2003-12-11 01:21:04 +03:00
/*
Unix SMB / CIFS implementation .
server side dcerpc defines
2005-01-11 19:53:02 +03:00
Copyright ( C ) Andrew Tridgell 2003 - 2005
Copyright ( C ) Stefan ( metze ) Metzmacher 2004 - 2005
2003-12-11 01:21:04 +03:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-10 06:07:03 +04:00
the Free Software Foundation ; either version 3 of the License , or
2003-12-11 01:21:04 +03:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 06:07:03 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2003-12-11 01:21:04 +03:00
*/
2004-02-02 16:28:29 +03:00
# ifndef SAMBA_DCERPC_SERVER_H
# define SAMBA_DCERPC_SERVER_H
2011-05-02 04:55:20 +04:00
# include "librpc/gen_ndr/server_id.h"
2006-03-18 18:42:57 +03:00
# include "librpc/rpc/dcerpc.h"
2006-03-16 20:51:04 +03:00
# include "librpc/ndr/libndr.h"
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* modules can use the following to determine if the interface has changed
* please increment the version number after each interface change
* with a comment and maybe update struct dcesrv_critical_sizes .
*/
/* version 1 - initial version - metze */
# define DCERPC_MODULE_VERSION 1
2003-12-11 01:21:04 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
struct dcesrv_connection ;
struct dcesrv_call_state ;
2004-06-04 13:46:46 +04:00
struct dcesrv_auth ;
2006-01-03 20:27:33 +03:00
struct dcesrv_connection_context ;
2018-12-11 00:41:31 +03:00
struct dcesrv_iface_state ;
2003-12-12 06:59:09 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
struct dcesrv_interface {
2004-12-20 17:37:54 +03:00
const char * name ;
2007-08-18 10:57:49 +04:00
struct ndr_syntax_id syntax_id ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* this function is called when the client binds to this interface */
2010-02-19 10:02:46 +03:00
NTSTATUS ( * bind ) ( struct dcesrv_call_state * , const struct dcesrv_interface * , uint32_t if_version ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* this function is called when the client disconnects the endpoint */
2005-01-10 15:15:26 +03:00
void ( * unbind ) ( struct dcesrv_connection_context * , const struct dcesrv_interface * ) ;
2004-12-20 17:37:54 +03:00
/* the ndr_pull function for the chosen interface.
*/
2005-02-18 02:11:26 +03:00
NTSTATUS ( * ndr_pull ) ( struct dcesrv_call_state * , TALLOC_CTX * , struct ndr_pull * , void * * ) ;
2004-12-20 17:37:54 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* the dispatch function for the chosen interface.
*/
2004-12-20 17:37:54 +03:00
NTSTATUS ( * dispatch ) ( struct dcesrv_call_state * , TALLOC_CTX * , void * ) ;
2005-01-11 19:53:02 +03:00
/* the reply function for the chosen interface.
*/
NTSTATUS ( * reply ) ( struct dcesrv_call_state * , TALLOC_CTX * , void * ) ;
2004-12-20 17:37:54 +03:00
/* the ndr_push function for the chosen interface.
*/
2005-06-24 05:18:56 +04:00
NTSTATUS ( * ndr_push ) ( struct dcesrv_call_state * , TALLOC_CTX * , struct ndr_push * , const void * ) ;
2004-12-20 17:37:54 +03:00
/* for any private use by the interface code */
2009-02-02 12:01:36 +03:00
const void * private_data ;
2016-11-14 01:24:03 +03:00
uint64_t flags ;
2004-12-20 17:37:54 +03:00
} ;
2003-12-12 06:59:09 +03:00
2016-11-14 01:24:03 +03:00
# define DCESRV_INTERFACE_FLAGS_HANDLES_NOT_USED 0x00000001
2007-03-14 01:58:23 +03:00
enum dcesrv_call_list {
DCESRV_LIST_NONE ,
DCESRV_LIST_CALL_LIST ,
DCESRV_LIST_FRAGMENTED_CALL_LIST ,
DCESRV_LIST_PENDING_CALL_LIST
} ;
2016-02-20 12:07:11 +03:00
struct data_blob_list_item {
struct data_blob_list_item * prev , * next ;
DATA_BLOB blob ;
} ;
2003-12-12 06:59:09 +03:00
/* the state of an ongoing dcerpc call */
struct dcesrv_call_state {
struct dcesrv_call_state * next , * prev ;
2018-10-31 16:44:33 +03:00
struct dcesrv_auth * auth_state ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
struct dcesrv_connection * conn ;
2005-01-10 15:15:26 +03:00
struct dcesrv_connection_context * context ;
2005-06-06 03:05:37 +04:00
struct ncacn_packet pkt ;
2003-12-12 08:30:00 +03:00
2017-05-15 15:15:41 +03:00
/*
* Used during async bind / alter_context .
*/
struct ncacn_packet ack_pkt ;
2007-03-14 01:58:23 +03:00
/*
which list this request is in , if any
*/
enum dcesrv_call_list list ;
2005-01-11 19:53:02 +03:00
/* the backend can mark the call
* with DCESRV_CALL_STATE_FLAG_ASYNC
* that will cause the frontend to not touch r - > out
* and skip the reply
*
* this is only allowed to the backend when DCESRV_CALL_STATE_FLAG_MAY_ASYNC
* is alerady set by the frontend
*
* the backend then needs to call dcesrv_reply ( ) when it ' s
* ready to send the reply
*/
# define DCESRV_CALL_STATE_FLAG_ASYNC (1<<0)
# define DCESRV_CALL_STATE_FLAG_MAY_ASYNC (1<<1)
2015-03-25 07:06:03 +03:00
# define DCESRV_CALL_STATE_FLAG_MULTIPLEXED (1<<3)
2015-04-06 12:26:58 +03:00
# define DCESRV_CALL_STATE_FLAG_PROCESS_PENDING_CALL (1<<4)
2005-01-11 19:53:02 +03:00
uint32_t state_flags ;
/* the time the request arrived in the server */
struct timeval time ;
/* the backend can use this event context for async replies */
2008-12-29 22:24:57 +03:00
struct tevent_context * event_ctx ;
2005-01-11 19:53:02 +03:00
2006-07-31 17:40:49 +04:00
/* the message_context that will be used for async replies */
2011-05-03 04:40:33 +04:00
struct imessaging_context * msg_ctx ;
2006-07-31 17:40:49 +04:00
2005-01-11 19:53:02 +03:00
/* this is the pointer to the allocated function struct */
void * r ;
2006-07-31 17:40:49 +04:00
/*
* that ' s the ndr pull context used in dcesrv_request ( )
* needed by dcesrv_reply ( ) to carry over information
* for full pointer support .
*/
2005-01-11 19:53:02 +03:00
struct ndr_pull * ndr_pull ;
2003-12-13 14:44:28 +03:00
DATA_BLOB input ;
2005-09-08 15:26:05 +04:00
struct data_blob_list_item * replies ;
2004-05-04 10:07:52 +04:00
/* this is used by the boilerplate code to generate DCERPC faults */
2004-05-25 20:24:13 +04:00
uint32_t fault_code ;
2015-06-26 09:10:46 +03:00
/* the reason why we terminate the connection after sending a response */
const char * terminate_reason ;
2015-06-26 09:10:46 +03:00
/* temporary auth_info fields */
struct dcerpc_auth in_auth_info ;
struct dcerpc_auth _out_auth_info ;
struct dcerpc_auth * out_auth_info ;
2003-12-12 06:59:09 +03:00
} ;
2003-12-11 01:21:04 +03:00
2018-01-18 12:57:23 +03:00
/*
* DCERPC Handles
* - - - - - - - - - - - - - -
* The various handles that are used in the RPC servers should be
* created and fetch using the dcesrv_handle_ * functions .
*
* Use
2018-11-08 14:20:44 +03:00
* dcesrv_handle_create ( struct dcesrv_call_state \ * , uint8 handle_type )
2018-01-18 12:57:23 +03:00
* to obtain a new handle of the specified type . Handle types are
* unique within each pipe .
*
* The handle can later be fetched again using :
*
2018-11-08 14:20:44 +03:00
* struct dcesrv_handle * dcesrv_handle_lookup (
* struct dcesrv_call_state * dce_call ,
2018-01-18 12:57:23 +03:00
* struct policy_handle * p ,
* uint8 handle_type )
*
* and destroyed by :
*
2018-11-08 14:20:44 +03:00
* TALLOC_FREE ( struct dcesrv_handle * ) .
2018-01-18 12:57:23 +03:00
*
* User data should be stored in the ' data ' member of the dcesrv_handle
* struct .
*/
2004-04-27 11:12:10 +04:00
# define DCESRV_HANDLE_ANY 255
2003-12-13 05:20:40 +03:00
/* a dcerpc handle in internal format */
struct dcesrv_handle {
struct dcesrv_handle * next , * prev ;
2009-09-22 11:18:03 +04:00
struct dcesrv_assoc_group * assoc_group ;
2003-12-13 05:20:40 +03:00
struct policy_handle wire_handle ;
2009-09-22 11:18:03 +04:00
struct dom_sid * sid ;
2018-11-22 01:27:50 +03:00
enum dcerpc_AuthLevel min_auth_level ;
2009-09-22 11:18:03 +04:00
const struct dcesrv_interface * iface ;
2003-12-13 05:20:40 +03:00
void * data ;
} ;
2003-12-14 04:09:10 +03:00
/* hold the authentication state information */
struct dcesrv_auth {
2015-06-29 12:03:58 +03:00
enum dcerpc_AuthType auth_type ;
enum dcerpc_AuthLevel auth_level ;
uint32_t auth_context_id ;
r1294: A nice, large, commit...
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
2004-06-29 13:40:10 +04:00
struct gensec_security * gensec_security ;
2004-06-08 01:34:32 +04:00
struct auth_session_info * session_info ;
2018-11-08 13:14:41 +03:00
NTSTATUS ( * session_key_fn ) ( struct dcesrv_auth * , DATA_BLOB * session_key ) ;
2014-01-08 13:57:44 +04:00
bool client_hdr_signing ;
bool hdr_signing ;
2018-11-22 12:30:47 +03:00
bool auth_started ;
2015-06-26 09:10:46 +03:00
bool auth_finished ;
2015-07-14 17:18:45 +03:00
bool auth_invalid ;
2003-12-14 04:09:10 +03:00
} ;
2005-01-10 15:15:26 +03:00
struct dcesrv_connection_context {
struct dcesrv_connection_context * next , * prev ;
2015-07-15 11:15:31 +03:00
uint16_t context_id ;
2005-01-10 15:15:26 +03:00
/* the connection this is on */
struct dcesrv_connection * conn ;
/* the ndr function table for the chosen interface */
const struct dcesrv_interface * iface ;
2015-07-14 10:12:18 +03:00
/*
* the minimum required auth level for this interface
*/
enum dcerpc_AuthLevel min_auth_level ;
2016-03-10 04:46:59 +03:00
bool allow_connect ;
2015-06-28 14:15:33 +03:00
/* the negotiated transfer syntax */
struct ndr_syntax_id transfer_syntax ;
2005-01-10 15:15:26 +03:00
} ;
2003-12-14 04:09:10 +03:00
2003-12-11 01:21:04 +03:00
/* the state associated with a dcerpc server connection */
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
struct dcesrv_connection {
2013-07-09 18:38:59 +04:00
/* for the broken_connections DLIST */
struct dcesrv_connection * prev , * next ;
2003-12-13 05:20:40 +03:00
/* the top level context for this server */
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
struct dcesrv_context * dce_ctx ;
2003-12-13 05:20:40 +03:00
2003-12-11 01:21:04 +03:00
/* the endpoint that was opened */
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
const struct dcesrv_endpoint * endpoint ;
2003-12-11 01:21:04 +03:00
2005-01-10 15:15:26 +03:00
/* a list of established context_ids */
struct dcesrv_connection_context * contexts ;
2003-12-12 06:59:09 +03:00
2006-09-11 10:17:12 +04:00
/* the state of the current incoming call fragments */
struct dcesrv_call_state * incoming_fragmented_call_list ;
2003-12-12 06:59:09 +03:00
2005-01-11 19:53:02 +03:00
/* the state of the async pending calls */
struct dcesrv_call_state * pending_call_list ;
2006-09-11 10:17:12 +04:00
/* the state of the current outgoing calls */
struct dcesrv_call_state * call_list ;
2003-12-12 08:30:00 +03:00
/* the maximum size the client wants to receive */
2015-06-26 09:10:46 +03:00
uint16_t max_recv_frag ;
uint16_t max_xmit_frag ;
2003-12-12 08:30:00 +03:00
2003-12-13 14:44:28 +03:00
DATA_BLOB partial_input ;
2003-12-14 04:09:10 +03:00
2006-03-16 21:46:49 +03:00
/* the event_context that will be used for this connection */
2008-12-29 22:24:57 +03:00
struct tevent_context * event_ctx ;
2004-09-11 16:32:05 +04:00
2006-05-21 15:39:50 +04:00
/* the message_context that will be used for this connection */
2011-05-03 04:40:33 +04:00
struct imessaging_context * msg_ctx ;
2006-05-21 15:39:50 +04:00
/* the server_id that will be used for this connection */
2007-01-10 13:52:09 +03:00
struct server_id server_id ;
2006-05-21 15:39:50 +04:00
2013-07-09 18:38:59 +04:00
/* is this connection pending termination? If so, why? */
const char * terminate ;
2006-03-07 14:02:47 +03:00
2008-11-02 07:49:36 +03:00
const char * packet_log_dir ;
2006-03-07 14:02:47 +03:00
/* this is the default state_flags for dcesrv_call_state structs */
uint32_t state_flags ;
2006-03-16 21:46:49 +03:00
struct {
void * private_data ;
void ( * report_output_data ) ( struct dcesrv_connection * ) ;
} transport ;
2009-04-07 20:35:30 +04:00
struct tstream_context * stream ;
struct tevent_queue * send_queue ;
2010-04-26 15:06:07 +04:00
const struct tsocket_address * local_address ;
const struct tsocket_address * remote_address ;
2015-06-29 12:03:58 +03:00
/* the current authentication state */
2018-11-08 15:28:07 +03:00
struct dcesrv_auth * default_auth_state ;
2015-06-26 09:10:46 +03:00
/*
* remember which pdu types are allowed
*/
bool allow_bind ;
bool allow_alter ;
2015-07-15 11:18:13 +03:00
/* the association group the connection belongs to */
struct dcesrv_assoc_group * assoc_group ;
2016-06-22 18:18:28 +03:00
/* The maximum total payload of reassembled request pdus */
size_t max_total_request_size ;
2015-10-06 11:18:06 +03:00
/*
* Our preferred transfer syntax .
*/
const struct ndr_syntax_id * preferred_transfer ;
2015-10-06 11:18:06 +03:00
2017-05-15 09:11:29 +03:00
/*
* This is used to block the connection during
* pending authentication .
*/
struct tevent_req * ( * wait_send ) ( TALLOC_CTX * mem_ctx ,
struct tevent_context * ev ,
void * private_data ) ;
NTSTATUS ( * wait_recv ) ( struct tevent_req * req ) ;
void * wait_private ;
2003-12-11 01:21:04 +03:00
} ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
struct dcesrv_endpoint_server {
/* this is the name of the endpoint server */
const char * name ;
2003-12-13 05:20:40 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* this function should register endpoints and some other setup stuff,
* it is called when the dcesrv_context gets initialized .
*/
NTSTATUS ( * init_server ) ( struct dcesrv_context * , const struct dcesrv_endpoint_server * ) ;
/* this function can be used by other endpoint servers to
* ask for a dcesrv_interface implementation
2004-10-21 21:40:55 +04:00
* - iface must be reference to an already existing struct !
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
*/
2007-08-27 22:10:19 +04:00
bool ( * interface_by_uuid ) ( struct dcesrv_interface * iface , const struct GUID * , uint32_t ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* this function can be used by other endpoint servers to
* ask for a dcesrv_interface implementation
2004-10-21 21:40:55 +04:00
* - iface must be reference to an already existeng struct !
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
*/
2007-08-27 22:10:19 +04:00
bool ( * interface_by_name ) ( struct dcesrv_interface * iface , const char * ) ;
2003-12-11 01:21:04 +03:00
} ;
2009-09-22 08:36:54 +04:00
/* one association groups */
struct dcesrv_assoc_group {
/* the wire id */
uint32_t id ;
/* list of handles in this association group */
struct dcesrv_handle * handles ;
2009-09-22 11:18:03 +04:00
2018-12-11 00:41:31 +03:00
/*
* list of iface states per assoc / conn
*/
struct dcesrv_iface_state * iface_states ;
2009-09-22 11:18:03 +04:00
/* parent context */
struct dcesrv_context * dce_ctx ;
2010-02-19 07:53:31 +03:00
2018-11-22 01:39:11 +03:00
/* the negotiated bind time features */
uint16_t bind_time_features ;
2009-09-22 08:36:54 +04:00
} ;
2003-12-11 01:21:04 +03:00
/* server-wide context information for the dcerpc server */
struct dcesrv_context {
2015-01-22 14:24:31 +03:00
/*
* The euid at startup time .
*
* This is required for DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM
*/
uid_t initial_euid ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* the list of endpoints that have registered
* by the configured endpoint servers
*/
struct dcesrv_endpoint {
struct dcesrv_endpoint * next , * prev ;
/* the type and location of the endpoint */
r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2005-03-19 11:34:43 +03:00
struct dcerpc_binding * ep_description ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* the security descriptor for smb named pipes */
struct security_descriptor * sd ;
/* the list of interfaces available on this endpoint */
struct dcesrv_if_list {
struct dcesrv_if_list * next , * prev ;
struct dcesrv_interface iface ;
} * interface_list ;
2016-10-18 00:36:51 +03:00
/*
* Should this service be run in a single process ( so far only
* NETLOGON is not run in a single process )
*/
bool use_single_process ;
2003-12-11 01:21:04 +03:00
} * endpoint_list ;
2007-12-04 22:05:00 +03:00
/* loadparm context to use for this connection */
struct loadparm_context * lp_ctx ;
2009-09-22 08:36:54 +04:00
struct idr_context * assoc_groups_idr ;
2013-07-09 18:38:59 +04:00
struct dcesrv_connection * broken_connections ;
2003-12-11 01:21:04 +03:00
} ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* this structure is used by modules to determine the size of some critical types */
struct dcesrv_critical_sizes {
int interface_version ;
int sizeof_dcesrv_context ;
int sizeof_dcesrv_endpoint ;
int sizeof_dcesrv_endpoint_server ;
int sizeof_dcesrv_interface ;
int sizeof_dcesrv_if_list ;
int sizeof_dcesrv_connection ;
int sizeof_dcesrv_call_state ;
int sizeof_dcesrv_auth ;
int sizeof_dcesrv_handle ;
} ;
2004-02-02 16:28:29 +03:00
2006-03-14 18:03:25 +03:00
struct model_ops ;
2008-04-02 06:53:27 +04:00
NTSTATUS dcesrv_interface_register ( struct dcesrv_context * dce_ctx ,
const char * ep_name ,
const struct dcesrv_interface * iface ,
const struct security_descriptor * sd ) ;
2016-11-21 01:39:16 +03:00
NTSTATUS dcerpc_register_ep_server ( const struct dcesrv_endpoint_server * ep_server ) ;
2008-04-02 06:53:27 +04:00
NTSTATUS dcesrv_init_context ( TALLOC_CTX * mem_ctx ,
struct loadparm_context * lp_ctx ,
const char * * endpoint_servers , struct dcesrv_context * * _dce_ctx ) ;
NTSTATUS dcesrv_reply ( struct dcesrv_call_state * call ) ;
2018-11-08 13:48:46 +03:00
struct dcesrv_handle * dcesrv_handle_create ( struct dcesrv_call_state * call ,
uint8_t handle_type ) ;
2008-04-02 06:53:27 +04:00
2018-11-08 13:48:46 +03:00
struct dcesrv_handle * dcesrv_handle_lookup ( struct dcesrv_call_state * call ,
const struct policy_handle * p ,
uint8_t handle_type ) ;
2008-04-02 06:53:27 +04:00
2010-04-26 15:06:07 +04:00
const struct tsocket_address * dcesrv_connection_get_local_address ( struct dcesrv_connection * conn ) ;
const struct tsocket_address * dcesrv_connection_get_remote_address ( struct dcesrv_connection * conn ) ;
2008-04-02 06:53:27 +04:00
2018-11-08 13:48:46 +03:00
/*
* Fetch the authentication session key if available .
*
* This is the key generated by a gensec authentication .
*/
NTSTATUS dcesrv_auth_session_key ( struct dcesrv_call_state * call ,
DATA_BLOB * session_key ) ;
/*
* Fetch the transport session key if available .
* Typically this is the SMB session key
* or a fixed key for local transports .
*
* The key is always truncated to 16 bytes .
*/
NTSTATUS dcesrv_transport_session_key ( struct dcesrv_call_state * call ,
DATA_BLOB * session_key ) ;
2008-04-02 16:18:31 +04:00
/* a useful macro for generating a RPC fault in the backend code */
# define DCESRV_FAULT(code) do { \
dce_call - > fault_code = code ; \
return r - > out . result ; \
} while ( 0 )
/* a useful macro for generating a RPC fault in the backend code */
# define DCESRV_FAULT_VOID(code) do { \
dce_call - > fault_code = code ; \
return ; \
} while ( 0 )
/* a useful macro for checking the validity of a dcerpc policy handle
and giving the right fault code if invalid */
# define DCESRV_CHECK_HANDLE(h) do {if (!(h)) DCESRV_FAULT(DCERPC_FAULT_CONTEXT_MISMATCH); } while (0)
/* this checks for a valid policy handle, and gives a fault if an
invalid handle or retval if the handle is of the
wrong type */
# define DCESRV_PULL_HANDLE_RETVAL(h, inhandle, t, retval) do { \
2018-11-08 14:20:44 +03:00
( h ) = dcesrv_handle_lookup ( dce_call , ( inhandle ) , DCESRV_HANDLE_ANY ) ; \
2008-04-02 16:18:31 +04:00
DCESRV_CHECK_HANDLE ( h ) ; \
if ( ( t ) ! = DCESRV_HANDLE_ANY & & ( h ) - > wire_handle . handle_type ! = ( t ) ) { \
return retval ; \
} \
} while ( 0 )
/* this checks for a valid policy handle and gives a dcerpc fault
if its the wrong type of handle */
# define DCESRV_PULL_HANDLE_FAULT(h, inhandle, t) do { \
2018-11-08 14:20:44 +03:00
( h ) = dcesrv_handle_lookup ( dce_call , ( inhandle ) , t ) ; \
2008-04-02 16:18:31 +04:00
DCESRV_CHECK_HANDLE ( h ) ; \
} while ( 0 )
# define DCESRV_PULL_HANDLE(h, inhandle, t) DCESRV_PULL_HANDLE_RETVAL(h, inhandle, t, NT_STATUS_INVALID_HANDLE)
2015-12-03 17:24:13 +03:00
# define DCESRV_PULL_HANDLE_WERR(h, inhandle, t) DCESRV_PULL_HANDLE_RETVAL(h, inhandle, t, WERR_INVALID_HANDLE)
2008-04-02 16:18:31 +04:00
2010-10-11 02:49:13 +04:00
NTSTATUS dcesrv_add_ep ( struct dcesrv_context * dce_ctx ,
struct loadparm_context * lp_ctx ,
struct dcesrv_endpoint * e ,
struct tevent_context * event_ctx ,
2017-09-14 22:09:23 +03:00
const struct model_ops * model_ops ,
void * process_context ) ;
2008-04-02 16:18:31 +04:00
2011-02-25 05:13:01 +03:00
/**
* retrieve credentials from a dce_call
*/
_PUBLIC_ struct cli_credentials * dcesrv_call_credentials ( struct dcesrv_call_state * dce_call ) ;
/**
* returns true if this is an authenticated call
*/
_PUBLIC_ bool dcesrv_call_authenticated ( struct dcesrv_call_state * dce_call ) ;
2011-03-15 06:43:24 +03:00
/**
* retrieve account_name for a dce_call
*/
_PUBLIC_ const char * dcesrv_call_account_name ( struct dcesrv_call_state * dce_call ) ;
2018-11-03 03:18:59 +03:00
/**
* retrieve session_info from a dce_call
*/
_PUBLIC_ struct auth_session_info * dcesrv_call_session_info ( struct dcesrv_call_state * dce_call ) ;
2018-11-08 14:44:30 +03:00
/**
* retrieve auth type / level from a dce_call
*/
_PUBLIC_ void dcesrv_call_auth_info ( struct dcesrv_call_state * dce_call ,
enum dcerpc_AuthType * auth_type ,
enum dcerpc_AuthLevel * auth_level ) ;
2018-11-21 22:06:21 +03:00
_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_integrity ( struct dcesrv_connection_context * context ,
2015-07-14 10:12:18 +03:00
const struct dcesrv_interface * iface ) ;
2018-11-21 22:06:21 +03:00
_PUBLIC_ NTSTATUS dcesrv_interface_bind_require_privacy ( struct dcesrv_connection_context * context ,
2015-07-14 10:12:18 +03:00
const struct dcesrv_interface * iface ) ;
2018-11-21 22:06:21 +03:00
_PUBLIC_ NTSTATUS dcesrv_interface_bind_reject_connect ( struct dcesrv_connection_context * context ,
2016-03-10 04:46:59 +03:00
const struct dcesrv_interface * iface ) ;
2018-11-21 22:06:21 +03:00
_PUBLIC_ NTSTATUS dcesrv_interface_bind_allow_connect ( struct dcesrv_connection_context * context ,
2016-03-10 04:46:59 +03:00
const struct dcesrv_interface * iface ) ;
2005-12-28 18:38:36 +03:00
2018-12-11 00:41:31 +03:00
_PUBLIC_ NTSTATUS _dcesrv_iface_state_store_assoc (
struct dcesrv_call_state * call ,
uint64_t magic ,
void * ptr ,
const char * location ) ;
# define dcesrv_iface_state_store_assoc(call, magic, ptr) \
_dcesrv_iface_state_store_assoc ( ( call ) , ( magic ) , ( ptr ) , \
__location__ )
_PUBLIC_ void * _dcesrv_iface_state_find_assoc (
struct dcesrv_call_state * call ,
uint64_t magic ) ;
# define dcesrv_iface_state_find_assoc(call, magic, _type) \
talloc_get_type ( \
_dcesrv_iface_state_find_assoc ( ( call ) , ( magic ) ) , \
_type )
_PUBLIC_ NTSTATUS _dcesrv_iface_state_store_conn (
struct dcesrv_call_state * call ,
uint64_t magic ,
void * _pptr ,
const char * location ) ;
# define dcesrv_iface_state_store_conn(call, magic, ptr) \
_dcesrv_iface_state_store_conn ( ( call ) , ( magic ) , ( ptr ) , \
__location__ )
_PUBLIC_ void * _dcesrv_iface_state_find_conn (
struct dcesrv_call_state * call ,
uint64_t magic ) ;
# define dcesrv_iface_state_find_conn(call, magic, _type) \
talloc_get_type ( \
_dcesrv_iface_state_find_conn ( ( call ) , ( magic ) ) , \
_type )
2004-02-02 16:28:29 +03:00
# endif /* SAMBA_DCERPC_SERVER_H */