* Function: 0x30 */ + [todo] WERROR spoolss_DeletePrintProcessor( + ); + + /******************/ + /* Function: 0x31 */ + [todo] WERROR spoolss_AddPrintProvidor( + ); + + /******************/ + /* Function: 0x32 */ + [todo] WERROR spoolss_DeletePrintProvidor( + ); + + /******************/ + /* Function: 0x33 */ + [todo] WERROR spoolss_EnumPrintProcDataTypes( + ); + + /******************/ + /* Function: 0x34 */ + [todo] WERROR spoolss_ResetPrinter( + ); + + /******************/ + /* Function: 0x35 */ + WERROR spoolss_GetPrinterDriver2( + [in,ref] policy_handle *handle, + [in,unique] [string,charset(UTF16)] uint16 *architecture, + [in] uint32 level, + [in,unique] DATA_BLOB *buffer, + [in] uint32 offered, + [in] uint32 client_major_version, + [in] uint32 client_minor_version, + [out,unique] DATA_BLOB *info, + [out] uint32 needed, + [out] uint32 server_major_version, + [out] uint32 server_minor_version + ); + + /******************/ + /* Function: 0x36 */ + [todo] WERROR spoolss_FindFirstPrinterChangeNotification( + ); + + /******************/ + /* Function: 0x37 */ + [todo] WERROR spoolss_FindNextPrinterChangeNotification( + ); + + /******************/ + /* Function: 0x38 */ + [public] WERROR spoolss_FindClosePrinterNotify( + [in,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x39 */ + [todo] WERROR spoolss_RouterFindFirstPrinterChangeNotificationOld( + ); + + /******************/ + /* Function: 0x3a */ + [public] WERROR spoolss_ReplyOpenPrinter( + [in,string,charset(UTF16)] uint16 server_name[], + [in] uint32 printer_local, + [in] winreg_Type type, + [in] uint32 unknown1, + [in] uint32 unknown2, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x3b */ + [todo] WERROR spoolss_RouterReplyPrinter( + ); + + /******************/ + /* Function: 0x3c */ + [public] WERROR spoolss_ReplyClosePrinter( + [in,out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x3d */ + [todo] WERROR spoolss_AddPortEx( + ); + + /******************/ + /* Function: 0x3e */ + [todo] WERROR spoolss_RouterFindFirstPrinterChangeNotification( + ); + + /******************/ + /* Function: 0x3f */ + [todo] WERROR spoolss_SpoolerInit( + ); + + /******************/ + /* Function: 0x40 */ + [todo] WERROR spoolss_ResetPrinterEx( + ); + + typedef [enum16bit] enum { + SPOOLSS_FIELD_SERVER_NAME = 0, + SPOOLSS_FIELD_PRINTER_NAME = 1, + SPOOLSS_FIELD_SHARE_NAME = 2, + SPOOLSS_FIELD_PORT_NAME = 3, + SPOOLSS_FIELD_DRIVER_NAME = 4, + SPOOLSS_FIELD_COMMENT = 5, + SPOOLSS_FIELD_LOCATION = 6, + SPOOLSS_FIELD_DEVMODE = 7, + SPOOLSS_FIELD_SEPFILE = 8, + SPOOLSS_FIELD_PRINT_PROCESSOR = 9, + SPOOLSS_FIELD_PARAMETERS = 10, + SPOOLSS_FIELD_DATATYPE = 11, + SPOOLSS_FIELD_SECURITY_DESCRIPTOR=12, + SPOOLSS_FIELD_ATTRIBUTES = 13, + SPOOLSS_FIELD_PRIORITY = 14, + SPOOLSS_FIELD_DEFAULT_PRIORITY = 15, + SPOOLSS_FIELD_START_TIME = 16, + SPOOLSS_FIELD_UNTIL_TIME = 17, + SPOOLSS_FIELD_STATUS = 18, + SPOOLSS_FIELD_STATUS_STRING = 19, + SPOOLSS_FIELD_CJOBS = 20, + SPOOLSS_FIELD_AVERAGE_PPM = 21, + SPOOLSS_FIELD_TOTAL_PAGES = 22, + SPOOLSS_FIELD_PAGES_PRINTED = 23, + SPOOLSS_FIELD_TOTAL_BYTES = 24, + SPOOLSS_FIELD_BYTES_PRINTED = 25 + } spoolss_Field; + + typedef [enum16bit] enum { + SPOOLSS_NOTIFY_PRINTER = 0, + SPOOLSS_NOTIFY_JOB = 1 + } spoolss_NotifyType; + + /******************/ + /* Function: 0x41 */ + typedef struct { + spoolss_NotifyType type; + uint16 u1; + uint32 u2; + uint32 u3; + uint32 count; + [size_is(count)] spoolss_Field *fields; + } spoolss_NotifyOptionsArray; + + typedef struct { + uint32 version; + uint32 flags; + uint32 count; + [size_is(count)] spoolss_NotifyOptionsArray *options; + } spoolss_NotifyOptionsContainer; + + [public] WERROR spoolss_RemoteFindFirstPrinterChangeNotifyEx( + [in,ref] policy_handle *handle, + [in] uint32 flags, + [in] uint32 options, + [in,unique] [string,charset(UTF16)] uint16 *str, + [in] uint32 printer_local, + [in,unique] spoolss_NotifyOptionsContainer *t1 + ); + + /******************/ + /* Function: 0x42 */ + [todo] WERROR spoolss_RouterRefreshPrinterChangeNotification( + ); + + typedef struct { + uint32 size; + [size_is(size/2),unique,charset(UTF16)] uint16 *string; + } spoolss_NotifyUTF16String; + + typedef struct { + uint32 size; + [size_is(size),charset(DOS)] uint8 *string; + } spoolss_NotifyDOSString; + + typedef struct { + uint16 data[8]; + } spoolss_NotifyBlobData; + + typedef struct { + uint32 len; + [unique] spoolss_NotifyBlobData *data; + } spoolss_NotifyBlob; + + typedef [switch_type(uint32)] union { + [case(1)] dlong integer; + [case(2)] spoolss_NotifyUTF16String utf16_string; + [case(3)] spoolss_NotifyDOSString ascii_string; + [case(4)] spoolss_NotifyBlob blob; + [case(5)] spoolss_NotifyDOSString ascii_string; + } spoolss_NotifyData; + + typedef struct { + spoolss_NotifyType type; + spoolss_Field field; + uint32 variable_type; + uint32 job_id; + [switch_is(variable_type)] spoolss_NotifyData data; + } spoolss_Notify; + + typedef struct { + uint32 version; + uint32 flags; + uint32 count; + [size_is(count)] spoolss_Notify notifies[]; + } spoolss_NotifyInfo; + + /******************/ + /* Function: 0x43 */ + [public] WERROR spoolss_RemoteFindNextPrinterChangeNotifyEx( + [in,ref] policy_handle *handle, + [in] uint32 change_low, + [in,unique] spoolss_NotifyOptionsContainer *container, + [out, unique] spoolss_NotifyInfo *info + ); + + /******************/ + /* Function: 0x44 */ + [todo] WERROR spoolss_44( + ); + + typedef struct { + uint32 size; + [string,charset(UTF16)] uint16 *client; + [string,charset(UTF16)] uint16 *user; + uint32 build; + uint32 major; + uint32 minor; + uint32 processor; + } spoolss_UserLevel1; + + typedef union { + [case(1)] spoolss_UserLevel1 *level1; + } spoolss_UserLevel; + + typedef bitmap { + SERVER_ACCESS_ADMINISTER = 0x00000001, + SERVER_ACCESS_ENUMERATE = 0x00000002, + PRINTER_ACCESS_ADMINISTER = 0x00000004, + PRINTER_ACCESS_USE = 0x00000008, + JOB_ACCESS_ADMINISTER = 0x00000010 + } spoolss_AccessRights; + + /* Access rights for print servers */ + const int SERVER_ALL_ACCESS = SEC_STD_REQUIRED | + SERVER_ACCESS_ADMINISTER | + SERVER_ACCESS_ENUMERATE; + + const int SERVER_READ = SEC_STD_READ_CONTROL | + SERVER_ACCESS_ENUMERATE; + + const int SERVER_WRITE = STANDARD_RIGHTS_WRITE_ACCESS | + SERVER_ACCESS_ADMINISTER | + SERVER_ACCESS_ENUMERATE; + + const int SERVER_EXECUTE = SEC_STD_READ_CONTROL | + SERVER_ACCESS_ENUMERATE; + + /* Access rights for printers */ + const int PRINTER_ALL_ACCESS = SEC_STD_REQUIRED | + PRINTER_ACCESS_ADMINISTER | + PRINTER_ACCESS_USE; + + const int PRINTER_READ = SEC_STD_READ_CONTROL | + PRINTER_ACCESS_USE; + + const int PRINTER_WRITE = STANDARD_RIGHTS_WRITE_ACCESS | + PRINTER_ACCESS_USE; + + const int PRINTER_EXECUTE = SEC_STD_READ_CONTROL | + PRINTER_ACCESS_USE; + + /* Access rights for jobs */ + const int JOB_ALL_ACCESS = SEC_STD_REQUIRED | + JOB_ACCESS_ADMINISTER; + + const int JOB_READ = SEC_STD_READ_CONTROL | + JOB_ACCESS_ADMINISTER; + + const int JOB_WRITE = STANDARD_RIGHTS_WRITE_ACCESS | + JOB_ACCESS_ADMINISTER; + + const int JOB_EXECUTE = SEC_STD_READ_CONTROL | + JOB_ACCESS_ADMINISTER; + + /* ACE masks for various print permissions */ + const int PRINTER_ACE_FULL_CONTROL = SEC_GENERIC_ALL | + PRINTER_ALL_ACCESS; + + const int PRINTER_ACE_MANAGE_DOCUMENTS = SEC_GENERIC_ALL | + READ_CONTROL_ACCESS; + + const int PRINTER_ACE_PRINT = GENERIC_EXECUTE_ACCESS | + READ_CONTROL_ACCESS | + PRINTER_ACCESS_USE; + + /******************/ + /* Function: 0x45 */ + [public] WERROR spoolss_OpenPrinterEx( + [in,unique] [string,charset(UTF16)] uint16 *printername, + [in,unique] [string,charset(UTF16)] uint16 *datatype, + [in] spoolss_DevmodeContainer devmode_ctr, + [in] uint32 access_mask, + [in] uint32 level, + [in,switch_is(level)] spoolss_UserLevel userlevel, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x46 */ + WERROR spoolss_AddPrinterEx( + [in,unique] [string,charset(UTF16)] uint16 *server, + [in] uint32 level, + [in,unique,switch_is(level)] spoolss_PrinterInfo *info, + [in] spoolss_DevmodeContainer devmode_ctr, + [in,unique] security_descriptor *secdesc, + [in] uint32 ulevel, + [in,switch_is(ulevel)] spoolss_UserLevel userlevel + ); + + /******************/ + /* Function: 0x47 */ + [todo] WERROR spoolss_47( + ); + + /******************/ + /* Function: 0x48 */ + WERROR spoolss_EnumPrinterData( + [in,ref] policy_handle *handle, + [in] uint32 enum_index, + [out,ref,size_is(value_offered/2),charset(UTF16)] uint16 *value_name, + [in] uint32 value_offered, + [out,ref] uint32 *value_needed, + [out,ref] uint32 *printerdata_type, + [out,ref] DATA_BLOB *buffer, + [in] uint32 data_offered, + [out,ref] uint32 *data_needed + ); + + /******************/ + /* Function: 0x49 */ + WERROR spoolss_DeletePrinterData( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 value_name[] + ); + + /******************/ + /* Function: 0x4a */ + [todo] WERROR spoolss_4a( + ); + + /******************/ + /* Function: 0x4b */ + [todo] WERROR spoolss_4b( + ); + + /******************/ + /* Function: 0x4c */ + [todo] WERROR spoolss_4c( + ); + + /******************/ + /* Function: 0x4d */ + WERROR spoolss_SetPrinterDataEx( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 key_name[], + [in] [string,charset(UTF16)] uint16 value_name[], + [in] uint32 type, + [in] DATA_BLOB buffer, + [in] uint32 offered + ); + + /******************/ + /* Function: 0x4e */ + WERROR spoolss_GetPrinterDataEx( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 key_name[], + [in] [string,charset(UTF16)] uint16 value_name[], + [in] uint32 offered, + [out] uint32 type, + [out] DATA_BLOB buffer, + [out] uint32 needed + ); + + /******************/ + /* Function: 0x4f */ + [public] WERROR spoolss_EnumPrinterDataEx( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 key_name[], + [in] uint32 offered, + [out] DATA_BLOB buffer, + [out] uint32 needed, + [out] uint32 count + ); + + /******************/ + /* Function: 0x50 */ + [public] WERROR spoolss_EnumPrinterKey( + [in, ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 key_name[], + [out] uint32 key_buffer_size, + [out] uint16 key_buffer[key_buffer_size], + [in,out] uint32 needed + ); + + /******************/ + /* Function: 0x51 */ + WERROR spoolss_DeletePrinterDataEx( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 key_name[], + [in] [string,charset(UTF16)] uint16 value_name[] + ); + + /******************/ + /* Function: 0x52 */ + [todo] WERROR spoolss_DeletePrinterKey( + ); + + /******************/ + /* Function: 0x53 */ + [todo] WERROR spoolss_53( + ); + + /******************/ + /* Function: 0x54 */ + [todo] WERROR spoolss_DeletePrinterDriverEx( + ); + + /******************/ + /* Function: 0x55 */ + [todo] WERROR spoolss_55( + ); + + /******************/ + /* Function: 0x56 */ + [todo] WERROR spoolss_56( + ); + + /******************/ + /* Function: 0x57 */ + [todo] WERROR spoolss_57( + ); + + /******************/ + /* Function: 0x58 */ + WERROR spoolss_XcvData( + [in,ref] policy_handle *handle, + [in] [string,charset(UTF16)] uint16 function_name[], + [in] DATA_BLOB in_data, + [in,value(r->in.in_data.length)] uint32 _in_data_length, + [in] uint32 offered, + [in] uint32 unknown1, + [out] DATA_BLOB out_data, + [out] uint32 needed, + [out] uint32 unknown2 + ); + + /******************/ + /* Function: 0x59 */ + [public,todo] WERROR spoolss_AddPrinterDriverEx( + ); + + /******************/ + /* Function: 0x5a */ + [todo] WERROR spoolss_5a( + ); + + /******************/ + /* Function: 0x5b */ + [todo] WERROR spoolss_5b( + ); + + /******************/ + /* Function: 0x5c */ + [todo] WERROR spoolss_5c( + ); + + /******************/ + /* Function: 0x5d */ + [todo] WERROR spoolss_5d( + ); + + /******************/ + /* Function: 0x5e */ + [todo] WERROR spoolss_5e( + ); + + /******************/ + /* Function: 0x5f */ + [todo] WERROR spoolss_5f( + ); +} diff --git a/source4/librpc/idl/srvsvc.idl b/source4/librpc/idl/srvsvc.idl new file mode 100644 index 0000000000..703f3281cf --- /dev/null +++ b/source4/librpc/idl/srvsvc.idl @@ -0,0 +1,1519 @@ +#include "idl_types.h" + +/* + srvsvc interface definitions +*/ +import "security.idl", "svcctl.idl"; + +[ uuid("4b324fc8-1670-01d3-1278-5a47bf6ee188"), + version(3.0), + endpoint("ncacn_np:[\\pipe\\srvsvc]", "ncacn_ip_tcp:", "ncalrpc:"), + pointer_default(unique), + helpstring("Server Service") +] interface srvsvc +{ + typedef bitmap svcctl_ServerType svcctl_ServerType; + typedef bitmap security_secinfo security_secinfo; + +/**************************/ +/* srvsvc_NetCharDev */ +/**************************/ + typedef struct { + [string,charset(UTF16)] uint16 *device; + } srvsvc_NetCharDevInfo0; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetCharDevInfo0 *array; + } srvsvc_NetCharDevCtr0; + + typedef struct { + [string,charset(UTF16)] uint16 *device; + uint32 status; + [string,charset(UTF16)] uint16 *user; + uint32 time; + } srvsvc_NetCharDevInfo1; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetCharDevInfo1 *array; + } srvsvc_NetCharDevCtr1; + + typedef union { + [case(0)] srvsvc_NetCharDevInfo0 *info0; + [case(1)] srvsvc_NetCharDevInfo1 *info1; + [default] ; + } srvsvc_NetCharDevInfo; + + typedef union { + [case(0)] srvsvc_NetCharDevCtr0 *ctr0; + [case(1)] srvsvc_NetCharDevCtr1 *ctr1; + [default] ; + } srvsvc_NetCharDevCtr; + + /******************/ + /* Function: 0x00 */ + WERROR srvsvc_NetCharDevEnum( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,out] uint32 level, + [in,out,switch_is(level)] srvsvc_NetCharDevCtr ctr, + [in] uint32 max_buffer, + [out] uint32 totalentries, + [in,out,unique] uint32 *resume_handle + ); + + /******************/ + /* Function: 0x01 */ + WERROR srvsvc_NetCharDevGetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 device_name[], + [in] uint32 level, + [out,switch_is(level)] srvsvc_NetCharDevInfo info + ); + + /******************/ + /* Function: 0x02 */ + WERROR srvsvc_NetCharDevControl( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 device_name[], + [in] uint32 opcode + ); + +/**************************/ +/* srvsvc_NetCharDevQ */ +/**************************/ + typedef struct { + [string,charset(UTF16)] uint16 *device; + } srvsvc_NetCharDevQInfo0; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetCharDevQInfo0 *array; + } srvsvc_NetCharDevQCtr0; + + typedef struct { + [string,charset(UTF16)] uint16 *device; + uint32 priority; + [string,charset(UTF16)] uint16 *devices; + uint32 users; + uint32 num_ahead; + } srvsvc_NetCharDevQInfo1; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetCharDevQInfo1 *array; + } srvsvc_NetCharDevQCtr1; + + typedef union { + [case(0)] srvsvc_NetCharDevQInfo0 *info0; + [case(1)] srvsvc_NetCharDevQInfo1 *info1; + [default] ; + } srvsvc_NetCharDevQInfo; + + typedef union { + [case(0)] srvsvc_NetCharDevQCtr0 *ctr0; + [case(1)] srvsvc_NetCharDevQCtr1 *ctr1; + [default] ; + } srvsvc_NetCharDevQCtr; + + /******************/ + /* Function: 0x03 */ + WERROR srvsvc_NetCharDevQEnum( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *user, + [in,out] uint32 level, + [in,out,switch_is(level)] srvsvc_NetCharDevQCtr ctr, + [in] uint32 max_buffer, + [out] uint32 totalentries, + [in,out,unique] uint32 *resume_handle + ); + + /******************/ + /* Function: 0x04 */ + WERROR srvsvc_NetCharDevQGetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 queue_name[], + [in] [string,charset(UTF16)] uint16 user[], + [in] uint32 level, + [out,switch_is(level)] srvsvc_NetCharDevQInfo info + ); + + /******************/ + /* Function: 0x05 */ + WERROR srvsvc_NetCharDevQSetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 queue_name[], + [in] uint32 level, + [in,switch_is(level)] srvsvc_NetCharDevQInfo info, + [in,out,unique] uint32 *parm_error + ); + + /******************/ + /* Function: 0x06 */ + WERROR srvsvc_NetCharDevQPurge( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 queue_name[] + ); + + /******************/ + /* Function: 0x07 */ + WERROR srvsvc_NetCharDevQPurgeSelf( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 queue_name[], + [in] [string,charset(UTF16)] uint16 computer_name[] + ); + +/**************************/ +/* srvsvc_NetConn */ +/**************************/ + typedef struct { + uint32 conn_id; + } srvsvc_NetConnInfo0; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetConnInfo0 *array; + } srvsvc_NetConnCtr0; + + typedef struct { + uint32 conn_id; + uint32 conn_type; + uint32 num_open; + uint32 num_users; + uint32 conn_time; + [string,charset(UTF16)] uint16 *user; + [string,charset(UTF16)] uint16 *share; + } srvsvc_NetConnInfo1; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetConnInfo1 *array; + } srvsvc_NetConnCtr1; + + typedef union { + [case(0)] srvsvc_NetConnCtr0 *ctr0; + [case(1)] srvsvc_NetConnCtr1 *ctr1; + [default] ; + } srvsvc_NetConnCtr; + + /******************/ + /* Function: 0x08 */ + WERROR srvsvc_NetConnEnum( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *path, + [in,out] uint32 level, + [in,out,switch_is(level)] srvsvc_NetConnCtr ctr, + [in] uint32 max_buffer, + [out] uint32 totalentries, + [in,out,unique] uint32 *resume_handle + ); + +/**************************/ +/* srvsvc_NetFile */ +/**************************/ + typedef struct { + uint32 fid; + } srvsvc_NetFileInfo2; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetFileInfo2 *array; + } srvsvc_NetFileCtr2; + + typedef struct { + uint32 fid; + uint32 permissions; + uint32 num_locks; + [string,charset(UTF16)] uint16 *path; + [string,charset(UTF16)] uint16 *user; + } srvsvc_NetFileInfo3; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetFileInfo3 *array; + } srvsvc_NetFileCtr3; + + typedef union { + [case(2)] srvsvc_NetFileInfo2 *info2; + [case(3)] srvsvc_NetFileInfo3 *info3; + [default] ; + } srvsvc_NetFileInfo; + + typedef union { + [case(2)] srvsvc_NetFileCtr2 *ctr2; + [case(3)] srvsvc_NetFileCtr3 *ctr3; + [default] ; + } srvsvc_NetFileCtr; + + /******************/ + /* Function: 0x09 */ + WERROR srvsvc_NetFileEnum( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *path, + [in,unique] [string,charset(UTF16)] uint16 *user, + [in,out] uint32 level, + [in,out,switch_is(level)] srvsvc_NetFileCtr ctr, + [in] uint32 max_buffer, + [out] uint32 totalentries, + [in,out,unique] uint32 *resume_handle + ); + + /******************/ + /* Function: 0x0a */ + WERROR srvsvc_NetFileGetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] uint32 fid, + [in] uint32 level, + [out,switch_is(level)] srvsvc_NetFileInfo info + ); + + /******************/ + /* Function: 0x0b */ + WERROR srvsvc_NetFileClose( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] uint32 fid + ); + +/**************************/ +/* srvsvc_NetSess */ +/**************************/ + typedef struct { + [string,charset(UTF16)] uint16 *client; + } srvsvc_NetSessInfo0; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetSessInfo0 *array; + } srvsvc_NetSessCtr0; + + typedef struct { + [string,charset(UTF16)] uint16 *client; + [string,charset(UTF16)] uint16 *user; + uint32 num_open; + uint32 time; + uint32 idle_time; + uint32 user_flags; + } srvsvc_NetSessInfo1; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetSessInfo1 *array; + } srvsvc_NetSessCtr1; + + typedef struct { + [string,charset(UTF16)] uint16 *client; + [string,charset(UTF16)] uint16 *user; + uint32 num_open; + uint32 time; + uint32 idle_time; + uint32 user_flags; + [string,charset(UTF16)] uint16 *client_type; + } srvsvc_NetSessInfo2; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetSessInfo2 *array; + } srvsvc_NetSessCtr2; + + typedef struct { + [string,charset(UTF16)] uint16 *client; + [string,charset(UTF16)] uint16 *user; + uint32 time; + uint32 idle_time; + } srvsvc_NetSessInfo10; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetSessInfo10 *array; + } srvsvc_NetSessCtr10; + + typedef struct { + [string,charset(UTF16)] uint16 *client; + [string,charset(UTF16)] uint16 *user; + uint32 num_open; + uint32 time; + uint32 idle_time; + uint32 user_flags; + [string,charset(UTF16)] uint16 *client_type; + [string,charset(UTF16)] uint16 *transport; + } srvsvc_NetSessInfo502; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetSessInfo502 *array; + } srvsvc_NetSessCtr502; + + typedef union { + [case(0)] srvsvc_NetSessCtr0 *ctr0; + [case(1)] srvsvc_NetSessCtr1 *ctr1; + [case(2)] srvsvc_NetSessCtr2 *ctr2; + [case(10)] srvsvc_NetSessCtr10 *ctr10; + [case(502)] srvsvc_NetSessCtr502 *ctr502; + [default] ; + } srvsvc_NetSessCtr; + + /******************/ + /* Function: 0x0c */ + WERROR srvsvc_NetSessEnum( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *client, + [in,unique] [string,charset(UTF16)] uint16 *user, + [in,out] uint32 level, + [in,out,switch_is(level)] srvsvc_NetSessCtr ctr, + [in] uint32 max_buffer, + [out] uint32 totalentries, + [in,out,unique] uint32 *resume_handle + ); + + /******************/ + /* Function: 0x0d */ + WERROR srvsvc_NetSessDel( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *client, + [in,unique] [string,charset(UTF16)] uint16 *user + ); + +/**************************/ +/* srvsvc_NetShare */ +/**************************/ + + /* share types */ + const uint32 STYPE_TEMPORARY = 0x40000000; /* share is a temporary one */ + const uint32 STYPE_HIDDEN = 0x80000000; /* share is a hidden one */ + + typedef [v1_enum, flag(NDR_PAHEX)] enum { + STYPE_DISKTREE = 0, + STYPE_DISKTREE_TEMPORARY = STYPE_DISKTREE|STYPE_TEMPORARY, + STYPE_DISKTREE_HIDDEN = STYPE_DISKTREE|STYPE_HIDDEN, + STYPE_PRINTQ = 1, + STYPE_PRINTQ_TEMPORARY = STYPE_PRINTQ|STYPE_TEMPORARY, + STYPE_PRINTQ_HIDDEN = STYPE_PRINTQ|STYPE_HIDDEN, + STYPE_DEVICE = 2, /* Serial device */ + STYPE_DEVICE_TEMPORARY = STYPE_DEVICE|STYPE_TEMPORARY, + STYPE_DEVICE_HIDDEN = STYPE_DEVICE|STYPE_HIDDEN, + STYPE_IPC = 3, /* Interprocess communication (IPC) */ + STYPE_IPC_TEMPORARY = STYPE_IPC|STYPE_TEMPORARY, + STYPE_IPC_HIDDEN = STYPE_IPC|STYPE_HIDDEN + } srvsvc_ShareType; + + typedef struct { + [string,charset(UTF16)] uint16 *name; + } srvsvc_NetShareInfo0; + + typedef struct { + [string,charset(UTF16)] uint16 *name; + srvsvc_ShareType type; + [string,charset(UTF16)] uint16 *comment; + } srvsvc_NetShareInfo1; + + typedef struct { + [string,charset(UTF16)] uint16 *name; + srvsvc_ShareType type; + [string,charset(UTF16)] uint16 *comment; + uint32 permissions; + uint32 max_users; + uint32 current_users; + [string,charset(UTF16)] uint16 *path; + [string,charset(UTF16)] uint16 *password; + } srvsvc_NetShareInfo2; + + typedef struct { + [string,charset(UTF16)] uint16 *name; + srvsvc_ShareType type; + [string,charset(UTF16)] uint16 *comment; + uint32 csc_policy; + } srvsvc_NetShareInfo501; + + typedef struct { + [string,charset(UTF16)] uint16 *name; + srvsvc_ShareType type; + [string,charset(UTF16)] uint16 *comment; + uint32 permissions; + int32 max_users; + uint32 current_users; + [string,charset(UTF16)] uint16 *path; + [string,charset(UTF16)] uint16 *password; + /* maybe here is a struct sec_desc_buf following */ + uint32 unknown; + [subcontext(4)] security_descriptor *sd; + } srvsvc_NetShareInfo502; + + typedef struct { + [string,charset(UTF16)] uint16 *comment; + } srvsvc_NetShareInfo1004; + + typedef struct { + int32 max_users; + } srvsvc_NetShareInfo1006; + + typedef bitmap { + SHARE_1005_IN_DFS = 0x00000001, + SHARE_1005_DFS_ROOT = 0x00000002 + } NetShareInfo1005Flags; + + const uint32 SHARE_1005_CSC_POLICY_MASK = 0x00000030; + const uint32 SHARE_1005_CSC_POLICY_SHIFT = 4; + + typedef struct { + NetShareInfo1005Flags dfs_flags; + } srvsvc_NetShareInfo1005; + + typedef struct { + uint32 flags; + [string,charset(UTF16)] uint16 *alternate_directory_name; + } srvsvc_NetShareInfo1007; + + typedef union { + [case(0)] srvsvc_NetShareInfo0 *info0; + [case(1)] srvsvc_NetShareInfo1 *info1; + [case(2)] srvsvc_NetShareInfo2 *info2; + [case(501)] srvsvc_NetShareInfo501 *info501; + [case(502)] srvsvc_NetShareInfo502 *info502; + [case(1004)] srvsvc_NetShareInfo1004 *info1004; + [case(1005)] srvsvc_NetShareInfo1005 *info1005; + [case(1006)] srvsvc_NetShareInfo1006 *info1006; + [case(1007)] srvsvc_NetShareInfo1007 *info1007; + [case(1501)] sec_desc_buf *info1501; + [default] ; + } srvsvc_NetShareInfo; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetShareInfo0 *array; + } srvsvc_NetShareCtr0; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetShareInfo1 *array; + } srvsvc_NetShareCtr1; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetShareInfo2 *array; + } srvsvc_NetShareCtr2; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetShareInfo501 *array; + } srvsvc_NetShareCtr501; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetShareInfo502 *array; + } srvsvc_NetShareCtr502; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetShareInfo1004 *array; + } srvsvc_NetShareCtr1004; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetShareInfo1005 *array; + } srvsvc_NetShareCtr1005; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetShareInfo1006 *array; + } srvsvc_NetShareCtr1006; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetShareInfo1007 *array; + } srvsvc_NetShareCtr1007; + + typedef struct { + uint32 count; + [size_is(count)] sec_desc_buf *array; + } srvsvc_NetShareCtr1501; + + typedef union { + [case(0)] srvsvc_NetShareCtr0 *ctr0; + [case(1)] srvsvc_NetShareCtr1 *ctr1; + [case(2)] srvsvc_NetShareCtr2 *ctr2; + [case(501)] srvsvc_NetShareCtr501 *ctr501; + [case(502)] srvsvc_NetShareCtr502 *ctr502; + [case(1004)] srvsvc_NetShareCtr1004 *ctr1004; + [case(1005)] srvsvc_NetShareCtr1005 *ctr1005; + [case(1006)] srvsvc_NetShareCtr1006 *ctr1006; + [case(1007)] srvsvc_NetShareCtr1007 *ctr1007; + [case(1501)] srvsvc_NetShareCtr1501 *ctr1501; + [default] ; + } srvsvc_NetShareCtr; + + /******************/ + /* Function: 0x0e */ + WERROR srvsvc_NetShareAdd( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] uint32 level, + [in,switch_is(level)] srvsvc_NetShareInfo info, + [in,out,unique] uint32 *parm_error + ); + + /******************/ + /* Function: 0x0f */ + WERROR srvsvc_NetShareEnumAll ( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,out] uint32 level, + [in,out,switch_is(level)] srvsvc_NetShareCtr ctr, + [in] uint32 max_buffer, + [out] uint32 totalentries, + [in,out,unique] uint32 *resume_handle + ); + + /******************/ + /* Function: 0x10 */ + WERROR srvsvc_NetShareGetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 share_name[], + [in] uint32 level, + [out,switch_is(level)] srvsvc_NetShareInfo info + ); + + /******************/ + /* Function: 0x11 */ + WERROR srvsvc_NetShareSetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 share_name[], + [in] uint32 level, + [in,switch_is(level)] srvsvc_NetShareInfo info, + [in,out,unique] uint32 *parm_error + ); + + /******************/ + /* Function: 0x12 */ + WERROR srvsvc_NetShareDel( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 share_name[], + [in] uint32 reserved + ); + + /******************/ + /* Function: 0x13 */ + WERROR srvsvc_NetShareDelSticky( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 share_name[], + [in] uint32 reserved + ); + + /******************/ + /* Function: 0x14 */ + WERROR srvsvc_NetShareCheck( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 device_name[], + [out] srvsvc_ShareType type + ); + +/**************************/ +/* srvsvc_NetSrv */ +/**************************/ + typedef [public,v1_enum] enum { + PLATFORM_ID_DOS = 300, + PLATFORM_ID_OS2 = 400, + PLATFORM_ID_NT = 500, + PLATFORM_ID_OSF = 600, + PLATFORM_ID_VMS = 700 + } srvsvc_PlatformId; + + typedef struct { + srvsvc_PlatformId platform_id; + [string,charset(UTF16)] uint16 *server_name; + } srvsvc_NetSrvInfo100; + + typedef struct { + srvsvc_PlatformId platform_id; + [string,charset(UTF16)] uint16 *server_name; + uint32 version_major; + uint32 version_minor; + svcctl_ServerType server_type; + [string,charset(UTF16)] uint16 *comment; + } srvsvc_NetSrvInfo101; + + typedef struct { + srvsvc_PlatformId platform_id; + [string,charset(UTF16)] uint16 *server_name; + uint32 version_major; + uint32 version_minor; + svcctl_ServerType server_type; + [string,charset(UTF16)] uint16 *comment; + uint32 users; + uint32 disc; + uint32 hidden; + uint32 announce; + uint32 anndelta; + uint32 licenses; + [string,charset(UTF16)] uint16 *userpath; + } srvsvc_NetSrvInfo102; + + typedef struct { + uint32 ulist_mtime; + uint32 glist_mtime; + uint32 alist_mtime; + [string,charset(UTF16)] uint16 *alerts; + uint32 security; + uint32 numadmin; + uint32 lanmask; + [string,charset(UTF16)] uint16 *guestaccount; + uint32 chdevs; + uint32 chdevqs; + uint32 chdevjobs; + uint32 connections; + uint32 shares; + uint32 openfiles; + uint32 sessopen; + uint32 sesssvc; + uint32 sessreqs; + uint32 opensearch; + uint32 activelocks; + uint32 sizereqbufs; + uint32 numbigbufs; + uint32 numfiletasks; + uint32 alertsched; + uint32 erroralert; + uint32 logonalert; + uint32 accessalert; + uint32 diskalert; + uint32 netioalert; + uint32 maxaudits; + [string,charset(UTF16)] uint16 *srvheuristics; + } srvsvc_NetSrvInfo402; + + typedef struct { + uint32 ulist_mtime; + uint32 glist_mtime; + uint32 alist_mtime; + [string,charset(UTF16)] uint16 *alerts; + uint32 security; + uint32 numadmin; + uint32 lanmask; + [string,charset(UTF16)] uint16 *guestaccount; + uint32 chdevs; + uint32 chdevqs; + uint32 chdevjobs; + uint32 connections; + uint32 shares; + uint32 openfiles; + uint32 sessopen; + uint32 sesssvc; + uint32 sessreqs; + uint32 opensearch; + uint32 activelocks; + uint32 sizereqbufs; + uint32 numbigbufs; + uint32 numfiletasks; + uint32 alertsched; + uint32 eroralert; + uint32 logonalert; + uint32 accessalert; + uint32 diskalert; + uint32 netioalert; + uint32 maxaudits; + [string,charset(UTF16)] uint16 *srvheuristics; + uint32 auditedevents; + uint32 auditprofile; + [string,charset(UTF16)] uint16 *autopath; + } srvsvc_NetSrvInfo403; + + typedef struct { + uint32 sessopen; + uint32 sesssvc; + uint32 opensearch; + uint32 sizereqbufs; + uint32 initworkitems; + uint32 maxworkitems; + uint32 rawworkitems; + uint32 irpstacksize; + uint32 maxrawbuflen; + uint32 sessusers; + uint32 sessconns; + uint32 maxpagedmemoryusage; + uint32 maxnonpagedmemoryusage; + uint32 enablesoftcompat; + uint32 enableforcedlogoff; + uint32 timesource; + uint32 acceptdownlevelapis; + uint32 lmannounce; + } srvsvc_NetSrvInfo502; + + typedef struct{ + uint32 sessopen; + uint32 sesssvc; + uint32 opensearch; + uint32 sizereqbufs; + uint32 initworkitems; + uint32 maxworkitems; + uint32 rawworkitems; + uint32 irpstacksize; + uint32 maxrawbuflen; + uint32 sessusers; + uint32 sessconns; + uint32 maxpagedmemoryusage; + uint32 maxnonpagedmemoryusage; + uint32 enablesoftcompat; + uint32 enableforcedlogoff; + uint32 timesource; + uint32 acceptdownlevelapis; + uint32 lmannounce; + [string,charset(UTF16)] uint16 *domain; + uint32 maxcopyreadlen; + uint32 maxcopywritelen; + uint32 minkeepsearch; + uint32 maxkeepsearch; + uint32 minkeepcomplsearch; + uint32 maxkeepcomplsearch; + uint32 threadcountadd; + uint32 numlockthreads; + uint32 scavtimeout; + uint32 minrcvqueue; + uint32 minfreeworkitems; + uint32 xactmemsize; + uint32 threadpriority; + uint32 maxmpxct; + uint32 oplockbreakwait; + uint32 oplockbreakresponsewait; + uint32 enableoplocks; + uint32 enableoplockforceclose; + uint32 enablefcbopens; + uint32 enableraw; + uint32 enablesharednetdrives; + uint32 minfreeconnections; + uint32 maxfreeconnections; + } srvsvc_NetSrvInfo503; + + typedef struct{ + uint32 sessopen; + uint32 sesssvc; + uint32 opensearch; + uint32 sizereqbufs; + uint32 initworkitems; + uint32 maxworkitems; + uint32 rawworkitems; + uint32 irpstacksize; + uint32 maxrawbuflen; + uint32 sessusers; + uint32 sessconns; + uint32 maxpagedmemoryusage; + uint32 maxnonpagedmemoryusage; + uint32 enablesoftcompat; + uint32 enableforcedlogoff; + uint32 timesource; + uint32 acceptdownlevelapis; + uint32 lmannounce; + [string,charset(UTF16)] uint16 *domain; + uint32 maxcopyreadlen; + uint32 maxcopywritelen; + uint32 minkeepsearch; + uint32 minkeepcomplsearch; + uint32 maxkeepcomplsearch; + uint32 threadcountadd; + uint32 numlockthreads; + uint32 scavtimeout; + uint32 minrcvqueue; + uint32 minfreeworkitems; + uint32 xactmemsize; + uint32 threadpriority; + uint32 maxmpxct; + uint32 oplockbreakwait; + uint32 oplockbreakresponsewait; + uint32 enableoplocks; + uint32 enableoplockforceclose; + uint32 enablefcbopens; + uint32 enableraw; + uint32 enablesharednetdrives; + uint32 minfreeconnections; + uint32 maxfreeconnections; + uint32 initsesstable; + uint32 initconntable; + uint32 initfiletable; + uint32 initsearchtable; + uint32 alertsched; + uint32 errortreshold; + uint32 networkerrortreshold; + uint32 diskspacetreshold; + uint32 reserved; + uint32 maxlinkdelay; + uint32 minlinkthroughput; + uint32 linkinfovalidtime; + uint32 scavqosinfoupdatetime; + uint32 maxworkitemidletime; + } srvsvc_NetSrvInfo599; + + typedef struct{ + [string,charset(UTF16)] uint16 *comment; + } srvsvc_NetSrvInfo1005; + + typedef struct{ + uint32 disc; + } srvsvc_NetSrvInfo1010; + + typedef struct{ + uint32 hidden; + } srvsvc_NetSrvInfo1016; + + typedef struct{ + uint32 announce; + } srvsvc_NetSrvInfo1017; + + typedef struct{ + uint32 anndelta; + } srvsvc_NetSrvInfo1018; + + typedef struct{ + uint32 users; + } srvsvc_NetSrvInfo1107; + + typedef struct{ + uint32 sessopens; + } srvsvc_NetSrvInfo1501; + + typedef struct{ + uint32 sessvcs; + } srvsvc_NetSrvInfo1502; + + typedef struct{ + uint32 opensearch; + } srvsvc_NetSrvInfo1503; + + typedef struct{ + uint32 maxworkitems; + } srvsvc_NetSrvInfo1506; + + typedef struct{ + uint32 maxrawbuflen; + } srvsvc_NetSrvInfo1509; + + typedef struct{ + uint32 sessusers; + } srvsvc_NetSrvInfo1510; + + typedef struct{ + uint32 sesscons; + } srvsvc_NetSrvInfo1511; + + typedef struct{ + uint32 maxnonpagedmemoryusage; + } srvsvc_NetSrvInfo1512; + + typedef struct{ + uint32 maxpagedmemoryusage; + } srvsvc_NetSrvInfo1513; + + typedef struct{ + uint32 enablesoftcompat; + } srvsvc_NetSrvInfo1514; + + typedef struct{ + uint32 enableforcedlogoff; + } srvsvc_NetSrvInfo1515; + + typedef struct{ + uint32 timesource; + } srvsvc_NetSrvInfo1516; + + typedef struct{ + uint32 lmannounce; + } srvsvc_NetSrvInfo1518; + + typedef struct{ + uint32 maxcopyreadlen; + } srvsvc_NetSrvInfo1520; + + typedef struct{ + uint32 maxcopywritelen; + } srvsvc_NetSrvInfo1521; + + typedef struct{ + uint32 minkeepsearch; + } srvsvc_NetSrvInfo1522; + + typedef struct{ + uint32 maxkeepsearch; + } srvsvc_NetSrvInfo1523; + + typedef struct{ + uint32 minkeepcomplsearch; + } srvsvc_NetSrvInfo1524; + + typedef struct{ + uint32 maxkeepcomplsearch; + } srvsvc_NetSrvInfo1525; + + typedef struct{ + uint32 scavtimeout; + } srvsvc_NetSrvInfo1528; + + typedef struct{ + uint32 minrcvqueue; + } srvsvc_NetSrvInfo1529; + + typedef struct{ + uint32 minfreeworkitems; + } srvsvc_NetSrvInfo1530; + + typedef struct{ + uint32 maxmpxct; + } srvsvc_NetSrvInfo1533; + + typedef struct{ + uint32 oplockbreakwait; + } srvsvc_NetSrvInfo1534; + + typedef struct{ + uint32 oplockbreakresponsewait; + } srvsvc_NetSrvInfo1535; + + typedef struct{ + uint32 enableoplocks; + } srvsvc_NetSrvInfo1536; + + typedef struct{ + uint32 enableoplockforceclose; + } srvsvc_NetSrvInfo1537; + + typedef struct{ + uint32 enablefcbopens; + } srvsvc_NetSrvInfo1538; + + typedef struct{ + uint32 enableraw; + } srvsvc_NetSrvInfo1539; + + typedef struct{ + uint32 enablesharednetdrives; + } srvsvc_NetSrvInfo1540; + + typedef struct{ + uint32 minfreeconnections; + } srvsvc_NetSrvInfo1541; + + typedef struct{ + uint32 maxfreeconnections; + } srvsvc_NetSrvInfo1542; + + typedef struct{ + uint32 initsesstable; + } srvsvc_NetSrvInfo1543; + + typedef struct{ + uint32 initconntable; + } srvsvc_NetSrvInfo1544; + + typedef struct{ + uint32 initfiletable; + } srvsvc_NetSrvInfo1545; + + typedef struct{ + uint32 initsearchtable; + } srvsvc_NetSrvInfo1546; + + typedef struct{ + uint32 alertsched; + } srvsvc_NetSrvInfo1547; + + typedef struct{ + uint32 errortreshold; + } srvsvc_NetSrvInfo1548; + + typedef struct{ + uint32 networkerrortreshold; + } srvsvc_NetSrvInfo1549; + + typedef struct{ + uint32 diskspacetreshold; + } srvsvc_NetSrvInfo1550; + + typedef struct{ + uint32 maxlinkdelay; + } srvsvc_NetSrvInfo1552; + + typedef struct{ + uint32 minlinkthroughput; + } srvsvc_NetSrvInfo1553; + + typedef struct{ + uint32 linkinfovalidtime; + } srvsvc_NetSrvInfo1554; + + typedef struct{ + uint32 scavqosinfoupdatetime; + } srvsvc_NetSrvInfo1555; + + typedef struct{ + uint32 maxworkitemidletime; + } srvsvc_NetSrvInfo1556; + + + typedef union{ + [case(100)] srvsvc_NetSrvInfo100 *info100; + [case(101)] srvsvc_NetSrvInfo101 *info101; + [case(102)] srvsvc_NetSrvInfo102 *info102; + [case(402)] srvsvc_NetSrvInfo402 *info402; + [case(403)] srvsvc_NetSrvInfo403 *info403; + [case(502)] srvsvc_NetSrvInfo502 *info502; + [case(503)] srvsvc_NetSrvInfo503 *info503; + [case(599)] srvsvc_NetSrvInfo599 *info599; + [case(1005)] srvsvc_NetSrvInfo1005 *info1005; + [case(1010)] srvsvc_NetSrvInfo1010 *info1010; + [case(1016)] srvsvc_NetSrvInfo1016 *info1016; + [case(1017)] srvsvc_NetSrvInfo1017 *info1017; + [case(1018)] srvsvc_NetSrvInfo1018 *info1018; + [case(1107)] srvsvc_NetSrvInfo1107 *info1107; + [case(1501)] srvsvc_NetSrvInfo1501 *info1501; + [case(1502)] srvsvc_NetSrvInfo1502 *info1502; + [case(1503)] srvsvc_NetSrvInfo1503 *info1503; + [case(1506)] srvsvc_NetSrvInfo1506 *info1506; + [case(1509)] srvsvc_NetSrvInfo1509 *info1509; + [case(1510)] srvsvc_NetSrvInfo1510 *info1510; + [case(1511)] srvsvc_NetSrvInfo1511 *info1511; + [case(1512)] srvsvc_NetSrvInfo1512 *info1512; + [case(1513)] srvsvc_NetSrvInfo1513 *info1513; + [case(1514)] srvsvc_NetSrvInfo1514 *info1514; + [case(1515)] srvsvc_NetSrvInfo1515 *info1515; + [case(1516)] srvsvc_NetSrvInfo1516 *info1516; + [case(1518)] srvsvc_NetSrvInfo1518 *info1518; + [case(1520)] srvsvc_NetSrvInfo1520 *info1520; + [case(1521)] srvsvc_NetSrvInfo1521 *info1521; + [case(1522)] srvsvc_NetSrvInfo1522 *info1522; + [case(1523)] srvsvc_NetSrvInfo1523 *info1523; + [case(1524)] srvsvc_NetSrvInfo1524 *info1524; + [case(1525)] srvsvc_NetSrvInfo1525 *info1525; + [case(1528)] srvsvc_NetSrvInfo1528 *info1528; + [case(1529)] srvsvc_NetSrvInfo1529 *info1529; + [case(1530)] srvsvc_NetSrvInfo1530 *info1530; + [case(1533)] srvsvc_NetSrvInfo1533 *info1533; + [case(1534)] srvsvc_NetSrvInfo1534 *info1534; + [case(1535)] srvsvc_NetSrvInfo1535 *info1535; + [case(1536)] srvsvc_NetSrvInfo1536 *info1536; + [case(1537)] srvsvc_NetSrvInfo1537 *info1537; + [case(1538)] srvsvc_NetSrvInfo1538 *info1538; + [case(1539)] srvsvc_NetSrvInfo1539 *info1539; + [case(1540)] srvsvc_NetSrvInfo1540 *info1540; + [case(1541)] srvsvc_NetSrvInfo1541 *info1541; + [case(1542)] srvsvc_NetSrvInfo1542 *info1542; + [case(1543)] srvsvc_NetSrvInfo1543 *info1543; + [case(1544)] srvsvc_NetSrvInfo1544 *info1544; + [case(1545)] srvsvc_NetSrvInfo1545 *info1545; + [case(1546)] srvsvc_NetSrvInfo1546 *info1546; + [case(1547)] srvsvc_NetSrvInfo1547 *info1547; + [case(1548)] srvsvc_NetSrvInfo1548 *info1548; + [case(1549)] srvsvc_NetSrvInfo1549 *info1549; + [case(1550)] srvsvc_NetSrvInfo1550 *info1550; + [case(1552)] srvsvc_NetSrvInfo1552 *info1552; + [case(1553)] srvsvc_NetSrvInfo1553 *info1553; + [case(1554)] srvsvc_NetSrvInfo1554 *info1554; + [case(1555)] srvsvc_NetSrvInfo1555 *info1555; + [case(1556)] srvsvc_NetSrvInfo1556 *info1556; + [default]; + } srvsvc_NetSrvInfo; + + /******************/ + /* Function: 0x15 */ + WERROR srvsvc_NetSrvGetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] uint32 level, + [out,switch_is(level)] srvsvc_NetSrvInfo info + ); + + /******************/ + /* Function: 0x16 */ + WERROR srvsvc_NetSrvSetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] uint32 level, + [in,switch_is(level)] srvsvc_NetSrvInfo info, + [in,out,unique] uint32 *parm_error + ); + +/**************************/ +/* srvsvc_NetDisk */ +/**************************/ + typedef struct { + /* + * In theory this should be: + * [charset(UTF16),string] uint16 annotation[3] + * But midl treats this as: + * [charset(UTF16),string] uint16 annotation[] + * and pidl doesn't support this yet + */ + [value(0)] uint32 __disk_offset; + [value(strlen(disk)+1)] uint32 __disk_length; + [charset(UTF16)] uint16 disk[__disk_length]; + } srvsvc_NetDiskInfo0; + + typedef struct { + uint32 count; + [size_is(count), length_is(count)] srvsvc_NetDiskInfo0 *disks; + } srvsvc_NetDiskInfo; + + /******************/ + /* Function: 0x17 */ + WERROR srvsvc_NetDiskEnum( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] uint32 level, + [in,out] srvsvc_NetDiskInfo info, + [in] uint32 maxlen, + [out] uint32 totalentries, + [in,out,unique] uint32 *resume_handle + ); + +/**************************/ +/* srvsvc_NetStatistics */ +/**************************/ + typedef struct { + uint32 start; + uint32 fopens; + uint32 devopens; + uint32 jobsqueued; + uint32 sopens; + uint32 stimeouts; + uint32 serrorout; + uint32 pwerrors; + uint32 permerrors; + uint32 syserrors; + uint32 bytessent_low; + uint32 bytessent_high; + uint32 bytesrcvd_low; + uint32 bytesrcvd_high; + uint32 avresponse; + uint32 reqbufneed; + uint32 bigbufneed; + } srvsvc_Statistics; + + /******************/ + /* Function: 0x18 */ + WERROR srvsvc_NetServerStatisticsGet( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *service, + [in] uint32 level, + [in] uint32 options, + [out] srvsvc_Statistics stat + ); + +/**************************/ +/* srvsvc_NetTransport */ +/**************************/ + typedef struct { + uint32 vcs; + [string,charset(UTF16)] uint16 *name; + [size_is(addr_len)] uint8 *addr; + uint32 addr_len; + [string,charset(UTF16)] uint16 *net_addr; + } srvsvc_NetTransportInfo0; + + /******************/ + /* Function: 0x19 */ + WERROR srvsvc_NetTransportAdd( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] uint32 level, + [in,switch_is(level)] srvsvc_NetTransportInfo info + ); + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetTransportInfo0 *array; + } srvsvc_NetTransportCtr0; + + typedef struct { + uint32 vcs; + [string,charset(UTF16)] uint16 *name; + [size_is(addr_len)] uint8 *addr; + uint32 addr_len; + [string,charset(UTF16)] uint16 *net_addr; + [string,charset(UTF16)] uint16 *domain; + } srvsvc_NetTransportInfo1; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetTransportInfo1 *array; + } srvsvc_NetTransportCtr1; + + typedef struct { + uint32 vcs; + [string,charset(UTF16)] uint16 *name; + [size_is(addr_len)] uint8 *addr; + uint32 addr_len; + [string,charset(UTF16)] uint16 *net_addr; + [string,charset(UTF16)] uint16 *domain; + uint32 unknown; + } srvsvc_NetTransportInfo2; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetTransportInfo2 *array; + } srvsvc_NetTransportCtr2; + + typedef struct { + uint32 vcs; + [string,charset(UTF16)] uint16 *name; + [size_is(addr_len)] uint8 *addr; + uint32 addr_len; + [string,charset(UTF16)] uint16 *net_addr; + [string,charset(UTF16)] uint16 *domain; + uint32 unknown1; + uint32 unknown2; + uint8 unknown3[256]; + } srvsvc_NetTransportInfo3; + + typedef struct { + uint32 count; + [size_is(count)] srvsvc_NetTransportInfo3 *array; + } srvsvc_NetTransportCtr3; + + typedef union { + [case(0)] srvsvc_NetTransportCtr0 *ctr0; + [case(1)] srvsvc_NetTransportCtr1 *ctr1; + [case(2)] srvsvc_NetTransportCtr2 *ctr2; + [case(3)] srvsvc_NetTransportCtr3 *ctr3; + [default]; + } srvsvc_NetTransportCtr; + + /******************/ + /* Function: 0x1a */ + WERROR srvsvc_NetTransportEnum( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,out] uint32 level, + [in,out,switch_is(level)] srvsvc_NetTransportCtr transports, + [in] uint32 max_buffer, + [out] uint32 totalentries, + [in,out,unique] uint32 *resume_handle + ); + + /******************/ + /* Function: 0x1b */ + WERROR srvsvc_NetTransportDel( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] uint32 level, + [in,switch_is(level)] srvsvc_NetTransportInfo info + ); + +/**************************/ +/* srvsvc_NetRemoteTOD */ +/**************************/ + typedef struct { + uint32 elapsed; /* time(NULL) */ + uint32 msecs; /* milliseconds till system reboot (uptime) */ + uint32 hours; + uint32 mins; + uint32 secs; + uint32 hunds; + int32 timezone; /* in minutes */ + uint32 tinterval; /* clock tick interval in 0.0001 second units; 310 on windows */ + uint32 day; + uint32 month; + uint32 year; + uint32 weekday; + } srvsvc_NetRemoteTODInfo; + + /******************/ + /* Function: 0x1c */ + WERROR srvsvc_NetRemoteTOD( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [out,unique] srvsvc_NetRemoteTODInfo *info + ); + +/**************************/ +/* srvsvc_NetServiceBits */ +/**************************/ + /******************/ + /* Function: 0x1d */ + WERROR srvsvc_NetSetServiceBits( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *transport, + [in] uint32 servicebits, + [in] uint32 updateimmediately + ); + +/**************************/ +/* srvsvc_NetPath */ +/**************************/ + /******************/ + /* Function: 0x1e */ + WERROR srvsvc_NetPathType( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 path[], + [in] uint32 pathflags, + [out] uint32 pathtype + ); + + /******************/ + /* Function: 0x1f */ + WERROR srvsvc_NetPathCanonicalize( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 path[], + [out] [size_is(maxbuf)] uint8 can_path[], + [in] uint32 maxbuf, + [in] [string,charset(UTF16)] uint16 prefix[], + [in,out] uint32 pathtype, + [in] uint32 pathflags + ); + + /******************/ + /* Function: 0x20 */ + WERROR srvsvc_NetPathCompare( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 path1[], + [in] [string,charset(UTF16)] uint16 path2[], + [in] uint32 pathtype, + [in] uint32 pathflags + ); + +/**************************/ +/* srvsvc_NetName */ +/**************************/ + /******************/ + /* Function: 0x21 */ + WERROR srvsvc_NetNameValidate( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 name[], + [in] uint32 name_type, + [in] uint32 flags + ); + + /******************/ + /* Function: 0x22 */ + [todo] WERROR srvsvc_NETRPRNAMECANONICALIZE( + ); + + /******************/ + /* Function: 0x23 */ + WERROR srvsvc_NetPRNameCompare( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 name1[], + [in] [string,charset(UTF16)] uint16 name2[], + [in] uint32 name_type, + [in] uint32 flags + ); + +/**************************/ +/* srvsvc_NetShare ... */ +/**************************/ + /******************/ + /* Function: 0x24 */ + /* Note, there must be some way to return entries read vs + total entries ... */ + WERROR srvsvc_NetShareEnum( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,out] uint32 level, + [in,out,switch_is(level)] srvsvc_NetShareCtr ctr, + [in] uint32 max_buffer, + [out] uint32 totalentries, + [in,out,unique] uint32 *resume_handle + ); + + /******************/ + /* Function: 0x25 */ + WERROR srvsvc_NetShareDelStart( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] [string,charset(UTF16)] uint16 share[], + [in] uint32 reserved, + [out,unique] policy_handle *hnd + ); + + /******************/ + /* Function: 0x26 */ + WERROR srvsvc_NetShareDelCommit( + [in, out,unique] policy_handle *hnd + ); + + /******************/ + /* Function: 0x27 */ + WERROR srvsvc_NetGetFileSecurity( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *share, + [in] [string,charset(UTF16)] uint16 file[], + [in] security_secinfo securityinformation, + [out,unique] sec_desc_buf *sd_buf + ); + + /******************/ + /* Function: 0x28 */ + WERROR srvsvc_NetSetFileSecurity( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *share, + [in] [string,charset(UTF16)] uint16 file[], + [in] security_secinfo securityinformation, + [in] sec_desc_buf sd_buf + ); + + + + typedef [switch_type(uint32)] union { + [case(0)] srvsvc_NetTransportInfo0 info0; + [case(1)] srvsvc_NetTransportInfo1 info1; + [case(2)] srvsvc_NetTransportInfo2 info2; + [case(3)] srvsvc_NetTransportInfo3 info3; + } srvsvc_NetTransportInfo; + + /******************/ + /* Function: 0x29 */ + WERROR srvsvc_NetServerTransportAddEx( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in] uint32 level, + [in,switch_is(level)] srvsvc_NetTransportInfo info + ); + + /******************/ + /* Function: 0x2a */ + WERROR srvsvc_NetServerSetServiceBitsEx( + [in,unique] [string,charset(UTF16)] uint16 *server_unc, + [in,unique] [string,charset(UTF16)] uint16 *emulated_server_unc, + [in,unique] [string,charset(UTF16)] uint16 *transport, + [in] uint32 servicebitsofinterest, + [in] uint32 servicebits, + [in] uint32 updateimmediately + ); + + /******************/ + /* Function: 0x2b */ + [todo] WERROR srvsvc_NETRDFSGETVERSION( + ); + + /******************/ + /* Function: 0x2c */ + [todo] WERROR srvsvc_NETRDFSCREATELOCALPARTITION( + ); + + /******************/ + /* Function: 0x2d */ + [todo] WERROR srvsvc_NETRDFSDELETELOCALPARTITION( + ); + + /******************/ + /* Function: 0x2e */ + [todo] WERROR srvsvc_NETRDFSSETLOCALVOLUMESTATE( + ); + + /******************/ + /* Function: 0x2f */ + [todo] WERROR srvsvc_NETRDFSSETSERVERINFO( + ); + + /******************/ + /* Function: 0x30 */ + [todo] WERROR srvsvc_NETRDFSCREATEEXITPOINT( + ); + + /******************/ + /* Function: 0x31 */ + [todo] WERROR srvsvc_NETRDFSDELETEEXITPOINT( + ); + + /******************/ + /* Function: 0x32 */ + [todo] WERROR srvsvc_NETRDFSMODIFYPREFIX( + ); + + /******************/ + /* Function: 0x33 */ + [todo] WERROR srvsvc_NETRDFSFIXLOCALVOLUME( + ); + + /******************/ + /* Function: 0x34 */ + [todo] WERROR srvsvc_NETRDFSMANAGERREPORTSITEINFO( + ); + + /******************/ + /* Function: 0x35 */ + [todo] WERROR srvsvc_NETRSERVERTRANSPORTDELEX( + ); +} diff --git a/source4/librpc/idl/svcctl.idl b/source4/librpc/idl/svcctl.idl new file mode 100644 index 0000000000..615f4e3dab --- /dev/null +++ b/source4/librpc/idl/svcctl.idl @@ -0,0 +1,499 @@ +#include "idl_types.h" + +/* + svcctl interface definitions +*/ + +import "misc.idl"; +[ uuid("367abb81-9844-35f1-ad32-98f038001003"), + version(2.0), + pointer_default(unique), + endpoint("ncacn_np:[\\pipe\\svcctl]", "ncalrpc:"), + helpstring("Service Control") +] interface svcctl +{ + typedef struct { + uint32 is_locked; + [string,charset(UTF16)] uint16 *lock_owner; + uint32 lock_duration; + } SERVICE_LOCK_STATUS; + + typedef struct { + uint32 type; + uint32 state; + uint32 controls_accepted; + WERROR win32_exit_code; + uint32 service_exit_code; + uint32 check_point; + uint32 wait_hint; + } SERVICE_STATUS; + + typedef struct { + [relative] astring *service_name; + [relative] astring *display_name; + SERVICE_STATUS status; + } ENUM_SERVICE_STATUS; + + const int SERVICE_TYPE_KERNEL_DRIVER = 0x01; + const int SERVICE_TYPE_FS_DRIVER = 0x02; + const int SERVICE_TYPE_ADAPTER = 0x04; + const int SERVICE_TYPE_RECOGNIZER_DRIVER = 0x08; + const int SERVICE_TYPE_DRIVER=SERVICE_TYPE_KERNEL_DRIVER|SERVICE_TYPE_FS_DRIVER|SERVICE_TYPE_RECOGNIZER_DRIVER; + const int SERVICE_TYPE_WIN32_OWN_PROCESS = 0x10; + const int SERVICE_TYPE_WIN32_SHARE_PROCESS = 0x20; + const int SERVICE_TYPE_WIN32=SERVICE_TYPE_WIN32_OWN_PROCESS|SERVICE_TYPE_WIN32_SHARE_PROCESS; + + const int SERVICE_STATE_ACTIVE = 0x01; + const int SERVICE_STATE_INACTIVE = 0x02; + const int SERVICE_STATE_ALL = 0x03; + + typedef [public,bitmap32bit] bitmap { + SV_TYPE_WORKSTATION = 0x00000001, + SV_TYPE_SERVER = 0x00000002, + SV_TYPE_SQLSERVER = 0x00000004, + SV_TYPE_DOMAIN_CTRL = 0x00000008, + SV_TYPE_DOMAIN_BAKCTRL = 0x00000010, + SV_TYPE_TIME_SOURCE = 0x00000020, + SV_TYPE_AFP = 0x00000040, + SV_TYPE_NOVELL = 0x00000080, + + SV_TYPE_DOMAIN_MEMBER = 0x00000100, + SV_TYPE_PRINTQ_SERVER = 0x00000200, + SV_TYPE_DIALIN_SERVER = 0x00000400, + SV_TYPE_SERVER_UNIX = 0x00000800, + SV_TYPE_NT = 0x00001000, + SV_TYPE_WFW = 0x00002000, + SV_TYPE_SERVER_MFPN = 0x00004000, + SV_TYPE_SERVER_NT = 0x00008000, + SV_TYPE_POTENTIAL_BROWSER = 0x00010000, + SV_TYPE_BACKUP_BROWSER = 0x00020000, + SV_TYPE_MASTER_BROWSER = 0x00040000, + SV_TYPE_DOMAIN_MASTER = 0x00080000, + SV_TYPE_SERVER_OSF = 0x00100000, + SV_TYPE_SERVER_VMS = 0x00200000, + SV_TYPE_WIN95_PLUS = 0x00400000, + SV_TYPE_DFS_SERVER = 0x00800000, + SV_TYPE_ALTERNATE_XPORT = 0x20000000, + SV_TYPE_LOCAL_LIST_ONLY = 0x40000000, + SV_TYPE_DOMAIN_ENUM = 0x80000000 + } svcctl_ServerType; + + const uint32 SV_TYPE_ALL = 0xFFFFFFFF; + + /*****************/ + /* Function 0x00 */ + WERROR svcctl_CloseServiceHandle( + [in,out,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x01 */ + + typedef enum { + FIXME=1 + } SERVICE_CONTROL; + + WERROR svcctl_ControlService( + [in,ref] policy_handle *handle, + [in] uint32 control, + [out,ref] SERVICE_STATUS *service_status + ); + + /*****************/ + /* Function 0x02 */ + WERROR svcctl_DeleteService( + [in,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x03 */ + + WERROR svcctl_LockServiceDatabase( + [in,ref] policy_handle *handle, + [out,ref] policy_handle *lock + ); + + /*****************/ + /* Function 0x04 */ + [todo] WERROR svcctl_QueryServiceObjectSecurity( + ); + + /*****************/ + /* Function 0x05 */ + [todo] WERROR svcctl_SetServiceObjectSecurity( + ); + + /*****************/ + /* Function 0x06 */ + WERROR svcctl_QueryServiceStatus( + [in,ref] policy_handle *handle, + [out,ref] SERVICE_STATUS *service_status + ); + + /*****************/ + /* Function 0x07 */ + [todo] WERROR svcctl_SetServiceStatus( + ); + + /*****************/ + /* Function 0x08 */ + WERROR svcctl_UnlockServiceDatabase( + [in,out,ref] policy_handle *lock + ); + + /*****************/ + /* Function 0x09 */ + [todo] WERROR svcctl_NotifyBootConfigStatus( + ); + + /*****************/ + /* Function 0x0a */ + WERROR svcctl_SCSetServiceBitsW( + [in,ref] policy_handle *handle, + [in] uint32 bits, + [in] boolean32 bitson, + [in] boolean32 immediate + ); + + /*****************/ + /* Function 0x0b */ + WERROR svcctl_ChangeServiceConfigW( + [in,ref] policy_handle *handle, + [in] uint32 type, + [in] uint32 start, + [in] uint32 error, + [in,unique] [string,charset(UTF16)] uint16 *binary_path, + [in,unique] [string,charset(UTF16)] uint16 *load_order_group, + [out,ref] uint32 *tag_id, + [in,unique] [string,charset(UTF16)] uint16 *dependencies, + [in,unique] [string,charset(UTF16)] uint16 *service_start_name, + [in,unique] [string,charset(UTF16)] uint16 *password, + [in,unique] [string,charset(UTF16)] uint16 *display_name + ); + + /*****************/ + /* Function 0x0c */ + WERROR svcctl_CreateServiceW( + [in,ref] policy_handle *scmanager_handle, + [in] [string,charset(UTF16)] uint16 ServiceName[], + [in,unique] [string,charset(UTF16)] uint16 *DisplayName, + [in] uint32 desired_access, + [in] uint32 type, + [in] uint32 start_type, + [in] uint32 error_control, + [in] [string,charset(UTF16)] uint16 binary_path[], + [in,unique] [string,charset(UTF16)] uint16 *LoadOrderGroupKey, + [in,out,unique] uint32 *TagId, + [in,unique,size_is(dependencies_size)] uint8 *dependencies, + [in] uint32 dependencies_size, + [in,unique] [string,charset(UTF16)] uint16 *service_start_name, + [in,unique,size_is(password_size)] uint8 *password, + [in] uint32 password_size, + [out,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x0d */ + WERROR svcctl_EnumDependentServicesW( + [in,ref] policy_handle *service, + [in] uint32 state, + [out,unique] ENUM_SERVICE_STATUS *service_status, + [in] uint32 buf_size, + [out,ref] uint32 *bytes_needed, + [out,ref] uint32 *services_returned + ); + + /*****************/ + /* Function 0x0e */ + WERROR svcctl_EnumServicesStatusW( + [in,ref] policy_handle *handle, + [in] uint32 type, + [in] uint32 state, + [in] uint32 buf_size, + [out,size_is(buf_size)] uint8 service[*], + [out,ref] uint32 *bytes_needed, + [out,ref] uint32 *services_returned, + [in,out,unique] uint32 *resume_handle + ); + + /*****************/ + /* Function 0x0f */ + WERROR svcctl_OpenSCManagerW( + [in,unique] [string,charset(UTF16)] uint16 *MachineName, + [in,unique] [string,charset(UTF16)] uint16 *DatabaseName, + [in] uint32 access_mask, + [out,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x10 */ + WERROR svcctl_OpenServiceW( + [in,ref] policy_handle *scmanager_handle, + [in] [string,charset(UTF16)] uint16 ServiceName[], + [in] uint32 access_mask, + [out,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x11 */ + WERROR svcctl_QueryServiceConfigW( + [in,ref] policy_handle *handle, + [out] uint8 query[buf_size], /*QUERY_SERVICE_CONFIG */ + [in] uint32 buf_size, + [out,ref] uint32 *bytes_needed + ); + + /*****************/ + /* Function 0x12 */ + WERROR svcctl_QueryServiceLockStatusW( + [in,ref] policy_handle *handle, + [in] uint32 buf_size, + [out,ref] SERVICE_LOCK_STATUS *lock_status, + [out,ref] uint32 *required_buf_size + ); + + /*****************/ + /* Function 0x13 */ + WERROR svcctl_StartServiceW( + [in,ref] policy_handle *handle, + [in] uint32 NumArgs, + [in,unique/*FIXME:,length_is(NumArgs)*/] [string,charset(UTF16)] uint16 *Arguments + ); + + /*****************/ + /* Function 0x14 */ + WERROR svcctl_GetServiceDisplayNameW( + [in,ref] policy_handle *handle, + [in,unique] [string,charset(UTF16)] uint16 *service_name, + [out,ref] [string,charset(UTF16)] uint16 **display_name, + [in,out,unique] uint32 *display_name_length + ); + + /*****************/ + /* Function 0x15 */ + WERROR svcctl_GetServiceKeyNameW( + [in,ref] policy_handle *handle, + [in,unique] [string,charset(UTF16)] uint16 *service_name, + [out,ref] [string,charset(UTF16)] uint16 **key_name, + [in,out,unique] uint32 *display_name_length + ); + + /*****************/ + /* Function 0x16 */ + WERROR svcctl_SCSetServiceBitsA( + [in,ref] policy_handle *handle, + [in] uint32 bits, + [in] boolean32 bitson, + [in] boolean32 immediate + ); + + /*****************/ + /* Function 0x17 */ + WERROR svcctl_ChangeServiceConfigA( + [in,ref] policy_handle *handle, + [in] uint32 type, + [in] uint32 start, + [in] uint32 error, + [in,unique] [string,charset(UTF16)] uint16 *binary_path, + [in,unique] [string,charset(UTF16)] uint16 *load_order_group, + [out,ref] uint32 *tag_id, + [in,unique] [string,charset(UTF16)] uint16 *dependencies, + [in,unique] [string,charset(UTF16)] uint16 *service_start_name, + [in,unique] [string,charset(UTF16)] uint16 *password, + [in,unique] [string,charset(UTF16)] uint16 *display_name + ); + + /*****************/ + /* Function 0x18 */ + WERROR svcctl_CreateServiceA( + [in,ref] policy_handle *handle, + [in,unique] [string,charset(UTF16)] uint16 *ServiceName, + [in,unique] [string,charset(UTF16)] uint16 *DisplayName, + [in] uint32 desired_access, + [in] uint32 type, + [in] uint32 start_type, + [in] uint32 error_control, + [in,unique] [string,charset(UTF16)] uint16 *binary_path, + [in,unique] [string,charset(UTF16)] uint16 *LoadOrderGroupKey, + [out,unique] uint32 *TagId, + [in,unique] [string,charset(UTF16)] uint16 *dependencies, + [in,unique] [string,charset(UTF16)] uint16 *service_start_name, + [in,unique] [string,charset(UTF16)] uint16 *password + ); + + /*****************/ + /* Function 0x19 */ + WERROR svcctl_EnumDependentServicesA( + [in,ref] policy_handle *service, + [in] uint32 state, + [out,unique] ENUM_SERVICE_STATUS *service_status, + [in] uint32 buf_size, + [out,ref] uint32 *bytes_needed, + [out,ref] uint32 *services_returned + ); + + /*****************/ + /* Function 0x1a */ + WERROR svcctl_EnumServicesStatusA( + [in,ref] policy_handle *handle, + [in] uint32 type, + [in] uint32 state, + [in] uint32 buf_size, + [out,size_is(buf_size)] uint8 service[*], + [out,ref] uint32 *bytes_needed, + [out,ref] uint32 *services_returned, + [in,out,unique] uint32 *resume_handle + ); + + /*****************/ + /* Function 0x1b */ + WERROR svcctl_OpenSCManagerA( + [in,unique] [string,charset(UTF16)] uint16 *MachineName, + [in,unique] [string,charset(UTF16)] uint16 *DatabaseName, + [in] uint32 access_mask, + [out,ref] policy_handle *handle + ); + + /*****************/ + /* Function 0x1c */ + WERROR svcctl_OpenServiceA( + [in,ref] policy_handle *scmanager_handle, + [in,unique] [string,charset(UTF16)] uint16 *ServiceName, + [in] uint32 access_mask + ); + + /*****************/ + /* Function 0x1d */ + WERROR svcctl_QueryServiceConfigA( + [in,ref] policy_handle *handle, + [out] uint8 query[buf_size], /*QUERYU_SERVICE_CONFIG */ + [in] uint32 buf_size, + [out,ref] uint32 *bytes_needed + ); + + /*****************/ + /* Function 0x1e */ + WERROR svcctl_QueryServiceLockStatusA( + [in,ref] policy_handle *handle, + [in] uint32 buf_size, + [out,ref] SERVICE_LOCK_STATUS *lock_status, + [out,ref] uint32 *required_buf_size + ); + + /*****************/ + /* Function 0x1f */ + WERROR svcctl_StartServiceA( + [in,ref] policy_handle *handle, + [in] uint32 NumArgs, + [in,unique/*FIXME:,length_is(NumArgs)*/] [string,charset(UTF16)] uint16 *Arguments + ); + + /*****************/ + /* Function 0x20 */ + WERROR svcctl_GetServiceDisplayNameA( + [in,ref] policy_handle *handle, + [in,unique] [string,charset(UTF16)] uint16 *service_name, + [out,ref] [string,charset(UTF16)] uint16 **display_name, + [in,out,unique] uint32 *display_name_length + ); + + /*****************/ + /* Function 0x21 */ + WERROR svcctl_GetServiceKeyNameA( + [in,ref] policy_handle *handle, + [in,unique] [string,charset(UTF16)] uint16 *service_name, + [out,ref] [string,charset(UTF16)] uint16 **key_name, + [in,out,unique] uint32 *display_name_length + ); + + /*****************/ + /* Function 0x22 */ + [todo] WERROR svcctl_GetCurrentGroupeStateW( + ); + + /*****************/ + /* Function 0x23 */ + [todo] WERROR svcctl_EnumServiceGroupW( + ); + + /*****************/ + /* Function 0x24 */ + WERROR svcctl_ChangeServiceConfig2A( + [in,ref] policy_handle *handle, + [in] uint32 info_level, + [in,unique] uint8 *info + ); + + /*****************/ + /* Function 0x25 */ + WERROR svcctl_ChangeServiceConfig2W( + [in,ref] policy_handle *handle, + [in] uint32 info_level, + [in,unique] uint8 *info + ); + + /*****************/ + /* Function 0x26 */ + WERROR svcctl_QueryServiceConfig2A( + [in,ref] policy_handle *handle, + [in] uint32 info_level, + [out] uint8 buffer[buf_size], + [in] uint32 buf_size, + [out,ref] uint32 *bytes_needed + ); + + /*****************/ + /* Function 0x27 */ + WERROR svcctl_QueryServiceConfig2W( + [in,ref] policy_handle *handle, + [in] uint32 info_level, + [out] uint8 buffer[buf_size], + [in] uint32 buf_size, + [out,ref] uint32 *bytes_needed + ); + + /*****************/ + /* Function 0x28 */ + WERROR svcctl_QueryServiceStatusEx( + [in,ref] policy_handle *handle, + [in] uint32 info_level, + [out] uint8 buffer[buf_size], + [in] uint32 buf_size, + [out,ref] uint32 *bytes_needed + ); + + /*****************/ + /* Function 0x29 */ + WERROR EnumServicesStatusExA( + [in,ref] policy_handle *scmanager, + [in] uint32 info_level, + [in] uint32 type, + [in] uint32 state, + [out] uint8 services[buf_size], + [in] uint32 buf_size, + [out,ref] uint32 *bytes_needed, + [out,ref] uint32 *service_returned, + [in,out,unique] uint32 *resume_handle, + [out,ref] [string,charset(UTF16)] uint16 **group_name + ); + + /*****************/ + /* Function 0x2a */ + WERROR EnumServicesStatusExW( + [in,ref] policy_handle *scmanager, + [in] uint32 info_level, + [in] uint32 type, + [in] uint32 state, + [out] uint8 services[buf_size], + [in] uint32 buf_size, + [out,ref] uint32 *bytes_needed, + [out,ref] uint32 *service_returned, + [in,out,unique] uint32 *resume_handle, + [out,ref] [string,charset(UTF16)] uint16 **group_name + ); + + /*****************/ + /* Function 0x2b */ + [todo] WERROR svcctl_SCSendTSMessage( + ); +} diff --git a/source4/librpc/idl/trkwks.idl b/source4/librpc/idl/trkwks.idl new file mode 100644 index 0000000000..7f11af189b --- /dev/null +++ b/source4/librpc/idl/trkwks.idl @@ -0,0 +1,17 @@ +/* + distributed key tracking services +*/ + +[ + uuid("300f3532-38cc-11d0-a3f0-0020af6b0add"), + version(1.2), + pointer_default(unique), + helpstring("Distributed Key Tracking Service") +] +interface trkwks +{ + + /*****************/ + /* Function 0x00 */ + WERROR trkwks_Unknown0(); +} diff --git a/source4/librpc/idl/unixinfo.idl b/source4/librpc/idl/unixinfo.idl new file mode 100644 index 0000000000..6929e86e61 --- /dev/null +++ b/source4/librpc/idl/unixinfo.idl @@ -0,0 +1,56 @@ +#include "idl_types.h" +/* + Unixinfo interface definition +*/ + +import "security.idl"; + +[ uuid("9c54e310-a955-4885-bd31-78787147dfa6"), + version(0.0), + endpoint("ncacn_np:[\\pipe\\unixinfo]", "ncacn_ip_tcp:", "ncalrpc:"), + pointer_default(unique), + helpstring("Unixinfo specific stuff") +] interface unixinfo +{ + /******************/ + /* Function: 0x00 */ + NTSTATUS unixinfo_SidToUid ( + [in] dom_sid sid, + [out] hyper *uid + ); + + /******************/ + /* Function: 0x01 */ + NTSTATUS unixinfo_UidToSid ( + [in] hyper uid, + [out] dom_sid *sid + ); + + /******************/ + /* Function: 0x02 */ + NTSTATUS unixinfo_SidToGid ( + [in] dom_sid sid, + [out] hyper *gid + ); + + /******************/ + /* Function: 0x03 */ + NTSTATUS unixinfo_GidToSid ( + [in] hyper gid, + [out] dom_sid *sid + ); + + typedef struct { + NTSTATUS status; + [charset(UTF8),string] uint8 homedir[]; + [charset(UTF8),string] uint8 shell[]; + } unixinfo_GetPWUidInfo; + + /******************/ + /* Function: 0x04 */ + NTSTATUS unixinfo_GetPWUid ( + [in,out,ref,range(0,1023)] uint32 *count, + [in,size_is(*count)] hyper uids[], + [out,size_is(*count)] unixinfo_GetPWUidInfo infos[*] + ); +} diff --git a/source4/librpc/idl/w32time.idl b/source4/librpc/idl/w32time.idl new file mode 100644 index 0000000000..4839899629 --- /dev/null +++ b/source4/librpc/idl/w32time.idl @@ -0,0 +1,21 @@ +/* + w32time interface definitions +*/ + +[ + uuid("8fb6d884-2388-11d0-8c35-00c04fda2795"), + endpoint("ncacn_np:[\\pipe\\srvsvc]","ncacn_np:[\\pipe\\atsvc]","ncacn_np:[\\pipe\\browser]","ncacn_np:[\\pipe\\keysvc]","ncacn_np:[\\pipe\\wkssvc]"), + version(4.1), + pointer_default(unique), + helpstring("Win32 Time Server") +] +interface w32time +{ + + /*****************/ + /* Function 0x00 */ + [todo] WERROR w32time_SyncTime(); + + [todo] WERROR w32time_GetNetLogonServiceBits(); + [todo] WERROR w32time_QueryProviderStatus(); +} diff --git a/source4/librpc/idl/winbind.idl b/source4/librpc/idl/winbind.idl new file mode 100644 index 0000000000..5cefb38f75 --- /dev/null +++ b/source4/librpc/idl/winbind.idl @@ -0,0 +1,68 @@ +/* + winbind IRPC interface +*/ + +#include "idl_types.h" + +import "netlogon.idl", "lsa.idl", "security.idl"; + +[ + uuid("245f3e6b-3c5d-6e21-3a2d-2a3d645b7221"), + version(1.0), + pointer_default(unique) +] +interface winbind +{ + typedef [switch_type(uint16)] union netr_LogonLevel netr_LogonLevel; + typedef [switch_type(uint16)] union netr_Validation netr_Validation; + + typedef enum { + ID_TYPE_NOT_SPECIFIED, + ID_TYPE_UID, + ID_TYPE_GID, + ID_TYPE_BOTH + } id_type; + + typedef struct { + uint32 id; + id_type type; + } unixid; + + typedef struct { + unixid *unixid; + dom_sid *sid; + NTSTATUS status; + } id_mapping; + + /* a call to get runtime informations */ + void winbind_information(/* TODO */); + + /* + * a call to trigger some internal events, + * for use in torture tests... + */ + NTSTATUS winbind_remote_control(/* TODO */); + + /* + * do a netr_LogonSamLogon() against the right DC + */ + NTSTATUS winbind_SamLogon( + [in] uint16 logon_level, + [in] [switch_is(logon_level)] netr_LogonLevel logon, + [in] uint16 validation_level, + [out] [switch_is(validation_level)] netr_Validation validation, + [out] uint8 authoritative + ); + + typedef [v1_enum] enum { + WINBIND_IDMAP_LEVEL_SIDS_TO_XIDS = 1, + WINBIND_IDMAP_LEVEL_XIDS_TO_SIDS = 2 + } winbind_get_idmap_level; + + NTSTATUS winbind_get_idmap( + [in] winbind_get_idmap_level level, + [in] uint32 count, + [in,out] [size_is(count)] id_mapping ids[] + ); + +} diff --git a/source4/librpc/idl/winreg.cnf b/source4/librpc/idl/winreg.cnf new file mode 100644 index 0000000000..e5a146cd5d --- /dev/null +++ b/source4/librpc/idl/winreg.cnf @@ -0,0 +1,52 @@ +IMPORT security_secinfo offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep, hf_winreg_winreg_GetKeySecurity_sec_info, NULL); + +HF_FIELD hf_winreg_access_required "Access Required" "winreg.access_required" FT_UINT32 BASE_HEX NULL 0 "" "" "" + +HF_RENAME hf_winreg_winreg_OpenHKCR_access_required hf_winreg_access_required +HF_RENAME hf_winreg_winreg_OpenHKLM_access_required hf_winreg_access_required +HF_RENAME hf_winreg_winreg_OpenHKU_access_required hf_winreg_access_required +HF_RENAME hf_winreg_winreg_CreateKey_access_required hf_winreg_access_required +HF_RENAME hf_winreg_winreg_OpenHKCC_access_required hf_winreg_access_required +HF_RENAME hf_winreg_winreg_OpenHKDD_access_required hf_winreg_access_required +HF_RENAME hf_winreg_winreg_OpenHKPT_access_required hf_winreg_access_required +HF_RENAME hf_winreg_winreg_OpenHKPN_access_required hf_winreg_access_required + +HF_FIELD hf_winreg_system_name "System Name" "winreg.system_name" FT_UINT16 BASE_DEC NULL 0 "" "" "" + +HF_RENAME hf_winreg_winreg_OpenHKCR_system_name hf_winreg_system_name +HF_RENAME hf_winreg_winreg_OpenHKCU_system_name hf_winreg_system_name +HF_RENAME hf_winreg_winreg_OpenHKLM_system_name hf_winreg_system_name +HF_RENAME hf_winreg_winreg_OpenHKPD_system_name hf_winreg_system_name +HF_RENAME hf_winreg_winreg_OpenHKU_system_name hf_winreg_system_name +HF_RENAME hf_winreg_winreg_OpenHKCC_system_name hf_winreg_system_name +HF_RENAME hf_winreg_winreg_OpenHKDD_system_name hf_winreg_system_name +HF_RENAME hf_winreg_winreg_OpenHKPT_system_name hf_winreg_system_name +HF_RENAME hf_winreg_winreg_OpenHKPN_system_name hf_winreg_system_name + +HF_FIELD hf_winreg_handle "Handle" "winreg.handle" FT_BYTES BASE_NONE NULL 0 "" "" "" + +HF_RENAME hf_winreg_winreg_OpenHKCR_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_OpenHKCU_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_OpenHKLM_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_OpenHKPD_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_OpenHKU_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_CloseKey_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_CreateKey_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_DeleteKey_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_DeleteValue_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_EnumKey_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_EnumValue_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_FlushKey_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_GetKeySecurity_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_LoadKey_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_NotifyChangeKeyValue_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_OpenKey_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_QueryInfoKey_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_QueryValue_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_SetKeySecurity_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_SetValue_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_GetVersion_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_OpenHKCC_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_OpenHKDD_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_OpenHKPT_handle hf_winreg_handle +HF_RENAME hf_winreg_winreg_OpenHKPN_handle hf_winreg_handle diff --git a/source4/librpc/idl/winreg.idl b/source4/librpc/idl/winreg.idl new file mode 100644 index 0000000000..1e01a91197 --- /dev/null +++ b/source4/librpc/idl/winreg.idl @@ -0,0 +1,401 @@ +/* + winreg interface definition +*/ + +import "lsa.idl", "security.idl"; + +[ + uuid("338cd001-2244-31f1-aaaa-900038001003"), + version(1.0), + endpoint("ncacn_np:[\\pipe\\winreg]","ncacn_ip_tcp:","ncalrpc:"), + pointer_default(unique), + helpstring("Remote Registry Service") +] interface winreg +{ + typedef bitmap security_secinfo security_secinfo; + + typedef [bitmap32bit] bitmap { + KEY_QUERY_VALUE = 0x00001, + KEY_SET_VALUE = 0x00002, + KEY_CREATE_SUB_KEY = 0x00004, + KEY_ENUMERATE_SUB_KEYS = 0x00008, + KEY_NOTIFY = 0x00010, + KEY_CREATE_LINK = 0x00020, + KEY_WOW64_64KEY = 0x00100, + KEY_WOW64_32KEY = 0x00200 + } winreg_AccessMask; + + typedef [public,v1_enum] enum { + REG_NONE = 0, + REG_SZ = 1, + REG_EXPAND_SZ = 2, + REG_BINARY = 3, + REG_DWORD = 4, + REG_DWORD_BIG_ENDIAN = 5, + REG_LINK = 6, + REG_MULTI_SZ = 7, + REG_RESOURCE_LIST = 8, + REG_FULL_RESOURCE_DESCRIPTOR = 9, + REG_RESOURCE_REQUIREMENTS_LIST = 10, + REG_QWORD = 11 + } winreg_Type; + + typedef [public,noejs] struct { + [value(strlen_m_term(name)*2)] uint16 name_len; + [value(strlen_m_term(name)*2)] uint16 name_size; + [string,charset(UTF16)] uint16 *name; + } winreg_String; + + /******************/ + /* Function: 0x00 */ + WERROR winreg_OpenHKCR( + [in,unique] uint16 *system_name, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x01 */ + WERROR winreg_OpenHKCU( + [in,unique] uint16 *system_name, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x02 */ + [public] WERROR winreg_OpenHKLM( + [in,unique] uint16 *system_name, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x03 */ + WERROR winreg_OpenHKPD( + [in,unique] uint16 *system_name, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x04 */ + WERROR winreg_OpenHKU( + [in,unique] uint16 *system_name, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x05 */ + [public] WERROR winreg_CloseKey( + [in,out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x06 */ + + typedef struct { + [size_is(size),length_is(len)] uint8 *data; + uint32 size; + uint32 len; + } KeySecurityData; + + typedef struct { + uint32 length; + KeySecurityData sd; + boolean8 inherit; + } winreg_SecBuf; + + typedef [v1_enum] enum { + REG_ACTION_NONE = 0, /* used by caller */ + REG_CREATED_NEW_KEY = 1, + REG_OPENED_EXISTING_KEY = 2 + } winreg_CreateAction; + + [public] WERROR winreg_CreateKey( + [in,ref] policy_handle *handle, + [in] winreg_String name, + [in] winreg_String keyclass, + [in] uint32 options, + [in] winreg_AccessMask access_mask, + [in,unique] winreg_SecBuf *secdesc, + [out,ref] policy_handle *new_handle, + [in,out,unique] winreg_CreateAction *action_taken + ); + + /******************/ + /* Function: 0x07 */ + [public] WERROR winreg_DeleteKey( + [in,ref] policy_handle *handle, + [in] winreg_String key + ); + + /******************/ + /* Function: 0x08 */ + WERROR winreg_DeleteValue( + [in,ref] policy_handle *handle, + [in] winreg_String value + ); + + typedef struct { + [value(strlen_m_term(name)*2)] uint16 length; + /* size cannot be auto-set by value() as it is the + amount of space the server is allowed to use for this + string in the reply, not its current size */ + uint16 size; + [size_is(size/2),length_is(length/2),charset(UTF16)] uint16 *name; + } winreg_StringBuf; + + /******************/ + /* Function: 0x09 */ + [public] WERROR winreg_EnumKey( + [in,ref] policy_handle *handle, + [in] uint32 enum_index, + [in,out,ref] winreg_StringBuf *name, + [in,out,unique] winreg_StringBuf *keyclass, + [in,out,unique] NTTIME *last_changed_time + ); + + /******************/ + /* Function: 0x0a */ + + [public] WERROR winreg_EnumValue( + [in,ref] policy_handle *handle, + [in] uint32 enum_index, + [in,out,ref] winreg_StringBuf *name, + [in,out,unique] winreg_Type *type, + [in,out,unique,size_is(*size),length_is(*length)] uint8 *value, + [in,out,unique] uint32 *size, + [in,out,unique] uint32 *length + ); + + /******************/ + /* Function: 0x0b */ + [public] WERROR winreg_FlushKey( + [in,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x0c */ + [public] WERROR winreg_GetKeySecurity( + [in,ref] policy_handle *handle, + [in] security_secinfo sec_info, + [in,out,ref] KeySecurityData *sd + ); + + /******************/ + /* Function: 0x0d */ + WERROR winreg_LoadKey( + [in,ref] policy_handle *handle, + [in,unique] winreg_String *keyname, + [in,unique] winreg_String *filename + ); + + /******************/ + /* Function: 0x0e */ + typedef [public,bitmap32bit] bitmap { + REG_NOTIFY_CHANGE_NAME = 0x00000001, + REG_NOTIFY_CHANGE_ATTRIBUTES = 0x00000002, + REG_NOTIFY_CHANGE_LAST_SET = 0x00000004, + REG_NOTIFY_CHANGE_SECURITY = 0x00000008 + } winreg_NotifyChangeType; + + [public] WERROR winreg_NotifyChangeKeyValue( + [in,ref] policy_handle *handle, + [in] boolean8 watch_subtree, + [in] winreg_NotifyChangeType notify_filter, + [in] uint32 unknown, + [in] winreg_String string1, + [in] winreg_String string2, + [in] uint32 unknown2 + ); + + /******************/ + /* Function: 0x0f */ + [public] WERROR winreg_OpenKey( + [in,ref] policy_handle *parent_handle, + [in] winreg_String keyname, + [in] uint32 unknown, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x10 */ + [public] WERROR winreg_QueryInfoKey( + [in,ref] policy_handle *handle, + [in,out,ref] winreg_String *classname, + [out,ref] uint32 *num_subkeys, + [out,ref] uint32 *max_subkeylen, + [out,ref] uint32 *max_subkeysize, + [out,ref] uint32 *num_values, + [out,ref] uint32 *max_valnamelen, + [out,ref] uint32 *max_valbufsize, + [out,ref] uint32 *secdescsize, + [out,ref] NTTIME *last_changed_time + ); + + /******************/ + /* Function: 0x11 */ + [public] WERROR winreg_QueryValue( + [in,ref] policy_handle *handle, + [in] winreg_String value_name, + [in,out,unique] winreg_Type *type, + [in,out,unique,size_is(*size),length_is(*length)] uint8 *data, + [in,out,unique] uint32 *size, + [in,out,unique] uint32 *length + ); + + /******************/ + /* Function: 0x12 */ + [todo] WERROR winreg_ReplaceKey( + ); + + /******************/ + /* Function: 0x13 */ + WERROR winreg_RestoreKey( + [in,ref] policy_handle *handle, + [in,ref] winreg_String *filename, + [in] uint32 flags + ); + + /******************/ + /* Function: 0x14 */ + + typedef struct { + uint32 data_size; + KeySecurityData sec_data; + uint8 inherit; + } KeySecurityAttribute; + + WERROR winreg_SaveKey( + [in,ref] policy_handle *handle, + [in,ref] winreg_String *filename, + [in,unique] KeySecurityAttribute *sec_attrib + ); + + /******************/ + /* Function: 0x15 */ + WERROR winreg_SetKeySecurity( + [in,ref] policy_handle *handle, + [in] security_secinfo sec_info, + [in,ref] KeySecurityData *sd + ); + + /******************/ + /* Function: 0x16 */ + WERROR winreg_SetValue( + [in,ref] policy_handle *handle, + [in] winreg_String name, + [in] winreg_Type type, + [in,size_is(size),ref] uint8 *data, + [in] uint32 size + ); + + /******************/ + /* Function: 0x17 */ + [todo] WERROR winreg_UnLoadKey( + ); + + /******************/ + /* Function: 0x18 */ + WERROR winreg_InitiateSystemShutdown( + [in,unique] uint16 *hostname, + /* + * Note: lsa_String and winreg_String both result + * in WERR_INVALID_PARAM + */ + [in,unique] lsa_StringLarge *message, + [in] uint32 timeout, + [in] uint8 force_apps, + [in] uint8 reboot + ); + + /******************/ + /* Function: 0x19 */ + WERROR winreg_AbortSystemShutdown( + [in,unique] uint16 *server + ); + + /******************/ + /* Function: 0x1a */ + [public] WERROR winreg_GetVersion( + [in,ref] policy_handle *handle, + [out,ref] uint32 *version + ); + + /******************/ + /* Function: 0x1b */ + WERROR winreg_OpenHKCC( + [in,unique] uint16 *system_name, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x1c */ + WERROR winreg_OpenHKDD( + [in,unique] uint16 *system_name, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + typedef struct { + winreg_String *name; + winreg_Type type; + uint32 offset; + uint32 length; + } QueryMultipleValue; + + /******************/ + /* Function: 0x1d */ + [public] WERROR winreg_QueryMultipleValues( + [in,ref] policy_handle *key_handle, + [in,out,ref,size_is(num_values),length_is(num_values)] QueryMultipleValue *values, + [in] uint32 num_values, + [in,out,unique,size_is(*buffer_size),length_is(*buffer_size)] uint8 *buffer, + [in,out,ref] uint32 *buffer_size + ); + + /******************/ + /* Function: 0x1e */ + WERROR winreg_InitiateSystemShutdownEx( + [in,unique] uint16 *hostname, + /* + * Note: lsa_String and winreg_String both result + * in WERR_INVALID_PARAM + */ + [in,unique] lsa_StringLarge *message, + [in] uint32 timeout, + [in] uint8 force_apps, + [in] uint8 reboot, + [in] uint32 reason + ); + + /******************/ + /* Function: 0x1f */ + [todo] WERROR winreg_SaveKeyEx( + ); + + /******************/ + /* Function: 0x20 */ + WERROR winreg_OpenHKPT( + [in,unique] uint16 *system_name, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x21 */ + WERROR winreg_OpenHKPN( + [in,unique] uint16 *system_name, + [in] winreg_AccessMask access_mask, + [out,ref] policy_handle *handle + ); + + /******************/ + /* Function: 0x22 */ + [todo] WERROR winreg_QueryMultipleValues2( + ); +} diff --git a/source4/librpc/idl/wins.idl b/source4/librpc/idl/wins.idl new file mode 100644 index 0000000000..dc98cf4259 --- /dev/null +++ b/source4/librpc/idl/wins.idl @@ -0,0 +1,27 @@ +[ + uuid("45f52c28-7f9f-101a-b52b-08002b2efabe"), + version(1.0), + helpstring("Server-to-Server WINS") +] interface WinsPipe +{ + void WinsRecordAction(); + void WinsStatus(); + void WinsTrigger(); + void WinsDoStaticInit(); + void WinsDoScavenging(); + void WinsGetDbRecs(); + void WinsTerm(); + void WinsBackup(); + void WinsDelDbRecs(); + void WinsPullRange(); + void WinsSetPriorityClass(); + void WinsResetCounters(); + void WinsWorkerThreadUpdate(); + void WinsGetNameAndAdd(); + void WinsGetBrowserNames_Old(); + void WinsDeleteWins(); + void WinsSetFlags(); + void WinsGetDbRecsByName(); + void WinsStatusWHdl(); + void WinsDoScanvenging2(); +} diff --git a/source4/librpc/idl/winsrepl.idl b/source4/librpc/idl/winsrepl.idl new file mode 100644 index 0000000000..13432d86f6 --- /dev/null +++ b/source4/librpc/idl/winsrepl.idl @@ -0,0 +1,175 @@ +#include "idl_types.h" + +/* + IDL structures for WINS replication protocol (port 42) + + Note that WINS replication is not traditionally encoded using + IDL/NDR + + Written by Andrew Tridgell <tridge@osdl.org> +*/ + +import "nbt.idl"; + +interface wrepl +{ + const int WINS_REPLICATION_PORT = 42; + + typedef [flag(NDR_BIG_ENDIAN)] struct { + ipv4address owner; + ipv4address ip; + } wrepl_ip; + + typedef [flag(NDR_LITTLE_ENDIAN)] struct { + uint32 num_ips; + wrepl_ip ips[num_ips]; + } wrepl_address_list; + + typedef [nodiscriminant] union { + [case(0)] ipv4address ip; + [case(2)] wrepl_address_list addresses; + } wrepl_addresses; + + typedef [enum8bit] enum { + WREPL_TYPE_UNIQUE = 0x0, + WREPL_TYPE_GROUP = 0x1, + WREPL_TYPE_SGROUP = 0x2, + WREPL_TYPE_MHOMED = 0x3 + } wrepl_name_type; + + typedef [enum8bit] enum { + WREPL_STATE_ACTIVE = 0x0, + WREPL_STATE_RELEASED = 0x1, + WREPL_STATE_TOMBSTONE = 0x2, + WREPL_STATE_RESERVED = 0x3 + } wrepl_name_state; + + typedef [enum8bit] enum { + WREPL_NODE_B = 0x0, + WREPL_NODE_P = 0x1, + WREPL_NODE_M = 0x2, + WREPL_NODE_H = 0x3 + } wrepl_name_node; + + typedef [bitmap32bit] bitmap { + WREPL_FLAGS_RECORD_TYPE = 0x00000003, + WREPL_FLAGS_RECORD_STATE = 0x0000000C, + WREPL_FLAGS_REGISTERED_LOCAL = 0x00000010, + WREPL_FLAGS_NODE_TYPE = 0x00000060, + WREPL_FLAGS_IS_STATIC = 0x00000080 + } wrepl_flags; + + typedef [v1_enum] enum { + WREPL_GROUP_FLAG_NO_GROUP = 0x00000000, + WREPL_GROUP_FLAG_IS_GROUP = 0x00000001 + } wrepl_group_flag; + +#define WREPL_IS_GROUP(flags) (\ + ((((flags) & WREPL_FLAGS_RECORD_TYPE) == WREPL_TYPE_GROUP)|| \ + (((flags) & WREPL_FLAGS_RECORD_TYPE) == WREPL_TYPE_SGROUP))\ + ? WREPL_GROUP_FLAG_IS_GROUP : WREPL_GROUP_FLAG_NO_GROUP) + + typedef struct { + wrepl_nbt_name name; + wrepl_flags flags; + [flag(NDR_LITTLE_ENDIAN),value(WREPL_IS_GROUP(flags))] wrepl_group_flag is_group; + udlongr id; + [switch_is(flags & 2)] wrepl_addresses addresses; + ipv4address unknown; + } wrepl_wins_name; + + typedef struct { + uint32 num_names; + wrepl_wins_name names[num_names]; + } wrepl_send_reply; + + typedef struct { + ipv4address address; + udlongr max_version; + udlongr min_version; + uint32 type; + } wrepl_wins_owner; + + typedef struct { + uint32 partner_count; + wrepl_wins_owner partners[partner_count]; + ipv4address initiator; + } wrepl_table; + + typedef [v1_enum] enum { + WREPL_REPL_TABLE_QUERY = 0, + WREPL_REPL_TABLE_REPLY = 1, + WREPL_REPL_SEND_REQUEST = 2, + WREPL_REPL_SEND_REPLY = 3, + WREPL_REPL_UPDATE = 4, + WREPL_REPL_UPDATE2 = 5, + WREPL_REPL_INFORM = 8, + WREPL_REPL_INFORM2 = 9 + } wrepl_replication_cmd; + + typedef [nodiscriminant] union { + [case(WREPL_REPL_TABLE_QUERY)] ; + [case(WREPL_REPL_TABLE_REPLY)] wrepl_table table; + [case(WREPL_REPL_SEND_REQUEST)] wrepl_wins_owner owner; + [case(WREPL_REPL_SEND_REPLY)] wrepl_send_reply reply; + [case(WREPL_REPL_UPDATE)] wrepl_table table; + [case(WREPL_REPL_UPDATE2)] wrepl_table table; + [case(WREPL_REPL_INFORM)] wrepl_table table; + [case(WREPL_REPL_INFORM2)] wrepl_table table; + } wrepl_replication_info; + + typedef struct { + wrepl_replication_cmd command; + [switch_is(command)] wrepl_replication_info info; + } wrepl_replication; + + typedef struct { + uint32 assoc_ctx; + uint16 minor_version; + uint16 major_version; + } wrepl_start; + + typedef struct { + uint32 reason; + } wrepl_stop; + + typedef [v1_enum] enum { + WREPL_START_ASSOCIATION = 0, + WREPL_START_ASSOCIATION_REPLY = 1, + WREPL_STOP_ASSOCIATION = 2, + WREPL_REPLICATION = 3 + } wrepl_mess_type; + + typedef [nodiscriminant] union { + [case(WREPL_START_ASSOCIATION)] wrepl_start start; + [case(WREPL_START_ASSOCIATION_REPLY)] wrepl_start start_reply; + [case(WREPL_STOP_ASSOCIATION)] wrepl_stop stop; + [case(WREPL_REPLICATION)] wrepl_replication replication; + } wrepl_message; + + /* + the opcode appears to be a bitfield, but as far as I can tell + you must always set the following bits. Additional bits don't + seem to matter. Very strange. + */ + const int WREPL_OPCODE_BITS = 0x7800; + + + typedef [gensize,flag(NDR_BIG_ENDIAN|NDR_PAHEX),public] struct { + uint32 opcode; + uint32 assoc_ctx; + wrepl_mess_type mess_type; + [switch_is(mess_type)] wrepl_message message; + [flag(NDR_REMAINING)] DATA_BLOB padding; + } wrepl_packet; + + typedef [flag(NDR_BIG_ENDIAN|NDR_PAHEX),public] struct { + [value(ndr_size_wrepl_packet(&packet, ndr->flags))] uint32 size; + wrepl_packet packet; + } wrepl_wrap; + + void decode_winsrepl( + [in] wrepl_wrap p + ); + +} diff --git a/source4/librpc/idl/winstation.idl b/source4/librpc/idl/winstation.idl new file mode 100644 index 0000000000..fb02fa73df --- /dev/null +++ b/source4/librpc/idl/winstation.idl @@ -0,0 +1,13 @@ +/* + winstation interface definition +*/ + +#include "idl_types.h" + +[ uuid("5ca4a760-ebb1-11cf-8611-00a0245420ed"), + version(1.0), + helpstring("Terminal Services remote management") +] interface winstation +{ + void winstation_foo(); +} diff --git a/source4/librpc/idl/wkssvc.idl b/source4/librpc/idl/wkssvc.idl new file mode 100644 index 0000000000..023ce59ad9 --- /dev/null +++ b/source4/librpc/idl/wkssvc.idl @@ -0,0 +1,795 @@ +#include "idl_types.h" + +/* + wkssvc interface definitions +*/ + +import "srvsvc.idl", "lsa.idl"; + +[ uuid("6bffd098-a112-3610-9833-46c3f87e345a"), + version(1.0), + pointer_default(unique), + helpstring("Workstation Service"), + endpoint("ncacn_np:[\\pipe\\wkssvc]","ncacn_ip_tcp:","ncalrpc:") +] interface wkssvc +{ + typedef [v1_enum] enum srvsvc_PlatformId srvsvc_PlatformId; + +#define BOOL uint32 + + /******************/ + /* Function: 0x00 */ + + typedef struct { + srvsvc_PlatformId platform_id; + [string,charset(UTF16)] uint16 *server_name; + [string,charset(UTF16)] uint16 *domain_name; + uint32 version_major; + uint32 version_minor; + } wkssvc_NetWkstaInfo100; + + typedef struct { + srvsvc_PlatformId platform_id; + [string,charset(UTF16)] uint16 *server_name; + [string,charset(UTF16)] uint16 *domain_name; + uint32 version_major; + uint32 version_minor; + [string,charset(UTF16)] uint16 *lan_root; + } wkssvc_NetWkstaInfo101; + + typedef struct { + srvsvc_PlatformId platform_id; + [string,charset(UTF16)] uint16 *server_name; + [string,charset(UTF16)] uint16 *domain_name; + uint32 version_major; + uint32 version_minor; + [string,charset(UTF16)] uint16 *lan_root; + uint32 logged_on_users; + } wkssvc_NetWkstaInfo102; + + /* FIXME: 302, 402 */ + + typedef struct { + uint32 char_wait; + uint32 collection_time; + uint32 maximum_collection_count; + uint32 keep_connection; + uint32 max_commands; + uint32 session_timeout; + uint32 size_char_buf; + uint32 max_threads; + uint32 lock_quota; + uint32 lock_increment; + uint32 lock_maximum; + uint32 pipe_increment; + uint32 pipe_maximum; + uint32 cache_file_timeout; + uint32 dormant_file_limit; + uint32 read_ahead_throughput; + uint32 num_mailslot_buffers; + uint32 num_srv_announce_buffers; + uint32 max_illegal_dgram_events; + uint32 dgram_event_reset_freq; + BOOL log_election_packets; + BOOL use_opportunistic_locking; + BOOL use_unlock_behind; + BOOL use_close_behind; + BOOL buf_named_pipes; + BOOL use_lock_read_unlock; + BOOL utilize_nt_caching; + BOOL use_raw_read; + BOOL use_raw_write; + BOOL use_write_raw_data; + BOOL use_encryption; + BOOL buf_files_deny_write; + BOOL buf_read_only_files; + BOOL force_core_create_mode; + BOOL use_512_byte_max_transfer; + } wkssvc_NetWkstaInfo502; + + typedef struct { + uint32 char_wait; + } wkssvc_NetWkstaInfo1010; + + typedef struct { + uint32 collection_time; + } wkssvc_NetWkstaInfo1011; + + typedef struct { + uint32 maximum_collection_count; + } wkssvc_NetWkstaInfo1012; + + typedef struct { + uint32 keep_connection; + } wkssvc_NetWkstaInfo1013; + + typedef struct { + uint32 session_timeout; + } wkssvc_NetWkstaInfo1018; + + typedef struct { + uint32 size_char_buf; + } wkssvc_NetWkstaInfo1023; + + typedef struct { + uint32 errorlog_sz; + } wkssvc_NetWkstaInfo1027; + + /* downlevel */ + typedef struct { + uint32 print_buf_time; + } wkssvc_NetWkstaInfo1028; + + /* downlevel */ + typedef struct { + uint32 wrk_heuristics; + } wkssvc_NetWkstaInfo1032; + + typedef struct { + uint32 max_threads; + } wkssvc_NetWkstaInfo1033; + + typedef struct { + uint32 lock_quota; + } wkssvc_NetWkstaInfo1041; + + typedef struct { + uint32 lock_increment; + } wkssvc_NetWkstaInfo1042; + + typedef struct { + uint32 lock_maximum; + } wkssvc_NetWkstaInfo1043; + + typedef struct { + uint32 pipe_increment; + } wkssvc_NetWkstaInfo1044; + + typedef struct { + uint32 pipe_maximum; + } wkssvc_NetWkstaInfo1045; + + typedef struct { + uint32 dormant_file_limit; + } wkssvc_NetWkstaInfo1046; + + typedef struct { + uint32 cache_file_timeout; + } wkssvc_NetWkstaInfo1047; + + typedef struct { + uint32 use_opportunistic_locking; + } wkssvc_NetWkstaInfo1048; + + typedef struct { + uint32 use_unlock_behind; + } wkssvc_NetWkstaInfo1049; + + typedef struct { + uint32 use_close_behind; + } wkssvc_NetWkstaInfo1050; + + typedef struct { + uint32 buf_named_pipes; + } wkssvc_NetWkstaInfo1051; + + typedef struct { + uint32 use_lock_read_unlock; + } wkssvc_NetWkstaInfo1052; + + typedef struct { + uint32 utilize_nt_caching; + } wkssvc_NetWkstaInfo1053; + + typedef struct { + uint32 use_raw_read; + } wkssvc_NetWkstaInfo1054; + + typedef struct { + uint32 use_raw_write; + } wkssvc_NetWkstaInfo1055; + + typedef struct { + uint32 use_write_raw_data; + } wkssvc_NetWkstaInfo1056; + + typedef struct { + uint32 use_encryption; + } wkssvc_NetWkstaInfo1057; + + typedef struct { + uint32 buf_files_deny_write; + } wkssvc_NetWkstaInfo1058; + + typedef struct { + uint32 buf_read_only_files; + } wkssvc_NetWkstaInfo1059; + + typedef struct { + uint32 force_core_create_mode; + } wkssvc_NetWkstaInfo1060; + + typedef struct { + uint32 use_512_byte_max_transfer; + } wkssvc_NetWkstaInfo1061; + + typedef struct { + uint32 read_ahead_throughput; + } wkssvc_NetWkstaInfo1062; + + typedef union { + [case(100)] wkssvc_NetWkstaInfo100 *info100; + [case(101)] wkssvc_NetWkstaInfo101 *info101; + [case(102)] wkssvc_NetWkstaInfo102 *info102; + [case(502)] wkssvc_NetWkstaInfo502 *info502; + [case(1010)] wkssvc_NetWkstaInfo1010 *info1010; + [case(1011)] wkssvc_NetWkstaInfo1011 *info1011; + [case(1012)] wkssvc_NetWkstaInfo1012 *info1012; + [case(1013)] wkssvc_NetWkstaInfo1013 *info1013; + [case(1018)] wkssvc_NetWkstaInfo1018 *info1018; + [case(1023)] wkssvc_NetWkstaInfo1023 *info1023; + [case(1027)] wkssvc_NetWkstaInfo1027 *info1027; + [case(1028)] wkssvc_NetWkstaInfo1028 *info1028; + [case(1032)] wkssvc_NetWkstaInfo1032 *info1032; + [case(1033)] wkssvc_NetWkstaInfo1033 *info1033; + [case(1041)] wkssvc_NetWkstaInfo1041 *info1041; + [case(1042)] wkssvc_NetWkstaInfo1042 *info1042; + [case(1043)] wkssvc_NetWkstaInfo1043 *info1043; + [case(1044)] wkssvc_NetWkstaInfo1044 *info1044; + [case(1045)] wkssvc_NetWkstaInfo1045 *info1045; + [case(1046)] wkssvc_NetWkstaInfo1046 *info1046; + [case(1047)] wkssvc_NetWkstaInfo1047 *info1047; + [case(1048)] wkssvc_NetWkstaInfo1048 *info1048; + [case(1049)] wkssvc_NetWkstaInfo1049 *info1049; + [case(1050)] wkssvc_NetWkstaInfo1050 *info1050; + [case(1051)] wkssvc_NetWkstaInfo1051 *info1051; + [case(1052)] wkssvc_NetWkstaInfo1052 *info1052; + [case(1053)] wkssvc_NetWkstaInfo1053 *info1053; + [case(1054)] wkssvc_NetWkstaInfo1054 *info1054; + [case(1055)] wkssvc_NetWkstaInfo1055 *info1055; + [case(1056)] wkssvc_NetWkstaInfo1056 *info1056; + [case(1057)] wkssvc_NetWkstaInfo1057 *info1057; + [case(1058)] wkssvc_NetWkstaInfo1058 *info1058; + [case(1059)] wkssvc_NetWkstaInfo1059 *info1059; + [case(1060)] wkssvc_NetWkstaInfo1060 *info1060; + [case(1061)] wkssvc_NetWkstaInfo1061 *info1061; + [case(1062)] wkssvc_NetWkstaInfo1062 *info1062; + [default] ; + } wkssvc_NetWkstaInfo; + + WERROR wkssvc_NetWkstaGetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] uint32 level, + [out,switch_is(level),ref] wkssvc_NetWkstaInfo *info + ); + + + /******************/ + /* Function: 0x01 */ + WERROR wkssvc_NetWkstaSetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] uint32 level, + [in,switch_is(level),ref] wkssvc_NetWkstaInfo *info, + [in,out,ref] uint32 *parm_error + ); + + + /*****************************/ + /* Function 0x02 */ + typedef struct { + [string,charset(UTF16)] uint16 *user_name; + } wkssvc_NetrWkstaUserInfo0; + + typedef struct { + uint32 entries_read; + [size_is(entries_read)] wkssvc_NetrWkstaUserInfo0 *user0; + } wkssvc_NetWkstaEnumUsersCtr0; + + typedef struct { + [string,charset(UTF16)] uint16 *user_name; + [string,charset(UTF16)] uint16 *logon_domain; + [string,charset(UTF16)] uint16 *other_domains; + [string,charset(UTF16)] uint16 *logon_server; + } wkssvc_NetrWkstaUserInfo1; + + typedef struct { + uint32 entries_read; + [size_is(entries_read)] wkssvc_NetrWkstaUserInfo1 *user1; + } wkssvc_NetWkstaEnumUsersCtr1; + + typedef [switch_type(uint32)] union { + [case(0)] wkssvc_NetWkstaEnumUsersCtr0 *user0; + [case(1)] wkssvc_NetWkstaEnumUsersCtr1 *user1; + } wkssvc_NetWkstaEnumUsersCtr; + + typedef struct { + uint32 level; + [switch_is(level)] wkssvc_NetWkstaEnumUsersCtr ctr; + } wkssvc_NetWkstaEnumUsersInfo; + + WERROR wkssvc_NetWkstaEnumUsers( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,out,ref] wkssvc_NetWkstaEnumUsersInfo *info, + [in] uint32 prefmaxlen, + [out,ref] uint32 *entries_read, + [in,out,unique] uint32 *resume_handle + ); + + /*****************************/ + /* Function 0x03 */ + typedef struct { + [string,charset(UTF16)] uint16 *other_domains; + } wkssvc_NetrWkstaUserInfo1101; + + typedef [switch_type(uint32)] union { + [case(0)] wkssvc_NetrWkstaUserInfo0 *info0; + [case(1)] wkssvc_NetrWkstaUserInfo1 *info1; + [case(1101)] wkssvc_NetrWkstaUserInfo1101 *info1101; + } wkssvc_NetrWkstaUserInfo; + + WERROR wkssvc_NetrWkstaUserGetInfo( + [in,unique] [string,charset(UTF16)] uint16 *unknown, + [in] uint32 level, + [out,ref] [switch_is(level)] wkssvc_NetrWkstaUserInfo *info + ); + + /*****************************/ + /* Function 0x04 */ + WERROR wkssvc_NetrWkstaUserSetInfo( + [in,unique] [string,charset(UTF16)] uint16 *unknown, + [in] uint32 level, + [in,ref] [switch_is(level)] wkssvc_NetrWkstaUserInfo *info, + [in,out,unique] uint32 *parm_err + ); + + /*****************************/ + /* Function 0x05 */ + + typedef struct { + uint32 quality_of_service; + uint32 vc_count; + [string,charset(UTF16)] uint16 *name; + [string,charset(UTF16)] uint16 *address; + uint32 wan_link; + } wkssvc_NetWkstaTransportInfo0; + + typedef struct { + uint32 count; + [size_is(count)] wkssvc_NetWkstaTransportInfo0 *array; + } wkssvc_NetWkstaTransportCtr0; + + typedef union { + [case(0)] wkssvc_NetWkstaTransportCtr0 *ctr0; + } wkssvc_NetWkstaTransportCtr; + + typedef struct { + uint32 level; + [switch_is(level)] wkssvc_NetWkstaTransportCtr ctr; + } wkssvc_NetWkstaTransportInfo; + + WERROR wkssvc_NetWkstaTransportEnum ( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,out,ref] wkssvc_NetWkstaTransportInfo *info, + [in] uint32 max_buffer, + [out,ref] uint32 *total_entries, + [in,out,unique] uint32 *resume_handle + ); + + /*****************************/ + /* Function 0x06 */ + /* only supported on NT */ + WERROR wkssvc_NetrWkstaTransportAdd( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] uint32 level, /* must be 0 */ + [in,ref] wkssvc_NetWkstaTransportInfo0 *info0, + [in,out,unique] uint32 *parm_err + ); + + /*****************************/ + /* Function 0x07 */ + /* only supported on NT */ + WERROR wkssvc_NetrWkstaTransportDel( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *transport_name, + [in] uint32 unknown3 + ); + + /*****************************/ + /* Function 0x08 */ + typedef struct { + [string,charset(UTF16)] uint16 *unknown1; + [string,charset(UTF16)] uint16 *unknown2; + } wkssvc_NetrUseInfo3; + + typedef struct { + [string,charset(UTF16)] uint16 *local; + [string,charset(UTF16)] uint16 *remote; + [string,charset(UTF16)] uint16 *password; + uint32 status; + uint32 asg_type; + uint32 ref_count; + uint32 use_count; + [string,charset(UTF16)] uint16 *user_name; + [string,charset(UTF16)] uint16 *domain_name; + } wkssvc_NetrUseInfo2; + + typedef struct { + [string,charset(UTF16)] uint16 *local; + [string,charset(UTF16)] uint16 *remote; + [string,charset(UTF16)] uint16 *password; + uint32 status; + uint32 asg_type; + uint32 ref_count; + uint32 use_count; + } wkssvc_NetrUseInfo1; + + typedef struct { + [string,charset(UTF16)] uint16 *local; + [string,charset(UTF16)] uint16 *remote; + } wkssvc_NetrUseInfo0; + + typedef [switch_type(uint32)] union { + [case(0)] wkssvc_NetrUseInfo0 *info0; + [case(1)] wkssvc_NetrUseInfo1 *info1; + [case(2)] wkssvc_NetrUseInfo2 *info2; + [case(3)] wkssvc_NetrUseInfo3 *info3; + } wkssvc_NetrUseGetInfoCtr; + + WERROR wkssvc_NetrUseAdd( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] uint32 level, + [in,ref] [switch_is(level)] wkssvc_NetrUseGetInfoCtr *ctr, + [in,out,unique] uint32 *parm_err + ); + + /*****************************/ + /* Function 0x09 */ + WERROR wkssvc_NetrUseGetInfo( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *use_name, + [in] uint32 level, + [out,ref] [switch_is(level)] wkssvc_NetrUseGetInfoCtr *ctr + ); + + /*****************************/ + /* Function 0x0a */ + WERROR wkssvc_NetrUseDel( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *use_name, + [in] uint32 force_cond + ); + + /*****************************/ + /* Function 0x0b */ + typedef struct { + uint32 count; + [size_is(count)] wkssvc_NetrUseInfo2 *array; + } wkssvc_NetrUseEnumCtr2; + + typedef struct { + uint32 count; + [size_is(count)] wkssvc_NetrUseInfo1 *array; + } wkssvc_NetrUseEnumCtr1; + + typedef struct { + uint32 count; + [size_is(count)] wkssvc_NetrUseInfo0 *array; + } wkssvc_NetrUseEnumCtr0; + + typedef [switch_type(uint32)] union { + [case(0)] wkssvc_NetrUseEnumCtr0 *ctr0; + [case(1)] wkssvc_NetrUseEnumCtr1 *ctr1; + [case(2)] wkssvc_NetrUseEnumCtr2 *ctr2; + } wkssvc_NetrUseEnumCtr; + + typedef struct { + uint32 level; + [switch_is(level)] wkssvc_NetrUseEnumCtr ctr; + } wkssvc_NetrUseEnumInfo; + + WERROR wkssvc_NetrUseEnum( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,out,ref] wkssvc_NetrUseEnumInfo *info, + [in] uint32 prefmaxlen, + [out,ref] uint32 *entries_read, + [in,out,unique] uint32 *resume_handle + ); + + /*****************************/ + /* Function 0x0c */ + WERROR wkssvc_NetrMessageBufferSend( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *message_name, + [in,unique] [string,charset(UTF16)] uint16 *message_sender_name, + [in,ref] [size_is(message_size)] uint8 *message_buffer, + [in] uint32 message_size + ); + + /*****************************/ + /* Function 0x0d */ + typedef struct { + hyper unknown1; + hyper unknown2; + hyper unknown3; + hyper unknown4; + hyper unknown5; + hyper unknown6; + hyper unknown7; + hyper unknown8; + hyper unknown9; + hyper unknown10; + hyper unknown11; + hyper unknown12; + hyper unknown13; + uint32 unknown14; + uint32 unknown15; + uint32 unknown16; + uint32 unknown17; + uint32 unknown18; + uint32 unknown19; + uint32 unknown20; + uint32 unknown21; + uint32 unknown22; + uint32 unknown23; + uint32 unknown24; + uint32 unknown25; + uint32 unknown26; + uint32 unknown27; + uint32 unknown28; + uint32 unknown29; + uint32 unknown30; + uint32 unknown31; + uint32 unknown32; + uint32 unknown33; + uint32 unknown34; + uint32 unknown35; + uint32 unknown36; + uint32 unknown37; + uint32 unknown38; + uint32 unknown39; + uint32 unknown40; + } wkssvc_NetrWorkstationStatistics; + + WERROR wkssvc_NetrWorkstationStatisticsGet( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *unknown2, + [in] uint32 unknown3, + [in] uint32 unknown4, + [out,ref] wkssvc_NetrWorkstationStatistics **info + ); + + /*****************************/ + /* Function 0x0e */ + WERROR wkssvc_NetrLogonDomainNameAdd( + [in,ref] [string,charset(UTF16)] uint16 *domain_name + ); + + /*****************************/ + /* Function 0x0f */ + WERROR wkssvc_NetrLogonDomainNameDel( + [in,ref] [string,charset(UTF16)] uint16 *domain_name + ); + + /*****************************/ + /* Function 0x10 */ + WERROR wkssvc_NetrJoinDomain( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] [string,charset(UTF16)] uint16 *account_ou, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *password, + [in] wkssvc_joinflags join_flags + ); + + /*****************************/ + /* Function 0x11 */ + WERROR wkssvc_NetrUnjoinDomain( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *password, + [in] wkssvc_joinflags unjoin_flags + ); + + /*****************************/ + /* Function 0x12 */ + typedef [bitmap32bit] bitmap { + /* TRUE: create the account in the domain */ + WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE = 0x00000002 + } wkssvc_renameflags; + + WERROR wkssvc_NetrRenameMachineInDomain( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *NewMachineName, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *password, + [in] wkssvc_renameflags RenameOptions + ); + + /*****************************/ + /* Function 0x13 */ + typedef enum { + NetSetupUnknown = 0, + NetSetupMachine = 1, + NetSetupWorkgroup = 2, + NetSetupDomain = 3, + NetSetupNonExistentDomain = 4, + NetSetupDnsMachine = 5 + } wkssvc_NetValidateNameType; + + WERROR wkssvc_NetrValidateName( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *name, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *Password, + [in] wkssvc_NetValidateNameType name_type + ); + + /*****************************/ + /* Function 0x14 */ + typedef enum { + NetSetupUnknownStatus = 0, + NetSetupUnjoined = 1, + NetSetupWorkgroupName = 2, + NetSetupDomainName = 3 + } wkssvc_NetJoinStatus; + + WERROR wkssvc_NetrGetJoinInformation( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,out,ref] [string,charset(UTF16)] uint16 **name_buffer, + [out,ref] wkssvc_NetJoinStatus *name_type + ); + + /*****************************/ + /* Function 0x15 */ + WERROR wkssvc_NetrGetJoinableOus( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] [string,charset(UTF16)] uint16 *unknown, + [in,out,ref] uint32 *num_ous, + /* + * this is a [ref] pointer to a [unique] pointer to an + * array of [unique] pointers to a string array + */ + [out,ref] [size_is(,*num_ous)] [string,charset(UTF16)] uint16 ***ous + ); + + typedef [flag(NDR_PAHEX)] struct { + uint8 data[524]; + } wkssvc_PasswordBuffer; + + typedef [bitmap32bit] bitmap { + WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME = 0x00000400, + WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT = 0x00000200, + /* TRUE: defer setting the SPN and dNSHostName until a rename operation */ + WKSSVC_JOIN_FLAGS_DEFER_SPN = 0x00000100, + + /* TRUE: set the machine password to the provided one after the join completes */ + WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED = 0x00000080, + + /* TRUE: perform an unsecured join */ + WKSSVC_JOIN_FLAGS_JOIN_UNSECURE = 0x00000040, + + /* TRUE: allow the join to complete even if the account already exists */ + WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED = 0x00000020, + + /* TRUE: this join is part of a w9x upgrade */ + WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE = 0x00000010, + + /* TRUE: delete the account when the domain is left */ + WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE = 0x00000004, + + /* TRUE: create the account in the domain */ + WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE = 0x00000002, + + /* TRUE: join domain FALSE: join workgroup */ + WKSSVC_JOIN_FLAGS_JOIN_TYPE = 0x00000001 + + } wkssvc_joinflags; + + /*****************************/ + /* Function 0x16 */ + WERROR wkssvc_NetrJoinDomain2 ( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] [string,charset(UTF16)] uint16 *account_ou, + [in,unique] [string,charset(UTF16)] uint16 *admin_account, + [in,unique] wkssvc_PasswordBuffer *encrypted_password, + [in] wkssvc_joinflags join_flags + ); + + /*****************************/ + /* Function 0x17 */ + WERROR wkssvc_NetrUnjoinDomain2 ( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *account, + [in,unique] wkssvc_PasswordBuffer *encrypted_password, + [in] wkssvc_joinflags unjoin_flags + ); + + /*****************************/ + /* Function 0x18 */ + WERROR wkssvc_NetrRenameMachineInDomain2( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *NewMachineName, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, + [in] wkssvc_renameflags RenameOptions + ); + + /*****************************/ + /* Function 0x19 */ + WERROR wkssvc_NetrValidateName2( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *name, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, + [in] wkssvc_NetValidateNameType name_type + ); + + /*****************************/ + /* Function 0x1a */ + WERROR wkssvc_NetrGetJoinableOus2( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,ref] [string,charset(UTF16)] uint16 *domain_name, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, + [in,out,ref] uint32 *num_ous, + /* + * this is a [ref] pointer to a [unique] pointer to an + * array of [unique] pointers to a string array + */ + [out,ref] [size_is(,*num_ous)] [string,charset(UTF16)] uint16 ***ous + ); + + /*****************************/ + /* Function 0x1b */ + WERROR wkssvc_NetrAddAlternateComputerName( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *NewAlternateMachineName, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, + [in] uint32 Reserved + ); + + /*****************************/ + /* Function 0x1c */ + WERROR wkssvc_NetrRemoveAlternateComputerName( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *AlternateMachineNameToRemove, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, + [in] uint32 Reserved + ); + + /*****************************/ + /* Function 0x1d */ + WERROR wkssvc_NetrSetPrimaryComputername( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in,unique] [string,charset(UTF16)] uint16 *primary_name, + [in,unique] [string,charset(UTF16)] uint16 *Account, + [in,unique] wkssvc_PasswordBuffer *EncryptedPassword, + [in] uint32 Reserved + ); + + /*****************************/ + /* Function 0x1e */ + typedef enum { + NetPrimaryComputerName = 0, + NetAlternateComputerNames = 1, + NetAllComputerNames = 2, + NetComputerNameTypeMax = 3 + } wkssvc_ComputerNameType; + + typedef struct { + uint32 count; + [size_is(count)] lsa_String *computer_name; + } wkssvc_ComputerNamesCtr; + + WERROR wkssvc_NetrEnumerateComputerNames( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] wkssvc_ComputerNameType name_type, + [in] uint32 Reserved, + [out,ref] wkssvc_ComputerNamesCtr **ctr + ); +} diff --git a/source4/librpc/idl/wzcsvc.idl b/source4/librpc/idl/wzcsvc.idl new file mode 100644 index 0000000000..b403c0798c --- /dev/null +++ b/source4/librpc/idl/wzcsvc.idl @@ -0,0 +1,31 @@ +/* + wireless configuration service +*/ + +[ + uuid("621dff68-3c39-4c6c-aae3-e68e2c6503ad"), + version(1.0), + helpstring("Wireless Configuration Service") +] +interface wzcsvc +{ + + void wzcsvc_EnumInterfaces(); + void wzcsvc_QueryInterface(); + void wzcsvc_SetInterface(); + void wzcsvc_RefreshInterface(); + void wzcsvc_QueryContext(); + void wzcsvc_SetContext(); + void wzcsvc_EapolUIResponse(); + void wzcsvc_EapolGetCustomAuthData(); + void wzcsvc_EapolSetCustomAuthData(); + void wzcsvc_EapolGetInterfaceParams(); + void wzcsvc_EapolSetInterfaceParams(); + void wzcsvc_EapolReAuthenticateInterface(); + void wzcsvc_EapolQueryInterfaceState(); + void wzcsvc_OpenWZCDbLogSession(); + void wzcsvc_CloseWZCDbLogSession(); + void wzcsvc_EnumWZCDbLogRecords(); + void wzcsvc_FlushWZCdbLog(); + void wzcsvc_GetWZCDbLogRecord(); +} diff --git a/source4/librpc/idl/xattr.idl b/source4/librpc/idl/xattr.idl new file mode 100644 index 0000000000..ba0123aed0 --- /dev/null +++ b/source4/librpc/idl/xattr.idl @@ -0,0 +1,134 @@ +#include "idl_types.h" + +/* + IDL structures for xattr file attributes + + this has nothing to do with RPC, we are just using our NDR/IDL + infrastructure as a convenient way to store linearised information + about a file in a architecture independent manner +*/ + +import "security.idl"; + +[ + pointer_default(unique) +] +interface xattr +{ + const char *XATTR_DOSATTRIB_NAME = "user.DosAttrib"; + const int XATTR_DOSATTRIB_ESTIMATED_SIZE = 64; + + /* we store basic dos attributes in a DosAttrib xattr. By + using a union we can cope with new version of this + structure more easily */ + + typedef struct { + uint32 attrib; + uint32 ea_size; + udlong size; + udlong alloc_size; + NTTIME create_time; + NTTIME change_time; + } xattr_DosInfo1; + +/* + We use xattrDosInfo1 again when we store values. + Because the sticky write time is now stored in the opendb + and xattr_DosInfo2Old is only present to parse existing + values from disk. + + const int XATTR_ATTRIB_FLAG_STICKY_WRITE_TIME = 0x1; +*/ + typedef struct { + uint32 flags; + uint32 attrib; + uint32 ea_size; + udlong size; + udlong alloc_size; + NTTIME create_time; + NTTIME change_time; + NTTIME write_time; /* only used when sticky write time is set */ + utf8string name; + } xattr_DosInfo2Old; + + typedef [switch_type(uint16)] union { + [case(1)] xattr_DosInfo1 info1; + [case(2)] xattr_DosInfo2Old oldinfo2; + } xattr_DosInfo; + + typedef [public] struct { + uint16 version; + [switch_is(version)] xattr_DosInfo info; + } xattr_DosAttrib; + + + /* we store DOS style extended attributes in a DosEAs xattr */ + const char *XATTR_DOSEAS_NAME = "user.DosEAs"; + + typedef struct { + utf8string name; + DATA_BLOB value; + } xattr_EA; + + typedef [public] struct { + uint16 num_eas; + [size_is(num_eas)] xattr_EA *eas; + } xattr_DosEAs; + + /* we store stream information in this xattr structure. Then + the streams themselves are stored in + user.DosStream.STREAMNAME or in external files, according + to the flags */ + const char *XATTR_DOSSTREAMS_NAME = "user.DosStreams"; + + const int XATTR_STREAM_FLAG_INTERNAL = 0x00000001; + + /* stream data is stored in attributes with the given prefix */ + const char *XATTR_DOSSTREAM_PREFIX = "user.DosStream."; + + const int XATTR_MAX_STREAM_SIZE = 0x4000; + const int XATTR_MAX_STREAM_SIZE_TDB = 0x100000; + + typedef struct { + uint32 flags; + udlong size; + udlong alloc_size; + utf8string name; + } xattr_DosStream; + + typedef [public] struct { + uint32 num_streams; + [size_is(num_streams)] xattr_DosStream *streams; + } xattr_DosStreams; + + + /* we store the NT ACL a NTACL xattr. It is versioned so we + can later add other acl attribs (such as posix acl mapping) + + we put this xattr in the security namespace to ensure that + only trusted users can write to the ACL + + stored in "security.NTACL" + + Version 1. raw SD stored as Samba4 does it. + Version 2. raw SD + last changed timestamp so we + can discard if this doesn't match the POSIX st_ctime. + */ + + const char *XATTR_NTACL_NAME = "security.NTACL"; + + typedef [public] struct { + security_descriptor *sd; + NTTIME last_changed; + } security_descriptor_timestamp; + + typedef [switch_type(uint16)] union { + [case(1)] security_descriptor *sd; + [case(2)] security_descriptor_timestamp *sd_ts; + } xattr_NTACL_Info; + + typedef [public] struct { + uint16 version; + [switch_is(version)] xattr_NTACL_Info info; + } xattr_NTACL; +} diff --git a/source4/librpc/ndr.pc.in b/source4/librpc/ndr.pc.in new file mode 100644 index 0000000000..2f4d95006f --- /dev/null +++ b/source4/librpc/ndr.pc.in @@ -0,0 +1,11 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +Name: ndr +Description: Network Data Representation Core Library +Requires: samba-hostconfig talloc +Version: 0.0.1 +Libs: -L${libdir} -lndr +Cflags: -I${includedir} -DHAVE_IMMEDIATE_STRUCTURES=1 diff --git a/source4/librpc/ndr/libndr.h b/source4/librpc/ndr/libndr.h new file mode 100644 index 0000000000..b719be2bab --- /dev/null +++ b/source4/librpc/ndr/libndr.h @@ -0,0 +1,508 @@ +/* + Unix SMB/CIFS implementation. + rpc interface definitions + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* This is a public header file that is installed as part of Samba. + * If you remove any functions or change their signature, update + * the so version number. */ + +#ifndef __LIBNDR_H__ +#define __LIBNDR_H__ + +#include <talloc.h> +#include "lib/util/util.h" /* for discard_const */ +#include <sys/time.h> +#include "lib/charset/charset.h" + +/* + this provides definitions for the libcli/rpc/ MSRPC library +*/ + + +/* + this is used by the token store/retrieve code +*/ +struct ndr_token_list { + struct ndr_token_list *next, *prev; + const void *key; + uint32_t value; +}; + +/* this is the base structure passed to routines that + parse MSRPC formatted data + + note that in Samba4 we use separate routines and structures for + MSRPC marshalling and unmarshalling. Also note that these routines + are being kept deliberately very simple, and are not tied to a + particular transport +*/ +struct ndr_pull { + uint32_t flags; /* LIBNDR_FLAG_* */ + uint8_t *data; + uint32_t data_size; + uint32_t offset; + + struct smb_iconv_convenience *iconv_convenience; + + uint32_t relative_base_offset; + struct ndr_token_list *relative_base_list; + + struct ndr_token_list *relative_list; + struct ndr_token_list *array_size_list; + struct ndr_token_list *array_length_list; + struct ndr_token_list *switch_list; + + TALLOC_CTX *current_mem_ctx; + + /* this is used to ensure we generate unique reference IDs + between request and reply */ + uint32_t ptr_count; +}; + +/* structure passed to functions that generate NDR formatted data */ +struct ndr_push { + uint32_t flags; /* LIBNDR_FLAG_* */ + uint8_t *data; + uint32_t alloc_size; + uint32_t offset; + + uint32_t relative_base_offset; + struct ndr_token_list *relative_base_list; + + struct ndr_token_list *switch_list; + struct ndr_token_list *relative_list; + struct ndr_token_list *nbt_string_list; + struct ndr_token_list *full_ptr_list; + + /* this is used to ensure we generate unique reference IDs */ + uint32_t ptr_count; + + struct smb_iconv_convenience *iconv_convenience; +}; + +/* structure passed to functions that print IDL structures */ +struct ndr_print { + uint32_t flags; /* LIBNDR_FLAG_* */ + uint32_t depth; + struct ndr_token_list *switch_list; + void (*print)(struct ndr_print *, const char *, ...) PRINTF_ATTRIBUTE(2,3); + void *private_data; +}; + +#define LIBNDR_FLAG_BIGENDIAN (1<<0) +#define LIBNDR_FLAG_NOALIGN (1<<1) + +#define LIBNDR_FLAG_STR_ASCII (1<<2) +#define LIBNDR_FLAG_STR_LEN4 (1<<3) +#define LIBNDR_FLAG_STR_SIZE4 (1<<4) +#define LIBNDR_FLAG_STR_NOTERM (1<<5) +#define LIBNDR_FLAG_STR_NULLTERM (1<<6) +#define LIBNDR_FLAG_STR_SIZE2 (1<<7) +#define LIBNDR_FLAG_STR_BYTESIZE (1<<8) +#define LIBNDR_FLAG_STR_CONFORMANT (1<<10) +#define LIBNDR_FLAG_STR_CHARLEN (1<<11) +#define LIBNDR_FLAG_STR_UTF8 (1<<12) +#define LIBNDR_STRING_FLAGS (0x7FFC) + + +#define LIBNDR_FLAG_REF_ALLOC (1<<20) +#define LIBNDR_FLAG_REMAINING (1<<21) +#define LIBNDR_FLAG_ALIGN2 (1<<22) +#define LIBNDR_FLAG_ALIGN4 (1<<23) +#define LIBNDR_FLAG_ALIGN8 (1<<24) + +#define LIBNDR_ALIGN_FLAGS (LIBNDR_FLAG_ALIGN2|LIBNDR_FLAG_ALIGN4|LIBNDR_FLAG_ALIGN8) + +#define LIBNDR_PRINT_ARRAY_HEX (1<<25) +#define LIBNDR_PRINT_SET_VALUES (1<<26) + +/* used to force a section of IDL to be little-endian */ +#define LIBNDR_FLAG_LITTLE_ENDIAN (1<<27) + +/* used to check if alignment padding is zero */ +#define LIBNDR_FLAG_PAD_CHECK (1<<28) + +/* set if an object uuid will be present */ +#define LIBNDR_FLAG_OBJECT_PRESENT (1<<30) + +/* set to avoid recursion in ndr_size_*() calculation */ +#define LIBNDR_FLAG_NO_NDR_SIZE (1<<31) + +/* useful macro for debugging */ +#define NDR_PRINT_DEBUG(type, p) ndr_print_debug((ndr_print_fn_t)ndr_print_ ##type, #p, p) +#define NDR_PRINT_UNION_DEBUG(type, level, p) ndr_print_union_debug((ndr_print_fn_t)ndr_print_ ##type, #p, level, p) +#define NDR_PRINT_FUNCTION_DEBUG(type, flags, p) ndr_print_function_debug((ndr_print_function_t)ndr_print_ ##type, #type, flags, p) +#define NDR_PRINT_BOTH_DEBUG(type, p) NDR_PRINT_FUNCTION_DEBUG(type, NDR_BOTH, p) +#define NDR_PRINT_OUT_DEBUG(type, p) NDR_PRINT_FUNCTION_DEBUG(type, NDR_OUT, p) +#define NDR_PRINT_IN_DEBUG(type, p) NDR_PRINT_FUNCTION_DEBUG(type, NDR_IN | NDR_SET_VALUES, p) + +#define NDR_BE(ndr) (((ndr)->flags & (LIBNDR_FLAG_BIGENDIAN|LIBNDR_FLAG_LITTLE_ENDIAN)) == LIBNDR_FLAG_BIGENDIAN) + +enum ndr_err_code { + NDR_ERR_SUCCESS = 0, + NDR_ERR_ARRAY_SIZE, + NDR_ERR_BAD_SWITCH, + NDR_ERR_OFFSET, + NDR_ERR_RELATIVE, + NDR_ERR_CHARCNV, + NDR_ERR_LENGTH, + NDR_ERR_SUBCONTEXT, + NDR_ERR_COMPRESSION, + NDR_ERR_STRING, + NDR_ERR_VALIDATE, + NDR_ERR_BUFSIZE, + NDR_ERR_ALLOC, + NDR_ERR_RANGE, + NDR_ERR_TOKEN, + NDR_ERR_IPV4ADDRESS, + NDR_ERR_INVALID_POINTER, + NDR_ERR_UNREAD_BYTES +}; + +#define NDR_ERR_CODE_IS_SUCCESS(x) (x == NDR_ERR_SUCCESS) + +#define NDR_ERR_HAVE_NO_MEMORY(x) do { \ + if (NULL == (x)) { \ + return NDR_ERR_ALLOC; \ + } \ +} while (0) + +enum ndr_compression_alg { + NDR_COMPRESSION_MSZIP = 2, + NDR_COMPRESSION_XPRESS = 3 +}; + +/* + flags passed to control parse flow +*/ +#define NDR_SCALARS 1 +#define NDR_BUFFERS 2 + +/* + flags passed to ndr_print_*() +*/ +#define NDR_IN 1 +#define NDR_OUT 2 +#define NDR_BOTH 3 +#define NDR_SET_VALUES 4 + +#define NDR_PULL_NEED_BYTES(ndr, n) do { \ + if ((n) > ndr->data_size || ndr->offset + (n) > ndr->data_size) { \ + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE, "Pull bytes %u", (unsigned)n); \ + } \ +} while(0) + +#define NDR_ALIGN(ndr, n) ndr_align_size(ndr->offset, n) + +#define NDR_ROUND(size, n) (((size)+((n)-1)) & ~((n)-1)) + +#define NDR_PULL_ALIGN(ndr, n) do { \ + if (!(ndr->flags & LIBNDR_FLAG_NOALIGN)) { \ + if (ndr->flags & LIBNDR_FLAG_PAD_CHECK) { \ + ndr_check_padding(ndr, n); \ + } \ + ndr->offset = (ndr->offset + (n-1)) & ~(n-1); \ + } \ + if (ndr->offset > ndr->data_size) { \ + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE, "Pull align %u", (unsigned)n); \ + } \ +} while(0) + +#define NDR_PUSH_NEED_BYTES(ndr, n) NDR_CHECK(ndr_push_expand(ndr, n)) + +#define NDR_PUSH_ALIGN(ndr, n) do { \ + if (!(ndr->flags & LIBNDR_FLAG_NOALIGN)) { \ + uint32_t _pad = ((ndr->offset + (n-1)) & ~(n-1)) - ndr->offset; \ + while (_pad--) NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, 0)); \ + } \ +} while(0) + +/* these are used to make the error checking on each element in libndr + less tedious, hopefully making the code more readable */ +#define NDR_CHECK(call) do { \ + enum ndr_err_code _status; \ + _status = call; \ + if (!NDR_ERR_CODE_IS_SUCCESS(_status)) { \ + return _status; \ + } \ +} while (0) + +#define NDR_PULL_GET_MEM_CTX(ndr) (ndr->current_mem_ctx) + +#define NDR_PULL_SET_MEM_CTX(ndr, mem_ctx, flgs) do {\ + if ( !(flgs) || (ndr->flags & flgs) ) {\ + if (!(mem_ctx)) {\ + return ndr_pull_error(ndr, NDR_ERR_ALLOC, "NDR_PULL_SET_MEM_CTX(NULL): %s\n", __location__); \ + }\ + ndr->current_mem_ctx = discard_const(mem_ctx);\ + }\ +} while(0) + +#define _NDR_PULL_FIX_CURRENT_MEM_CTX(ndr) do {\ + if (!ndr->current_mem_ctx) {\ + ndr->current_mem_ctx = talloc_new(ndr);\ + if (!ndr->current_mem_ctx) {\ + return ndr_pull_error(ndr, NDR_ERR_ALLOC, "_NDR_PULL_FIX_CURRENT_MEM_CTX() failed: %s\n", __location__); \ + }\ + }\ +} while(0) + +#define NDR_PULL_ALLOC(ndr, s) do { \ + _NDR_PULL_FIX_CURRENT_MEM_CTX(ndr);\ + (s) = talloc_ptrtype(ndr->current_mem_ctx, (s)); \ + if (!(s)) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "Alloc %s failed: %s\n", # s, __location__); \ +} while (0) + +#define NDR_PULL_ALLOC_N(ndr, s, n) do { \ + _NDR_PULL_FIX_CURRENT_MEM_CTX(ndr);\ + (s) = talloc_array_ptrtype(ndr->current_mem_ctx, (s), n); \ + if (!(s)) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "Alloc %u * %s failed: %s\n", (unsigned)n, # s, __location__); \ +} while (0) + + +#define NDR_PUSH_ALLOC_SIZE(ndr, s, size) do { \ + (s) = talloc_array(ndr, uint8_t, size); \ + if (!(s)) return ndr_push_error(ndr, NDR_ERR_ALLOC, "push alloc %u failed: %s\n", (unsigned)size, __location__); \ +} while (0) + +#define NDR_PUSH_ALLOC(ndr, s) do { \ + (s) = talloc_ptrtype(ndr, (s)); \ + if (!(s)) return ndr_push_error(ndr, NDR_ERR_ALLOC, "push alloc %s failed: %s\n", # s, __location__); \ +} while (0) + +/* these are used when generic fn pointers are needed for ndr push/pull fns */ +typedef enum ndr_err_code (*ndr_push_flags_fn_t)(struct ndr_push *, int ndr_flags, const void *); +typedef enum ndr_err_code (*ndr_pull_flags_fn_t)(struct ndr_pull *, int ndr_flags, void *); +typedef void (*ndr_print_fn_t)(struct ndr_print *, const char *, const void *); +typedef void (*ndr_print_function_t)(struct ndr_print *, const char *, int, const void *); + +#include "libcli/util/error.h" +#include "librpc/gen_ndr/misc.h" + +extern const struct ndr_syntax_id ndr_transfer_syntax; +extern const struct ndr_syntax_id ndr64_transfer_syntax; + +struct ndr_interface_call { + const char *name; + size_t struct_size; + ndr_push_flags_fn_t ndr_push; + ndr_pull_flags_fn_t ndr_pull; + ndr_print_function_t ndr_print; + bool async; +}; + +struct ndr_interface_string_array { + uint32_t count; + const char * const *names; +}; + +struct ndr_interface_table { + const char *name; + struct ndr_syntax_id syntax_id; + const char *helpstring; + uint32_t num_calls; + const struct ndr_interface_call *calls; + const struct ndr_interface_string_array *endpoints; + const struct ndr_interface_string_array *authservices; +}; + +struct ndr_interface_list { + struct ndr_interface_list *prev, *next; + const struct ndr_interface_table *table; +}; + +/* FIXME: Use represent_as instead */ +struct dom_sid; +enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); +enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); +void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid); +enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); +enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); +void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid); +size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags); +enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid); +enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid); +void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct dom_sid *sid); +size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags); +void ndr_print_ipv4_addr(struct ndr_print *ndr, const char *name, const struct in_addr *_ip); +void ndr_print_GUID(struct ndr_print *ndr, const char *name, const struct GUID *guid); +enum ndr_err_code ndr_push_struct_blob(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, const void *p, ndr_push_flags_fn_t fn); +enum ndr_err_code ndr_push_union_blob(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, void *p, uint32_t level, ndr_push_flags_fn_t fn); +size_t ndr_size_struct(const void *p, int flags, ndr_push_flags_fn_t push); +size_t ndr_size_union(const void *p, int flags, uint32_t level, ndr_push_flags_fn_t push); +uint32_t ndr_push_get_relative_base_offset(struct ndr_push *ndr); +void ndr_push_restore_relative_base_offset(struct ndr_push *ndr, uint32_t offset); +enum ndr_err_code ndr_push_setup_relative_base_offset1(struct ndr_push *ndr, const void *p, uint32_t offset); +enum ndr_err_code ndr_push_setup_relative_base_offset2(struct ndr_push *ndr, const void *p); +enum ndr_err_code ndr_push_relative_ptr1(struct ndr_push *ndr, const void *p); +enum ndr_err_code ndr_push_relative_ptr2(struct ndr_push *ndr, const void *p); +uint32_t ndr_pull_get_relative_base_offset(struct ndr_pull *ndr); +void ndr_pull_restore_relative_base_offset(struct ndr_pull *ndr, uint32_t offset); +enum ndr_err_code ndr_pull_setup_relative_base_offset1(struct ndr_pull *ndr, const void *p, uint32_t offset); +enum ndr_err_code ndr_pull_setup_relative_base_offset2(struct ndr_pull *ndr, const void *p); +enum ndr_err_code ndr_pull_relative_ptr1(struct ndr_pull *ndr, const void *p, uint32_t rel_offset); +enum ndr_err_code ndr_pull_relative_ptr2(struct ndr_pull *ndr, const void *p); +size_t ndr_align_size(uint32_t offset, size_t n); +struct ndr_pull *ndr_pull_init_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience); +enum ndr_err_code ndr_pull_advance(struct ndr_pull *ndr, uint32_t size); +struct ndr_push *ndr_push_init_ctx(TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience); +DATA_BLOB ndr_push_blob(struct ndr_push *ndr); +enum ndr_err_code ndr_push_expand(struct ndr_push *ndr, uint32_t extra_size); +void ndr_print_debug_helper(struct ndr_print *ndr, const char *format, ...) PRINTF_ATTRIBUTE(2,3); +void ndr_print_string_helper(struct ndr_print *ndr, const char *format, ...) PRINTF_ATTRIBUTE(2,3); +void ndr_print_debug(ndr_print_fn_t fn, const char *name, void *ptr); +void ndr_print_union_debug(ndr_print_fn_t fn, const char *name, uint32_t level, void *ptr); +void ndr_print_function_debug(ndr_print_function_t fn, const char *name, int flags, void *ptr); +char *ndr_print_struct_string(TALLOC_CTX *mem_ctx, ndr_print_fn_t fn, const char *name, void *ptr); +char *ndr_print_union_string(TALLOC_CTX *mem_ctx, ndr_print_fn_t fn, const char *name, uint32_t level, void *ptr); +char *ndr_print_function_string(TALLOC_CTX *mem_ctx, + ndr_print_function_t fn, const char *name, + int flags, void *ptr); +void ndr_set_flags(uint32_t *pflags, uint32_t new_flags); +enum ndr_err_code ndr_pull_error(struct ndr_pull *ndr, + enum ndr_err_code ndr_err, + const char *format, ...) PRINTF_ATTRIBUTE(3,4); +enum ndr_err_code ndr_push_error(struct ndr_push *ndr, + enum ndr_err_code ndr_err, + const char *format, ...) PRINTF_ATTRIBUTE(3,4); +enum ndr_err_code ndr_pull_subcontext_start(struct ndr_pull *ndr, + struct ndr_pull **_subndr, + size_t header_size, + ssize_t size_is); +enum ndr_err_code ndr_pull_subcontext_end(struct ndr_pull *ndr, + struct ndr_pull *subndr, + size_t header_size, + ssize_t size_is); +enum ndr_err_code ndr_push_subcontext_start(struct ndr_push *ndr, + struct ndr_push **_subndr, + size_t header_size, + ssize_t size_is); +enum ndr_err_code ndr_push_subcontext_end(struct ndr_push *ndr, + struct ndr_push *subndr, + size_t header_size, + ssize_t size_is); +enum ndr_err_code ndr_token_store(TALLOC_CTX *mem_ctx, + struct ndr_token_list **list, + const void *key, + uint32_t value); +enum ndr_err_code ndr_token_retrieve_cmp_fn(struct ndr_token_list **list, const void *key, uint32_t *v, comparison_fn_t _cmp_fn, bool _remove_tok); +enum ndr_err_code ndr_token_retrieve(struct ndr_token_list **list, const void *key, uint32_t *v); +uint32_t ndr_token_peek(struct ndr_token_list **list, const void *key); +enum ndr_err_code ndr_pull_array_size(struct ndr_pull *ndr, const void *p); +uint32_t ndr_get_array_size(struct ndr_pull *ndr, const void *p); +enum ndr_err_code ndr_check_array_size(struct ndr_pull *ndr, void *p, uint32_t size); +enum ndr_err_code ndr_pull_array_length(struct ndr_pull *ndr, const void *p); +uint32_t ndr_get_array_length(struct ndr_pull *ndr, const void *p); +enum ndr_err_code ndr_check_array_length(struct ndr_pull *ndr, void *p, uint32_t length); +enum ndr_err_code ndr_push_set_switch_value(struct ndr_push *ndr, const void *p, uint32_t val); +enum ndr_err_code ndr_pull_set_switch_value(struct ndr_pull *ndr, const void *p, uint32_t val); +enum ndr_err_code ndr_print_set_switch_value(struct ndr_print *ndr, const void *p, uint32_t val); +uint32_t ndr_push_get_switch_value(struct ndr_push *ndr, const void *p); +uint32_t ndr_pull_get_switch_value(struct ndr_pull *ndr, const void *p); +uint32_t ndr_print_get_switch_value(struct ndr_print *ndr, const void *p); +enum ndr_err_code ndr_pull_struct_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, void *p, ndr_pull_flags_fn_t fn); +enum ndr_err_code ndr_pull_struct_blob_all(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, void *p, ndr_pull_flags_fn_t fn); +enum ndr_err_code ndr_pull_union_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, void *p, uint32_t level, ndr_pull_flags_fn_t fn); +enum ndr_err_code ndr_pull_union_blob_all(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, void *p, uint32_t level, ndr_pull_flags_fn_t fn); + +/* from libndr_basic.h */ +#define NDR_SCALAR_PROTO(name, type) \ +enum ndr_err_code ndr_push_ ## name(struct ndr_push *ndr, int ndr_flags, type v); \ +enum ndr_err_code ndr_pull_ ## name(struct ndr_pull *ndr, int ndr_flags, type *v); \ +void ndr_print_ ## name(struct ndr_print *ndr, const char *var_name, type v); + +#define NDR_BUFFER_PROTO(name, type) \ +enum ndr_err_code ndr_push_ ## name(struct ndr_push *ndr, int ndr_flags, const type *v); \ +enum ndr_err_code ndr_pull_ ## name(struct ndr_pull *ndr, int ndr_flags, type *v); \ +void ndr_print_ ## name(struct ndr_print *ndr, const char *var_name, const type *v); + +NDR_SCALAR_PROTO(uint8, uint8_t) +NDR_SCALAR_PROTO(int8, int8_t) +NDR_SCALAR_PROTO(uint16, uint16_t) +NDR_SCALAR_PROTO(int16, int16_t) +NDR_SCALAR_PROTO(uint32, uint32_t) +NDR_SCALAR_PROTO(int32, int32_t) +NDR_SCALAR_PROTO(udlong, uint64_t) +NDR_SCALAR_PROTO(udlongr, uint64_t) +NDR_SCALAR_PROTO(dlong, int64_t) +NDR_SCALAR_PROTO(hyper, uint64_t) +NDR_SCALAR_PROTO(pointer, void *) +NDR_SCALAR_PROTO(time_t, time_t) +NDR_SCALAR_PROTO(NTSTATUS, NTSTATUS) +NDR_SCALAR_PROTO(WERROR, WERROR) +NDR_SCALAR_PROTO(NTTIME, NTTIME) +NDR_SCALAR_PROTO(NTTIME_1sec, NTTIME) +NDR_SCALAR_PROTO(NTTIME_hyper, NTTIME) +NDR_SCALAR_PROTO(DATA_BLOB, DATA_BLOB) +NDR_SCALAR_PROTO(ipv4address, const char *) +NDR_SCALAR_PROTO(string, const char *) + +enum ndr_err_code ndr_pull_policy_handle(struct ndr_pull *ndr, int ndr_flags, struct policy_handle *r); +enum ndr_err_code ndr_push_policy_handle(struct ndr_push *ndr, int ndr_flags, const struct policy_handle *r); +void ndr_print_policy_handle(struct ndr_print *ndr, const char *name, const struct policy_handle *r); +bool policy_handle_empty(struct policy_handle *h); + +void ndr_check_padding(struct ndr_pull *ndr, size_t n); +enum ndr_err_code ndr_pull_generic_ptr(struct ndr_pull *ndr, uint32_t *v); +enum ndr_err_code ndr_pull_ref_ptr(struct ndr_pull *ndr, uint32_t *v); +enum ndr_err_code ndr_pull_bytes(struct ndr_pull *ndr, uint8_t *data, uint32_t n); +enum ndr_err_code ndr_pull_array_uint8(struct ndr_pull *ndr, int ndr_flags, uint8_t *data, uint32_t n); +enum ndr_err_code ndr_push_align(struct ndr_push *ndr, size_t size); +enum ndr_err_code ndr_pull_align(struct ndr_pull *ndr, size_t size); +enum ndr_err_code ndr_push_bytes(struct ndr_push *ndr, const uint8_t *data, uint32_t n); +enum ndr_err_code ndr_push_zero(struct ndr_push *ndr, uint32_t n); +enum ndr_err_code ndr_push_array_uint8(struct ndr_push *ndr, int ndr_flags, const uint8_t *data, uint32_t n); +enum ndr_err_code ndr_push_unique_ptr(struct ndr_push *ndr, const void *p); +enum ndr_err_code ndr_push_full_ptr(struct ndr_push *ndr, const void *p); +enum ndr_err_code ndr_push_ref_ptr(struct ndr_push *ndr); +void ndr_print_struct(struct ndr_print *ndr, const char *name, const char *type); +void ndr_print_enum(struct ndr_print *ndr, const char *name, const char *type, const char *val, uint32_t value); +void ndr_print_bitmap_flag(struct ndr_print *ndr, size_t size, const char *flag_name, uint32_t flag, uint32_t value); +void ndr_print_bitmap_flag(struct ndr_print *ndr, size_t size, const char *flag_name, uint32_t flag, uint32_t value); +void ndr_print_ptr(struct ndr_print *ndr, const char *name, const void *p); +void ndr_print_union(struct ndr_print *ndr, const char *name, int level, const char *type); +void ndr_print_bad_level(struct ndr_print *ndr, const char *name, uint16_t level); +void ndr_print_array_uint8(struct ndr_print *ndr, const char *name, const uint8_t *data, uint32_t count); +uint32_t ndr_size_DATA_BLOB(int ret, const DATA_BLOB *data, int flags); + +/* strings */ +uint32_t ndr_charset_length(const void *var, charset_t chset); +size_t ndr_string_array_size(struct ndr_push *ndr, const char *s); +uint32_t ndr_size_string(int ret, const char * const* string, int flags); +enum ndr_err_code ndr_pull_string_array(struct ndr_pull *ndr, int ndr_flags, const char ***_a); +enum ndr_err_code ndr_push_string_array(struct ndr_push *ndr, int ndr_flags, const char **a); +void ndr_print_string_array(struct ndr_print *ndr, const char *name, const char **a); +uint32_t ndr_string_length(const void *_var, uint32_t element_size); +enum ndr_err_code ndr_check_string_terminator(struct ndr_pull *ndr, uint32_t count, uint32_t element_size); +enum ndr_err_code ndr_pull_charset(struct ndr_pull *ndr, int ndr_flags, const char **var, uint32_t length, uint8_t byte_mul, charset_t chset); +enum ndr_err_code ndr_push_charset(struct ndr_push *ndr, int ndr_flags, const char *var, uint32_t length, uint8_t byte_mul, charset_t chset); + +/* GUIDs */ +bool GUID_equal(const struct GUID *u1, const struct GUID *u2); +NTSTATUS GUID_from_string(const char *s, struct GUID *guid); +NTSTATUS NS_GUID_from_string(const char *s, struct GUID *guid); +struct GUID GUID_zero(void); +bool GUID_all_zero(const struct GUID *u); +int GUID_compare(const struct GUID *u1, const struct GUID *u2); +char *GUID_string(TALLOC_CTX *mem_ctx, const struct GUID *guid); +char *GUID_string2(TALLOC_CTX *mem_ctx, const struct GUID *guid); +char *NS_GUID_string(TALLOC_CTX *mem_ctx, const struct GUID *guid); +struct GUID GUID_random(void); + +#endif /* __LIBNDR_H__ */ diff --git a/source4/librpc/ndr/ndr.c b/source4/librpc/ndr/ndr.c new file mode 100644 index 0000000000..c5e4c44794 --- /dev/null +++ b/source4/librpc/ndr/ndr.c @@ -0,0 +1,1103 @@ +/* + Unix SMB/CIFS implementation. + + libndr interface + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* + this provides the core routines for NDR parsing functions + + see http://www.opengroup.org/onlinepubs/9629399/chap14.htm for details + of NDR encoding rules +*/ + +#include "includes.h" +#include "librpc/ndr/libndr.h" +#include "lib/util/dlinklist.h" +#include "librpc/gen_ndr/dcerpc.h" +#include "param/param.h" + +#define NDR_BASE_MARSHALL_SIZE 1024 + +/* this guid indicates NDR encoding in a protocol tower */ +const struct ndr_syntax_id ndr_transfer_syntax = { + { 0x8a885d04, 0x1ceb, 0x11c9, {0x9f, 0xe8}, {0x08,0x00,0x2b,0x10,0x48,0x60} }, + 2 +}; + +const struct ndr_syntax_id ndr64_transfer_syntax = { + { 0x71710533, 0xbeba, 0x4937, {0x83, 0x19}, {0xb5,0xdb,0xef,0x9c,0xcc,0x36} }, + 1 +}; + +/* + work out the number of bytes needed to align on a n byte boundary +*/ +_PUBLIC_ size_t ndr_align_size(uint32_t offset, size_t n) +{ + if ((offset & (n-1)) == 0) return 0; + return n - (offset & (n-1)); +} + +/* + initialise a ndr parse structure from a data blob +*/ +_PUBLIC_ struct ndr_pull *ndr_pull_init_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience) +{ + struct ndr_pull *ndr; + + ndr = talloc_zero(mem_ctx, struct ndr_pull); + if (!ndr) return NULL; + ndr->current_mem_ctx = mem_ctx; + + ndr->data = blob->data; + ndr->data_size = blob->length; + ndr->iconv_convenience = talloc_reference(ndr, iconv_convenience); + + return ndr; +} + +/* + advance by 'size' bytes +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_advance(struct ndr_pull *ndr, uint32_t size) +{ + ndr->offset += size; + if (ndr->offset > ndr->data_size) { + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE, + "ndr_pull_advance by %u failed", + size); + } + return NDR_ERR_SUCCESS; +} + +/* + set the parse offset to 'ofs' +*/ +static enum ndr_err_code ndr_pull_set_offset(struct ndr_pull *ndr, uint32_t ofs) +{ + ndr->offset = ofs; + if (ndr->offset > ndr->data_size) { + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE, + "ndr_pull_set_offset %u failed", + ofs); + } + return NDR_ERR_SUCCESS; +} + +/* create a ndr_push structure, ready for some marshalling */ +_PUBLIC_ struct ndr_push *ndr_push_init_ctx(TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience) +{ + struct ndr_push *ndr; + + ndr = talloc_zero(mem_ctx, struct ndr_push); + if (!ndr) { + return NULL; + } + + ndr->flags = 0; + ndr->alloc_size = NDR_BASE_MARSHALL_SIZE; + ndr->data = talloc_array(ndr, uint8_t, ndr->alloc_size); + if (!ndr->data) { + return NULL; + } + ndr->iconv_convenience = talloc_reference(ndr, iconv_convenience); + + return ndr; +} + +/* return a DATA_BLOB structure for the current ndr_push marshalled data */ +_PUBLIC_ DATA_BLOB ndr_push_blob(struct ndr_push *ndr) +{ + DATA_BLOB blob; + blob = data_blob_const(ndr->data, ndr->offset); + if (ndr->alloc_size > ndr->offset) { + ndr->data[ndr->offset] = 0; + } + return blob; +} + + +/* + expand the available space in the buffer to ndr->offset + extra_size +*/ +_PUBLIC_ enum ndr_err_code ndr_push_expand(struct ndr_push *ndr, uint32_t extra_size) +{ + uint32_t size = extra_size + ndr->offset; + + if (size < ndr->offset) { + /* extra_size overflowed the offset */ + return ndr_push_error(ndr, NDR_ERR_BUFSIZE, "Overflow in push_expand to %u", + size); + } + + if (ndr->alloc_size > size) { + return NDR_ERR_SUCCESS; + } + + ndr->alloc_size += NDR_BASE_MARSHALL_SIZE; + if (size+1 > ndr->alloc_size) { + ndr->alloc_size = size+1; + } + ndr->data = talloc_realloc(ndr, ndr->data, uint8_t, ndr->alloc_size); + if (!ndr->data) { + return ndr_push_error(ndr, NDR_ERR_ALLOC, "Failed to push_expand to %u", + ndr->alloc_size); + } + + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_debug_helper(struct ndr_print *ndr, const char *format, ...) +{ + va_list ap; + char *s = NULL; + int i; + + va_start(ap, format); + vasprintf(&s, format, ap); + va_end(ap); + + for (i=0;i<ndr->depth;i++) { + DEBUGADD(0,(" ")); + } + + DEBUGADD(0,("%s\n", s)); + free(s); +} + +_PUBLIC_ void ndr_print_string_helper(struct ndr_print *ndr, const char *format, ...) +{ + va_list ap; + int i; + + for (i=0;i<ndr->depth;i++) { + ndr->private_data = talloc_asprintf_append_buffer( + (char *)ndr->private_data, " "); + } + + va_start(ap, format); + ndr->private_data = talloc_vasprintf_append_buffer((char *)ndr->private_data, + format, ap); + va_end(ap); + ndr->private_data = talloc_asprintf_append_buffer((char *)ndr->private_data, + "\n"); +} + +/* + a useful helper function for printing idl structures via DEBUG() +*/ +_PUBLIC_ void ndr_print_debug(ndr_print_fn_t fn, const char *name, void *ptr) +{ + struct ndr_print *ndr; + + ndr = talloc_zero(NULL, struct ndr_print); + if (!ndr) return; + ndr->print = ndr_print_debug_helper; + ndr->depth = 1; + ndr->flags = 0; + fn(ndr, name, ptr); + talloc_free(ndr); +} + +/* + a useful helper function for printing idl unions via DEBUG() +*/ +_PUBLIC_ void ndr_print_union_debug(ndr_print_fn_t fn, const char *name, uint32_t level, void *ptr) +{ + struct ndr_print *ndr; + + ndr = talloc_zero(NULL, struct ndr_print); + if (!ndr) return; + ndr->print = ndr_print_debug_helper; + ndr->depth = 1; + ndr->flags = 0; + ndr_print_set_switch_value(ndr, ptr, level); + fn(ndr, name, ptr); + talloc_free(ndr); +} + +/* + a useful helper function for printing idl function calls via DEBUG() +*/ +_PUBLIC_ void ndr_print_function_debug(ndr_print_function_t fn, const char *name, int flags, void *ptr) +{ + struct ndr_print *ndr; + + ndr = talloc_zero(NULL, struct ndr_print); + if (!ndr) return; + ndr->print = ndr_print_debug_helper; + ndr->depth = 1; + ndr->flags = 0; + fn(ndr, name, flags, ptr); + talloc_free(ndr); +} + +/* + a useful helper function for printing idl structures to a string +*/ +_PUBLIC_ char *ndr_print_struct_string(TALLOC_CTX *mem_ctx, ndr_print_fn_t fn, const char *name, void *ptr) +{ + struct ndr_print *ndr; + char *ret = NULL; + + ndr = talloc_zero(mem_ctx, struct ndr_print); + if (!ndr) return NULL; + ndr->private_data = talloc_strdup(ndr, ""); + if (!ndr->private_data) { + goto failed; + } + ndr->print = ndr_print_string_helper; + ndr->depth = 1; + ndr->flags = 0; + fn(ndr, name, ptr); + ret = talloc_steal(mem_ctx, (char *)ndr->private_data); +failed: + talloc_free(ndr); + return ret; +} + +/* + a useful helper function for printing idl unions to a string +*/ +_PUBLIC_ char *ndr_print_union_string(TALLOC_CTX *mem_ctx, ndr_print_fn_t fn, const char *name, uint32_t level, void *ptr) +{ + struct ndr_print *ndr; + char *ret = NULL; + + ndr = talloc_zero(mem_ctx, struct ndr_print); + if (!ndr) return NULL; + ndr->private_data = talloc_strdup(ndr, ""); + if (!ndr->private_data) { + goto failed; + } + ndr->print = ndr_print_string_helper; + ndr->depth = 1; + ndr->flags = 0; + ndr_print_set_switch_value(ndr, ptr, level); + fn(ndr, name, ptr); + ret = talloc_steal(mem_ctx, (char *)ndr->private_data); +failed: + talloc_free(ndr); + return ret; +} + +/* + a useful helper function for printing idl function calls to a string +*/ +_PUBLIC_ char *ndr_print_function_string(TALLOC_CTX *mem_ctx, + ndr_print_function_t fn, const char *name, + int flags, void *ptr) +{ + struct ndr_print *ndr; + char *ret = NULL; + + ndr = talloc_zero(mem_ctx, struct ndr_print); + if (!ndr) return NULL; + ndr->private_data = talloc_strdup(ndr, ""); + if (!ndr->private_data) { + goto failed; + } + ndr->print = ndr_print_string_helper; + ndr->depth = 1; + ndr->flags = 0; + fn(ndr, name, flags, ptr); + ret = talloc_steal(mem_ctx, (char *)ndr->private_data); +failed: + talloc_free(ndr); + return ret; +} + +_PUBLIC_ void ndr_set_flags(uint32_t *pflags, uint32_t new_flags) +{ + /* the big/little endian flags are inter-dependent */ + if (new_flags & LIBNDR_FLAG_LITTLE_ENDIAN) { + (*pflags) &= ~LIBNDR_FLAG_BIGENDIAN; + } + if (new_flags & LIBNDR_FLAG_BIGENDIAN) { + (*pflags) &= ~LIBNDR_FLAG_LITTLE_ENDIAN; + } + if (new_flags & LIBNDR_FLAG_REMAINING) { + (*pflags) &= ~LIBNDR_ALIGN_FLAGS; + } + if (new_flags & LIBNDR_ALIGN_FLAGS) { + (*pflags) &= ~LIBNDR_FLAG_REMAINING; + } + (*pflags) |= new_flags; +} + +/* + return and possibly log an NDR error +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_error(struct ndr_pull *ndr, + enum ndr_err_code ndr_err, + const char *format, ...) +{ + char *s=NULL; + va_list ap; + + va_start(ap, format); + vasprintf(&s, format, ap); + va_end(ap); + + DEBUG(3,("ndr_pull_error(%u): %s\n", ndr_err, s)); + + free(s); + + return ndr_err; +} + +/* + return and possibly log an NDR error +*/ +_PUBLIC_ enum ndr_err_code ndr_push_error(struct ndr_push *ndr, + enum ndr_err_code ndr_err, + const char *format, ...) +{ + char *s=NULL; + va_list ap; + + va_start(ap, format); + vasprintf(&s, format, ap); + va_end(ap); + + DEBUG(3,("ndr_push_error(%u): %s\n", ndr_err, s)); + + free(s); + + return ndr_err; +} + +/* + handle subcontext buffers, which in midl land are user-marshalled, but + we use magic in pidl to make them easier to cope with +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_subcontext_start(struct ndr_pull *ndr, + struct ndr_pull **_subndr, + size_t header_size, + ssize_t size_is) +{ + struct ndr_pull *subndr; + uint32_t r_content_size; + bool force_le = false; + bool force_be = false; + + switch (header_size) { + case 0: { + uint32_t content_size = ndr->data_size - ndr->offset; + if (size_is >= 0) { + content_size = size_is; + } + r_content_size = content_size; + break; + } + + case 2: { + uint16_t content_size; + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &content_size)); + if (size_is >= 0 && size_is != content_size) { + return ndr_pull_error(ndr, NDR_ERR_SUBCONTEXT, "Bad subcontext (PULL) size_is(%d) mismatch content_size %d", + (int)size_is, (int)content_size); + } + r_content_size = content_size; + break; + } + + case 4: { + uint32_t content_size; + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &content_size)); + if (size_is >= 0 && size_is != content_size) { + return ndr_pull_error(ndr, NDR_ERR_SUBCONTEXT, "Bad subcontext (PULL) size_is(%d) mismatch content_size %d", + (int)size_is, (int)content_size); + } + r_content_size = content_size; + break; + } + case 0xFFFFFC01: { + /* + * Common Type Header for the Serialization Stream + * See [MS-RPCE] 2.2.6 Type Serialization Version 1 + */ + uint8_t version; + uint8_t drep; + uint16_t hdrlen; + uint32_t filler; + uint32_t content_size; + uint32_t reserved; + + /* version */ + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &version)); + + if (version != 1) { + return ndr_pull_error(ndr, NDR_ERR_SUBCONTEXT, + "Bad subcontext (PULL) Common Type Header version %d != 1", + (int)version); + } + + /* + * 0x10 little endian + * 0x00 big endian + */ + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &drep)); + if (drep == 0x10) { + force_le = true; + } else if (drep == 0x00) { + force_be = true; + } else { + return ndr_pull_error(ndr, NDR_ERR_SUBCONTEXT, + "Bad subcontext (PULL) Common Type Header invalid drep 0x%02X", + (unsigned int)drep); + } + + /* length of the "Private Header for Constructed Type" */ + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &hdrlen)); + if (hdrlen != 8) { + return ndr_pull_error(ndr, NDR_ERR_SUBCONTEXT, + "Bad subcontext (PULL) Common Type Header length %d != 8", + (int)hdrlen); + } + + /* filler should be ignored */ + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &filler)); + + /* + * Private Header for Constructed Type + */ + /* length - will be updated latter */ + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &content_size)); + if (size_is >= 0 && size_is != content_size) { + return ndr_pull_error(ndr, NDR_ERR_SUBCONTEXT, "Bad subcontext (PULL) size_is(%d) mismatch content_size %d", + (int)size_is, (int)content_size); + } + /* the content size must be a multiple of 8 */ + if ((content_size % 8) != 0) { + return ndr_pull_error(ndr, NDR_ERR_SUBCONTEXT, + "Bad subcontext (PULL) size_is(%d) not padded to 8 content_size %d", + (int)size_is, (int)content_size); + } + r_content_size = content_size; + + /* reserved */ + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &reserved)); + break; + } + default: + return ndr_pull_error(ndr, NDR_ERR_SUBCONTEXT, "Bad subcontext (PULL) header_size %d", + (int)header_size); + } + + NDR_PULL_NEED_BYTES(ndr, r_content_size); + + subndr = talloc_zero(ndr, struct ndr_pull); + NDR_ERR_HAVE_NO_MEMORY(subndr); + subndr->flags = ndr->flags; + subndr->current_mem_ctx = ndr->current_mem_ctx; + + subndr->data = ndr->data + ndr->offset; + subndr->offset = 0; + subndr->data_size = r_content_size; + subndr->iconv_convenience = talloc_reference(subndr, ndr->iconv_convenience); + + if (force_le) { + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_LITTLE_ENDIAN); + } else if (force_be) { + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_BIGENDIAN); + } + + *_subndr = subndr; + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_subcontext_end(struct ndr_pull *ndr, + struct ndr_pull *subndr, + size_t header_size, + ssize_t size_is) +{ + uint32_t advance; + if (size_is >= 0) { + advance = size_is; + } else if (header_size > 0) { + advance = subndr->data_size; + } else { + advance = subndr->offset; + } + NDR_CHECK(ndr_pull_advance(ndr, advance)); + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_push_subcontext_start(struct ndr_push *ndr, + struct ndr_push **_subndr, + size_t header_size, + ssize_t size_is) +{ + struct ndr_push *subndr; + + subndr = ndr_push_init_ctx(ndr, ndr->iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(subndr); + subndr->flags = ndr->flags; + + *_subndr = subndr; + return NDR_ERR_SUCCESS; +} + +/* + push a subcontext header +*/ +_PUBLIC_ enum ndr_err_code ndr_push_subcontext_end(struct ndr_push *ndr, + struct ndr_push *subndr, + size_t header_size, + ssize_t size_is) +{ + ssize_t padding_len; + + if (size_is >= 0) { + padding_len = size_is - subndr->offset; + if (padding_len > 0) { + NDR_CHECK(ndr_push_zero(subndr, padding_len)); + } else if (padding_len < 0) { + return ndr_push_error(ndr, NDR_ERR_SUBCONTEXT, "Bad subcontext (PUSH) content_size %d is larger than size_is(%d)", + (int)subndr->offset, (int)size_is); + } + } + + switch (header_size) { + case 0: + break; + + case 2: + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, subndr->offset)); + break; + + case 4: + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, subndr->offset)); + break; + + case 0xFFFFFC01: + /* + * Common Type Header for the Serialization Stream + * See [MS-RPCE] 2.2.6 Type Serialization Version 1 + */ + padding_len = NDR_ROUND(subndr->offset, 8) - subndr->offset; + if (padding_len > 0) { + NDR_CHECK(ndr_push_zero(subndr, padding_len)); + } + + /* version */ + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, 1)); + + /* + * 0x10 little endian + * 0x00 big endian + */ + NDR_CHECK(ndr_push_uint8(ndr, NDR_SCALARS, NDR_BE(ndr)?0x00:0x10)); + + /* length of the "Private Header for Constructed Type" */ + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, 8)); + + /* filler */ + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0xCCCCCCCC)); + + /* + * Private Header for Constructed Type + */ + /* length - will be updated latter */ + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, subndr->offset)); + + /* reserved */ + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + break; + + default: + return ndr_push_error(ndr, NDR_ERR_SUBCONTEXT, "Bad subcontext header size %d", + (int)header_size); + } + + NDR_CHECK(ndr_push_bytes(ndr, subndr->data, subndr->offset)); + return NDR_ERR_SUCCESS; +} + +/* + store a token in the ndr context, for later retrieval +*/ +_PUBLIC_ enum ndr_err_code ndr_token_store(TALLOC_CTX *mem_ctx, + struct ndr_token_list **list, + const void *key, + uint32_t value) +{ + struct ndr_token_list *tok; + tok = talloc(mem_ctx, struct ndr_token_list); + NDR_ERR_HAVE_NO_MEMORY(tok); + tok->key = key; + tok->value = value; + DLIST_ADD((*list), tok); + return NDR_ERR_SUCCESS; +} + +/* + retrieve a token from a ndr context, using cmp_fn to match the tokens +*/ +_PUBLIC_ enum ndr_err_code ndr_token_retrieve_cmp_fn(struct ndr_token_list **list, const void *key, uint32_t *v, + comparison_fn_t _cmp_fn, bool _remove_tok) +{ + struct ndr_token_list *tok; + for (tok=*list;tok;tok=tok->next) { + if (_cmp_fn && _cmp_fn(tok->key,key)==0) goto found; + else if (!_cmp_fn && tok->key == key) goto found; + } + return NDR_ERR_TOKEN; +found: + *v = tok->value; + if (_remove_tok) { + DLIST_REMOVE((*list), tok); + talloc_free(tok); + } + return NDR_ERR_SUCCESS; +} + +/* + retrieve a token from a ndr context +*/ +_PUBLIC_ enum ndr_err_code ndr_token_retrieve(struct ndr_token_list **list, const void *key, uint32_t *v) +{ + return ndr_token_retrieve_cmp_fn(list, key, v, NULL, true); +} + +/* + peek at but don't removed a token from a ndr context +*/ +_PUBLIC_ uint32_t ndr_token_peek(struct ndr_token_list **list, const void *key) +{ + enum ndr_err_code status; + uint32_t v; + + status = ndr_token_retrieve_cmp_fn(list, key, &v, NULL, false); + if (!NDR_ERR_CODE_IS_SUCCESS(status)) { + return 0; + } + + return v; +} + +/* + pull an array size field and add it to the array_size_list token list +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_array_size(struct ndr_pull *ndr, const void *p) +{ + uint32_t size; + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &size)); + return ndr_token_store(ndr, &ndr->array_size_list, p, size); +} + +/* + get the stored array size field +*/ +_PUBLIC_ uint32_t ndr_get_array_size(struct ndr_pull *ndr, const void *p) +{ + return ndr_token_peek(&ndr->array_size_list, p); +} + +/* + check the stored array size field +*/ +_PUBLIC_ enum ndr_err_code ndr_check_array_size(struct ndr_pull *ndr, void *p, uint32_t size) +{ + uint32_t stored; + stored = ndr_token_peek(&ndr->array_size_list, p); + if (stored != size) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, + "Bad array size - got %u expected %u\n", + stored, size); + } + return NDR_ERR_SUCCESS; +} + +/* + pull an array length field and add it to the array_length_list token list +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_array_length(struct ndr_pull *ndr, const void *p) +{ + uint32_t length, offset; + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &offset)); + if (offset != 0) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, + "non-zero array offset %u\n", offset); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &length)); + return ndr_token_store(ndr, &ndr->array_length_list, p, length); +} + +/* + get the stored array length field +*/ +_PUBLIC_ uint32_t ndr_get_array_length(struct ndr_pull *ndr, const void *p) +{ + return ndr_token_peek(&ndr->array_length_list, p); +} + +/* + check the stored array length field +*/ +_PUBLIC_ enum ndr_err_code ndr_check_array_length(struct ndr_pull *ndr, void *p, uint32_t length) +{ + uint32_t stored; + stored = ndr_token_peek(&ndr->array_length_list, p); + if (stored != length) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, + "Bad array length - got %u expected %u\n", + stored, length); + } + return NDR_ERR_SUCCESS; +} + +/* + store a switch value + */ +_PUBLIC_ enum ndr_err_code ndr_push_set_switch_value(struct ndr_push *ndr, const void *p, uint32_t val) +{ + return ndr_token_store(ndr, &ndr->switch_list, p, val); +} + +_PUBLIC_ enum ndr_err_code ndr_pull_set_switch_value(struct ndr_pull *ndr, const void *p, uint32_t val) +{ + return ndr_token_store(ndr, &ndr->switch_list, p, val); +} + +_PUBLIC_ enum ndr_err_code ndr_print_set_switch_value(struct ndr_print *ndr, const void *p, uint32_t val) +{ + return ndr_token_store(ndr, &ndr->switch_list, p, val); +} + +/* + retrieve a switch value + */ +_PUBLIC_ uint32_t ndr_push_get_switch_value(struct ndr_push *ndr, const void *p) +{ + return ndr_token_peek(&ndr->switch_list, p); +} + +_PUBLIC_ uint32_t ndr_pull_get_switch_value(struct ndr_pull *ndr, const void *p) +{ + return ndr_token_peek(&ndr->switch_list, p); +} + +_PUBLIC_ uint32_t ndr_print_get_switch_value(struct ndr_print *ndr, const void *p) +{ + return ndr_token_peek(&ndr->switch_list, p); +} + +/* + pull a struct from a blob using NDR +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, void *p, + ndr_pull_flags_fn_t fn) +{ + struct ndr_pull *ndr; + ndr = ndr_pull_init_blob(blob, mem_ctx, iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(ndr); + NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); + return NDR_ERR_SUCCESS; +} + +/* + pull a struct from a blob using NDR - failing if all bytes are not consumed +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_struct_blob_all(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, + void *p, ndr_pull_flags_fn_t fn) +{ + struct ndr_pull *ndr; + ndr = ndr_pull_init_blob(blob, mem_ctx, iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(ndr); + NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); + if (ndr->offset < ndr->data_size) { + return ndr_pull_error(ndr, NDR_ERR_UNREAD_BYTES, + "not all bytes consumed ofs[%u] size[%u]", + ndr->offset, ndr->data_size); + } + return NDR_ERR_SUCCESS; +} + +/* + pull a union from a blob using NDR, given the union discriminator +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_union_blob(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, void *p, + uint32_t level, ndr_pull_flags_fn_t fn) +{ + struct ndr_pull *ndr; + ndr = ndr_pull_init_blob(blob, mem_ctx, iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(ndr); + NDR_CHECK(ndr_pull_set_switch_value(ndr, p, level)); + NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); + return NDR_ERR_SUCCESS; +} + +/* + pull a union from a blob using NDR, given the union discriminator, + failing if all bytes are not consumed +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_union_blob_all(const DATA_BLOB *blob, TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, void *p, + uint32_t level, ndr_pull_flags_fn_t fn) +{ + struct ndr_pull *ndr; + ndr = ndr_pull_init_blob(blob, mem_ctx, iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(ndr); + NDR_CHECK(ndr_pull_set_switch_value(ndr, p, level)); + NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); + if (ndr->offset < ndr->data_size) { + return ndr_pull_error(ndr, NDR_ERR_UNREAD_BYTES, + "not all bytes consumed ofs[%u] size[%u]", + ndr->offset, ndr->data_size); + } + return NDR_ERR_SUCCESS; +} + +/* + push a struct to a blob using NDR +*/ +_PUBLIC_ enum ndr_err_code ndr_push_struct_blob(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, const void *p, ndr_push_flags_fn_t fn) +{ + struct ndr_push *ndr; + ndr = ndr_push_init_ctx(mem_ctx, iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(ndr); + + NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); + + *blob = ndr_push_blob(ndr); + talloc_steal(mem_ctx, blob->data); + talloc_free(ndr); + + return NDR_ERR_SUCCESS; +} + +/* + push a union to a blob using NDR +*/ +_PUBLIC_ enum ndr_err_code ndr_push_union_blob(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, void *p, + uint32_t level, ndr_push_flags_fn_t fn) +{ + struct ndr_push *ndr; + ndr = ndr_push_init_ctx(mem_ctx, iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(ndr); + + NDR_CHECK(ndr_push_set_switch_value(ndr, p, level)); + NDR_CHECK(fn(ndr, NDR_SCALARS|NDR_BUFFERS, p)); + + *blob = ndr_push_blob(ndr); + talloc_steal(mem_ctx, blob->data); + talloc_free(ndr); + + return NDR_ERR_SUCCESS; +} + +/* + generic ndr_size_*() handler for structures +*/ +_PUBLIC_ size_t ndr_size_struct(const void *p, int flags, ndr_push_flags_fn_t push) +{ + struct ndr_push *ndr; + enum ndr_err_code status; + size_t ret; + + /* avoid recursion */ + if (flags & LIBNDR_FLAG_NO_NDR_SIZE) return 0; + + ndr = ndr_push_init_ctx(NULL, lp_iconv_convenience(global_loadparm)); + if (!ndr) return 0; + ndr->flags |= flags | LIBNDR_FLAG_NO_NDR_SIZE; + status = push(ndr, NDR_SCALARS|NDR_BUFFERS, discard_const(p)); + if (!NDR_ERR_CODE_IS_SUCCESS(status)) { + talloc_free(ndr); + return 0; + } + ret = ndr->offset; + talloc_free(ndr); + return ret; +} + +/* + generic ndr_size_*() handler for unions +*/ +_PUBLIC_ size_t ndr_size_union(const void *p, int flags, uint32_t level, ndr_push_flags_fn_t push) +{ + struct ndr_push *ndr; + enum ndr_err_code status; + size_t ret; + + /* avoid recursion */ + if (flags & LIBNDR_FLAG_NO_NDR_SIZE) return 0; + + ndr = ndr_push_init_ctx(NULL, lp_iconv_convenience(global_loadparm)); + if (!ndr) return 0; + ndr->flags |= flags | LIBNDR_FLAG_NO_NDR_SIZE; + + status = ndr_push_set_switch_value(ndr, p, level); + if (!NDR_ERR_CODE_IS_SUCCESS(status)) { + talloc_free(ndr); + return 0; + } + status = push(ndr, NDR_SCALARS|NDR_BUFFERS, p); + if (!NDR_ERR_CODE_IS_SUCCESS(status)) { + talloc_free(ndr); + return 0; + } + ret = ndr->offset; + talloc_free(ndr); + return ret; +} + +/* + get the current base for relative pointers for the push +*/ +_PUBLIC_ uint32_t ndr_push_get_relative_base_offset(struct ndr_push *ndr) +{ + return ndr->relative_base_offset; +} + +/* + restore the old base for relative pointers for the push +*/ +_PUBLIC_ void ndr_push_restore_relative_base_offset(struct ndr_push *ndr, uint32_t offset) +{ + ndr->relative_base_offset = offset; +} + +/* + setup the current base for relative pointers for the push + called in the NDR_SCALAR stage +*/ +_PUBLIC_ enum ndr_err_code ndr_push_setup_relative_base_offset1(struct ndr_push *ndr, const void *p, uint32_t offset) +{ + ndr->relative_base_offset = offset; + return ndr_token_store(ndr, &ndr->relative_base_list, p, offset); +} + +/* + setup the current base for relative pointers for the push + called in the NDR_BUFFERS stage +*/ +_PUBLIC_ enum ndr_err_code ndr_push_setup_relative_base_offset2(struct ndr_push *ndr, const void *p) +{ + return ndr_token_retrieve(&ndr->relative_base_list, p, &ndr->relative_base_offset); +} + +/* + push a relative object - stage1 + this is called during SCALARS processing +*/ +_PUBLIC_ enum ndr_err_code ndr_push_relative_ptr1(struct ndr_push *ndr, const void *p) +{ + if (p == NULL) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + return NDR_ERR_SUCCESS; + } + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_token_store(ndr, &ndr->relative_list, p, ndr->offset)); + return ndr_push_uint32(ndr, NDR_SCALARS, 0xFFFFFFFF); +} + +/* + push a relative object - stage2 + this is called during buffers processing +*/ +_PUBLIC_ enum ndr_err_code ndr_push_relative_ptr2(struct ndr_push *ndr, const void *p) +{ + uint32_t save_offset; + uint32_t ptr_offset = 0xFFFFFFFF; + if (p == NULL) { + return NDR_ERR_SUCCESS; + } + save_offset = ndr->offset; + NDR_CHECK(ndr_token_retrieve(&ndr->relative_list, p, &ptr_offset)); + if (ptr_offset > ndr->offset) { + return ndr_push_error(ndr, NDR_ERR_BUFSIZE, + "ndr_push_relative_ptr2 ptr_offset(%u) > ndr->offset(%u)", + ptr_offset, ndr->offset); + } + ndr->offset = ptr_offset; + if (save_offset < ndr->relative_base_offset) { + return ndr_push_error(ndr, NDR_ERR_BUFSIZE, + "ndr_push_relative_ptr2 save_offset(%u) < ndr->relative_base_offset(%u)", + save_offset, ndr->relative_base_offset); + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, save_offset - ndr->relative_base_offset)); + ndr->offset = save_offset; + return NDR_ERR_SUCCESS; +} + +/* + get the current base for relative pointers for the pull +*/ +_PUBLIC_ uint32_t ndr_pull_get_relative_base_offset(struct ndr_pull *ndr) +{ + return ndr->relative_base_offset; +} + +/* + restore the old base for relative pointers for the pull +*/ +_PUBLIC_ void ndr_pull_restore_relative_base_offset(struct ndr_pull *ndr, uint32_t offset) +{ + ndr->relative_base_offset = offset; +} + +/* + setup the current base for relative pointers for the pull + called in the NDR_SCALAR stage +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_setup_relative_base_offset1(struct ndr_pull *ndr, const void *p, uint32_t offset) +{ + ndr->relative_base_offset = offset; + return ndr_token_store(ndr, &ndr->relative_base_list, p, offset); +} + +/* + setup the current base for relative pointers for the pull + called in the NDR_BUFFERS stage +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_setup_relative_base_offset2(struct ndr_pull *ndr, const void *p) +{ + return ndr_token_retrieve(&ndr->relative_base_list, p, &ndr->relative_base_offset); +} + +/* + pull a relative object - stage1 + called during SCALARS processing +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_relative_ptr1(struct ndr_pull *ndr, const void *p, uint32_t rel_offset) +{ + rel_offset += ndr->relative_base_offset; + if (rel_offset > ndr->data_size) { + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE, + "ndr_pull_relative_ptr1 rel_offset(%u) > ndr->data_size(%u)", + rel_offset, ndr->data_size); + } + return ndr_token_store(ndr, &ndr->relative_list, p, rel_offset); +} + +/* + pull a relative object - stage2 + called during BUFFERS processing +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_relative_ptr2(struct ndr_pull *ndr, const void *p) +{ + uint32_t rel_offset; + NDR_CHECK(ndr_token_retrieve(&ndr->relative_list, p, &rel_offset)); + return ndr_pull_set_offset(ndr, rel_offset); +} diff --git a/source4/librpc/ndr/ndr_basic.c b/source4/librpc/ndr/ndr_basic.c new file mode 100644 index 0000000000..1d2b47c850 --- /dev/null +++ b/source4/librpc/ndr/ndr_basic.c @@ -0,0 +1,833 @@ +/* + Unix SMB/CIFS implementation. + + routines for marshalling/unmarshalling basic types + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "system/network.h" +#include "librpc/ndr/libndr.h" + +#define NDR_SVAL(ndr, ofs) (NDR_BE(ndr)?RSVAL(ndr->data,ofs):SVAL(ndr->data,ofs)) +#define NDR_IVAL(ndr, ofs) (NDR_BE(ndr)?RIVAL(ndr->data,ofs):IVAL(ndr->data,ofs)) +#define NDR_IVALS(ndr, ofs) (NDR_BE(ndr)?RIVALS(ndr->data,ofs):IVALS(ndr->data,ofs)) +#define NDR_SSVAL(ndr, ofs, v) do { if (NDR_BE(ndr)) { RSSVAL(ndr->data,ofs,v); } else SSVAL(ndr->data,ofs,v); } while (0) +#define NDR_SIVAL(ndr, ofs, v) do { if (NDR_BE(ndr)) { RSIVAL(ndr->data,ofs,v); } else SIVAL(ndr->data,ofs,v); } while (0) +#define NDR_SIVALS(ndr, ofs, v) do { if (NDR_BE(ndr)) { RSIVALS(ndr->data,ofs,v); } else SIVALS(ndr->data,ofs,v); } while (0) + + +/* + check for data leaks from the server by looking for non-zero pad bytes + these could also indicate that real structure elements have been + mistaken for padding in the IDL +*/ +_PUBLIC_ void ndr_check_padding(struct ndr_pull *ndr, size_t n) +{ + size_t ofs2 = (ndr->offset + (n-1)) & ~(n-1); + int i; + for (i=ndr->offset;i<ofs2;i++) { + if (ndr->data[i] != 0) { + break; + } + } + if (i<ofs2) { + DEBUG(0,("WARNING: Non-zero padding to %d: ", (int)n)); + for (i=ndr->offset;i<ofs2;i++) { + DEBUG(0,("%02x ", ndr->data[i])); + } + DEBUG(0,("\n")); + } + +} + +/* + parse a int8_t +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_int8(struct ndr_pull *ndr, int ndr_flags, int8_t *v) +{ + NDR_PULL_NEED_BYTES(ndr, 1); + *v = (int8_t)CVAL(ndr->data, ndr->offset); + ndr->offset += 1; + return NDR_ERR_SUCCESS; +} + +/* + parse a uint8_t +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_uint8(struct ndr_pull *ndr, int ndr_flags, uint8_t *v) +{ + NDR_PULL_NEED_BYTES(ndr, 1); + *v = CVAL(ndr->data, ndr->offset); + ndr->offset += 1; + return NDR_ERR_SUCCESS; +} + +/* + parse a int16_t +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_int16(struct ndr_pull *ndr, int ndr_flags, int16_t *v) +{ + NDR_PULL_ALIGN(ndr, 2); + NDR_PULL_NEED_BYTES(ndr, 2); + *v = (uint16_t)NDR_SVAL(ndr, ndr->offset); + ndr->offset += 2; + return NDR_ERR_SUCCESS; +} + +/* + parse a uint16_t +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_uint16(struct ndr_pull *ndr, int ndr_flags, uint16_t *v) +{ + NDR_PULL_ALIGN(ndr, 2); + NDR_PULL_NEED_BYTES(ndr, 2); + *v = NDR_SVAL(ndr, ndr->offset); + ndr->offset += 2; + return NDR_ERR_SUCCESS; +} + +/* + parse a int32_t +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_int32(struct ndr_pull *ndr, int ndr_flags, int32_t *v) +{ + NDR_PULL_ALIGN(ndr, 4); + NDR_PULL_NEED_BYTES(ndr, 4); + *v = NDR_IVALS(ndr, ndr->offset); + ndr->offset += 4; + return NDR_ERR_SUCCESS; +} + +/* + parse a uint32_t +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_uint32(struct ndr_pull *ndr, int ndr_flags, uint32_t *v) +{ + NDR_PULL_ALIGN(ndr, 4); + NDR_PULL_NEED_BYTES(ndr, 4); + *v = NDR_IVAL(ndr, ndr->offset); + ndr->offset += 4; + return NDR_ERR_SUCCESS; +} + +/* + parse a pointer referent identifier +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_generic_ptr(struct ndr_pull *ndr, uint32_t *v) +{ + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, v)); + if (*v != 0) { + ndr->ptr_count++; + } + return NDR_ERR_SUCCESS; +} + +/* + parse a ref pointer referent identifier +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_ref_ptr(struct ndr_pull *ndr, uint32_t *v) +{ + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, v)); + /* ref pointers always point to data */ + *v = 1; + return NDR_ERR_SUCCESS; +} + +/* + parse a udlong +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_udlong(struct ndr_pull *ndr, int ndr_flags, uint64_t *v) +{ + NDR_PULL_ALIGN(ndr, 4); + NDR_PULL_NEED_BYTES(ndr, 8); + *v = NDR_IVAL(ndr, ndr->offset); + *v |= (uint64_t)(NDR_IVAL(ndr, ndr->offset+4)) << 32; + ndr->offset += 8; + return NDR_ERR_SUCCESS; +} + +/* + parse a udlongr +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_udlongr(struct ndr_pull *ndr, int ndr_flags, uint64_t *v) +{ + NDR_PULL_ALIGN(ndr, 4); + NDR_PULL_NEED_BYTES(ndr, 8); + *v = ((uint64_t)NDR_IVAL(ndr, ndr->offset)) << 32; + *v |= NDR_IVAL(ndr, ndr->offset+4); + ndr->offset += 8; + return NDR_ERR_SUCCESS; +} + +/* + parse a dlong +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_dlong(struct ndr_pull *ndr, int ndr_flags, int64_t *v) +{ + return ndr_pull_udlong(ndr, ndr_flags, (uint64_t *)v); +} + +/* + parse a hyper +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_hyper(struct ndr_pull *ndr, int ndr_flags, uint64_t *v) +{ + NDR_PULL_ALIGN(ndr, 8); + return ndr_pull_udlong(ndr, ndr_flags, v); +} + +/* + parse a pointer +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_pointer(struct ndr_pull *ndr, int ndr_flags, void* *v) +{ + uintptr_t h; + NDR_PULL_ALIGN(ndr, sizeof(h)); + NDR_PULL_NEED_BYTES(ndr, sizeof(h)); + memcpy(&h, ndr->data+ndr->offset, sizeof(h)); + ndr->offset += sizeof(h); + *v = (void *)h; + return NDR_ERR_SUCCESS; +} + +/* + pull a NTSTATUS +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_NTSTATUS(struct ndr_pull *ndr, int ndr_flags, NTSTATUS *status) +{ + uint32_t v; + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v)); + *status = NT_STATUS(v); + return NDR_ERR_SUCCESS; +} + +/* + push a NTSTATUS +*/ +_PUBLIC_ enum ndr_err_code ndr_push_NTSTATUS(struct ndr_push *ndr, int ndr_flags, NTSTATUS status) +{ + return ndr_push_uint32(ndr, ndr_flags, NT_STATUS_V(status)); +} + +_PUBLIC_ void ndr_print_NTSTATUS(struct ndr_print *ndr, const char *name, NTSTATUS r) +{ + ndr->print(ndr, "%-25s: %s", name, nt_errstr(r)); +} + +/* + pull a WERROR +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_WERROR(struct ndr_pull *ndr, int ndr_flags, WERROR *status) +{ + uint32_t v; + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &v)); + *status = W_ERROR(v); + return NDR_ERR_SUCCESS; +} + +/* + push a WERROR +*/ +_PUBLIC_ enum ndr_err_code ndr_push_WERROR(struct ndr_push *ndr, int ndr_flags, WERROR status) +{ + return ndr_push_uint32(ndr, NDR_SCALARS, W_ERROR_V(status)); +} + +_PUBLIC_ void ndr_print_WERROR(struct ndr_print *ndr, const char *name, WERROR r) +{ + ndr->print(ndr, "%-25s: %s", name, win_errstr(r)); +} + +/* + parse a set of bytes +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_bytes(struct ndr_pull *ndr, uint8_t *data, uint32_t n) +{ + NDR_PULL_NEED_BYTES(ndr, n); + memcpy(data, ndr->data + ndr->offset, n); + ndr->offset += n; + return NDR_ERR_SUCCESS; +} + +/* + pull an array of uint8 +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_array_uint8(struct ndr_pull *ndr, int ndr_flags, uint8_t *data, uint32_t n) +{ + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + return ndr_pull_bytes(ndr, data, n); +} + +/* + push a int8_t +*/ +_PUBLIC_ enum ndr_err_code ndr_push_int8(struct ndr_push *ndr, int ndr_flags, int8_t v) +{ + NDR_PUSH_NEED_BYTES(ndr, 1); + SCVAL(ndr->data, ndr->offset, (uint8_t)v); + ndr->offset += 1; + return NDR_ERR_SUCCESS; +} + +/* + push a uint8_t +*/ +_PUBLIC_ enum ndr_err_code ndr_push_uint8(struct ndr_push *ndr, int ndr_flags, uint8_t v) +{ + NDR_PUSH_NEED_BYTES(ndr, 1); + SCVAL(ndr->data, ndr->offset, v); + ndr->offset += 1; + return NDR_ERR_SUCCESS; +} + +/* + push a int16_t +*/ +_PUBLIC_ enum ndr_err_code ndr_push_int16(struct ndr_push *ndr, int ndr_flags, int16_t v) +{ + NDR_PUSH_ALIGN(ndr, 2); + NDR_PUSH_NEED_BYTES(ndr, 2); + NDR_SSVAL(ndr, ndr->offset, (uint16_t)v); + ndr->offset += 2; + return NDR_ERR_SUCCESS; +} + +/* + push a uint16_t +*/ +_PUBLIC_ enum ndr_err_code ndr_push_uint16(struct ndr_push *ndr, int ndr_flags, uint16_t v) +{ + NDR_PUSH_ALIGN(ndr, 2); + NDR_PUSH_NEED_BYTES(ndr, 2); + NDR_SSVAL(ndr, ndr->offset, v); + ndr->offset += 2; + return NDR_ERR_SUCCESS; +} + +/* + push a int32_t +*/ +_PUBLIC_ enum ndr_err_code ndr_push_int32(struct ndr_push *ndr, int ndr_flags, int32_t v) +{ + NDR_PUSH_ALIGN(ndr, 4); + NDR_PUSH_NEED_BYTES(ndr, 4); + NDR_SIVALS(ndr, ndr->offset, v); + ndr->offset += 4; + return NDR_ERR_SUCCESS; +} + +/* + push a uint32_t +*/ +_PUBLIC_ enum ndr_err_code ndr_push_uint32(struct ndr_push *ndr, int ndr_flags, uint32_t v) +{ + NDR_PUSH_ALIGN(ndr, 4); + NDR_PUSH_NEED_BYTES(ndr, 4); + NDR_SIVAL(ndr, ndr->offset, v); + ndr->offset += 4; + return NDR_ERR_SUCCESS; +} + +/* + push a udlong +*/ +_PUBLIC_ enum ndr_err_code ndr_push_udlong(struct ndr_push *ndr, int ndr_flags, uint64_t v) +{ + NDR_PUSH_ALIGN(ndr, 4); + NDR_PUSH_NEED_BYTES(ndr, 8); + NDR_SIVAL(ndr, ndr->offset, (v & 0xFFFFFFFF)); + NDR_SIVAL(ndr, ndr->offset+4, (v>>32)); + ndr->offset += 8; + return NDR_ERR_SUCCESS; +} + +/* + push a udlongr +*/ +_PUBLIC_ enum ndr_err_code ndr_push_udlongr(struct ndr_push *ndr, int ndr_flags, uint64_t v) +{ + NDR_PUSH_ALIGN(ndr, 4); + NDR_PUSH_NEED_BYTES(ndr, 8); + NDR_SIVAL(ndr, ndr->offset, (v>>32)); + NDR_SIVAL(ndr, ndr->offset+4, (v & 0xFFFFFFFF)); + ndr->offset += 8; + return NDR_ERR_SUCCESS; +} + +/* + push a dlong +*/ +_PUBLIC_ enum ndr_err_code ndr_push_dlong(struct ndr_push *ndr, int ndr_flags, int64_t v) +{ + return ndr_push_udlong(ndr, NDR_SCALARS, (uint64_t)v); +} + +/* + push a hyper +*/ +_PUBLIC_ enum ndr_err_code ndr_push_hyper(struct ndr_push *ndr, int ndr_flags, uint64_t v) +{ + NDR_PUSH_ALIGN(ndr, 8); + return ndr_push_udlong(ndr, NDR_SCALARS, v); +} + +/* + push a pointer +*/ +_PUBLIC_ enum ndr_err_code ndr_push_pointer(struct ndr_push *ndr, int ndr_flags, void* v) +{ + uintptr_t h = (intptr_t)v; + NDR_PUSH_ALIGN(ndr, sizeof(h)); + NDR_PUSH_NEED_BYTES(ndr, sizeof(h)); + memcpy(ndr->data+ndr->offset, &h, sizeof(h)); + ndr->offset += sizeof(h); + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_push_align(struct ndr_push *ndr, size_t size) +{ + NDR_PUSH_ALIGN(ndr, size); + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_align(struct ndr_pull *ndr, size_t size) +{ + NDR_PULL_ALIGN(ndr, size); + return NDR_ERR_SUCCESS; +} + +/* + push some bytes +*/ +_PUBLIC_ enum ndr_err_code ndr_push_bytes(struct ndr_push *ndr, const uint8_t *data, uint32_t n) +{ + NDR_PUSH_NEED_BYTES(ndr, n); + memcpy(ndr->data + ndr->offset, data, n); + ndr->offset += n; + return NDR_ERR_SUCCESS; +} + +/* + push some zero bytes +*/ +_PUBLIC_ enum ndr_err_code ndr_push_zero(struct ndr_push *ndr, uint32_t n) +{ + NDR_PUSH_NEED_BYTES(ndr, n); + memset(ndr->data + ndr->offset, 0, n); + ndr->offset += n; + return NDR_ERR_SUCCESS; +} + +/* + push an array of uint8 +*/ +_PUBLIC_ enum ndr_err_code ndr_push_array_uint8(struct ndr_push *ndr, int ndr_flags, const uint8_t *data, uint32_t n) +{ + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + return ndr_push_bytes(ndr, data, n); +} + +/* + push a unique non-zero value if a pointer is non-NULL, otherwise 0 +*/ +_PUBLIC_ enum ndr_err_code ndr_push_unique_ptr(struct ndr_push *ndr, const void *p) +{ + uint32_t ptr = 0; + if (p) { + ptr = ndr->ptr_count * 4; + ptr |= 0x00020000; + ndr->ptr_count++; + } + return ndr_push_uint32(ndr, NDR_SCALARS, ptr); +} + +/* + push a 'simple' full non-zero value if a pointer is non-NULL, otherwise 0 +*/ +_PUBLIC_ enum ndr_err_code ndr_push_full_ptr(struct ndr_push *ndr, const void *p) +{ + uint32_t ptr = 0; + if (p) { + /* Check if the pointer already exists and has an id */ + ptr = ndr_token_peek(&ndr->full_ptr_list, p); + if (ptr == 0) { + ndr->ptr_count++; + ptr = ndr->ptr_count; + ndr_token_store(ndr, &ndr->full_ptr_list, p, ptr); + } + } + return ndr_push_uint32(ndr, NDR_SCALARS, ptr); +} + +/* + push always a 0, if a pointer is NULL it's a fatal error +*/ +_PUBLIC_ enum ndr_err_code ndr_push_ref_ptr(struct ndr_push *ndr) +{ + return ndr_push_uint32(ndr, NDR_SCALARS, 0xAEF1AEF1); +} + + +/* + push a NTTIME +*/ +_PUBLIC_ enum ndr_err_code ndr_push_NTTIME(struct ndr_push *ndr, int ndr_flags, NTTIME t) +{ + NDR_CHECK(ndr_push_udlong(ndr, ndr_flags, t)); + return NDR_ERR_SUCCESS; +} + +/* + pull a NTTIME +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_NTTIME(struct ndr_pull *ndr, int ndr_flags, NTTIME *t) +{ + NDR_CHECK(ndr_pull_udlong(ndr, ndr_flags, t)); + return NDR_ERR_SUCCESS; +} + +/* + push a NTTIME +*/ +_PUBLIC_ enum ndr_err_code ndr_push_NTTIME_1sec(struct ndr_push *ndr, int ndr_flags, NTTIME t) +{ + t /= 10000000; + NDR_CHECK(ndr_push_hyper(ndr, ndr_flags, t)); + return NDR_ERR_SUCCESS; +} + +/* + pull a NTTIME_1sec +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_NTTIME_1sec(struct ndr_pull *ndr, int ndr_flags, NTTIME *t) +{ + NDR_CHECK(ndr_pull_hyper(ndr, ndr_flags, t)); + (*t) *= 10000000; + return NDR_ERR_SUCCESS; +} + +/* + pull a NTTIME_hyper +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_NTTIME_hyper(struct ndr_pull *ndr, int ndr_flags, NTTIME *t) +{ + NDR_CHECK(ndr_pull_hyper(ndr, ndr_flags, t)); + return NDR_ERR_SUCCESS; +} + +/* + push a NTTIME_hyper +*/ +_PUBLIC_ enum ndr_err_code ndr_push_NTTIME_hyper(struct ndr_push *ndr, int ndr_flags, NTTIME t) +{ + NDR_CHECK(ndr_push_hyper(ndr, ndr_flags, t)); + return NDR_ERR_SUCCESS; +} + +/* + push a time_t +*/ +_PUBLIC_ enum ndr_err_code ndr_push_time_t(struct ndr_push *ndr, int ndr_flags, time_t t) +{ + return ndr_push_uint32(ndr, ndr_flags, t); +} + +/* + pull a time_t +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_time_t(struct ndr_pull *ndr, int ndr_flags, time_t *t) +{ + uint32_t tt; + NDR_CHECK(ndr_pull_uint32(ndr, ndr_flags, &tt)); + *t = tt; + return NDR_ERR_SUCCESS; +} + + +/* + pull a ipv4address +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_ipv4address(struct ndr_pull *ndr, int ndr_flags, const char **address) +{ + struct in_addr in; + NDR_CHECK(ndr_pull_uint32(ndr, ndr_flags, &in.s_addr)); + in.s_addr = htonl(in.s_addr); + *address = talloc_strdup(ndr->current_mem_ctx, inet_ntoa(in)); + NDR_ERR_HAVE_NO_MEMORY(*address); + return NDR_ERR_SUCCESS; +} + +/* + push a ipv4address +*/ +_PUBLIC_ enum ndr_err_code ndr_push_ipv4address(struct ndr_push *ndr, int ndr_flags, const char *address) +{ + uint32_t addr; + if (!is_ipaddress(address)) { + return ndr_push_error(ndr, NDR_ERR_IPV4ADDRESS, + "Invalid IPv4 address: '%s'", + address); + } + addr = inet_addr(address); + NDR_CHECK(ndr_push_uint32(ndr, ndr_flags, htonl(addr))); + return NDR_ERR_SUCCESS; +} + +/* + print a ipv4address +*/ +_PUBLIC_ void ndr_print_ipv4address(struct ndr_print *ndr, const char *name, + const char *address) +{ + ndr->print(ndr, "%-25s: %s", name, address); +} + + +_PUBLIC_ void ndr_print_struct(struct ndr_print *ndr, const char *name, const char *type) +{ + ndr->print(ndr, "%s: struct %s", name, type); +} + +_PUBLIC_ void ndr_print_enum(struct ndr_print *ndr, const char *name, const char *type, + const char *val, uint32_t value) +{ + if (ndr->flags & LIBNDR_PRINT_ARRAY_HEX) { + ndr->print(ndr, "%-25s: %s (0x%X)", name, val?val:"UNKNOWN_ENUM_VALUE", value); + } else { + ndr->print(ndr, "%-25s: %s (%d)", name, val?val:"UNKNOWN_ENUM_VALUE", value); + } +} + +_PUBLIC_ void ndr_print_bitmap_flag(struct ndr_print *ndr, size_t size, const char *flag_name, uint32_t flag, uint32_t value) +{ + /* this is an attempt to support multi-bit bitmap masks */ + value &= flag; + + while (!(flag & 1)) { + flag >>= 1; + value >>= 1; + } + if (flag == 1) { + ndr->print(ndr, " %d: %-25s", value, flag_name); + } else { + ndr->print(ndr, "0x%02x: %-25s (%d)", value, flag_name, value); + } +} + +_PUBLIC_ void ndr_print_int8(struct ndr_print *ndr, const char *name, int8_t v) +{ + ndr->print(ndr, "%-25s: %d", name, v); +} + +_PUBLIC_ void ndr_print_uint8(struct ndr_print *ndr, const char *name, uint8_t v) +{ + ndr->print(ndr, "%-25s: 0x%02x (%u)", name, v, v); +} + +_PUBLIC_ void ndr_print_int16(struct ndr_print *ndr, const char *name, int16_t v) +{ + ndr->print(ndr, "%-25s: %d", name, v); +} + +_PUBLIC_ void ndr_print_uint16(struct ndr_print *ndr, const char *name, uint16_t v) +{ + ndr->print(ndr, "%-25s: 0x%04x (%u)", name, v, v); +} + +_PUBLIC_ void ndr_print_int32(struct ndr_print *ndr, const char *name, int32_t v) +{ + ndr->print(ndr, "%-25s: %d", name, v); +} + +_PUBLIC_ void ndr_print_uint32(struct ndr_print *ndr, const char *name, uint32_t v) +{ + ndr->print(ndr, "%-25s: 0x%08x (%u)", name, v, v); +} + +_PUBLIC_ void ndr_print_udlong(struct ndr_print *ndr, const char *name, uint64_t v) +{ + ndr->print(ndr, "%-25s: 0x%016llx (%llu)", name, (unsigned long long)v, (unsigned long long)v); +} + +_PUBLIC_ void ndr_print_udlongr(struct ndr_print *ndr, const char *name, uint64_t v) +{ + ndr_print_udlong(ndr, name, v); +} + +_PUBLIC_ void ndr_print_dlong(struct ndr_print *ndr, const char *name, int64_t v) +{ + ndr->print(ndr, "%-25s: 0x%016llx (%lld)", name, (unsigned long long)v, (long long)v); +} + +_PUBLIC_ void ndr_print_hyper(struct ndr_print *ndr, const char *name, uint64_t v) +{ + ndr_print_dlong(ndr, name, v); +} + +_PUBLIC_ void ndr_print_pointer(struct ndr_print *ndr, const char *name, void *v) +{ + ndr->print(ndr, "%-25s: %p", name, v); +} + +_PUBLIC_ void ndr_print_ptr(struct ndr_print *ndr, const char *name, const void *p) +{ + if (p) { + ndr->print(ndr, "%-25s: *", name); + } else { + ndr->print(ndr, "%-25s: NULL", name); + } +} + +_PUBLIC_ void ndr_print_NTTIME(struct ndr_print *ndr, const char *name, NTTIME t) +{ + ndr->print(ndr, "%-25s: %s", name, nt_time_string(ndr, t)); +} + +_PUBLIC_ void ndr_print_NTTIME_1sec(struct ndr_print *ndr, const char *name, NTTIME t) +{ + /* this is a standard NTTIME here + * as it's already converted in the pull/push code + */ + ndr_print_NTTIME(ndr, name, t); +} + +_PUBLIC_ void ndr_print_NTTIME_hyper(struct ndr_print *ndr, const char *name, NTTIME t) +{ + ndr_print_NTTIME(ndr, name, t); +} + +_PUBLIC_ void ndr_print_time_t(struct ndr_print *ndr, const char *name, time_t t) +{ + if (t == (time_t)-1 || t == 0) { + ndr->print(ndr, "%-25s: (time_t)%d", name, (int)t); + } else { + ndr->print(ndr, "%-25s: %s", name, timestring(ndr, t)); + } +} + +_PUBLIC_ void ndr_print_union(struct ndr_print *ndr, const char *name, int level, const char *type) +{ + if (ndr->flags & LIBNDR_PRINT_ARRAY_HEX) { + ndr->print(ndr, "%-25s: union %s(case 0x%X)", name, type, level); + } else { + ndr->print(ndr, "%-25s: union %s(case %d)", name, type, level); + } +} + +_PUBLIC_ void ndr_print_bad_level(struct ndr_print *ndr, const char *name, uint16_t level) +{ + ndr->print(ndr, "UNKNOWN LEVEL %u", level); +} + +_PUBLIC_ void ndr_print_array_uint8(struct ndr_print *ndr, const char *name, + const uint8_t *data, uint32_t count) +{ + int i; + + if (count <= 600 && (ndr->flags & LIBNDR_PRINT_ARRAY_HEX)) { + char s[1202]; + for (i=0;i<count;i++) { + snprintf(&s[i*2], 3, "%02x", data[i]); + } + s[i*2] = 0; + ndr->print(ndr, "%-25s: %s", name, s); + return; + } + + ndr->print(ndr, "%s: ARRAY(%d)", name, count); + ndr->depth++; + for (i=0;i<count;i++) { + char *idx=NULL; + asprintf(&idx, "[%d]", i); + if (idx) { + ndr_print_uint8(ndr, idx, data[i]); + free(idx); + } + } + ndr->depth--; +} + +_PUBLIC_ void ndr_print_DATA_BLOB(struct ndr_print *ndr, const char *name, DATA_BLOB r) +{ + ndr->print(ndr, "%-25s: DATA_BLOB length=%u", name, (unsigned)r.length); + if (r.length) { + dump_data(10, r.data, r.length); + } +} + + +/* + push a DATA_BLOB onto the wire. +*/ +_PUBLIC_ enum ndr_err_code ndr_push_DATA_BLOB(struct ndr_push *ndr, int ndr_flags, DATA_BLOB blob) +{ + if (ndr->flags & LIBNDR_ALIGN_FLAGS) { + if (ndr->flags & LIBNDR_FLAG_ALIGN2) { + blob.length = NDR_ALIGN(ndr, 2); + } else if (ndr->flags & LIBNDR_FLAG_ALIGN4) { + blob.length = NDR_ALIGN(ndr, 4); + } else if (ndr->flags & LIBNDR_FLAG_ALIGN8) { + blob.length = NDR_ALIGN(ndr, 8); + } + NDR_PUSH_ALLOC_SIZE(ndr, blob.data, blob.length); + data_blob_clear(&blob); + } else if (!(ndr->flags & LIBNDR_FLAG_REMAINING)) { + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, blob.length)); + } + NDR_CHECK(ndr_push_bytes(ndr, blob.data, blob.length)); + return NDR_ERR_SUCCESS; +} + +/* + pull a DATA_BLOB from the wire. +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_DATA_BLOB(struct ndr_pull *ndr, int ndr_flags, DATA_BLOB *blob) +{ + uint32_t length = 0; + + if (ndr->flags & LIBNDR_ALIGN_FLAGS) { + if (ndr->flags & LIBNDR_FLAG_ALIGN2) { + length = NDR_ALIGN(ndr, 2); + } else if (ndr->flags & LIBNDR_FLAG_ALIGN4) { + length = NDR_ALIGN(ndr, 4); + } else if (ndr->flags & LIBNDR_FLAG_ALIGN8) { + length = NDR_ALIGN(ndr, 8); + } + if (ndr->data_size - ndr->offset < length) { + length = ndr->data_size - ndr->offset; + } + } else if (ndr->flags & LIBNDR_FLAG_REMAINING) { + length = ndr->data_size - ndr->offset; + } else { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &length)); + } + NDR_PULL_NEED_BYTES(ndr, length); + *blob = data_blob_talloc(ndr->current_mem_ctx, ndr->data+ndr->offset, length); + ndr->offset += length; + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ uint32_t ndr_size_DATA_BLOB(int ret, const DATA_BLOB *data, int flags) +{ + if (!data) return ret; + return ret + data->length; +} diff --git a/source4/librpc/ndr/ndr_compression.c b/source4/librpc/ndr/ndr_compression.c new file mode 100644 index 0000000000..92c5b049df --- /dev/null +++ b/source4/librpc/ndr/ndr_compression.c @@ -0,0 +1,516 @@ +/* + Unix SMB/CIFS implementation. + + libndr compression support + + Copyright (C) Stefan Metzmacher 2005 + Copyright (C) Matthieu Suiche 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "lib/compression/lzxpress.h" +#include "librpc/ndr/libndr.h" +#include "librpc/ndr/ndr_compression.h" +#include <zlib.h> + +static voidpf ndr_zlib_alloc(voidpf opaque, uInt items, uInt size) +{ + return talloc_zero_size(opaque, items * size); +} + +static void ndr_zlib_free(voidpf opaque, voidpf address) +{ + talloc_free(address); +} + +static enum ndr_err_code ndr_pull_compression_mszip_chunk(struct ndr_pull *ndrpull, + struct ndr_push *ndrpush, + z_stream *z, + bool *last) +{ + DATA_BLOB comp_chunk; + uint32_t comp_chunk_offset; + uint32_t comp_chunk_size; + DATA_BLOB plain_chunk; + uint32_t plain_chunk_offset; + uint32_t plain_chunk_size; + int z_ret; + + NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, &plain_chunk_size)); + if (plain_chunk_size > 0x00008000) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, "Bad MSZIP plain chunk size %08X > 0x00008000 (PULL)", + plain_chunk_size); + } + + NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, &comp_chunk_size)); + + DEBUG(9,("MSZIP plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u)\n", + plain_chunk_size, plain_chunk_size, comp_chunk_size, comp_chunk_size)); + + comp_chunk_offset = ndrpull->offset; + NDR_CHECK(ndr_pull_advance(ndrpull, comp_chunk_size)); + comp_chunk.length = comp_chunk_size; + comp_chunk.data = ndrpull->data + comp_chunk_offset; + + plain_chunk_offset = ndrpush->offset; + NDR_CHECK(ndr_push_zero(ndrpush, plain_chunk_size)); + plain_chunk.length = plain_chunk_size; + plain_chunk.data = ndrpush->data + plain_chunk_offset; + + if (comp_chunk.length < 2) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "Bad MSZIP comp chunk size %u < 2 (PULL)", + (unsigned int)comp_chunk.length); + } + /* CK = Chris Kirmse, official Microsoft purloiner */ + if (comp_chunk.data[0] != 'C' || + comp_chunk.data[1] != 'K') { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "Bad MSZIP invalid prefix [%c%c] != [CK]", + comp_chunk.data[0], comp_chunk.data[1]); + } + + z->next_in = comp_chunk.data + 2; + z->avail_in = comp_chunk.length -2; + z->total_in = 0; + + z->next_out = plain_chunk.data; + z->avail_out = plain_chunk.length; + z->total_out = 0; + + if (!z->opaque) { + /* the first time we need to intialize completely */ + z->zalloc = ndr_zlib_alloc; + z->zfree = ndr_zlib_free; + z->opaque = ndrpull; + + z_ret = inflateInit2(z, -15); + if (z_ret != Z_OK) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "Bad inflateInit2 error %s(%d) (PULL)", + zError(z_ret), z_ret); + + } + } + + /* call inflate untill we get Z_STREAM_END or an error */ + while (true) { + z_ret = inflate(z, Z_BLOCK); + if (z_ret != Z_OK) break; + } + + if (z_ret != Z_STREAM_END) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "Bad inflate(Z_BLOCK) error %s(%d) (PULL)", + zError(z_ret), z_ret); + } + + if (z->avail_in) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "MSZIP not all avail_in[%u] bytes consumed (PULL)", + z->avail_in); + } + + if (z->avail_out) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "MSZIP not all avail_out[%u] bytes consumed (PULL)", + z->avail_out); + } + + if ((plain_chunk_size < 0x00008000) || (ndrpull->offset+4 >= ndrpull->data_size)) { + /* this is the last chunk */ + *last = true; + } + + z_ret = inflateReset(z); + if (z_ret != Z_OK) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "Bad inflateReset error %s(%d) (PULL)", + zError(z_ret), z_ret); + } + + z_ret = inflateSetDictionary(z, plain_chunk.data, plain_chunk.length); + if (z_ret != Z_OK) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "Bad inflateSetDictionary error %s(%d) (PULL)", + zError(z_ret), z_ret); + } + + return NDR_ERR_SUCCESS; +} + +static enum ndr_err_code ndr_push_compression_mszip_chunk(struct ndr_push *ndrpush, + struct ndr_pull *ndrpull, + z_stream *z, + bool *last) +{ + DATA_BLOB comp_chunk; + uint32_t comp_chunk_size; + uint32_t comp_chunk_size_offset; + DATA_BLOB plain_chunk; + uint32_t plain_chunk_size; + uint32_t plain_chunk_offset; + uint32_t max_plain_size = 0x00008000; + uint32_t max_comp_size = 0x00008000 + 2 + 12 /*TODO: what value do we really need here?*/; + uint32_t tmp_offset; + int z_ret; + + plain_chunk_size = MIN(max_plain_size, ndrpull->data_size - ndrpull->offset); + plain_chunk_offset = ndrpull->offset; + NDR_CHECK(ndr_pull_advance(ndrpull, plain_chunk_size)); + + plain_chunk.data = ndrpull->data + plain_chunk_offset; + plain_chunk.length = plain_chunk_size; + + if (plain_chunk_size < max_plain_size) { + *last = true; + } + + NDR_CHECK(ndr_push_uint32(ndrpush, NDR_SCALARS, plain_chunk_size)); + comp_chunk_size_offset = ndrpush->offset; + NDR_CHECK(ndr_push_uint32(ndrpush, NDR_SCALARS, 0xFEFEFEFE)); + + NDR_CHECK(ndr_push_expand(ndrpush, max_comp_size)); + + comp_chunk.data = ndrpush->data + ndrpush->offset; + comp_chunk.length = max_comp_size; + + /* CK = Chris Kirmse, official Microsoft purloiner */ + comp_chunk.data[0] = 'C'; + comp_chunk.data[1] = 'K'; + + z->next_in = plain_chunk.data; + z->avail_in = plain_chunk.length; + z->total_in = 0; + + z->next_out = comp_chunk.data + 2; + z->avail_out = comp_chunk.length - 2; + z->total_out = 0; + + if (!z->opaque) { + /* the first time we need to intialize completely */ + z->zalloc = ndr_zlib_alloc; + z->zfree = ndr_zlib_free; + z->opaque = ndrpull; + + /* TODO: find how to trigger the same parameters windows uses */ + z_ret = deflateInit2(z, + Z_DEFAULT_COMPRESSION, + Z_DEFLATED, + -15, + 9, + Z_DEFAULT_STRATEGY); + if (z_ret != Z_OK) { + return ndr_push_error(ndrpush, NDR_ERR_COMPRESSION, + "Bad deflateInit2 error %s(%d) (PUSH)", + zError(z_ret), z_ret); + + } + } + + /* call deflate untill we get Z_STREAM_END or an error */ + while (true) { + z_ret = deflate(z, Z_FINISH); + if (z_ret != Z_OK) break; + } + if (z_ret != Z_STREAM_END) { + return ndr_push_error(ndrpush, NDR_ERR_COMPRESSION, + "Bad delate(Z_BLOCK) error %s(%d) (PUSH)", + zError(z_ret), z_ret); + } + + if (z->avail_in) { + return ndr_push_error(ndrpush, NDR_ERR_COMPRESSION, + "MSZIP not all avail_in[%u] bytes consumed (PUSH)", + z->avail_in); + } + + comp_chunk_size = 2 + z->total_out; + + z_ret = deflateReset(z); + if (z_ret != Z_OK) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "Bad deflateReset error %s(%d) (PULL)", + zError(z_ret), z_ret); + } + + z_ret = deflateSetDictionary(z, plain_chunk.data, plain_chunk.length); + if (z_ret != Z_OK) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "Bad deflateSetDictionary error %s(%d) (PULL)", + zError(z_ret), z_ret); + } + + tmp_offset = ndrpush->offset; + ndrpush->offset = comp_chunk_size_offset; + NDR_CHECK(ndr_push_uint32(ndrpush, NDR_SCALARS, comp_chunk_size)); + ndrpush->offset = tmp_offset; + + DEBUG(9,("MSZIP comp plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u)\n", + plain_chunk.length, plain_chunk.length, comp_chunk_size, comp_chunk_size)); + + ndrpush->offset += comp_chunk_size; + return NDR_ERR_SUCCESS; +} + +static enum ndr_err_code ndr_pull_compression_xpress_chunk(struct ndr_pull *ndrpull, + struct ndr_push *ndrpush, + bool *last) +{ + DATA_BLOB comp_chunk; + DATA_BLOB plain_chunk; + uint32_t comp_chunk_offset; + uint32_t plain_chunk_offset; + uint32_t comp_chunk_size; + uint32_t plain_chunk_size; + ssize_t ret; + + NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, &plain_chunk_size)); + if (plain_chunk_size > 0x00010000) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, "Bad XPRESS plain chunk size %08X > 0x00010000 (PULL)", + plain_chunk_size); + } + + NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, &comp_chunk_size)); + + comp_chunk_offset = ndrpull->offset; + NDR_CHECK(ndr_pull_advance(ndrpull, comp_chunk_size)); + comp_chunk.length = comp_chunk_size; + comp_chunk.data = ndrpull->data + comp_chunk_offset; + + plain_chunk_offset = ndrpush->offset; + NDR_CHECK(ndr_push_zero(ndrpush, plain_chunk_size)); + plain_chunk.length = plain_chunk_size; + plain_chunk.data = ndrpush->data + plain_chunk_offset; + + DEBUG(9,("XPRESS plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u)\n", + plain_chunk_size, plain_chunk_size, comp_chunk_size, comp_chunk_size)); + + /* Uncompressing the buffer using LZ Xpress algorithm */ + ret = lzxpress_decompress(comp_chunk.data, + comp_chunk.length, + plain_chunk.data, + plain_chunk.length); + if (ret < 0) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "XPRESS lzxpress_decompress() returned %d\n", + ret); + } + plain_chunk.length = ret; + + if ((plain_chunk_size < 0x00010000) || (ndrpull->offset+4 >= ndrpull->data_size)) { + /* this is the last chunk */ + *last = true; + } + + return NDR_ERR_SUCCESS; +} + +static enum ndr_err_code ndr_push_compression_xpress_chunk(struct ndr_push *ndrpush, + struct ndr_pull *ndrpull, + bool *last) +{ + DATA_BLOB comp_chunk; + uint32_t comp_chunk_size_offset; + DATA_BLOB plain_chunk; + uint32_t plain_chunk_size; + uint32_t plain_chunk_offset; + uint32_t max_plain_size = 0x00010000; + uint32_t max_comp_size = 0x00020000 + 2; /* TODO: use the correct value here */ + uint32_t tmp_offset; + ssize_t ret; + + plain_chunk_size = MIN(max_plain_size, ndrpull->data_size - ndrpull->offset); + plain_chunk_offset = ndrpull->offset; + NDR_CHECK(ndr_pull_advance(ndrpull, plain_chunk_size)); + + plain_chunk.data = ndrpull->data + plain_chunk_offset; + plain_chunk.length = plain_chunk_size; + + if (plain_chunk_size < max_plain_size) { + *last = true; + } + + NDR_CHECK(ndr_push_uint32(ndrpush, NDR_SCALARS, plain_chunk_size)); + comp_chunk_size_offset = ndrpush->offset; + NDR_CHECK(ndr_push_uint32(ndrpush, NDR_SCALARS, 0xFEFEFEFE)); + + NDR_CHECK(ndr_push_expand(ndrpush, max_comp_size)); + + comp_chunk.data = ndrpush->data + ndrpush->offset; + comp_chunk.length = max_comp_size; + + /* Compressing the buffer using LZ Xpress algorithm */ + ret = lzxpress_compress(plain_chunk.data, + plain_chunk.length, + comp_chunk.data, + comp_chunk.length); + if (ret < 0) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, + "XPRESS lzxpress_compress() returned %d\n", + ret); + } + comp_chunk.length = ret; + + tmp_offset = ndrpush->offset; + ndrpush->offset = comp_chunk_size_offset; + NDR_CHECK(ndr_push_uint32(ndrpush, NDR_SCALARS, comp_chunk.length)); + ndrpush->offset = tmp_offset; + + ndrpush->offset += comp_chunk.length; + return NDR_ERR_SUCCESS; +} + +/* + handle compressed subcontext buffers, which in midl land are user-marshalled, but + we use magic in pidl to make them easier to cope with +*/ +enum ndr_err_code ndr_pull_compression_start(struct ndr_pull *subndr, + struct ndr_pull **_comndr, + enum ndr_compression_alg compression_alg, + ssize_t decompressed_len) +{ + struct ndr_push *ndrpush; + struct ndr_pull *comndr; + DATA_BLOB uncompressed; + bool last = false; + z_stream z; + + ndrpush = ndr_push_init_ctx(subndr, subndr->iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(ndrpush); + + switch (compression_alg) { + case NDR_COMPRESSION_MSZIP: + ZERO_STRUCT(z); + while (!last) { + NDR_CHECK(ndr_pull_compression_mszip_chunk(subndr, ndrpush, &z, &last)); + } + break; + + case NDR_COMPRESSION_XPRESS: + while (!last) { + NDR_CHECK(ndr_pull_compression_xpress_chunk(subndr, ndrpush, &last)); + } + break; + + default: + return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, "Bad compression algorithm %d (PULL)", + compression_alg); + } + + uncompressed = ndr_push_blob(ndrpush); + if (uncompressed.length != decompressed_len) { + return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, + "Bad uncompressed_len [%u] != [%u](0x%08X) (PULL)", + (int)uncompressed.length, + (int)decompressed_len, + (int)decompressed_len); + } + + comndr = talloc_zero(subndr, struct ndr_pull); + NDR_ERR_HAVE_NO_MEMORY(comndr); + comndr->flags = subndr->flags; + comndr->current_mem_ctx = subndr->current_mem_ctx; + + comndr->data = uncompressed.data; + comndr->data_size = uncompressed.length; + comndr->offset = 0; + + comndr->iconv_convenience = talloc_reference(comndr, subndr->iconv_convenience); + + *_comndr = comndr; + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_compression_end(struct ndr_pull *subndr, + struct ndr_pull *comndr, + enum ndr_compression_alg compression_alg, + ssize_t decompressed_len) +{ + return NDR_ERR_SUCCESS; +} + +/* + push a compressed subcontext +*/ +enum ndr_err_code ndr_push_compression_start(struct ndr_push *subndr, + struct ndr_push **_uncomndr, + enum ndr_compression_alg compression_alg, + ssize_t decompressed_len) +{ + struct ndr_push *uncomndr; + + switch (compression_alg) { + case NDR_COMPRESSION_MSZIP: + case NDR_COMPRESSION_XPRESS: + break; + default: + return ndr_push_error(subndr, NDR_ERR_COMPRESSION, + "Bad compression algorithm %d (PUSH)", + compression_alg); + } + + uncomndr = ndr_push_init_ctx(subndr, subndr->iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(uncomndr); + uncomndr->flags = subndr->flags; + + *_uncomndr = uncomndr; + return NDR_ERR_SUCCESS; +} + +/* + push a compressed subcontext +*/ +enum ndr_err_code ndr_push_compression_end(struct ndr_push *subndr, + struct ndr_push *uncomndr, + enum ndr_compression_alg compression_alg, + ssize_t decompressed_len) +{ + struct ndr_pull *ndrpull; + bool last = false; + z_stream z; + + ndrpull = talloc_zero(uncomndr, struct ndr_pull); + NDR_ERR_HAVE_NO_MEMORY(ndrpull); + ndrpull->flags = uncomndr->flags; + ndrpull->data = uncomndr->data; + ndrpull->data_size = uncomndr->offset; + ndrpull->offset = 0; + + ndrpull->iconv_convenience = talloc_reference(ndrpull, subndr->iconv_convenience); + + switch (compression_alg) { + case NDR_COMPRESSION_MSZIP: + ZERO_STRUCT(z); + while (!last) { + NDR_CHECK(ndr_push_compression_mszip_chunk(subndr, ndrpull, &z, &last)); + } + break; + + case NDR_COMPRESSION_XPRESS: + while (!last) { + NDR_CHECK(ndr_push_compression_xpress_chunk(subndr, ndrpull, &last)); + } + break; + + default: + return ndr_push_error(subndr, NDR_ERR_COMPRESSION, "Bad compression algorithm %d (PUSH)", + compression_alg); + } + + talloc_free(uncomndr); + return NDR_ERR_SUCCESS; +} diff --git a/source4/librpc/ndr/ndr_drsuapi.c b/source4/librpc/ndr/ndr_drsuapi.c new file mode 100644 index 0000000000..e77ab54071 --- /dev/null +++ b/source4/librpc/ndr/ndr_drsuapi.c @@ -0,0 +1,351 @@ +/* + Unix SMB/CIFS implementation. + + routines for printing some linked list structs in DRSUAPI + + Copyright (C) Stefan (metze) Metzmacher 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + + +#include "includes.h" +#include "librpc/gen_ndr/ndr_drsuapi.h" +#include "librpc/gen_ndr/ndr_misc.h" +#include "lib/util/asn1.h" +#include "librpc/ndr/ndr_compression.h" + +void ndr_print_drsuapi_DsReplicaObjectListItem(struct ndr_print *ndr, const char *name, + const struct drsuapi_DsReplicaObjectListItem *r) +{ + ndr_print_struct(ndr, name, "drsuapi_DsReplicaObjectListItem"); + ndr->depth++; + ndr_print_ptr(ndr, "next_object", r->next_object); + ndr_print_drsuapi_DsReplicaObject(ndr, "object", &r->object); + ndr->depth--; + if (r->next_object) { + ndr_print_drsuapi_DsReplicaObjectListItem(ndr, "next_object", r->next_object); + } +} + +void ndr_print_drsuapi_DsReplicaObjectListItemEx(struct ndr_print *ndr, const char *name, const struct drsuapi_DsReplicaObjectListItemEx *r) +{ + ndr_print_struct(ndr, name, "drsuapi_DsReplicaObjectListItemEx"); + ndr->depth++; + ndr_print_ptr(ndr, "next_object", r->next_object); + ndr_print_drsuapi_DsReplicaObject(ndr, "object", &r->object); + ndr_print_uint32(ndr, "is_nc_prefix", r->is_nc_prefix); + ndr_print_ptr(ndr, "parent_object_guid", r->parent_object_guid); + ndr->depth++; + if (r->parent_object_guid) { + ndr_print_GUID(ndr, "parent_object_guid", r->parent_object_guid); + } + ndr->depth--; + ndr_print_ptr(ndr, "meta_data_ctr", r->meta_data_ctr); + ndr->depth++; + if (r->meta_data_ctr) { + ndr_print_drsuapi_DsReplicaMetaDataCtr(ndr, "meta_data_ctr", r->meta_data_ctr); + } + ndr->depth--; + ndr->depth--; + if (r->next_object) { + ndr_print_drsuapi_DsReplicaObjectListItemEx(ndr, "next_object", r->next_object); + } +} + +#define _OID_PUSH_CHECK(call) do { \ + bool _status; \ + _status = call; \ + if (_status != true) { \ + return ndr_push_error(ndr, NDR_ERR_SUBCONTEXT, "OID Conversion Error: %s\n", __location__); \ + } \ +} while (0) + +#define _OID_PULL_CHECK(call) do { \ + bool _status; \ + _status = call; \ + if (_status != true) { \ + return ndr_pull_error(ndr, NDR_ERR_SUBCONTEXT, "OID Conversion Error: %s\n", __location__); \ + } \ +} while (0) + +enum ndr_err_code ndr_push_drsuapi_DsReplicaOID(struct ndr_push *ndr, int ndr_flags, const struct drsuapi_DsReplicaOID *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, ndr_size_drsuapi_DsReplicaOID_oid(r->oid, 0))); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->oid)); + } + if (ndr_flags & NDR_BUFFERS) { + if (r->oid) { + DATA_BLOB blob; + + if (strncasecmp("ff", r->oid, 2) == 0) { + blob = strhex_to_data_blob(r->oid); + if (!blob.data) { + return ndr_push_error(ndr, NDR_ERR_SUBCONTEXT, + "HEX String Conversion Error: %s\n", + __location__); + } + } else { + _OID_PUSH_CHECK(ber_write_OID_String(&blob, r->oid)); + } + talloc_steal(ndr, blob.data); + + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, blob.length)); + NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, blob.data, blob.length)); + } + } + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_drsuapi_DsReplicaOID(struct ndr_pull *ndr, int ndr_flags, struct drsuapi_DsReplicaOID *r) +{ + uint32_t _ptr_oid; + TALLOC_CTX *_mem_save_oid_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->__ndr_size)); + if (r->__ndr_size < 0 || r->__ndr_size > 10000) { + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_oid)); + if (_ptr_oid) { + NDR_PULL_ALLOC(ndr, r->oid); + } else { + r->oid = NULL; + } + } + if (ndr_flags & NDR_BUFFERS) { + if (r->oid) { + DATA_BLOB _oid_array; + const char *_oid; + + _mem_save_oid_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, ndr, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->oid)); + _oid_array.length = ndr_get_array_size(ndr, &r->oid); + NDR_PULL_ALLOC_N(ndr, _oid_array.data, _oid_array.length); + NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, _oid_array.data, _oid_array.length)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_oid_0, 0); + + if (_oid_array.length && _oid_array.data[0] == 0xFF) { + _oid = data_blob_hex_string(ndr, &_oid_array); + NDR_ERR_HAVE_NO_MEMORY(_oid); + } else { + _OID_PULL_CHECK(ber_read_OID_String(ndr, _oid_array, &_oid)); + } + data_blob_free(&_oid_array); + talloc_steal(r->oid, _oid); + r->oid = _oid; + } + if (r->oid) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->oid, r->__ndr_size)); + } + } + return NDR_ERR_SUCCESS; +} + +size_t ndr_size_drsuapi_DsReplicaOID_oid(const char *oid, int flags) +{ + DATA_BLOB _blob; + size_t ret = 0; + + if (!oid) return 0; + + if (strncasecmp("ff", oid, 2) == 0) { + _blob = strhex_to_data_blob(oid); + if (_blob.data) { + ret = _blob.length; + } + } else { + if (ber_write_OID_String(&_blob, oid)) { + ret = _blob.length; + } + } + data_blob_free(&_blob); + return ret; +} + +enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesMSZIPCtr1(struct ndr_push *ndr, int ndr_flags, const struct drsuapi_DsGetNCChangesMSZIPCtr1 *r) +{ + if (ndr_flags & NDR_SCALARS) { + uint32_t decompressed_length = 0; + uint32_t compressed_length = 0; + if (r->ts) { + { + struct ndr_push *_ndr_ts; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1)); + { + struct ndr_push *_ndr_ts_compressed; + NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_MSZIP, -1)); + NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr1TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts)); + decompressed_length = _ndr_ts_compressed->offset; + NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_MSZIP, -1)); + } + compressed_length = _ndr_ts->offset; + talloc_free(_ndr_ts); + } + } + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, decompressed_length)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, compressed_length)); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->ts)); + } + if (ndr_flags & NDR_BUFFERS) { + if (r->ts) { + { + struct ndr_push *_ndr_ts; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1)); + { + struct ndr_push *_ndr_ts_compressed; + NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_MSZIP, -1)); + NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr1TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts)); + NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_MSZIP, -1)); + } + NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_ts, 4, -1)); + } + } + } + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesMSZIPCtr6(struct ndr_push *ndr, int ndr_flags, const struct drsuapi_DsGetNCChangesMSZIPCtr6 *r) +{ + if (ndr_flags & NDR_SCALARS) { + uint32_t decompressed_length = 0; + uint32_t compressed_length = 0; + if (r->ts) { + { + struct ndr_push *_ndr_ts; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1)); + { + struct ndr_push *_ndr_ts_compressed; + NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_MSZIP, -1)); + NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr6TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts)); + decompressed_length = _ndr_ts_compressed->offset; + NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_MSZIP, -1)); + } + compressed_length = _ndr_ts->offset; + talloc_free(_ndr_ts); + } + } + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, decompressed_length)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, compressed_length)); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->ts)); + } + if (ndr_flags & NDR_BUFFERS) { + if (r->ts) { + { + struct ndr_push *_ndr_ts; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1)); + { + struct ndr_push *_ndr_ts_compressed; + NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_MSZIP, -1)); + NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr6TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts)); + NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_MSZIP, -1)); + } + NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_ts, 4, -1)); + } + } + } + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesXPRESSCtr1(struct ndr_push *ndr, int ndr_flags, const struct drsuapi_DsGetNCChangesXPRESSCtr1 *r) +{ + if (ndr_flags & NDR_SCALARS) { + uint32_t decompressed_length = 0; + uint32_t compressed_length = 0; + if (r->ts) { + { + struct ndr_push *_ndr_ts; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1)); + { + struct ndr_push *_ndr_ts_compressed; + NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_XPRESS, -1)); + NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr1TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts)); + decompressed_length = _ndr_ts_compressed->offset; + NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_XPRESS, -1)); + } + compressed_length = _ndr_ts->offset; + talloc_free(_ndr_ts); + } + } + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, decompressed_length)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, compressed_length)); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->ts)); + } + if (ndr_flags & NDR_BUFFERS) { + if (r->ts) { + { + struct ndr_push *_ndr_ts; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1)); + { + struct ndr_push *_ndr_ts_compressed; + NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_XPRESS, -1)); + NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr1TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts)); + NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_XPRESS, -1)); + } + NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_ts, 4, -1)); + } + } + } + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesXPRESSCtr6(struct ndr_push *ndr, int ndr_flags, const struct drsuapi_DsGetNCChangesXPRESSCtr6 *r) +{ + if (ndr_flags & NDR_SCALARS) { + uint32_t decompressed_length = 0; + uint32_t compressed_length = 0; + if (r->ts) { + { + struct ndr_push *_ndr_ts; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1)); + { + struct ndr_push *_ndr_ts_compressed; + NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_XPRESS, -1)); + NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr6TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts)); + decompressed_length = _ndr_ts_compressed->offset; + NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_XPRESS, -1)); + } + compressed_length = _ndr_ts->offset; + talloc_free(_ndr_ts); + } + } + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, decompressed_length)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, compressed_length)); + NDR_CHECK(ndr_push_unique_ptr(ndr, r->ts)); + } + if (ndr_flags & NDR_BUFFERS) { + if (r->ts) { + { + struct ndr_push *_ndr_ts; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1)); + { + struct ndr_push *_ndr_ts_compressed; + NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_XPRESS, -1)); + NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr6TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts)); + NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_XPRESS, -1)); + } + NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_ts, 4, -1)); + } + } + } + return NDR_ERR_SUCCESS; +} diff --git a/source4/librpc/ndr/ndr_drsuapi.h b/source4/librpc/ndr/ndr_drsuapi.h new file mode 100644 index 0000000000..c663eadd7a --- /dev/null +++ b/source4/librpc/ndr/ndr_drsuapi.h @@ -0,0 +1,35 @@ +/* + Unix SMB/CIFS implementation. + + routines for printing some linked list structs in DRSUAPI + + Copyright (C) Stefan (metze) Metzmacher 2005-2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#ifndef _LIBRPC_NDR_NDR_DRSUAPI_H +#define _LIBRPC_NDR_NDR_DRSUAPI_H + +void ndr_print_drsuapi_DsReplicaObjectListItem(struct ndr_print *ndr, const char *name, + const struct drsuapi_DsReplicaObjectListItem *r); + +void ndr_print_drsuapi_DsReplicaObjectListItemEx(struct ndr_print *ndr, const char *name, + const struct drsuapi_DsReplicaObjectListItemEx *r); + +enum ndr_err_code ndr_push_drsuapi_DsReplicaOID(struct ndr_push *ndr, int ndr_flags, const struct drsuapi_DsReplicaOID *r); +enum ndr_err_code ndr_pull_drsuapi_DsReplicaOID(struct ndr_pull *ndr, int ndr_flags, struct drsuapi_DsReplicaOID *r); +size_t ndr_size_drsuapi_DsReplicaOID_oid(const char *oid, int flags); + +#endif /* _LIBRPC_NDR_NDR_DRSUAPI_H */ diff --git a/source4/librpc/ndr/ndr_krb5pac.c b/source4/librpc/ndr/ndr_krb5pac.c new file mode 100644 index 0000000000..1b32df4c62 --- /dev/null +++ b/source4/librpc/ndr/ndr_krb5pac.c @@ -0,0 +1,140 @@ +/* + Unix SMB/CIFS implementation. + + routines for marshalling/unmarshalling spoolss subcontext buffer structures + + Copyright (C) Stefan Metzmacher 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + + +#include "includes.h" +#include "librpc/gen_ndr/ndr_krb5pac.h" + +static size_t _ndr_size_PAC_INFO(const union PAC_INFO *r, uint32_t level, int flags) +{ + size_t s = ndr_size_PAC_INFO(r, level, flags); + switch (level) { + case PAC_TYPE_LOGON_INFO: + return NDR_ROUND(s,8); + default: + return s; + } +} + +static size_t _subcontext_size_PAC_INFO(const union PAC_INFO *r, uint32_t level, int flags) +{ + size_t s = ndr_size_PAC_INFO(r, level, flags); + return NDR_ROUND(s,8); +} + +enum ndr_err_code ndr_push_PAC_BUFFER(struct ndr_push *ndr, int ndr_flags, const struct PAC_BUFFER *r) +{ + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_push_align(ndr, 4)); + NDR_CHECK(ndr_push_PAC_TYPE(ndr, NDR_SCALARS, r->type)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, _ndr_size_PAC_INFO(r->info,r->type,0))); + { + uint32_t _flags_save_PAC_INFO = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN8); + NDR_CHECK(ndr_push_relative_ptr1(ndr, r->info)); + ndr->flags = _flags_save_PAC_INFO; + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + } + if (ndr_flags & NDR_BUFFERS) { + { + uint32_t _flags_save_PAC_INFO = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN8); + if (r->info) { + NDR_CHECK(ndr_push_relative_ptr2(ndr, r->info)); + { + struct ndr_push *_ndr_info; + NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_info, 0, _subcontext_size_PAC_INFO(r->info,r->type,0))); + NDR_CHECK(ndr_push_set_switch_value(_ndr_info, r->info, r->type)); + NDR_CHECK(ndr_push_PAC_INFO(_ndr_info, NDR_SCALARS|NDR_BUFFERS, r->info)); + NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_info, 0, _subcontext_size_PAC_INFO(r->info,r->type,0))); + } + } + ndr->flags = _flags_save_PAC_INFO; + } + } + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_PAC_BUFFER(struct ndr_pull *ndr, int ndr_flags, struct PAC_BUFFER *r) +{ + uint32_t _ptr_info; + TALLOC_CTX *_mem_save_info_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_PAC_TYPE(ndr, NDR_SCALARS, &r->type)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->_ndr_size)); + { + uint32_t _flags_save_PAC_INFO = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN8); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info)); + if (_ptr_info) { + NDR_PULL_ALLOC(ndr, r->info); + NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->info, _ptr_info)); + } else { + r->info = NULL; + } + ndr->flags = _flags_save_PAC_INFO; + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->_pad)); + } + if (ndr_flags & NDR_BUFFERS) { + { + uint32_t _flags_save_PAC_INFO = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_ALIGN8); + if (r->info) { + uint32_t _relative_save_offset; + _relative_save_offset = ndr->offset; + NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->info)); + _mem_save_info_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->info, 0); + { + struct ndr_pull *_ndr_info; + NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_info, 0, r->_ndr_size)); + NDR_CHECK(ndr_pull_set_switch_value(_ndr_info, r->info, r->type)); + NDR_CHECK(ndr_pull_PAC_INFO(_ndr_info, NDR_SCALARS|NDR_BUFFERS, r->info)); + NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_info, 0, r->_ndr_size)); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_0, 0); + ndr->offset = _relative_save_offset; + } + ndr->flags = _flags_save_PAC_INFO; + } + } + return NDR_ERR_SUCCESS; +} + +void ndr_print_PAC_BUFFER(struct ndr_print *ndr, const char *name, const struct PAC_BUFFER *r) +{ + ndr_print_struct(ndr, name, "PAC_BUFFER"); + ndr->depth++; + ndr_print_PAC_TYPE(ndr, "type", r->type); + ndr_print_uint32(ndr, "_ndr_size", (ndr->flags & LIBNDR_PRINT_SET_VALUES)?_ndr_size_PAC_INFO(r->info,r->type,0):r->_ndr_size); + ndr_print_ptr(ndr, "info", r->info); + ndr->depth++; + if (r->info) { + ndr_print_set_switch_value(ndr, r->info, r->type); + ndr_print_PAC_INFO(ndr, "info", r->info); + } + ndr->depth--; + ndr_print_uint32(ndr, "_pad", r->_pad); + ndr->depth--; +} diff --git a/source4/librpc/ndr/ndr_misc.c b/source4/librpc/ndr/ndr_misc.c new file mode 100644 index 0000000000..be7dab93d2 --- /dev/null +++ b/source4/librpc/ndr/ndr_misc.c @@ -0,0 +1,40 @@ +/* + Unix SMB/CIFS implementation. + + UUID/GUID/policy_handle functions + + Copyright (C) Andrew Tridgell 2003. + Copyright (C) Stefan (metze) Metzmacher 2004. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "system/network.h" +#include "librpc/ndr/libndr.h" + +_PUBLIC_ void ndr_print_in_addr(struct ndr_print *ndr, const char *name, const struct in_addr *_ip) +{ + struct in_addr ip; + + ip.s_addr = htonl(_ip->s_addr); + + ndr->print(ndr, "%-25s: %s", name, inet_ntoa(ip)); +} + +_PUBLIC_ void ndr_print_GUID(struct ndr_print *ndr, const char *name, const struct GUID *guid) +{ + ndr->print(ndr, "%-25s: %s", name, GUID_string(ndr, guid)); +} + diff --git a/source4/librpc/ndr/ndr_orpc.c b/source4/librpc/ndr/ndr_orpc.c new file mode 100644 index 0000000000..6a55048e43 --- /dev/null +++ b/source4/librpc/ndr/ndr_orpc.c @@ -0,0 +1,173 @@ +/* + Unix SMB/CIFS implementation. + + routines for marshalling/unmarshalling DCOM string arrays + + Copyright (C) Jelmer Vernooij 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + + +#include "includes.h" +#include "librpc/gen_ndr/ndr_orpc.h" + +enum ndr_err_code ndr_pull_DUALSTRINGARRAY(struct ndr_pull *ndr, int ndr_flags, struct DUALSTRINGARRAY *ar) +{ + uint16_t num_entries, security_offset; + uint16_t towerid; + uint32_t towernum = 0, conformant_size; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &conformant_size)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &num_entries)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &security_offset)); + + ar->stringbindings = talloc_array(ndr, struct STRINGBINDING *, num_entries); + ar->stringbindings[0] = NULL; + + do { + /* 'Peek' */ + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &towerid)); + + if (towerid > 0) { + ndr->offset -= 2; + ar->stringbindings = talloc_realloc(ndr, ar->stringbindings, struct STRINGBINDING *, towernum+2); + ar->stringbindings[towernum] = talloc(ndr, struct STRINGBINDING); + NDR_CHECK(ndr_pull_STRINGBINDING(ndr, ndr_flags, ar->stringbindings[towernum])); + towernum++; + } + } while (towerid != 0); + + ar->stringbindings[towernum] = NULL; + towernum = 0; + + ar->securitybindings = talloc_array(ndr, struct SECURITYBINDING *, num_entries); + ar->securitybindings[0] = NULL; + + do { + /* 'Peek' */ + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &towerid)); + + if (towerid > 0) { + ndr->offset -= 2; + ar->securitybindings = talloc_realloc(ndr, ar->securitybindings, struct SECURITYBINDING *, towernum+2); + ar->securitybindings[towernum] = talloc(ndr, struct SECURITYBINDING); + NDR_CHECK(ndr_pull_SECURITYBINDING(ndr, ndr_flags, ar->securitybindings[towernum])); + towernum++; + } + } while (towerid != 0); + + ar->securitybindings[towernum] = NULL; + + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_push_DUALSTRINGARRAY(struct ndr_push *ndr, int ndr_flags, const struct DUALSTRINGARRAY *ar) +{ + return ndr_push_error(ndr, NDR_ERR_STRING, "ndr_push_DUALSTRINGARRAY not implemented"); +} + +/* + print a dom_sid +*/ +void ndr_print_DUALSTRINGARRAY(struct ndr_print *ndr, const char *name, const struct DUALSTRINGARRAY *ar) +{ + int i; + ndr->print(ndr, "%-25s: DUALSTRINGARRAY", name); + ndr->depth++; + ndr->print(ndr, "STRING BINDINGS"); + ndr->depth++; + for (i=0;ar->stringbindings[i];i++) { + char *idx = NULL; + asprintf(&idx, "[%d]", i); + if (idx) { + ndr_print_STRINGBINDING(ndr, idx, ar->stringbindings[i]); + free(idx); + } + } + ndr->depth--; + ndr->print(ndr, "SECURITY BINDINGS"); + ndr->depth++; + for (i=0;ar->securitybindings[i];i++) { + char *idx = NULL; + asprintf(&idx, "[%d]", i); + if (idx) { + ndr_print_SECURITYBINDING(ndr, idx, ar->securitybindings[i]); + free(idx); + } + } + ndr->depth--; +} + +enum ndr_err_code ndr_pull_STRINGARRAY(struct ndr_pull *ndr, int ndr_flags, struct STRINGARRAY *ar) +{ + uint16_t towerid; + uint32_t towernum = 0; + uint16_t num_entries; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &num_entries)); + + ar->stringbindings = talloc_array(ndr, struct STRINGBINDING *, 1); + ar->stringbindings[0] = NULL; + + do { + /* 'Peek' */ + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &towerid)); + + if (towerid > 0) { + ndr->offset -= 2; + ar->stringbindings = talloc_realloc(ndr, ar->stringbindings, struct STRINGBINDING *, towernum+2); + ar->stringbindings[towernum] = talloc(ndr, struct STRINGBINDING); + NDR_CHECK(ndr_pull_STRINGBINDING(ndr, ndr_flags, ar->stringbindings[towernum])); + towernum++; + } + } while (towerid != 0); + + ar->stringbindings[towernum] = NULL; + towernum = 0; + + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_push_STRINGARRAY(struct ndr_push *ndr, int ndr_flags, const struct STRINGARRAY *ar) +{ + return ndr_push_error(ndr, NDR_ERR_STRING, "ndr_push_STRINGARRAY not implemented"); +} + +/* + print a dom_sid +*/ +void ndr_print_STRINGARRAY(struct ndr_print *ndr, const char *name, const struct STRINGARRAY *ar) +{ + int i; + ndr->print(ndr, "%-25s: STRINGARRAY", name); + ndr->depth++; + for (i=0;ar->stringbindings[i];i++) { + char *idx = NULL; + asprintf(&idx, "[%d]", i); + if (idx) { + ndr_print_STRINGBINDING(ndr, idx, ar->stringbindings[i]); + free(idx); + } + } + ndr->depth--; +} diff --git a/source4/librpc/ndr/ndr_sec_helper.c b/source4/librpc/ndr/ndr_sec_helper.c new file mode 100644 index 0000000000..1256d7dd2d --- /dev/null +++ b/source4/librpc/ndr/ndr_sec_helper.c @@ -0,0 +1,278 @@ +/* + Unix SMB/CIFS implementation. + + fast routines for getting the wire size of security objects + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + + +#include "includes.h" +#include "librpc/gen_ndr/ndr_security.h" +#include "libcli/security/security.h" + +/* + return the wire size of a dom_sid +*/ +size_t ndr_size_dom_sid(const struct dom_sid *sid, int flags) +{ + if (!sid) return 0; + return 8 + 4*sid->num_auths; +} + +size_t ndr_size_dom_sid28(const struct dom_sid *sid, int flags) +{ + struct dom_sid zero_sid; + + if (!sid) return 0; + + ZERO_STRUCT(zero_sid); + + if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { + return 0; + } + + return 8 + 4*sid->num_auths; +} + +size_t ndr_size_dom_sid0(const struct dom_sid *sid, int flags) +{ + return ndr_size_dom_sid28(sid, flags); +} + +/* + return the wire size of a security_ace +*/ +size_t ndr_size_security_ace(const struct security_ace *ace, int flags) +{ + size_t ret; + + if (!ace) return 0; + + ret = 8 + ndr_size_dom_sid(&ace->trustee, flags); + + switch (ace->type) { + case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT: + case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT: + case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT: + case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT: + ret += 4; /* uint32 bitmap ace->object.object.flags */ + if (ace->object.object.flags & SEC_ACE_OBJECT_TYPE_PRESENT) { + ret += 16; /* GUID ace->object.object.type.type */ + } + if (ace->object.object.flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) { + ret += 16; /* GUID ace->object.object.inherited_typeinherited_type */ + } + break; + default: + break; + } + + return ret; +} + +/* + return the wire size of a security_acl +*/ +size_t ndr_size_security_acl(const struct security_acl *acl, int flags) +{ + size_t ret; + int i; + if (!acl) return 0; + ret = 8; + for (i=0;i<acl->num_aces;i++) { + ret += ndr_size_security_ace(&acl->aces[i], flags); + } + return ret; +} + +/* + return the wire size of a security descriptor +*/ +size_t ndr_size_security_descriptor(const struct security_descriptor *sd, int flags) +{ + size_t ret; + if (!sd) return 0; + + ret = 20; + ret += ndr_size_dom_sid(sd->owner_sid, flags); + ret += ndr_size_dom_sid(sd->group_sid, flags); + ret += ndr_size_security_acl(sd->dacl, flags); + ret += ndr_size_security_acl(sd->sacl, flags); + return ret; +} + +/* + print a dom_sid +*/ +void ndr_print_dom_sid(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) +{ + ndr->print(ndr, "%-25s: %s", name, dom_sid_string(ndr, sid)); +} + +void ndr_print_dom_sid2(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) +{ + ndr_print_dom_sid(ndr, name, sid); +} + +void ndr_print_dom_sid28(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) +{ + ndr_print_dom_sid(ndr, name, sid); +} + +void ndr_print_dom_sid0(struct ndr_print *ndr, const char *name, const struct dom_sid *sid) +{ + ndr_print_dom_sid(ndr, name, sid); +} + + +/* + parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field +*/ +enum ndr_err_code ndr_pull_dom_sid2(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) +{ + uint32_t num_auths; + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &num_auths)); + NDR_CHECK(ndr_pull_dom_sid(ndr, ndr_flags, sid)); + if (sid->num_auths != num_auths) { + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, + "Bad array size %u should exceed %u", + num_auths, sid->num_auths); + } + return NDR_ERR_SUCCESS; +} + +/* + parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field +*/ +enum ndr_err_code ndr_push_dom_sid2(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) +{ + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, sid->num_auths)); + return ndr_push_dom_sid(ndr, ndr_flags, sid); +} + +/* + parse a dom_sid28 - this is a dom_sid in a fixed 28 byte buffer, so we need to ensure there are only upto 5 sub_auth +*/ +enum ndr_err_code ndr_pull_dom_sid28(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) +{ + enum ndr_err_code status; + struct ndr_pull *subndr; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + subndr = talloc_zero(ndr, struct ndr_pull); + NDR_ERR_HAVE_NO_MEMORY(subndr); + subndr->flags = ndr->flags; + subndr->current_mem_ctx = ndr->current_mem_ctx; + + subndr->data = ndr->data + ndr->offset; + subndr->data_size = 28; + subndr->offset = 0; + + NDR_CHECK(ndr_pull_advance(ndr, 28)); + + status = ndr_pull_dom_sid(subndr, ndr_flags, sid); + if (!NDR_ERR_CODE_IS_SUCCESS(status)) { + /* handle a w2k bug which send random data in the buffer */ + ZERO_STRUCTP(sid); + } else if (sid->num_auths == 0 && sid->sub_auths) { + talloc_free(sid->sub_auths); + sid->sub_auths = NULL; + } + + return NDR_ERR_SUCCESS; +} + +/* + push a dom_sid28 - this is a dom_sid in a 28 byte fixed buffer +*/ +enum ndr_err_code ndr_push_dom_sid28(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) +{ + uint32_t old_offset; + uint32_t padding; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + if (sid->num_auths > 5) { + return ndr_push_error(ndr, NDR_ERR_RANGE, + "dom_sid28 allows only upto 5 sub auth [%u]", + sid->num_auths); + } + + old_offset = ndr->offset; + NDR_CHECK(ndr_push_dom_sid(ndr, ndr_flags, sid)); + + padding = 28 - (ndr->offset - old_offset); + + if (padding > 0) { + NDR_CHECK(ndr_push_zero(ndr, padding)); + } + + return NDR_ERR_SUCCESS; +} + +/* + parse a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty +*/ +enum ndr_err_code ndr_pull_dom_sid0(struct ndr_pull *ndr, int ndr_flags, struct dom_sid *sid) +{ + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + if (ndr->data_size == ndr->offset) { + ZERO_STRUCTP(sid); + return NDR_ERR_SUCCESS; + } + + return ndr_pull_dom_sid(ndr, ndr_flags, sid); +} + +/* + push a dom_sid0 - this is a dom_sid in a variable byte buffer, which is maybe empty +*/ +enum ndr_err_code ndr_push_dom_sid0(struct ndr_push *ndr, int ndr_flags, const struct dom_sid *sid) +{ + struct dom_sid zero_sid; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + if (!sid) { + return NDR_ERR_SUCCESS; + } + + ZERO_STRUCT(zero_sid); + + if (memcmp(&zero_sid, sid, sizeof(zero_sid)) == 0) { + return NDR_ERR_SUCCESS; + } + + return ndr_push_dom_sid(ndr, ndr_flags, sid); +} + diff --git a/source4/librpc/ndr/ndr_spoolss_buf.c b/source4/librpc/ndr/ndr_spoolss_buf.c new file mode 100644 index 0000000000..e01c5fd225 --- /dev/null +++ b/source4/librpc/ndr/ndr_spoolss_buf.c @@ -0,0 +1,531 @@ +/* + Unix SMB/CIFS implementation. + + routines for marshalling/unmarshalling spoolss subcontext buffer structures + + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Tim Potter 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + + +#include "includes.h" +#include "librpc/gen_ndr/ndr_spoolss.h" +#include "param/param.h" + +#define NDR_SPOOLSS_PUSH_ENUM_IN(fn) do { \ + if (!r->in.buffer && r->in.offered != 0) {\ + return ndr_push_error(ndr, NDR_ERR_BUFSIZE,\ + "SPOOLSS Buffer: r->in.offered[%u] but there's no buffer",\ + (unsigned)r->in.offered);\ + } else if (r->in.buffer && r->in.buffer->length != r->in.offered) {\ + return ndr_push_error(ndr, NDR_ERR_BUFSIZE,\ + "SPOOLSS Buffer: r->in.offered[%u] doesn't match length of r->in.buffer[%u]",\ + (unsigned)r->in.offered, (unsigned)r->in.buffer->length);\ + }\ + _r.in.level = r->in.level;\ + _r.in.buffer = r->in.buffer;\ + _r.in.offered = r->in.offered;\ + NDR_CHECK(ndr_push__##fn(ndr, flags, &_r));\ +} while(0) + +#define NDR_SPOOLSS_PUSH_ENUM_OUT(fn) do { \ + struct ndr_push *_ndr_info;\ + _r.in.level = r->in.level;\ + _r.in.buffer = r->in.buffer;\ + _r.in.offered = r->in.offered;\ + _r.out.info = NULL;\ + _r.out.needed = r->out.needed;\ + _r.out.count = r->out.count;\ + _r.out.result = r->out.result;\ + if (r->out.info && !r->in.buffer) {\ + return ndr_push_error(ndr, NDR_ERR_BUFSIZE,\ + "SPOOLSS Buffer: r->out.info but there's no r->in.buffer");\ + }\ + if (r->in.buffer) {\ + DATA_BLOB _data_blob_info;\ + _ndr_info = ndr_push_init_ctx(ndr, ndr->iconv_convenience);\ + NDR_ERR_HAVE_NO_MEMORY(_ndr_info);\ + _ndr_info->flags= ndr->flags;\ + if (r->out.info) {\ + struct __##fn __r;\ + __r.in.level = r->in.level;\ + __r.in.count = r->out.count;\ + __r.out.info = r->out.info;\ + NDR_CHECK(ndr_push___##fn(_ndr_info, flags, &__r)); \ + }\ + if (r->in.offered > _ndr_info->offset) {\ + uint32_t _padding_len = r->in.offered - _ndr_info->offset;\ + NDR_CHECK(ndr_push_zero(_ndr_info, _padding_len));\ + } else if (r->in.offered < _ndr_info->offset) {\ + return ndr_push_error(ndr, NDR_ERR_BUFSIZE,\ + "SPOOLSS Buffer: r->in.offered[%u] doesn't match length of out buffer[%u]!",\ + (unsigned)r->in.offered, (unsigned)_ndr_info->offset);\ + }\ + _data_blob_info = ndr_push_blob(_ndr_info);\ + _r.out.info = &_data_blob_info;\ + }\ + NDR_CHECK(ndr_push__##fn(ndr, flags, &_r));\ +} while(0) + +#define NDR_SPOOLSS_PUSH_ENUM(fn,in,out) do { \ + struct _##fn _r;\ + if (flags & NDR_IN) {\ + in;\ + NDR_SPOOLSS_PUSH_ENUM_IN(fn);\ + }\ + if (flags & NDR_OUT) {\ + out;\ + NDR_SPOOLSS_PUSH_ENUM_OUT(fn);\ + }\ +} while(0) + +#define NDR_SPOOLSS_PULL_ENUM_IN(fn) do { \ + ZERO_STRUCT(r->out);\ + NDR_CHECK(ndr_pull__##fn(ndr, flags, &_r));\ + r->in.level = _r.in.level;\ + r->in.buffer = _r.in.buffer;\ + r->in.offered = _r.in.offered;\ + r->out.needed = _r.out.needed;\ + if (!r->in.buffer && r->in.offered != 0) {\ + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE,\ + "SPOOLSS Buffer: r->in.offered[%u] but there's no buffer",\ + (unsigned)r->in.offered);\ + } else if (r->in.buffer && r->in.buffer->length != r->in.offered) {\ + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE,\ + "SPOOLSS Buffer: r->in.offered[%u] doesn't match length of r->in.buffer[%u]",\ + (unsigned)r->in.offered, (unsigned)r->in.buffer->length);\ + }\ +} while(0) + +#define NDR_SPOOLSS_PULL_ENUM_OUT(fn) do { \ + _r.in.level = r->in.level;\ + _r.in.buffer = r->in.buffer;\ + _r.in.offered = r->in.offered;\ + _r.out.needed = r->out.needed;\ + NDR_CHECK(ndr_pull__##fn(ndr, flags, &_r));\ + r->out.info = NULL;\ + r->out.needed = _r.out.needed;\ + r->out.count = _r.out.count;\ + r->out.result = _r.out.result;\ + if (_r.out.info) {\ + struct ndr_pull *_ndr_info = ndr_pull_init_blob(_r.out.info, ndr, ndr->iconv_convenience);\ + NDR_ERR_HAVE_NO_MEMORY(_ndr_info);\ + _ndr_info->flags= ndr->flags;\ + if (r->in.offered != _ndr_info->data_size) {\ + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE,\ + "SPOOLSS Buffer: offered[%u] doesn't match length of buffer[%u]",\ + (unsigned)r->in.offered, (unsigned)_ndr_info->data_size);\ + }\ + if (r->out.needed <= _ndr_info->data_size) {\ + struct __##fn __r;\ + __r.in.level = r->in.level;\ + __r.in.count = r->out.count;\ + __r.out.info = NULL;\ + NDR_CHECK(ndr_pull___##fn(_ndr_info, flags, &__r));\ + r->out.info = __r.out.info;\ + }\ + }\ +} while(0) + +#define NDR_SPOOLSS_PULL_ENUM(fn,in,out) do { \ + struct _##fn _r;\ + if (flags & NDR_IN) {\ + out;\ + NDR_SPOOLSS_PULL_ENUM_IN(fn);\ + in;\ + }\ + if (flags & NDR_OUT) {\ + out;\ + NDR_SPOOLSS_PULL_ENUM_OUT(fn);\ + }\ +} while(0) + +#define _NDR_CHECK_UINT32(call) do {\ + enum ndr_err_code _ndr_err; \ + _ndr_err = call; \ + if (!NDR_ERR_CODE_IS_SUCCESS(_ndr_err)) { \ + return 0; \ + }\ +} while (0) + +/* TODO: set _ndr_info->flags correct */ +#define NDR_SPOOLSS_SIZE_ENUM(fn) do { \ + struct __##fn __r;\ + DATA_BLOB _data_blob_info;\ + struct ndr_push *_ndr_info = ndr_push_init_ctx(mem_ctx, lp_iconv_convenience(global_loadparm));\ + if (!_ndr_info) return 0;\ + _ndr_info->flags|=0;\ + __r.in.level = level;\ + __r.in.count = count;\ + __r.out.info = info;\ + _NDR_CHECK_UINT32(ndr_push___##fn(_ndr_info, NDR_OUT, &__r)); \ + _data_blob_info = ndr_push_blob(_ndr_info);\ + return _data_blob_info.length;\ +} while(0) + +/* + spoolss_EnumPrinters +*/ +enum ndr_err_code ndr_push_spoolss_EnumPrinters(struct ndr_push *ndr, int flags, const struct spoolss_EnumPrinters *r) +{ + NDR_SPOOLSS_PUSH_ENUM(spoolss_EnumPrinters,{ + _r.in.flags = r->in.flags; + _r.in.server = r->in.server; + },{ + _r.in.flags = r->in.flags; + _r.in.server = r->in.server; + }); + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_spoolss_EnumPrinters(struct ndr_pull *ndr, int flags, struct spoolss_EnumPrinters *r) +{ + NDR_SPOOLSS_PULL_ENUM(spoolss_EnumPrinters,{ + r->in.flags = _r.in.flags; + r->in.server = _r.in.server; + },{ + _r.in.flags = r->in.flags; + _r.in.server = r->in.server; + }); + return NDR_ERR_SUCCESS; +} + +uint32_t ndr_size_spoolss_EnumPrinters_info(TALLOC_CTX *mem_ctx, uint32_t level, uint32_t count, union spoolss_PrinterInfo *info) +{ + NDR_SPOOLSS_SIZE_ENUM(spoolss_EnumPrinters); +} + +/* + spoolss_EnumJobs +*/ +enum ndr_err_code ndr_push_spoolss_EnumJobs(struct ndr_push *ndr, int flags, const struct spoolss_EnumJobs *r) +{ + NDR_SPOOLSS_PUSH_ENUM(spoolss_EnumJobs,{ + _r.in.handle = r->in.handle; + _r.in.firstjob = r->in.firstjob; + _r.in.numjobs = r->in.numjobs; + },{ + _r.in.handle = r->in.handle; + _r.in.firstjob = r->in.firstjob; + _r.in.numjobs = r->in.numjobs; + }); + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_spoolss_EnumJobs(struct ndr_pull *ndr, int flags, struct spoolss_EnumJobs *r) +{ + NDR_SPOOLSS_PULL_ENUM(spoolss_EnumJobs,{ + r->in.handle = _r.in.handle; + r->in.firstjob = _r.in.firstjob; + r->in.numjobs = _r.in.numjobs; + },{ + _r.in.handle = r->in.handle; + _r.in.firstjob = r->in.firstjob; + _r.in.numjobs = r->in.numjobs; + }); + return NDR_ERR_SUCCESS; +} + +uint32_t ndr_size_spoolss_EnumJobss_info(TALLOC_CTX *mem_ctx, uint32_t level, uint32_t count, union spoolss_JobInfo *info) +{ + NDR_SPOOLSS_SIZE_ENUM(spoolss_EnumJobs); +} + +/* + spoolss_EnumPrinterDrivers +*/ +enum ndr_err_code ndr_push_spoolss_EnumPrinterDrivers(struct ndr_push *ndr, int flags, const struct spoolss_EnumPrinterDrivers *r) +{ + NDR_SPOOLSS_PUSH_ENUM(spoolss_EnumPrinterDrivers,{ + _r.in.server = r->in.server; + _r.in.environment = r->in.environment; + },{ + _r.in.server = r->in.server; + _r.in.environment = r->in.environment; + }); + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_spoolss_EnumPrinterDrivers(struct ndr_pull *ndr, int flags, struct spoolss_EnumPrinterDrivers *r) +{ + NDR_SPOOLSS_PULL_ENUM(spoolss_EnumPrinterDrivers,{ + r->in.server = _r.in.server; + r->in.environment = _r.in.environment; + },{ + _r.in.server = r->in.server; + _r.in.environment = r->in.environment; + }); + return NDR_ERR_SUCCESS; +} + +uint32_t ndr_size_spoolss_EnumPrinterDrivers_info(TALLOC_CTX *mem_ctx, uint32_t level, uint32_t count, union spoolss_DriverInfo *info) +{ + NDR_SPOOLSS_SIZE_ENUM(spoolss_EnumPrinterDrivers); +} + +/* + spoolss_EnumForms +*/ +enum ndr_err_code ndr_push_spoolss_EnumForms(struct ndr_push *ndr, int flags, const struct spoolss_EnumForms *r) +{ + NDR_SPOOLSS_PUSH_ENUM(spoolss_EnumForms,{ + _r.in.handle = r->in.handle; + },{ + _r.in.handle = r->in.handle; + }); + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_spoolss_EnumForms(struct ndr_pull *ndr, int flags, struct spoolss_EnumForms *r) +{ + NDR_SPOOLSS_PULL_ENUM(spoolss_EnumForms,{ + r->in.handle = _r.in.handle; + },{ + _r.in.handle = r->in.handle; + }); + return NDR_ERR_SUCCESS; +} + +uint32_t ndr_size_spoolss_EnumForms_info(TALLOC_CTX *mem_ctx, uint32_t level, uint32_t count, union spoolss_FormInfo *info) +{ + NDR_SPOOLSS_SIZE_ENUM(spoolss_EnumForms); +} + +/* + spoolss_EnumPorts +*/ +enum ndr_err_code ndr_push_spoolss_EnumPorts(struct ndr_push *ndr, int flags, const struct spoolss_EnumPorts *r) +{ + NDR_SPOOLSS_PUSH_ENUM(spoolss_EnumPorts,{ + _r.in.servername= r->in.servername; + },{ + _r.in.servername= r->in.servername; + }); + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_spoolss_EnumPorts(struct ndr_pull *ndr, int flags, struct spoolss_EnumPorts *r) +{ + NDR_SPOOLSS_PULL_ENUM(spoolss_EnumPorts,{ + r->in.servername= _r.in.servername; + },{ + _r.in.servername= r->in.servername; + }); + return NDR_ERR_SUCCESS; +} + +uint32_t ndr_size_spoolss_EnumPorts_info(TALLOC_CTX *mem_ctx, uint32_t level, uint32_t count, union spoolss_PortInfo *info) +{ + NDR_SPOOLSS_SIZE_ENUM(spoolss_EnumPorts); +} + +/* + spoolss_EnumMonitors +*/ +enum ndr_err_code ndr_push_spoolss_EnumMonitors(struct ndr_push *ndr, int flags, const struct spoolss_EnumMonitors *r) +{ + NDR_SPOOLSS_PUSH_ENUM(spoolss_EnumMonitors,{ + _r.in.servername= r->in.servername; + },{ + _r.in.servername= r->in.servername; + }); + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_spoolss_EnumMonitors(struct ndr_pull *ndr, int flags, struct spoolss_EnumMonitors *r) +{ + NDR_SPOOLSS_PULL_ENUM(spoolss_EnumMonitors,{ + r->in.servername= _r.in.servername; + },{ + _r.in.servername= r->in.servername; + }); + return NDR_ERR_SUCCESS; +} + +uint32_t ndr_size_spoolss_EnumMonitors_info(TALLOC_CTX *mem_ctx, uint32_t level, uint32_t count, union spoolss_MonitorInfo *info) +{ + NDR_SPOOLSS_SIZE_ENUM(spoolss_EnumMonitors); +} + +/* + spoolss_EnumPrintProcessors +*/ +enum ndr_err_code ndr_push_spoolss_EnumPrintProcessors(struct ndr_push *ndr, int flags, const struct spoolss_EnumPrintProcessors *r) +{ + NDR_SPOOLSS_PUSH_ENUM(spoolss_EnumPrintProcessors,{ + _r.in.servername = r->in.servername; + _r.in.environment = r->in.environment; + },{ + _r.in.servername = r->in.servername; + _r.in.environment = r->in.environment; + }); + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_spoolss_EnumPrintProcessors(struct ndr_pull *ndr, int flags, struct spoolss_EnumPrintProcessors *r) +{ + NDR_SPOOLSS_PULL_ENUM(spoolss_EnumPrintProcessors,{ + r->in.servername = _r.in.servername; + r->in.environment = _r.in.environment; + },{ + _r.in.servername = r->in.servername; + _r.in.environment = r->in.environment; + }); + return NDR_ERR_SUCCESS; +} + +uint32_t ndr_size_spoolss_EnumPrinterProcessors_info(TALLOC_CTX *mem_ctx, uint32_t level, uint32_t count, union spoolss_PrintProcessorInfo *info) +{ + NDR_SPOOLSS_SIZE_ENUM(spoolss_EnumPrintProcessors); +} + +/* + spoolss_GetPrinterData +*/ +enum ndr_err_code ndr_push_spoolss_GetPrinterData(struct ndr_push *ndr, int flags, const struct spoolss_GetPrinterData *r) +{ + struct _spoolss_GetPrinterData _r; + if (flags & NDR_IN) { + _r.in.handle = r->in.handle; + _r.in.value_name= r->in.value_name; + _r.in.offered = r->in.offered; + NDR_CHECK(ndr_push__spoolss_GetPrinterData(ndr, flags, &_r)); + } + if (flags & NDR_OUT) { + struct ndr_push *_ndr_info; + _r.in.handle = r->in.handle; + _r.in.value_name= r->in.value_name; + _r.in.offered = r->in.offered; + _r.out.type = r->out.type; + _r.out.data = data_blob(NULL, 0); + _r.out.needed = r->out.needed; + _r.out.result = r->out.result; + { + struct __spoolss_GetPrinterData __r; + _ndr_info = ndr_push_init_ctx(ndr, ndr->iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(_ndr_info); + _ndr_info->flags= ndr->flags; + __r.in.type = r->out.type; + __r.out.data = r->out.data; + NDR_CHECK(ndr_push___spoolss_GetPrinterData(_ndr_info, flags, &__r)); + if (r->in.offered > _ndr_info->offset) { + uint32_t _padding_len = r->in.offered - _ndr_info->offset; + NDR_CHECK(ndr_push_zero(_ndr_info, _padding_len)); + } + _r.out.data = ndr_push_blob(_ndr_info); + } + NDR_CHECK(ndr_push__spoolss_GetPrinterData(ndr, flags, &_r)); + } + return NDR_ERR_SUCCESS; +} + +enum ndr_err_code ndr_pull_spoolss_GetPrinterData(struct ndr_pull *ndr, int flags, struct spoolss_GetPrinterData *r) +{ + struct _spoolss_GetPrinterData _r; + if (flags & NDR_IN) { + ZERO_STRUCT(r->out); + + _r.in.handle = r->in.handle; + _r.in.value_name= r->in.value_name; + _r.in.offered = r->in.offered; + _r.out.type = r->out.type; + _r.out.data = data_blob(NULL,0), + _r.out.needed = r->out.needed; + NDR_CHECK(ndr_pull__spoolss_GetPrinterData(ndr, flags, &_r)); + r->in.handle = _r.in.handle; + r->in.value_name= _r.in.value_name; + r->in.offered = _r.in.offered; + r->out.needed = _r.out.needed; + } + if (flags & NDR_OUT) { + _r.in.handle = r->in.handle; + _r.in.value_name= r->in.value_name; + _r.in.offered = r->in.offered; + _r.out.type = r->out.type; + _r.out.data = data_blob(NULL,0), + _r.out.needed = r->out.needed; + _r.out.result = r->out.result; + NDR_CHECK(ndr_pull__spoolss_GetPrinterData(ndr, flags, &_r)); + r->out.type = _r.out.type; + ZERO_STRUCT(r->out.data); + r->out.needed = _r.out.needed; + r->out.result = _r.out.result; + if (_r.out.data.length != r->in.offered) { + return ndr_pull_error(ndr, NDR_ERR_BUFSIZE, + "SPOOLSS Buffer: r->in.offered[%u] doesn't match length of out buffer[%u]", + (unsigned)r->in.offered, (unsigned)_r.out.data.length); + } + if (_r.out.data.length > 0 && r->out.needed <= _r.out.data.length) { + struct __spoolss_GetPrinterData __r; + struct ndr_pull *_ndr_data = ndr_pull_init_blob(&_r.out.data, ndr, ndr->iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(_ndr_data); + _ndr_data->flags= ndr->flags; + __r.in.type = r->out.type; + __r.out.data = r->out.data; + NDR_CHECK(ndr_pull___spoolss_GetPrinterData(_ndr_data, flags, &__r)); + r->out.data = __r.out.data; + } else { + r->out.type = SPOOLSS_PRINTER_DATA_TYPE_NULL; + } + } + return NDR_ERR_SUCCESS; +} + +/* + spoolss_SetPrinterData +*/ +enum ndr_err_code ndr_push_spoolss_SetPrinterData(struct ndr_push *ndr, int flags, const struct spoolss_SetPrinterData *r) +{ + struct _spoolss_SetPrinterData _r; + if (flags & NDR_IN) { + struct ndr_push *_ndr_data; + struct __spoolss_SetPrinterData __r; + DATA_BLOB _data_blob_data; + + _ndr_data = ndr_push_init_ctx(ndr, ndr->iconv_convenience); + NDR_ERR_HAVE_NO_MEMORY(_ndr_data); + _ndr_data->flags= ndr->flags; + + __r.in.type = r->in.type; + __r.out.data = r->in.data; + NDR_CHECK(ndr_push___spoolss_SetPrinterData(_ndr_data, NDR_OUT, &__r)); + _data_blob_data = ndr_push_blob(_ndr_data); + + _r.in.handle = r->in.handle; + _r.in.value_name= r->in.value_name; + _r.in.type = r->in.type; + _r.in.data = _data_blob_data; + _r.in._offered = _data_blob_data.length; + _r.out.result = r->out.result; + NDR_CHECK(ndr_push__spoolss_SetPrinterData(ndr, flags, &_r)); + } + if (flags & NDR_OUT) { + _r.in.handle = r->in.handle; + _r.in.value_name= r->in.value_name; + _r.in.type = r->in.type; + _r.in.data = data_blob(NULL,0), + _r.in._offered = r->in._offered; + _r.out.result = r->out.result; + NDR_CHECK(ndr_push__spoolss_SetPrinterData(ndr, flags, &_r)); + } + return NDR_ERR_SUCCESS; +} + +uint32_t _ndr_size_spoolss_DeviceMode(struct spoolss_DeviceMode *devmode, uint32_t flags) +{ + if (!devmode) return 0; + return ndr_size_spoolss_DeviceMode(devmode,flags); +} diff --git a/source4/librpc/ndr/ndr_string.c b/source4/librpc/ndr/ndr_string.c new file mode 100644 index 0000000000..79548f81bc --- /dev/null +++ b/source4/librpc/ndr/ndr_string.c @@ -0,0 +1,699 @@ +/* + Unix SMB/CIFS implementation. + + routines for marshalling/unmarshalling string types + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "librpc/ndr/libndr.h" + +/** + pull a general string from the wire +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_string(struct ndr_pull *ndr, int ndr_flags, const char **s) +{ + char *as=NULL; + uint32_t len1, ofs, len2; + uint16_t len3; + int ret; + charset_t chset = CH_UTF16; + unsigned byte_mul = 2; + unsigned flags = ndr->flags; + unsigned c_len_term = 0; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + if (NDR_BE(ndr)) { + chset = CH_UTF16BE; + } + + if (flags & LIBNDR_FLAG_STR_ASCII) { + chset = CH_DOS; + byte_mul = 1; + flags &= ~LIBNDR_FLAG_STR_ASCII; + } + + if (flags & LIBNDR_FLAG_STR_UTF8) { + chset = CH_UTF8; + byte_mul = 1; + flags &= ~LIBNDR_FLAG_STR_UTF8; + } + + flags &= ~LIBNDR_FLAG_STR_CONFORMANT; + if (flags & LIBNDR_FLAG_STR_CHARLEN) { + c_len_term = 1; + flags &= ~LIBNDR_FLAG_STR_CHARLEN; + } + + switch (flags & LIBNDR_STRING_FLAGS) { + case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4: + case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM: + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &len1)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &ofs)); + if (ofs != 0) { + return ndr_pull_error(ndr, NDR_ERR_STRING, "non-zero array offset with string flags 0x%x\n", + ndr->flags & LIBNDR_STRING_FLAGS); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &len2)); + if (len2 > len1) { + return ndr_pull_error(ndr, NDR_ERR_STRING, + "Bad string lengths len1=%u ofs=%u len2=%u\n", + len1, ofs, len2); + } + NDR_PULL_NEED_BYTES(ndr, (len2 + c_len_term)*byte_mul); + if (len2 == 0) { + as = talloc_strdup(ndr->current_mem_ctx, ""); + } else { + ret = convert_string_talloc(ndr->current_mem_ctx, + ndr->iconv_convenience, chset, CH_UNIX, + ndr->data+ndr->offset, + (len2 + c_len_term)*byte_mul, + (void **)&as); + if (ret == -1) { + return ndr_pull_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + } + NDR_CHECK(ndr_pull_advance(ndr, (len2 + c_len_term)*byte_mul)); + + if (len1 != len2) { + DEBUG(6,("len1[%u] != len2[%u] '%s'\n", len1, len2, as)); + } + + /* this is a way of detecting if a string is sent with the wrong + termination */ + if (ndr->flags & LIBNDR_FLAG_STR_NOTERM) { + if (strlen(as) < (len2 + c_len_term)) { + DEBUG(6,("short string '%s'\n", as)); + } + } else { + if (strlen(as) == (len2 + c_len_term)) { + DEBUG(6,("long string '%s'\n", as)); + } + } + *s = as; + break; + + case LIBNDR_FLAG_STR_SIZE4: + case LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM: + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &len1)); + NDR_PULL_NEED_BYTES(ndr, (len1 + c_len_term)*byte_mul); + if (len1 == 0) { + as = talloc_strdup(ndr->current_mem_ctx, ""); + } else { + ret = convert_string_talloc(ndr->current_mem_ctx, + ndr->iconv_convenience, + chset, CH_UNIX, + ndr->data+ndr->offset, + (len1 + c_len_term)*byte_mul, + (void **)&as); + if (ret == -1) { + return ndr_pull_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + } + NDR_CHECK(ndr_pull_advance(ndr, (len1 + c_len_term)*byte_mul)); + + /* this is a way of detecting if a string is sent with the wrong + termination */ + if (ndr->flags & LIBNDR_FLAG_STR_NOTERM) { + if (strlen(as) < (len1 + c_len_term)) { + DEBUG(6,("short string '%s'\n", as)); + } + } else { + if (strlen(as) == (len1 + c_len_term)) { + DEBUG(6,("long string '%s'\n", as)); + } + } + *s = as; + break; + + case LIBNDR_FLAG_STR_LEN4: + case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_NOTERM: + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &ofs)); + if (ofs != 0) { + return ndr_pull_error(ndr, NDR_ERR_STRING, "non-zero array offset with string flags 0x%x\n", + ndr->flags & LIBNDR_STRING_FLAGS); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &len1)); + NDR_PULL_NEED_BYTES(ndr, (len1 + c_len_term)*byte_mul); + if (len1 == 0) { + as = talloc_strdup(ndr->current_mem_ctx, ""); + } else { + ret = convert_string_talloc(ndr->current_mem_ctx, + ndr->iconv_convenience, + chset, CH_UNIX, + ndr->data+ndr->offset, + (len1 + c_len_term)*byte_mul, + (void **)&as); + if (ret == -1) { + return ndr_pull_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + } + NDR_CHECK(ndr_pull_advance(ndr, (len1 + c_len_term)*byte_mul)); + + /* this is a way of detecting if a string is sent with the wrong + termination */ + if (ndr->flags & LIBNDR_FLAG_STR_NOTERM) { + if (strlen(as) < (len1 + c_len_term)) { + DEBUG(6,("short string '%s'\n", as)); + } + } else { + if (strlen(as) == (len1 + c_len_term)) { + DEBUG(6,("long string '%s'\n", as)); + } + } + *s = as; + break; + + + case LIBNDR_FLAG_STR_SIZE2: + case LIBNDR_FLAG_STR_SIZE2|LIBNDR_FLAG_STR_NOTERM: + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &len3)); + NDR_PULL_NEED_BYTES(ndr, (len3 + c_len_term)*byte_mul); + if (len3 == 0) { + as = talloc_strdup(ndr->current_mem_ctx, ""); + } else { + ret = convert_string_talloc(ndr->current_mem_ctx, + ndr->iconv_convenience, + chset, CH_UNIX, + ndr->data+ndr->offset, + (len3 + c_len_term)*byte_mul, + (void **)&as); + if (ret == -1) { + return ndr_pull_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + } + NDR_CHECK(ndr_pull_advance(ndr, (len3 + c_len_term)*byte_mul)); + + /* this is a way of detecting if a string is sent with the wrong + termination */ + if (ndr->flags & LIBNDR_FLAG_STR_NOTERM) { + if (strlen(as) < (len3 + c_len_term)) { + DEBUG(6,("short string '%s'\n", as)); + } + } else { + if (strlen(as) == (len3 + c_len_term)) { + DEBUG(6,("long string '%s'\n", as)); + } + } + *s = as; + break; + + case LIBNDR_FLAG_STR_SIZE2|LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_STR_BYTESIZE: + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &len3)); + NDR_PULL_NEED_BYTES(ndr, len3); + if (len3 == 0) { + as = talloc_strdup(ndr->current_mem_ctx, ""); + } else { + ret = convert_string_talloc(ndr->current_mem_ctx, + ndr->iconv_convenience, + chset, CH_UNIX, + ndr->data+ndr->offset, + len3, + (void **)&as); + if (ret == -1) { + return ndr_pull_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + } + NDR_CHECK(ndr_pull_advance(ndr, len3)); + *s = as; + break; + + case LIBNDR_FLAG_STR_NULLTERM: + if (byte_mul == 1) { + len1 = ascii_len_n((const char *)(ndr->data+ndr->offset), ndr->data_size - ndr->offset); + } else { + len1 = utf16_len_n(ndr->data+ndr->offset, ndr->data_size - ndr->offset); + } + ret = convert_string_talloc(ndr->current_mem_ctx, + ndr->iconv_convenience, chset, CH_UNIX, + ndr->data+ndr->offset, + len1, + (void **)&as); + if (ret == -1) { + return ndr_pull_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + NDR_CHECK(ndr_pull_advance(ndr, len1)); + *s = as; + break; + + case LIBNDR_FLAG_STR_NOTERM: + if (!(ndr->flags & LIBNDR_FLAG_REMAINING)) { + return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%x (missing NDR_REMAINING)\n", + ndr->flags & LIBNDR_STRING_FLAGS); + } + + len1 = ndr->data_size - ndr->offset; + + NDR_PULL_NEED_BYTES(ndr, len1); + if (len1 == 0) { + as = talloc_strdup(ndr->current_mem_ctx, ""); + } else { + ret = convert_string_talloc(ndr->current_mem_ctx, + ndr->iconv_convenience, + chset, CH_UNIX, + ndr->data+ndr->offset, + len1, + (void **)&as); + if (ret == -1) { + return ndr_pull_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + } + NDR_CHECK(ndr_pull_advance(ndr, len1)); + + *s = as; + break; + + default: + return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%x\n", + ndr->flags & LIBNDR_STRING_FLAGS); + } + + return NDR_ERR_SUCCESS; +} + + +/** + push a general string onto the wire +*/ +_PUBLIC_ enum ndr_err_code ndr_push_string(struct ndr_push *ndr, int ndr_flags, const char *s) +{ + ssize_t s_len, c_len, d_len; + int chset = CH_UTF16; + unsigned flags = ndr->flags; + unsigned byte_mul = 2; + uint8_t *dest = NULL; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + if (NDR_BE(ndr)) { + chset = CH_UTF16BE; + } + + s_len = s?strlen(s):0; + + if (flags & LIBNDR_FLAG_STR_ASCII) { + chset = CH_DOS; + byte_mul = 1; + flags &= ~LIBNDR_FLAG_STR_ASCII; + } + + if (flags & LIBNDR_FLAG_STR_UTF8) { + chset = CH_UTF8; + byte_mul = 1; + flags &= ~LIBNDR_FLAG_STR_UTF8; + } + + flags &= ~LIBNDR_FLAG_STR_CONFORMANT; + + if (!(flags & LIBNDR_FLAG_STR_NOTERM)) { + s_len++; + } + d_len = convert_string_talloc(ndr, ndr->iconv_convenience, CH_UNIX, chset, s, s_len, (void **)&dest); + if (d_len == -1) { + return ndr_push_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + + if (flags & LIBNDR_FLAG_STR_BYTESIZE) { + c_len = d_len; + flags &= ~LIBNDR_FLAG_STR_BYTESIZE; + } else if (flags & LIBNDR_FLAG_STR_CHARLEN) { + c_len = (d_len / byte_mul)-1; + flags &= ~LIBNDR_FLAG_STR_CHARLEN; + } else { + c_len = d_len / byte_mul; + } + + switch ((flags & LIBNDR_STRING_FLAGS) & ~LIBNDR_FLAG_STR_NOTERM) { + case LIBNDR_FLAG_STR_LEN4|LIBNDR_FLAG_STR_SIZE4: + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, c_len)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, c_len)); + NDR_CHECK(ndr_push_bytes(ndr, dest, d_len)); + break; + + case LIBNDR_FLAG_STR_LEN4: + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, 0)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, c_len)); + NDR_CHECK(ndr_push_bytes(ndr, dest, d_len)); + break; + + case LIBNDR_FLAG_STR_SIZE4: + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, c_len)); + NDR_CHECK(ndr_push_bytes(ndr, dest, d_len)); + break; + + case LIBNDR_FLAG_STR_SIZE2: + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, c_len)); + NDR_CHECK(ndr_push_bytes(ndr, dest, d_len)); + break; + + case LIBNDR_FLAG_STR_NULLTERM: + NDR_CHECK(ndr_push_bytes(ndr, dest, d_len)); + break; + + default: + if (ndr->flags & LIBNDR_FLAG_REMAINING) { + NDR_CHECK(ndr_push_bytes(ndr, dest, d_len)); + break; + } + + return ndr_push_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%x\n", + ndr->flags & LIBNDR_STRING_FLAGS); + } + + talloc_free(dest); + + return NDR_ERR_SUCCESS; +} + +/** + push a general string onto the wire +*/ +_PUBLIC_ size_t ndr_string_array_size(struct ndr_push *ndr, const char *s) +{ + size_t c_len; + unsigned flags = ndr->flags; + unsigned byte_mul = 2; + unsigned c_len_term = 1; + + c_len = s?strlen_m(s):0; + + if (flags & (LIBNDR_FLAG_STR_ASCII|LIBNDR_FLAG_STR_UTF8)) { + byte_mul = 1; + } + + if (flags & LIBNDR_FLAG_STR_NOTERM) { + c_len_term = 0; + } + + c_len = c_len + c_len_term; + + if (flags & LIBNDR_FLAG_STR_BYTESIZE) { + c_len = c_len * byte_mul; + } + + return c_len; +} + +_PUBLIC_ void ndr_print_string(struct ndr_print *ndr, const char *name, const char *s) +{ + if (s) { + ndr->print(ndr, "%-25s: '%s'", name, s); + } else { + ndr->print(ndr, "%-25s: NULL", name); + } +} + +_PUBLIC_ uint32_t ndr_size_string(int ret, const char * const* string, int flags) +{ + /* FIXME: Is this correct for all strings ? */ + if(!(*string)) return ret; + return ret+strlen(*string)+1; +} + +/** + pull a general string array from the wire +*/ +_PUBLIC_ enum ndr_err_code ndr_pull_string_array(struct ndr_pull *ndr, int ndr_flags, const char ***_a) +{ + const char **a = *_a; + uint32_t count; + unsigned flags = ndr->flags; + unsigned saved_flags = ndr->flags; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + switch (flags & LIBNDR_STRING_FLAGS) { + case LIBNDR_FLAG_STR_NULLTERM: + /* + * here the strings are null terminated + * but also the array is null terminated + */ + for (count = 0;; count++) { + TALLOC_CTX *tmp_ctx; + const char *s = NULL; + a = talloc_realloc(ndr->current_mem_ctx, a, const char *, count + 2); + NDR_ERR_HAVE_NO_MEMORY(a); + a[count] = NULL; + a[count+1] = NULL; + + tmp_ctx = ndr->current_mem_ctx; + ndr->current_mem_ctx = a; + NDR_CHECK(ndr_pull_string(ndr, ndr_flags, &s)); + ndr->current_mem_ctx = tmp_ctx; + if (strcmp("", s)==0) { + a[count] = NULL; + break; + } else { + a[count] = s; + } + } + + *_a =a; + break; + + case LIBNDR_FLAG_STR_NOTERM: + if (!(ndr->flags & LIBNDR_FLAG_REMAINING)) { + return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%x (missing NDR_REMAINING)\n", + ndr->flags & LIBNDR_STRING_FLAGS); + } + /* + * here the strings are not null terminated + * but serarated by a null terminator + * + * which means the same as: + * very string is null terminated exept the last + * string is terminated by the end of the buffer + * + * as LIBNDR_FLAG_STR_NULLTERM also end at the end + * of the buffer, we can pull each string with this flag + */ + ndr->flags &= ~(LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_REMAINING); + ndr->flags |= LIBNDR_FLAG_STR_NULLTERM; + + for (count = 0; ((ndr->data_size - ndr->offset) > 0); count++) { + TALLOC_CTX *tmp_ctx; + const char *s = NULL; + a = talloc_realloc(ndr->current_mem_ctx, a, const char *, count + 2); + NDR_ERR_HAVE_NO_MEMORY(a); + a[count] = NULL; + a[count+1] = NULL; + + tmp_ctx = ndr->current_mem_ctx; + ndr->current_mem_ctx = a; + NDR_CHECK(ndr_pull_string(ndr, ndr_flags, &s)); + ndr->current_mem_ctx = tmp_ctx; + a[count] = s; + } + + *_a =a; + break; + + default: + return ndr_pull_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%x\n", + ndr->flags & LIBNDR_STRING_FLAGS); + } + + ndr->flags = saved_flags; + return NDR_ERR_SUCCESS; +} + +/** + push a general string array onto the wire +*/ +_PUBLIC_ enum ndr_err_code ndr_push_string_array(struct ndr_push *ndr, int ndr_flags, const char **a) +{ + uint32_t count; + unsigned flags = ndr->flags; + unsigned saved_flags = ndr->flags; + + if (!(ndr_flags & NDR_SCALARS)) { + return NDR_ERR_SUCCESS; + } + + switch (flags & LIBNDR_STRING_FLAGS) { + case LIBNDR_FLAG_STR_NULLTERM: + for (count = 0; a && a[count]; count++) { + NDR_CHECK(ndr_push_string(ndr, ndr_flags, a[count])); + } + + NDR_CHECK(ndr_push_string(ndr, ndr_flags, "")); + break; + + case LIBNDR_FLAG_STR_NOTERM: + if (!(ndr->flags & LIBNDR_FLAG_REMAINING)) { + return ndr_push_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%x (missing NDR_REMAINING)\n", + ndr->flags & LIBNDR_STRING_FLAGS); + } + + for (count = 0; a && a[count]; count++) { + if (count > 0) { + ndr->flags &= ~(LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_REMAINING); + ndr->flags |= LIBNDR_FLAG_STR_NULLTERM; + NDR_CHECK(ndr_push_string(ndr, ndr_flags, "")); + ndr->flags = saved_flags; + } + NDR_CHECK(ndr_push_string(ndr, ndr_flags, a[count])); + } + + break; + + default: + return ndr_push_error(ndr, NDR_ERR_STRING, "Bad string flags 0x%x\n", + ndr->flags & LIBNDR_STRING_FLAGS); + } + + ndr->flags = saved_flags; + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_string_array(struct ndr_print *ndr, const char *name, const char **a) +{ + uint32_t count; + uint32_t i; + + for (count = 0; a && a[count]; count++) {} + + ndr->print(ndr, "%s: ARRAY(%d)", name, count); + ndr->depth++; + for (i=0;i<count;i++) { + char *idx=NULL; + asprintf(&idx, "[%d]", i); + if (idx) { + ndr_print_string(ndr, idx, a[i]); + free(idx); + } + } + ndr->depth--; +} + +/** + * Return number of elements in a string including the last (zeroed) element + */ +_PUBLIC_ uint32_t ndr_string_length(const void *_var, uint32_t element_size) +{ + uint32_t i; + uint8_t zero[4] = {0,0,0,0}; + const char *var = (const char *)_var; + + for (i = 0; memcmp(var+i*element_size,zero,element_size) != 0; i++); + + return i+1; +} + +_PUBLIC_ enum ndr_err_code ndr_check_string_terminator(struct ndr_pull *ndr, uint32_t count, uint32_t element_size) +{ + uint32_t i; + uint32_t save_offset; + + save_offset = ndr->offset; + ndr_pull_advance(ndr, (count - 1) * element_size); + NDR_PULL_NEED_BYTES(ndr, element_size); + + for (i = 0; i < element_size; i++) { + if (ndr->data[ndr->offset+i] != 0) { + ndr->offset = save_offset; + + return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "String terminator not present or outside string boundaries"); + } + } + + ndr->offset = save_offset; + + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_pull_charset(struct ndr_pull *ndr, int ndr_flags, const char **var, uint32_t length, uint8_t byte_mul, charset_t chset) +{ + int ret; + if (length == 0) { + *var = talloc_strdup(ndr->current_mem_ctx, ""); + return NDR_ERR_SUCCESS; + } + + if (NDR_BE(ndr) && chset == CH_UTF16) { + chset = CH_UTF16BE; + } + + NDR_PULL_NEED_BYTES(ndr, length*byte_mul); + + ret = convert_string_talloc(ndr->current_mem_ctx, + ndr->iconv_convenience, + chset, CH_UNIX, + ndr->data+ndr->offset, + length*byte_mul, + discard_const_p(void *, var)); + if (ret == -1) { + return ndr_pull_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + NDR_CHECK(ndr_pull_advance(ndr, length*byte_mul)); + + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ enum ndr_err_code ndr_push_charset(struct ndr_push *ndr, int ndr_flags, const char *var, uint32_t length, uint8_t byte_mul, charset_t chset) +{ + ssize_t ret, required; + + if (NDR_BE(ndr) && chset == CH_UTF16) { + chset = CH_UTF16BE; + } + + required = byte_mul * length; + + NDR_PUSH_NEED_BYTES(ndr, required); + ret = convert_string(ndr->iconv_convenience, CH_UNIX, chset, + var, strlen(var), + ndr->data+ndr->offset, required); + if (ret == -1) { + return ndr_push_error(ndr, NDR_ERR_CHARCNV, + "Bad character conversion"); + } + + /* Make sure the remaining part of the string is filled with zeroes */ + if (ret < required) { + memset(ndr->data+ndr->offset+ret, 0, required-ret); + } + + ndr->offset += required; + + return NDR_ERR_SUCCESS; +} + +/* Return number of elements in a string in the specified charset */ +_PUBLIC_ uint32_t ndr_charset_length(const void *var, charset_t chset) +{ + /* FIXME: Treat special chars special here, taking chset into account */ + /* Also include 0 byte */ + return strlen((const char *)var)+1; +} diff --git a/source4/librpc/ndr/ndr_table.c b/source4/librpc/ndr/ndr_table.c new file mode 100644 index 0000000000..d73e82bb71 --- /dev/null +++ b/source4/librpc/ndr/ndr_table.c @@ -0,0 +1,134 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc utility functions + + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Jelmer Vernooij 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "lib/util/dlinklist.h" +#include "librpc/ndr/libndr.h" +#include "librpc/ndr/ndr_table.h" + +static struct ndr_interface_list *ndr_interfaces; + +/* + register a ndr interface table +*/ +NTSTATUS ndr_table_register(const struct ndr_interface_table *table) +{ + struct ndr_interface_list *l; + + for (l = ndr_interfaces; l; l = l->next) { + if (GUID_equal(&table->syntax_id.uuid, &l->table->syntax_id.uuid)) { + DEBUG(0, ("Attempt to register interface %s which has the " + "same UUID as already registered interface %s\n", + table->name, l->table->name)); + return NT_STATUS_OBJECT_NAME_COLLISION; + } + } + + l = talloc(talloc_autofree_context(), struct ndr_interface_list); + l->table = table; + + DLIST_ADD(ndr_interfaces, l); + + return NT_STATUS_OK; +} + +/* + find the pipe name for a local IDL interface +*/ +const char *ndr_interface_name(const struct GUID *uuid, uint32_t if_version) +{ + const struct ndr_interface_list *l; + for (l=ndr_table_list();l;l=l->next) { + if (GUID_equal(&l->table->syntax_id.uuid, uuid) && + l->table->syntax_id.if_version == if_version) { + return l->table->name; + } + } + return "UNKNOWN"; +} + +/* + find the number of calls defined by local IDL +*/ +int ndr_interface_num_calls(const struct GUID *uuid, uint32_t if_version) +{ + const struct ndr_interface_list *l; + for (l=ndr_interfaces;l;l=l->next){ + if (GUID_equal(&l->table->syntax_id.uuid, uuid) && + l->table->syntax_id.if_version == if_version) { + return l->table->num_calls; + } + } + return -1; +} + + +/* + find a dcerpc interface by name +*/ +const struct ndr_interface_table *ndr_table_by_name(const char *name) +{ + const struct ndr_interface_list *l; + for (l=ndr_interfaces;l;l=l->next) { + if (strcasecmp(l->table->name, name) == 0) { + return l->table; + } + } + return NULL; +} + +/* + find a dcerpc interface by uuid +*/ +const struct ndr_interface_table *ndr_table_by_uuid(const struct GUID *uuid) +{ + const struct ndr_interface_list *l; + for (l=ndr_interfaces;l;l=l->next) { + if (GUID_equal(&l->table->syntax_id.uuid, uuid)) { + return l->table; + } + } + return NULL; +} + +/* + return the list of registered dcerpc_pipes +*/ +const struct ndr_interface_list *ndr_table_list(void) +{ + return ndr_interfaces; +} + + +NTSTATUS ndr_table_register_builtin_tables(void); + +NTSTATUS ndr_table_init(void) +{ + static bool initialized = false; + + if (initialized) return NT_STATUS_OK; + initialized = true; + + ndr_table_register_builtin_tables(); + + return NT_STATUS_OK; +} diff --git a/source4/librpc/ndr/uuid.c b/source4/librpc/ndr/uuid.c new file mode 100644 index 0000000000..1e6ee0a3db --- /dev/null +++ b/source4/librpc/ndr/uuid.c @@ -0,0 +1,227 @@ +/* + Unix SMB/CIFS implementation. + + UUID/GUID functions + + Copyright (C) Theodore Ts'o 1996, 1997, + Copyright (C) Jim McDonough 2002. + Copyright (C) Andrew Tridgell 2003. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "librpc/ndr/libndr.h" + +/** + build a GUID from a string +*/ +_PUBLIC_ NTSTATUS GUID_from_string(const char *s, struct GUID *guid) +{ + NTSTATUS status = NT_STATUS_INVALID_PARAMETER; + uint32_t time_low; + uint32_t time_mid, time_hi_and_version; + uint32_t clock_seq[2]; + uint32_t node[6]; + int i; + + if (s == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + if (11 == sscanf(s, "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", + &time_low, &time_mid, &time_hi_and_version, + &clock_seq[0], &clock_seq[1], + &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { + status = NT_STATUS_OK; + } else if (11 == sscanf(s, "{%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x}", + &time_low, &time_mid, &time_hi_and_version, + &clock_seq[0], &clock_seq[1], + &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { + status = NT_STATUS_OK; + } + + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + guid->time_low = time_low; + guid->time_mid = time_mid; + guid->time_hi_and_version = time_hi_and_version; + guid->clock_seq[0] = clock_seq[0]; + guid->clock_seq[1] = clock_seq[1]; + for (i=0;i<6;i++) { + guid->node[i] = node[i]; + } + + return NT_STATUS_OK; +} + +/** + build a GUID from a string +*/ +_PUBLIC_ NTSTATUS NS_GUID_from_string(const char *s, struct GUID *guid) +{ + NTSTATUS status = NT_STATUS_INVALID_PARAMETER; + uint32_t time_low; + uint32_t time_mid, time_hi_and_version; + uint32_t clock_seq[2]; + uint32_t node[6]; + int i; + + if (s == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + if (11 == sscanf(s, "%08x-%04x%04x-%02x%02x%02x%02x-%02x%02x%02x%02x", + &time_low, &time_mid, &time_hi_and_version, + &clock_seq[0], &clock_seq[1], + &node[0], &node[1], &node[2], &node[3], &node[4], &node[5])) { + status = NT_STATUS_OK; + } + + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + guid->time_low = time_low; + guid->time_mid = time_mid; + guid->time_hi_and_version = time_hi_and_version; + guid->clock_seq[0] = clock_seq[0]; + guid->clock_seq[1] = clock_seq[1]; + for (i=0;i<6;i++) { + guid->node[i] = node[i]; + } + + return NT_STATUS_OK; +} + +/** + * generate a random GUID + */ +_PUBLIC_ struct GUID GUID_random(void) +{ + struct GUID guid; + + generate_random_buffer((uint8_t *)&guid, sizeof(guid)); + guid.clock_seq[0] = (guid.clock_seq[0] & 0x3F) | 0x80; + guid.time_hi_and_version = (guid.time_hi_and_version & 0x0FFF) | 0x4000; + + return guid; +} + +/** + * generate an empty GUID + */ +_PUBLIC_ struct GUID GUID_zero(void) +{ + struct GUID guid; + + ZERO_STRUCT(guid); + + return guid; +} + +_PUBLIC_ bool GUID_all_zero(const struct GUID *u) +{ + if (u->time_low != 0 || + u->time_mid != 0 || + u->time_hi_and_version != 0 || + u->clock_seq[0] != 0 || + u->clock_seq[1] != 0 || + !all_zero(u->node, 6)) { + return false; + } + return true; +} + +_PUBLIC_ bool GUID_equal(const struct GUID *u1, const struct GUID *u2) +{ + if (u1->time_low != u2->time_low || + u1->time_mid != u2->time_mid || + u1->time_hi_and_version != u2->time_hi_and_version || + u1->clock_seq[0] != u2->clock_seq[0] || + u1->clock_seq[1] != u2->clock_seq[1] || + memcmp(u1->node, u2->node, 6) != 0) { + return false; + } + return true; +} + +_PUBLIC_ int GUID_compare(const struct GUID *u1, const struct GUID *u2) +{ + if (u1->time_low != u2->time_low) { + return u1->time_low - u2->time_low; + } + + if (u1->time_mid != u2->time_mid) { + return u1->time_mid - u2->time_mid; + } + + if (u1->time_hi_and_version != u2->time_hi_and_version) { + return u1->time_hi_and_version - u2->time_hi_and_version; + } + + if (u1->clock_seq[0] != u2->clock_seq[0]) { + return u1->clock_seq[0] - u2->clock_seq[0]; + } + + if (u1->clock_seq[1] != u2->clock_seq[1]) { + return u1->clock_seq[1] - u2->clock_seq[1]; + } + + return memcmp(u1->node, u2->node, 6); +} + +/** + its useful to be able to display these in debugging messages +*/ +_PUBLIC_ char *GUID_string(TALLOC_CTX *mem_ctx, const struct GUID *guid) +{ + return talloc_asprintf(mem_ctx, + "%08x-%04x-%04x-%02x%02x-%02x%02x%02x%02x%02x%02x", + guid->time_low, guid->time_mid, + guid->time_hi_and_version, + guid->clock_seq[0], + guid->clock_seq[1], + guid->node[0], guid->node[1], + guid->node[2], guid->node[3], + guid->node[4], guid->node[5]); +} + +_PUBLIC_ char *GUID_string2(TALLOC_CTX *mem_ctx, const struct GUID *guid) +{ + char *ret, *s = GUID_string(mem_ctx, guid); + ret = talloc_asprintf(mem_ctx, "{%s}", s); + talloc_free(s); + return ret; +} + +_PUBLIC_ char *NS_GUID_string(TALLOC_CTX *mem_ctx, const struct GUID *guid) +{ + return talloc_asprintf(mem_ctx, + "%08x-%04x%04x-%02x%02x%02x%02x-%02x%02x%02x%02x", + guid->time_low, guid->time_mid, + guid->time_hi_and_version, + guid->clock_seq[0], + guid->clock_seq[1], + guid->node[0], guid->node[1], + guid->node[2], guid->node[3], + guid->node[4], guid->node[5]); +} + +_PUBLIC_ bool policy_handle_empty(struct policy_handle *h) +{ + return (h->handle_type == 0 && GUID_all_zero(&h->uuid)); +} diff --git a/source4/librpc/rpc/binding.c b/source4/librpc/rpc/binding.c new file mode 100644 index 0000000000..bfe62c4054 --- /dev/null +++ b/source4/librpc/rpc/binding.c @@ -0,0 +1,725 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc utility functions + + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Jelmer Vernooij 2004 + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005 + Copyright (C) Rafal Szczesniak 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "lib/events/events.h" +#include "librpc/gen_ndr/ndr_epmapper_c.h" +#include "librpc/gen_ndr/ndr_dcerpc.h" +#include "librpc/gen_ndr/ndr_misc.h" + +#define MAX_PROTSEQ 10 + +static const struct { + const char *name; + enum dcerpc_transport_t transport; + int num_protocols; + enum epm_protocol protseq[MAX_PROTSEQ]; +} transports[] = { + { "ncacn_np", NCACN_NP, 3, + { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_SMB, EPM_PROTOCOL_NETBIOS }}, + { "ncacn_ip_tcp", NCACN_IP_TCP, 3, + { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_TCP, EPM_PROTOCOL_IP } }, + { "ncacn_http", NCACN_HTTP, 3, + { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_HTTP, EPM_PROTOCOL_IP } }, + { "ncadg_ip_udp", NCACN_IP_UDP, 3, + { EPM_PROTOCOL_NCADG, EPM_PROTOCOL_UDP, EPM_PROTOCOL_IP } }, + { "ncalrpc", NCALRPC, 2, + { EPM_PROTOCOL_NCALRPC, EPM_PROTOCOL_PIPE } }, + { "ncacn_unix_stream", NCACN_UNIX_STREAM, 2, + { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_UNIX_DS } }, + { "ncadg_unix_dgram", NCADG_UNIX_DGRAM, 2, + { EPM_PROTOCOL_NCADG, EPM_PROTOCOL_UNIX_DS } }, + { "ncacn_at_dsp", NCACN_AT_DSP, 3, + { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_APPLETALK, EPM_PROTOCOL_DSP } }, + { "ncadg_at_ddp", NCADG_AT_DDP, 3, + { EPM_PROTOCOL_NCADG, EPM_PROTOCOL_APPLETALK, EPM_PROTOCOL_DDP } }, + { "ncacn_vns_ssp", NCACN_VNS_SPP, 3, + { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_STREETTALK, EPM_PROTOCOL_VINES_SPP } }, + { "ncacn_vns_ipc", NCACN_VNS_IPC, 3, + { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_STREETTALK, EPM_PROTOCOL_VINES_IPC }, }, + { "ncadg_ipx", NCADG_IPX, 2, + { EPM_PROTOCOL_NCADG, EPM_PROTOCOL_IPX }, + }, + { "ncacn_spx", NCACN_SPX, 3, + /* I guess some MS programmer confused the identifier for + * EPM_PROTOCOL_UUID (0x0D or 13) with the one for + * EPM_PROTOCOL_SPX (0x13) here. -- jelmer*/ + { EPM_PROTOCOL_NCACN, EPM_PROTOCOL_NCALRPC, EPM_PROTOCOL_UUID }, + }, +}; + +static const struct { + const char *name; + uint32_t flag; +} ncacn_options[] = { + {"sign", DCERPC_SIGN}, + {"seal", DCERPC_SEAL}, + {"connect", DCERPC_CONNECT}, + {"spnego", DCERPC_AUTH_SPNEGO}, + {"ntlm", DCERPC_AUTH_NTLM}, + {"krb5", DCERPC_AUTH_KRB5}, + {"validate", DCERPC_DEBUG_VALIDATE_BOTH}, + {"print", DCERPC_DEBUG_PRINT_BOTH}, + {"padcheck", DCERPC_DEBUG_PAD_CHECK}, + {"bigendian", DCERPC_PUSH_BIGENDIAN}, + {"smb2", DCERPC_SMB2}, + {"hdrsign", DCERPC_HEADER_SIGNING} +}; + +const char *epm_floor_string(TALLOC_CTX *mem_ctx, struct epm_floor *epm_floor) +{ + struct ndr_syntax_id syntax; + NTSTATUS status; + + switch(epm_floor->lhs.protocol) { + case EPM_PROTOCOL_UUID: + status = dcerpc_floor_get_lhs_data(epm_floor, &syntax); + if (NT_STATUS_IS_OK(status)) { + /* lhs is used: UUID */ + char *uuidstr; + + if (GUID_equal(&syntax.uuid, &ndr_transfer_syntax.uuid)) { + return "NDR"; + } + + if (GUID_equal(&syntax.uuid, &ndr64_transfer_syntax.uuid)) { + return "NDR64"; + } + + uuidstr = GUID_string(mem_ctx, &syntax.uuid); + + return talloc_asprintf(mem_ctx, " uuid %s/0x%02x", uuidstr, syntax.if_version); + } else { /* IPX */ + return talloc_asprintf(mem_ctx, "IPX:%s", + data_blob_hex_string(mem_ctx, &epm_floor->rhs.uuid.unknown)); + } + + case EPM_PROTOCOL_NCACN: + return "RPC-C"; + + case EPM_PROTOCOL_NCADG: + return "RPC"; + + case EPM_PROTOCOL_NCALRPC: + return "NCALRPC"; + + case EPM_PROTOCOL_DNET_NSP: + return "DNET/NSP"; + + case EPM_PROTOCOL_IP: + return talloc_asprintf(mem_ctx, "IP:%s", epm_floor->rhs.ip.ipaddr); + + case EPM_PROTOCOL_PIPE: + return talloc_asprintf(mem_ctx, "PIPE:%s", epm_floor->rhs.pipe.path); + + case EPM_PROTOCOL_SMB: + return talloc_asprintf(mem_ctx, "SMB:%s", epm_floor->rhs.smb.unc); + + case EPM_PROTOCOL_UNIX_DS: + return talloc_asprintf(mem_ctx, "Unix:%s", epm_floor->rhs.unix_ds.path); + + case EPM_PROTOCOL_NETBIOS: + return talloc_asprintf(mem_ctx, "NetBIOS:%s", epm_floor->rhs.netbios.name); + + case EPM_PROTOCOL_NETBEUI: + return "NETBeui"; + + case EPM_PROTOCOL_SPX: + return "SPX"; + + case EPM_PROTOCOL_NB_IPX: + return "NB_IPX"; + + case EPM_PROTOCOL_HTTP: + return talloc_asprintf(mem_ctx, "HTTP:%d", epm_floor->rhs.http.port); + + case EPM_PROTOCOL_TCP: + return talloc_asprintf(mem_ctx, "TCP:%d", epm_floor->rhs.tcp.port); + + case EPM_PROTOCOL_UDP: + return talloc_asprintf(mem_ctx, "UDP:%d", epm_floor->rhs.udp.port); + + default: + return talloc_asprintf(mem_ctx, "UNK(%02x):", epm_floor->lhs.protocol); + } +} + + +/* + form a binding string from a binding structure +*/ +_PUBLIC_ char *dcerpc_binding_string(TALLOC_CTX *mem_ctx, const struct dcerpc_binding *b) +{ + char *s = talloc_strdup(mem_ctx, ""); + int i; + const char *t_name = NULL; + + if (b->transport != NCA_UNKNOWN) { + for (i=0;i<ARRAY_SIZE(transports);i++) { + if (transports[i].transport == b->transport) { + t_name = transports[i].name; + } + } + if (!t_name) { + return NULL; + } + } + + if (!GUID_all_zero(&b->object.uuid)) { + s = talloc_asprintf(s, "%s@", + GUID_string(mem_ctx, &b->object.uuid)); + } + + if (t_name != NULL) { + s = talloc_asprintf_append_buffer(s, "%s:", t_name); + if (s == NULL) { + return NULL; + } + } + + if (b->host) { + s = talloc_asprintf_append_buffer(s, "%s", b->host); + } + + if (!b->endpoint && !b->options && !b->flags) { + return s; + } + + s = talloc_asprintf_append_buffer(s, "["); + + if (b->endpoint) { + s = talloc_asprintf_append_buffer(s, "%s", b->endpoint); + } + + /* this is a *really* inefficent way of dealing with strings, + but this is rarely called and the strings are always short, + so I don't care */ + for (i=0;b->options && b->options[i];i++) { + s = talloc_asprintf_append_buffer(s, ",%s", b->options[i]); + if (!s) return NULL; + } + + for (i=0;i<ARRAY_SIZE(ncacn_options);i++) { + if (b->flags & ncacn_options[i].flag) { + s = talloc_asprintf_append_buffer(s, ",%s", ncacn_options[i].name); + if (!s) return NULL; + } + } + + s = talloc_asprintf_append_buffer(s, "]"); + + return s; +} + +/* + parse a binding string into a dcerpc_binding structure +*/ +_PUBLIC_ NTSTATUS dcerpc_parse_binding(TALLOC_CTX *mem_ctx, const char *s, struct dcerpc_binding **b_out) +{ + struct dcerpc_binding *b; + char *options; + char *p; + int i, j, comma_count; + + b = talloc(mem_ctx, struct dcerpc_binding); + if (!b) { + return NT_STATUS_NO_MEMORY; + } + + p = strchr(s, '@'); + + if (p && PTR_DIFF(p, s) == 36) { /* 36 is the length of a UUID */ + NTSTATUS status; + + status = GUID_from_string(s, &b->object.uuid); + + if (NT_STATUS_IS_ERR(status)) { + DEBUG(0, ("Failed parsing UUID\n")); + return status; + } + + s = p + 1; + } else { + ZERO_STRUCT(b->object); + } + + b->object.if_version = 0; + + p = strchr(s, ':'); + + if (p == NULL) { + b->transport = NCA_UNKNOWN; + } else { + char *type = talloc_strndup(mem_ctx, s, PTR_DIFF(p, s)); + if (!type) { + return NT_STATUS_NO_MEMORY; + } + + for (i=0;i<ARRAY_SIZE(transports);i++) { + if (strcasecmp(type, transports[i].name) == 0) { + b->transport = transports[i].transport; + break; + } + } + + if (i==ARRAY_SIZE(transports)) { + DEBUG(0,("Unknown dcerpc transport '%s'\n", type)); + return NT_STATUS_INVALID_PARAMETER; + } + + talloc_free(type); + + s = p+1; + } + + p = strchr(s, '['); + if (p) { + b->host = talloc_strndup(b, s, PTR_DIFF(p, s)); + options = talloc_strdup(mem_ctx, p+1); + if (options[strlen(options)-1] != ']') { + return NT_STATUS_INVALID_PARAMETER; + } + options[strlen(options)-1] = 0; + } else { + b->host = talloc_strdup(b, s); + options = NULL; + } + if (!b->host) { + return NT_STATUS_NO_MEMORY; + } + + b->target_hostname = b->host; + + b->options = NULL; + b->flags = 0; + b->assoc_group_id = 0; + b->endpoint = NULL; + + if (!options) { + *b_out = b; + return NT_STATUS_OK; + } + + comma_count = count_chars(options, ','); + + b->options = talloc_array(b, const char *, comma_count+2); + if (!b->options) { + return NT_STATUS_NO_MEMORY; + } + + for (i=0; (p = strchr(options, ',')); i++) { + b->options[i] = talloc_strndup(b, options, PTR_DIFF(p, options)); + if (!b->options[i]) { + return NT_STATUS_NO_MEMORY; + } + options = p+1; + } + b->options[i] = options; + b->options[i+1] = NULL; + + /* some options are pre-parsed for convenience */ + for (i=0;b->options[i];i++) { + for (j=0;j<ARRAY_SIZE(ncacn_options);j++) { + if (strcasecmp(ncacn_options[j].name, b->options[i]) == 0) { + int k; + b->flags |= ncacn_options[j].flag; + for (k=i;b->options[k];k++) { + b->options[k] = b->options[k+1]; + } + i--; + break; + } + } + } + + if (b->options[0]) { + /* Endpoint is first option */ + b->endpoint = b->options[0]; + if (strlen(b->endpoint) == 0) b->endpoint = NULL; + + for (i=0;b->options[i];i++) { + b->options[i] = b->options[i+1]; + } + } + + if (b->options[0] == NULL) + b->options = NULL; + + *b_out = b; + return NT_STATUS_OK; +} + +_PUBLIC_ NTSTATUS dcerpc_floor_get_lhs_data(struct epm_floor *epm_floor, struct ndr_syntax_id *syntax) +{ + TALLOC_CTX *mem_ctx = talloc_init("floor_get_lhs_data"); + struct ndr_pull *ndr = ndr_pull_init_blob(&epm_floor->lhs.lhs_data, mem_ctx, NULL); + enum ndr_err_code ndr_err; + uint16_t if_version=0; + + ndr->flags |= LIBNDR_FLAG_NOALIGN; + + ndr_err = ndr_pull_GUID(ndr, NDR_SCALARS | NDR_BUFFERS, &syntax->uuid); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + talloc_free(mem_ctx); + return ndr_map_error2ntstatus(ndr_err); + } + + ndr_err = ndr_pull_uint16(ndr, NDR_SCALARS, &if_version); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + talloc_free(mem_ctx); + return ndr_map_error2ntstatus(ndr_err); + } + + syntax->if_version = if_version; + + talloc_free(mem_ctx); + + return NT_STATUS_OK; +} + +static DATA_BLOB dcerpc_floor_pack_lhs_data(TALLOC_CTX *mem_ctx, const struct ndr_syntax_id *syntax) +{ + struct ndr_push *ndr = ndr_push_init_ctx(mem_ctx, NULL); + + ndr->flags |= LIBNDR_FLAG_NOALIGN; + + ndr_push_GUID(ndr, NDR_SCALARS | NDR_BUFFERS, &syntax->uuid); + ndr_push_uint16(ndr, NDR_SCALARS, syntax->if_version); + + return ndr_push_blob(ndr); +} + +const char *dcerpc_floor_get_rhs_data(TALLOC_CTX *mem_ctx, struct epm_floor *epm_floor) +{ + switch (epm_floor->lhs.protocol) { + case EPM_PROTOCOL_TCP: + if (epm_floor->rhs.tcp.port == 0) return NULL; + return talloc_asprintf(mem_ctx, "%d", epm_floor->rhs.tcp.port); + + case EPM_PROTOCOL_UDP: + if (epm_floor->rhs.udp.port == 0) return NULL; + return talloc_asprintf(mem_ctx, "%d", epm_floor->rhs.udp.port); + + case EPM_PROTOCOL_HTTP: + if (epm_floor->rhs.http.port == 0) return NULL; + return talloc_asprintf(mem_ctx, "%d", epm_floor->rhs.http.port); + + case EPM_PROTOCOL_IP: + return talloc_strdup(mem_ctx, epm_floor->rhs.ip.ipaddr); + + case EPM_PROTOCOL_NCACN: + return NULL; + + case EPM_PROTOCOL_NCADG: + return NULL; + + case EPM_PROTOCOL_SMB: + if (strlen(epm_floor->rhs.smb.unc) == 0) return NULL; + return talloc_strdup(mem_ctx, epm_floor->rhs.smb.unc); + + case EPM_PROTOCOL_PIPE: + if (strlen(epm_floor->rhs.pipe.path) == 0) return NULL; + return talloc_strdup(mem_ctx, epm_floor->rhs.pipe.path); + + case EPM_PROTOCOL_NETBIOS: + if (strlen(epm_floor->rhs.netbios.name) == 0) return NULL; + return talloc_strdup(mem_ctx, epm_floor->rhs.netbios.name); + + case EPM_PROTOCOL_NCALRPC: + return NULL; + + case EPM_PROTOCOL_VINES_SPP: + return talloc_asprintf(mem_ctx, "%d", epm_floor->rhs.vines_spp.port); + + case EPM_PROTOCOL_VINES_IPC: + return talloc_asprintf(mem_ctx, "%d", epm_floor->rhs.vines_ipc.port); + + case EPM_PROTOCOL_STREETTALK: + return talloc_strdup(mem_ctx, epm_floor->rhs.streettalk.streettalk); + + case EPM_PROTOCOL_UNIX_DS: + if (strlen(epm_floor->rhs.unix_ds.path) == 0) return NULL; + return talloc_strdup(mem_ctx, epm_floor->rhs.unix_ds.path); + + case EPM_PROTOCOL_NULL: + return NULL; + + default: + DEBUG(0,("Unsupported lhs protocol %d\n", epm_floor->lhs.protocol)); + break; + } + + return NULL; +} + +static NTSTATUS dcerpc_floor_set_rhs_data(TALLOC_CTX *mem_ctx, + struct epm_floor *epm_floor, + const char *data) +{ + switch (epm_floor->lhs.protocol) { + case EPM_PROTOCOL_TCP: + epm_floor->rhs.tcp.port = atoi(data); + return NT_STATUS_OK; + + case EPM_PROTOCOL_UDP: + epm_floor->rhs.udp.port = atoi(data); + return NT_STATUS_OK; + + case EPM_PROTOCOL_HTTP: + epm_floor->rhs.http.port = atoi(data); + return NT_STATUS_OK; + + case EPM_PROTOCOL_IP: + epm_floor->rhs.ip.ipaddr = talloc_strdup(mem_ctx, data); + NT_STATUS_HAVE_NO_MEMORY(epm_floor->rhs.ip.ipaddr); + return NT_STATUS_OK; + + case EPM_PROTOCOL_NCACN: + epm_floor->rhs.ncacn.minor_version = 0; + return NT_STATUS_OK; + + case EPM_PROTOCOL_NCADG: + epm_floor->rhs.ncadg.minor_version = 0; + return NT_STATUS_OK; + + case EPM_PROTOCOL_SMB: + epm_floor->rhs.smb.unc = talloc_strdup(mem_ctx, data); + NT_STATUS_HAVE_NO_MEMORY(epm_floor->rhs.smb.unc); + return NT_STATUS_OK; + + case EPM_PROTOCOL_PIPE: + epm_floor->rhs.pipe.path = talloc_strdup(mem_ctx, data); + NT_STATUS_HAVE_NO_MEMORY(epm_floor->rhs.pipe.path); + return NT_STATUS_OK; + + case EPM_PROTOCOL_NETBIOS: + epm_floor->rhs.netbios.name = talloc_strdup(mem_ctx, data); + NT_STATUS_HAVE_NO_MEMORY(epm_floor->rhs.netbios.name); + return NT_STATUS_OK; + + case EPM_PROTOCOL_NCALRPC: + return NT_STATUS_OK; + + case EPM_PROTOCOL_VINES_SPP: + epm_floor->rhs.vines_spp.port = atoi(data); + return NT_STATUS_OK; + + case EPM_PROTOCOL_VINES_IPC: + epm_floor->rhs.vines_ipc.port = atoi(data); + return NT_STATUS_OK; + + case EPM_PROTOCOL_STREETTALK: + epm_floor->rhs.streettalk.streettalk = talloc_strdup(mem_ctx, data); + NT_STATUS_HAVE_NO_MEMORY(epm_floor->rhs.streettalk.streettalk); + return NT_STATUS_OK; + + case EPM_PROTOCOL_UNIX_DS: + epm_floor->rhs.unix_ds.path = talloc_strdup(mem_ctx, data); + NT_STATUS_HAVE_NO_MEMORY(epm_floor->rhs.unix_ds.path); + return NT_STATUS_OK; + + case EPM_PROTOCOL_NULL: + return NT_STATUS_OK; + + default: + DEBUG(0,("Unsupported lhs protocol %d\n", epm_floor->lhs.protocol)); + break; + } + + return NT_STATUS_NOT_SUPPORTED; +} + +enum dcerpc_transport_t dcerpc_transport_by_endpoint_protocol(int prot) +{ + int i; + + /* Find a transport that has 'prot' as 4th protocol */ + for (i=0;i<ARRAY_SIZE(transports);i++) { + if (transports[i].num_protocols >= 2 && + transports[i].protseq[1] == prot) { + return transports[i].transport; + } + } + + /* Unknown transport */ + return (unsigned int)-1; +} + +_PUBLIC_ enum dcerpc_transport_t dcerpc_transport_by_tower(struct epm_tower *tower) +{ + int i; + + /* Find a transport that matches this tower */ + for (i=0;i<ARRAY_SIZE(transports);i++) { + int j; + if (transports[i].num_protocols != tower->num_floors - 2) { + continue; + } + + for (j = 0; j < transports[i].num_protocols; j++) { + if (transports[i].protseq[j] != tower->floors[j+2].lhs.protocol) { + break; + } + } + + if (j == transports[i].num_protocols) { + return transports[i].transport; + } + } + + /* Unknown transport */ + return (unsigned int)-1; +} + +_PUBLIC_ NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, + struct epm_tower *tower, + struct dcerpc_binding **b_out) +{ + NTSTATUS status; + struct dcerpc_binding *binding; + + binding = talloc(mem_ctx, struct dcerpc_binding); + NT_STATUS_HAVE_NO_MEMORY(binding); + + ZERO_STRUCT(binding->object); + binding->options = NULL; + binding->host = NULL; + binding->target_hostname = NULL; + binding->flags = 0; + binding->assoc_group_id = 0; + + binding->transport = dcerpc_transport_by_tower(tower); + + if (binding->transport == (unsigned int)-1) { + return NT_STATUS_NOT_SUPPORTED; + } + + if (tower->num_floors < 1) { + return NT_STATUS_OK; + } + + /* Set object uuid */ + status = dcerpc_floor_get_lhs_data(&tower->floors[0], &binding->object); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Error pulling object uuid and version: %s", nt_errstr(status))); + return status; + } + + /* Ignore floor 1, it contains the NDR version info */ + + binding->options = NULL; + + /* Set endpoint */ + if (tower->num_floors >= 4) { + binding->endpoint = dcerpc_floor_get_rhs_data(mem_ctx, &tower->floors[3]); + } else { + binding->endpoint = NULL; + } + + /* Set network address */ + if (tower->num_floors >= 5) { + binding->host = dcerpc_floor_get_rhs_data(mem_ctx, &tower->floors[4]); + NT_STATUS_HAVE_NO_MEMORY(binding->host); + binding->target_hostname = binding->host; + } + *b_out = binding; + return NT_STATUS_OK; +} + +_PUBLIC_ NTSTATUS dcerpc_binding_build_tower(TALLOC_CTX *mem_ctx, struct dcerpc_binding *binding, struct epm_tower *tower) +{ + const enum epm_protocol *protseq = NULL; + int num_protocols = -1, i; + NTSTATUS status; + + /* Find transport */ + for (i=0;i<ARRAY_SIZE(transports);i++) { + if (transports[i].transport == binding->transport) { + protseq = transports[i].protseq; + num_protocols = transports[i].num_protocols; + break; + } + } + + if (num_protocols == -1) { + DEBUG(0, ("Unable to find transport with id '%d'\n", binding->transport)); + return NT_STATUS_UNSUCCESSFUL; + } + + tower->num_floors = 2 + num_protocols; + tower->floors = talloc_array(mem_ctx, struct epm_floor, tower->num_floors); + + /* Floor 0 */ + tower->floors[0].lhs.protocol = EPM_PROTOCOL_UUID; + + tower->floors[0].lhs.lhs_data = dcerpc_floor_pack_lhs_data(mem_ctx, &binding->object); + + tower->floors[0].rhs.uuid.unknown = data_blob_talloc_zero(mem_ctx, 2); + + /* Floor 1 */ + tower->floors[1].lhs.protocol = EPM_PROTOCOL_UUID; + + tower->floors[1].lhs.lhs_data = dcerpc_floor_pack_lhs_data(mem_ctx, + &ndr_transfer_syntax); + + tower->floors[1].rhs.uuid.unknown = data_blob_talloc_zero(mem_ctx, 2); + + /* Floor 2 to num_protocols */ + for (i = 0; i < num_protocols; i++) { + tower->floors[2 + i].lhs.protocol = protseq[i]; + tower->floors[2 + i].lhs.lhs_data = data_blob_talloc(mem_ctx, NULL, 0); + ZERO_STRUCT(tower->floors[2 + i].rhs); + dcerpc_floor_set_rhs_data(mem_ctx, &tower->floors[2 + i], ""); + } + + /* The 4th floor contains the endpoint */ + if (num_protocols >= 2 && binding->endpoint) { + status = dcerpc_floor_set_rhs_data(mem_ctx, &tower->floors[3], binding->endpoint); + if (NT_STATUS_IS_ERR(status)) { + return status; + } + } + + /* The 5th contains the network address */ + if (num_protocols >= 3 && binding->host) { + if (is_ipaddress(binding->host)) { + status = dcerpc_floor_set_rhs_data(mem_ctx, &tower->floors[4], + binding->host); + } else { + /* note that we don't attempt to resolve the + name here - when we get a hostname here we + are in the client code, and want to put in + a wildcard all-zeros IP for the server to + fill in */ + status = dcerpc_floor_set_rhs_data(mem_ctx, &tower->floors[4], + "0.0.0.0"); + } + if (NT_STATUS_IS_ERR(status)) { + return status; + } + } + + return NT_STATUS_OK; +} diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c new file mode 100644 index 0000000000..5bbcc5e91c --- /dev/null +++ b/source4/librpc/rpc/dcerpc.c @@ -0,0 +1,1695 @@ +/* + Unix SMB/CIFS implementation. + raw dcerpc operations + + Copyright (C) Tim Potter 2003 + Copyright (C) Andrew Tridgell 2003-2005 + Copyright (C) Jelmer Vernooij 2004-2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "lib/util/dlinklist.h" +#include "lib/events/events.h" +#include "librpc/rpc/dcerpc.h" +#include "librpc/rpc/dcerpc_proto.h" +#include "librpc/gen_ndr/ndr_misc.h" +#include "librpc/gen_ndr/ndr_dcerpc.h" +#include "libcli/composite/composite.h" +#include "auth/gensec/gensec.h" +#include "param/param.h" + +_PUBLIC_ NTSTATUS dcerpc_init(void) +{ + gensec_init(global_loadparm); + + return NT_STATUS_OK; +} + +static void dcerpc_connection_dead(struct dcerpc_connection *conn, NTSTATUS status); +static void dcerpc_ship_next_request(struct dcerpc_connection *c); + +/* destroy a dcerpc connection */ +static int dcerpc_connection_destructor(struct dcerpc_connection *conn) +{ + if (conn->dead) { + conn->free_skipped = true; + return -1; + } + dcerpc_connection_dead(conn, NT_STATUS_LOCAL_DISCONNECT); + return 0; +} + + +/* initialise a dcerpc connection. + the event context is optional +*/ +static struct dcerpc_connection *dcerpc_connection_init(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct smb_iconv_convenience *ic) +{ + struct dcerpc_connection *c; + + c = talloc_zero(mem_ctx, struct dcerpc_connection); + if (!c) { + return NULL; + } + + c->iconv_convenience = talloc_reference(c, ic); + + c->event_ctx = talloc_reference(c, ev); + + if (c->event_ctx == NULL) { + talloc_free(c); + return NULL; + } + + c->call_id = 1; + c->security_state.auth_info = NULL; + c->security_state.session_key = dcerpc_generic_session_key; + c->security_state.generic_state = NULL; + c->binding_string = NULL; + c->flags = 0; + c->srv_max_xmit_frag = 0; + c->srv_max_recv_frag = 0; + c->pending = NULL; + + talloc_set_destructor(c, dcerpc_connection_destructor); + + return c; +} + +/* initialise a dcerpc pipe. */ +_PUBLIC_ struct dcerpc_pipe *dcerpc_pipe_init(TALLOC_CTX *mem_ctx, struct event_context *ev, + struct smb_iconv_convenience *ic) +{ + struct dcerpc_pipe *p; + + p = talloc(mem_ctx, struct dcerpc_pipe); + if (!p) { + return NULL; + } + + p->conn = dcerpc_connection_init(p, ev, ic); + if (p->conn == NULL) { + talloc_free(p); + return NULL; + } + + p->last_fault_code = 0; + p->context_id = 0; + p->request_timeout = DCERPC_REQUEST_TIMEOUT; + p->binding = NULL; + + ZERO_STRUCT(p->syntax); + ZERO_STRUCT(p->transfer_syntax); + + return p; +} + + +/* + choose the next call id to use +*/ +static uint32_t next_call_id(struct dcerpc_connection *c) +{ + c->call_id++; + if (c->call_id == 0) { + c->call_id++; + } + return c->call_id; +} + +/* we need to be able to get/set the fragment length without doing a full + decode */ +void dcerpc_set_frag_length(DATA_BLOB *blob, uint16_t v) +{ + if (CVAL(blob->data,DCERPC_DREP_OFFSET) & DCERPC_DREP_LE) { + SSVAL(blob->data, DCERPC_FRAG_LEN_OFFSET, v); + } else { + RSSVAL(blob->data, DCERPC_FRAG_LEN_OFFSET, v); + } +} + +uint16_t dcerpc_get_frag_length(const DATA_BLOB *blob) +{ + if (CVAL(blob->data,DCERPC_DREP_OFFSET) & DCERPC_DREP_LE) { + return SVAL(blob->data, DCERPC_FRAG_LEN_OFFSET); + } else { + return RSVAL(blob->data, DCERPC_FRAG_LEN_OFFSET); + } +} + +void dcerpc_set_auth_length(DATA_BLOB *blob, uint16_t v) +{ + if (CVAL(blob->data,DCERPC_DREP_OFFSET) & DCERPC_DREP_LE) { + SSVAL(blob->data, DCERPC_AUTH_LEN_OFFSET, v); + } else { + RSSVAL(blob->data, DCERPC_AUTH_LEN_OFFSET, v); + } +} + + +/** + setup for a ndr pull, also setting up any flags from the binding string +*/ +static struct ndr_pull *ndr_pull_init_flags(struct dcerpc_connection *c, + DATA_BLOB *blob, TALLOC_CTX *mem_ctx) +{ + struct ndr_pull *ndr = ndr_pull_init_blob(blob, mem_ctx, c->iconv_convenience); + + if (ndr == NULL) return ndr; + + if (c->flags & DCERPC_DEBUG_PAD_CHECK) { + ndr->flags |= LIBNDR_FLAG_PAD_CHECK; + } + + if (c->flags & DCERPC_NDR_REF_ALLOC) { + ndr->flags |= LIBNDR_FLAG_REF_ALLOC; + } + + return ndr; +} + +/* + parse a data blob into a ncacn_packet structure. This handles both + input and output packets +*/ +static NTSTATUS ncacn_pull(struct dcerpc_connection *c, DATA_BLOB *blob, TALLOC_CTX *mem_ctx, + struct ncacn_packet *pkt) +{ + struct ndr_pull *ndr; + enum ndr_err_code ndr_err; + + ndr = ndr_pull_init_flags(c, blob, mem_ctx); + if (!ndr) { + return NT_STATUS_NO_MEMORY; + } + + if (! (CVAL(blob->data, DCERPC_DREP_OFFSET) & DCERPC_DREP_LE)) { + ndr->flags |= LIBNDR_FLAG_BIGENDIAN; + } + + ndr_err = ndr_pull_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, pkt); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return ndr_map_error2ntstatus(ndr_err); + } + + return NT_STATUS_OK; +} + +/* + parse the authentication information on a dcerpc response packet +*/ +static NTSTATUS ncacn_pull_request_auth(struct dcerpc_connection *c, TALLOC_CTX *mem_ctx, + DATA_BLOB *raw_packet, + struct ncacn_packet *pkt) +{ + struct ndr_pull *ndr; + NTSTATUS status; + struct dcerpc_auth auth; + DATA_BLOB auth_blob; + enum ndr_err_code ndr_err; + + if (!c->security_state.auth_info || + !c->security_state.generic_state) { + return NT_STATUS_OK; + } + + switch (c->security_state.auth_info->auth_level) { + case DCERPC_AUTH_LEVEL_PRIVACY: + case DCERPC_AUTH_LEVEL_INTEGRITY: + break; + + case DCERPC_AUTH_LEVEL_CONNECT: + if (pkt->auth_length != 0) { + break; + } + return NT_STATUS_OK; + case DCERPC_AUTH_LEVEL_NONE: + if (pkt->auth_length != 0) { + return NT_STATUS_INVALID_NETWORK_RESPONSE; + } + return NT_STATUS_OK; + + default: + return NT_STATUS_INVALID_LEVEL; + } + + auth_blob.length = 8 + pkt->auth_length; + + /* check for a valid length */ + if (pkt->u.response.stub_and_verifier.length < auth_blob.length) { + return NT_STATUS_INFO_LENGTH_MISMATCH; + } + + auth_blob.data = + pkt->u.response.stub_and_verifier.data + + pkt->u.response.stub_and_verifier.length - auth_blob.length; + pkt->u.response.stub_and_verifier.length -= auth_blob.length; + + /* pull the auth structure */ + ndr = ndr_pull_init_flags(c, &auth_blob, mem_ctx); + if (!ndr) { + return NT_STATUS_NO_MEMORY; + } + + if (!(pkt->drep[0] & DCERPC_DREP_LE)) { + ndr->flags |= LIBNDR_FLAG_BIGENDIAN; + } + + ndr_err = ndr_pull_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, &auth); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return ndr_map_error2ntstatus(ndr_err); + } + status = NT_STATUS_OK; + + /* check signature or unseal the packet */ + switch (c->security_state.auth_info->auth_level) { + case DCERPC_AUTH_LEVEL_PRIVACY: + status = gensec_unseal_packet(c->security_state.generic_state, + mem_ctx, + raw_packet->data + DCERPC_REQUEST_LENGTH, + pkt->u.response.stub_and_verifier.length, + raw_packet->data, + raw_packet->length - auth.credentials.length, + &auth.credentials); + memcpy(pkt->u.response.stub_and_verifier.data, + raw_packet->data + DCERPC_REQUEST_LENGTH, + pkt->u.response.stub_and_verifier.length); + break; + + case DCERPC_AUTH_LEVEL_INTEGRITY: + status = gensec_check_packet(c->security_state.generic_state, + mem_ctx, + pkt->u.response.stub_and_verifier.data, + pkt->u.response.stub_and_verifier.length, + raw_packet->data, + raw_packet->length - auth.credentials.length, + &auth.credentials); + break; + + case DCERPC_AUTH_LEVEL_CONNECT: + /* for now we ignore possible signatures here */ + status = NT_STATUS_OK; + break; + + default: + status = NT_STATUS_INVALID_LEVEL; + break; + } + + /* remove the indicated amount of paddiing */ + if (pkt->u.response.stub_and_verifier.length < auth.auth_pad_length) { + return NT_STATUS_INFO_LENGTH_MISMATCH; + } + pkt->u.response.stub_and_verifier.length -= auth.auth_pad_length; + + return status; +} + + +/* + push a dcerpc request packet into a blob, possibly signing it. +*/ +static NTSTATUS ncacn_push_request_sign(struct dcerpc_connection *c, + DATA_BLOB *blob, TALLOC_CTX *mem_ctx, + size_t sig_size, + struct ncacn_packet *pkt) +{ + NTSTATUS status; + struct ndr_push *ndr; + DATA_BLOB creds2; + size_t payload_length; + enum ndr_err_code ndr_err; + + /* non-signed packets are simpler */ + if (sig_size == 0) { + return ncacn_push_auth(blob, mem_ctx, c->iconv_convenience, pkt, NULL); + } + + switch (c->security_state.auth_info->auth_level) { + case DCERPC_AUTH_LEVEL_PRIVACY: + case DCERPC_AUTH_LEVEL_INTEGRITY: + break; + + case DCERPC_AUTH_LEVEL_CONNECT: + /* TODO: let the gensec mech decide if it wants to generate a signature */ + return ncacn_push_auth(blob, mem_ctx, c->iconv_convenience, pkt, NULL); + + case DCERPC_AUTH_LEVEL_NONE: + return ncacn_push_auth(blob, mem_ctx, c->iconv_convenience, pkt, NULL); + + default: + return NT_STATUS_INVALID_LEVEL; + } + + ndr = ndr_push_init_ctx(mem_ctx, c->iconv_convenience); + if (!ndr) { + return NT_STATUS_NO_MEMORY; + } + + if (c->flags & DCERPC_PUSH_BIGENDIAN) { + ndr->flags |= LIBNDR_FLAG_BIGENDIAN; + } + + if (pkt->pfc_flags & DCERPC_PFC_FLAG_OBJECT_UUID) { + ndr->flags |= LIBNDR_FLAG_OBJECT_PRESENT; + } + + ndr_err = ndr_push_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, pkt); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return ndr_map_error2ntstatus(ndr_err); + } + status = NT_STATUS_OK; + + /* pad to 16 byte multiple in the payload portion of the + packet. This matches what w2k3 does */ + c->security_state.auth_info->auth_pad_length = + (16 - (pkt->u.request.stub_and_verifier.length & 15)) & 15; + ndr_err = ndr_push_zero(ndr, c->security_state.auth_info->auth_pad_length); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return ndr_map_error2ntstatus(ndr_err); + } + status = NT_STATUS_OK; + + payload_length = pkt->u.request.stub_and_verifier.length + + c->security_state.auth_info->auth_pad_length; + + /* we start without signature, it will appended later */ + c->security_state.auth_info->credentials = data_blob(NULL,0); + + /* add the auth verifier */ + ndr_err = ndr_push_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, c->security_state.auth_info); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return ndr_map_error2ntstatus(ndr_err); + } + status = NT_STATUS_OK; + + /* extract the whole packet as a blob */ + *blob = ndr_push_blob(ndr); + + /* + * Setup the frag and auth length in the packet buffer. + * This is needed if the GENSEC mech does AEAD signing + * of the packet headers. The signature itself will be + * appended later. + */ + dcerpc_set_frag_length(blob, blob->length + sig_size); + dcerpc_set_auth_length(blob, sig_size); + + /* sign or seal the packet */ + switch (c->security_state.auth_info->auth_level) { + case DCERPC_AUTH_LEVEL_PRIVACY: + status = gensec_seal_packet(c->security_state.generic_state, + mem_ctx, + blob->data + DCERPC_REQUEST_LENGTH, + payload_length, + blob->data, + blob->length, + &creds2); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + break; + + case DCERPC_AUTH_LEVEL_INTEGRITY: + status = gensec_sign_packet(c->security_state.generic_state, + mem_ctx, + blob->data + DCERPC_REQUEST_LENGTH, + payload_length, + blob->data, + blob->length, + &creds2); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + break; + + default: + status = NT_STATUS_INVALID_LEVEL; + break; + } + + if (creds2.length != sig_size) { + DEBUG(0,("dcesrv_auth_response: creds2.length[%u] != sig_size[%u] pad[%u] stub[%u]\n", + creds2.length, (uint32_t)sig_size, + c->security_state.auth_info->auth_pad_length, + pkt->u.request.stub_and_verifier.length)); + return NT_STATUS_INTERNAL_ERROR; + } + + if (!data_blob_append(mem_ctx, blob, creds2.data, creds2.length)) { + return NT_STATUS_NO_MEMORY; + } + + return NT_STATUS_OK; +} + + +/* + fill in the fixed values in a dcerpc header +*/ +static void init_ncacn_hdr(struct dcerpc_connection *c, struct ncacn_packet *pkt) +{ + pkt->rpc_vers = 5; + pkt->rpc_vers_minor = 0; + if (c->flags & DCERPC_PUSH_BIGENDIAN) { + pkt->drep[0] = 0; + } else { + pkt->drep[0] = DCERPC_DREP_LE; + } + pkt->drep[1] = 0; + pkt->drep[2] = 0; + pkt->drep[3] = 0; +} + +/* + map a bind nak reason to a NTSTATUS +*/ +static NTSTATUS dcerpc_map_reason(uint16_t reason) +{ + switch (reason) { + case DCERPC_BIND_REASON_ASYNTAX: + return NT_STATUS_RPC_UNSUPPORTED_NAME_SYNTAX; + case DCERPC_BIND_REASON_INVALID_AUTH_TYPE: + return NT_STATUS_INVALID_PARAMETER; + } + return NT_STATUS_UNSUCCESSFUL; +} + +/* + a bind or alter context has failed +*/ +static void dcerpc_composite_fail(struct rpc_request *req) +{ + struct composite_context *c = talloc_get_type(req->async.private_data, + struct composite_context); + composite_error(c, req->status); +} + +/* + remove requests from the pending or queued queues + */ +static int dcerpc_req_dequeue(struct rpc_request *req) +{ + switch (req->state) { + case RPC_REQUEST_QUEUED: + DLIST_REMOVE(req->p->conn->request_queue, req); + break; + case RPC_REQUEST_PENDING: + DLIST_REMOVE(req->p->conn->pending, req); + break; + case RPC_REQUEST_DONE: + break; + } + return 0; +} + + +/* + mark the dcerpc connection dead. All outstanding requests get an error +*/ +static void dcerpc_connection_dead(struct dcerpc_connection *conn, NTSTATUS status) +{ + if (conn->dead) return; + + conn->dead = true; + + if (conn->transport.shutdown_pipe) { + conn->transport.shutdown_pipe(conn, status); + } + + /* all pending requests get the error */ + while (conn->pending) { + struct rpc_request *req = conn->pending; + dcerpc_req_dequeue(req); + req->state = RPC_REQUEST_DONE; + req->status = status; + if (req->async.callback) { + req->async.callback(req); + } + } + + talloc_set_destructor(conn, NULL); + if (conn->free_skipped) { + talloc_free(conn); + } +} + +/* + forward declarations of the recv_data handlers for the types of + packets we need to handle +*/ +static void dcerpc_request_recv_data(struct dcerpc_connection *c, + DATA_BLOB *raw_packet, struct ncacn_packet *pkt); + +/* + receive a dcerpc reply from the transport. Here we work out what + type of reply it is (normal request, bind or alter context) and + dispatch to the appropriate handler +*/ +static void dcerpc_recv_data(struct dcerpc_connection *conn, DATA_BLOB *blob, NTSTATUS status) +{ + struct ncacn_packet pkt; + + if (NT_STATUS_IS_OK(status) && blob->length == 0) { + status = NT_STATUS_UNEXPECTED_NETWORK_ERROR; + } + + /* the transport may be telling us of a severe error, such as + a dropped socket */ + if (!NT_STATUS_IS_OK(status)) { + data_blob_free(blob); + dcerpc_connection_dead(conn, status); + return; + } + + /* parse the basic packet to work out what type of response this is */ + status = ncacn_pull(conn, blob, blob->data, &pkt); + if (!NT_STATUS_IS_OK(status)) { + data_blob_free(blob); + dcerpc_connection_dead(conn, status); + } + + dcerpc_request_recv_data(conn, blob, &pkt); +} + + +/* + Receive a bind reply from the transport +*/ +static void dcerpc_bind_recv_handler(struct rpc_request *req, + DATA_BLOB *raw_packet, struct ncacn_packet *pkt) +{ + struct composite_context *c; + struct dcerpc_connection *conn; + + c = talloc_get_type(req->async.private_data, struct composite_context); + + if (pkt->ptype == DCERPC_PKT_BIND_NAK) { + DEBUG(2,("dcerpc: bind_nak reason %d\n", + pkt->u.bind_nak.reject_reason)); + composite_error(c, dcerpc_map_reason(pkt->u.bind_nak. + reject_reason)); + return; + } + + if ((pkt->ptype != DCERPC_PKT_BIND_ACK) || + (pkt->u.bind_ack.num_results == 0) || + (pkt->u.bind_ack.ctx_list[0].result != 0)) { + composite_error(c, NT_STATUS_NET_WRITE_FAULT); + return; + } + + conn = req->p->conn; + + conn->srv_max_xmit_frag = pkt->u.bind_ack.max_xmit_frag; + conn->srv_max_recv_frag = pkt->u.bind_ack.max_recv_frag; + + if ((req->p->binding->flags & DCERPC_CONCURRENT_MULTIPLEX) && + (pkt->pfc_flags & DCERPC_PFC_FLAG_CONC_MPX)) { + conn->flags |= DCERPC_CONCURRENT_MULTIPLEX; + } + + if ((req->p->binding->flags & DCERPC_HEADER_SIGNING) && + (pkt->pfc_flags & DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN)) { + conn->flags |= DCERPC_HEADER_SIGNING; + } + + /* the bind_ack might contain a reply set of credentials */ + if (conn->security_state.auth_info && + pkt->u.bind_ack.auth_info.length) { + enum ndr_err_code ndr_err; + ndr_err = ndr_pull_struct_blob( + &pkt->u.bind_ack.auth_info, conn, + NULL, + conn->security_state.auth_info, + (ndr_pull_flags_fn_t)ndr_pull_dcerpc_auth); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + c->status = ndr_map_error2ntstatus(ndr_err); + if (!composite_is_ok(c)) return; + } + } + + req->p->assoc_group_id = pkt->u.bind_ack.assoc_group_id; + + composite_done(c); +} + +/* + handle timeouts of individual dcerpc requests +*/ +static void dcerpc_timeout_handler(struct event_context *ev, struct timed_event *te, + struct timeval t, void *private) +{ + struct rpc_request *req = talloc_get_type(private, struct rpc_request); + + if (req->ignore_timeout) { + dcerpc_req_dequeue(req); + req->state = RPC_REQUEST_DONE; + req->status = NT_STATUS_IO_TIMEOUT; + if (req->async.callback) { + req->async.callback(req); + } + return; + } + + dcerpc_connection_dead(req->p->conn, NT_STATUS_IO_TIMEOUT); +} + +/* + send a async dcerpc bind request +*/ +struct composite_context *dcerpc_bind_send(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + const struct ndr_syntax_id *syntax, + const struct ndr_syntax_id *transfer_syntax) +{ + struct composite_context *c; + struct ncacn_packet pkt; + DATA_BLOB blob; + struct rpc_request *req; + + c = composite_create(mem_ctx,p->conn->event_ctx); + if (c == NULL) return NULL; + + c->private_data = p; + + p->syntax = *syntax; + p->transfer_syntax = *transfer_syntax; + + init_ncacn_hdr(p->conn, &pkt); + + pkt.ptype = DCERPC_PKT_BIND; + pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST; + pkt.call_id = p->conn->call_id; + pkt.auth_length = 0; + + if (p->binding->flags & DCERPC_CONCURRENT_MULTIPLEX) { + pkt.pfc_flags |= DCERPC_PFC_FLAG_CONC_MPX; + } + + if (p->binding->flags & DCERPC_HEADER_SIGNING) { + pkt.pfc_flags |= DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN; + } + + pkt.u.bind.max_xmit_frag = 5840; + pkt.u.bind.max_recv_frag = 5840; + pkt.u.bind.assoc_group_id = p->binding->assoc_group_id; + pkt.u.bind.num_contexts = 1; + pkt.u.bind.ctx_list = talloc_array(mem_ctx, struct dcerpc_ctx_list, 1); + if (composite_nomem(pkt.u.bind.ctx_list, c)) return c; + pkt.u.bind.ctx_list[0].context_id = p->context_id; + pkt.u.bind.ctx_list[0].num_transfer_syntaxes = 1; + pkt.u.bind.ctx_list[0].abstract_syntax = p->syntax; + pkt.u.bind.ctx_list[0].transfer_syntaxes = &p->transfer_syntax; + pkt.u.bind.auth_info = data_blob(NULL, 0); + + /* construct the NDR form of the packet */ + c->status = ncacn_push_auth(&blob, c, p->conn->iconv_convenience, &pkt, + p->conn->security_state.auth_info); + if (!composite_is_ok(c)) return c; + + p->conn->transport.recv_data = dcerpc_recv_data; + + /* + * we allocate a dcerpc_request so we can be in the same + * request queue as normal requests + */ + req = talloc_zero(c, struct rpc_request); + if (composite_nomem(req, c)) return c; + + req->state = RPC_REQUEST_PENDING; + req->call_id = pkt.call_id; + req->async.private_data = c; + req->async.callback = dcerpc_composite_fail; + req->p = p; + req->recv_handler = dcerpc_bind_recv_handler; + DLIST_ADD_END(p->conn->pending, req, struct rpc_request *); + talloc_set_destructor(req, dcerpc_req_dequeue); + + c->status = p->conn->transport.send_request(p->conn, &blob, + true); + if (!composite_is_ok(c)) return c; + + event_add_timed(c->event_ctx, req, + timeval_current_ofs(DCERPC_REQUEST_TIMEOUT, 0), + dcerpc_timeout_handler, req); + + return c; +} + +/* + recv side of async dcerpc bind request +*/ +NTSTATUS dcerpc_bind_recv(struct composite_context *ctx) +{ + NTSTATUS result = composite_wait(ctx); + talloc_free(ctx); + return result; +} + +/* + perform a continued bind (and auth3) +*/ +NTSTATUS dcerpc_auth3(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx) +{ + struct ncacn_packet pkt; + NTSTATUS status; + DATA_BLOB blob; + + init_ncacn_hdr(p->conn, &pkt); + + pkt.ptype = DCERPC_PKT_AUTH3; + pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST; + pkt.call_id = next_call_id(p->conn); + pkt.auth_length = 0; + pkt.u.auth3._pad = 0; + pkt.u.auth3.auth_info = data_blob(NULL, 0); + + if (p->binding->flags & DCERPC_CONCURRENT_MULTIPLEX) { + pkt.pfc_flags |= DCERPC_PFC_FLAG_CONC_MPX; + } + + if (p->binding->flags & DCERPC_HEADER_SIGNING) { + pkt.pfc_flags |= DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN; + } + + /* construct the NDR form of the packet */ + status = ncacn_push_auth(&blob, mem_ctx, + p->conn->iconv_convenience, + &pkt, + p->conn->security_state.auth_info); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + /* send it on its way */ + status = p->conn->transport.send_request(p->conn, &blob, false); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return NT_STATUS_OK; +} + + +/* + process a fragment received from the transport layer during a + request + + This function frees the data +*/ +static void dcerpc_request_recv_data(struct dcerpc_connection *c, + DATA_BLOB *raw_packet, struct ncacn_packet *pkt) +{ + struct rpc_request *req; + uint_t length; + NTSTATUS status = NT_STATUS_OK; + + /* + if this is an authenticated connection then parse and check + the auth info. We have to do this before finding the + matching packet, as the request structure might have been + removed due to a timeout, but if it has been we still need + to run the auth routines so that we don't get the sign/seal + info out of step with the server + */ + if (c->security_state.auth_info && c->security_state.generic_state && + pkt->ptype == DCERPC_PKT_RESPONSE) { + status = ncacn_pull_request_auth(c, raw_packet->data, raw_packet, pkt); + } + + /* find the matching request */ + for (req=c->pending;req;req=req->next) { + if (pkt->call_id == req->call_id) break; + } + +#if 0 + /* useful for testing certain vendors RPC servers */ + if (req == NULL && c->pending && pkt->call_id == 0) { + DEBUG(0,("HACK FOR INCORRECT CALL ID\n")); + req = c->pending; + } +#endif + + if (req == NULL) { + DEBUG(2,("dcerpc_request: unmatched call_id %u in response packet\n", pkt->call_id)); + data_blob_free(raw_packet); + return; + } + + talloc_steal(req, raw_packet->data); + + if (req->recv_handler != NULL) { + dcerpc_req_dequeue(req); + req->state = RPC_REQUEST_DONE; + req->recv_handler(req, raw_packet, pkt); + return; + } + + if (pkt->ptype == DCERPC_PKT_FAULT) { + DEBUG(5,("rpc fault: %s\n", dcerpc_errstr(c, pkt->u.fault.status))); + req->fault_code = pkt->u.fault.status; + req->status = NT_STATUS_NET_WRITE_FAULT; + goto req_done; + } + + if (pkt->ptype != DCERPC_PKT_RESPONSE) { + DEBUG(2,("Unexpected packet type %d in dcerpc response\n", + (int)pkt->ptype)); + req->fault_code = DCERPC_FAULT_OTHER; + req->status = NT_STATUS_NET_WRITE_FAULT; + goto req_done; + } + + /* now check the status from the auth routines, and if it failed then fail + this request accordingly */ + if (!NT_STATUS_IS_OK(status)) { + req->status = status; + goto req_done; + } + + length = pkt->u.response.stub_and_verifier.length; + + if (length > 0) { + req->payload.data = talloc_realloc(req, + req->payload.data, + uint8_t, + req->payload.length + length); + if (!req->payload.data) { + req->status = NT_STATUS_NO_MEMORY; + goto req_done; + } + memcpy(req->payload.data+req->payload.length, + pkt->u.response.stub_and_verifier.data, length); + req->payload.length += length; + } + + if (!(pkt->pfc_flags & DCERPC_PFC_FLAG_LAST)) { + c->transport.send_read(c); + return; + } + + if (!(pkt->drep[0] & DCERPC_DREP_LE)) { + req->flags |= DCERPC_PULL_BIGENDIAN; + } else { + req->flags &= ~DCERPC_PULL_BIGENDIAN; + } + + +req_done: + /* we've got the full payload */ + req->state = RPC_REQUEST_DONE; + DLIST_REMOVE(c->pending, req); + + if (c->request_queue != NULL) { + /* We have to look at shipping further requests before calling + * the async function, that one might close the pipe */ + dcerpc_ship_next_request(c); + } + + if (req->async.callback) { + req->async.callback(req); + } +} + +/* + perform the send side of a async dcerpc request +*/ +static struct rpc_request *dcerpc_request_send(struct dcerpc_pipe *p, + const struct GUID *object, + uint16_t opnum, + bool async, + DATA_BLOB *stub_data) +{ + struct rpc_request *req; + + p->conn->transport.recv_data = dcerpc_recv_data; + + req = talloc(p, struct rpc_request); + if (req == NULL) { + return NULL; + } + + req->p = p; + req->call_id = next_call_id(p->conn); + req->status = NT_STATUS_OK; + req->state = RPC_REQUEST_QUEUED; + req->payload = data_blob(NULL, 0); + req->flags = 0; + req->fault_code = 0; + req->async_call = async; + req->ignore_timeout = false; + req->async.callback = NULL; + req->async.private_data = NULL; + req->recv_handler = NULL; + + if (object != NULL) { + req->object = (struct GUID *)talloc_memdup(req, (const void *)object, sizeof(*object)); + if (req->object == NULL) { + talloc_free(req); + return NULL; + } + } else { + req->object = NULL; + } + + req->opnum = opnum; + req->request_data.length = stub_data->length; + req->request_data.data = talloc_reference(req, stub_data->data); + if (req->request_data.length && req->request_data.data == NULL) { + return NULL; + } + + DLIST_ADD_END(p->conn->request_queue, req, struct rpc_request *); + talloc_set_destructor(req, dcerpc_req_dequeue); + + dcerpc_ship_next_request(p->conn); + + if (p->request_timeout) { + event_add_timed(dcerpc_event_context(p), req, + timeval_current_ofs(p->request_timeout, 0), + dcerpc_timeout_handler, req); + } + + return req; +} + +/* + Send a request using the transport +*/ + +static void dcerpc_ship_next_request(struct dcerpc_connection *c) +{ + struct rpc_request *req; + struct dcerpc_pipe *p; + DATA_BLOB *stub_data; + struct ncacn_packet pkt; + DATA_BLOB blob; + uint32_t remaining, chunk_size; + bool first_packet = true; + size_t sig_size = 0; + + req = c->request_queue; + if (req == NULL) { + return; + } + + p = req->p; + stub_data = &req->request_data; + + if (!req->async_call && (c->pending != NULL)) { + return; + } + + DLIST_REMOVE(c->request_queue, req); + DLIST_ADD(c->pending, req); + req->state = RPC_REQUEST_PENDING; + + init_ncacn_hdr(p->conn, &pkt); + + remaining = stub_data->length; + + /* we can write a full max_recv_frag size, minus the dcerpc + request header size */ + chunk_size = p->conn->srv_max_recv_frag; + chunk_size -= DCERPC_REQUEST_LENGTH; + if (c->security_state.auth_info && + c->security_state.generic_state) { + sig_size = gensec_sig_size(c->security_state.generic_state, + p->conn->srv_max_recv_frag); + if (sig_size) { + chunk_size -= DCERPC_AUTH_TRAILER_LENGTH; + chunk_size -= sig_size; + } + } + chunk_size -= (chunk_size % 16); + + pkt.ptype = DCERPC_PKT_REQUEST; + pkt.call_id = req->call_id; + pkt.auth_length = 0; + pkt.pfc_flags = 0; + pkt.u.request.alloc_hint = remaining; + pkt.u.request.context_id = p->context_id; + pkt.u.request.opnum = req->opnum; + + if (req->object) { + pkt.u.request.object.object = *req->object; + pkt.pfc_flags |= DCERPC_PFC_FLAG_OBJECT_UUID; + chunk_size -= ndr_size_GUID(req->object,0); + } + + /* we send a series of pdus without waiting for a reply */ + while (remaining > 0 || first_packet) { + uint32_t chunk = MIN(chunk_size, remaining); + bool last_frag = false; + + first_packet = false; + pkt.pfc_flags &= ~(DCERPC_PFC_FLAG_FIRST |DCERPC_PFC_FLAG_LAST); + + if (remaining == stub_data->length) { + pkt.pfc_flags |= DCERPC_PFC_FLAG_FIRST; + } + if (chunk == remaining) { + pkt.pfc_flags |= DCERPC_PFC_FLAG_LAST; + last_frag = true; + } + + pkt.u.request.stub_and_verifier.data = stub_data->data + + (stub_data->length - remaining); + pkt.u.request.stub_and_verifier.length = chunk; + + req->status = ncacn_push_request_sign(p->conn, &blob, req, sig_size, &pkt); + if (!NT_STATUS_IS_OK(req->status)) { + req->state = RPC_REQUEST_DONE; + DLIST_REMOVE(p->conn->pending, req); + return; + } + + req->status = p->conn->transport.send_request(p->conn, &blob, last_frag); + if (!NT_STATUS_IS_OK(req->status)) { + req->state = RPC_REQUEST_DONE; + DLIST_REMOVE(p->conn->pending, req); + return; + } + + remaining -= chunk; + } +} + +/* + return the event context for a dcerpc pipe + used by callers who wish to operate asynchronously +*/ +_PUBLIC_ struct event_context *dcerpc_event_context(struct dcerpc_pipe *p) +{ + return p->conn->event_ctx; +} + + + +/* + perform the receive side of a async dcerpc request +*/ +NTSTATUS dcerpc_request_recv(struct rpc_request *req, + TALLOC_CTX *mem_ctx, + DATA_BLOB *stub_data) +{ + NTSTATUS status; + + while (req->state != RPC_REQUEST_DONE) { + struct event_context *ctx = dcerpc_event_context(req->p); + if (event_loop_once(ctx) != 0) { + return NT_STATUS_CONNECTION_DISCONNECTED; + } + } + *stub_data = req->payload; + status = req->status; + if (stub_data->data) { + stub_data->data = talloc_steal(mem_ctx, stub_data->data); + } + if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) { + req->p->last_fault_code = req->fault_code; + } + talloc_free(req); + return status; +} + +/* + perform a full request/response pair on a dcerpc pipe +*/ +NTSTATUS dcerpc_request(struct dcerpc_pipe *p, + struct GUID *object, + uint16_t opnum, + bool async, + TALLOC_CTX *mem_ctx, + DATA_BLOB *stub_data_in, + DATA_BLOB *stub_data_out) +{ + struct rpc_request *req; + + req = dcerpc_request_send(p, object, opnum, async, stub_data_in); + if (req == NULL) { + return NT_STATUS_NO_MEMORY; + } + + return dcerpc_request_recv(req, mem_ctx, stub_data_out); +} + + +/* + this is a paranoid NDR validator. For every packet we push onto the wire + we pull it back again, then push it again. Then we compare the raw NDR data + for that to the NDR we initially generated. If they don't match then we know + we must have a bug in either the pull or push side of our code +*/ +static NTSTATUS dcerpc_ndr_validate_in(struct dcerpc_connection *c, + TALLOC_CTX *mem_ctx, + DATA_BLOB blob, + size_t struct_size, + ndr_push_flags_fn_t ndr_push, + ndr_pull_flags_fn_t ndr_pull) +{ + void *st; + struct ndr_pull *pull; + struct ndr_push *push; + DATA_BLOB blob2; + enum ndr_err_code ndr_err; + + st = talloc_size(mem_ctx, struct_size); + if (!st) { + return NT_STATUS_NO_MEMORY; + } + + pull = ndr_pull_init_flags(c, &blob, mem_ctx); + if (!pull) { + return NT_STATUS_NO_MEMORY; + } + pull->flags |= LIBNDR_FLAG_REF_ALLOC; + + ndr_err = ndr_pull(pull, NDR_IN, st); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + ndr_err = ndr_pull_error(pull, NDR_ERR_VALIDATE, + "failed input validation pull - %s", + nt_errstr(status)); + return ndr_map_error2ntstatus(ndr_err); + } + + push = ndr_push_init_ctx(mem_ctx, c->iconv_convenience); + if (!push) { + return NT_STATUS_NO_MEMORY; + } + + ndr_err = ndr_push(push, NDR_IN, st); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + ndr_err = ndr_pull_error(pull, NDR_ERR_VALIDATE, + "failed input validation push - %s", + nt_errstr(status)); + return ndr_map_error2ntstatus(ndr_err); + } + + blob2 = ndr_push_blob(push); + + if (data_blob_cmp(&blob, &blob2) != 0) { + DEBUG(3,("original:\n")); + dump_data(3, blob.data, blob.length); + DEBUG(3,("secondary:\n")); + dump_data(3, blob2.data, blob2.length); + ndr_err = ndr_pull_error(pull, NDR_ERR_VALIDATE, + "failed input validation blobs doesn't match"); + return ndr_map_error2ntstatus(ndr_err); + } + + return NT_STATUS_OK; +} + +/* + this is a paranoid NDR input validator. For every packet we pull + from the wire we push it back again then pull and push it + again. Then we compare the raw NDR data for that to the NDR we + initially generated. If they don't match then we know we must have a + bug in either the pull or push side of our code +*/ +static NTSTATUS dcerpc_ndr_validate_out(struct dcerpc_connection *c, + struct ndr_pull *pull_in, + void *struct_ptr, + size_t struct_size, + ndr_push_flags_fn_t ndr_push, + ndr_pull_flags_fn_t ndr_pull, + ndr_print_function_t ndr_print) +{ + void *st; + struct ndr_pull *pull; + struct ndr_push *push; + DATA_BLOB blob, blob2; + TALLOC_CTX *mem_ctx = pull_in; + char *s1, *s2; + enum ndr_err_code ndr_err; + + st = talloc_size(mem_ctx, struct_size); + if (!st) { + return NT_STATUS_NO_MEMORY; + } + memcpy(st, struct_ptr, struct_size); + + push = ndr_push_init_ctx(mem_ctx, c->iconv_convenience); + if (!push) { + return NT_STATUS_NO_MEMORY; + } + + ndr_err = ndr_push(push, NDR_OUT, struct_ptr); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + ndr_err = ndr_push_error(push, NDR_ERR_VALIDATE, + "failed output validation push - %s", + nt_errstr(status)); + return ndr_map_error2ntstatus(ndr_err); + } + + blob = ndr_push_blob(push); + + pull = ndr_pull_init_flags(c, &blob, mem_ctx); + if (!pull) { + return NT_STATUS_NO_MEMORY; + } + + pull->flags |= LIBNDR_FLAG_REF_ALLOC; + ndr_err = ndr_pull(pull, NDR_OUT, st); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + ndr_err = ndr_pull_error(pull, NDR_ERR_VALIDATE, + "failed output validation pull - %s", + nt_errstr(status)); + return ndr_map_error2ntstatus(ndr_err); + } + + push = ndr_push_init_ctx(mem_ctx, c->iconv_convenience); + if (!push) { + return NT_STATUS_NO_MEMORY; + } + + ndr_err = ndr_push(push, NDR_OUT, st); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + NTSTATUS status = ndr_map_error2ntstatus(ndr_err); + ndr_err = ndr_push_error(push, NDR_ERR_VALIDATE, + "failed output validation push2 - %s", + nt_errstr(status)); + return ndr_map_error2ntstatus(ndr_err); + } + + blob2 = ndr_push_blob(push); + + if (data_blob_cmp(&blob, &blob2) != 0) { + DEBUG(3,("original:\n")); + dump_data(3, blob.data, blob.length); + DEBUG(3,("secondary:\n")); + dump_data(3, blob2.data, blob2.length); + ndr_err = ndr_push_error(push, NDR_ERR_VALIDATE, + "failed output validation blobs doesn't match"); + return ndr_map_error2ntstatus(ndr_err); + } + + /* this checks the printed forms of the two structures, which effectively + tests all of the value() attributes */ + s1 = ndr_print_function_string(mem_ctx, ndr_print, "VALIDATE", + NDR_OUT, struct_ptr); + s2 = ndr_print_function_string(mem_ctx, ndr_print, "VALIDATE", + NDR_OUT, st); + if (strcmp(s1, s2) != 0) { +#if 1 + DEBUG(3,("VALIDATE ERROR:\nWIRE:\n%s\n GEN:\n%s\n", s1, s2)); +#else + /* this is sometimes useful */ + printf("VALIDATE ERROR\n"); + file_save("wire.dat", s1, strlen(s1)); + file_save("gen.dat", s2, strlen(s2)); + system("diff -u wire.dat gen.dat"); +#endif + ndr_err = ndr_push_error(push, NDR_ERR_VALIDATE, + "failed output validation strings doesn't match"); + return ndr_map_error2ntstatus(ndr_err); + } + + return NT_STATUS_OK; +} + + +/** + send a rpc request given a dcerpc_call structure + */ +struct rpc_request *dcerpc_ndr_request_send(struct dcerpc_pipe *p, + const struct GUID *object, + const struct ndr_interface_table *table, + uint32_t opnum, + TALLOC_CTX *mem_ctx, + void *r) +{ + const struct ndr_interface_call *call; + struct ndr_push *push; + NTSTATUS status; + DATA_BLOB request; + struct rpc_request *req; + enum ndr_err_code ndr_err; + + call = &table->calls[opnum]; + + /* setup for a ndr_push_* call */ + push = ndr_push_init_ctx(mem_ctx, p->conn->iconv_convenience); + if (!push) { + return NULL; + } + + if (p->conn->flags & DCERPC_PUSH_BIGENDIAN) { + push->flags |= LIBNDR_FLAG_BIGENDIAN; + } + + /* push the structure into a blob */ + ndr_err = call->ndr_push(push, NDR_IN, r); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + status = ndr_map_error2ntstatus(ndr_err); + DEBUG(2,("Unable to ndr_push structure in dcerpc_ndr_request_send - %s\n", + nt_errstr(status))); + talloc_free(push); + return NULL; + } + + /* retrieve the blob */ + request = ndr_push_blob(push); + + if (p->conn->flags & DCERPC_DEBUG_VALIDATE_IN) { + status = dcerpc_ndr_validate_in(p->conn, push, request, call->struct_size, + call->ndr_push, call->ndr_pull); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2,("Validation failed in dcerpc_ndr_request_send - %s\n", + nt_errstr(status))); + talloc_free(push); + return NULL; + } + } + + DEBUG(10,("rpc request data:\n")); + dump_data(10, request.data, request.length); + + /* make the actual dcerpc request */ + req = dcerpc_request_send(p, object, opnum, table->calls[opnum].async, + &request); + + if (req != NULL) { + req->ndr.table = table; + req->ndr.opnum = opnum; + req->ndr.struct_ptr = r; + req->ndr.mem_ctx = mem_ctx; + } + + talloc_free(push); + + return req; +} + +/* + receive the answer from a dcerpc_ndr_request_send() +*/ +_PUBLIC_ NTSTATUS dcerpc_ndr_request_recv(struct rpc_request *req) +{ + struct dcerpc_pipe *p = req->p; + NTSTATUS status; + DATA_BLOB response; + struct ndr_pull *pull; + uint_t flags; + TALLOC_CTX *mem_ctx = req->ndr.mem_ctx; + void *r = req->ndr.struct_ptr; + uint32_t opnum = req->ndr.opnum; + const struct ndr_interface_table *table = req->ndr.table; + const struct ndr_interface_call *call = &table->calls[opnum]; + enum ndr_err_code ndr_err; + + /* make sure the recv code doesn't free the request, as we + need to grab the flags element before it is freed */ + if (talloc_reference(p, req) == NULL) { + return NT_STATUS_NO_MEMORY; + } + + status = dcerpc_request_recv(req, mem_ctx, &response); + if (!NT_STATUS_IS_OK(status)) { + talloc_unlink(p, req); + return status; + } + + flags = req->flags; + + /* prepare for ndr_pull_* */ + pull = ndr_pull_init_flags(p->conn, &response, mem_ctx); + if (!pull) { + talloc_unlink(p, req); + return NT_STATUS_NO_MEMORY; + } + + if (pull->data) { + pull->data = talloc_steal(pull, pull->data); + } + talloc_unlink(p, req); + + if (flags & DCERPC_PULL_BIGENDIAN) { + pull->flags |= LIBNDR_FLAG_BIGENDIAN; + } + + DEBUG(10,("rpc reply data:\n")); + dump_data(10, pull->data, pull->data_size); + + /* pull the structure from the blob */ + ndr_err = call->ndr_pull(pull, NDR_OUT, r); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + status = ndr_map_error2ntstatus(ndr_err); + dcerpc_log_packet(table, opnum, NDR_OUT, + &response); + return status; + } + + if (p->conn->flags & DCERPC_DEBUG_VALIDATE_OUT) { + status = dcerpc_ndr_validate_out(p->conn, pull, r, call->struct_size, + call->ndr_push, call->ndr_pull, + call->ndr_print); + if (!NT_STATUS_IS_OK(status)) { + dcerpc_log_packet(table, opnum, NDR_OUT, + &response); + return status; + } + } + + if (pull->offset != pull->data_size) { + DEBUG(0,("Warning! ignoring %d unread bytes in rpc packet!\n", + pull->data_size - pull->offset)); + /* we used to return NT_STATUS_INFO_LENGTH_MISMATCH here, + but it turns out that early versions of NT + (specifically NT3.1) add junk onto the end of rpc + packets, so if we want to interoperate at all with + those versions then we need to ignore this error */ + } + + /* TODO: make pull context independent from the output mem_ctx and free the pull context */ + + return NT_STATUS_OK; +} + + +/* + a useful helper function for synchronous rpc requests + + this can be used when you have ndr push/pull functions in the + standard format +*/ +_PUBLIC_ NTSTATUS dcerpc_ndr_request(struct dcerpc_pipe *p, + const struct GUID *object, + const struct ndr_interface_table *table, + uint32_t opnum, + TALLOC_CTX *mem_ctx, + void *r) +{ + struct rpc_request *req; + + req = dcerpc_ndr_request_send(p, object, table, opnum, mem_ctx, r); + if (req == NULL) { + return NT_STATUS_NO_MEMORY; + } + + return dcerpc_ndr_request_recv(req); +} + + +/* + a useful function for retrieving the server name we connected to +*/ +_PUBLIC_ const char *dcerpc_server_name(struct dcerpc_pipe *p) +{ + if (!p->conn->transport.target_hostname) { + if (!p->conn->transport.peer_name) { + return ""; + } + return p->conn->transport.peer_name(p->conn); + } + return p->conn->transport.target_hostname(p->conn); +} + + +/* + get the dcerpc auth_level for a open connection +*/ +uint32_t dcerpc_auth_level(struct dcerpc_connection *c) +{ + uint8_t auth_level; + + if (c->flags & DCERPC_SEAL) { + auth_level = DCERPC_AUTH_LEVEL_PRIVACY; + } else if (c->flags & DCERPC_SIGN) { + auth_level = DCERPC_AUTH_LEVEL_INTEGRITY; + } else if (c->flags & DCERPC_CONNECT) { + auth_level = DCERPC_AUTH_LEVEL_CONNECT; + } else { + auth_level = DCERPC_AUTH_LEVEL_NONE; + } + return auth_level; +} + +/* + Receive an alter reply from the transport +*/ +static void dcerpc_alter_recv_handler(struct rpc_request *req, + DATA_BLOB *raw_packet, struct ncacn_packet *pkt) +{ + struct composite_context *c; + struct dcerpc_pipe *recv_pipe; + + c = talloc_get_type(req->async.private_data, struct composite_context); + recv_pipe = talloc_get_type(c->private_data, struct dcerpc_pipe); + + if (pkt->ptype == DCERPC_PKT_ALTER_RESP && + pkt->u.alter_resp.num_results == 1 && + pkt->u.alter_resp.ctx_list[0].result != 0) { + DEBUG(2,("dcerpc: alter_resp failed - reason %d\n", + pkt->u.alter_resp.ctx_list[0].reason)); + composite_error(c, dcerpc_map_reason(pkt->u.alter_resp.ctx_list[0].reason)); + return; + } + + if (pkt->ptype != DCERPC_PKT_ALTER_RESP || + pkt->u.alter_resp.num_results == 0 || + pkt->u.alter_resp.ctx_list[0].result != 0) { + composite_error(c, NT_STATUS_NET_WRITE_FAULT); + return; + } + + /* the alter_resp might contain a reply set of credentials */ + if (recv_pipe->conn->security_state.auth_info && + pkt->u.alter_resp.auth_info.length) { + enum ndr_err_code ndr_err; + ndr_err = ndr_pull_struct_blob( + &pkt->u.alter_resp.auth_info, recv_pipe, + NULL, + recv_pipe->conn->security_state.auth_info, + (ndr_pull_flags_fn_t)ndr_pull_dcerpc_auth); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + c->status = ndr_map_error2ntstatus(ndr_err); + if (!composite_is_ok(c)) return; + } + } + + composite_done(c); +} + +/* + send a dcerpc alter_context request +*/ +struct composite_context *dcerpc_alter_context_send(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + const struct ndr_syntax_id *syntax, + const struct ndr_syntax_id *transfer_syntax) +{ + struct composite_context *c; + struct ncacn_packet pkt; + DATA_BLOB blob; + struct rpc_request *req; + + c = composite_create(mem_ctx, p->conn->event_ctx); + if (c == NULL) return NULL; + + c->private_data = p; + + p->syntax = *syntax; + p->transfer_syntax = *transfer_syntax; + + init_ncacn_hdr(p->conn, &pkt); + + pkt.ptype = DCERPC_PKT_ALTER; + pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST; + pkt.call_id = p->conn->call_id; + pkt.auth_length = 0; + + if (p->binding->flags & DCERPC_CONCURRENT_MULTIPLEX) { + pkt.pfc_flags |= DCERPC_PFC_FLAG_CONC_MPX; + } + + if (p->binding->flags & DCERPC_HEADER_SIGNING) { + pkt.pfc_flags |= DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN; + } + + pkt.u.alter.max_xmit_frag = 5840; + pkt.u.alter.max_recv_frag = 5840; + pkt.u.alter.assoc_group_id = p->binding->assoc_group_id; + pkt.u.alter.num_contexts = 1; + pkt.u.alter.ctx_list = talloc_array(c, struct dcerpc_ctx_list, 1); + if (composite_nomem(pkt.u.alter.ctx_list, c)) return c; + pkt.u.alter.ctx_list[0].context_id = p->context_id; + pkt.u.alter.ctx_list[0].num_transfer_syntaxes = 1; + pkt.u.alter.ctx_list[0].abstract_syntax = p->syntax; + pkt.u.alter.ctx_list[0].transfer_syntaxes = &p->transfer_syntax; + pkt.u.alter.auth_info = data_blob(NULL, 0); + + /* construct the NDR form of the packet */ + c->status = ncacn_push_auth(&blob, mem_ctx, p->conn->iconv_convenience, &pkt, + p->conn->security_state.auth_info); + if (!composite_is_ok(c)) return c; + + p->conn->transport.recv_data = dcerpc_recv_data; + + /* + * we allocate a dcerpc_request so we can be in the same + * request queue as normal requests + */ + req = talloc_zero(c, struct rpc_request); + if (composite_nomem(req, c)) return c; + + req->state = RPC_REQUEST_PENDING; + req->call_id = pkt.call_id; + req->async.private_data = c; + req->async.callback = dcerpc_composite_fail; + req->p = p; + req->recv_handler = dcerpc_alter_recv_handler; + DLIST_ADD_END(p->conn->pending, req, struct rpc_request *); + talloc_set_destructor(req, dcerpc_req_dequeue); + + c->status = p->conn->transport.send_request(p->conn, &blob, true); + if (!composite_is_ok(c)) return c; + + event_add_timed(c->event_ctx, req, + timeval_current_ofs(DCERPC_REQUEST_TIMEOUT, 0), + dcerpc_timeout_handler, req); + + return c; +} + +NTSTATUS dcerpc_alter_context_recv(struct composite_context *ctx) +{ + NTSTATUS result = composite_wait(ctx); + talloc_free(ctx); + return result; +} + +/* + send a dcerpc alter_context request +*/ +_PUBLIC_ NTSTATUS dcerpc_alter_context(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + const struct ndr_syntax_id *syntax, + const struct ndr_syntax_id *transfer_syntax) +{ + struct composite_context *creq; + creq = dcerpc_alter_context_send(p, mem_ctx, syntax, transfer_syntax); + return dcerpc_alter_context_recv(creq); +} diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h new file mode 100644 index 0000000000..1fd56cb052 --- /dev/null +++ b/source4/librpc/rpc/dcerpc.h @@ -0,0 +1,378 @@ +/* + Unix SMB/CIFS implementation. + + DCERPC client side interface structures + + Copyright (C) Tim Potter 2003 + Copyright (C) Andrew Tridgell 2003-2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* This is a public header file that is installed as part of Samba. + * If you remove any functions or change their signature, update + * the so version number. */ + +#ifndef __DCERPC_H__ +#define __DCERPC_H__ + +#include "lib/util/data_blob.h" +#include "librpc/gen_ndr/dcerpc.h" +#include "librpc/ndr/libndr.h" + +enum dcerpc_transport_t { + NCA_UNKNOWN, NCACN_NP, NCACN_IP_TCP, NCACN_IP_UDP, NCACN_VNS_IPC, + NCACN_VNS_SPP, NCACN_AT_DSP, NCADG_AT_DDP, NCALRPC, NCACN_UNIX_STREAM, + NCADG_UNIX_DGRAM, NCACN_HTTP, NCADG_IPX, NCACN_SPX }; + +/* + this defines a generic security context for signed/sealed dcerpc pipes. +*/ +struct dcerpc_connection; +struct dcerpc_security { + struct dcerpc_auth *auth_info; + struct gensec_security *generic_state; + + /* get the session key */ + NTSTATUS (*session_key)(struct dcerpc_connection *, DATA_BLOB *); +}; + +/* + this holds the information that is not specific to a particular rpc context_id +*/ +struct dcerpc_connection { + uint32_t call_id; + uint32_t srv_max_xmit_frag; + uint32_t srv_max_recv_frag; + uint32_t flags; + struct dcerpc_security security_state; + const char *binding_string; + struct event_context *event_ctx; + struct smb_iconv_convenience *iconv_convenience; + + bool dead; + bool free_skipped; + + struct dcerpc_transport { + enum dcerpc_transport_t transport; + void *private_data; + + NTSTATUS (*shutdown_pipe)(struct dcerpc_connection *, NTSTATUS status); + + const char *(*peer_name)(struct dcerpc_connection *); + + const char *(*target_hostname)(struct dcerpc_connection *); + + /* send a request to the server */ + NTSTATUS (*send_request)(struct dcerpc_connection *, DATA_BLOB *, bool trigger_read); + + /* send a read request to the server */ + NTSTATUS (*send_read)(struct dcerpc_connection *); + + /* a callback to the dcerpc code when a full fragment + has been received */ + void (*recv_data)(struct dcerpc_connection *, DATA_BLOB *, NTSTATUS status); + } transport; + + /* Requests that have been sent, waiting for a reply */ + struct rpc_request *pending; + + /* Sync requests waiting to be shipped */ + struct rpc_request *request_queue; + + /* the next context_id to be assigned */ + uint32_t next_context_id; +}; + +/* + this encapsulates a full dcerpc client side pipe +*/ +struct dcerpc_pipe { + uint32_t context_id; + + uint32_t assoc_group_id; + + struct ndr_syntax_id syntax; + struct ndr_syntax_id transfer_syntax; + + struct dcerpc_connection *conn; + struct dcerpc_binding *binding; + + /* the last fault code from a DCERPC fault */ + uint32_t last_fault_code; + + /* timeout for individual rpc requests, in seconds */ + uint32_t request_timeout; +}; + +/* default timeout for all rpc requests, in seconds */ +#define DCERPC_REQUEST_TIMEOUT 60 + + +/* dcerpc pipe flags */ +#define DCERPC_DEBUG_PRINT_IN (1<<0) +#define DCERPC_DEBUG_PRINT_OUT (1<<1) +#define DCERPC_DEBUG_PRINT_BOTH (DCERPC_DEBUG_PRINT_IN | DCERPC_DEBUG_PRINT_OUT) + +#define DCERPC_DEBUG_VALIDATE_IN (1<<2) +#define DCERPC_DEBUG_VALIDATE_OUT (1<<3) +#define DCERPC_DEBUG_VALIDATE_BOTH (DCERPC_DEBUG_VALIDATE_IN | DCERPC_DEBUG_VALIDATE_OUT) + +#define DCERPC_CONNECT (1<<4) +#define DCERPC_SIGN (1<<5) +#define DCERPC_SEAL (1<<6) + +#define DCERPC_PUSH_BIGENDIAN (1<<7) +#define DCERPC_PULL_BIGENDIAN (1<<8) + +#define DCERPC_SCHANNEL (1<<9) + +/* use a 128 bit session key */ +#define DCERPC_SCHANNEL_128 (1<<12) + +/* check incoming pad bytes */ +#define DCERPC_DEBUG_PAD_CHECK (1<<13) + +/* set LIBNDR_FLAG_REF_ALLOC flag when decoding NDR */ +#define DCERPC_NDR_REF_ALLOC (1<<14) + +#define DCERPC_AUTH_OPTIONS (DCERPC_SEAL|DCERPC_SIGN|DCERPC_SCHANNEL|DCERPC_AUTH_SPNEGO|DCERPC_AUTH_KRB5|DCERPC_AUTH_NTLM) + +/* select spnego auth */ +#define DCERPC_AUTH_SPNEGO (1<<15) + +/* select krb5 auth */ +#define DCERPC_AUTH_KRB5 (1<<16) + +#define DCERPC_SMB2 (1<<17) + +/* select NTLM auth */ +#define DCERPC_AUTH_NTLM (1<<18) + +/* this triggers the DCERPC_PFC_FLAG_CONC_MPX flag in the bind request */ +#define DCERPC_CONCURRENT_MULTIPLEX (1<<19) + +/* this triggers the DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN flag in the bind request */ +#define DCERPC_HEADER_SIGNING (1<<20) + +/* this describes a binding to a particular transport/pipe */ +struct dcerpc_binding { + enum dcerpc_transport_t transport; + struct ndr_syntax_id object; + const char *host; + const char *target_hostname; + const char *endpoint; + const char **options; + uint32_t flags; + uint32_t assoc_group_id; +}; + + +struct dcerpc_pipe_connect { + struct dcerpc_pipe *pipe; + struct dcerpc_binding *binding; + const char *pipe_name; + const struct ndr_interface_table *interface; + struct cli_credentials *creds; + struct resolve_context *resolve_ctx; +}; + + +enum rpc_request_state { + RPC_REQUEST_QUEUED, + RPC_REQUEST_PENDING, + RPC_REQUEST_DONE +}; + +/* + handle for an async dcerpc request +*/ +struct rpc_request { + struct rpc_request *next, *prev; + struct dcerpc_pipe *p; + NTSTATUS status; + uint32_t call_id; + enum rpc_request_state state; + DATA_BLOB payload; + uint32_t flags; + uint32_t fault_code; + + /* this is used to distinguish bind and alter_context requests + from normal requests */ + void (*recv_handler)(struct rpc_request *conn, + DATA_BLOB *blob, struct ncacn_packet *pkt); + + const struct GUID *object; + uint16_t opnum; + DATA_BLOB request_data; + bool async_call; + bool ignore_timeout; + + /* use by the ndr level async recv call */ + struct { + const struct ndr_interface_table *table; + uint32_t opnum; + void *struct_ptr; + TALLOC_CTX *mem_ctx; + } ndr; + + struct { + void (*callback)(struct rpc_request *); + void *private_data; + } async; +}; + +struct epm_tower; +struct epm_floor; + +struct smbcli_tree; +struct smb2_tree; +struct socket_address; + +NTSTATUS dcerpc_pipe_connect(TALLOC_CTX *parent_ctx, + struct dcerpc_pipe **pp, + const char *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct event_context *ev, + struct loadparm_context *lp_ctx); +NTSTATUS dcerpc_ndr_request_recv(struct rpc_request *req); +struct rpc_request *dcerpc_ndr_request_send(struct dcerpc_pipe *p, + const struct GUID *object, + const struct ndr_interface_table *table, + uint32_t opnum, + TALLOC_CTX *mem_ctx, + void *r); +const char *dcerpc_server_name(struct dcerpc_pipe *p); +struct dcerpc_pipe *dcerpc_pipe_init(TALLOC_CTX *mem_ctx, struct event_context *ev, + struct smb_iconv_convenience *ic); +NTSTATUS dcerpc_pipe_open_smb(struct dcerpc_pipe *p, + struct smbcli_tree *tree, + const char *pipe_name); +NTSTATUS dcerpc_bind_auth_none(struct dcerpc_pipe *p, + const struct ndr_interface_table *table); +NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p, + DATA_BLOB *session_key); +struct composite_context; +NTSTATUS dcerpc_secondary_connection_recv(struct composite_context *c, + struct dcerpc_pipe **p2); +NTSTATUS dcerpc_parse_binding(TALLOC_CTX *mem_ctx, const char *s, struct dcerpc_binding **b_out); + +struct composite_context* dcerpc_pipe_connect_b_send(TALLOC_CTX *parent_ctx, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct event_context *ev, + struct loadparm_context *lp_ctx); + +NTSTATUS dcerpc_pipe_connect_b_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **p); + +NTSTATUS dcerpc_pipe_connect_b(TALLOC_CTX *parent_ctx, + struct dcerpc_pipe **pp, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct event_context *ev, + struct loadparm_context *lp_ctx); +const char *dcerpc_errstr(TALLOC_CTX *mem_ctx, uint32_t fault_code); + +NTSTATUS dcerpc_pipe_auth(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **p, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx); +char *dcerpc_binding_string(TALLOC_CTX *mem_ctx, const struct dcerpc_binding *b); +NTSTATUS dcerpc_secondary_connection(struct dcerpc_pipe *p, + struct dcerpc_pipe **p2, + struct dcerpc_binding *b); +NTSTATUS dcerpc_bind_auth_schannel(TALLOC_CTX *tmp_ctx, + struct dcerpc_pipe *p, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx, + uint8_t auth_level); +struct event_context *dcerpc_event_context(struct dcerpc_pipe *p); +NTSTATUS dcerpc_init(void); +struct smbcli_tree *dcerpc_smb_tree(struct dcerpc_connection *c); +uint16_t dcerpc_smb_fnum(struct dcerpc_connection *c); +NTSTATUS dcerpc_secondary_context(struct dcerpc_pipe *p, + struct dcerpc_pipe **pp2, + const struct ndr_interface_table *table); +NTSTATUS dcerpc_alter_context(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + const struct ndr_syntax_id *syntax, + const struct ndr_syntax_id *transfer_syntax); + +NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx, + uint8_t auth_type, uint8_t auth_level, + const char *service); +struct composite_context* dcerpc_pipe_connect_send(TALLOC_CTX *parent_ctx, + const char *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct event_context *ev, struct loadparm_context *lp_ctx); +NTSTATUS dcerpc_pipe_connect_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **pp); + +NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *binding, + const struct ndr_interface_table *table, struct event_context *ev, + struct loadparm_context *lp_ctx); +struct composite_context* dcerpc_secondary_auth_connection_send(struct dcerpc_pipe *p, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx); +NTSTATUS dcerpc_secondary_auth_connection_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **p); + +struct composite_context* dcerpc_secondary_connection_send(struct dcerpc_pipe *p, + struct dcerpc_binding *b); +void dcerpc_log_packet(const struct ndr_interface_table *ndr, + uint32_t opnum, uint32_t flags, + DATA_BLOB *pkt); +NTSTATUS dcerpc_binding_build_tower(TALLOC_CTX *mem_ctx, struct dcerpc_binding *binding, struct epm_tower *tower); + +NTSTATUS dcerpc_floor_get_lhs_data(struct epm_floor *epm_floor, struct ndr_syntax_id *syntax); + +enum dcerpc_transport_t dcerpc_transport_by_tower(struct epm_tower *tower); + +NTSTATUS dcerpc_ndr_request(struct dcerpc_pipe *p, + const struct GUID *object, + const struct ndr_interface_table *table, + uint32_t opnum, + TALLOC_CTX *mem_ctx, + void *r); + +NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx, + struct epm_tower *tower, + struct dcerpc_binding **b_out); + +NTSTATUS dcerpc_request(struct dcerpc_pipe *p, + struct GUID *object, + uint16_t opnum, + bool async, + TALLOC_CTX *mem_ctx, + DATA_BLOB *stub_data_in, + DATA_BLOB *stub_data_out); + +typedef NTSTATUS (*dcerpc_call_fn) (struct dcerpc_pipe *, TALLOC_CTX *, void *); + +#endif /* __DCERPC_H__ */ diff --git a/source4/librpc/rpc/dcerpc.py b/source4/librpc/rpc/dcerpc.py new file mode 100644 index 0000000000..1a76ecca8e --- /dev/null +++ b/source4/librpc/rpc/dcerpc.py @@ -0,0 +1,20 @@ +#!/usr/bin/python + +# Unix SMB/CIFS implementation. +# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +from base import * diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c new file mode 100644 index 0000000000..2eced55967 --- /dev/null +++ b/source4/librpc/rpc/dcerpc_auth.c @@ -0,0 +1,398 @@ +/* + Unix SMB/CIFS implementation. + + Generic Authentication Interface + + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005 + Copyright (C) Stefan Metzmacher 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "libcli/composite/composite.h" +#include "auth/gensec/gensec.h" +#include "librpc/rpc/dcerpc.h" +#include "librpc/rpc/dcerpc_proto.h" +#include "param/param.h" + +/* + return the rpc syntax and transfer syntax given the pipe uuid and version +*/ +static NTSTATUS dcerpc_init_syntaxes(const struct ndr_interface_table *table, + struct ndr_syntax_id *syntax, + struct ndr_syntax_id *transfer_syntax) +{ + syntax->uuid = table->syntax_id.uuid; + syntax->if_version = table->syntax_id.if_version; + + *transfer_syntax = ndr_transfer_syntax; + + return NT_STATUS_OK; +} + + +/* + Send request to do a non-authenticated dcerpc bind +*/ +struct composite_context *dcerpc_bind_auth_none_send(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe *p, + const struct ndr_interface_table *table) +{ + struct ndr_syntax_id syntax; + struct ndr_syntax_id transfer_syntax; + + struct composite_context *c; + + c = composite_create(mem_ctx, p->conn->event_ctx); + if (c == NULL) return NULL; + + c->status = dcerpc_init_syntaxes(table, + &syntax, &transfer_syntax); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(2,("Invalid uuid string in " + "dcerpc_bind_auth_none_send\n")); + composite_error(c, c->status); + return c; + } + + /* c was only allocated as a container for a possible error */ + talloc_free(c); + + return dcerpc_bind_send(p, mem_ctx, &syntax, &transfer_syntax); +} + + +/* + Receive result of a non-authenticated dcerpc bind +*/ +NTSTATUS dcerpc_bind_auth_none_recv(struct composite_context *ctx) +{ + return dcerpc_bind_recv(ctx); +} + + +/* + Perform sync non-authenticated dcerpc bind +*/ +_PUBLIC_ NTSTATUS dcerpc_bind_auth_none(struct dcerpc_pipe *p, + const struct ndr_interface_table *table) +{ + struct composite_context *ctx; + + ctx = dcerpc_bind_auth_none_send(p, p, table); + return dcerpc_bind_auth_none_recv(ctx); +} + + +struct bind_auth_state { + struct dcerpc_pipe *pipe; + DATA_BLOB credentials; + bool more_processing; /* Is there anything more to do after the + * first bind itself received? */ +}; + +static void bind_auth_recv_alter(struct composite_context *creq); + +static void bind_auth_next_step(struct composite_context *c) +{ + struct bind_auth_state *state; + struct dcerpc_security *sec; + struct composite_context *creq; + bool more_processing = false; + + state = talloc_get_type(c->private_data, struct bind_auth_state); + sec = &state->pipe->conn->security_state; + + /* The status value here, from GENSEC is vital to the security + * of the system. Even if the other end accepts, if GENSEC + * claims 'MORE_PROCESSING_REQUIRED' then you must keep + * feeding it blobs, or else the remote host/attacker might + * avoid mutal authentication requirements. + * + * Likewise, you must not feed GENSEC too much (after the OK), + * it doesn't like that either + */ + + c->status = gensec_update(sec->generic_state, state, + sec->auth_info->credentials, + &state->credentials); + data_blob_free(&sec->auth_info->credentials); + + if (NT_STATUS_EQUAL(c->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + more_processing = true; + c->status = NT_STATUS_OK; + } + + if (!composite_is_ok(c)) return; + + if (state->pipe->conn->flags & DCERPC_HEADER_SIGNING) { + gensec_want_feature(sec->generic_state, GENSEC_FEATURE_SIGN_PKT_HEADER); + } + + if (state->credentials.length == 0) { + composite_done(c); + return; + } + + sec->auth_info->credentials = state->credentials; + + if (!more_processing) { + /* NO reply expected, so just send it */ + c->status = dcerpc_auth3(state->pipe, state); + data_blob_free(&state->credentials); + sec->auth_info->credentials = data_blob(NULL, 0); + if (!composite_is_ok(c)) return; + + composite_done(c); + return; + } + + /* We are demanding a reply, so use a request that will get us one */ + + creq = dcerpc_alter_context_send(state->pipe, state, + &state->pipe->syntax, + &state->pipe->transfer_syntax); + data_blob_free(&state->credentials); + sec->auth_info->credentials = data_blob(NULL, 0); + if (composite_nomem(creq, c)) return; + + composite_continue(c, creq, bind_auth_recv_alter, c); +} + + +static void bind_auth_recv_alter(struct composite_context *creq) +{ + struct composite_context *c = talloc_get_type(creq->async.private_data, + struct composite_context); + + c->status = dcerpc_alter_context_recv(creq); + if (!composite_is_ok(c)) return; + + bind_auth_next_step(c); +} + + +static void bind_auth_recv_bindreply(struct composite_context *creq) +{ + struct composite_context *c = talloc_get_type(creq->async.private_data, + struct composite_context); + struct bind_auth_state *state = talloc_get_type(c->private_data, + struct bind_auth_state); + + c->status = dcerpc_bind_recv(creq); + if (!composite_is_ok(c)) return; + + if (!state->more_processing) { + /* The first gensec_update has not requested a second run, so + * we're done here. */ + composite_done(c); + return; + } + + bind_auth_next_step(c); +} + + +/** + Bind to a DCE/RPC pipe, send async request + @param mem_ctx TALLOC_CTX for the allocation of the composite_context + @param p The dcerpc_pipe to bind (must already be connected) + @param table The interface table to use (the DCE/RPC bind both selects and interface and authenticates) + @param credentials The credentials of the account to connect with + @param auth_type Select the authentication scheme to use + @param auth_level Chooses between unprotected (connect), signed or sealed + @param service The service (used by Kerberos to select the service principal to contact) + @retval A composite context describing the partial state of the bind +*/ + +struct composite_context *dcerpc_bind_auth_send(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe *p, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx, + uint8_t auth_type, uint8_t auth_level, + const char *service) +{ + struct composite_context *c, *creq; + struct bind_auth_state *state; + struct dcerpc_security *sec; + + struct ndr_syntax_id syntax, transfer_syntax; + + /* composite context allocation and setup */ + c = composite_create(mem_ctx, p->conn->event_ctx); + if (c == NULL) return NULL; + + state = talloc(c, struct bind_auth_state); + if (composite_nomem(state, c)) return c; + c->private_data = state; + + state->pipe = p; + + c->status = dcerpc_init_syntaxes(table, + &syntax, + &transfer_syntax); + if (!composite_is_ok(c)) return c; + + sec = &p->conn->security_state; + + c->status = gensec_client_start(p, &sec->generic_state, + p->conn->event_ctx, + lp_ctx); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(1, ("Failed to start GENSEC client mode: %s\n", + nt_errstr(c->status))); + composite_error(c, c->status); + return c; + } + + c->status = gensec_set_credentials(sec->generic_state, credentials); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(1, ("Failed to set GENSEC client credentials: %s\n", + nt_errstr(c->status))); + composite_error(c, c->status); + return c; + } + + c->status = gensec_set_target_hostname(sec->generic_state, + p->conn->transport.target_hostname(p->conn)); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(1, ("Failed to set GENSEC target hostname: %s\n", + nt_errstr(c->status))); + composite_error(c, c->status); + return c; + } + + if (service != NULL) { + c->status = gensec_set_target_service(sec->generic_state, + service); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(1, ("Failed to set GENSEC target service: %s\n", + nt_errstr(c->status))); + composite_error(c, c->status); + return c; + } + } + + c->status = gensec_start_mech_by_authtype(sec->generic_state, + auth_type, auth_level); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(1, ("Failed to start GENSEC client mechanism %s: %s\n", + gensec_get_name_by_authtype(auth_type), + nt_errstr(c->status))); + composite_error(c, c->status); + return c; + } + + sec->auth_info = talloc(p, struct dcerpc_auth); + if (composite_nomem(sec->auth_info, c)) return c; + + sec->auth_info->auth_type = auth_type; + sec->auth_info->auth_level = auth_level, + sec->auth_info->auth_pad_length = 0; + sec->auth_info->auth_reserved = 0; + sec->auth_info->auth_context_id = random(); + sec->auth_info->credentials = data_blob(NULL, 0); + + /* The status value here, from GENSEC is vital to the security + * of the system. Even if the other end accepts, if GENSEC + * claims 'MORE_PROCESSING_REQUIRED' then you must keep + * feeding it blobs, or else the remote host/attacker might + * avoid mutal authentication requirements. + * + * Likewise, you must not feed GENSEC too much (after the OK), + * it doesn't like that either + */ + + c->status = gensec_update(sec->generic_state, state, + sec->auth_info->credentials, + &state->credentials); + if (!NT_STATUS_IS_OK(c->status) && + !NT_STATUS_EQUAL(c->status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + composite_error(c, c->status); + return c; + } + + state->more_processing = NT_STATUS_EQUAL(c->status, + NT_STATUS_MORE_PROCESSING_REQUIRED); + + if (state->credentials.length == 0) { + composite_done(c); + return c; + } + + sec->auth_info->credentials = state->credentials; + + /* The first request always is a dcerpc_bind. The subsequent ones + * depend on gensec results */ + creq = dcerpc_bind_send(p, state, &syntax, &transfer_syntax); + data_blob_free(&state->credentials); + sec->auth_info->credentials = data_blob(NULL, 0); + if (composite_nomem(creq, c)) return c; + + composite_continue(c, creq, bind_auth_recv_bindreply, c); + return c; +} + + +/** + Bind to a DCE/RPC pipe, receive result + @param creq A composite context describing state of async call + @retval NTSTATUS code +*/ + +NTSTATUS dcerpc_bind_auth_recv(struct composite_context *creq) +{ + NTSTATUS result = composite_wait(creq); + struct bind_auth_state *state = talloc_get_type(creq->private_data, + struct bind_auth_state); + + if (NT_STATUS_IS_OK(result)) { + /* + after a successful authenticated bind the session + key reverts to the generic session key + */ + state->pipe->conn->security_state.session_key = dcerpc_generic_session_key; + } + + talloc_free(creq); + return result; +} + + +/** + Perform a GENSEC authenticated bind to a DCE/RPC pipe, sync + @param p The dcerpc_pipe to bind (must already be connected) + @param table The interface table to use (the DCE/RPC bind both selects and interface and authenticates) + @param credentials The credentials of the account to connect with + @param auth_type Select the authentication scheme to use + @param auth_level Chooses between unprotected (connect), signed or sealed + @param service The service (used by Kerberos to select the service principal to contact) + @retval NTSTATUS status code +*/ + +_PUBLIC_ NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx, + uint8_t auth_type, uint8_t auth_level, + const char *service) +{ + struct composite_context *creq; + creq = dcerpc_bind_auth_send(p, p, table, credentials, lp_ctx, + auth_type, auth_level, service); + return dcerpc_bind_auth_recv(creq); +} diff --git a/source4/librpc/rpc/dcerpc_connect.c b/source4/librpc/rpc/dcerpc_connect.c new file mode 100644 index 0000000000..318b8fe36d --- /dev/null +++ b/source4/librpc/rpc/dcerpc_connect.c @@ -0,0 +1,934 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc connect functions + + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Jelmer Vernooij 2004 + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2007 + Copyright (C) Rafal Szczesniak 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + + +#include "includes.h" +#include "libcli/composite/composite.h" +#include "libcli/smb_composite/smb_composite.h" +#include "lib/events/events.h" +#include "libcli/smb2/smb2.h" +#include "libcli/smb2/smb2_calls.h" +#include "librpc/rpc/dcerpc.h" +#include "librpc/rpc/dcerpc_proto.h" +#include "auth/credentials/credentials.h" +#include "param/param.h" +#include "libcli/resolve/resolve.h" + + +struct pipe_np_smb_state { + struct smb_composite_connect conn; + struct smbcli_tree *tree; + struct dcerpc_pipe_connect io; +}; + + +/* + Stage 3 of ncacn_np_smb: Named pipe opened (or not) +*/ +static void continue_pipe_open_smb(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + /* receive result of named pipe open request on smb */ + c->status = dcerpc_pipe_open_smb_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Stage 2 of ncacn_np_smb: Open a named pipe after successful smb connection +*/ +static void continue_smb_connect(struct composite_context *ctx) +{ + struct composite_context *open_ctx; + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_np_smb_state *s = talloc_get_type(c->private_data, + struct pipe_np_smb_state); + + /* receive result of smb connect request */ + c->status = smb_composite_connect_recv(ctx, c); + if (!composite_is_ok(c)) return; + + /* prepare named pipe open parameters */ + s->tree = s->conn.out.tree; + s->io.pipe_name = s->io.binding->endpoint; + + /* send named pipe open request */ + open_ctx = dcerpc_pipe_open_smb_send(s->io.pipe, s->tree, s->io.pipe_name); + if (composite_nomem(open_ctx, c)) return; + + composite_continue(c, open_ctx, continue_pipe_open_smb, c); +} + + +/* + Initiate async open of a rpc connection to a rpc pipe on SMB using + the binding structure to determine the endpoint and options +*/ +static struct composite_context *dcerpc_pipe_connect_ncacn_np_smb_send(TALLOC_CTX *mem_ctx, struct dcerpc_pipe_connect *io, struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + struct pipe_np_smb_state *s; + struct composite_context *conn_req; + struct smb_composite_connect *conn; + + /* composite context allocation and setup */ + c = composite_create(mem_ctx, io->pipe->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_np_smb_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + s->io = *io; + conn = &s->conn; + + /* prepare smb connection parameters: we're connecting to IPC$ share on + remote rpc server */ + conn->in.dest_host = s->io.binding->host; + conn->in.dest_ports = lp_smb_ports(lp_ctx); + if (s->io.binding->target_hostname == NULL) + conn->in.called_name = "*SMBSERVER"; /* FIXME: This is invalid */ + else + conn->in.called_name = s->io.binding->target_hostname; + conn->in.service = "IPC$"; + conn->in.service_type = NULL; + conn->in.workgroup = lp_workgroup(lp_ctx); + + lp_smbcli_options(lp_ctx, &conn->in.options); + + /* + * provide proper credentials - user supplied, but allow a + * fallback to anonymous if this is an schannel connection + * (might be NT4 not allowing machine logins at session + * setup). + */ + s->conn.in.credentials = s->io.creds; + if (s->io.binding->flags & DCERPC_SCHANNEL) { + conn->in.fallback_to_anonymous = true; + } else { + conn->in.fallback_to_anonymous = false; + } + + /* send smb connect request */ + conn_req = smb_composite_connect_send(conn, s->io.pipe->conn, + lp_resolve_context(lp_ctx), + s->io.pipe->conn->event_ctx); + if (composite_nomem(conn_req, c)) return c; + + composite_continue(c, conn_req, continue_smb_connect, c); + return c; +} + + +/* + Receive result of a rpc connection to a rpc pipe on SMB +*/ +static NTSTATUS dcerpc_pipe_connect_ncacn_np_smb_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +struct pipe_np_smb2_state { + struct smb2_tree *tree; + struct dcerpc_pipe_connect io; +}; + + +/* + Stage 3 of ncacn_np_smb: Named pipe opened (or not) +*/ +static void continue_pipe_open_smb2(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + /* receive result of named pipe open request on smb2 */ + c->status = dcerpc_pipe_open_smb2_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Stage 2 of ncacn_np_smb2: Open a named pipe after successful smb2 connection +*/ +static void continue_smb2_connect(struct composite_context *ctx) +{ + struct composite_context *open_req; + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_np_smb2_state *s = talloc_get_type(c->private_data, + struct pipe_np_smb2_state); + + /* receive result of smb2 connect request */ + c->status = smb2_connect_recv(ctx, c, &s->tree); + if (!composite_is_ok(c)) return; + + /* prepare named pipe open parameters */ + s->io.pipe_name = s->io.binding->endpoint; + + /* send named pipe open request */ + open_req = dcerpc_pipe_open_smb2_send(s->io.pipe, s->tree, s->io.pipe_name); + if (composite_nomem(open_req, c)) return; + + composite_continue(c, open_req, continue_pipe_open_smb2, c); +} + + +/* + Initiate async open of a rpc connection request on SMB2 using + the binding structure to determine the endpoint and options +*/ +static struct composite_context *dcerpc_pipe_connect_ncacn_np_smb2_send( + TALLOC_CTX *mem_ctx, + struct dcerpc_pipe_connect *io, + struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + struct pipe_np_smb2_state *s; + struct composite_context *conn_req; + struct smbcli_options options; + + /* composite context allocation and setup */ + c = composite_create(mem_ctx, io->pipe->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_np_smb2_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + s->io = *io; + + /* + * provide proper credentials - user supplied or anonymous in case this is + * schannel connection + */ + if (s->io.binding->flags & DCERPC_SCHANNEL) { + s->io.creds = cli_credentials_init(mem_ctx); + if (composite_nomem(s->io.creds, c)) return c; + + cli_credentials_guess(s->io.creds, lp_ctx); + } + + lp_smbcli_options(lp_ctx, &options); + + /* send smb2 connect request */ + conn_req = smb2_connect_send(mem_ctx, s->io.binding->host, "IPC$", + s->io.resolve_ctx, + s->io.creds, + c->event_ctx, + &options); + composite_continue(c, conn_req, continue_smb2_connect, c); + return c; +} + + +/* + Receive result of a rpc connection to a rpc pipe on SMB2 +*/ +static NTSTATUS dcerpc_pipe_connect_ncacn_np_smb2_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +struct pipe_ip_tcp_state { + struct dcerpc_pipe_connect io; + const char *host; + const char *target_hostname; + uint32_t port; +}; + + +/* + Stage 2 of ncacn_ip_tcp: rpc pipe opened (or not) +*/ +static void continue_pipe_open_ncacn_ip_tcp(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + /* receive result of named pipe open request on tcp/ip */ + c->status = dcerpc_pipe_open_tcp_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Initiate async open of a rpc connection to a rpc pipe on TCP/IP using + the binding structure to determine the endpoint and options +*/ +static struct composite_context* dcerpc_pipe_connect_ncacn_ip_tcp_send(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe_connect *io) +{ + struct composite_context *c; + struct pipe_ip_tcp_state *s; + struct composite_context *pipe_req; + + /* composite context allocation and setup */ + c = composite_create(mem_ctx, io->pipe->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_ip_tcp_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* store input parameters in state structure */ + s->io = *io; + s->host = talloc_reference(c, io->binding->host); + s->target_hostname = talloc_reference(c, io->binding->target_hostname); + /* port number is a binding endpoint here */ + s->port = atoi(io->binding->endpoint); + + /* send pipe open request on tcp/ip */ + pipe_req = dcerpc_pipe_open_tcp_send(s->io.pipe->conn, s->host, s->target_hostname, + s->port, io->resolve_ctx); + composite_continue(c, pipe_req, continue_pipe_open_ncacn_ip_tcp, c); + return c; +} + + +/* + Receive result of a rpc connection to a rpc pipe on TCP/IP +*/ +static NTSTATUS dcerpc_pipe_connect_ncacn_ip_tcp_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +struct pipe_unix_state { + struct dcerpc_pipe_connect io; + const char *path; +}; + + +/* + Stage 2 of ncacn_unix: rpc pipe opened (or not) +*/ +static void continue_pipe_open_ncacn_unix_stream(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + /* receive result of pipe open request on unix socket */ + c->status = dcerpc_pipe_open_unix_stream_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Initiate async open of a rpc connection to a rpc pipe on unix socket using + the binding structure to determine the endpoint and options +*/ +static struct composite_context* dcerpc_pipe_connect_ncacn_unix_stream_send(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe_connect *io) +{ + struct composite_context *c; + struct pipe_unix_state *s; + struct composite_context *pipe_req; + + /* composite context allocation and setup */ + c = composite_create(mem_ctx, io->pipe->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_unix_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* prepare pipe open parameters and store them in state structure + also, verify whether biding endpoint is not null */ + s->io = *io; + + if (!io->binding->endpoint) { + DEBUG(0, ("Path to unix socket not specified\n")); + composite_error(c, NT_STATUS_INVALID_PARAMETER); + return c; + } + + s->path = talloc_strdup(c, io->binding->endpoint); /* path is a binding endpoint here */ + if (composite_nomem(s->path, c)) return c; + + /* send pipe open request on unix socket */ + pipe_req = dcerpc_pipe_open_unix_stream_send(s->io.pipe->conn, s->path); + composite_continue(c, pipe_req, continue_pipe_open_ncacn_unix_stream, c); + return c; +} + + +/* + Receive result of a rpc connection to a pipe on unix socket +*/ +static NTSTATUS dcerpc_pipe_connect_ncacn_unix_stream_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +struct pipe_ncalrpc_state { + struct dcerpc_pipe_connect io; +}; + +static NTSTATUS dcerpc_pipe_connect_ncalrpc_recv(struct composite_context *c); + +/* + Stage 2 of ncalrpc: rpc pipe opened (or not) +*/ +static void continue_pipe_open_ncalrpc(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + /* receive result of pipe open request on ncalrpc */ + c->status = dcerpc_pipe_connect_ncalrpc_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Initiate async open of a rpc connection request on NCALRPC using + the binding structure to determine the endpoint and options +*/ +static struct composite_context* dcerpc_pipe_connect_ncalrpc_send(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe_connect *io, struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + struct pipe_ncalrpc_state *s; + struct composite_context *pipe_req; + + /* composite context allocation and setup */ + c = composite_create(mem_ctx, io->pipe->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_ncalrpc_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* store input parameters in state structure */ + s->io = *io; + + /* send pipe open request */ + pipe_req = dcerpc_pipe_open_pipe_send(s->io.pipe->conn, lp_ncalrpc_dir(lp_ctx), + s->io.binding->endpoint); + composite_continue(c, pipe_req, continue_pipe_open_ncalrpc, c); + return c; +} + + +/* + Receive result of a rpc connection to a rpc pipe on NCALRPC +*/ +static NTSTATUS dcerpc_pipe_connect_ncalrpc_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +struct pipe_connect_state { + struct dcerpc_pipe *pipe; + struct dcerpc_binding *binding; + const struct ndr_interface_table *table; + struct cli_credentials *credentials; + struct loadparm_context *lp_ctx; +}; + + +static void continue_map_binding(struct composite_context *ctx); +static void continue_connect(struct composite_context *c, struct pipe_connect_state *s); +static void continue_pipe_connect_ncacn_np_smb2(struct composite_context *ctx); +static void continue_pipe_connect_ncacn_np_smb(struct composite_context *ctx); +static void continue_pipe_connect_ncacn_ip_tcp(struct composite_context *ctx); +static void continue_pipe_connect_ncacn_unix(struct composite_context *ctx); +static void continue_pipe_connect_ncalrpc(struct composite_context *ctx); +static void continue_pipe_connect(struct composite_context *c, struct pipe_connect_state *s); +static void continue_pipe_auth(struct composite_context *ctx); + + +/* + Stage 2 of pipe_connect_b: Receive result of endpoint mapping +*/ +static void continue_map_binding(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_connect_state *s = talloc_get_type(c->private_data, + struct pipe_connect_state); + + c->status = dcerpc_epm_map_binding_recv(ctx); + if (!composite_is_ok(c)) return; + + DEBUG(2,("Mapped to DCERPC endpoint %s\n", s->binding->endpoint)); + + continue_connect(c, s); +} + + +/* + Stage 2 of pipe_connect_b: Continue connection after endpoint is known +*/ +static void continue_connect(struct composite_context *c, struct pipe_connect_state *s) +{ + struct dcerpc_pipe_connect pc; + + /* potential exits to another stage by sending an async request */ + struct composite_context *ncacn_np_smb2_req; + struct composite_context *ncacn_np_smb_req; + struct composite_context *ncacn_ip_tcp_req; + struct composite_context *ncacn_unix_req; + struct composite_context *ncalrpc_req; + + /* dcerpc pipe connect input parameters */ + pc.pipe = s->pipe; + pc.binding = s->binding; + pc.interface = s->table; + pc.creds = s->credentials; + pc.resolve_ctx = lp_resolve_context(s->lp_ctx); + + /* connect dcerpc pipe depending on required transport */ + switch (s->binding->transport) { + case NCACN_NP: + if (pc.binding->flags & DCERPC_SMB2) { + /* new varient of SMB a.k.a. SMB2 */ + ncacn_np_smb2_req = dcerpc_pipe_connect_ncacn_np_smb2_send(c, &pc, s->lp_ctx); + composite_continue(c, ncacn_np_smb2_req, continue_pipe_connect_ncacn_np_smb2, c); + return; + + } else { + /* good old ordinary SMB */ + ncacn_np_smb_req = dcerpc_pipe_connect_ncacn_np_smb_send(c, &pc, s->lp_ctx); + composite_continue(c, ncacn_np_smb_req, continue_pipe_connect_ncacn_np_smb, c); + return; + } + break; + + case NCACN_IP_TCP: + ncacn_ip_tcp_req = dcerpc_pipe_connect_ncacn_ip_tcp_send(c, &pc); + composite_continue(c, ncacn_ip_tcp_req, continue_pipe_connect_ncacn_ip_tcp, c); + return; + + case NCACN_UNIX_STREAM: + ncacn_unix_req = dcerpc_pipe_connect_ncacn_unix_stream_send(c, &pc); + composite_continue(c, ncacn_unix_req, continue_pipe_connect_ncacn_unix, c); + return; + + case NCALRPC: + ncalrpc_req = dcerpc_pipe_connect_ncalrpc_send(c, &pc, s->lp_ctx); + composite_continue(c, ncalrpc_req, continue_pipe_connect_ncalrpc, c); + return; + + default: + /* looks like a transport we don't support now */ + composite_error(c, NT_STATUS_NOT_SUPPORTED); + } +} + + +/* + Stage 3 of pipe_connect_b: Receive result of pipe connect request on + named pipe on smb2 +*/ +static void continue_pipe_connect_ncacn_np_smb2(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_connect_state *s = talloc_get_type(c->private_data, + struct pipe_connect_state); + + c->status = dcerpc_pipe_connect_ncacn_np_smb2_recv(ctx); + if (!composite_is_ok(c)) return; + + continue_pipe_connect(c, s); +} + + +/* + Stage 3 of pipe_connect_b: Receive result of pipe connect request on + named pipe on smb +*/ +static void continue_pipe_connect_ncacn_np_smb(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_connect_state *s = talloc_get_type(c->private_data, + struct pipe_connect_state); + + c->status = dcerpc_pipe_connect_ncacn_np_smb_recv(ctx); + if (!composite_is_ok(c)) return; + + continue_pipe_connect(c, s); +} + + +/* + Stage 3 of pipe_connect_b: Receive result of pipe connect request on tcp/ip +*/ +static void continue_pipe_connect_ncacn_ip_tcp(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_connect_state *s = talloc_get_type(c->private_data, + struct pipe_connect_state); + + c->status = dcerpc_pipe_connect_ncacn_ip_tcp_recv(ctx); + if (!composite_is_ok(c)) return; + + continue_pipe_connect(c, s); +} + + +/* + Stage 3 of pipe_connect_b: Receive result of pipe connect request on unix socket +*/ +static void continue_pipe_connect_ncacn_unix(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_connect_state *s = talloc_get_type(c->private_data, + struct pipe_connect_state); + + c->status = dcerpc_pipe_connect_ncacn_unix_stream_recv(ctx); + if (!composite_is_ok(c)) return; + + continue_pipe_connect(c, s); +} + + +/* + Stage 3 of pipe_connect_b: Receive result of pipe connect request on local rpc +*/ +static void continue_pipe_connect_ncalrpc(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_connect_state *s = talloc_get_type(c->private_data, + struct pipe_connect_state); + + c->status = dcerpc_pipe_connect_ncalrpc_recv(ctx); + if (!composite_is_ok(c)) return; + + continue_pipe_connect(c, s); +} + + +/* + Stage 4 of pipe_connect_b: Start an authentication on connected dcerpc pipe + depending on credentials and binding flags passed. +*/ +static void continue_pipe_connect(struct composite_context *c, struct pipe_connect_state *s) +{ + struct composite_context *auth_bind_req; + + s->pipe->binding = s->binding; + if (!talloc_reference(s->pipe, s->binding)) { + composite_error(c, NT_STATUS_NO_MEMORY); + return; + } + + auth_bind_req = dcerpc_pipe_auth_send(s->pipe, s->binding, s->table, + s->credentials, s->lp_ctx); + composite_continue(c, auth_bind_req, continue_pipe_auth, c); +} + + +/* + Stage 5 of pipe_connect_b: Receive result of pipe authentication request + and say if all went ok +*/ +static void continue_pipe_auth(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_connect_state *s = talloc_get_type(c->private_data, struct pipe_connect_state); + + c->status = dcerpc_pipe_auth_recv(ctx, s, &s->pipe); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + handle timeouts of a dcerpc connect +*/ +static void dcerpc_connect_timeout_handler(struct event_context *ev, struct timed_event *te, + struct timeval t, void *private) +{ + struct composite_context *c = talloc_get_type(private, struct composite_context); + composite_error(c, NT_STATUS_IO_TIMEOUT); +} + +/* + start a request to open a rpc connection to a rpc pipe, using + specified binding structure to determine the endpoint and options +*/ +_PUBLIC_ struct composite_context* dcerpc_pipe_connect_b_send(TALLOC_CTX *parent_ctx, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct event_context *ev, + struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + struct pipe_connect_state *s; + struct event_context *new_ev = NULL; + + /* composite context allocation and setup */ + c = composite_create(parent_ctx, ev); + if (c == NULL) { + talloc_free(new_ev); + return NULL; + } + talloc_steal(c, new_ev); + + s = talloc_zero(c, struct pipe_connect_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* initialise dcerpc pipe structure */ + s->pipe = dcerpc_pipe_init(c, ev, lp_iconv_convenience(lp_ctx)); + if (composite_nomem(s->pipe, c)) return c; + + /* store parameters in state structure */ + s->binding = binding; + s->table = table; + s->credentials = credentials; + s->lp_ctx = lp_ctx; + + event_add_timed(c->event_ctx, c, + timeval_current_ofs(DCERPC_REQUEST_TIMEOUT, 0), + dcerpc_connect_timeout_handler, c); + + switch (s->binding->transport) { + case NCA_UNKNOWN: { + struct composite_context *binding_req; + binding_req = dcerpc_epm_map_binding_send(c, s->binding, s->table, + s->pipe->conn->event_ctx, + s->lp_ctx); + composite_continue(c, binding_req, continue_map_binding, c); + return c; + } + + case NCACN_NP: + case NCACN_IP_TCP: + case NCALRPC: + if (!s->binding->endpoint) { + struct composite_context *binding_req; + binding_req = dcerpc_epm_map_binding_send(c, s->binding, s->table, + s->pipe->conn->event_ctx, + s->lp_ctx); + composite_continue(c, binding_req, continue_map_binding, c); + return c; + } + + default: + break; + } + + continue_connect(c, s); + return c; +} + + +/* + receive result of a request to open a rpc connection to a rpc pipe +*/ +_PUBLIC_ NTSTATUS dcerpc_pipe_connect_b_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **p) +{ + NTSTATUS status; + struct pipe_connect_state *s; + + status = composite_wait(c); + + if (NT_STATUS_IS_OK(status)) { + s = talloc_get_type(c->private_data, struct pipe_connect_state); + talloc_steal(mem_ctx, s->pipe); + *p = s->pipe; + } + talloc_free(c); + return status; +} + + +/* + open a rpc connection to a rpc pipe, using the specified + binding structure to determine the endpoint and options - sync version +*/ +_PUBLIC_ NTSTATUS dcerpc_pipe_connect_b(TALLOC_CTX *parent_ctx, + struct dcerpc_pipe **pp, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct event_context *ev, + struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + + c = dcerpc_pipe_connect_b_send(parent_ctx, binding, table, + credentials, ev, lp_ctx); + return dcerpc_pipe_connect_b_recv(c, parent_ctx, pp); +} + + +struct pipe_conn_state { + struct dcerpc_pipe *pipe; +}; + + +static void continue_pipe_connect_b(struct composite_context *ctx); + + +/* + Initiate rpc connection to a rpc pipe, using the specified string + binding to determine the endpoint and options. + The string is to be parsed to a binding structure first. +*/ +_PUBLIC_ struct composite_context* dcerpc_pipe_connect_send(TALLOC_CTX *parent_ctx, + const char *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct event_context *ev, struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + struct pipe_conn_state *s; + struct dcerpc_binding *b; + struct composite_context *pipe_conn_req; + + /* composite context allocation and setup */ + c = composite_create(parent_ctx, ev); + if (c == NULL) { + return NULL; + } + + s = talloc_zero(c, struct pipe_conn_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* parse binding string to the structure */ + c->status = dcerpc_parse_binding(c, binding, &b); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(0, ("Failed to parse dcerpc binding '%s'\n", binding)); + composite_error(c, c->status); + return c; + } + + DEBUG(3, ("Using binding %s\n", dcerpc_binding_string(c, b))); + + /* + start connecting to a rpc pipe after binding structure + is established + */ + pipe_conn_req = dcerpc_pipe_connect_b_send(c, b, table, + credentials, ev, lp_ctx); + composite_continue(c, pipe_conn_req, continue_pipe_connect_b, c); + return c; +} + + +/* + Stage 2 of pipe_connect: Receive result of actual pipe connect request + and say if we're done ok +*/ +static void continue_pipe_connect_b(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_conn_state *s = talloc_get_type(c->private_data, + struct pipe_conn_state); + + c->status = dcerpc_pipe_connect_b_recv(ctx, c, &s->pipe); + talloc_steal(s, s->pipe); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Receive result of pipe connect (using binding string) request + and return connected pipe structure. +*/ +NTSTATUS dcerpc_pipe_connect_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **pp) +{ + NTSTATUS status; + struct pipe_conn_state *s; + + status = composite_wait(c); + if (NT_STATUS_IS_OK(status)) { + s = talloc_get_type(c->private_data, struct pipe_conn_state); + *pp = talloc_steal(mem_ctx, s->pipe); + } + talloc_free(c); + return status; +} + + +/* + Open a rpc connection to a rpc pipe, using the specified string + binding to determine the endpoint and options - sync version +*/ +_PUBLIC_ NTSTATUS dcerpc_pipe_connect(TALLOC_CTX *parent_ctx, + struct dcerpc_pipe **pp, + const char *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct event_context *ev, + struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + c = dcerpc_pipe_connect_send(parent_ctx, binding, + table, credentials, ev, lp_ctx); + return dcerpc_pipe_connect_recv(c, parent_ctx, pp); +} + diff --git a/source4/librpc/rpc/dcerpc_error.c b/source4/librpc/rpc/dcerpc_error.c new file mode 100644 index 0000000000..6ea4563ae6 --- /dev/null +++ b/source4/librpc/rpc/dcerpc_error.c @@ -0,0 +1,55 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc fault functions + + Copyright (C) Stefan Metzmacher 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "librpc/rpc/dcerpc.h" + +struct dcerpc_fault_table { + const char *errstr; + uint32_t faultcode; +}; + +static const struct dcerpc_fault_table dcerpc_faults[] = +{ + { "DCERPC_FAULT_OP_RNG_ERROR", DCERPC_FAULT_OP_RNG_ERROR }, + { "DCERPC_FAULT_UNK_IF", DCERPC_FAULT_UNK_IF }, + { "DCERPC_FAULT_NDR", DCERPC_FAULT_NDR }, + { "DCERPC_FAULT_INVALID_TAG", DCERPC_FAULT_INVALID_TAG }, + { "DCERPC_FAULT_CONTEXT_MISMATCH", DCERPC_FAULT_CONTEXT_MISMATCH }, + { "DCERPC_FAULT_OTHER", DCERPC_FAULT_OTHER }, + { "DCERPC_FAULT_ACCESS_DENIED", DCERPC_FAULT_ACCESS_DENIED }, + + { NULL, 0} +}; + +_PUBLIC_ const char *dcerpc_errstr(TALLOC_CTX *mem_ctx, uint32_t fault_code) +{ + int idx = 0; + + while (dcerpc_faults[idx].errstr != NULL) { + if (dcerpc_faults[idx].faultcode == fault_code) { + return dcerpc_faults[idx].errstr; + } + idx++; + } + + return talloc_asprintf(mem_ctx, "DCERPC fault 0x%08x", fault_code); +} diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c new file mode 100644 index 0000000000..5588b43dcd --- /dev/null +++ b/source4/librpc/rpc/dcerpc_schannel.c @@ -0,0 +1,412 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc schannel operations + + Copyright (C) Andrew Tridgell 2004 + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005 + Copyright (C) Rafal Szczesniak 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "auth/auth.h" +#include "libcli/composite/composite.h" +#include "libcli/auth/libcli_auth.h" +#include "librpc/gen_ndr/ndr_netlogon.h" +#include "librpc/gen_ndr/ndr_netlogon_c.h" +#include "auth/credentials/credentials.h" +#include "librpc/rpc/dcerpc_proto.h" + +struct schannel_key_state { + struct dcerpc_pipe *pipe; + struct dcerpc_pipe *pipe2; + struct dcerpc_binding *binding; + struct cli_credentials *credentials; + struct creds_CredentialState *creds; + uint32_t negotiate_flags; + struct netr_Credential credentials1; + struct netr_Credential credentials2; + struct netr_Credential credentials3; + struct netr_ServerReqChallenge r; + struct netr_ServerAuthenticate2 a; + const struct samr_Password *mach_pwd; +}; + + +static void continue_secondary_connection(struct composite_context *ctx); +static void continue_bind_auth_none(struct composite_context *ctx); +static void continue_srv_challenge(struct rpc_request *req); +static void continue_srv_auth2(struct rpc_request *req); + + +/* + Stage 2 of schannel_key: Receive endpoint mapping and request secondary + rpc connection +*/ +static void continue_epm_map_binding(struct composite_context *ctx) +{ + struct composite_context *c; + struct schannel_key_state *s; + struct composite_context *sec_conn_req; + + c = talloc_get_type(ctx->async.private_data, struct composite_context); + s = talloc_get_type(c->private_data, struct schannel_key_state); + + /* receive endpoint mapping */ + c->status = dcerpc_epm_map_binding_recv(ctx); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(0,("Failed to map DCERPC/TCP NCACN_NP pipe for '%s' - %s\n", + NDR_NETLOGON_UUID, nt_errstr(c->status))); + composite_error(c, c->status); + return; + } + + /* send a request for secondary rpc connection */ + sec_conn_req = dcerpc_secondary_connection_send(s->pipe, + s->binding); + if (composite_nomem(sec_conn_req, c)) return; + + composite_continue(c, sec_conn_req, continue_secondary_connection, c); +} + + +/* + Stage 3 of schannel_key: Receive secondary rpc connection and perform + non-authenticated bind request +*/ +static void continue_secondary_connection(struct composite_context *ctx) +{ + struct composite_context *c; + struct schannel_key_state *s; + struct composite_context *auth_none_req; + + c = talloc_get_type(ctx->async.private_data, struct composite_context); + s = talloc_get_type(c->private_data, struct schannel_key_state); + + /* receive secondary rpc connection */ + c->status = dcerpc_secondary_connection_recv(ctx, &s->pipe2); + if (!composite_is_ok(c)) return; + + talloc_steal(s, s->pipe2); + + /* initiate a non-authenticated bind */ + auth_none_req = dcerpc_bind_auth_none_send(c, s->pipe2, &ndr_table_netlogon); + if (composite_nomem(auth_none_req, c)) return; + + composite_continue(c, auth_none_req, continue_bind_auth_none, c); +} + + +/* + Stage 4 of schannel_key: Receive non-authenticated bind and get + a netlogon challenge +*/ +static void continue_bind_auth_none(struct composite_context *ctx) +{ + struct composite_context *c; + struct schannel_key_state *s; + struct rpc_request *srv_challenge_req; + + c = talloc_get_type(ctx->async.private_data, struct composite_context); + s = talloc_get_type(c->private_data, struct schannel_key_state); + + /* receive result of non-authenticated bind request */ + c->status = dcerpc_bind_auth_none_recv(ctx); + if (!composite_is_ok(c)) return; + + /* prepare a challenge request */ + s->r.in.server_name = talloc_asprintf(c, "\\\\%s", dcerpc_server_name(s->pipe)); + if (composite_nomem(s->r.in.server_name, c)) return; + s->r.in.computer_name = cli_credentials_get_workstation(s->credentials); + s->r.in.credentials = &s->credentials1; + s->r.out.credentials = &s->credentials2; + + generate_random_buffer(s->credentials1.data, sizeof(s->credentials1.data)); + + /* + request a netlogon challenge - a rpc request over opened secondary pipe + */ + srv_challenge_req = dcerpc_netr_ServerReqChallenge_send(s->pipe2, c, &s->r); + if (composite_nomem(srv_challenge_req, c)) return; + + composite_continue_rpc(c, srv_challenge_req, continue_srv_challenge, c); +} + + +/* + Stage 5 of schannel_key: Receive a challenge and perform authentication + on the netlogon pipe +*/ +static void continue_srv_challenge(struct rpc_request *req) +{ + struct composite_context *c; + struct schannel_key_state *s; + struct rpc_request *srv_auth2_req; + + c = talloc_get_type(req->async.private_data, struct composite_context); + s = talloc_get_type(c->private_data, struct schannel_key_state); + + /* receive rpc request result - netlogon challenge */ + c->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(c)) return; + + /* prepare credentials for auth2 request */ + s->mach_pwd = cli_credentials_get_nt_hash(s->credentials, c); + + creds_client_init(s->creds, &s->credentials1, &s->credentials2, + s->mach_pwd, &s->credentials3, s->negotiate_flags); + + /* auth2 request arguments */ + s->a.in.server_name = s->r.in.server_name; + s->a.in.account_name = cli_credentials_get_username(s->credentials); + s->a.in.secure_channel_type = + cli_credentials_get_secure_channel_type(s->credentials); + s->a.in.computer_name = cli_credentials_get_workstation(s->credentials); + s->a.in.negotiate_flags = &s->negotiate_flags; + s->a.in.credentials = &s->credentials3; + s->a.out.negotiate_flags = &s->negotiate_flags; + s->a.out.credentials = &s->credentials3; + + /* + authenticate on the netlogon pipe - a rpc request over secondary pipe + */ + srv_auth2_req = dcerpc_netr_ServerAuthenticate2_send(s->pipe2, c, &s->a); + if (composite_nomem(srv_auth2_req, c)) return; + + composite_continue_rpc(c, srv_auth2_req, continue_srv_auth2, c); +} + + +/* + Stage 6 of schannel_key: Receive authentication request result and verify + received credentials +*/ +static void continue_srv_auth2(struct rpc_request *req) +{ + struct composite_context *c; + struct schannel_key_state *s; + + c = talloc_get_type(req->async.private_data, struct composite_context); + s = talloc_get_type(c->private_data, struct schannel_key_state); + + /* receive rpc request result - auth2 credentials */ + c->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(c)) return; + + /* verify credentials */ + if (!creds_client_check(s->creds, s->a.out.credentials)) { + composite_error(c, NT_STATUS_UNSUCCESSFUL); + return; + } + + /* setup current netlogon credentials */ + cli_credentials_set_netlogon_creds(s->credentials, s->creds); + + composite_done(c); +} + + +/* + Initiate establishing a schannel key using netlogon challenge + on a secondary pipe +*/ +struct composite_context *dcerpc_schannel_key_send(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe *p, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + struct schannel_key_state *s; + struct composite_context *epm_map_req; + + /* composite context allocation and setup */ + c = composite_create(mem_ctx, p->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct schannel_key_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* store parameters in the state structure */ + s->pipe = p; + s->credentials = credentials; + + /* allocate credentials */ + s->creds = talloc(c, struct creds_CredentialState); + if (composite_nomem(s->creds, c)) return c; + + /* type of authentication depends on schannel type */ + if (s->pipe->conn->flags & DCERPC_SCHANNEL_128) { + s->negotiate_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; + } else { + s->negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; + } + + /* allocate binding structure */ + s->binding = talloc(c, struct dcerpc_binding); + if (composite_nomem(s->binding, c)) return c; + + *s->binding = *s->pipe->binding; + + /* request the netlogon endpoint mapping */ + epm_map_req = dcerpc_epm_map_binding_send(c, s->binding, + &ndr_table_netlogon, + s->pipe->conn->event_ctx, + lp_ctx); + if (composite_nomem(epm_map_req, c)) return c; + + composite_continue(c, epm_map_req, continue_epm_map_binding, c); + return c; +} + + +/* + Receive result of schannel key request + */ +NTSTATUS dcerpc_schannel_key_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +struct auth_schannel_state { + struct dcerpc_pipe *pipe; + struct cli_credentials *credentials; + const struct ndr_interface_table *table; + struct loadparm_context *lp_ctx; + uint8_t auth_level; +}; + + +static void continue_bind_auth(struct composite_context *ctx); + + +/* + Stage 2 of auth_schannel: Receive schannel key and intitiate an + authenticated bind using received credentials + */ +static void continue_schannel_key(struct composite_context *ctx) +{ + struct composite_context *auth_req; + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct auth_schannel_state *s = talloc_get_type(c->private_data, + struct auth_schannel_state); + + /* receive schannel key */ + c->status = dcerpc_schannel_key_recv(ctx); + if (!composite_is_ok(c)) { + DEBUG(1, ("Failed to setup credentials for account %s: %s\n", + cli_credentials_get_username(s->credentials), nt_errstr(c->status))); + return; + } + + /* send bind auth request with received creds */ + auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table, s->credentials, + s->lp_ctx, + DCERPC_AUTH_TYPE_SCHANNEL, s->auth_level, + NULL); + if (composite_nomem(auth_req, c)) return; + + composite_continue(c, auth_req, continue_bind_auth, c); +} + + +/* + Stage 3 of auth_schannel: Receivce result of authenticated bind + and say if we're done ok. +*/ +static void continue_bind_auth(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + c->status = dcerpc_bind_auth_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Initiate schannel authentication request +*/ +struct composite_context *dcerpc_bind_auth_schannel_send(TALLOC_CTX *tmp_ctx, + struct dcerpc_pipe *p, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx, + uint8_t auth_level) +{ + struct composite_context *c; + struct auth_schannel_state *s; + struct composite_context *schan_key_req; + + /* composite context allocation and setup */ + c = composite_create(tmp_ctx, p->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct auth_schannel_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* store parameters in the state structure */ + s->pipe = p; + s->credentials = credentials; + s->table = table; + s->auth_level = auth_level; + s->lp_ctx = lp_ctx; + + /* start getting schannel key first */ + schan_key_req = dcerpc_schannel_key_send(c, p, credentials, lp_ctx); + if (composite_nomem(schan_key_req, c)) return c; + + composite_continue(c, schan_key_req, continue_schannel_key, c); + return c; +} + + +/* + Receive result of schannel authentication request +*/ +NTSTATUS dcerpc_bind_auth_schannel_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +/* + Perform schannel authenticated bind - sync version + */ +_PUBLIC_ NTSTATUS dcerpc_bind_auth_schannel(TALLOC_CTX *tmp_ctx, + struct dcerpc_pipe *p, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx, + uint8_t auth_level) +{ + struct composite_context *c; + + c = dcerpc_bind_auth_schannel_send(tmp_ctx, p, table, credentials, lp_ctx, + auth_level); + return dcerpc_bind_auth_schannel_recv(c); +} diff --git a/source4/librpc/rpc/dcerpc_secondary.c b/source4/librpc/rpc/dcerpc_secondary.c new file mode 100644 index 0000000000..abc67ad38b --- /dev/null +++ b/source4/librpc/rpc/dcerpc_secondary.c @@ -0,0 +1,325 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc connect functions + + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Jelmer Vernooij 2004 + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2007 + Copyright (C) Rafal Szczesniak 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + + +#include "includes.h" +#include "libcli/composite/composite.h" +#include "lib/events/events.h" +#include "librpc/rpc/dcerpc.h" +#include "librpc/rpc/dcerpc_proto.h" +#include "auth/credentials/credentials.h" +#include "param/param.h" +#include "libcli/resolve/resolve.h" + + +struct sec_conn_state { + struct dcerpc_pipe *pipe; + struct dcerpc_pipe *pipe2; + struct dcerpc_binding *binding; + struct smbcli_tree *tree; +}; + + +static void continue_open_smb(struct composite_context *ctx); +static void continue_open_tcp(struct composite_context *ctx); +static void continue_open_pipe(struct composite_context *ctx); +static void continue_pipe_open(struct composite_context *c); + + +/* + Send request to create a secondary dcerpc connection from a primary + connection +*/ +_PUBLIC_ struct composite_context* dcerpc_secondary_connection_send(struct dcerpc_pipe *p, + struct dcerpc_binding *b) +{ + struct composite_context *c; + struct sec_conn_state *s; + struct composite_context *pipe_smb_req; + struct composite_context *pipe_tcp_req; + struct composite_context *pipe_ncalrpc_req; + + /* composite context allocation and setup */ + c = composite_create(p, p->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct sec_conn_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + s->pipe = p; + s->binding = b; + + /* initialise second dcerpc pipe based on primary pipe's event context */ + s->pipe2 = dcerpc_pipe_init(c, s->pipe->conn->event_ctx, s->pipe->conn->iconv_convenience); + if (composite_nomem(s->pipe2, c)) return c; + + /* open second dcerpc pipe using the same transport as for primary pipe */ + switch (s->pipe->conn->transport.transport) { + case NCACN_NP: + /* get smb tree of primary dcerpc pipe opened on smb */ + s->tree = dcerpc_smb_tree(s->pipe->conn); + if (!s->tree) { + composite_error(c, NT_STATUS_INVALID_PARAMETER); + return c; + } + + pipe_smb_req = dcerpc_pipe_open_smb_send(s->pipe2, s->tree, + s->binding->endpoint); + composite_continue(c, pipe_smb_req, continue_open_smb, c); + return c; + + case NCACN_IP_TCP: + pipe_tcp_req = dcerpc_pipe_open_tcp_send(s->pipe2->conn, + s->binding->host, + s->binding->target_hostname, + atoi(s->binding->endpoint), + lp_resolve_context(global_loadparm)); + composite_continue(c, pipe_tcp_req, continue_open_tcp, c); + return c; + + case NCALRPC: + pipe_ncalrpc_req = dcerpc_pipe_open_pipe_send(s->pipe2->conn, lp_ncalrpc_dir(global_loadparm), + s->binding->endpoint); + composite_continue(c, pipe_ncalrpc_req, continue_open_pipe, c); + return c; + + default: + /* looks like a transport we don't support */ + composite_error(c, NT_STATUS_NOT_SUPPORTED); + } + + return c; +} + + +/* + Stage 2 of secondary_connection: Receive result of pipe open request on smb +*/ +static void continue_open_smb(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + c->status = dcerpc_pipe_open_smb_recv(ctx); + if (!composite_is_ok(c)) return; + + continue_pipe_open(c); +} + + +/* + Stage 2 of secondary_connection: Receive result of pipe open request on tcp/ip +*/ +static void continue_open_tcp(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + c->status = dcerpc_pipe_open_tcp_recv(ctx); + if (!composite_is_ok(c)) return; + + continue_pipe_open(c); +} + + +/* + Stage 2 of secondary_connection: Receive result of pipe open request on ncalrpc +*/ +static void continue_open_pipe(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + c->status = dcerpc_pipe_open_pipe_recv(ctx); + if (!composite_is_ok(c)) return; + + continue_pipe_open(c); +} + + +/* + Stage 3 of secondary_connection: Get binding data and flags from primary pipe + and say if we're done ok. +*/ +static void continue_pipe_open(struct composite_context *c) +{ + struct sec_conn_state *s; + + s = talloc_get_type(c->private_data, struct sec_conn_state); + + s->pipe2->conn->flags = s->pipe->conn->flags; + s->pipe2->binding = s->binding; + if (!talloc_reference(s->pipe2, s->binding)) { + composite_error(c, NT_STATUS_NO_MEMORY); + return; + } + + composite_done(c); +} + + +/* + Receive result of secondary rpc connection request and return + second dcerpc pipe. +*/ +_PUBLIC_ NTSTATUS dcerpc_secondary_connection_recv(struct composite_context *c, + struct dcerpc_pipe **p2) +{ + NTSTATUS status = composite_wait(c); + struct sec_conn_state *s; + + s = talloc_get_type(c->private_data, struct sec_conn_state); + + if (NT_STATUS_IS_OK(status)) { + *p2 = talloc_steal(s->pipe, s->pipe2); + } + + talloc_free(c); + return status; +} + +/* + Create a secondary dcerpc connection from a primary connection + - sync version + + If the primary is a SMB connection then the secondary connection + will be on the same SMB connection, but using a new fnum +*/ +_PUBLIC_ NTSTATUS dcerpc_secondary_connection(struct dcerpc_pipe *p, + struct dcerpc_pipe **p2, + struct dcerpc_binding *b) +{ + struct composite_context *c; + + c = dcerpc_secondary_connection_send(p, b); + return dcerpc_secondary_connection_recv(c, p2); +} + +/* + Create a secondary DCERPC connection, then bind (and possibly + authenticate) using the supplied credentials. + + This creates a second connection, to the same host (and on ncacn_np on the same connection) as the first +*/ +struct sec_auth_conn_state { + struct dcerpc_pipe *pipe2; + struct dcerpc_binding *binding; + const struct ndr_interface_table *table; + struct cli_credentials *credentials; + struct composite_context *ctx; + struct loadparm_context *lp_ctx; +}; + +static void dcerpc_secondary_auth_connection_bind(struct composite_context *ctx); +static void dcerpc_secondary_auth_connection_continue(struct composite_context *ctx); + +_PUBLIC_ struct composite_context* dcerpc_secondary_auth_connection_send(struct dcerpc_pipe *p, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx) +{ + + struct composite_context *c, *secondary_conn_ctx; + struct sec_auth_conn_state *s; + + /* composite context allocation and setup */ + c = composite_create(p, p->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct sec_auth_conn_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + s->ctx = c; + + s->binding = binding; + s->table = table; + s->credentials = credentials; + s->lp_ctx = lp_ctx; + + secondary_conn_ctx = dcerpc_secondary_connection_send(p, binding); + + if (composite_nomem(secondary_conn_ctx, s->ctx)) { + talloc_free(c); + return NULL; + } + + composite_continue(s->ctx, secondary_conn_ctx, dcerpc_secondary_auth_connection_bind, + s); + return c; +} + +/* + Stage 2 of secondary_auth_connection: + Having made the secondary connection, we will need to do an (authenticated) bind +*/ +static void dcerpc_secondary_auth_connection_bind(struct composite_context *ctx) +{ + struct composite_context *secondary_auth_ctx; + struct sec_auth_conn_state *s = talloc_get_type(ctx->async.private_data, + struct sec_auth_conn_state); + + s->ctx->status = dcerpc_secondary_connection_recv(ctx, &s->pipe2); + if (!composite_is_ok(s->ctx)) return; + + secondary_auth_ctx = dcerpc_pipe_auth_send(s->pipe2, s->binding, s->table, s->credentials, + s->lp_ctx); + composite_continue(s->ctx, secondary_auth_ctx, dcerpc_secondary_auth_connection_continue, s); + +} + +/* + Stage 3 of secondary_auth_connection: Receive result of authenticated bind request +*/ +static void dcerpc_secondary_auth_connection_continue(struct composite_context *ctx) +{ + struct sec_auth_conn_state *s = talloc_get_type(ctx->async.private_data, + struct sec_auth_conn_state); + + s->ctx->status = dcerpc_pipe_auth_recv(ctx, s, &s->pipe2); + if (!composite_is_ok(s->ctx)) return; + + composite_done(s->ctx); +} + +/* + Receive an authenticated pipe, created as a secondary connection +*/ +_PUBLIC_ NTSTATUS dcerpc_secondary_auth_connection_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **p) +{ + NTSTATUS status = composite_wait(c); + struct sec_auth_conn_state *s; + + s = talloc_get_type(c->private_data, struct sec_auth_conn_state); + + if (NT_STATUS_IS_OK(status)) { + *p = talloc_steal(mem_ctx, s->pipe2); + } + + talloc_free(c); + return status; +} diff --git a/source4/librpc/rpc/dcerpc_smb.c b/source4/librpc/rpc/dcerpc_smb.c new file mode 100644 index 0000000000..312a44a5f0 --- /dev/null +++ b/source4/librpc/rpc/dcerpc_smb.c @@ -0,0 +1,588 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc over SMB transport + + Copyright (C) Tim Potter 2003 + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "libcli/raw/libcliraw.h" +#include "libcli/composite/composite.h" +#include "librpc/rpc/dcerpc.h" +#include "librpc/rpc/dcerpc_proto.h" + +/* transport private information used by SMB pipe transport */ +struct smb_private { + uint16_t fnum; + struct smbcli_tree *tree; + const char *server_name; + bool dead; +}; + + +/* + tell the dcerpc layer that the transport is dead +*/ +static void pipe_dead(struct dcerpc_connection *c, NTSTATUS status) +{ + struct smb_private *smb = (struct smb_private *)c->transport.private_data; + + if (smb->dead) { + return; + } + + smb->dead = true; + + if (NT_STATUS_EQUAL(NT_STATUS_UNSUCCESSFUL, status)) { + status = NT_STATUS_UNEXPECTED_NETWORK_ERROR; + } + + if (NT_STATUS_EQUAL(NT_STATUS_OK, status)) { + status = NT_STATUS_END_OF_FILE; + } + + if (c->transport.recv_data) { + c->transport.recv_data(c, NULL, status); + } +} + + +/* + this holds the state of an in-flight call +*/ +struct smb_read_state { + struct dcerpc_connection *c; + struct smbcli_request *req; + size_t received; + DATA_BLOB data; + union smb_read *io; +}; + +/* + called when a read request has completed +*/ +static void smb_read_callback(struct smbcli_request *req) +{ + struct smb_private *smb; + struct smb_read_state *state; + union smb_read *io; + uint16_t frag_length; + NTSTATUS status; + + state = talloc_get_type(req->async.private, struct smb_read_state); + smb = talloc_get_type(state->c->transport.private_data, struct smb_private); + io = state->io; + + status = smb_raw_read_recv(state->req, io); + if (NT_STATUS_IS_ERR(status)) { + pipe_dead(state->c, status); + talloc_free(state); + return; + } + + state->received += io->readx.out.nread; + + if (state->received < 16) { + DEBUG(0,("dcerpc_smb: short packet (length %d) in read callback!\n", + (int)state->received)); + pipe_dead(state->c, NT_STATUS_INFO_LENGTH_MISMATCH); + talloc_free(state); + return; + } + + frag_length = dcerpc_get_frag_length(&state->data); + + if (frag_length <= state->received) { + DATA_BLOB data = state->data; + struct dcerpc_connection *c = state->c; + data.length = state->received; + talloc_steal(state->c, data.data); + talloc_free(state); + c->transport.recv_data(c, &data, NT_STATUS_OK); + return; + } + + /* initiate another read request, as we only got part of a fragment */ + state->data.data = talloc_realloc(state, state->data.data, uint8_t, frag_length); + + io->readx.in.mincnt = MIN(state->c->srv_max_xmit_frag, + frag_length - state->received); + io->readx.in.maxcnt = io->readx.in.mincnt; + io->readx.out.data = state->data.data + state->received; + + state->req = smb_raw_read_send(smb->tree, io); + if (state->req == NULL) { + pipe_dead(state->c, NT_STATUS_NO_MEMORY); + talloc_free(state); + return; + } + + state->req->async.fn = smb_read_callback; + state->req->async.private = state; +} + +/* + trigger a read request from the server, possibly with some initial + data in the read buffer +*/ +static NTSTATUS send_read_request_continue(struct dcerpc_connection *c, DATA_BLOB *blob) +{ + struct smb_private *smb = (struct smb_private *)c->transport.private_data; + union smb_read *io; + struct smb_read_state *state; + struct smbcli_request *req; + + state = talloc(smb, struct smb_read_state); + if (state == NULL) { + return NT_STATUS_NO_MEMORY; + } + + state->c = c; + if (blob == NULL) { + state->received = 0; + state->data = data_blob_talloc(state, NULL, 0x2000); + } else { + uint32_t frag_length = blob->length>=16? + dcerpc_get_frag_length(blob):0x2000; + state->received = blob->length; + state->data = data_blob_talloc(state, NULL, frag_length); + if (!state->data.data) { + talloc_free(state); + return NT_STATUS_NO_MEMORY; + } + memcpy(state->data.data, blob->data, blob->length); + } + + state->io = talloc(state, union smb_read); + + io = state->io; + io->generic.level = RAW_READ_READX; + io->readx.in.file.fnum = smb->fnum; + io->readx.in.mincnt = state->data.length - state->received; + io->readx.in.maxcnt = io->readx.in.mincnt; + io->readx.in.offset = 0; + io->readx.in.remaining = 0; + io->readx.in.read_for_execute = false; + io->readx.out.data = state->data.data + state->received; + req = smb_raw_read_send(smb->tree, io); + if (req == NULL) { + return NT_STATUS_NO_MEMORY; + } + + req->async.fn = smb_read_callback; + req->async.private = state; + + state->req = req; + + return NT_STATUS_OK; +} + + +/* + trigger a read request from the server +*/ +static NTSTATUS send_read_request(struct dcerpc_connection *c) +{ + struct smb_private *smb = (struct smb_private *)c->transport.private_data; + + if (smb->dead) { + return NT_STATUS_CONNECTION_DISCONNECTED; + } + + return send_read_request_continue(c, NULL); +} + +/* + this holds the state of an in-flight trans call +*/ +struct smb_trans_state { + struct dcerpc_connection *c; + struct smbcli_request *req; + struct smb_trans2 *trans; +}; + +/* + called when a trans request has completed +*/ +static void smb_trans_callback(struct smbcli_request *req) +{ + struct smb_trans_state *state = (struct smb_trans_state *)req->async.private; + struct dcerpc_connection *c = state->c; + NTSTATUS status; + + status = smb_raw_trans_recv(req, state, state->trans); + + if (NT_STATUS_IS_ERR(status)) { + pipe_dead(c, status); + return; + } + + if (!NT_STATUS_EQUAL(status, STATUS_BUFFER_OVERFLOW)) { + DATA_BLOB data = state->trans->out.data; + talloc_steal(c, data.data); + talloc_free(state); + c->transport.recv_data(c, &data, NT_STATUS_OK); + return; + } + + /* there is more to receive - setup a readx */ + send_read_request_continue(c, &state->trans->out.data); + talloc_free(state); +} + +/* + send a SMBtrans style request +*/ +static NTSTATUS smb_send_trans_request(struct dcerpc_connection *c, DATA_BLOB *blob) +{ + struct smb_private *smb = (struct smb_private *)c->transport.private_data; + struct smb_trans2 *trans; + uint16_t setup[2]; + struct smb_trans_state *state; + uint16_t max_data; + + state = talloc(smb, struct smb_trans_state); + if (state == NULL) { + return NT_STATUS_NO_MEMORY; + } + + state->c = c; + state->trans = talloc(state, struct smb_trans2); + trans = state->trans; + + trans->in.data = *blob; + trans->in.params = data_blob(NULL, 0); + + setup[0] = TRANSACT_DCERPCCMD; + setup[1] = smb->fnum; + + if (c->srv_max_xmit_frag > 0) { + max_data = MIN(UINT16_MAX, c->srv_max_xmit_frag); + } else { + max_data = UINT16_MAX; + } + + trans->in.max_param = 0; + trans->in.max_data = max_data; + trans->in.max_setup = 0; + trans->in.setup_count = 2; + trans->in.flags = 0; + trans->in.timeout = 0; + trans->in.setup = setup; + trans->in.trans_name = "\\PIPE\\"; + + state->req = smb_raw_trans_send(smb->tree, trans); + if (state->req == NULL) { + talloc_free(state); + return NT_STATUS_NO_MEMORY; + } + + state->req->async.fn = smb_trans_callback; + state->req->async.private = state; + + talloc_steal(state, state->req); + + return NT_STATUS_OK; +} + +/* + called when a write request has completed +*/ +static void smb_write_callback(struct smbcli_request *req) +{ + struct dcerpc_connection *c = (struct dcerpc_connection *)req->async.private; + + if (!NT_STATUS_IS_OK(req->status)) { + DEBUG(0,("dcerpc_smb: write callback error\n")); + pipe_dead(c, req->status); + } + + smbcli_request_destroy(req); +} + +/* + send a packet to the server +*/ +static NTSTATUS smb_send_request(struct dcerpc_connection *c, DATA_BLOB *blob, + bool trigger_read) +{ + struct smb_private *smb = (struct smb_private *)c->transport.private_data; + union smb_write io; + struct smbcli_request *req; + + if (smb->dead) { + return NT_STATUS_CONNECTION_DISCONNECTED; + } + + if (trigger_read) { + return smb_send_trans_request(c, blob); + } + + io.generic.level = RAW_WRITE_WRITEX; + io.writex.in.file.fnum = smb->fnum; + io.writex.in.offset = 0; + io.writex.in.wmode = PIPE_START_MESSAGE; + io.writex.in.remaining = blob->length; + io.writex.in.count = blob->length; + io.writex.in.data = blob->data; + + /* we must not timeout at the smb level for rpc requests, as otherwise + signing/sealing can be messed up */ + smb->tree->session->transport->options.request_timeout = 0; + + req = smb_raw_write_send(smb->tree, &io); + if (req == NULL) { + return NT_STATUS_NO_MEMORY; + } + + req->async.fn = smb_write_callback; + req->async.private = c; + + if (trigger_read) { + send_read_request(c); + } + + return NT_STATUS_OK; +} + +/* + shutdown SMB pipe connection +*/ +static NTSTATUS smb_shutdown_pipe(struct dcerpc_connection *c, NTSTATUS status) +{ + struct smb_private *smb = (struct smb_private *)c->transport.private_data; + union smb_close io; + struct smbcli_request *req; + + /* maybe we're still starting up */ + if (!smb) return status; + + io.close.level = RAW_CLOSE_CLOSE; + io.close.in.file.fnum = smb->fnum; + io.close.in.write_time = 0; + req = smb_raw_close_send(smb->tree, &io); + if (req != NULL) { + /* we don't care if this fails, so just free it if it succeeds */ + req->async.fn = (void (*)(struct smbcli_request *))talloc_free; + } + + talloc_free(smb); + + return status; +} + +/* + return SMB server name (called name) +*/ +static const char *smb_peer_name(struct dcerpc_connection *c) +{ + struct smb_private *smb = (struct smb_private *)c->transport.private_data; + return smb->server_name; +} + +/* + return remote name we make the actual connection (good for kerberos) +*/ +static const char *smb_target_hostname(struct dcerpc_connection *c) +{ + struct smb_private *smb = talloc_get_type(c->transport.private_data, struct smb_private); + return smb->tree->session->transport->socket->hostname; +} + +/* + fetch the user session key +*/ +static NTSTATUS smb_session_key(struct dcerpc_connection *c, DATA_BLOB *session_key) +{ + struct smb_private *smb = (struct smb_private *)c->transport.private_data; + + if (smb->tree->session->user_session_key.data) { + *session_key = smb->tree->session->user_session_key; + return NT_STATUS_OK; + } + return NT_STATUS_NO_USER_SESSION_KEY; +} + +struct pipe_open_smb_state { + union smb_open *open; + struct dcerpc_connection *c; + struct smbcli_tree *tree; + struct composite_context *ctx; +}; + +static void pipe_open_recv(struct smbcli_request *req); + +struct composite_context *dcerpc_pipe_open_smb_send(struct dcerpc_pipe *p, + struct smbcli_tree *tree, + const char *pipe_name) +{ + struct composite_context *ctx; + struct pipe_open_smb_state *state; + struct smbcli_request *req; + struct dcerpc_connection *c = p->conn; + + /* if we don't have a binding on this pipe yet, then create one */ + if (p->binding == NULL) { + NTSTATUS status; + char *s; + SMB_ASSERT(tree->session->transport->socket->hostname != NULL); + s = talloc_asprintf(p, "ncacn_np:%s", tree->session->transport->socket->hostname); + if (s == NULL) return NULL; + status = dcerpc_parse_binding(p, s, &p->binding); + talloc_free(s); + if (!NT_STATUS_IS_OK(status)) { + return NULL; + } + } + + ctx = composite_create(c, c->event_ctx); + if (ctx == NULL) return NULL; + + state = talloc(ctx, struct pipe_open_smb_state); + if (composite_nomem(state, ctx)) return ctx; + ctx->private_data = state; + + state->c = c; + state->tree = tree; + state->ctx = ctx; + + state->open = talloc(state, union smb_open); + if (composite_nomem(state->open, ctx)) return ctx; + + state->open->ntcreatex.level = RAW_OPEN_NTCREATEX; + state->open->ntcreatex.in.flags = 0; + state->open->ntcreatex.in.root_fid = 0; + state->open->ntcreatex.in.access_mask = + SEC_STD_READ_CONTROL | + SEC_FILE_WRITE_ATTRIBUTE | + SEC_FILE_WRITE_EA | + SEC_FILE_READ_DATA | + SEC_FILE_WRITE_DATA; + state->open->ntcreatex.in.file_attr = 0; + state->open->ntcreatex.in.alloc_size = 0; + state->open->ntcreatex.in.share_access = + NTCREATEX_SHARE_ACCESS_READ | + NTCREATEX_SHARE_ACCESS_WRITE; + state->open->ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; + state->open->ntcreatex.in.create_options = 0; + state->open->ntcreatex.in.impersonation = + NTCREATEX_IMPERSONATION_IMPERSONATION; + state->open->ntcreatex.in.security_flags = 0; + + if ((strncasecmp(pipe_name, "/pipe/", 6) == 0) || + (strncasecmp(pipe_name, "\\pipe\\", 6) == 0)) { + pipe_name += 6; + } + state->open->ntcreatex.in.fname = + (pipe_name[0] == '\\') ? + talloc_strdup(state->open, pipe_name) : + talloc_asprintf(state->open, "\\%s", pipe_name); + if (composite_nomem(state->open->ntcreatex.in.fname, ctx)) return ctx; + + req = smb_raw_open_send(tree, state->open); + composite_continue_smb(ctx, req, pipe_open_recv, state); + return ctx; +} + +static void pipe_open_recv(struct smbcli_request *req) +{ + struct pipe_open_smb_state *state = talloc_get_type(req->async.private, + struct pipe_open_smb_state); + struct composite_context *ctx = state->ctx; + struct dcerpc_connection *c = state->c; + struct smb_private *smb; + + ctx->status = smb_raw_open_recv(req, state, state->open); + if (!composite_is_ok(ctx)) return; + + /* + fill in the transport methods + */ + c->transport.transport = NCACN_NP; + c->transport.private_data = NULL; + c->transport.shutdown_pipe = smb_shutdown_pipe; + c->transport.peer_name = smb_peer_name; + c->transport.target_hostname = smb_target_hostname; + + c->transport.send_request = smb_send_request; + c->transport.send_read = send_read_request; + c->transport.recv_data = NULL; + + /* Over-ride the default session key with the SMB session key */ + c->security_state.session_key = smb_session_key; + + smb = talloc(c, struct smb_private); + if (composite_nomem(smb, ctx)) return; + + smb->fnum = state->open->ntcreatex.out.file.fnum; + smb->tree = talloc_reference(smb, state->tree); + smb->server_name= strupper_talloc(smb, + state->tree->session->transport->called.name); + if (composite_nomem(smb->server_name, ctx)) return; + smb->dead = false; + + c->transport.private_data = smb; + + composite_done(ctx); +} + +NTSTATUS dcerpc_pipe_open_smb_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + talloc_free(c); + return status; +} + +_PUBLIC_ NTSTATUS dcerpc_pipe_open_smb(struct dcerpc_pipe *p, + struct smbcli_tree *tree, + const char *pipe_name) +{ + struct composite_context *ctx = dcerpc_pipe_open_smb_send(p, tree, + pipe_name); + return dcerpc_pipe_open_smb_recv(ctx); +} + +/* + return the SMB tree used for a dcerpc over SMB pipe +*/ +_PUBLIC_ struct smbcli_tree *dcerpc_smb_tree(struct dcerpc_connection *c) +{ + struct smb_private *smb; + + if (c->transport.transport != NCACN_NP) return NULL; + + smb = talloc_get_type(c->transport.private_data, struct smb_private); + if (!smb) return NULL; + + return smb->tree; +} + +/* + return the SMB fnum used for a dcerpc over SMB pipe (hack for torture operations) +*/ +_PUBLIC_ uint16_t dcerpc_smb_fnum(struct dcerpc_connection *c) +{ + struct smb_private *smb; + + if (c->transport.transport != NCACN_NP) return 0; + + smb = talloc_get_type(c->transport.private_data, struct smb_private); + if (!smb) return 0; + + return smb->fnum; +} diff --git a/source4/librpc/rpc/dcerpc_smb2.c b/source4/librpc/rpc/dcerpc_smb2.c new file mode 100644 index 0000000000..84ba8114e2 --- /dev/null +++ b/source4/librpc/rpc/dcerpc_smb2.c @@ -0,0 +1,512 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc over SMB2 transport + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "libcli/raw/libcliraw.h" +#include "libcli/composite/composite.h" +#include "libcli/smb2/smb2.h" +#include "libcli/smb2/smb2_calls.h" +#include "libcli/raw/ioctl.h" +#include "librpc/rpc/dcerpc.h" +#include "librpc/rpc/dcerpc_proto.h" + +/* transport private information used by SMB2 pipe transport */ +struct smb2_private { + struct smb2_handle handle; + struct smb2_tree *tree; + const char *server_name; + bool dead; +}; + + +/* + tell the dcerpc layer that the transport is dead +*/ +static void pipe_dead(struct dcerpc_connection *c, NTSTATUS status) +{ + struct smb2_private *smb = (struct smb2_private *)c->transport.private_data; + + if (smb->dead) { + return; + } + + smb->dead = true; + + if (NT_STATUS_EQUAL(NT_STATUS_UNSUCCESSFUL, status)) { + status = NT_STATUS_UNEXPECTED_NETWORK_ERROR; + } + + if (NT_STATUS_EQUAL(NT_STATUS_OK, status)) { + status = NT_STATUS_END_OF_FILE; + } + + if (c->transport.recv_data) { + c->transport.recv_data(c, NULL, status); + } +} + + +/* + this holds the state of an in-flight call +*/ +struct smb2_read_state { + struct dcerpc_connection *c; + DATA_BLOB data; +}; + +/* + called when a read request has completed +*/ +static void smb2_read_callback(struct smb2_request *req) +{ + struct smb2_private *smb; + struct smb2_read_state *state; + struct smb2_read io; + uint16_t frag_length; + NTSTATUS status; + + state = talloc_get_type(req->async.private_data, struct smb2_read_state); + smb = talloc_get_type(state->c->transport.private_data, struct smb2_private); + + status = smb2_read_recv(req, state, &io); + if (NT_STATUS_IS_ERR(status)) { + pipe_dead(state->c, status); + talloc_free(state); + return; + } + + if (!data_blob_append(state, &state->data, + io.out.data.data, io.out.data.length)) { + pipe_dead(state->c, NT_STATUS_NO_MEMORY); + talloc_free(state); + return; + } + + if (state->data.length < 16) { + DEBUG(0,("dcerpc_smb2: short packet (length %d) in read callback!\n", + (int)state->data.length)); + pipe_dead(state->c, NT_STATUS_INFO_LENGTH_MISMATCH); + talloc_free(state); + return; + } + + frag_length = dcerpc_get_frag_length(&state->data); + + if (frag_length <= state->data.length) { + DATA_BLOB data = state->data; + struct dcerpc_connection *c = state->c; + talloc_steal(c, data.data); + talloc_free(state); + c->transport.recv_data(c, &data, NT_STATUS_OK); + return; + } + + /* initiate another read request, as we only got part of a fragment */ + ZERO_STRUCT(io); + io.in.file.handle = smb->handle; + io.in.length = MIN(state->c->srv_max_xmit_frag, + frag_length - state->data.length); + if (io.in.length < 16) { + io.in.length = 16; + } + + req = smb2_read_send(smb->tree, &io); + if (req == NULL) { + pipe_dead(state->c, NT_STATUS_NO_MEMORY); + talloc_free(state); + return; + } + + req->async.fn = smb2_read_callback; + req->async.private_data = state; +} + + +/* + trigger a read request from the server, possibly with some initial + data in the read buffer +*/ +static NTSTATUS send_read_request_continue(struct dcerpc_connection *c, DATA_BLOB *blob) +{ + struct smb2_private *smb = (struct smb2_private *)c->transport.private_data; + struct smb2_read io; + struct smb2_read_state *state; + struct smb2_request *req; + + state = talloc(smb, struct smb2_read_state); + if (state == NULL) { + return NT_STATUS_NO_MEMORY; + } + + state->c = c; + if (blob == NULL) { + state->data = data_blob(NULL, 0); + } else { + state->data = *blob; + talloc_steal(state, state->data.data); + } + + ZERO_STRUCT(io); + io.in.file.handle = smb->handle; + + if (state->data.length >= 16) { + uint16_t frag_length = dcerpc_get_frag_length(&state->data); + io.in.length = frag_length - state->data.length; + } else { + io.in.length = 0x2000; + } + + req = smb2_read_send(smb->tree, &io); + if (req == NULL) { + return NT_STATUS_NO_MEMORY; + } + + req->async.fn = smb2_read_callback; + req->async.private_data = state; + + return NT_STATUS_OK; +} + + +/* + trigger a read request from the server +*/ +static NTSTATUS send_read_request(struct dcerpc_connection *c) +{ + struct smb2_private *smb = (struct smb2_private *)c->transport.private_data; + + if (smb->dead) { + return NT_STATUS_CONNECTION_DISCONNECTED; + } + + return send_read_request_continue(c, NULL); +} + +/* + this holds the state of an in-flight trans call +*/ +struct smb2_trans_state { + struct dcerpc_connection *c; +}; + +/* + called when a trans request has completed +*/ +static void smb2_trans_callback(struct smb2_request *req) +{ + struct smb2_trans_state *state = talloc_get_type(req->async.private_data, + struct smb2_trans_state); + struct dcerpc_connection *c = state->c; + NTSTATUS status; + struct smb2_ioctl io; + + status = smb2_ioctl_recv(req, state, &io); + if (NT_STATUS_IS_ERR(status)) { + pipe_dead(c, status); + return; + } + + if (!NT_STATUS_EQUAL(status, STATUS_BUFFER_OVERFLOW)) { + DATA_BLOB data = io.out.out; + talloc_steal(c, data.data); + talloc_free(state); + c->transport.recv_data(c, &data, NT_STATUS_OK); + return; + } + + /* there is more to receive - setup a read */ + send_read_request_continue(c, &io.out.out); + talloc_free(state); +} + +/* + send a SMBtrans style request, using a named pipe read_write fsctl +*/ +static NTSTATUS smb2_send_trans_request(struct dcerpc_connection *c, DATA_BLOB *blob) +{ + struct smb2_private *smb = talloc_get_type(c->transport.private_data, + struct smb2_private); + struct smb2_ioctl io; + struct smb2_trans_state *state; + struct smb2_request *req; + + state = talloc(smb, struct smb2_trans_state); + if (state == NULL) { + return NT_STATUS_NO_MEMORY; + } + + state->c = c; + + ZERO_STRUCT(io); + io.in.file.handle = smb->handle; + io.in.function = FSCTL_NAMED_PIPE_READ_WRITE; + io.in.max_response_size = 0x1000; + io.in.flags = 1; + io.in.out = *blob; + + req = smb2_ioctl_send(smb->tree, &io); + if (req == NULL) { + talloc_free(state); + return NT_STATUS_NO_MEMORY; + } + + req->async.fn = smb2_trans_callback; + req->async.private_data = state; + + talloc_steal(state, req); + + return NT_STATUS_OK; +} + +/* + called when a write request has completed +*/ +static void smb2_write_callback(struct smb2_request *req) +{ + struct dcerpc_connection *c = (struct dcerpc_connection *)req->async.private_data; + + if (!NT_STATUS_IS_OK(req->status)) { + DEBUG(0,("dcerpc_smb2: write callback error\n")); + pipe_dead(c, req->status); + } + + smb2_request_destroy(req); +} + +/* + send a packet to the server +*/ +static NTSTATUS smb2_send_request(struct dcerpc_connection *c, DATA_BLOB *blob, + bool trigger_read) +{ + struct smb2_private *smb = (struct smb2_private *)c->transport.private_data; + struct smb2_write io; + struct smb2_request *req; + + if (smb->dead) { + return NT_STATUS_CONNECTION_DISCONNECTED; + } + + if (trigger_read) { + return smb2_send_trans_request(c, blob); + } + + ZERO_STRUCT(io); + io.in.file.handle = smb->handle; + io.in.data = *blob; + + req = smb2_write_send(smb->tree, &io); + if (req == NULL) { + return NT_STATUS_NO_MEMORY; + } + + req->async.fn = smb2_write_callback; + req->async.private_data = c; + + return NT_STATUS_OK; +} + +/* + shutdown SMB pipe connection +*/ +static NTSTATUS smb2_shutdown_pipe(struct dcerpc_connection *c, NTSTATUS status) +{ + struct smb2_private *smb = (struct smb2_private *)c->transport.private_data; + struct smb2_close io; + struct smb2_request *req; + + /* maybe we're still starting up */ + if (!smb) return status; + + ZERO_STRUCT(io); + io.in.file.handle = smb->handle; + req = smb2_close_send(smb->tree, &io); + if (req != NULL) { + /* we don't care if this fails, so just free it if it succeeds */ + req->async.fn = (void (*)(struct smb2_request *))talloc_free; + } + + talloc_free(smb); + + return status; +} + +/* + return SMB server name +*/ +static const char *smb2_peer_name(struct dcerpc_connection *c) +{ + struct smb2_private *smb = talloc_get_type(c->transport.private_data, + struct smb2_private); + return smb->server_name; +} + +/* + return remote name we make the actual connection (good for kerberos) +*/ +static const char *smb2_target_hostname(struct dcerpc_connection *c) +{ + struct smb2_private *smb = talloc_get_type(c->transport.private_data, + struct smb2_private); + return smb->tree->session->transport->socket->hostname; +} + +/* + fetch the user session key +*/ +static NTSTATUS smb2_session_key(struct dcerpc_connection *c, DATA_BLOB *session_key) +{ + struct smb2_private *smb = talloc_get_type(c->transport.private_data, + struct smb2_private); + *session_key = smb->tree->session->session_key; + if (session_key->data == NULL) { + return NT_STATUS_NO_USER_SESSION_KEY; + } + return NT_STATUS_OK; +} + +struct pipe_open_smb2_state { + struct dcerpc_connection *c; + struct composite_context *ctx; +}; + +static void pipe_open_recv(struct smb2_request *req); + +struct composite_context *dcerpc_pipe_open_smb2_send(struct dcerpc_pipe *p, + struct smb2_tree *tree, + const char *pipe_name) +{ + struct composite_context *ctx; + struct pipe_open_smb2_state *state; + struct smb2_create io; + struct smb2_request *req; + struct dcerpc_connection *c = p->conn; + + ctx = composite_create(c, c->event_ctx); + if (ctx == NULL) return NULL; + + state = talloc(ctx, struct pipe_open_smb2_state); + if (composite_nomem(state, ctx)) return ctx; + ctx->private_data = state; + + state->c = c; + state->ctx = ctx; + + ZERO_STRUCT(io); + io.in.desired_access = + SEC_STD_READ_CONTROL | + SEC_FILE_READ_ATTRIBUTE | + SEC_FILE_WRITE_ATTRIBUTE | + SEC_STD_SYNCHRONIZE | + SEC_FILE_READ_EA | + SEC_FILE_WRITE_EA | + SEC_FILE_READ_DATA | + SEC_FILE_WRITE_DATA | + SEC_FILE_APPEND_DATA; + io.in.share_access = + NTCREATEX_SHARE_ACCESS_READ | + NTCREATEX_SHARE_ACCESS_WRITE; + io.in.create_disposition = NTCREATEX_DISP_OPEN; + io.in.create_options = + NTCREATEX_OPTIONS_NON_DIRECTORY_FILE | + NTCREATEX_OPTIONS_NO_RECALL; + io.in.impersonation_level = NTCREATEX_IMPERSONATION_IMPERSONATION; + + if ((strncasecmp(pipe_name, "/pipe/", 6) == 0) || + (strncasecmp(pipe_name, "\\pipe\\", 6) == 0)) { + pipe_name += 6; + } + io.in.fname = pipe_name; + + req = smb2_create_send(tree, &io); + composite_continue_smb2(ctx, req, pipe_open_recv, state); + return ctx; +} + +static void pipe_open_recv(struct smb2_request *req) +{ + struct pipe_open_smb2_state *state = + talloc_get_type(req->async.private_data, + struct pipe_open_smb2_state); + struct composite_context *ctx = state->ctx; + struct dcerpc_connection *c = state->c; + struct smb2_tree *tree = req->tree; + struct smb2_private *smb; + struct smb2_create io; + + ctx->status = smb2_create_recv(req, state, &io); + if (!composite_is_ok(ctx)) return; + + /* + fill in the transport methods + */ + c->transport.transport = NCACN_NP; + c->transport.private_data = NULL; + c->transport.shutdown_pipe = smb2_shutdown_pipe; + c->transport.peer_name = smb2_peer_name; + c->transport.target_hostname = smb2_target_hostname; + + c->transport.send_request = smb2_send_request; + c->transport.send_read = send_read_request; + c->transport.recv_data = NULL; + + /* Over-ride the default session key with the SMB session key */ + c->security_state.session_key = smb2_session_key; + + smb = talloc(c, struct smb2_private); + if (composite_nomem(smb, ctx)) return; + + smb->handle = io.out.file.handle; + smb->tree = talloc_reference(smb, tree); + smb->server_name= strupper_talloc(smb, + tree->session->transport->socket->hostname); + if (composite_nomem(smb->server_name, ctx)) return; + smb->dead = false; + + c->transport.private_data = smb; + + composite_done(ctx); +} + +NTSTATUS dcerpc_pipe_open_smb2_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + talloc_free(c); + return status; +} + +NTSTATUS dcerpc_pipe_open_smb2(struct dcerpc_pipe *p, + struct smb2_tree *tree, + const char *pipe_name) +{ + struct composite_context *ctx = dcerpc_pipe_open_smb2_send(p, tree, pipe_name); + return dcerpc_pipe_open_smb2_recv(ctx); +} + +/* + return the SMB2 tree used for a dcerpc over SMB2 pipe +*/ +struct smb2_tree *dcerpc_smb2_tree(struct dcerpc_connection *c) +{ + struct smb2_private *smb = talloc_get_type(c->transport.private_data, + struct smb2_private); + return smb->tree; +} diff --git a/source4/librpc/rpc/dcerpc_sock.c b/source4/librpc/rpc/dcerpc_sock.c new file mode 100644 index 0000000000..7480beae33 --- /dev/null +++ b/source4/librpc/rpc/dcerpc_sock.c @@ -0,0 +1,664 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc over standard sockets transport + + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Jelmer Vernooij 2004 + Copyright (C) Rafal Szczesniak 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "lib/events/events.h" +#include "lib/socket/socket.h" +#include "lib/stream/packet.h" +#include "libcli/composite/composite.h" +#include "librpc/rpc/dcerpc.h" +#include "librpc/rpc/dcerpc_proto.h" +#include "libcli/resolve/resolve.h" +#include "param/param.h" + +/* transport private information used by general socket pipe transports */ +struct sock_private { + struct fd_event *fde; + struct socket_context *sock; + char *server_name; + + struct packet_context *packet; + uint32_t pending_reads; +}; + + +/* + mark the socket dead +*/ +static void sock_dead(struct dcerpc_connection *p, NTSTATUS status) +{ + struct sock_private *sock = (struct sock_private *)p->transport.private_data; + + if (!sock) return; + + if (sock->packet) { + packet_recv_disable(sock->packet); + packet_set_fde(sock->packet, NULL); + packet_set_socket(sock->packet, NULL); + } + + if (sock->fde) { + talloc_free(sock->fde); + sock->fde = NULL; + } + + if (sock->sock) { + talloc_free(sock->sock); + sock->sock = NULL; + } + + if (NT_STATUS_EQUAL(NT_STATUS_UNSUCCESSFUL, status)) { + status = NT_STATUS_UNEXPECTED_NETWORK_ERROR; + } + + if (NT_STATUS_EQUAL(NT_STATUS_OK, status)) { + status = NT_STATUS_END_OF_FILE; + } + + if (p->transport.recv_data) { + p->transport.recv_data(p, NULL, status); + } +} + + +/* + handle socket recv errors +*/ +static void sock_error_handler(void *private, NTSTATUS status) +{ + struct dcerpc_connection *p = talloc_get_type(private, + struct dcerpc_connection); + sock_dead(p, status); +} + +/* + check if a blob is a complete packet +*/ +static NTSTATUS sock_complete_packet(void *private, DATA_BLOB blob, size_t *size) +{ + if (blob.length < DCERPC_FRAG_LEN_OFFSET+2) { + return STATUS_MORE_ENTRIES; + } + *size = dcerpc_get_frag_length(&blob); + if (*size > blob.length) { + return STATUS_MORE_ENTRIES; + } + return NT_STATUS_OK; +} + +/* + process recv requests +*/ +static NTSTATUS sock_process_recv(void *private, DATA_BLOB blob) +{ + struct dcerpc_connection *p = talloc_get_type(private, + struct dcerpc_connection); + struct sock_private *sock = (struct sock_private *)p->transport.private_data; + sock->pending_reads--; + if (sock->pending_reads == 0) { + packet_recv_disable(sock->packet); + } + p->transport.recv_data(p, &blob, NT_STATUS_OK); + return NT_STATUS_OK; +} + +/* + called when a IO is triggered by the events system +*/ +static void sock_io_handler(struct event_context *ev, struct fd_event *fde, + uint16_t flags, void *private) +{ + struct dcerpc_connection *p = talloc_get_type(private, + struct dcerpc_connection); + struct sock_private *sock = (struct sock_private *)p->transport.private_data; + + if (flags & EVENT_FD_WRITE) { + packet_queue_run(sock->packet); + return; + } + + if (sock->sock == NULL) { + return; + } + + if (flags & EVENT_FD_READ) { + packet_recv(sock->packet); + } +} + +/* + initiate a read request - not needed for dcerpc sockets +*/ +static NTSTATUS sock_send_read(struct dcerpc_connection *p) +{ + struct sock_private *sock = (struct sock_private *)p->transport.private_data; + sock->pending_reads++; + if (sock->pending_reads == 1) { + packet_recv_enable(sock->packet); + } + return NT_STATUS_OK; +} + +/* + send an initial pdu in a multi-pdu sequence +*/ +static NTSTATUS sock_send_request(struct dcerpc_connection *p, DATA_BLOB *data, + bool trigger_read) +{ + struct sock_private *sock = (struct sock_private *)p->transport.private_data; + DATA_BLOB blob; + NTSTATUS status; + + if (sock->sock == NULL) { + return NT_STATUS_CONNECTION_DISCONNECTED; + } + + blob = data_blob_talloc(sock->packet, data->data, data->length); + if (blob.data == NULL) { + return NT_STATUS_NO_MEMORY; + } + + status = packet_send(sock->packet, blob); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + if (trigger_read) { + sock_send_read(p); + } + + return NT_STATUS_OK; +} + +/* + shutdown sock pipe connection +*/ +static NTSTATUS sock_shutdown_pipe(struct dcerpc_connection *p, NTSTATUS status) +{ + struct sock_private *sock = (struct sock_private *)p->transport.private_data; + + if (sock && sock->sock) { + sock_dead(p, status); + } + + return status; +} + +/* + return sock server name +*/ +static const char *sock_peer_name(struct dcerpc_connection *p) +{ + struct sock_private *sock = talloc_get_type(p->transport.private_data, struct sock_private); + return sock->server_name; +} + +/* + return remote name we make the actual connection (good for kerberos) +*/ +static const char *sock_target_hostname(struct dcerpc_connection *p) +{ + struct sock_private *sock = talloc_get_type(p->transport.private_data, struct sock_private); + return sock->server_name; +} + + +struct pipe_open_socket_state { + struct dcerpc_connection *conn; + struct socket_context *socket_ctx; + struct sock_private *sock; + struct socket_address *server; + const char *target_hostname; + enum dcerpc_transport_t transport; +}; + + +static void continue_socket_connect(struct composite_context *ctx) +{ + struct dcerpc_connection *conn; + struct sock_private *sock; + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_open_socket_state *s = talloc_get_type(c->private_data, + struct pipe_open_socket_state); + + /* make it easier to write a function calls */ + conn = s->conn; + sock = s->sock; + + c->status = socket_connect_recv(ctx); + if (!NT_STATUS_IS_OK(c->status)) { + DEBUG(0, ("Failed to connect host %s on port %d - %s\n", + s->server->addr, s->server->port, + nt_errstr(c->status))); + composite_error(c, c->status); + return; + } + + /* + fill in the transport methods + */ + conn->transport.transport = s->transport; + conn->transport.private_data = NULL; + + conn->transport.send_request = sock_send_request; + conn->transport.send_read = sock_send_read; + conn->transport.recv_data = NULL; + + conn->transport.shutdown_pipe = sock_shutdown_pipe; + conn->transport.peer_name = sock_peer_name; + conn->transport.target_hostname = sock_target_hostname; + + sock->sock = s->socket_ctx; + sock->pending_reads = 0; + sock->server_name = strupper_talloc(sock, s->target_hostname); + + sock->fde = event_add_fd(conn->event_ctx, sock->sock, socket_get_fd(sock->sock), + EVENT_FD_READ, sock_io_handler, conn); + + conn->transport.private_data = sock; + + sock->packet = packet_init(sock); + if (sock->packet == NULL) { + composite_error(c, NT_STATUS_NO_MEMORY); + talloc_free(sock); + return; + } + + packet_set_private(sock->packet, conn); + packet_set_socket(sock->packet, sock->sock); + packet_set_callback(sock->packet, sock_process_recv); + packet_set_full_request(sock->packet, sock_complete_packet); + packet_set_error_handler(sock->packet, sock_error_handler); + packet_set_event_context(sock->packet, conn->event_ctx); + packet_set_fde(sock->packet, sock->fde); + packet_set_serialise(sock->packet); + packet_set_initial_read(sock->packet, 16); + + /* ensure we don't get SIGPIPE */ + BlockSignals(true, SIGPIPE); + + composite_done(c); +} + + +static struct composite_context *dcerpc_pipe_open_socket_send(TALLOC_CTX *mem_ctx, + struct dcerpc_connection *cn, + struct resolve_context *resolve_context, + struct socket_address *server, + const char *target_hostname, + enum dcerpc_transport_t transport) +{ + struct composite_context *c; + struct pipe_open_socket_state *s; + struct composite_context *conn_req; + + c = composite_create(mem_ctx, cn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_open_socket_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + s->conn = cn; + s->transport = transport; + s->server = talloc_reference(c, server); + if (composite_nomem(s->server, c)) return c; + s->target_hostname = talloc_reference(s, target_hostname); + + s->sock = talloc(cn, struct sock_private); + if (composite_nomem(s->sock, c)) return c; + + c->status = socket_create(server->family, SOCKET_TYPE_STREAM, &s->socket_ctx, 0); + if (!composite_is_ok(c)) return c; + + talloc_steal(s->sock, s->socket_ctx); + + conn_req = socket_connect_send(s->socket_ctx, NULL, s->server, 0, + resolve_context, + c->event_ctx); + composite_continue(c, conn_req, continue_socket_connect, c); + return c; +} + + +static NTSTATUS dcerpc_pipe_open_socket_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + +struct pipe_tcp_state { + const char *server; + const char *target_hostname; + const char *address; + uint32_t port; + struct socket_address *srvaddr; + struct resolve_context *resolve_ctx; + struct dcerpc_connection *conn; +}; + + +#if 0 /* disabled till we can resolve names to ipv6 addresses */ +static void continue_ipv6_open_socket(struct composite_context *ctx); +#endif +static void continue_ipv4_open_socket(struct composite_context *ctx); +static void continue_ip_resolve_name(struct composite_context *ctx); + +static void continue_ip_resolve_name(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_tcp_state *s = talloc_get_type(c->private_data, + struct pipe_tcp_state); + struct composite_context *sock_ipv4_req; + + c->status = resolve_name_recv(ctx, s, &s->address); + if (!composite_is_ok(c)) return; + + /* prepare server address using host ip:port and transport name */ + s->srvaddr = socket_address_from_strings(s->conn, "ipv4", s->address, s->port); + if (composite_nomem(s->srvaddr, c)) return; + + /* resolve_nbt_name gives only ipv4 ... - send socket open request */ + sock_ipv4_req = dcerpc_pipe_open_socket_send(c, s->conn, + s->resolve_ctx, + s->srvaddr, s->target_hostname, + NCACN_IP_TCP); + composite_continue(c, sock_ipv4_req, continue_ipv4_open_socket, c); +} + +/* + Stage 2 of dcerpc_pipe_open_tcp_send: receive result of pipe open request + on IPv6 and send the request on IPv4 unless IPv6 transport succeeded. +*/ +#if 0 /* disabled till we can resolve names to ipv6 addresses */ +static void continue_ipv6_open_socket(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_tcp_state *s = talloc_get_type(c->private_data, + struct pipe_tcp_state); + struct composite_context *sock_ipv4_req; + + /* receive result of socket open request */ + c->status = dcerpc_pipe_open_socket_recv(ctx); + if (NT_STATUS_IS_OK(c->status)) { + composite_done(c); + return; + } + + talloc_free(s->srvaddr); + + /* prepare server address using host:ip and transport name */ + s->srvaddr = socket_address_from_strings(s->conn, "ipv4", s->address, s->port); + if (composite_nomem(s->srvaddr, c)) return; + + /* try IPv4 if IPv6 fails */ + sock_ipv4_req = dcerpc_pipe_open_socket_send(c, s->conn, + s->srvaddr, s->target_hostname, + NCACN_IP_TCP); + composite_continue(c, sock_ipv4_req, continue_ipv4_open_socket, c); +} +#endif + +/* + Stage 2 of dcerpc_pipe_open_tcp_send: receive result of pipe open request + on IPv4 transport. +*/ +static void continue_ipv4_open_socket(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_tcp_state *s = talloc_get_type(c->private_data, + struct pipe_tcp_state); + + /* receive result socket open request */ + c->status = dcerpc_pipe_open_socket_recv(ctx); + if (!NT_STATUS_IS_OK(c->status)) { + /* something went wrong... */ + DEBUG(0, ("Failed to connect host %s (%s) on port %d - %s.\n", + s->address, s->target_hostname, + s->port, nt_errstr(c->status))); + + composite_error(c, c->status); + return; + } + + composite_done(c); +} + + +/* + Send rpc pipe open request to given host:port using + tcp/ip transport +*/ +struct composite_context* dcerpc_pipe_open_tcp_send(struct dcerpc_connection *conn, + const char *server, + const char *target_hostname, + uint32_t port, + struct resolve_context *resolve_ctx) +{ + struct composite_context *c; + struct pipe_tcp_state *s; + struct composite_context *resolve_req; + struct nbt_name name; + + /* composite context allocation and setup */ + c = composite_create(conn, conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_tcp_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* store input parameters in state structure */ + s->server = talloc_strdup(c, server); + if (composite_nomem(s->server, c)) return c; + if (target_hostname) { + s->target_hostname = talloc_strdup(c, target_hostname); + if (composite_nomem(s->target_hostname, c)) return c; + } + s->port = port; + s->conn = conn; + s->resolve_ctx = resolve_ctx; + + make_nbt_name_server(&name, server); + resolve_req = resolve_name_send(resolve_ctx, &name, c->event_ctx); + composite_continue(c, resolve_req, continue_ip_resolve_name, c); + return c; +} + +/* + Receive result of pipe open request on tcp/ip +*/ +NTSTATUS dcerpc_pipe_open_tcp_recv(struct composite_context *c) +{ + NTSTATUS status; + status = composite_wait(c); + + talloc_free(c); + return status; +} + + +struct pipe_unix_state { + const char *path; + struct socket_address *srvaddr; + struct dcerpc_connection *conn; +}; + + +/* + Stage 2 of dcerpc_pipe_open_unix_stream_send: receive result of pipe open + request on unix socket. +*/ +static void continue_unix_open_socket(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + c->status = dcerpc_pipe_open_socket_recv(ctx); + if (NT_STATUS_IS_OK(c->status)) { + composite_done(c); + return; + } + + composite_error(c, c->status); +} + + +/* + Send pipe open request on unix socket +*/ +struct composite_context *dcerpc_pipe_open_unix_stream_send(struct dcerpc_connection *conn, + const char *path) +{ + struct composite_context *c; + struct composite_context *sock_unix_req; + struct pipe_unix_state *s; + + /* composite context allocation and setup */ + c = composite_create(conn, conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_unix_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* store parameters in state structure */ + s->path = talloc_strdup(c, path); + if (composite_nomem(s->path, c)) return c; + s->conn = conn; + + /* prepare server address using socket path and transport name */ + s->srvaddr = socket_address_from_strings(conn, "unix", s->path, 0); + if (composite_nomem(s->srvaddr, c)) return c; + + /* send socket open request */ + sock_unix_req = dcerpc_pipe_open_socket_send(c, s->conn, + NULL, + s->srvaddr, NULL, + NCALRPC); + composite_continue(c, sock_unix_req, continue_unix_open_socket, c); + return c; +} + + +/* + Receive result of pipe open request on unix socket +*/ +NTSTATUS dcerpc_pipe_open_unix_stream_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +struct pipe_np_state { + char *full_path; + struct socket_address *srvaddr; + struct dcerpc_connection *conn; +}; + + +/* + Stage 2 of dcerpc_pipe_open_pipe_send: receive socket open request +*/ +static void continue_np_open_socket(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + c->status = dcerpc_pipe_open_socket_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Send pipe open request on ncalrpc +*/ +struct composite_context* dcerpc_pipe_open_pipe_send(struct dcerpc_connection *conn, + const char *ncalrpc_dir, + const char *identifier) +{ + char *canon = NULL; + + struct composite_context *c; + struct composite_context *sock_np_req; + struct pipe_np_state *s; + + /* composite context allocation and setup */ + c = composite_create(conn, conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_np_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* store parameters in state structure */ + canon = talloc_strdup(s, identifier); + if (composite_nomem(canon, c)) return c; + s->conn = conn; + + string_replace(canon, '/', '\\'); + s->full_path = talloc_asprintf(canon, "%s/%s", ncalrpc_dir, canon); + if (composite_nomem(s->full_path, c)) return c; + + /* prepare server address using path and transport name */ + s->srvaddr = socket_address_from_strings(conn, "unix", s->full_path, 0); + if (composite_nomem(s->srvaddr, c)) return c; + + /* send socket open request */ + sock_np_req = dcerpc_pipe_open_socket_send(c, s->conn, NULL, s->srvaddr, NULL, NCALRPC); + composite_continue(c, sock_np_req, continue_np_open_socket, c); + return c; +} + + +/* + Receive result of pipe open request on ncalrpc +*/ +NTSTATUS dcerpc_pipe_open_pipe_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +/* + Open a rpc pipe on a named pipe - sync version +*/ +NTSTATUS dcerpc_pipe_open_pipe(struct dcerpc_connection *conn, const char *ncalrpc_dir, const char *identifier) +{ + struct composite_context *c = dcerpc_pipe_open_pipe_send(conn, ncalrpc_dir, identifier); + return dcerpc_pipe_open_pipe_recv(c); +} diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c new file mode 100644 index 0000000000..32646e85b0 --- /dev/null +++ b/source4/librpc/rpc/dcerpc_util.c @@ -0,0 +1,740 @@ +/* + Unix SMB/CIFS implementation. + + dcerpc utility functions + + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Jelmer Vernooij 2004 + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005 + Copyright (C) Rafal Szczesniak 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "lib/events/events.h" +#include "libcli/composite/composite.h" +#include "librpc/gen_ndr/ndr_epmapper_c.h" +#include "librpc/gen_ndr/ndr_dcerpc.h" +#include "librpc/gen_ndr/ndr_misc.h" +#include "librpc/rpc/dcerpc_proto.h" +#include "auth/credentials/credentials.h" +#include "param/param.h" + +/* + find a dcerpc call on an interface by name +*/ +const struct ndr_interface_call *dcerpc_iface_find_call(const struct ndr_interface_table *iface, + const char *name) +{ + int i; + for (i=0;i<iface->num_calls;i++) { + if (strcmp(iface->calls[i].name, name) == 0) { + return &iface->calls[i]; + } + } + return NULL; +} + +/* + push a ncacn_packet into a blob, potentially with auth info +*/ +NTSTATUS ncacn_push_auth(DATA_BLOB *blob, TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, + struct ncacn_packet *pkt, + struct dcerpc_auth *auth_info) +{ + struct ndr_push *ndr; + enum ndr_err_code ndr_err; + + ndr = ndr_push_init_ctx(mem_ctx, iconv_convenience); + if (!ndr) { + return NT_STATUS_NO_MEMORY; + } + + if (!(pkt->drep[0] & DCERPC_DREP_LE)) { + ndr->flags |= LIBNDR_FLAG_BIGENDIAN; + } + + if (pkt->pfc_flags & DCERPC_PFC_FLAG_OBJECT_UUID) { + ndr->flags |= LIBNDR_FLAG_OBJECT_PRESENT; + } + + if (auth_info) { + pkt->auth_length = auth_info->credentials.length; + } else { + pkt->auth_length = 0; + } + + ndr_err = ndr_push_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, pkt); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return ndr_map_error2ntstatus(ndr_err); + } + + if (auth_info) { + ndr_err = ndr_push_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, auth_info); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return ndr_map_error2ntstatus(ndr_err); + } + } + + *blob = ndr_push_blob(ndr); + + /* fill in the frag length */ + dcerpc_set_frag_length(blob, blob->length); + + return NT_STATUS_OK; +} + + +struct epm_map_binding_state { + struct dcerpc_binding *binding; + const struct ndr_interface_table *table; + struct dcerpc_pipe *pipe; + struct policy_handle handle; + struct GUID guid; + struct epm_twr_t twr; + struct epm_twr_t *twr_r; + struct epm_Map r; +}; + + +static void continue_epm_recv_binding(struct composite_context *ctx); +static void continue_epm_map(struct rpc_request *req); + + +/* + Stage 2 of epm_map_binding: Receive connected rpc pipe and send endpoint + mapping rpc request +*/ +static void continue_epm_recv_binding(struct composite_context *ctx) +{ + struct rpc_request *map_req; + + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct epm_map_binding_state *s = talloc_get_type(c->private_data, + struct epm_map_binding_state); + + /* receive result of rpc pipe connect request */ + c->status = dcerpc_pipe_connect_b_recv(ctx, c, &s->pipe); + if (!composite_is_ok(c)) return; + + s->pipe->conn->flags |= DCERPC_NDR_REF_ALLOC; + + /* prepare requested binding parameters */ + s->binding->object = s->table->syntax_id; + + c->status = dcerpc_binding_build_tower(s->pipe, s->binding, &s->twr.tower); + if (!composite_is_ok(c)) return; + + /* with some nice pretty paper around it of course */ + s->r.in.object = &s->guid; + s->r.in.map_tower = &s->twr; + s->r.in.entry_handle = &s->handle; + s->r.in.max_towers = 1; + s->r.out.entry_handle = &s->handle; + + /* send request for an endpoint mapping - a rpc request on connected pipe */ + map_req = dcerpc_epm_Map_send(s->pipe, c, &s->r); + if (composite_nomem(map_req, c)) return; + + composite_continue_rpc(c, map_req, continue_epm_map, c); +} + + +/* + Stage 3 of epm_map_binding: Receive endpoint mapping and provide binding details +*/ +static void continue_epm_map(struct rpc_request *req) +{ + struct composite_context *c = talloc_get_type(req->async.private_data, + struct composite_context); + struct epm_map_binding_state *s = talloc_get_type(c->private_data, + struct epm_map_binding_state); + + /* receive result of a rpc request */ + c->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(c)) return; + + /* check the details */ + if (s->r.out.result != 0 || *s->r.out.num_towers != 1) { + composite_error(c, NT_STATUS_PORT_UNREACHABLE); + return; + } + + s->twr_r = s->r.out.towers[0].twr; + if (s->twr_r == NULL) { + composite_error(c, NT_STATUS_PORT_UNREACHABLE); + return; + } + + if (s->twr_r->tower.num_floors != s->twr.tower.num_floors || + s->twr_r->tower.floors[3].lhs.protocol != s->twr.tower.floors[3].lhs.protocol) { + composite_error(c, NT_STATUS_PORT_UNREACHABLE); + return; + } + + /* get received endpoint */ + s->binding->endpoint = talloc_reference(s->binding, + dcerpc_floor_get_rhs_data(c, &s->twr_r->tower.floors[3])); + if (composite_nomem(s->binding->endpoint, c)) return; + + composite_done(c); +} + + +/* + Request for endpoint mapping of dcerpc binding - try to request for endpoint + unless there is default one. +*/ +struct composite_context *dcerpc_epm_map_binding_send(TALLOC_CTX *mem_ctx, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct event_context *ev, + struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + struct epm_map_binding_state *s; + struct composite_context *pipe_connect_req; + struct cli_credentials *anon_creds; + + NTSTATUS status; + struct dcerpc_binding *epmapper_binding; + int i; + + if (ev == NULL) { + return NULL; + } + + /* composite context allocation and setup */ + c = composite_create(mem_ctx, ev); + if (c == NULL) { + return NULL; + } + + s = talloc_zero(c, struct epm_map_binding_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + s->binding = binding; + s->table = table; + + /* anonymous credentials for rpc connection used to get endpoint mapping */ + anon_creds = cli_credentials_init(mem_ctx); + cli_credentials_set_anonymous(anon_creds); + + /* + First, check if there is a default endpoint specified in the IDL + */ + if (table != NULL) { + struct dcerpc_binding *default_binding; + + /* Find one of the default pipes for this interface */ + for (i = 0; i < table->endpoints->count; i++) { + status = dcerpc_parse_binding(mem_ctx, table->endpoints->names[i], &default_binding); + + if (NT_STATUS_IS_OK(status)) { + if (binding->transport == NCA_UNKNOWN) + binding->transport = default_binding->transport; + if (default_binding->transport == binding->transport && + default_binding->endpoint) { + binding->endpoint = talloc_reference(binding, default_binding->endpoint); + talloc_free(default_binding); + + composite_done(c); + return c; + + } else { + talloc_free(default_binding); + } + } + } + } + + epmapper_binding = talloc_zero(c, struct dcerpc_binding); + if (composite_nomem(epmapper_binding, c)) return c; + + /* basic endpoint mapping data */ + epmapper_binding->transport = binding->transport; + epmapper_binding->host = talloc_reference(epmapper_binding, binding->host); + epmapper_binding->target_hostname = epmapper_binding->host; + epmapper_binding->options = NULL; + epmapper_binding->flags = 0; + epmapper_binding->assoc_group_id = 0; + epmapper_binding->endpoint = NULL; + + /* initiate rpc pipe connection */ + pipe_connect_req = dcerpc_pipe_connect_b_send(c, epmapper_binding, + &ndr_table_epmapper, + anon_creds, c->event_ctx, + lp_ctx); + if (composite_nomem(pipe_connect_req, c)) return c; + + composite_continue(c, pipe_connect_req, continue_epm_recv_binding, c); + return c; +} + + +/* + Receive result of endpoint mapping request + */ +NTSTATUS dcerpc_epm_map_binding_recv(struct composite_context *c) +{ + NTSTATUS status = composite_wait(c); + + talloc_free(c); + return status; +} + + +/* + Get endpoint mapping for rpc connection +*/ +_PUBLIC_ NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *binding, + const struct ndr_interface_table *table, struct event_context *ev, + struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + + c = dcerpc_epm_map_binding_send(mem_ctx, binding, table, ev, lp_ctx); + return dcerpc_epm_map_binding_recv(c); +} + + +struct pipe_auth_state { + struct dcerpc_pipe *pipe; + struct dcerpc_binding *binding; + const struct ndr_interface_table *table; + struct loadparm_context *lp_ctx; + struct cli_credentials *credentials; +}; + + +static void continue_auth_schannel(struct composite_context *ctx); +static void continue_auth(struct composite_context *ctx); +static void continue_auth_none(struct composite_context *ctx); +static void continue_ntlmssp_connection(struct composite_context *ctx); +static void continue_spnego_after_wrong_pass(struct composite_context *ctx); + + +/* + Stage 2 of pipe_auth: Receive result of schannel bind request +*/ +static void continue_auth_schannel(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + c->status = dcerpc_bind_auth_schannel_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Stage 2 of pipe_auth: Receive result of authenticated bind request +*/ +static void continue_auth(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + c->status = dcerpc_bind_auth_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} +/* + Stage 2 of pipe_auth: Receive result of authenticated bind request, but handle fallbacks: + SPNEGO -> NTLMSSP +*/ +static void continue_auth_auto(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + struct pipe_auth_state *s = talloc_get_type(c->private_data, struct pipe_auth_state); + struct composite_context *sec_conn_req; + + c->status = dcerpc_bind_auth_recv(ctx); + if (NT_STATUS_EQUAL(c->status, NT_STATUS_INVALID_PARAMETER)) { + /* + * Retry with NTLMSSP auth as fallback + * send a request for secondary rpc connection + */ + sec_conn_req = dcerpc_secondary_connection_send(s->pipe, + s->binding); + composite_continue(c, sec_conn_req, continue_ntlmssp_connection, c); + return; + } else if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(s->credentials)) { + /* + * Retry SPNEGO with a better password + * send a request for secondary rpc connection + */ + sec_conn_req = dcerpc_secondary_connection_send(s->pipe, + s->binding); + composite_continue(c, sec_conn_req, continue_spnego_after_wrong_pass, c); + return; + } + } + + if (!composite_is_ok(c)) return; + + composite_done(c); +} + +/* + Stage 3 of pipe_auth (fallback to NTLMSSP case): Receive secondary + rpc connection (the first one can't be used any more, due to the + bind nak) and perform authenticated bind request +*/ +static void continue_ntlmssp_connection(struct composite_context *ctx) +{ + struct composite_context *c; + struct pipe_auth_state *s; + struct composite_context *auth_req; + struct dcerpc_pipe *p2; + + c = talloc_get_type(ctx->async.private_data, struct composite_context); + s = talloc_get_type(c->private_data, struct pipe_auth_state); + + /* receive secondary rpc connection */ + c->status = dcerpc_secondary_connection_recv(ctx, &p2); + if (!composite_is_ok(c)) return; + + talloc_steal(s, p2); + talloc_steal(p2, s->pipe); + s->pipe = p2; + + /* initiate a authenticated bind */ + auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table, + s->credentials, s->lp_ctx, + DCERPC_AUTH_TYPE_NTLMSSP, + dcerpc_auth_level(s->pipe->conn), + s->table->authservices->names[0]); + composite_continue(c, auth_req, continue_auth, c); +} + +/* + Stage 3 of pipe_auth (retry on wrong password): Receive secondary + rpc connection (the first one can't be used any more, due to the + bind nak) and perform authenticated bind request +*/ +static void continue_spnego_after_wrong_pass(struct composite_context *ctx) +{ + struct composite_context *c; + struct pipe_auth_state *s; + struct composite_context *auth_req; + struct dcerpc_pipe *p2; + + c = talloc_get_type(ctx->async.private_data, struct composite_context); + s = talloc_get_type(c->private_data, struct pipe_auth_state); + + /* receive secondary rpc connection */ + c->status = dcerpc_secondary_connection_recv(ctx, &p2); + if (!composite_is_ok(c)) return; + + talloc_steal(s, p2); + talloc_steal(p2, s->pipe); + s->pipe = p2; + + /* initiate a authenticated bind */ + auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table, + s->credentials, s->lp_ctx, DCERPC_AUTH_TYPE_SPNEGO, + dcerpc_auth_level(s->pipe->conn), + s->table->authservices->names[0]); + composite_continue(c, auth_req, continue_auth, c); +} + + +/* + Stage 2 of pipe_auth: Receive result of non-authenticated bind request +*/ +static void continue_auth_none(struct composite_context *ctx) +{ + struct composite_context *c = talloc_get_type(ctx->async.private_data, + struct composite_context); + + c->status = dcerpc_bind_auth_none_recv(ctx); + if (!composite_is_ok(c)) return; + + composite_done(c); +} + + +/* + Request to perform an authenticated bind if required. Authentication + is determined using credentials passed and binding flags. +*/ +struct composite_context *dcerpc_pipe_auth_send(struct dcerpc_pipe *p, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + struct pipe_auth_state *s; + struct composite_context *auth_schannel_req; + struct composite_context *auth_req; + struct composite_context *auth_none_req; + struct dcerpc_connection *conn; + uint8_t auth_type; + + /* composite context allocation and setup */ + c = composite_create(p, p->conn->event_ctx); + if (c == NULL) return NULL; + + s = talloc_zero(c, struct pipe_auth_state); + if (composite_nomem(s, c)) return c; + c->private_data = s; + + /* store parameters in state structure */ + s->binding = binding; + s->table = table; + s->credentials = credentials; + s->pipe = p; + s->lp_ctx = lp_ctx; + + conn = s->pipe->conn; + conn->flags = binding->flags; + + /* remember the binding string for possible secondary connections */ + conn->binding_string = dcerpc_binding_string(p, binding); + + if (cli_credentials_is_anonymous(s->credentials)) { + auth_none_req = dcerpc_bind_auth_none_send(c, s->pipe, s->table); + composite_continue(c, auth_none_req, continue_auth_none, c); + return c; + } + + if ((binding->flags & DCERPC_SCHANNEL) && + !cli_credentials_get_netlogon_creds(s->credentials)) { + /* If we don't already have netlogon credentials for + * the schannel bind, then we have to get these + * first */ + auth_schannel_req = dcerpc_bind_auth_schannel_send(c, s->pipe, s->table, + s->credentials, s->lp_ctx, + dcerpc_auth_level(conn)); + composite_continue(c, auth_schannel_req, continue_auth_schannel, c); + return c; + } + + /* + * we rely on the already authenticated CIFS connection + * if not doing sign or seal + */ + if (conn->transport.transport == NCACN_NP && + !(s->binding->flags & (DCERPC_SIGN|DCERPC_SEAL))) { + auth_none_req = dcerpc_bind_auth_none_send(c, s->pipe, s->table); + composite_continue(c, auth_none_req, continue_auth_none, c); + return c; + } + + + /* Perform an authenticated DCE-RPC bind + */ + if (!(conn->flags & (DCERPC_SIGN|DCERPC_SEAL))) { + /* + we are doing an authenticated connection, + but not using sign or seal. We must force + the CONNECT dcerpc auth type as a NONE auth + type doesn't allow authentication + information to be passed. + */ + conn->flags |= DCERPC_CONNECT; + } + + if (s->binding->flags & DCERPC_AUTH_SPNEGO) { + auth_type = DCERPC_AUTH_TYPE_SPNEGO; + + } else if (s->binding->flags & DCERPC_AUTH_KRB5) { + auth_type = DCERPC_AUTH_TYPE_KRB5; + + } else if (s->binding->flags & DCERPC_SCHANNEL) { + auth_type = DCERPC_AUTH_TYPE_SCHANNEL; + + } else if (s->binding->flags & DCERPC_AUTH_NTLM) { + auth_type = DCERPC_AUTH_TYPE_NTLMSSP; + + } else { + /* try SPNEGO with fallback to NTLMSSP */ + auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table, + s->credentials, s->lp_ctx, DCERPC_AUTH_TYPE_SPNEGO, + dcerpc_auth_level(conn), + s->table->authservices->names[0]); + composite_continue(c, auth_req, continue_auth_auto, c); + return c; + } + + auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table, + s->credentials, s->lp_ctx, auth_type, + dcerpc_auth_level(conn), + s->table->authservices->names[0]); + composite_continue(c, auth_req, continue_auth, c); + return c; +} + + +/* + Receive result of authenticated bind request on dcerpc pipe + + This returns *p, which may be different to the one originally + supllied, as it rebinds to a new pipe due to authentication fallback + +*/ +NTSTATUS dcerpc_pipe_auth_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **p) +{ + NTSTATUS status; + + struct pipe_auth_state *s = talloc_get_type(c->private_data, + struct pipe_auth_state); + status = composite_wait(c); + if (!NT_STATUS_IS_OK(status)) { + char *uuid_str = GUID_string(s->pipe, &s->table->syntax_id.uuid); + DEBUG(0, ("Failed to bind to uuid %s - %s\n", uuid_str, nt_errstr(status))); + talloc_free(uuid_str); + } else { + talloc_steal(mem_ctx, s->pipe); + *p = s->pipe; + } + + talloc_free(c); + return status; +} + + +/* + Perform an authenticated bind if needed - sync version + + This may change *p, as it rebinds to a new pipe due to authentication fallback +*/ +_PUBLIC_ NTSTATUS dcerpc_pipe_auth(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **p, + struct dcerpc_binding *binding, + const struct ndr_interface_table *table, + struct cli_credentials *credentials, + struct loadparm_context *lp_ctx) +{ + struct composite_context *c; + + c = dcerpc_pipe_auth_send(*p, binding, table, credentials, lp_ctx); + return dcerpc_pipe_auth_recv(c, mem_ctx, p); +} + + +NTSTATUS dcerpc_generic_session_key(struct dcerpc_connection *c, + DATA_BLOB *session_key) +{ + /* this took quite a few CPU cycles to find ... */ + session_key->data = discard_const_p(unsigned char, "SystemLibraryDTC"); + session_key->length = 16; + return NT_STATUS_OK; +} + +/* + fetch the user session key - may be default (above) or the SMB session key + + The key is always truncated to 16 bytes +*/ +_PUBLIC_ NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p, + DATA_BLOB *session_key) +{ + NTSTATUS status; + status = p->conn->security_state.session_key(p->conn, session_key); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + session_key->length = MIN(session_key->length, 16); + + return NT_STATUS_OK; +} + + +/* + log a rpc packet in a format suitable for ndrdump. This is especially useful + for sealed packets, where ethereal cannot easily see the contents + + this triggers on a debug level of >= 10 +*/ +_PUBLIC_ void dcerpc_log_packet(const struct ndr_interface_table *ndr, + uint32_t opnum, uint32_t flags, + DATA_BLOB *pkt) +{ + const int num_examples = 20; + int i; + + if (DEBUGLEVEL < 10) return; + + for (i=0;i<num_examples;i++) { + char *name=NULL; + asprintf(&name, "%s/rpclog/%s-%u.%d.%s", + lp_lockdir(global_loadparm), ndr->name, opnum, i, + (flags&NDR_IN)?"in":"out"); + if (name == NULL) { + return; + } + if (!file_exist(name)) { + if (file_save(name, pkt->data, pkt->length)) { + DEBUG(10,("Logged rpc packet to %s\n", name)); + } + free(name); + break; + } + free(name); + } +} + + + +/* + create a secondary context from a primary connection + + this uses dcerpc_alter_context() to create a new dcerpc context_id +*/ +_PUBLIC_ NTSTATUS dcerpc_secondary_context(struct dcerpc_pipe *p, + struct dcerpc_pipe **pp2, + const struct ndr_interface_table *table) +{ + NTSTATUS status; + struct dcerpc_pipe *p2; + + p2 = talloc_zero(p, struct dcerpc_pipe); + if (p2 == NULL) { + return NT_STATUS_NO_MEMORY; + } + p2->conn = talloc_reference(p2, p->conn); + p2->request_timeout = p->request_timeout; + + p2->context_id = ++p->conn->next_context_id; + + p2->syntax = table->syntax_id; + + p2->transfer_syntax = ndr_transfer_syntax; + + p2->binding = talloc_reference(p2, p->binding); + + status = dcerpc_alter_context(p2, p2, &p2->syntax, &p2->transfer_syntax); + if (!NT_STATUS_IS_OK(status)) { + talloc_free(p2); + return status; + } + + *pp2 = p2; + + return NT_STATUS_OK; +} diff --git a/source4/librpc/rpc/pyrpc.c b/source4/librpc/rpc/pyrpc.c new file mode 100644 index 0000000000..a59f355d43 --- /dev/null +++ b/source4/librpc/rpc/pyrpc.c @@ -0,0 +1,417 @@ +/* + Unix SMB/CIFS implementation. + Samba utility functions + Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include <Python.h> +#include <structmember.h> +#include "librpc/rpc/pyrpc.h" +#include "librpc/rpc/dcerpc.h" +#include "lib/events/events.h" + +static PyObject *py_dcerpc_run_function(dcerpc_InterfaceObject *iface, struct PyNdrRpcMethodDef *md, PyObject *args, PyObject *kwargs) +{ + TALLOC_CTX *mem_ctx; + NTSTATUS status; + void *r; + PyObject *result = Py_None; + + if (md->pack_in_data == NULL || md->unpack_out_data == NULL) { + PyErr_SetString(PyExc_NotImplementedError, "No marshalling code available yet"); + return NULL; + } + + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) + return NULL; + + r = talloc_zero_size(mem_ctx, md->table->calls[md->opnum].struct_size); + if (r == NULL) + return NULL; + + if (!md->pack_in_data(args, kwargs, r)) { + talloc_free(mem_ctx); + return NULL; + } + + status = md->call(iface->pipe, mem_ctx, r); + if (NT_STATUS_IS_ERR(status)) { + PyErr_SetDCERPCStatus(iface->pipe, status); + talloc_free(mem_ctx); + return NULL; + } + + result = md->unpack_out_data(r); + + talloc_free(mem_ctx); + return result; +} + +static PyObject *py_dcerpc_call_wrapper(PyObject *self, PyObject *args, void *wrapped, PyObject *kwargs) +{ + dcerpc_InterfaceObject *iface = (dcerpc_InterfaceObject *)self; + struct PyNdrRpcMethodDef *md = wrapped; + + return py_dcerpc_run_function(iface, md, args, kwargs); +} + + +bool PyInterface_AddNdrRpcMethods(PyTypeObject *ifacetype, const struct PyNdrRpcMethodDef *mds) +{ + int i; + for (i = 0; mds[i].name; i++) { + PyObject *ret; + struct wrapperbase *wb = calloc(sizeof(struct wrapperbase), 1); + + wb->name = discard_const_p(char, mds[i].name); + wb->flags = PyWrapperFlag_KEYWORDS; + wb->wrapper = (wrapperfunc)py_dcerpc_call_wrapper; + wb->doc = discard_const_p(char, mds[i].doc); + + ret = PyDescr_NewWrapper(ifacetype, wb, discard_const_p(void, &mds[i])); + + PyDict_SetItemString(ifacetype->tp_dict, mds[i].name, + (PyObject *)ret); + } + + return true; +} + +static bool PyString_AsGUID(PyObject *object, struct GUID *uuid) +{ + NTSTATUS status; + status = GUID_from_string(PyString_AsString(object), uuid); + if (NT_STATUS_IS_ERR(status)) { + PyErr_SetNTSTATUS(status); + return false; + } + return true; +} + +static bool ndr_syntax_from_py_object(PyObject *object, struct ndr_syntax_id *syntax_id) +{ + ZERO_STRUCTP(syntax_id); + + if (PyString_Check(object)) { + return PyString_AsGUID(object, &syntax_id->uuid); + } else if (PyTuple_Check(object)) { + if (PyTuple_Size(object) < 1 || PyTuple_Size(object) > 2) { + PyErr_SetString(PyExc_ValueError, "Syntax ID tuple has invalid size"); + return false; + } + + if (!PyString_Check(PyTuple_GetItem(object, 0))) { + PyErr_SetString(PyExc_ValueError, "Expected GUID as first element in tuple"); + return false; + } + + if (!PyString_AsGUID(PyTuple_GetItem(object, 0), &syntax_id->uuid)) + return false; + + if (!PyInt_Check(PyTuple_GetItem(object, 1))) { + PyErr_SetString(PyExc_ValueError, "Expected version as second element in tuple"); + return false; + } + + syntax_id->if_version = PyInt_AsLong(PyTuple_GetItem(object, 1)); + return true; + } + + PyErr_SetString(PyExc_TypeError, "Expected UUID or syntax id tuple"); + return false; +} + +static PyObject *py_iface_server_name(PyObject *obj, void *closure) +{ + const char *server_name; + dcerpc_InterfaceObject *iface = (dcerpc_InterfaceObject *)obj; + + server_name = dcerpc_server_name(iface->pipe); + if (server_name == NULL) + return Py_None; + + return PyString_FromString(server_name); +} + +static PyObject *py_ndr_syntax_id(struct ndr_syntax_id *syntax_id) +{ + PyObject *ret; + char *uuid_str; + + uuid_str = GUID_string(NULL, &syntax_id->uuid); + if (uuid_str == NULL) + return NULL; + + ret = Py_BuildValue("(s,i)", uuid_str, syntax_id->if_version); + + talloc_free(uuid_str); + + return ret; +} + +static PyObject *py_iface_abstract_syntax(PyObject *obj, void *closure) +{ + dcerpc_InterfaceObject *iface = (dcerpc_InterfaceObject *)obj; + + return py_ndr_syntax_id(&iface->pipe->syntax); +} + +static PyObject *py_iface_transfer_syntax(PyObject *obj, void *closure) +{ + dcerpc_InterfaceObject *iface = (dcerpc_InterfaceObject *)obj; + + return py_ndr_syntax_id(&iface->pipe->transfer_syntax); +} + +static PyGetSetDef dcerpc_interface_getsetters[] = { + { discard_const_p(char, "server_name"), py_iface_server_name, NULL, + discard_const_p(char, "name of the server, if connected over SMB") }, + { discard_const_p(char, "abstract_syntax"), py_iface_abstract_syntax, NULL, + discard_const_p(char, "syntax id of the abstract syntax") }, + { discard_const_p(char, "transfer_syntax"), py_iface_transfer_syntax, NULL, + discard_const_p(char, "syntax id of the transfersyntax") }, + { NULL } +}; + +static PyMemberDef dcerpc_interface_members[] = { + { discard_const_p(char, "request_timeout"), T_INT, + offsetof(struct dcerpc_pipe, request_timeout), 0, + discard_const_p(char, "request timeout, in seconds") }, + { NULL } +}; + +void PyErr_SetDCERPCStatus(struct dcerpc_pipe *p, NTSTATUS status) +{ + if (p != NULL && NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) { + const char *errstr = dcerpc_errstr(NULL, p->last_fault_code); + PyErr_SetObject(PyExc_RuntimeError, + Py_BuildValue("(i,s)", p->last_fault_code, + errstr)); + } else { + PyErr_SetNTSTATUS(status); + } +} + +static PyObject *py_iface_request(PyObject *self, PyObject *args, PyObject *kwargs) +{ + dcerpc_InterfaceObject *iface = (dcerpc_InterfaceObject *)self; + int opnum; + DATA_BLOB data_in, data_out; + NTSTATUS status; + char *in_data; + int in_length; + PyObject *ret; + PyObject *object = NULL; + struct GUID object_guid; + TALLOC_CTX *mem_ctx = talloc_new(NULL); + const char *kwnames[] = { "opnum", "data", "object", NULL }; + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "is#|O:request", + discard_const_p(char *, kwnames), &opnum, &in_data, &in_length, &object)) { + return NULL; + } + + data_in.data = (uint8_t *)talloc_memdup(mem_ctx, in_data, in_length); + data_in.length = in_length; + + ZERO_STRUCT(data_out); + + if (object != NULL && !PyString_AsGUID(object, &object_guid)) { + return NULL; + } + + status = dcerpc_request(iface->pipe, object?&object_guid:NULL, + opnum, false, mem_ctx, &data_in, &data_out); + + if (NT_STATUS_IS_ERR(status)) { + PyErr_SetDCERPCStatus(iface->pipe, status); + talloc_free(mem_ctx); + return NULL; + } + + ret = PyString_FromStringAndSize((char *)data_out.data, data_out.length); + + talloc_free(mem_ctx); + return ret; +} + +static PyObject *py_iface_later_context(PyObject *self, PyObject *args, PyObject *kwargs) +{ + dcerpc_InterfaceObject *iface = (dcerpc_InterfaceObject *)self; + NTSTATUS status; + const char *kwnames[] = { "abstract_syntax", "transfer_syntax", NULL }; + PyObject *py_abstract_syntax = Py_None, *py_transfer_syntax = Py_None; + struct ndr_syntax_id abstract_syntax, transfer_syntax; + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O|O:alter_context", + discard_const_p(char *, kwnames), &py_abstract_syntax, + &py_transfer_syntax)) { + return NULL; + } + + if (!ndr_syntax_from_py_object(py_abstract_syntax, &abstract_syntax)) + return NULL; + + if (py_transfer_syntax == Py_None) { + transfer_syntax = ndr_transfer_syntax; + } else { + if (!ndr_syntax_from_py_object(py_transfer_syntax, + &transfer_syntax)) + return NULL; + } + + status = dcerpc_alter_context(iface->pipe, iface->pipe, &abstract_syntax, + &transfer_syntax); + + if (NT_STATUS_IS_ERR(status)) { + PyErr_SetDCERPCStatus(iface->pipe, status); + return NULL; + } + + return Py_None; +} + +static PyMethodDef dcerpc_interface_methods[] = { + { "request", (PyCFunction)py_iface_request, METH_VARARGS|METH_KEYWORDS, "S.request(opnum, data, object=None) -> data\nMake a raw request" }, + { "alter_context", (PyCFunction)py_iface_later_context, METH_VARARGS|METH_KEYWORDS, "S.alter_context(syntax)\nChange to a different interface" }, + { NULL, NULL, 0, NULL }, +}; + + +static void dcerpc_interface_dealloc(PyObject* self) +{ + dcerpc_InterfaceObject *interface = (dcerpc_InterfaceObject *)self; + talloc_free(interface->pipe); + PyObject_Del(self); +} + +static PyObject *dcerpc_interface_new(PyTypeObject *self, PyObject *args, PyObject *kwargs) +{ + dcerpc_InterfaceObject *ret; + const char *binding_string; + struct cli_credentials *credentials; + struct loadparm_context *lp_ctx = NULL; + PyObject *py_lp_ctx = Py_None, *py_credentials = Py_None; + TALLOC_CTX *mem_ctx = NULL; + struct event_context *event_ctx; + NTSTATUS status; + + PyObject *syntax, *py_basis = Py_None; + const char *kwnames[] = { + "binding", "syntax", "lp_ctx", "credentials", "basis_connection", NULL + }; + extern struct loadparm_context *lp_from_py_object(PyObject *py_obj); + extern struct cli_credentials *cli_credentials_from_py_object(PyObject *py_obj); + struct ndr_interface_table *table; + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "sO|OOO:connect", discard_const_p(char *, kwnames), &binding_string, &syntax, &py_lp_ctx, &py_credentials, &py_basis)) { + return NULL; + } + + lp_ctx = lp_from_py_object(py_lp_ctx); + if (lp_ctx == NULL) { + PyErr_SetString(PyExc_TypeError, "Expected loadparm context"); + return NULL; + } + + credentials = cli_credentials_from_py_object(py_credentials); + if (credentials == NULL) { + PyErr_SetString(PyExc_TypeError, "Expected credentials"); + return NULL; + } + ret = PyObject_New(dcerpc_InterfaceObject, &dcerpc_InterfaceType); + + event_ctx = s4_event_context_init(mem_ctx); + + /* Create a dummy interface table struct. TODO: In the future, we should rather just allow + * connecting without requiring an interface table. + */ + + table = talloc_zero(mem_ctx, struct ndr_interface_table); + + if (table == NULL) { + PyErr_SetString(PyExc_MemoryError, "Allocating interface table"); + return NULL; + } + + if (!ndr_syntax_from_py_object(syntax, &table->syntax_id)) { + return NULL; + } + + ret->pipe = NULL; + + if (py_basis != Py_None) { + struct dcerpc_pipe *base_pipe; + + if (!PyObject_TypeCheck(py_basis, &dcerpc_InterfaceType)) { + PyErr_SetString(PyExc_ValueError, "basis_connection must be a DCE/RPC connection"); + talloc_free(mem_ctx); + return NULL; + } + + base_pipe = ((dcerpc_InterfaceObject *)py_basis)->pipe; + + status = dcerpc_secondary_context(base_pipe, &ret->pipe, + table); + ret->pipe = talloc_steal(NULL, ret->pipe); + } else { + status = dcerpc_pipe_connect(NULL, &ret->pipe, binding_string, + table, credentials, event_ctx, lp_ctx); + } + + if (NT_STATUS_IS_ERR(status)) { + PyErr_SetDCERPCStatus(ret->pipe, status); + talloc_free(mem_ctx); + return NULL; + } + ret->pipe->conn->flags |= DCERPC_NDR_REF_ALLOC; + return (PyObject *)ret; +} + +PyTypeObject dcerpc_InterfaceType = { + PyObject_HEAD_INIT(NULL) 0, + .tp_name = "dcerpc.ClientConnection", + .tp_basicsize = sizeof(dcerpc_InterfaceObject), + .tp_dealloc = dcerpc_interface_dealloc, + .tp_getset = dcerpc_interface_getsetters, + .tp_members = dcerpc_interface_members, + .tp_methods = dcerpc_interface_methods, + .tp_doc = "ClientConnection(binding, syntax, lp_ctx=None, credentials=None) -> connection\n" +"\n" +"binding should be a DCE/RPC binding string (for example: ncacn_ip_tcp:127.0.0.1)\n" +"syntax should be a tuple with a GUID and version number of an interface\n" +"lp_ctx should be a path to a smb.conf file or a param.LoadParm object\n" +"credentials should be a credentials.Credentials object.\n\n", + .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, + .tp_new = dcerpc_interface_new, +}; + +void initbase(void) +{ + PyObject *m; + + if (PyType_Ready(&dcerpc_InterfaceType) < 0) + return; + + m = Py_InitModule3("base", NULL, "DCE/RPC protocol implementation"); + if (m == NULL) + return; + + Py_INCREF((PyObject *)&dcerpc_InterfaceType); + PyModule_AddObject(m, "ClientConnection", (PyObject *)&dcerpc_InterfaceType); +} diff --git a/source4/librpc/rpc/pyrpc.h b/source4/librpc/rpc/pyrpc.h new file mode 100644 index 0000000000..af9ca728d8 --- /dev/null +++ b/source4/librpc/rpc/pyrpc.h @@ -0,0 +1,73 @@ +/* + Unix SMB/CIFS implementation. + Samba utility functions + Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#ifndef _PYRPC_H_ +#define _PYRPC_H_ + +#include "libcli/util/pyerrors.h" +#include "librpc/rpc/dcerpc.h" + +#define PY_CHECK_TYPE(type, var, fail) \ + if (!type ## _Check(var)) {\ + PyErr_Format(PyExc_TypeError, "Expected type %s", type ## _Type.tp_name); \ + fail; \ + } + +#define dom_sid0_Type dom_sid_Type +#define dom_sid2_Type dom_sid_Type +#define dom_sid28_Type dom_sid_Type +#define dom_sid0_Check dom_sid_Check +#define dom_sid2_Check dom_sid_Check +#define dom_sid28_Check dom_sid_Check + +/* This macro is only provided by Python >= 2.3 */ +#ifndef PyAPI_DATA +# define PyAPI_DATA(RTYPE) extern RTYPE +#endif + +typedef struct { + PyObject_HEAD + struct dcerpc_pipe *pipe; +} dcerpc_InterfaceObject; + +PyAPI_DATA(PyTypeObject) dcerpc_InterfaceType; + +#define PyErr_FromNdrError(err) PyErr_FromNTSTATUS(ndr_map_error2ntstatus(err)) + +#define PyErr_SetNdrError(err) \ + PyErr_SetObject(PyExc_RuntimeError, PyErr_FromNdrError(err)) + +void PyErr_SetDCERPCStatus(struct dcerpc_pipe *pipe, NTSTATUS status); + +typedef bool (*py_data_pack_fn) (PyObject *args, PyObject *kwargs, void *r); +typedef PyObject *(*py_data_unpack_fn) (void *r); + +struct PyNdrRpcMethodDef { + const char *name; + const char *doc; + dcerpc_call_fn call; + py_data_pack_fn pack_in_data; + py_data_unpack_fn unpack_out_data; + uint32_t opnum; + const struct ndr_interface_table *table; +}; + +bool PyInterface_AddNdrRpcMethods(PyTypeObject *object, const struct PyNdrRpcMethodDef *mds); + +#endif /* _PYRPC_H_ */ diff --git a/source4/librpc/scripts/build_idl.sh b/source4/librpc/scripts/build_idl.sh new file mode 100755 index 0000000000..3f13b64a2e --- /dev/null +++ b/source4/librpc/scripts/build_idl.sh @@ -0,0 +1,38 @@ +#!/bin/sh + +FULLBUILD=$1 +IDLDIR=$2 +OUTDIR=$3 +shift 3 +PIDL_EXTRA_ARGS="$*" + +[ -d $OUTDIR ] || mkdir -p $OUTDIR || exit 1 + +PIDL="$PIDL --outputdir $OUTDIR --header --ndr-parser --server --client --swig --python $PIDL_EXTRA_ARGS" + +if [ x$FULLBUILD = xFULL ]; then + echo Rebuilding all idl files in $IDLDIR + $PIDL $IDLDIR/*.idl || exit 1 + exit 0 +fi + +list="" + +for f in $IDLDIR/*.idl ; do + basename=`basename $f .idl` + ndr="$OUTDIR/ndr_$basename.c" + # blergh - most shells don't have the -nt function + if [ -f $ndr ]; then + if [ x`find $f -newer $ndr -print` = x$f ]; then + list="$list $f" + fi + else + list="$list $f" + fi +done + +if [ "x$list" != x ]; then + $PIDL $list || exit 1 +fi + +exit 0 diff --git a/source4/librpc/tables.pl b/source4/librpc/tables.pl new file mode 100644 index 0000000000..04764f5fa0 --- /dev/null +++ b/source4/librpc/tables.pl @@ -0,0 +1,89 @@ +#!/usr/bin/perl -w + +################################################### +# package to produce a table of all idl parsers +# Copyright tridge@samba.org 2003 +# Copyright jelmer@samba.org 2005 +# released under the GNU GPL + +use strict; + +use Getopt::Long; +use File::Basename; + +my $opt_output = 'librpc/gen_ndr/tables.c'; +my $opt_help = 0; + + +######################################### +# display help text +sub ShowHelp() +{ + print " + perl NDR interface table generator + Copyright (C) tridge\@samba.org + + Usage: tables.pl [options] <idlfile> + + \n"; + exit(0); +} + +# main program +GetOptions ( + 'help|h|?' => \$opt_help, + 'output=s' => \$opt_output, + ); + +if ($opt_help) { + ShowHelp(); + exit(0); +} + +my $init_fns = ""; + +################################### +# extract table entries from 1 file +sub process_file($) +{ + my $filename = shift; + open(FILE, $filename) || die "unable to open $filename\n"; + my $found = 0; + + while (my $line = <FILE>) { + if ($line =~ /extern const struct ndr_interface_table (\w+);/) { + $found = 1; + $init_fns.="\tstatus = ndr_table_register(&$1);\n"; + $init_fns.="\tif (NT_STATUS_IS_ERR(status)) return status;\n\n"; + } + } + + if ($found) { + print "#include \"$filename\"\n"; + } + + close(FILE); +} + +print <<EOF; + +/* Automatically generated by tables.pl. DO NOT EDIT */ + +#include "includes.h" +#include "librpc/ndr/libndr.h" +#include "librpc/ndr/ndr_table.h" +EOF + +process_file($_) foreach (@ARGV); + +print <<EOF; + +NTSTATUS ndr_table_register_builtin_tables(void) +{ + NTSTATUS status; + +$init_fns + + return NT_STATUS_OK; +} +EOF diff --git a/source4/librpc/tests/binding_string.c b/source4/librpc/tests/binding_string.c new file mode 100644 index 0000000000..01cdfae80d --- /dev/null +++ b/source4/librpc/tests/binding_string.c @@ -0,0 +1,172 @@ +/* + Unix SMB/CIFS implementation. + + local testing of RPC binding string parsing + + Copyright (C) Jelmer Vernooij 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "librpc/gen_ndr/epmapper.h" +#include "librpc/rpc/dcerpc.h" +#include "librpc/rpc/dcerpc_proto.h" +#include "torture/torture.h" + +static bool test_BindingString(struct torture_context *tctx, + const void *test_data) +{ + const char *binding = test_data; + struct dcerpc_binding *b, *b2; + const char *s, *s2; + struct epm_tower tower; + TALLOC_CTX *mem_ctx = tctx; + + /* Parse */ + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(mem_ctx, binding, &b), + "Error parsing binding string"); + + s = dcerpc_binding_string(mem_ctx, b); + torture_assert(tctx, s != NULL, "Error converting binding back to string"); + + torture_assert_casestr_equal(tctx, binding, s, + "Mismatch while comparing original and regenerated binding strings"); + + /* Generate protocol towers */ + torture_assert_ntstatus_ok(tctx, dcerpc_binding_build_tower(mem_ctx, b, &tower), + "Error generating protocol tower"); + + /* Convert back to binding and then back to string and compare */ + + torture_assert_ntstatus_ok(tctx, dcerpc_binding_from_tower(mem_ctx, &tower, &b2), + "Error generating binding from tower for original binding"); + + /* Compare to a stripped down version of the binding string because + * the protocol tower doesn't contain the extra option data */ + b->options = NULL; + + b->flags = 0; + + s = dcerpc_binding_string(mem_ctx, b); + torture_assert(tctx, s != NULL, "Error converting binding back to string for (stripped down)"); + + s2 = dcerpc_binding_string(mem_ctx, b2); + torture_assert(tctx, s != NULL, "Error converting binding back to string"); + + if (is_ipaddress(b->host)) + torture_assert_casestr_equal(tctx, s, s2, "Mismatch while comparing original and from protocol tower generated binding strings"); + + return true; +} + +static const char *test_strings[] = { + "ncacn_np:", + "ncalrpc:", + "ncalrpc:[,Security=Sane]", + "ncacn_np:[rpcecho]", + "ncacn_np:127.0.0.1[rpcecho]", + "ncacn_ip_tcp:127.0.0.1", + "ncacn_ip_tcp:127.0.0.1[20]", + "ncacn_ip_tcp:127.0.0.1[20,sign]", + "ncacn_ip_tcp:127.0.0.1[20,Security=Foobar,sign]", + "ncacn_http:127.0.0.1", + "ncacn_http:127.0.0.1[78]", + "ncacn_http:127.0.0.1[78,ProxyServer=myproxy:3128]", + "ncacn_np:localhost[rpcecho]", + "ncacn_np:[/pipe/rpcecho]", + "ncacn_np:localhost[/pipe/rpcecho,sign,seal]", + "ncacn_np:[,sign]", + "ncadg_ip_udp:", + "308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_np:localhost", + "308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_ip_tcp:127.0.0.1", + "ncacn_unix_stream:[/tmp/epmapper]", + "ncalrpc:[IDENTIFIER]", + "ncacn_unix_stream:[/tmp/epmapper,sign]", +}; + +static bool test_parse_check_results(struct torture_context *tctx) +{ + struct dcerpc_binding *b; + struct GUID uuid; + + torture_assert_ntstatus_ok(tctx, + GUID_from_string("308FB580-1EB2-11CA-923B-08002B1075A7", &uuid), + "parsing uuid"); + + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, "ncacn_np:$SERVER", &b), "parse"); + torture_assert(tctx, b->transport == NCACN_NP, "ncacn_np expected"); + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, "ncacn_ip_tcp:$SERVER", &b), "parse"); + torture_assert(tctx, b->transport == NCACN_IP_TCP, "ncacn_ip_tcp expected"); + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, "ncacn_np:$SERVER[rpcecho]", &b), "parse"); + torture_assert_str_equal(tctx, b->endpoint, "rpcecho", "endpoint"); + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, "ncacn_np:$SERVER[/pipe/rpcecho]", &b), "parse"); + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, "ncacn_np:$SERVER[/pipe/rpcecho,sign,seal]", &b), "parse"); + torture_assert(tctx, b->flags == DCERPC_SIGN+DCERPC_SEAL, "sign+seal flags"); + torture_assert_str_equal(tctx, b->endpoint, "/pipe/rpcecho", "endpoint"); + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, "ncacn_np:$SERVER[,sign]", &b), "parse"); + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, "ncacn_ip_tcp:$SERVER[,sign]", &b), "parse"); + torture_assert(tctx, b->endpoint == NULL, "endpoint"); + torture_assert(tctx, b->flags == DCERPC_SIGN, "sign flag"); + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, "ncalrpc:", &b), "parse"); + torture_assert(tctx, b->transport == NCALRPC, "ncalrpc expected"); + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, + "308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_np:$SERVER", &b), "parse"); + torture_assert(tctx, GUID_equal(&b->object.uuid, &uuid), "object uuid"); + torture_assert_int_equal(tctx, b->object.if_version, 0, "object version"); + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, + "308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_ip_tcp:$SERVER", &b), "parse"); + + return true; +} + +static bool test_no_transport(struct torture_context *tctx) +{ + const char *binding = "somehost"; + struct dcerpc_binding *b; + const char *s; + + /* Parse */ + torture_assert_ntstatus_ok(tctx, dcerpc_parse_binding(tctx, binding, &b), + "Error parsing binding string"); + + torture_assert(tctx, b->transport == NCA_UNKNOWN, "invalid transport"); + + s = dcerpc_binding_string(tctx, b); + torture_assert(tctx, s != NULL, "Error converting binding back to string"); + + torture_assert_casestr_equal(tctx, binding, s, + "Mismatch while comparing original and regenerated binding strings"); + + return true; +} + +struct torture_suite *torture_local_binding_string(TALLOC_CTX *mem_ctx) +{ + int i; + struct torture_suite *suite = torture_suite_create(mem_ctx, "BINDING"); + + for (i = 0; i < ARRAY_SIZE(test_strings); i++) { + torture_suite_add_simple_tcase_const(suite, test_strings[i], + test_BindingString, + test_strings[i]); + } + + torture_suite_add_simple_test(suite, "no transport",test_no_transport); + + torture_suite_add_simple_test(suite, "parsing results", + test_parse_check_results); + + return suite; +} diff --git a/source4/librpc/tools/ndrdump.1.xml b/source4/librpc/tools/ndrdump.1.xml new file mode 100644 index 0000000000..9d66102682 --- /dev/null +++ b/source4/librpc/tools/ndrdump.1.xml @@ -0,0 +1,83 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> +<refentry id="ndrdump.1"> + +<refmeta> + <refentrytitle>ndrdump</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>ndrdump</refname> + <refpurpose>DCE/RPC Packet Parser and Dumper</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>ndrdump</command> + <arg choice="opt">-c context</arg> + <arg choice="req">pipe</arg> + <arg choice="req">function</arg> + <arg choice="req">in|out</arg> + <arg choice="req">filename</arg> + </cmdsynopsis> + <cmdsynopsis> + <command>ndrdump</command> + <arg choice="opt">pipe</arg> + </cmdsynopsis> + <cmdsynopsis> + <command>ndrdump</command> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>ndrdump tries to parse the specified <replaceable>filename</replaceable> + using Samba's parser for the specified pipe and function. The + third argument should be + either <emphasis>in</emphasis> or <emphasis>out</emphasis>, depending + on whether the data should be parsed as a request or a reply.</para> + + <para>Running ndrdump without arguments will list the pipes for which + parsers are available.</para> + + <para>Running ndrdump with one argument will list the functions that + Samba can parse for the specified pipe.</para> + + <para>The primary function of ndrdump is debugging Samba's internal + DCE/RPC parsing functions. The file being parsed is usually + one exported by wiresharks <quote>Export selected packet bytes</quote> + function.</para> + + <para>The context argument can be used to load context data from the request + packet when parsing reply packets (such as array lengths).</para> + +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 4.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + + <para>wireshark, pidl</para> + +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>This utility is part of the <ulink url="http://www.samba.org/">Samba</ulink> suite, which is developed by the global <ulink url="http://www.samba.org/samba/team/">Samba Team</ulink>.</para> + + <para>ndrdump was written by Andrew Tridgell. </para> + + <para>This manpage was written by Jelmer Vernooij. </para> + +</refsect1> + +</refentry> diff --git a/source4/librpc/tools/ndrdump.c b/source4/librpc/tools/ndrdump.c new file mode 100644 index 0000000000..bc1436916f --- /dev/null +++ b/source4/librpc/tools/ndrdump.c @@ -0,0 +1,467 @@ +/* + Unix SMB/CIFS implementation. + SMB torture tester + Copyright (C) Andrew Tridgell 2003 + Copyright (C) Jelmer Vernooij 2006 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#if (_SAMBA_BUILD_ >= 4) +#include "lib/cmdline/popt_common.h" +#include "system/filesys.h" +#include "system/locale.h" +#include "librpc/ndr/libndr.h" +#include "librpc/ndr/ndr_table.h" +#include "param/param.h" +#endif + +static const struct ndr_interface_call *find_function( + const struct ndr_interface_table *p, + const char *function) +{ + int i; + if (isdigit(function[0])) { + i = strtol(function, NULL, 0); + return &p->calls[i]; + } + for (i=0;i<p->num_calls;i++) { + if (strcmp(p->calls[i].name, function) == 0) { + break; + } + } + if (i == p->num_calls) { + printf("Function '%s' not found\n", function); + exit(1); + } + return &p->calls[i]; +} + +#if (_SAMBA_BUILD_ >= 4) + +_NORETURN_ static void show_pipes(void) +{ + const struct ndr_interface_list *l; + printf("\nYou must specify a pipe\n"); + printf("known pipes are:\n"); + for (l=ndr_table_list();l;l=l->next) { + if(l->table->helpstring) { + printf("\t%s - %s\n", l->table->name, l->table->helpstring); + } else { + printf("\t%s\n", l->table->name); + } + } + exit(1); +} + +#endif + +_NORETURN_ static void show_functions(const struct ndr_interface_table *p) +{ + int i; + printf("\nYou must specify a function\n"); + printf("known functions on '%s' are:\n", p->name); + for (i=0;i<p->num_calls;i++) { + printf("\t0x%02x (%2d) %s\n", i, i, p->calls[i].name); + } + exit(1); +} + +static char *stdin_load(TALLOC_CTX *mem_ctx, size_t *size) +{ + int num_read, total_len = 0; + char buf[255]; + char *result = NULL; + + while((num_read = read(STDIN_FILENO, buf, 255)) > 0) { + + if (result) { + result = talloc_realloc( + mem_ctx, result, char, total_len + num_read); + } else { + result = talloc_array(mem_ctx, char, num_read); + } + + memcpy(result + total_len, buf, num_read); + + total_len += num_read; + } + + if (size) + *size = total_len; + + return result; +} + +static const struct ndr_interface_table *load_iface_from_plugin(const char *plugin, const char *pipe_name) +{ + const struct ndr_interface_table *p; + void *handle; + char *symbol; + + handle = dlopen(plugin, RTLD_NOW); + if (handle == NULL) { + printf("%s: Unable to open: %s\n", plugin, dlerror()); + return NULL; + } + + symbol = talloc_asprintf(NULL, "ndr_table_%s", pipe_name); + p = (const struct ndr_interface_table *)dlsym(handle, symbol); + + if (!p) { + printf("%s: Unable to find DCE/RPC interface table for '%s': %s\n", plugin, pipe_name, dlerror()); + talloc_free(symbol); + return NULL; + } + + talloc_free(symbol); + + return p; +} + +static void ndrdump_data(uint8_t *d, uint32_t l, bool force) +{ + if (force) { + dump_data(0, d, l); + } else { + dump_data_skip_zeros(0, d, l); + } +} + + int main(int argc, const char *argv[]) +{ + const struct ndr_interface_table *p = NULL; + const struct ndr_interface_call *f; + const char *pipe_name, *function, *inout, *filename; + uint8_t *data; + size_t size; + DATA_BLOB blob; + struct ndr_pull *ndr_pull; + struct ndr_print *ndr_print; + TALLOC_CTX *mem_ctx; + int flags; + poptContext pc; + NTSTATUS status; + enum ndr_err_code ndr_err; + void *st; + void *v_st; + const char *ctx_filename = NULL; + const char *plugin = NULL; + bool validate = false; + bool dumpdata = false; + int opt; + enum {OPT_CONTEXT_FILE=1000, OPT_VALIDATE, OPT_DUMP_DATA, OPT_LOAD_DSO}; + struct poptOption long_options[] = { + POPT_AUTOHELP + {"context-file", 'c', POPT_ARG_STRING, NULL, OPT_CONTEXT_FILE, "In-filename to parse first", "CTX-FILE" }, + {"validate", 0, POPT_ARG_NONE, NULL, OPT_VALIDATE, "try to validate the data", NULL }, + {"dump-data", 0, POPT_ARG_NONE, NULL, OPT_DUMP_DATA, "dump the hex data", NULL }, + {"load-dso", 'l', POPT_ARG_STRING, NULL, OPT_LOAD_DSO, "load from shared object file", NULL }, + POPT_COMMON_SAMBA + POPT_COMMON_VERSION + { NULL } + }; + +#if (_SAMBA_BUILD_ >= 4) + ndr_table_init(); +#else + /* Initialise samba stuff */ + load_case_tables(); + + setlinebuf(stdout); + + dbf = x_stderr; + + setup_logging(argv[0],True); +#endif + + pc = poptGetContext("ndrdump", argc, argv, long_options, 0); + + poptSetOtherOptionHelp( + pc, "<pipe|uuid> <function> <inout> [<filename>]"); + + while ((opt = poptGetNextOpt(pc)) != -1) { + switch (opt) { + case OPT_CONTEXT_FILE: + ctx_filename = poptGetOptArg(pc); + break; + case OPT_VALIDATE: + validate = true; + break; + case OPT_DUMP_DATA: + dumpdata = true; + break; + case OPT_LOAD_DSO: + plugin = poptGetOptArg(pc); + break; + } + } + + pipe_name = poptGetArg(pc); + + if (!pipe_name) { + poptPrintUsage(pc, stderr, 0); +#if (_SAMBA_BUILD_ >= 4) + show_pipes(); +#endif + exit(1); + } + + if (plugin != NULL) { + p = load_iface_from_plugin(plugin, pipe_name); + } +#if (_SAMBA_BUILD_ <= 3) + else { + fprintf(stderr, "Only loading from DSO's supported in Samba 3\n"); + exit(1); + } +#else + if (!p) { + p = ndr_table_by_name(pipe_name); + } + + if (!p) { + struct GUID uuid; + + status = GUID_from_string(pipe_name, &uuid); + + if (NT_STATUS_IS_OK(status)) { + p = ndr_table_by_uuid(&uuid); + } + } +#endif + + if (!p) { + printf("Unknown pipe or UUID '%s'\n", pipe_name); + exit(1); + } + + function = poptGetArg(pc); + inout = poptGetArg(pc); + filename = poptGetArg(pc); + + if (!function || !inout) { + poptPrintUsage(pc, stderr, 0); + show_functions(p); + exit(1); + } + + if (strcmp(inout, "in") == 0 || + strcmp(inout, "request") == 0) { + flags = NDR_IN; + } else if (strcmp(inout, "out") == 0 || + strcmp(inout, "response") == 0) { + flags = NDR_OUT; + } else { + printf("Bad inout value '%s'\n", inout); + exit(1); + } + + f = find_function(p, function); + + mem_ctx = talloc_init("ndrdump"); + + st = talloc_zero_size(mem_ctx, f->struct_size); + if (!st) { + printf("Unable to allocate %d bytes\n", (int)f->struct_size); + exit(1); + } + + v_st = talloc_zero_size(mem_ctx, f->struct_size); + if (!v_st) { + printf("Unable to allocate %d bytes\n", (int)f->struct_size); + exit(1); + } + + if (ctx_filename) { + if (flags == NDR_IN) { + printf("Context file can only be used for \"out\" packages\n"); + exit(1); + } + +#if (_SAMBA_BUILD_ >= 4) + data = (uint8_t *)file_load(ctx_filename, &size, mem_ctx); +#else + data = (uint8_t *)file_load(ctx_filename, &size, 0); +#endif + if (!data) { + perror(ctx_filename); + exit(1); + } + + blob.data = data; + blob.length = size; + + ndr_pull = ndr_pull_init_blob(&blob, mem_ctx, lp_iconv_convenience(cmdline_lp_ctx)); + ndr_pull->flags |= LIBNDR_FLAG_REF_ALLOC; + + ndr_err = f->ndr_pull(ndr_pull, NDR_IN, st); + + if (ndr_pull->offset != ndr_pull->data_size) { + printf("WARNING! %d unread bytes while parsing context file\n", ndr_pull->data_size - ndr_pull->offset); + } + + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + status = ndr_map_error2ntstatus(ndr_err); + printf("pull for context file returned %s\n", nt_errstr(status)); + exit(1); + } + memcpy(v_st, st, f->struct_size); + } + + if (filename) +#if (_SAMBA_BUILD_ >= 4) + data = (uint8_t *)file_load(filename, &size, mem_ctx); +#else + data = (uint8_t *)file_load(filename, &size, 0); +#endif + else + data = (uint8_t *)stdin_load(mem_ctx, &size); + + if (!data) { + if (filename) + perror(filename); + else + perror("stdin"); + exit(1); + } + + blob.data = data; + blob.length = size; + + ndr_pull = ndr_pull_init_blob(&blob, mem_ctx, lp_iconv_convenience(cmdline_lp_ctx)); + ndr_pull->flags |= LIBNDR_FLAG_REF_ALLOC; + + ndr_err = f->ndr_pull(ndr_pull, flags, st); + status = ndr_map_error2ntstatus(ndr_err); + + printf("pull returned %s\n", nt_errstr(status)); + + if (ndr_pull->offset != ndr_pull->data_size) { + printf("WARNING! %d unread bytes\n", ndr_pull->data_size - ndr_pull->offset); + ndrdump_data(ndr_pull->data+ndr_pull->offset, + ndr_pull->data_size - ndr_pull->offset, + dumpdata); + } + + if (dumpdata) { + printf("%d bytes consumed\n", ndr_pull->offset); + ndrdump_data(blob.data, blob.length, dumpdata); + } + + ndr_print = talloc_zero(mem_ctx, struct ndr_print); + ndr_print->print = ndr_print_debug_helper; + ndr_print->depth = 1; + f->ndr_print(ndr_print, function, flags, st); + + if (!NT_STATUS_IS_OK(status)) { + printf("dump FAILED\n"); + exit(1); + } + + if (validate) { + DATA_BLOB v_blob; + struct ndr_push *ndr_v_push; + struct ndr_pull *ndr_v_pull; + struct ndr_print *ndr_v_print; + uint32_t i; + uint8_t byte_a, byte_b; + bool differ; + + ndr_v_push = ndr_push_init_ctx(mem_ctx, lp_iconv_convenience(cmdline_lp_ctx)); + + ndr_err = f->ndr_push(ndr_v_push, flags, st); + status = ndr_map_error2ntstatus(ndr_err); + printf("push returned %s\n", nt_errstr(status)); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + printf("validate push FAILED\n"); + exit(1); + } + + v_blob = ndr_push_blob(ndr_v_push); + + if (dumpdata) { + printf("%ld bytes generated (validate)\n", (long)v_blob.length); + ndrdump_data(v_blob.data, v_blob.length, dumpdata); + } + + ndr_v_pull = ndr_pull_init_blob(&v_blob, mem_ctx, lp_iconv_convenience(cmdline_lp_ctx)); + ndr_v_pull->flags |= LIBNDR_FLAG_REF_ALLOC; + + ndr_err = f->ndr_pull(ndr_v_pull, flags, v_st); + status = ndr_map_error2ntstatus(ndr_err); + printf("pull returned %s\n", nt_errstr(status)); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + printf("validate pull FAILED\n"); + exit(1); + } + + + if (ndr_v_pull->offset != ndr_v_pull->data_size) { + printf("WARNING! %d unread bytes in validation\n", ndr_v_pull->data_size - ndr_v_pull->offset); + ndrdump_data(ndr_v_pull->data+ndr_v_pull->offset, + ndr_v_pull->data_size - ndr_v_pull->offset, + dumpdata); + } + + ndr_v_print = talloc_zero(mem_ctx, struct ndr_print); + ndr_v_print->print = ndr_print_debug_helper; + ndr_v_print->depth = 1; + f->ndr_print(ndr_v_print, function, flags, v_st); + + if (blob.length != v_blob.length) { + printf("WARNING! orig bytes:%llu validated pushed bytes:%llu\n", + (unsigned long long)blob.length, (unsigned long long)v_blob.length); + } + + if (ndr_pull->offset != ndr_v_pull->offset) { + printf("WARNING! orig pulled bytes:%llu validated pulled bytes:%llu\n", + (unsigned long long)ndr_pull->offset, (unsigned long long)ndr_v_pull->offset); + } + + differ = false; + byte_a = 0x00; + byte_b = 0x00; + for (i=0; i < blob.length; i++) { + byte_a = blob.data[i]; + + if (i == v_blob.length) { + byte_b = 0x00; + differ = true; + break; + } + + byte_b = v_blob.data[i]; + + if (byte_a != byte_b) { + differ = true; + break; + } + } + if (differ) { + printf("WARNING! orig and validated differ at byte 0x%02X (%u)\n", i, i); + printf("WARNING! orig byte[0x%02X] = 0x%02X validated byte[0x%02X] = 0x%02X\n", + i, byte_a, i, byte_b); + } + } + + printf("dump OK\n"); + + talloc_free(mem_ctx); + + poptFreeContext(pc); + + return 0; +} |