2003-12-11 01:21:04 +03:00
/*
Unix SMB / CIFS implementation .
server side dcerpc core code
2005-01-11 19:53:02 +03:00
Copyright ( C ) Andrew Tridgell 2003 - 2005
Copyright ( C ) Stefan ( metze ) Metzmacher 2004 - 2005
2003-12-11 01:21:04 +03:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-10 06:07:03 +04:00
the Free Software Foundation ; either version 3 of the License , or
2003-12-11 01:21:04 +03:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 06:07:03 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2003-12-11 01:21:04 +03:00
*/
# include "includes.h"
2005-07-28 04:27:28 +04:00
# include "librpc/gen_ndr/ndr_dcerpc.h"
2004-11-02 05:57:18 +03:00
# include "auth/auth.h"
2006-11-07 03:48:36 +03:00
# include "auth/gensec/gensec.h"
2008-10-11 23:31:42 +04:00
# include "../lib/util/dlinklist.h"
2004-11-02 10:42:47 +03:00
# include "rpc_server/dcerpc_server.h"
2008-04-02 06:53:27 +04:00
# include "rpc_server/dcerpc_server_proto.h"
# include "librpc/rpc/dcerpc_proto.h"
2005-02-03 14:56:03 +03:00
# include "lib/events/events.h"
2006-03-09 23:36:01 +03:00
# include "smbd/service_task.h"
2005-01-30 03:54:57 +03:00
# include "smbd/service_stream.h"
2006-03-07 16:22:00 +03:00
# include "smbd/service.h"
2005-09-28 18:35:51 +04:00
# include "system/filesys.h"
2006-04-02 16:02:01 +04:00
# include "libcli/security/security.h"
2007-09-08 16:42:09 +04:00
# include "param/param.h"
2003-12-11 01:21:04 +03:00
2009-09-22 08:36:54 +04:00
/* this is only used when the client asks for an unknown interface */
# define DUMMY_ASSOC_GROUP 0x0FFFFFFF
2008-07-25 08:11:18 +04:00
2007-01-16 17:44:23 +03:00
extern const struct dcesrv_interface dcesrv_mgmt_interface ;
2009-09-22 08:36:54 +04:00
/*
find an association group given a assoc_group_id
*/
static struct dcesrv_assoc_group * dcesrv_assoc_group_find ( struct dcesrv_context * dce_ctx ,
uint32_t id )
{
void * id_ptr ;
id_ptr = idr_find ( dce_ctx - > assoc_groups_idr , id ) ;
if ( id_ptr = = NULL ) {
return NULL ;
}
return talloc_get_type_abort ( id_ptr , struct dcesrv_assoc_group ) ;
}
/*
take a reference to an existing association group
*/
static struct dcesrv_assoc_group * dcesrv_assoc_group_reference ( TALLOC_CTX * mem_ctx ,
struct dcesrv_context * dce_ctx ,
uint32_t id )
{
struct dcesrv_assoc_group * assoc_group ;
assoc_group = dcesrv_assoc_group_find ( dce_ctx , id ) ;
if ( assoc_group = = NULL ) {
DEBUG ( 0 , ( __location__ " : Failed to find assoc_group 0x%08x \n " , id ) ) ;
return NULL ;
}
return talloc_reference ( mem_ctx , assoc_group ) ;
}
/*
allocate a new association group
*/
static struct dcesrv_assoc_group * dcesrv_assoc_group_new ( TALLOC_CTX * mem_ctx ,
struct dcesrv_context * dce_ctx )
{
struct dcesrv_assoc_group * assoc_group ;
int id ;
assoc_group = talloc_zero ( mem_ctx , struct dcesrv_assoc_group ) ;
if ( assoc_group = = NULL ) {
return NULL ;
}
id = idr_get_new_random ( dce_ctx - > assoc_groups_idr , assoc_group , UINT16_MAX ) ;
if ( id = = - 1 ) {
talloc_free ( assoc_group ) ;
DEBUG ( 0 , ( __location__ " : Out of association groups! \n " ) ) ;
return NULL ;
}
assoc_group - > id = id ;
return assoc_group ;
}
2003-12-11 01:21:04 +03:00
/*
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
see if two endpoints match
2003-12-11 01:21:04 +03:00
*/
2007-09-03 17:13:25 +04:00
static bool endpoints_match ( const struct dcerpc_binding * ep1 ,
2004-10-21 21:40:55 +04:00
const struct dcerpc_binding * ep2 )
2003-12-11 01:21:04 +03:00
{
2004-10-21 21:40:55 +04:00
if ( ep1 - > transport ! = ep2 - > transport ) {
2007-09-03 17:13:25 +04:00
return false ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
2004-10-25 02:46:47 +04:00
if ( ! ep1 - > endpoint | | ! ep2 - > endpoint ) {
return ep1 - > endpoint = = ep2 - > endpoint ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
2004-10-25 02:46:47 +04:00
if ( strcasecmp ( ep1 - > endpoint , ep2 - > endpoint ) ! = 0 )
2007-09-03 17:13:25 +04:00
return false ;
2004-10-21 21:40:55 +04:00
2007-09-03 17:13:25 +04:00
return true ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
/*
find an endpoint in the dcesrv_context
*/
static struct dcesrv_endpoint * find_endpoint ( struct dcesrv_context * dce_ctx ,
2004-10-21 21:40:55 +04:00
const struct dcerpc_binding * ep_description )
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
{
struct dcesrv_endpoint * ep ;
for ( ep = dce_ctx - > endpoint_list ; ep ; ep = ep - > next ) {
r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2005-03-19 11:34:43 +03:00
if ( endpoints_match ( ep - > ep_description , ep_description ) ) {
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
return ep ;
}
}
return NULL ;
}
2005-01-10 15:15:26 +03:00
/*
find a registered context_id from a bind or alter_context
*/
static struct dcesrv_connection_context * dcesrv_find_context ( struct dcesrv_connection * conn ,
uint32_t context_id )
{
struct dcesrv_connection_context * c ;
for ( c = conn - > contexts ; c ; c = c - > next ) {
if ( c - > context_id = = context_id ) return c ;
}
return NULL ;
}
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/*
see if a uuid and if_version match to an interface
*/
2007-10-07 02:25:41 +04:00
static bool interface_match ( const struct dcesrv_interface * if1 ,
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
const struct dcesrv_interface * if2 )
{
2006-03-26 04:59:17 +04:00
return ( if1 - > syntax_id . if_version = = if2 - > syntax_id . if_version & &
GUID_equal ( & if1 - > syntax_id . uuid , & if2 - > syntax_id . uuid ) ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
/*
find the interface operations on an endpoint
*/
static const struct dcesrv_interface * find_interface ( const struct dcesrv_endpoint * endpoint ,
2005-01-10 15:15:26 +03:00
const struct dcesrv_interface * iface )
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
{
struct dcesrv_if_list * ifl ;
for ( ifl = endpoint - > interface_list ; ifl ; ifl = ifl - > next ) {
if ( interface_match ( & ( ifl - > iface ) , iface ) ) {
return & ( ifl - > iface ) ;
}
}
return NULL ;
}
/*
see if a uuid and if_version match to an interface
*/
2007-10-07 02:25:41 +04:00
static bool interface_match_by_uuid ( const struct dcesrv_interface * iface ,
2005-12-27 19:22:35 +03:00
const struct GUID * uuid , uint32_t if_version )
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
{
2006-03-26 04:59:17 +04:00
return ( iface - > syntax_id . if_version = = if_version & &
GUID_equal ( & iface - > syntax_id . uuid , uuid ) ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
/*
find the interface operations on an endpoint by uuid
*/
static const struct dcesrv_interface * find_interface_by_uuid ( const struct dcesrv_endpoint * endpoint ,
2005-12-27 19:22:35 +03:00
const struct GUID * uuid , uint32_t if_version )
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
{
struct dcesrv_if_list * ifl ;
for ( ifl = endpoint - > interface_list ; ifl ; ifl = ifl - > next ) {
if ( interface_match_by_uuid ( & ( ifl - > iface ) , uuid , if_version ) ) {
return & ( ifl - > iface ) ;
2003-12-11 01:21:04 +03:00
}
}
return NULL ;
}
2003-12-12 08:01:41 +03:00
/*
2006-09-11 10:17:12 +04:00
find the earlier parts of a fragmented call awaiting reassembily
2003-12-12 08:01:41 +03:00
*/
2006-09-11 10:17:12 +04:00
static struct dcesrv_call_state * dcesrv_find_fragmented_call ( struct dcesrv_connection * dce_conn , uint16_t call_id )
2003-12-12 08:01:41 +03:00
{
struct dcesrv_call_state * c ;
2006-09-11 10:17:12 +04:00
for ( c = dce_conn - > incoming_fragmented_call_list ; c ; c = c - > next ) {
2003-12-12 08:01:41 +03:00
if ( c - > pkt . call_id = = call_id ) {
return c ;
}
}
return NULL ;
}
2003-12-11 01:21:04 +03:00
/*
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
register an interface on an endpoint
2003-12-11 01:21:04 +03:00
*/
2006-05-01 22:11:15 +04:00
_PUBLIC_ NTSTATUS dcesrv_interface_register ( struct dcesrv_context * dce_ctx ,
r1294: A nice, large, commit...
This implements gensec for Samba's server side, and brings gensec up
to the standards of a full subsystem.
This means that use of the subsystem is by gensec_* functions, not
function pointers in structures (this is internal). This causes
changes in all the existing gensec users.
Our RPC server no longer contains it's own generalised security
scheme, and now calls gensec directly.
Gensec has also taken over the role of auth/auth_ntlmssp.c
An important part of gensec, is the output of the 'session_info'
struct. This is now reference counted, so that we can correctly free
it when a pipe is closed, no matter if it was inherited, or created by
per-pipe authentication.
The schannel code is reworked, to be in the same file for client and
server.
ntlm_auth is reworked to use gensec.
The major problem with this code is the way it relies on subsystem
auto-initialisation. The primary reason for this commit now.is to
allow these problems to be looked at, and fixed.
There are problems with the new code:
- I've tested it with smbtorture, but currently don't have VMware and
valgrind working (this I'll fix soon).
- The SPNEGO code is client-only at this point.
- We still do not do kerberos.
Andrew Bartlett
(This used to be commit 07fd885fd488fd1051eacc905a2d4962f8a018ec)
2004-06-29 13:40:10 +04:00
const char * ep_name ,
const struct dcesrv_interface * iface ,
const struct security_descriptor * sd )
2003-12-11 01:21:04 +03:00
{
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
struct dcesrv_endpoint * ep ;
struct dcesrv_if_list * ifl ;
r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2005-03-19 11:34:43 +03:00
struct dcerpc_binding * binding ;
2007-10-07 02:25:41 +04:00
bool add_ep = false ;
2004-10-18 19:18:05 +04:00
NTSTATUS status ;
status = dcerpc_parse_binding ( dce_ctx , ep_name , & binding ) ;
2003-12-14 02:25:15 +03:00
2004-10-18 19:18:05 +04:00
if ( NT_STATUS_IS_ERR ( status ) ) {
DEBUG ( 0 , ( " Trouble parsing binding string '%s' \n " , ep_name ) ) ;
return status ;
}
2003-12-14 02:25:15 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* check if this endpoint exists
*/
r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2005-03-19 11:34:43 +03:00
if ( ( ep = find_endpoint ( dce_ctx , binding ) ) = = NULL ) {
2005-01-27 10:08:20 +03:00
ep = talloc ( dce_ctx , struct dcesrv_endpoint ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
if ( ! ep ) {
return NT_STATUS_NO_MEMORY ;
}
ZERO_STRUCTP ( ep ) ;
r5902: A rather large change...
I wanted to add a simple 'workstation' argument to the DCERPC
authenticated binding calls, but this patch kind of grew from there.
With SCHANNEL, the 'workstation' name (the netbios name of the client)
matters, as this is what ties the session between the NETLOGON ops and
the SCHANNEL bind. This changes a lot of files, and these will again
be changed when jelmer does the credentials work.
I also correct some schannel IDL to distinguish between workstation
names and account names. The distinction matters for domain trust
accounts.
Issues in handling this (issues with lifetime of talloc pointers)
caused me to change the 'creds_CredentialsState' and 'struct
dcerpc_binding' pointers to always be talloc()ed pointers.
In the schannel DB, we now store both the domain and computername, and
query on both. This should ensure we fault correctly when the domain
is specified incorrectly in the SCHANNEL bind.
In the RPC-SCHANNEL test, I finally fixed a bug that vl pointed out,
where the comment claimed we re-used a connection, but in fact we made
a new connection.
This was achived by breaking apart some of the
dcerpc_secondary_connection() logic.
The addition of workstation handling was also propogated to NTLMSSP
and GENSEC, for completeness.
The RPC-SAMSYNC test has been cleaned up a little, using a loop over
usernames/passwords rather than manually expanded tests. This will be
expanded further (the code in #if 0 in this patch) to use a newly
created user account for testing.
In making this test pass test_rpc.sh, I found a bug in the RPC-ECHO
server, caused by the removal of [ref] and the assoicated pointer from
the IDL. This has been re-added, until the underlying pidl issues are
solved.
(This used to be commit 824289dcc20908ddec957a4a892a103eec2da9b9)
2005-03-19 11:34:43 +03:00
ep - > ep_description = talloc_reference ( ep , binding ) ;
2007-10-07 02:25:41 +04:00
add_ep = true ;
2007-01-16 17:44:23 +03:00
/* add mgmt interface */
ifl = talloc ( dce_ctx , struct dcesrv_if_list ) ;
if ( ! ifl ) {
return NT_STATUS_NO_MEMORY ;
}
memcpy ( & ( ifl - > iface ) , & dcesrv_mgmt_interface ,
sizeof ( struct dcesrv_interface ) ) ;
DLIST_ADD ( ep - > interface_list , ifl ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
2003-12-14 02:25:15 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* see if the interface is already registered on te endpoint */
if ( find_interface ( ep , iface ) ! = NULL ) {
DEBUG ( 0 , ( " dcesrv_interface_register: interface '%s' already registered on endpoint '%s' \n " ,
2004-12-20 17:37:54 +03:00
iface - > name , ep_name ) ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
return NT_STATUS_OBJECT_NAME_COLLISION ;
}
/* talloc a new interface list element */
2005-01-27 10:08:20 +03:00
ifl = talloc ( dce_ctx , struct dcesrv_if_list ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
if ( ! ifl ) {
return NT_STATUS_NO_MEMORY ;
}
/* copy the given interface struct to the one on the endpoints interface list */
memcpy ( & ( ifl - > iface ) , iface , sizeof ( struct dcesrv_interface ) ) ;
/* if we have a security descriptor given,
* we should see if we can set it up on the endpoint
*/
if ( sd ! = NULL ) {
/* if there's currently no security descriptor given on the endpoint
* we try to set it
*/
if ( ep - > sd = = NULL ) {
2004-11-17 17:35:29 +03:00
ep - > sd = security_descriptor_copy ( dce_ctx , sd ) ;
2003-12-14 02:25:15 +03:00
}
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* if now there's no security descriptor given on the endpoint
* something goes wrong , either we failed to copy the security descriptor
* or there was already one on the endpoint
*/
if ( ep - > sd ! = NULL ) {
DEBUG ( 0 , ( " dcesrv_interface_register: interface '%s' failed to setup a security descriptor \n "
" on endpoint '%s' \n " ,
2004-12-20 17:37:54 +03:00
iface - > name , ep_name ) ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
if ( add_ep ) free ( ep ) ;
free ( ifl ) ;
return NT_STATUS_OBJECT_NAME_COLLISION ;
2003-12-14 02:25:15 +03:00
}
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
2003-12-14 02:25:15 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* finally add the interface on the endpoint */
DLIST_ADD ( ep - > interface_list , ifl ) ;
/* if it's a new endpoint add it to the dcesrv_context */
if ( add_ep ) {
DLIST_ADD ( dce_ctx - > endpoint_list , ep ) ;
2003-12-11 01:21:04 +03:00
}
2003-12-14 02:25:15 +03:00
2004-02-02 16:28:29 +03:00
DEBUG ( 4 , ( " dcesrv_interface_register: interface '%s' registered on endpoint '%s' \n " ,
2004-12-20 17:37:54 +03:00
iface - > name , ep_name ) ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
return NT_STATUS_OK ;
2003-12-11 01:21:04 +03:00
}
2008-11-23 13:24:29 +03:00
NTSTATUS dcesrv_inherited_session_key ( struct dcesrv_connection * p ,
DATA_BLOB * session_key )
2004-09-12 07:18:24 +04:00
{
if ( p - > auth_state . session_info - > session_key . length ) {
* session_key = p - > auth_state . session_info - > session_key ;
return NT_STATUS_OK ;
}
return NT_STATUS_NO_USER_SESSION_KEY ;
}
NTSTATUS dcesrv_generic_session_key ( struct dcesrv_connection * p ,
2004-09-27 08:11:37 +04:00
DATA_BLOB * session_key )
2004-09-12 07:18:24 +04:00
{
/* this took quite a few CPU cycles to find ... */
2004-11-29 15:01:46 +03:00
session_key - > data = discard_const_p ( uint8_t , " SystemLibraryDTC " ) ;
2004-09-12 07:18:24 +04:00
session_key - > length = 16 ;
return NT_STATUS_OK ;
}
/*
fetch the user session key - may be default ( above ) or the SMB session key
2008-07-23 10:19:54 +04:00
The key is always truncated to 16 bytes
2004-09-12 07:18:24 +04:00
*/
2006-05-01 22:11:15 +04:00
_PUBLIC_ NTSTATUS dcesrv_fetch_session_key ( struct dcesrv_connection * p ,
2004-09-12 07:18:24 +04:00
DATA_BLOB * session_key )
{
2008-07-23 10:19:54 +04:00
NTSTATUS status = p - > auth_state . session_key ( p , session_key ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
session_key - > length = MIN ( session_key - > length , 16 ) ;
return NT_STATUS_OK ;
2004-09-12 07:18:24 +04:00
}
2003-12-11 01:21:04 +03:00
/*
connect to a dcerpc endpoint
*/
2008-04-02 06:53:27 +04:00
_PUBLIC_ NTSTATUS dcesrv_endpoint_connect ( struct dcesrv_context * dce_ctx ,
2005-01-11 19:53:02 +03:00
TALLOC_CTX * mem_ctx ,
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
const struct dcesrv_endpoint * ep ,
2006-03-22 19:23:19 +03:00
struct auth_session_info * session_info ,
2008-12-29 22:24:57 +03:00
struct tevent_context * event_ctx ,
2006-05-21 15:39:50 +04:00
struct messaging_context * msg_ctx ,
2007-01-10 13:52:09 +03:00
struct server_id server_id ,
2006-03-07 14:02:47 +03:00
uint32_t state_flags ,
2005-01-11 19:53:02 +03:00
struct dcesrv_connection * * _p )
2003-12-11 01:21:04 +03:00
{
2005-01-11 19:53:02 +03:00
struct dcesrv_connection * p ;
2006-03-22 19:23:19 +03:00
if ( ! session_info ) {
return NT_STATUS_ACCESS_DENIED ;
}
2005-01-11 19:53:02 +03:00
p = talloc ( mem_ctx , struct dcesrv_connection ) ;
NT_STATUS_HAVE_NO_MEMORY ( p ) ;
2006-03-22 19:23:19 +03:00
if ( ! talloc_reference ( p , session_info ) ) {
talloc_free ( p ) ;
return NT_STATUS_NO_MEMORY ;
}
2005-01-11 19:53:02 +03:00
p - > dce_ctx = dce_ctx ;
p - > endpoint = ep ;
p - > contexts = NULL ;
p - > call_list = NULL ;
2008-11-02 07:49:36 +03:00
p - > packet_log_dir = lp_lockdir ( dce_ctx - > lp_ctx ) ;
2006-09-11 10:49:24 +04:00
p - > incoming_fragmented_call_list = NULL ;
2005-01-11 19:53:02 +03:00
p - > pending_call_list = NULL ;
p - > cli_max_recv_frag = 0 ;
p - > partial_input = data_blob ( NULL , 0 ) ;
p - > auth_state . auth_info = NULL ;
p - > auth_state . gensec_security = NULL ;
2006-03-22 19:23:19 +03:00
p - > auth_state . session_info = session_info ;
2005-01-11 19:53:02 +03:00
p - > auth_state . session_key = dcesrv_generic_session_key ;
2006-03-16 21:46:49 +03:00
p - > event_ctx = event_ctx ;
2006-05-21 15:39:50 +04:00
p - > msg_ctx = msg_ctx ;
p - > server_id = server_id ;
2007-10-07 02:25:41 +04:00
p - > processing = false ;
2006-03-07 14:02:47 +03:00
p - > state_flags = state_flags ;
2006-03-16 21:46:49 +03:00
ZERO_STRUCT ( p - > transport ) ;
2005-01-11 19:53:02 +03:00
* _p = p ;
2003-12-11 01:21:04 +03:00
return NT_STATUS_OK ;
}
2007-12-04 22:05:00 +03:00
static void dcesrv_init_hdr ( struct ncacn_packet * pkt , bool bigendian )
2003-12-17 05:06:44 +03:00
{
pkt - > rpc_vers = 5 ;
pkt - > rpc_vers_minor = 0 ;
2007-12-04 22:05:00 +03:00
if ( bigendian ) {
2003-12-17 05:06:44 +03:00
pkt - > drep [ 0 ] = 0 ;
} else {
pkt - > drep [ 0 ] = DCERPC_DREP_LE ;
}
pkt - > drep [ 1 ] = 0 ;
pkt - > drep [ 2 ] = 0 ;
pkt - > drep [ 3 ] = 0 ;
}
2007-03-14 01:58:23 +03:00
/*
move a call from an existing linked list to the specified list . This
prevents bugs where we forget to remove the call from a previous
list when moving it .
*/
static void dcesrv_call_set_list ( struct dcesrv_call_state * call ,
enum dcesrv_call_list list )
{
switch ( call - > list ) {
case DCESRV_LIST_NONE :
break ;
case DCESRV_LIST_CALL_LIST :
DLIST_REMOVE ( call - > conn - > call_list , call ) ;
break ;
case DCESRV_LIST_FRAGMENTED_CALL_LIST :
DLIST_REMOVE ( call - > conn - > incoming_fragmented_call_list , call ) ;
break ;
case DCESRV_LIST_PENDING_CALL_LIST :
DLIST_REMOVE ( call - > conn - > pending_call_list , call ) ;
break ;
}
call - > list = list ;
switch ( list ) {
case DCESRV_LIST_NONE :
break ;
case DCESRV_LIST_CALL_LIST :
DLIST_ADD_END ( call - > conn - > call_list , call , struct dcesrv_call_state * ) ;
break ;
case DCESRV_LIST_FRAGMENTED_CALL_LIST :
DLIST_ADD_END ( call - > conn - > incoming_fragmented_call_list , call , struct dcesrv_call_state * ) ;
break ;
case DCESRV_LIST_PENDING_CALL_LIST :
DLIST_ADD_END ( call - > conn - > pending_call_list , call , struct dcesrv_call_state * ) ;
break ;
}
}
2003-12-12 06:59:09 +03:00
/*
return a dcerpc fault
*/
2004-05-25 20:24:13 +04:00
static NTSTATUS dcesrv_fault ( struct dcesrv_call_state * call , uint32_t fault_code )
2003-12-12 06:59:09 +03:00
{
2005-06-06 03:05:37 +04:00
struct ncacn_packet pkt ;
2005-09-08 15:26:05 +04:00
struct data_blob_list_item * rep ;
2008-05-15 15:54:07 +04:00
uint8_t zeros [ 4 ] ;
2003-12-12 06:59:09 +03:00
NTSTATUS status ;
/* setup a bind_ack */
2007-12-04 22:05:00 +03:00
dcesrv_init_hdr ( & pkt , lp_rpc_big_endian ( call - > conn - > dce_ctx - > lp_ctx ) ) ;
2003-12-12 06:59:09 +03:00
pkt . auth_length = 0 ;
pkt . call_id = call - > pkt . call_id ;
pkt . ptype = DCERPC_PKT_FAULT ;
pkt . pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST ;
pkt . u . fault . alloc_hint = 0 ;
pkt . u . fault . context_id = 0 ;
pkt . u . fault . cancel_count = 0 ;
pkt . u . fault . status = fault_code ;
2008-05-15 15:54:07 +04:00
ZERO_STRUCT ( zeros ) ;
pkt . u . fault . _pad = data_blob_const ( zeros , sizeof ( zeros ) ) ;
2005-09-08 15:26:05 +04:00
rep = talloc ( call , struct data_blob_list_item ) ;
2005-07-01 10:05:49 +04:00
if ( ! rep ) {
return NT_STATUS_NO_MEMORY ;
}
2005-06-30 23:24:29 +04:00
2008-02-21 19:54:24 +03:00
status = ncacn_push_auth ( & rep - > blob , call , lp_iconv_convenience ( call - > conn - > dce_ctx - > lp_ctx ) , & pkt , NULL ) ;
2005-07-01 10:05:49 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2003-12-12 09:12:41 +03:00
2005-09-08 15:26:05 +04:00
dcerpc_set_frag_length ( & rep - > blob , rep - > blob . length ) ;
2003-12-12 09:12:41 +03:00
2005-09-08 15:26:05 +04:00
DLIST_ADD_END ( call - > replies , rep , struct data_blob_list_item * ) ;
2007-03-14 01:58:23 +03:00
dcesrv_call_set_list ( call , DCESRV_LIST_CALL_LIST ) ;
2003-12-12 09:12:41 +03:00
2009-04-07 23:02:55 +04:00
if ( call - > conn - > call_list & & call - > conn - > call_list - > replies ) {
if ( call - > conn - > transport . report_output_data ) {
call - > conn - > transport . report_output_data ( call - > conn ) ;
}
}
2003-12-12 09:12:41 +03:00
return NT_STATUS_OK ;
}
/*
return a dcerpc bind_nak
*/
2004-05-25 20:24:13 +04:00
static NTSTATUS dcesrv_bind_nak ( struct dcesrv_call_state * call , uint32_t reason )
2003-12-12 09:12:41 +03:00
{
2005-06-06 03:05:37 +04:00
struct ncacn_packet pkt ;
2005-09-08 15:26:05 +04:00
struct data_blob_list_item * rep ;
2003-12-12 09:12:41 +03:00
NTSTATUS status ;
2004-05-02 14:07:25 +04:00
/* setup a bind_nak */
2007-12-06 18:36:54 +03:00
dcesrv_init_hdr ( & pkt , lp_rpc_big_endian ( call - > conn - > dce_ctx - > lp_ctx ) ) ;
2003-12-12 09:12:41 +03:00
pkt . auth_length = 0 ;
pkt . call_id = call - > pkt . call_id ;
pkt . ptype = DCERPC_PKT_BIND_NAK ;
pkt . pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST ;
pkt . u . bind_nak . reject_reason = reason ;
2006-03-25 14:40:16 +03:00
if ( pkt . u . bind_nak . reject_reason = = DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED ) {
pkt . u . bind_nak . versions . v . num_versions = 0 ;
}
2003-12-12 09:12:41 +03:00
2005-09-08 15:26:05 +04:00
rep = talloc ( call , struct data_blob_list_item ) ;
2005-07-01 10:05:49 +04:00
if ( ! rep ) {
return NT_STATUS_NO_MEMORY ;
}
2005-06-30 23:24:29 +04:00
2008-02-21 19:54:24 +03:00
status = ncacn_push_auth ( & rep - > blob , call , lp_iconv_convenience ( call - > conn - > dce_ctx - > lp_ctx ) , & pkt , NULL ) ;
2005-07-01 10:05:49 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2003-12-12 06:59:09 +03:00
2005-09-08 15:26:05 +04:00
dcerpc_set_frag_length ( & rep - > blob , rep - > blob . length ) ;
2003-12-12 08:30:00 +03:00
2005-09-08 15:26:05 +04:00
DLIST_ADD_END ( call - > replies , rep , struct data_blob_list_item * ) ;
2007-03-14 01:58:23 +03:00
dcesrv_call_set_list ( call , DCESRV_LIST_CALL_LIST ) ;
2003-12-12 06:59:09 +03:00
2009-04-07 23:02:55 +04:00
if ( call - > conn - > call_list & & call - > conn - > call_list - > replies ) {
if ( call - > conn - > transport . report_output_data ) {
call - > conn - > transport . report_output_data ( call - > conn ) ;
}
}
2003-12-12 06:59:09 +03:00
return NT_STATUS_OK ;
}
2008-12-09 18:16:31 +03:00
static int dcesrv_connection_context_destructor ( struct dcesrv_connection_context * c )
{
DLIST_REMOVE ( c - > conn - > contexts , c ) ;
if ( c - > iface ) {
c - > iface - > unbind ( c , c - > iface ) ;
}
return 0 ;
}
2003-12-12 06:59:09 +03:00
/*
handle a bind request
*/
static NTSTATUS dcesrv_bind ( struct dcesrv_call_state * call )
{
2004-05-25 20:24:13 +04:00
uint32_t if_version , transfer_syntax_version ;
2005-12-27 19:47:09 +03:00
struct GUID uuid , * transfer_syntax_uuid ;
2005-06-06 03:05:37 +04:00
struct ncacn_packet pkt ;
2005-09-08 15:26:05 +04:00
struct data_blob_list_item * rep ;
2003-12-12 06:59:09 +03:00
NTSTATUS status ;
2004-05-25 20:24:13 +04:00
uint32_t result = 0 , reason = 0 ;
2005-01-10 15:15:26 +03:00
uint32_t context_id ;
const struct dcesrv_interface * iface ;
2008-08-07 00:28:04 +04:00
uint32_t extra_flags = 0 ;
2003-12-12 06:59:09 +03:00
2008-07-23 16:41:16 +04:00
/*
2009-09-22 08:36:54 +04:00
if provided , check the assoc_group is valid
2008-07-23 16:41:16 +04:00
*/
if ( call - > pkt . u . bind . assoc_group_id ! = 0 & &
2008-12-05 17:06:57 +03:00
lp_parm_bool ( call - > conn - > dce_ctx - > lp_ctx , NULL , " dcesrv " , " assoc group checking " , true ) & &
2009-09-22 08:36:54 +04:00
dcesrv_assoc_group_find ( call - > conn - > dce_ctx , call - > pkt . u . bind . assoc_group_id ) = = NULL ) {
2007-08-22 08:43:17 +04:00
return dcesrv_bind_nak ( call , 0 ) ;
}
2005-06-30 05:59:51 +04:00
if ( call - > pkt . u . bind . num_contexts < 1 | |
2003-12-12 06:59:09 +03:00
call - > pkt . u . bind . ctx_list [ 0 ] . num_transfer_syntaxes < 1 ) {
2003-12-12 09:12:41 +03:00
return dcesrv_bind_nak ( call , 0 ) ;
2003-12-12 06:59:09 +03:00
}
2005-01-10 15:15:26 +03:00
context_id = call - > pkt . u . bind . ctx_list [ 0 ] . context_id ;
/* you can't bind twice on one context */
if ( dcesrv_find_context ( call - > conn , context_id ) ! = NULL ) {
return dcesrv_bind_nak ( call , 0 ) ;
}
2003-12-16 12:02:58 +03:00
if_version = call - > pkt . u . bind . ctx_list [ 0 ] . abstract_syntax . if_version ;
2005-12-27 19:22:35 +03:00
uuid = call - > pkt . u . bind . ctx_list [ 0 ] . abstract_syntax . uuid ;
2003-12-12 06:59:09 +03:00
2003-12-16 12:02:58 +03:00
transfer_syntax_version = call - > pkt . u . bind . ctx_list [ 0 ] . transfer_syntaxes [ 0 ] . if_version ;
2005-12-27 19:47:09 +03:00
transfer_syntax_uuid = & call - > pkt . u . bind . ctx_list [ 0 ] . transfer_syntaxes [ 0 ] . uuid ;
if ( ! GUID_equal ( & ndr_transfer_syntax . uuid , transfer_syntax_uuid ) ! = 0 | |
ndr_transfer_syntax . if_version ! = transfer_syntax_version ) {
char * uuid_str = GUID_string ( call , transfer_syntax_uuid ) ;
2003-12-12 06:59:09 +03:00
/* we only do NDR encoded dcerpc */
2005-12-27 19:47:09 +03:00
DEBUG ( 0 , ( " Non NDR transfer syntax requested - %s \n " , uuid_str ) ) ;
talloc_free ( uuid_str ) ;
2003-12-12 09:12:41 +03:00
return dcesrv_bind_nak ( call , 0 ) ;
2003-12-12 06:59:09 +03:00
}
2005-12-27 19:22:35 +03:00
iface = find_interface_by_uuid ( call - > conn - > endpoint , & uuid , if_version ) ;
2005-01-10 15:15:26 +03:00
if ( iface = = NULL ) {
2005-12-27 19:22:35 +03:00
char * uuid_str = GUID_string ( call , & uuid ) ;
DEBUG ( 2 , ( " Request for unknown dcerpc interface %s/%d \n " , uuid_str , if_version ) ) ;
talloc_free ( uuid_str ) ;
2003-12-12 06:59:09 +03:00
/* we don't know about that interface */
2003-12-12 09:12:41 +03:00
result = DCERPC_BIND_PROVIDER_REJECT ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
reason = DCERPC_BIND_REASON_ASYNTAX ;
2003-12-12 06:59:09 +03:00
}
2005-01-10 15:15:26 +03:00
if ( iface ) {
/* add this context to the list of available context_ids */
struct dcesrv_connection_context * context = talloc ( call - > conn ,
struct dcesrv_connection_context ) ;
if ( context = = NULL ) {
return dcesrv_bind_nak ( call , 0 ) ;
}
context - > conn = call - > conn ;
context - > iface = iface ;
context - > context_id = context_id ;
2009-09-22 08:36:54 +04:00
if ( call - > pkt . u . bind . assoc_group_id ! = 0 ) {
context - > assoc_group = dcesrv_assoc_group_reference ( context ,
call - > conn - > dce_ctx ,
call - > pkt . u . bind . assoc_group_id ) ;
} else {
context - > assoc_group = dcesrv_assoc_group_new ( context , call - > conn - > dce_ctx ) ;
}
if ( context - > assoc_group = = NULL ) {
talloc_free ( context ) ;
return dcesrv_bind_nak ( call , 0 ) ;
}
2009-02-02 12:01:36 +03:00
context - > private_data = NULL ;
2005-01-10 15:15:26 +03:00
DLIST_ADD ( call - > conn - > contexts , context ) ;
call - > context = context ;
2008-12-09 18:16:31 +03:00
talloc_set_destructor ( context , dcesrv_connection_context_destructor ) ;
status = iface - > bind ( call , iface ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
char * uuid_str = GUID_string ( call , & uuid ) ;
DEBUG ( 2 , ( " Request for dcerpc interface %s/%d rejected: %s \n " ,
uuid_str , if_version , nt_errstr ( status ) ) ) ;
talloc_free ( uuid_str ) ;
/* we don't want to trigger the iface->unbind() hook */
context - > iface = NULL ;
talloc_free ( call - > context ) ;
call - > context = NULL ;
return dcesrv_bind_nak ( call , 0 ) ;
}
2005-01-10 15:15:26 +03:00
}
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
if ( call - > conn - > cli_max_recv_frag = = 0 ) {
2009-09-16 09:00:45 +04:00
call - > conn - > cli_max_recv_frag = MIN ( 0x2000 , call - > pkt . u . bind . max_recv_frag ) ;
2003-12-12 08:30:00 +03:00
}
2008-08-07 00:28:04 +04:00
if ( ( call - > pkt . pfc_flags & DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN ) & &
lp_parm_bool ( call - > conn - > dce_ctx - > lp_ctx , NULL , " dcesrv " , " header signing " , false ) ) {
call - > conn - > state_flags | = DCESRV_CALL_STATE_FLAG_HEADER_SIGNING ;
extra_flags | = DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN ;
}
2003-12-14 04:09:10 +03:00
/* handle any authentication that is being requested */
if ( ! dcesrv_auth_bind ( call ) ) {
2008-12-09 18:16:31 +03:00
talloc_free ( call - > context ) ;
call - > context = NULL ;
2006-03-25 14:40:16 +03:00
return dcesrv_bind_nak ( call , DCERPC_BIND_REASON_INVALID_AUTH_TYPE ) ;
2003-12-14 04:09:10 +03:00
}
2003-12-12 06:59:09 +03:00
/* setup a bind_ack */
2007-12-06 18:36:54 +03:00
dcesrv_init_hdr ( & pkt , lp_rpc_big_endian ( call - > conn - > dce_ctx - > lp_ctx ) ) ;
2003-12-12 06:59:09 +03:00
pkt . auth_length = 0 ;
pkt . call_id = call - > pkt . call_id ;
pkt . ptype = DCERPC_PKT_BIND_ACK ;
2008-08-07 00:28:04 +04:00
pkt . pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST | extra_flags ;
2009-09-16 09:00:45 +04:00
pkt . u . bind_ack . max_xmit_frag = call - > conn - > cli_max_recv_frag ;
2003-12-12 06:59:09 +03:00
pkt . u . bind_ack . max_recv_frag = 0x2000 ;
2008-12-16 03:25:29 +03:00
/*
make it possible for iface - > bind ( ) to specify the assoc_group_id
This helps the openchange mapiproxy plugin to work correctly .
metze
*/
if ( call - > context ) {
2009-09-22 08:36:54 +04:00
pkt . u . bind_ack . assoc_group_id = call - > context - > assoc_group - > id ;
2008-12-16 03:25:29 +03:00
} else {
2009-09-22 08:36:54 +04:00
pkt . u . bind_ack . assoc_group_id = DUMMY_ASSOC_GROUP ;
2008-12-16 03:25:29 +03:00
}
2005-01-10 15:15:26 +03:00
if ( iface ) {
2004-10-18 19:18:05 +04:00
/* FIXME: Use pipe name as specified by endpoint instead of interface name */
2005-01-10 15:15:26 +03:00
pkt . u . bind_ack . secondary_address = talloc_asprintf ( call , " \\ PIPE \\ %s " , iface - > name ) ;
2003-12-12 09:12:41 +03:00
} else {
pkt . u . bind_ack . secondary_address = " " ;
}
2003-12-12 06:59:09 +03:00
pkt . u . bind_ack . num_results = 1 ;
2005-01-27 10:08:20 +03:00
pkt . u . bind_ack . ctx_list = talloc ( call , struct dcerpc_ack_ctx ) ;
2003-12-12 06:59:09 +03:00
if ( ! pkt . u . bind_ack . ctx_list ) {
2008-12-09 18:16:31 +03:00
talloc_free ( call - > context ) ;
call - > context = NULL ;
2003-12-12 06:59:09 +03:00
return NT_STATUS_NO_MEMORY ;
}
2003-12-12 09:12:41 +03:00
pkt . u . bind_ack . ctx_list [ 0 ] . result = result ;
pkt . u . bind_ack . ctx_list [ 0 ] . reason = reason ;
2005-12-27 19:47:09 +03:00
pkt . u . bind_ack . ctx_list [ 0 ] . syntax = ndr_transfer_syntax ;
2003-12-12 06:59:09 +03:00
pkt . u . bind_ack . auth_info = data_blob ( NULL , 0 ) ;
2007-08-17 09:28:39 +04:00
status = dcesrv_auth_bind_ack ( call , & pkt ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2008-12-09 18:16:31 +03:00
talloc_free ( call - > context ) ;
call - > context = NULL ;
2003-12-14 04:09:10 +03:00
return dcesrv_bind_nak ( call , 0 ) ;
2003-12-12 06:59:09 +03:00
}
2005-09-08 15:26:05 +04:00
rep = talloc ( call , struct data_blob_list_item ) ;
2005-07-01 10:05:49 +04:00
if ( ! rep ) {
2008-12-09 18:16:31 +03:00
talloc_free ( call - > context ) ;
call - > context = NULL ;
2005-07-01 10:05:49 +04:00
return NT_STATUS_NO_MEMORY ;
}
2005-06-30 23:24:29 +04:00
2008-02-21 19:54:24 +03:00
status = ncacn_push_auth ( & rep - > blob , call , lp_iconv_convenience ( call - > conn - > dce_ctx - > lp_ctx ) , & pkt , call - > conn - > auth_state . auth_info ) ;
2005-07-01 10:05:49 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2008-12-09 18:16:31 +03:00
talloc_free ( call - > context ) ;
call - > context = NULL ;
2005-07-01 10:05:49 +04:00
return status ;
}
2003-12-14 04:09:10 +03:00
2005-09-08 15:26:05 +04:00
dcerpc_set_frag_length ( & rep - > blob , rep - > blob . length ) ;
2003-12-12 08:30:00 +03:00
2005-09-08 15:26:05 +04:00
DLIST_ADD_END ( call - > replies , rep , struct data_blob_list_item * ) ;
2007-03-14 01:58:23 +03:00
dcesrv_call_set_list ( call , DCESRV_LIST_CALL_LIST ) ;
2003-12-14 13:45:50 +03:00
2009-04-07 23:02:55 +04:00
if ( call - > conn - > call_list & & call - > conn - > call_list - > replies ) {
if ( call - > conn - > transport . report_output_data ) {
call - > conn - > transport . report_output_data ( call - > conn ) ;
}
}
2003-12-14 13:45:50 +03:00
return NT_STATUS_OK ;
}
/*
handle a auth3 request
*/
static NTSTATUS dcesrv_auth3 ( struct dcesrv_call_state * call )
{
/* handle the auth3 in the auth code */
if ( ! dcesrv_auth_auth3 ( call ) ) {
return dcesrv_fault ( call , DCERPC_FAULT_OTHER ) ;
}
2004-09-25 15:24:10 +04:00
talloc_free ( call ) ;
2003-12-12 06:59:09 +03:00
2003-12-14 13:45:50 +03:00
/* we don't send a reply to a auth3 request, except by a
fault */
2003-12-12 06:59:09 +03:00
return NT_STATUS_OK ;
}
2005-01-10 15:39:42 +03:00
/*
handle a bind request
*/
2005-02-10 08:09:35 +03:00
static NTSTATUS dcesrv_alter_new_context ( struct dcesrv_call_state * call , uint32_t context_id )
2005-01-10 15:39:42 +03:00
{
uint32_t if_version , transfer_syntax_version ;
struct dcesrv_connection_context * context ;
const struct dcesrv_interface * iface ;
2005-12-27 19:47:09 +03:00
struct GUID uuid , * transfer_syntax_uuid ;
2008-05-15 15:55:23 +04:00
NTSTATUS status ;
2005-01-10 15:39:42 +03:00
if_version = call - > pkt . u . alter . ctx_list [ 0 ] . abstract_syntax . if_version ;
2005-12-27 19:22:35 +03:00
uuid = call - > pkt . u . alter . ctx_list [ 0 ] . abstract_syntax . uuid ;
2005-01-10 15:39:42 +03:00
transfer_syntax_version = call - > pkt . u . alter . ctx_list [ 0 ] . transfer_syntaxes [ 0 ] . if_version ;
2005-12-27 19:47:09 +03:00
transfer_syntax_uuid = & call - > pkt . u . alter . ctx_list [ 0 ] . transfer_syntaxes [ 0 ] . uuid ;
if ( ! GUID_equal ( transfer_syntax_uuid , & ndr_transfer_syntax . uuid ) | |
ndr_transfer_syntax . if_version ! = transfer_syntax_version ) {
2005-01-10 15:39:42 +03:00
/* we only do NDR encoded dcerpc */
2005-12-27 19:47:09 +03:00
return NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED ;
2005-01-10 15:39:42 +03:00
}
2005-12-27 19:22:35 +03:00
iface = find_interface_by_uuid ( call - > conn - > endpoint , & uuid , if_version ) ;
2005-01-10 15:39:42 +03:00
if ( iface = = NULL ) {
2005-12-27 19:22:35 +03:00
char * uuid_str = GUID_string ( call , & uuid ) ;
DEBUG ( 2 , ( " Request for unknown dcerpc interface %s/%d \n " , uuid_str , if_version ) ) ;
talloc_free ( uuid_str ) ;
2005-01-10 15:39:42 +03:00
return NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED ;
}
/* add this context to the list of available context_ids */
context = talloc ( call - > conn , struct dcesrv_connection_context ) ;
if ( context = = NULL ) {
return NT_STATUS_NO_MEMORY ;
}
context - > conn = call - > conn ;
context - > iface = iface ;
context - > context_id = context_id ;
2009-09-22 08:36:54 +04:00
if ( call - > pkt . u . alter . assoc_group_id ! = 0 ) {
context - > assoc_group = dcesrv_assoc_group_reference ( context ,
call - > conn - > dce_ctx ,
call - > pkt . u . alter . assoc_group_id ) ;
} else {
context - > assoc_group = dcesrv_assoc_group_new ( context , call - > conn - > dce_ctx ) ;
}
if ( context - > assoc_group = = NULL ) {
talloc_free ( context ) ;
call - > context = NULL ;
return NT_STATUS_NO_MEMORY ;
}
2009-02-02 12:01:36 +03:00
context - > private_data = NULL ;
2005-01-10 15:39:42 +03:00
DLIST_ADD ( call - > conn - > contexts , context ) ;
call - > context = context ;
2008-12-09 18:16:31 +03:00
talloc_set_destructor ( context , dcesrv_connection_context_destructor ) ;
2005-01-10 15:39:42 +03:00
2008-12-09 18:16:31 +03:00
status = iface - > bind ( call , iface ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
/* we don't want to trigger the iface->unbind() hook */
context - > iface = NULL ;
talloc_free ( context ) ;
call - > context = NULL ;
return status ;
2008-05-15 15:55:23 +04:00
}
2005-01-10 15:39:42 +03:00
return NT_STATUS_OK ;
}
2004-12-06 20:48:51 +03:00
/*
2005-12-29 01:47:22 +03:00
handle a alter context request
2004-12-06 20:48:51 +03:00
*/
static NTSTATUS dcesrv_alter ( struct dcesrv_call_state * call )
{
2005-06-06 03:05:37 +04:00
struct ncacn_packet pkt ;
2005-09-08 15:26:05 +04:00
struct data_blob_list_item * rep ;
2004-12-06 20:48:51 +03:00
NTSTATUS status ;
uint32_t result = 0 , reason = 0 ;
2005-01-10 15:39:42 +03:00
uint32_t context_id ;
2004-12-06 20:48:51 +03:00
/* handle any authentication that is being requested */
if ( ! dcesrv_auth_alter ( call ) ) {
/* TODO: work out the right reject code */
2005-01-10 15:39:42 +03:00
result = DCERPC_BIND_PROVIDER_REJECT ;
reason = DCERPC_BIND_REASON_ASYNTAX ;
}
context_id = call - > pkt . u . alter . ctx_list [ 0 ] . context_id ;
/* see if they are asking for a new interface */
2008-12-08 17:51:01 +03:00
if ( result = = 0 ) {
call - > context = dcesrv_find_context ( call - > conn , context_id ) ;
if ( ! call - > context ) {
status = dcesrv_alter_new_context ( call , context_id ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
result = DCERPC_BIND_PROVIDER_REJECT ;
reason = DCERPC_BIND_REASON_ASYNTAX ;
}
2005-01-10 15:39:42 +03:00
}
2004-12-06 20:48:51 +03:00
}
2008-12-05 17:06:57 +03:00
if ( result = = 0 & &
call - > pkt . u . alter . assoc_group_id ! = 0 & &
lp_parm_bool ( call - > conn - > dce_ctx - > lp_ctx , NULL , " dcesrv " , " assoc group checking " , true ) & &
2009-09-22 08:36:54 +04:00
call - > pkt . u . alter . assoc_group_id ! = call - > context - > assoc_group - > id ) {
DEBUG ( 0 , ( __location__ " : Failed attempt to use new assoc_group in alter context (0x%08x 0x%08x) \n " ,
call - > context - > assoc_group - > id , call - > pkt . u . alter . assoc_group_id ) ) ;
/* TODO: can they ask for a new association group? */
2008-12-05 17:06:57 +03:00
result = DCERPC_BIND_PROVIDER_REJECT ;
reason = DCERPC_BIND_REASON_ASYNTAX ;
}
2005-01-10 15:39:42 +03:00
/* setup a alter_resp */
2007-12-06 18:36:54 +03:00
dcesrv_init_hdr ( & pkt , lp_rpc_big_endian ( call - > conn - > dce_ctx - > lp_ctx ) ) ;
2004-12-06 20:48:51 +03:00
pkt . auth_length = 0 ;
pkt . call_id = call - > pkt . call_id ;
2005-01-09 14:32:12 +03:00
pkt . ptype = DCERPC_PKT_ALTER_RESP ;
2004-12-06 20:48:51 +03:00
pkt . pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST ;
2005-01-09 14:32:12 +03:00
pkt . u . alter_resp . max_xmit_frag = 0x2000 ;
pkt . u . alter_resp . max_recv_frag = 0x2000 ;
2008-12-08 17:51:01 +03:00
if ( result = = 0 ) {
2009-09-22 08:36:54 +04:00
pkt . u . alter_resp . assoc_group_id = call - > context - > assoc_group - > id ;
2008-12-08 17:51:01 +03:00
} else {
pkt . u . alter_resp . assoc_group_id = 0 ;
}
2005-01-09 14:32:12 +03:00
pkt . u . alter_resp . num_results = 1 ;
2005-01-12 14:46:43 +03:00
pkt . u . alter_resp . ctx_list = talloc_array ( call , struct dcerpc_ack_ctx , 1 ) ;
2005-01-09 14:32:12 +03:00
if ( ! pkt . u . alter_resp . ctx_list ) {
2004-12-06 20:48:51 +03:00
return NT_STATUS_NO_MEMORY ;
}
2005-01-09 14:32:12 +03:00
pkt . u . alter_resp . ctx_list [ 0 ] . result = result ;
pkt . u . alter_resp . ctx_list [ 0 ] . reason = reason ;
2005-12-27 19:47:09 +03:00
pkt . u . alter_resp . ctx_list [ 0 ] . syntax = ndr_transfer_syntax ;
2005-01-09 14:32:12 +03:00
pkt . u . alter_resp . auth_info = data_blob ( NULL , 0 ) ;
2005-01-10 15:39:42 +03:00
pkt . u . alter_resp . secondary_address = " " ;
2004-12-06 20:48:51 +03:00
2007-08-17 09:28:39 +04:00
status = dcesrv_auth_alter_ack ( call , & pkt ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
if ( NT_STATUS_EQUAL ( status , NT_STATUS_ACCESS_DENIED )
| | NT_STATUS_EQUAL ( status , NT_STATUS_LOGON_FAILURE )
| | NT_STATUS_EQUAL ( status , NT_STATUS_NO_SUCH_USER )
| | NT_STATUS_EQUAL ( status , NT_STATUS_WRONG_PASSWORD ) ) {
return dcesrv_fault ( call , DCERPC_FAULT_ACCESS_DENIED ) ;
}
return dcesrv_fault ( call , 0 ) ;
2004-12-06 20:48:51 +03:00
}
2005-09-08 15:26:05 +04:00
rep = talloc ( call , struct data_blob_list_item ) ;
2005-07-01 10:05:49 +04:00
if ( ! rep ) {
return NT_STATUS_NO_MEMORY ;
}
2005-06-30 23:24:29 +04:00
2008-02-21 19:54:24 +03:00
status = ncacn_push_auth ( & rep - > blob , call , lp_iconv_convenience ( call - > conn - > dce_ctx - > lp_ctx ) , & pkt , call - > conn - > auth_state . auth_info ) ;
2005-07-01 10:05:49 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2004-12-06 20:48:51 +03:00
2005-09-08 15:26:05 +04:00
dcerpc_set_frag_length ( & rep - > blob , rep - > blob . length ) ;
2004-12-06 20:48:51 +03:00
2005-09-08 15:26:05 +04:00
DLIST_ADD_END ( call - > replies , rep , struct data_blob_list_item * ) ;
2007-03-14 01:58:23 +03:00
dcesrv_call_set_list ( call , DCESRV_LIST_CALL_LIST ) ;
2004-12-06 20:48:51 +03:00
2009-04-07 23:02:55 +04:00
if ( call - > conn - > call_list & & call - > conn - > call_list - > replies ) {
if ( call - > conn - > transport . report_output_data ) {
call - > conn - > transport . report_output_data ( call - > conn ) ;
}
}
2004-12-06 20:48:51 +03:00
return NT_STATUS_OK ;
}
2003-12-12 06:59:09 +03:00
/*
handle a dcerpc request packet
*/
static NTSTATUS dcesrv_request ( struct dcesrv_call_state * call )
{
struct ndr_pull * pull ;
NTSTATUS status ;
2005-01-10 15:15:26 +03:00
struct dcesrv_connection_context * context ;
2003-12-12 06:59:09 +03:00
2005-05-10 20:30:51 +04:00
/* if authenticated, and the mech we use can't do async replies, don't use them... */
if ( call - > conn - > auth_state . gensec_security & &
! gensec_have_feature ( call - > conn - > auth_state . gensec_security , GENSEC_FEATURE_ASYNC_REPLIES ) ) {
2005-05-10 15:04:04 +04:00
call - > state_flags & = ~ DCESRV_CALL_STATE_FLAG_MAY_ASYNC ;
}
2005-01-10 15:15:26 +03:00
context = dcesrv_find_context ( call - > conn , call - > pkt . u . request . context_id ) ;
if ( context = = NULL ) {
2004-05-11 19:39:23 +04:00
return dcesrv_fault ( call , DCERPC_FAULT_UNK_IF ) ;
}
2007-12-14 00:46:27 +03:00
pull = ndr_pull_init_blob ( & call - > pkt . u . request . stub_and_verifier , call ,
2007-12-14 00:46:55 +03:00
lp_iconv_convenience ( call - > conn - > dce_ctx - > lp_ctx ) ) ;
2005-01-11 19:53:02 +03:00
NT_STATUS_HAVE_NO_MEMORY ( pull ) ;
r6973: Merge new version of pidl into the main SAMBA_4_0 branch.
The main difference in this new version is the extra data structure generated
between the IDL data structure and the NDR parser:
IDL -> NDR -> { ndr_parser, ndr_header, eparser, etc }
This makes the ndr_parser.pm internals much more sane.
Other changes include:
- Remove unnecessary calls with NDR_BUFFERS (for example, GUID doesn't have any buffers, just scalars) as well as some (unnecessary) nested setting of flags.
- Parse array loops in the C code rather then calling ndr_pull_array(). This allows us to have, for example, arrays of pointers or arrays of pointers to arrays, etc..
- Use if() {} rather then if () goto foo; everywhere
- NDR_IN no longer implies LIBNDR_FLAG_REF_ALLOC
- By default, top level pointers are now "ref" (as is the default in
most other IDL compilers). This can be overridden using the
default_pointer_top() property.
- initial work on new ethereal parser generators by Alan DeKok and me
- pidl now writes errors in the standard format used by compilers, which
is parsable by most editors
- ability to warn about the fact that pidl extension(s) have been used,
useful for making sure IDL files work with other IDL compilers.
oh, and there's probably some other things I can't think of right now..
(This used to be commit 13cf227615f6b9e0e5fa62e59197024410254f01)
2005-05-25 17:50:27 +04:00
pull - > flags | = LIBNDR_FLAG_REF_ALLOC ;
2005-01-11 19:53:02 +03:00
call - > context = context ;
call - > ndr_pull = pull ;
2003-12-12 06:59:09 +03:00
2003-12-17 05:06:44 +03:00
if ( ! ( call - > pkt . drep [ 0 ] & DCERPC_DREP_LE ) ) {
pull - > flags | = LIBNDR_FLAG_BIGENDIAN ;
}
2003-12-12 06:59:09 +03:00
/* unravel the NDR for the packet */
2005-01-11 19:53:02 +03:00
status = context - > iface - > ndr_pull ( call , call , pull , & call - > r ) ;
2003-12-12 06:59:09 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-12-20 17:37:54 +03:00
return dcesrv_fault ( call , call - > fault_code ) ;
2003-12-12 06:59:09 +03:00
}
2004-09-13 05:23:09 +04:00
if ( pull - > offset ! = pull - > data_size ) {
DEBUG ( 3 , ( " Warning: %d extra bytes in incoming RPC request \n " ,
pull - > data_size - pull - > offset ) ) ;
dump_data ( 10 , pull - > data + pull - > offset , pull - > data_size - pull - > offset ) ;
}
2003-12-12 06:59:09 +03:00
/* call the dispatch function */
2005-01-11 19:53:02 +03:00
status = context - > iface - > dispatch ( call , call , call - > r ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2005-08-18 14:12:55 +04:00
DEBUG ( 5 , ( " dcerpc fault in call %s:%02x - %s \n " ,
context - > iface - > name ,
call - > pkt . u . request . opnum ,
dcerpc_errstr ( pull , call - > fault_code ) ) ) ;
2005-01-11 19:53:02 +03:00
return dcesrv_fault ( call , call - > fault_code ) ;
}
/* add the call to the pending list */
2007-03-14 01:58:23 +03:00
dcesrv_call_set_list ( call , DCESRV_LIST_PENDING_CALL_LIST ) ;
2005-01-11 19:53:02 +03:00
if ( call - > state_flags & DCESRV_CALL_STATE_FLAG_ASYNC ) {
return NT_STATUS_OK ;
}
return dcesrv_reply ( call ) ;
}
2006-05-01 22:11:15 +04:00
_PUBLIC_ NTSTATUS dcesrv_reply ( struct dcesrv_call_state * call )
2005-01-11 19:53:02 +03:00
{
struct ndr_push * push ;
NTSTATUS status ;
DATA_BLOB stub ;
2008-07-03 15:39:55 +04:00
uint32_t total_length , chunk_size ;
2005-01-11 19:53:02 +03:00
struct dcesrv_connection_context * context = call - > context ;
2008-08-11 20:12:54 +04:00
size_t sig_size = 0 ;
2005-01-11 19:53:02 +03:00
/* call the reply function */
status = context - > iface - > reply ( call , call , call - > r ) ;
2003-12-12 06:59:09 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-05-04 10:07:52 +04:00
return dcesrv_fault ( call , call - > fault_code ) ;
2003-12-12 06:59:09 +03:00
}
/* form the reply NDR */
2007-12-14 00:46:55 +03:00
push = ndr_push_init_ctx ( call , lp_iconv_convenience ( call - > conn - > dce_ctx - > lp_ctx ) ) ;
2005-01-11 19:53:02 +03:00
NT_STATUS_HAVE_NO_MEMORY ( push ) ;
2003-12-12 06:59:09 +03:00
2004-08-12 09:15:41 +04:00
/* carry over the pointer count to the reply in case we are
using full pointer . See NDR specification for full
pointers */
2005-01-11 19:53:02 +03:00
push - > ptr_count = call - > ndr_pull - > ptr_count ;
2004-08-12 09:15:41 +04:00
2007-12-04 22:05:00 +03:00
if ( lp_rpc_big_endian ( call - > conn - > dce_ctx - > lp_ctx ) ) {
2003-12-17 05:06:44 +03:00
push - > flags | = LIBNDR_FLAG_BIGENDIAN ;
}
2005-01-11 19:53:02 +03:00
status = context - > iface - > ndr_push ( call , call , push , call - > r ) ;
2003-12-12 06:59:09 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-12-20 17:37:54 +03:00
return dcesrv_fault ( call , call - > fault_code ) ;
2003-12-12 06:59:09 +03:00
}
stub = ndr_push_blob ( push ) ;
2004-05-02 14:07:25 +04:00
total_length = stub . length ;
2008-07-03 15:39:55 +04:00
/* we can write a full max_recv_frag size, minus the dcerpc
request header size */
2008-08-11 20:12:54 +04:00
chunk_size = call - > conn - > cli_max_recv_frag ;
chunk_size - = DCERPC_REQUEST_LENGTH ;
2008-09-12 17:47:02 +04:00
if ( call - > conn - > auth_state . auth_info & &
call - > conn - > auth_state . gensec_security ) {
2008-08-11 20:12:54 +04:00
sig_size = gensec_sig_size ( call - > conn - > auth_state . gensec_security ,
call - > conn - > cli_max_recv_frag ) ;
2008-09-12 17:47:02 +04:00
if ( sig_size ) {
chunk_size - = DCERPC_AUTH_TRAILER_LENGTH ;
chunk_size - = sig_size ;
}
2008-08-11 20:12:54 +04:00
}
2008-09-12 17:47:02 +04:00
chunk_size - = ( chunk_size % 16 ) ;
2008-07-03 15:39:55 +04:00
2003-12-12 08:30:00 +03:00
do {
2004-05-25 20:24:13 +04:00
uint32_t length ;
2005-09-08 15:26:05 +04:00
struct data_blob_list_item * rep ;
2005-06-06 03:05:37 +04:00
struct ncacn_packet pkt ;
2003-12-12 06:59:09 +03:00
2005-09-08 15:26:05 +04:00
rep = talloc ( call , struct data_blob_list_item ) ;
2005-01-11 19:53:02 +03:00
NT_STATUS_HAVE_NO_MEMORY ( rep ) ;
2003-12-12 06:59:09 +03:00
2008-07-03 15:39:55 +04:00
length = MIN ( chunk_size , stub . length ) ;
2003-12-12 06:59:09 +03:00
2003-12-12 08:30:00 +03:00
/* form the dcerpc response packet */
2007-12-04 22:05:00 +03:00
dcesrv_init_hdr ( & pkt , lp_rpc_big_endian ( call - > conn - > dce_ctx - > lp_ctx ) ) ;
2003-12-12 08:30:00 +03:00
pkt . auth_length = 0 ;
pkt . call_id = call - > pkt . call_id ;
pkt . ptype = DCERPC_PKT_RESPONSE ;
pkt . pfc_flags = 0 ;
2004-05-02 14:07:25 +04:00
if ( stub . length = = total_length ) {
2003-12-12 08:30:00 +03:00
pkt . pfc_flags | = DCERPC_PFC_FLAG_FIRST ;
}
if ( length = = stub . length ) {
pkt . pfc_flags | = DCERPC_PFC_FLAG_LAST ;
}
pkt . u . response . alloc_hint = stub . length ;
pkt . u . response . context_id = call - > pkt . u . request . context_id ;
pkt . u . response . cancel_count = 0 ;
pkt . u . response . stub_and_verifier . data = stub . data ;
pkt . u . response . stub_and_verifier . length = length ;
2008-08-11 20:12:54 +04:00
if ( ! dcesrv_auth_response ( call , & rep - > blob , sig_size , & pkt ) ) {
2003-12-14 13:45:50 +03:00
return dcesrv_fault ( call , DCERPC_FAULT_OTHER ) ;
2003-12-12 08:30:00 +03:00
}
2003-12-14 04:09:10 +03:00
2005-09-08 15:26:05 +04:00
dcerpc_set_frag_length ( & rep - > blob , rep - > blob . length ) ;
2003-12-12 08:30:00 +03:00
2005-09-08 15:26:05 +04:00
DLIST_ADD_END ( call - > replies , rep , struct data_blob_list_item * ) ;
2003-12-12 08:30:00 +03:00
stub . data + = length ;
stub . length - = length ;
} while ( stub . length ! = 0 ) ;
2003-12-12 06:59:09 +03:00
2005-01-11 19:53:02 +03:00
/* move the call from the pending to the finished calls list */
2007-03-14 01:58:23 +03:00
dcesrv_call_set_list ( call , DCESRV_LIST_CALL_LIST ) ;
2003-12-14 13:45:50 +03:00
2005-01-11 19:53:02 +03:00
if ( call - > conn - > call_list & & call - > conn - > call_list - > replies ) {
2006-03-16 21:46:49 +03:00
if ( call - > conn - > transport . report_output_data ) {
call - > conn - > transport . report_output_data ( call - > conn ) ;
2005-01-11 19:53:02 +03:00
}
}
2003-12-12 06:59:09 +03:00
return NT_STATUS_OK ;
}
2006-05-21 18:59:02 +04:00
_PUBLIC_ struct socket_address * dcesrv_connection_get_my_addr ( struct dcesrv_connection * conn , TALLOC_CTX * mem_ctx )
2006-03-16 21:46:49 +03:00
{
if ( ! conn - > transport . get_my_addr ) {
return NULL ;
}
return conn - > transport . get_my_addr ( conn , mem_ctx ) ;
}
2006-05-21 18:59:02 +04:00
_PUBLIC_ struct socket_address * dcesrv_connection_get_peer_addr ( struct dcesrv_connection * conn , TALLOC_CTX * mem_ctx )
2006-03-16 21:46:49 +03:00
{
if ( ! conn - > transport . get_peer_addr ) {
return NULL ;
}
return conn - > transport . get_peer_addr ( conn , mem_ctx ) ;
}
2003-12-11 01:21:04 +03:00
2003-12-13 14:44:28 +03:00
2007-03-14 01:58:23 +03:00
/*
remove the call from the right list when freed
*/
static int dcesrv_call_dequeue ( struct dcesrv_call_state * call )
{
dcesrv_call_set_list ( call , DCESRV_LIST_NONE ) ;
return 0 ;
}
2003-12-11 12:07:45 +03:00
/*
2003-12-14 04:09:10 +03:00
process some input to a dcerpc endpoint server .
2003-12-11 12:07:45 +03:00
*/
2009-04-07 16:37:05 +04:00
NTSTATUS dcesrv_process_ncacn_packet ( struct dcesrv_connection * dce_conn ,
struct ncacn_packet * pkt ,
DATA_BLOB blob )
2003-12-11 12:07:45 +03:00
{
2003-12-12 06:59:09 +03:00
NTSTATUS status ;
struct dcesrv_call_state * call ;
2003-12-13 14:44:28 +03:00
2006-07-31 17:40:49 +04:00
call = talloc_zero ( dce_conn , struct dcesrv_call_state ) ;
2003-12-12 06:59:09 +03:00
if ( ! call ) {
2009-04-07 16:37:05 +04:00
data_blob_free ( & blob ) ;
talloc_free ( pkt ) ;
2003-12-12 06:59:09 +03:00
return NT_STATUS_NO_MEMORY ;
}
2006-07-31 17:40:49 +04:00
call - > conn = dce_conn ;
call - > event_ctx = dce_conn - > event_ctx ;
call - > msg_ctx = dce_conn - > msg_ctx ;
call - > state_flags = call - > conn - > state_flags ;
call - > time = timeval_current ( ) ;
2007-03-14 01:58:23 +03:00
call - > list = DCESRV_LIST_NONE ;
2009-04-07 16:37:05 +04:00
talloc_steal ( call , pkt ) ;
talloc_steal ( call , blob . data ) ;
call - > pkt = * pkt ;
2003-12-12 06:59:09 +03:00
2009-04-07 16:37:05 +04:00
talloc_set_destructor ( call , dcesrv_call_dequeue ) ;
2003-12-12 06:59:09 +03:00
2003-12-14 13:45:50 +03:00
/* we have to check the signing here, before combining the
pdus */
if ( call - > pkt . ptype = = DCERPC_PKT_REQUEST & &
2004-09-11 16:32:05 +04:00
! dcesrv_auth_request ( call , & blob ) ) {
2005-04-30 12:17:13 +04:00
return dcesrv_fault ( call , DCERPC_FAULT_ACCESS_DENIED ) ;
2003-12-14 13:45:50 +03:00
}
2003-12-12 08:01:41 +03:00
/* see if this is a continued packet */
2004-12-12 11:35:11 +03:00
if ( call - > pkt . ptype = = DCERPC_PKT_REQUEST & &
! ( call - > pkt . pfc_flags & DCERPC_PFC_FLAG_FIRST ) ) {
2003-12-12 08:01:41 +03:00
struct dcesrv_call_state * call2 = call ;
2004-05-25 20:24:13 +04:00
uint32_t alloc_size ;
2003-12-12 08:01:41 +03:00
/* we only allow fragmented requests, no other packet types */
if ( call - > pkt . ptype ! = DCERPC_PKT_REQUEST ) {
2003-12-12 09:12:41 +03:00
return dcesrv_fault ( call2 , DCERPC_FAULT_OTHER ) ;
2003-12-12 08:01:41 +03:00
}
2003-12-12 06:59:09 +03:00
2003-12-12 08:01:41 +03:00
/* this is a continuation of an existing call - find the call then
tack it on the end */
2006-09-11 10:17:12 +04:00
call = dcesrv_find_fragmented_call ( dce_conn , call2 - > pkt . call_id ) ;
2003-12-12 08:01:41 +03:00
if ( ! call ) {
2003-12-12 09:12:41 +03:00
return dcesrv_fault ( call2 , DCERPC_FAULT_OTHER ) ;
2003-12-12 08:01:41 +03:00
}
if ( call - > pkt . ptype ! = call2 - > pkt . ptype ) {
/* trying to play silly buggers are we? */
2003-12-12 09:12:41 +03:00
return dcesrv_fault ( call2 , DCERPC_FAULT_OTHER ) ;
2003-12-12 08:01:41 +03:00
}
alloc_size = call - > pkt . u . request . stub_and_verifier . length +
call2 - > pkt . u . request . stub_and_verifier . length ;
if ( call - > pkt . u . request . alloc_hint > alloc_size ) {
alloc_size = call - > pkt . u . request . alloc_hint ;
}
call - > pkt . u . request . stub_and_verifier . data =
2005-01-07 07:39:16 +03:00
talloc_realloc ( call ,
call - > pkt . u . request . stub_and_verifier . data ,
uint8_t , alloc_size ) ;
2003-12-12 08:01:41 +03:00
if ( ! call - > pkt . u . request . stub_and_verifier . data ) {
2003-12-12 09:12:41 +03:00
return dcesrv_fault ( call2 , DCERPC_FAULT_OTHER ) ;
2003-12-12 08:01:41 +03:00
}
memcpy ( call - > pkt . u . request . stub_and_verifier . data +
call - > pkt . u . request . stub_and_verifier . length ,
call2 - > pkt . u . request . stub_and_verifier . data ,
call2 - > pkt . u . request . stub_and_verifier . length ) ;
call - > pkt . u . request . stub_and_verifier . length + =
call2 - > pkt . u . request . stub_and_verifier . length ;
call - > pkt . pfc_flags | = ( call2 - > pkt . pfc_flags & DCERPC_PFC_FLAG_LAST ) ;
2004-09-27 08:11:37 +04:00
talloc_free ( call2 ) ;
2003-12-12 08:01:41 +03:00
}
/* this may not be the last pdu in the chain - if its isn't then
2006-09-11 10:17:12 +04:00
just put it on the incoming_fragmented_call_list and wait for the rest */
2004-12-12 11:35:11 +03:00
if ( call - > pkt . ptype = = DCERPC_PKT_REQUEST & &
! ( call - > pkt . pfc_flags & DCERPC_PFC_FLAG_LAST ) ) {
2007-03-14 01:58:23 +03:00
dcesrv_call_set_list ( call , DCESRV_LIST_FRAGMENTED_CALL_LIST ) ;
2003-12-12 08:01:41 +03:00
return NT_STATUS_OK ;
2006-09-21 10:34:21 +04:00
}
/* This removes any fragments we may have had stashed away */
2007-03-14 01:58:23 +03:00
dcesrv_call_set_list ( call , DCESRV_LIST_NONE ) ;
2003-12-12 06:59:09 +03:00
switch ( call - > pkt . ptype ) {
case DCERPC_PKT_BIND :
status = dcesrv_bind ( call ) ;
break ;
2003-12-14 13:45:50 +03:00
case DCERPC_PKT_AUTH3 :
status = dcesrv_auth3 ( call ) ;
break ;
2004-12-06 20:48:51 +03:00
case DCERPC_PKT_ALTER :
status = dcesrv_alter ( call ) ;
break ;
2003-12-12 06:59:09 +03:00
case DCERPC_PKT_REQUEST :
status = dcesrv_request ( call ) ;
break ;
default :
status = NT_STATUS_INVALID_PARAMETER ;
break ;
}
/* if we are going to be sending a reply then add
it to the list of pending calls . We add it to the end to keep the call
list in the order we will answer */
2003-12-14 13:45:50 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-09-25 15:24:10 +04:00
talloc_free ( call ) ;
2003-12-12 06:59:09 +03:00
}
return status ;
2003-12-11 12:07:45 +03:00
}
2007-12-04 22:05:00 +03:00
_PUBLIC_ NTSTATUS dcesrv_init_context ( TALLOC_CTX * mem_ctx ,
struct loadparm_context * lp_ctx ,
const char * * endpoint_servers , struct dcesrv_context * * _dce_ctx )
2003-12-11 01:21:04 +03:00
{
2005-01-11 19:53:02 +03:00
NTSTATUS status ;
struct dcesrv_context * dce_ctx ;
2003-12-11 01:21:04 +03:00
int i ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
if ( ! endpoint_servers ) {
2005-01-11 19:53:02 +03:00
DEBUG ( 0 , ( " dcesrv_init_context: no endpoint servers configured \n " ) ) ;
return NT_STATUS_INTERNAL_ERROR ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
2005-01-11 19:53:02 +03:00
dce_ctx = talloc ( mem_ctx , struct dcesrv_context ) ;
NT_STATUS_HAVE_NO_MEMORY ( dce_ctx ) ;
dce_ctx - > endpoint_list = NULL ;
2007-12-04 22:05:00 +03:00
dce_ctx - > lp_ctx = lp_ctx ;
2009-09-22 08:36:54 +04:00
dce_ctx - > assoc_groups_idr = idr_init ( dce_ctx ) ;
NT_STATUS_HAVE_NO_MEMORY ( dce_ctx - > assoc_groups_idr ) ;
2005-01-11 19:53:02 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
for ( i = 0 ; endpoint_servers [ i ] ; i + + ) {
const struct dcesrv_endpoint_server * ep_server ;
2005-01-11 19:53:02 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
ep_server = dcesrv_ep_server_byname ( endpoint_servers [ i ] ) ;
if ( ! ep_server ) {
DEBUG ( 0 , ( " dcesrv_init_context: failed to find endpoint server = '%s' \n " , endpoint_servers [ i ] ) ) ;
2005-01-11 19:53:02 +03:00
return NT_STATUS_INTERNAL_ERROR ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
2005-01-11 19:53:02 +03:00
status = ep_server - > init_server ( dce_ctx , ep_server ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 0 , ( " dcesrv_init_context: failed to init endpoint server = '%s': %s \n " , endpoint_servers [ i ] ,
nt_errstr ( status ) ) ) ;
return status ;
2003-12-11 01:21:04 +03:00
}
}
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
2005-01-11 19:53:02 +03:00
* _dce_ctx = dce_ctx ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
return NT_STATUS_OK ;
2003-12-11 01:21:04 +03:00
}
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/* the list of currently registered DCERPC endpoint servers.
*/
2004-12-03 09:24:38 +03:00
static struct ep_server {
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
struct dcesrv_endpoint_server * ep_server ;
} * ep_servers = NULL ;
static int num_ep_servers ;
2003-12-11 01:21:04 +03:00
2003-12-13 05:20:40 +03:00
/*
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
register a DCERPC endpoint server .
The ' name ' can be later used by other backends to find the operations
structure for this backend .
The ' type ' is used to specify whether this is for a disk , printer or IPC $ share
*/
2006-05-01 22:11:15 +04:00
_PUBLIC_ NTSTATUS dcerpc_register_ep_server ( const void * _ep_server )
2003-12-13 05:20:40 +03:00
{
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
const struct dcesrv_endpoint_server * ep_server = _ep_server ;
if ( dcesrv_ep_server_byname ( ep_server - > name ) ! = NULL ) {
/* its already registered! */
2004-02-02 16:28:29 +03:00
DEBUG ( 0 , ( " DCERPC endpoint server '%s' already registered \n " ,
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
ep_server - > name ) ) ;
return NT_STATUS_OBJECT_NAME_COLLISION ;
2003-12-13 13:58:48 +03:00
}
2003-12-13 05:20:40 +03:00
2004-12-03 09:24:38 +03:00
ep_servers = realloc_p ( ep_servers , struct ep_server , num_ep_servers + 1 ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
if ( ! ep_servers ) {
2004-06-20 14:00:32 +04:00
smb_panic ( " out of memory in dcerpc_register " ) ;
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
}
ep_servers [ num_ep_servers ] . ep_server = smb_xmemdup ( ep_server , sizeof ( * ep_server ) ) ;
ep_servers [ num_ep_servers ] . ep_server - > name = smb_xstrdup ( ep_server - > name ) ;
num_ep_servers + + ;
2004-02-02 16:28:29 +03:00
DEBUG ( 3 , ( " DCERPC endpoint server '%s' registered \n " ,
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
ep_server - > name ) ) ;
2003-12-13 05:20:40 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
return NT_STATUS_OK ;
}
2003-12-13 05:20:40 +03:00
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/*
return the operations structure for a named backend of the specified type
*/
const struct dcesrv_endpoint_server * dcesrv_ep_server_byname ( const char * name )
2003-12-14 16:22:12 +03:00
{
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
int i ;
for ( i = 0 ; i < num_ep_servers ; i + + ) {
if ( strcmp ( ep_servers [ i ] . ep_server - > name , name ) = = 0 ) {
return ep_servers [ i ] . ep_server ;
}
2003-12-14 16:22:12 +03:00
}
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
return NULL ;
2003-12-14 16:22:12 +03:00
}
2008-12-09 11:22:31 +03:00
void dcerpc_server_init ( struct loadparm_context * lp_ctx )
{
static bool initialized ;
extern NTSTATUS dcerpc_server_wkssvc_init ( void ) ;
extern NTSTATUS dcerpc_server_drsuapi_init ( void ) ;
extern NTSTATUS dcerpc_server_winreg_init ( void ) ;
extern NTSTATUS dcerpc_server_spoolss_init ( void ) ;
extern NTSTATUS dcerpc_server_epmapper_init ( void ) ;
extern NTSTATUS dcerpc_server_srvsvc_init ( void ) ;
extern NTSTATUS dcerpc_server_netlogon_init ( void ) ;
extern NTSTATUS dcerpc_server_rpcecho_init ( void ) ;
extern NTSTATUS dcerpc_server_unixinfo_init ( void ) ;
extern NTSTATUS dcerpc_server_samr_init ( void ) ;
extern NTSTATUS dcerpc_server_remote_init ( void ) ;
extern NTSTATUS dcerpc_server_lsa_init ( void ) ;
extern NTSTATUS dcerpc_server_browser_init ( void ) ;
init_module_fn static_init [ ] = { STATIC_dcerpc_server_MODULES } ;
init_module_fn * shared_init ;
if ( initialized ) {
return ;
}
initialized = true ;
shared_init = load_samba_modules ( NULL , lp_ctx , " dcerpc_server " ) ;
run_init_functions ( static_init ) ;
run_init_functions ( shared_init ) ;
talloc_free ( shared_init ) ;
}
This patch adds a better dcerpc server infastructure.
1.) We now register endpoint servers add startup via register_backend()
and later use the smb.conf 'dcerpc endpoint servers' parameter to setup the dcesrv_context
2.) each endpoint server can register at context creation time as much interfaces as it wants
(multiple interfaces on one endpoint are supported!)
(NOTE: there's a difference between 'endpoint server' and 'endpoint'!
for details look at rpc_server/dcesrv_server.h)
3.) one endpoint can have a security descriptor registered to it self
this will be checked in the future when a client wants to connect
to an smb pipe endpoint.
4.) we now have a 'remote' endpoint server, which works like the ntvfs_cifs module
it takes this options in the [globals] section:
dcerpc remote:interfaces = srvsvc, winreg, w32time, epmapper
dcerpc remote:binding = ...
dcerpc remote:user = ...
dcerpc remote:password = ...
5.) we currently have tree endpoint servers: epmapper, rpcecho and remote
the default for the 'dcerpc endpiont servers = epmapper, rpcecho'
for testing you can also do
dcerpc endpoint servers = rpcecho, remote, epmapper
dcerpc remote:interfaces = srvsvc, samr, netlogon
6,) please notice the the epmapper now only returns NO_ENTRIES
(but I think we'll find a solution for this too:-)
7.) also there're some other stuff left, but step by step :-)
This patch also includes updates for the
register_subsystem() , ntvfs_init(), and some other funtions
to check for duplicate subsystem registration
metze
(hmmm, my first large commit...I hope it works as supposed :-)
(This used to be commit 917e45dafd5be4c2cd90ff425b8d6f8403122349)
2004-01-09 01:55:27 +03:00
/*
return the DCERPC module version , and the size of some critical types
This can be used by endpoint server modules to either detect compilation errors , or provide
multiple implementations for different smbd compilation options in one module
*/
const struct dcesrv_critical_sizes * dcerpc_module_version ( void )
{
static const struct dcesrv_critical_sizes critical_sizes = {
DCERPC_MODULE_VERSION ,
sizeof ( struct dcesrv_context ) ,
sizeof ( struct dcesrv_endpoint ) ,
sizeof ( struct dcesrv_endpoint_server ) ,
sizeof ( struct dcesrv_interface ) ,
sizeof ( struct dcesrv_if_list ) ,
sizeof ( struct dcesrv_connection ) ,
sizeof ( struct dcesrv_call_state ) ,
sizeof ( struct dcesrv_auth ) ,
sizeof ( struct dcesrv_handle )
} ;
return & critical_sizes ;
}
2003-12-14 16:22:12 +03:00
