1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
|
/*
Unix SMB/CIFS implementation.
server side dcerpc defines
Copyright (C) Andrew Tridgell 2003-2005
Copyright (C) Stefan (metze) Metzmacher 2004-2005
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef SAMBA_DCERPC_SERVER_H
#define SAMBA_DCERPC_SERVER_H
#include "librpc/gen_ndr/security.h"
#include "librpc/rpc/dcerpc.h"
#include "librpc/ndr/libndr.h"
/* modules can use the following to determine if the interface has changed
* please increment the version number after each interface change
* with a comment and maybe update struct dcesrv_critical_sizes.
*/
/* version 1 - initial version - metze */
#define DCERPC_MODULE_VERSION 1
struct dcesrv_connection;
struct dcesrv_call_state;
struct dcesrv_auth;
struct dcesrv_connection_context;
struct dcesrv_interface {
const char *name;
struct ndr_syntax_id syntax_id;
/* this function is called when the client binds to this interface */
NTSTATUS (*bind)(struct dcesrv_call_state *, const struct dcesrv_interface *);
/* this function is called when the client disconnects the endpoint */
void (*unbind)(struct dcesrv_connection_context *, const struct dcesrv_interface *);
/* the ndr_pull function for the chosen interface.
*/
NTSTATUS (*ndr_pull)(struct dcesrv_call_state *, TALLOC_CTX *, struct ndr_pull *, void **);
/* the dispatch function for the chosen interface.
*/
NTSTATUS (*dispatch)(struct dcesrv_call_state *, TALLOC_CTX *, void *);
/* the reply function for the chosen interface.
*/
NTSTATUS (*reply)(struct dcesrv_call_state *, TALLOC_CTX *, void *);
/* the ndr_push function for the chosen interface.
*/
NTSTATUS (*ndr_push)(struct dcesrv_call_state *, TALLOC_CTX *, struct ndr_push *, const void *);
/* for any private use by the interface code */
const void *private;
};
enum dcesrv_call_list {
DCESRV_LIST_NONE,
DCESRV_LIST_CALL_LIST,
DCESRV_LIST_FRAGMENTED_CALL_LIST,
DCESRV_LIST_PENDING_CALL_LIST
};
/* the state of an ongoing dcerpc call */
struct dcesrv_call_state {
struct dcesrv_call_state *next, *prev;
struct dcesrv_connection *conn;
struct dcesrv_connection_context *context;
struct ncacn_packet pkt;
/*
which list this request is in, if any
*/
enum dcesrv_call_list list;
/* the backend can mark the call
* with DCESRV_CALL_STATE_FLAG_ASYNC
* that will cause the frontend to not touch r->out
* and skip the reply
*
* this is only allowed to the backend when DCESRV_CALL_STATE_FLAG_MAY_ASYNC
* is alerady set by the frontend
*
* the backend then needs to call dcesrv_reply() when it's
* ready to send the reply
*/
#define DCESRV_CALL_STATE_FLAG_ASYNC (1<<0)
#define DCESRV_CALL_STATE_FLAG_MAY_ASYNC (1<<1)
#define DCESRV_CALL_STATE_FLAG_HEADER_SIGNING (1<<2)
uint32_t state_flags;
/* the time the request arrived in the server */
struct timeval time;
/* the backend can use this event context for async replies */
struct event_context *event_ctx;
/* the message_context that will be used for async replies */
struct messaging_context *msg_ctx;
/* this is the pointer to the allocated function struct */
void *r;
/*
* that's the ndr pull context used in dcesrv_request()
* needed by dcesrv_reply() to carry over information
* for full pointer support.
*/
struct ndr_pull *ndr_pull;
DATA_BLOB input;
struct data_blob_list_item *replies;
/* this is used by the boilerplate code to generate DCERPC faults */
uint32_t fault_code;
};
#define DCESRV_HANDLE_ANY 255
/* a dcerpc handle in internal format */
struct dcesrv_handle {
struct dcesrv_handle *next, *prev;
struct dcesrv_connection_context *context;
struct policy_handle wire_handle;
void *data;
};
/* hold the authentication state information */
struct dcesrv_auth {
struct dcerpc_auth *auth_info;
struct gensec_security *gensec_security;
struct auth_session_info *session_info;
NTSTATUS (*session_key)(struct dcesrv_connection *, DATA_BLOB *session_key);
};
struct dcesrv_connection_context {
struct dcesrv_connection_context *next, *prev;
uint32_t context_id;
uint32_t assoc_group_id;
/* the connection this is on */
struct dcesrv_connection *conn;
/* the ndr function table for the chosen interface */
const struct dcesrv_interface *iface;
/* private data for the interface implementation */
void *private;
/* current rpc handles - this is really the wrong scope for
them, but it will do for now */
struct dcesrv_handle *handles;
};
/* the state associated with a dcerpc server connection */
struct dcesrv_connection {
/* the top level context for this server */
struct dcesrv_context *dce_ctx;
/* the endpoint that was opened */
const struct dcesrv_endpoint *endpoint;
/* a list of established context_ids */
struct dcesrv_connection_context *contexts;
/* the state of the current incoming call fragments */
struct dcesrv_call_state *incoming_fragmented_call_list;
/* the state of the async pending calls */
struct dcesrv_call_state *pending_call_list;
/* the state of the current outgoing calls */
struct dcesrv_call_state *call_list;
/* the maximum size the client wants to receive */
uint32_t cli_max_recv_frag;
DATA_BLOB partial_input;
/* the current authentication state */
struct dcesrv_auth auth_state;
/* the event_context that will be used for this connection */
struct event_context *event_ctx;
/* the message_context that will be used for this connection */
struct messaging_context *msg_ctx;
/* the server_id that will be used for this connection */
struct server_id server_id;
/* the transport level session key */
DATA_BLOB transport_session_key;
bool processing;
const char *packet_log_dir;
/* this is the default state_flags for dcesrv_call_state structs */
uint32_t state_flags;
struct {
void *private_data;
void (*report_output_data)(struct dcesrv_connection *);
struct socket_address *(*get_my_addr)(struct dcesrv_connection *, TALLOC_CTX *mem_ctx);
struct socket_address *(*get_peer_addr)(struct dcesrv_connection *, TALLOC_CTX *mem_ctx);
} transport;
};
struct dcesrv_endpoint_server {
/* this is the name of the endpoint server */
const char *name;
/* this function should register endpoints and some other setup stuff,
* it is called when the dcesrv_context gets initialized.
*/
NTSTATUS (*init_server)(struct dcesrv_context *, const struct dcesrv_endpoint_server *);
/* this function can be used by other endpoint servers to
* ask for a dcesrv_interface implementation
* - iface must be reference to an already existing struct !
*/
bool (*interface_by_uuid)(struct dcesrv_interface *iface, const struct GUID *, uint32_t);
/* this function can be used by other endpoint servers to
* ask for a dcesrv_interface implementation
* - iface must be reference to an already existeng struct !
*/
bool (*interface_by_name)(struct dcesrv_interface *iface, const char *);
};
/* server-wide context information for the dcerpc server */
struct dcesrv_context {
/* the list of endpoints that have registered
* by the configured endpoint servers
*/
struct dcesrv_endpoint {
struct dcesrv_endpoint *next, *prev;
/* the type and location of the endpoint */
struct dcerpc_binding *ep_description;
/* the security descriptor for smb named pipes */
struct security_descriptor *sd;
/* the list of interfaces available on this endpoint */
struct dcesrv_if_list {
struct dcesrv_if_list *next, *prev;
struct dcesrv_interface iface;
} *interface_list;
} *endpoint_list;
/* loadparm context to use for this connection */
struct loadparm_context *lp_ctx;
};
/* this structure is used by modules to determine the size of some critical types */
struct dcesrv_critical_sizes {
int interface_version;
int sizeof_dcesrv_context;
int sizeof_dcesrv_endpoint;
int sizeof_dcesrv_endpoint_server;
int sizeof_dcesrv_interface;
int sizeof_dcesrv_if_list;
int sizeof_dcesrv_connection;
int sizeof_dcesrv_call_state;
int sizeof_dcesrv_auth;
int sizeof_dcesrv_handle;
};
struct model_ops;
NTSTATUS dcesrv_interface_register(struct dcesrv_context *dce_ctx,
const char *ep_name,
const struct dcesrv_interface *iface,
const struct security_descriptor *sd);
NTSTATUS dcerpc_register_ep_server(const void *_ep_server);
NTSTATUS dcesrv_init_context(TALLOC_CTX *mem_ctx,
struct loadparm_context *lp_ctx,
const char **endpoint_servers, struct dcesrv_context **_dce_ctx);
NTSTATUS dcesrv_init_ipc_context(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
struct dcesrv_context **_dce_ctx);
NTSTATUS dcesrv_endpoint_search_connect(struct dcesrv_context *dce_ctx,
TALLOC_CTX *mem_ctx,
const struct dcerpc_binding *ep_description,
struct auth_session_info *session_info,
struct event_context *event_ctx,
struct messaging_context *msg_ctx,
struct server_id server_id,
uint32_t state_flags,
struct dcesrv_connection **dce_conn_p);
NTSTATUS dcesrv_output(struct dcesrv_connection *dce_conn,
void *private_data,
NTSTATUS (*write_fn)(void *private_data, DATA_BLOB *output, size_t *nwritten));
NTSTATUS dcesrv_input(struct dcesrv_connection *dce_conn, const DATA_BLOB *data);
NTSTATUS dcesrv_endpoint_connect(struct dcesrv_context *dce_ctx,
TALLOC_CTX *mem_ctx,
const struct dcesrv_endpoint *ep,
struct auth_session_info *session_info,
struct event_context *event_ctx,
struct messaging_context *msg_ctx,
struct server_id server_id,
uint32_t state_flags,
struct dcesrv_connection **_p);
NTSTATUS dcesrv_reply(struct dcesrv_call_state *call);
struct dcesrv_handle *dcesrv_handle_new(struct dcesrv_connection_context *context,
uint8_t handle_type);
struct dcesrv_handle *dcesrv_handle_fetch(
struct dcesrv_connection_context *context,
struct policy_handle *p,
uint8_t handle_type);
struct socket_address *dcesrv_connection_get_my_addr(struct dcesrv_connection *conn, TALLOC_CTX *mem_ctx);
struct socket_address *dcesrv_connection_get_peer_addr(struct dcesrv_connection *conn, TALLOC_CTX *mem_ctx);
NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p, DATA_BLOB *session_key);
/* a useful macro for generating a RPC fault in the backend code */
#define DCESRV_FAULT(code) do { \
dce_call->fault_code = code; \
return r->out.result; \
} while(0)
/* a useful macro for generating a RPC fault in the backend code */
#define DCESRV_FAULT_VOID(code) do { \
dce_call->fault_code = code; \
return; \
} while(0)
/* a useful macro for checking the validity of a dcerpc policy handle
and giving the right fault code if invalid */
#define DCESRV_CHECK_HANDLE(h) do {if (!(h)) DCESRV_FAULT(DCERPC_FAULT_CONTEXT_MISMATCH); } while (0)
/* this checks for a valid policy handle, and gives a fault if an
invalid handle or retval if the handle is of the
wrong type */
#define DCESRV_PULL_HANDLE_RETVAL(h, inhandle, t, retval) do { \
(h) = dcesrv_handle_fetch(dce_call->context, (inhandle), DCESRV_HANDLE_ANY); \
DCESRV_CHECK_HANDLE(h); \
if ((t) != DCESRV_HANDLE_ANY && (h)->wire_handle.handle_type != (t)) { \
return retval; \
} \
} while (0)
/* this checks for a valid policy handle and gives a dcerpc fault
if its the wrong type of handle */
#define DCESRV_PULL_HANDLE_FAULT(h, inhandle, t) do { \
(h) = dcesrv_handle_fetch(dce_call->context, (inhandle), t); \
DCESRV_CHECK_HANDLE(h); \
} while (0)
#define DCESRV_PULL_HANDLE(h, inhandle, t) DCESRV_PULL_HANDLE_RETVAL(h, inhandle, t, NT_STATUS_INVALID_HANDLE)
#define DCESRV_PULL_HANDLE_WERR(h, inhandle, t) DCESRV_PULL_HANDLE_RETVAL(h, inhandle, t, WERR_BADFID)
#endif /* SAMBA_DCERPC_SERVER_H */
|