2003-10-28 13:24:13 +03:00
/*
Unix SMB / CIFS implementation .
2003-11-24 15:40:47 +03:00
dcerpc over SMB transport
2003-10-28 13:24:13 +03:00
2003-11-03 09:22:45 +03:00
Copyright ( C ) Tim Potter 2003
Copyright ( C ) Andrew Tridgell 2003
2003-10-28 13:24:13 +03:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 675 Mass Ave , Cambridge , MA 0213 9 , USA .
*/
# include "includes.h"
2004-11-01 04:03:22 +03:00
# include "libcli/raw/libcliraw.h"
2004-11-30 07:33:27 +03:00
# include "librpc/gen_ndr/ndr_security.h"
2003-10-28 13:24:13 +03:00
2003-11-24 14:45:33 +03:00
/* transport private information used by SMB pipe transport */
struct smb_private {
2004-05-25 21:24:24 +04:00
uint16_t fnum ;
2004-08-04 17:23:35 +04:00
struct smbcli_tree * tree ;
2003-11-24 14:45:33 +03:00
} ;
2003-11-04 12:10:31 +03:00
2003-10-28 13:24:13 +03:00
2004-08-30 07:10:43 +04:00
/*
tell the dcerpc layer that the transport is dead
*/
2005-01-09 11:34:05 +03:00
static void pipe_dead ( struct dcerpc_connection * c , NTSTATUS status )
2004-08-30 07:10:43 +04:00
{
2005-01-09 11:34:05 +03:00
c - > transport . recv_data ( c , NULL , status ) ;
2003-10-28 13:24:13 +03:00
}
2003-11-04 05:28:08 +03:00
2004-08-30 07:10:43 +04:00
/*
this holds the state of an in - flight call
*/
struct smb_read_state {
2005-01-09 11:34:05 +03:00
struct dcerpc_connection * c ;
2004-08-30 07:10:43 +04:00
struct smbcli_request * req ;
size_t received ;
DATA_BLOB data ;
union smb_read * io ;
} ;
/*
called when a read request has completed
*/
static void smb_read_callback ( struct smbcli_request * req )
2003-10-28 13:24:13 +03:00
{
2004-08-30 07:10:43 +04:00
struct smb_private * smb ;
struct smb_read_state * state ;
union smb_read * io ;
2004-05-25 21:24:24 +04:00
uint16_t frag_length ;
2004-08-30 07:10:43 +04:00
NTSTATUS status ;
2003-10-28 13:24:13 +03:00
2004-08-30 07:10:43 +04:00
state = req - > async . private ;
2005-01-09 11:34:05 +03:00
smb = state - > c - > transport . private ;
2004-08-30 07:10:43 +04:00
io = state - > io ;
2004-04-23 08:21:22 +04:00
2004-08-30 07:10:43 +04:00
status = smb_raw_read_recv ( state - > req , io ) ;
2004-08-30 09:35:30 +04:00
if ( NT_STATUS_IS_ERR ( status ) ) {
2005-01-09 11:34:05 +03:00
pipe_dead ( state - > c , status ) ;
2004-08-30 07:10:43 +04:00
talloc_free ( state ) ;
return ;
2003-11-04 05:28:08 +03:00
}
2004-08-30 07:10:43 +04:00
state - > received + = io - > readx . out . nread ;
2003-11-04 05:28:08 +03:00
2004-08-30 07:10:43 +04:00
if ( state - > received < 16 ) {
DEBUG ( 0 , ( " dcerpc_smb: short packet (length %d) in read callback! \n " ,
state - > received ) ) ;
2005-01-09 11:34:05 +03:00
pipe_dead ( state - > c , NT_STATUS_INFO_LENGTH_MISMATCH ) ;
2004-08-30 07:10:43 +04:00
talloc_free ( state ) ;
return ;
2003-11-04 05:28:08 +03:00
}
2004-08-30 07:10:43 +04:00
frag_length = dcerpc_get_frag_length ( & state - > data ) ;
2004-08-30 09:35:30 +04:00
2004-08-30 07:10:43 +04:00
if ( frag_length < = state - > received ) {
state - > data . length = state - > received ;
2005-01-09 11:34:05 +03:00
state - > c - > transport . recv_data ( state - > c , & state - > data , NT_STATUS_OK ) ;
2004-08-30 07:10:43 +04:00
talloc_free ( state ) ;
return ;
2003-11-04 05:28:08 +03:00
}
2004-08-30 07:10:43 +04:00
/* initiate another read request, as we only got part of a fragment */
2005-01-07 07:39:16 +03:00
state - > data . data = talloc_realloc ( state , state - > data . data , uint8_t , frag_length ) ;
2003-10-28 13:24:13 +03:00
2005-01-09 11:34:05 +03:00
io - > readx . in . mincnt = MIN ( state - > c - > srv_max_xmit_frag ,
2004-08-30 09:35:30 +04:00
frag_length - state - > received ) ;
2004-08-30 07:10:43 +04:00
io - > readx . in . maxcnt = io - > readx . in . mincnt ;
io - > readx . out . data = state - > data . data + state - > received ;
2003-10-28 13:24:13 +03:00
2004-08-30 09:35:30 +04:00
state - > req = smb_raw_read_send ( smb - > tree , io ) ;
if ( state - > req = = NULL ) {
2005-01-09 11:34:05 +03:00
pipe_dead ( state - > c , NT_STATUS_NO_MEMORY ) ;
2004-08-30 07:10:43 +04:00
talloc_free ( state ) ;
return ;
}
2004-08-30 09:35:30 +04:00
state - > req - > async . fn = smb_read_callback ;
state - > req - > async . private = state ;
2003-10-28 13:24:13 +03:00
}
2003-11-04 05:28:08 +03:00
2004-08-30 07:10:43 +04:00
/*
2004-08-30 09:35:30 +04:00
trigger a read request from the server , possibly with some initial
data in the read buffer
2003-11-04 05:28:08 +03:00
*/
2005-01-09 11:34:05 +03:00
static NTSTATUS send_read_request_continue ( struct dcerpc_connection * c , DATA_BLOB * blob )
2003-11-04 05:28:08 +03:00
{
2005-01-09 11:34:05 +03:00
struct smb_private * smb = c - > transport . private ;
2004-08-30 07:10:43 +04:00
union smb_read * io ;
struct smb_read_state * state ;
struct smbcli_request * req ;
2003-11-04 05:28:08 +03:00
2005-01-27 10:08:20 +03:00
state = talloc ( smb , struct smb_read_state ) ;
2004-08-30 07:10:43 +04:00
if ( state = = NULL ) {
2003-11-04 05:28:08 +03:00
return NT_STATUS_NO_MEMORY ;
}
2005-01-09 11:34:05 +03:00
state - > c = c ;
2004-08-30 09:35:30 +04:00
if ( blob = = NULL ) {
state - > received = 0 ;
state - > data = data_blob_talloc ( state , NULL , 0x2000 ) ;
} else {
uint32_t frag_length = blob - > length > = 16 ?
dcerpc_get_frag_length ( blob ) : 0x2000 ;
state - > received = blob - > length ;
state - > data = data_blob_talloc ( state , NULL , frag_length ) ;
if ( ! state - > data . data ) {
talloc_free ( state ) ;
return NT_STATUS_NO_MEMORY ;
}
memcpy ( state - > data . data , blob - > data , blob - > length ) ;
}
2005-01-27 10:08:20 +03:00
state - > io = talloc ( state , union smb_read ) ;
2004-08-30 07:10:43 +04:00
io = state - > io ;
io - > generic . level = RAW_READ_READX ;
io - > readx . in . fnum = smb - > fnum ;
2004-08-30 09:35:30 +04:00
io - > readx . in . mincnt = state - > data . length - state - > received ;
io - > readx . in . maxcnt = io - > readx . in . mincnt ;
2004-08-30 07:10:43 +04:00
io - > readx . in . offset = 0 ;
io - > readx . in . remaining = 0 ;
2004-08-30 09:35:30 +04:00
io - > readx . out . data = state - > data . data + state - > received ;
2004-08-30 07:10:43 +04:00
req = smb_raw_read_send ( smb - > tree , io ) ;
if ( req = = NULL ) {
return NT_STATUS_NO_MEMORY ;
2003-11-04 05:28:08 +03:00
}
2004-08-30 07:10:43 +04:00
req - > async . fn = smb_read_callback ;
req - > async . private = state ;
2003-11-04 05:28:08 +03:00
2004-08-30 07:10:43 +04:00
state - > req = req ;
2003-11-04 05:28:08 +03:00
2004-08-30 07:10:43 +04:00
return NT_STATUS_OK ;
}
2003-11-04 05:28:08 +03:00
2004-08-30 09:35:30 +04:00
/*
trigger a read request from the server
*/
2005-01-09 11:34:05 +03:00
static NTSTATUS send_read_request ( struct dcerpc_connection * c )
2004-08-30 09:35:30 +04:00
{
2005-01-09 11:34:05 +03:00
return send_read_request_continue ( c , NULL ) ;
2004-08-30 09:35:30 +04:00
}
/*
this holds the state of an in - flight trans call
*/
struct smb_trans_state {
2005-01-09 11:34:05 +03:00
struct dcerpc_connection * c ;
2004-08-30 09:35:30 +04:00
struct smbcli_request * req ;
struct smb_trans2 * trans ;
} ;
/*
called when a trans request has completed
*/
static void smb_trans_callback ( struct smbcli_request * req )
{
struct smb_trans_state * state = req - > async . private ;
2005-01-09 11:34:05 +03:00
struct dcerpc_connection * c = state - > c ;
2004-08-30 09:35:30 +04:00
NTSTATUS status ;
status = smb_raw_trans_recv ( req , state , state - > trans ) ;
if ( NT_STATUS_IS_ERR ( status ) ) {
2005-01-09 11:34:05 +03:00
pipe_dead ( c , status ) ;
2004-08-30 09:35:30 +04:00
return ;
}
if ( ! NT_STATUS_EQUAL ( status , STATUS_BUFFER_OVERFLOW ) ) {
2005-01-09 11:34:05 +03:00
c - > transport . recv_data ( c , & state - > trans - > out . data , NT_STATUS_OK ) ;
2004-08-30 09:35:30 +04:00
talloc_free ( state ) ;
return ;
}
/* there is more to receive - setup a readx */
2005-01-09 11:34:05 +03:00
send_read_request_continue ( c , & state - > trans - > out . data ) ;
2004-08-30 09:35:30 +04:00
talloc_free ( state ) ;
}
/*
send a SMBtrans style request
*/
2005-01-09 11:34:05 +03:00
static NTSTATUS smb_send_trans_request ( struct dcerpc_connection * c , DATA_BLOB * blob )
2004-08-30 09:35:30 +04:00
{
2005-01-09 11:34:05 +03:00
struct smb_private * smb = c - > transport . private ;
2004-08-30 09:35:30 +04:00
struct smb_trans2 * trans ;
2005-01-31 19:06:21 +03:00
uint16_t setup [ 2 ] ;
2004-08-30 09:35:30 +04:00
struct smb_trans_state * state ;
2005-01-27 10:08:20 +03:00
state = talloc ( smb , struct smb_trans_state ) ;
2004-08-30 09:35:30 +04:00
if ( state = = NULL ) {
return NT_STATUS_NO_MEMORY ;
}
2005-01-09 11:34:05 +03:00
state - > c = c ;
2005-01-27 10:08:20 +03:00
state - > trans = talloc ( state , struct smb_trans2 ) ;
2004-08-30 09:35:30 +04:00
trans = state - > trans ;
trans - > in . data = * blob ;
trans - > in . params = data_blob ( NULL , 0 ) ;
setup [ 0 ] = TRANSACT_DCERPCCMD ;
setup [ 1 ] = smb - > fnum ;
trans - > in . max_param = 0 ;
2004-10-30 06:17:03 +04:00
trans - > in . max_data = smb_raw_max_trans_data ( smb - > tree , 0 ) ;
2004-08-30 09:35:30 +04:00
trans - > in . max_setup = 0 ;
trans - > in . setup_count = 2 ;
trans - > in . flags = 0 ;
trans - > in . timeout = 0 ;
trans - > in . setup = setup ;
trans - > in . trans_name = " \\ PIPE \\ " ;
state - > req = smb_raw_trans_send ( smb - > tree , trans ) ;
if ( state - > req = = NULL ) {
talloc_free ( state ) ;
return NT_STATUS_NO_MEMORY ;
}
state - > req - > async . fn = smb_trans_callback ;
state - > req - > async . private = state ;
return NT_STATUS_OK ;
}
2004-08-30 07:10:43 +04:00
/*
called when a write request has completed
*/
static void smb_write_callback ( struct smbcli_request * req )
{
2005-01-09 11:34:05 +03:00
struct dcerpc_connection * c = req - > async . private ;
2004-08-30 07:10:43 +04:00
if ( ! NT_STATUS_IS_OK ( req - > status ) ) {
DEBUG ( 0 , ( " dcerpc_smb: write callback error \n " ) ) ;
2005-01-09 11:34:05 +03:00
pipe_dead ( c , req - > status ) ;
2003-11-04 05:28:08 +03:00
}
2004-08-30 07:10:43 +04:00
smbcli_request_destroy ( req ) ;
2003-11-04 05:28:08 +03:00
}
2003-11-04 06:38:46 +03:00
/*
2004-08-30 07:10:43 +04:00
send a packet to the server
2003-11-04 06:38:46 +03:00
*/
2005-01-09 11:34:05 +03:00
static NTSTATUS smb_send_request ( struct dcerpc_connection * c , DATA_BLOB * blob , BOOL trigger_read )
2003-11-04 06:38:46 +03:00
{
2005-01-09 11:34:05 +03:00
struct smb_private * smb = c - > transport . private ;
2003-11-04 06:38:46 +03:00
union smb_write io ;
2004-08-30 07:10:43 +04:00
struct smbcli_request * req ;
2003-11-04 06:38:46 +03:00
2004-08-30 09:35:30 +04:00
if ( trigger_read ) {
2005-01-09 11:34:05 +03:00
return smb_send_trans_request ( c , blob ) ;
2004-08-30 09:35:30 +04:00
}
2003-11-04 06:38:46 +03:00
io . generic . level = RAW_WRITE_WRITEX ;
2003-11-24 14:45:33 +03:00
io . writex . in . fnum = smb - > fnum ;
2003-11-04 06:38:46 +03:00
io . writex . in . offset = 0 ;
io . writex . in . wmode = PIPE_START_MESSAGE ;
io . writex . in . remaining = blob - > length ;
io . writex . in . count = blob - > length ;
io . writex . in . data = blob - > data ;
2005-06-17 03:47:06 +04:00
/* we must not timeout at the smb level for rpc requests, as otherwise
signing / sealing can be messed up */
smb - > tree - > session - > transport - > options . request_timeout = 0 ;
2004-08-30 07:10:43 +04:00
req = smb_raw_write_send ( smb - > tree , & io ) ;
if ( req = = NULL ) {
return NT_STATUS_NO_MEMORY ;
2003-11-04 06:38:46 +03:00
}
2004-08-30 07:10:43 +04:00
req - > async . fn = smb_write_callback ;
2005-01-09 11:34:05 +03:00
req - > async . private = c ;
2004-08-30 07:10:43 +04:00
2004-08-30 09:35:30 +04:00
if ( trigger_read ) {
2005-01-09 11:34:05 +03:00
send_read_request ( c ) ;
2004-08-30 09:35:30 +04:00
}
2004-08-30 07:10:43 +04:00
return NT_STATUS_OK ;
}
2003-11-24 14:45:33 +03:00
/*
shutdown SMB pipe connection
*/
2005-01-09 11:34:05 +03:00
static NTSTATUS smb_shutdown_pipe ( struct dcerpc_connection * c )
2003-11-24 14:45:33 +03:00
{
2005-01-09 11:34:05 +03:00
struct smb_private * smb = c - > transport . private ;
union smb_close io ;
2003-11-24 14:45:33 +03:00
/* maybe we're still starting up */
if ( ! smb ) return NT_STATUS_OK ;
2005-01-09 11:34:05 +03:00
io . close . level = RAW_CLOSE_CLOSE ;
io . close . in . fnum = smb - > fnum ;
io . close . in . write_time = 0 ;
smb_raw_close ( smb - > tree , & io ) ;
2004-09-28 09:44:59 +04:00
2004-09-27 12:41:39 +04:00
talloc_free ( smb ) ;
2003-11-24 14:45:33 +03:00
return NT_STATUS_OK ;
}
/*
return SMB server name
*/
2005-01-09 11:34:05 +03:00
static const char * smb_peer_name ( struct dcerpc_connection * c )
2003-11-24 14:45:33 +03:00
{
2005-01-09 11:34:05 +03:00
struct smb_private * smb = c - > transport . private ;
2003-11-24 14:45:33 +03:00
return smb - > tree - > session - > transport - > called . name ;
}
2004-09-09 18:31:27 +04:00
/*
fetch the user session key
*/
2005-01-09 11:34:05 +03:00
static NTSTATUS smb_session_key ( struct dcerpc_connection * c , DATA_BLOB * session_key )
2004-09-09 18:31:27 +04:00
{
2005-01-09 11:34:05 +03:00
struct smb_private * smb = c - > transport . private ;
2004-09-09 18:31:27 +04:00
if ( smb - > tree - > session - > user_session_key . data ) {
* session_key = smb - > tree - > session - > user_session_key ;
return NT_STATUS_OK ;
}
return NT_STATUS_NO_USER_SESSION_KEY ;
}
2003-11-24 14:45:33 +03:00
/*
open a rpc connection to a named pipe
*/
2005-01-09 11:34:05 +03:00
NTSTATUS dcerpc_pipe_open_smb ( struct dcerpc_connection * c ,
2004-08-04 17:23:35 +04:00
struct smbcli_tree * tree ,
2003-11-26 04:16:41 +03:00
const char * pipe_name )
2003-11-24 14:45:33 +03:00
{
struct smb_private * smb ;
NTSTATUS status ;
union smb_open io ;
r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2005-03-19 11:34:43 +03:00
char * pipe_name_talloc ;
2003-11-24 14:45:33 +03:00
r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2005-03-19 11:34:43 +03:00
if ( ! strncasecmp ( pipe_name , " /pipe/ " , 6 ) | |
! strncasecmp ( pipe_name , " \\ pipe \\ " , 6 ) ) {
pipe_name + = 6 ;
}
if ( pipe_name [ 0 ] ! = ' \\ ' ) {
pipe_name_talloc = talloc_asprintf ( NULL , " \\ %s " , pipe_name ) ;
} else {
pipe_name_talloc = talloc_strdup ( NULL , pipe_name ) ;
}
2003-11-24 14:45:33 +03:00
io . ntcreatex . level = RAW_OPEN_NTCREATEX ;
io . ntcreatex . in . flags = 0 ;
io . ntcreatex . in . root_fid = 0 ;
io . ntcreatex . in . access_mask =
2004-11-30 07:33:27 +03:00
SEC_STD_READ_CONTROL |
SEC_FILE_WRITE_ATTRIBUTE |
SEC_FILE_WRITE_EA |
SEC_FILE_READ_DATA |
SEC_FILE_WRITE_DATA ;
2003-11-24 14:45:33 +03:00
io . ntcreatex . in . file_attr = 0 ;
io . ntcreatex . in . alloc_size = 0 ;
io . ntcreatex . in . share_access =
NTCREATEX_SHARE_ACCESS_READ |
NTCREATEX_SHARE_ACCESS_WRITE ;
io . ntcreatex . in . open_disposition = NTCREATEX_DISP_OPEN ;
io . ntcreatex . in . create_options = 0 ;
io . ntcreatex . in . impersonation = NTCREATEX_IMPERSONATION_IMPERSONATION ;
io . ntcreatex . in . security_flags = 0 ;
r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2005-03-19 11:34:43 +03:00
io . ntcreatex . in . fname = pipe_name_talloc ;
2003-11-24 14:45:33 +03:00
2004-10-28 16:46:59 +04:00
status = smb_raw_open ( tree , tree , & io ) ;
2003-11-24 14:45:33 +03:00
r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2005-03-19 11:34:43 +03:00
talloc_free ( pipe_name_talloc ) ;
2003-11-24 14:45:33 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
/*
fill in the transport methods
*/
2005-01-09 11:34:05 +03:00
c - > transport . transport = NCACN_NP ;
c - > transport . private = NULL ;
c - > transport . shutdown_pipe = smb_shutdown_pipe ;
c - > transport . peer_name = smb_peer_name ;
c - > transport . send_request = smb_send_request ;
c - > transport . send_read = send_read_request ;
c - > transport . recv_data = NULL ;
2003-11-24 14:45:33 +03:00
2004-09-11 19:11:36 +04:00
/* Over-ride the default session key with the SMB session key */
2005-01-09 11:34:05 +03:00
c - > security_state . session_key = smb_session_key ;
2004-09-11 19:11:36 +04:00
2005-01-27 10:08:20 +03:00
smb = talloc ( c , struct smb_private ) ;
2005-01-09 11:34:05 +03:00
if ( smb = = NULL ) {
2003-11-24 14:45:33 +03:00
return NT_STATUS_NO_MEMORY ;
}
smb - > fnum = io . ntcreatex . out . fnum ;
2004-09-28 09:44:59 +04:00
smb - > tree = tree ;
2003-11-24 14:45:33 +03:00
2005-01-09 11:34:05 +03:00
c - > transport . private = smb ;
2003-11-24 14:45:33 +03:00
2003-11-24 15:40:47 +03:00
return NT_STATUS_OK ;
2003-11-24 14:45:33 +03:00
}
2004-01-20 09:07:09 +03:00
/*
return the SMB tree used for a dcerpc over SMB pipe
*/
2005-01-09 11:34:05 +03:00
struct smbcli_tree * dcerpc_smb_tree ( struct dcerpc_connection * c )
2004-01-20 09:07:09 +03:00
{
2005-01-09 11:34:05 +03:00
struct smb_private * smb = c - > transport . private ;
2004-01-20 09:07:09 +03:00
2005-01-09 11:34:05 +03:00
if ( c - > transport . transport ! = NCACN_NP ) {
2004-01-20 09:07:09 +03:00
return NULL ;
}
return smb - > tree ;
}
