/*
- Unix SMB/Netbios implementation.
- Version 1.9.
+ Unix SMB/CIFS implementation.
SMB parameters and setup
Copyright (C) Andrew Tridgell 1992-1997
Copyright (C) Luke Kenneth Casson Leighton 1996-1997
Copyright (C) Paul Ashton 1997
+ Copyright (C) Jeremy Allison 2000-2004
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _NT_DOMAIN_H /* _NT_DOMAIN_H */
#define _NT_DOMAIN_H
+/*
+ * A bunch of stuff that was put into smb.h
+ * in the NTDOM branch - it didn't belong there.
+ */
+
+typedef struct _prs_struct {
+ BOOL io; /* parsing in or out of data stream */
+ /*
+ * If the (incoming) data is big-endian. On output we are
+ * always little-endian.
+ */
+ BOOL bigendian_data;
+ uint8 align; /* data alignment */
+ BOOL is_dynamic; /* Do we own this memory or not ? */
+ uint32 data_offset; /* Current working offset into data. */
+ uint32 buffer_size; /* Current allocated size of the buffer. */
+ uint32 grow_size; /* size requested via prs_grow() calls */
+ char *data_p; /* The buffer itself. */
+ TALLOC_CTX *mem_ctx; /* When unmarshalling, use this.... */
+ const char *sess_key; /* If we have to do encrypt/decrypt on the fly. */
+} prs_struct;
-/* dce/rpc support */
-#include "rpc_dce.h"
+/*
+ * Defines for io member of prs_struct.
+ */
-/* miscellaneous structures / defines */
-#include "rpc_misc.h"
+#define MARSHALL 0
+#define UNMARSHALL 1
+
+#define MARSHALLING(ps) (!(ps)->io)
+#define UNMARSHALLING(ps) ((ps)->io)
+
+#define RPC_BIG_ENDIAN 1
+#define RPC_LITTLE_ENDIAN 0
+
+#define RPC_PARSE_ALIGN 4
+
+typedef struct _output_data {
+ /*
+ * Raw RPC output data. This does not include RPC headers or footers.
+ */
+ prs_struct rdata;
+
+ /* The amount of data sent from the current rdata struct. */
+ uint32 data_sent_length;
+
+ /*
+ * The current PDU being returned. This inclues
+ * headers, data and authentication footer.
+ */
+ unsigned char current_pdu[RPC_MAX_PDU_FRAG_LEN];
+
+ /* The amount of data in the current_pdu buffer. */
+ uint32 current_pdu_len;
+
+ /* The amount of data sent from the current PDU. */
+ uint32 current_pdu_sent;
+} output_data;
+
+typedef struct _input_data {
+ /*
+ * This is the current incoming pdu. The data here
+ * is collected via multiple writes until a complete
+ * pdu is seen, then the data is copied into the in_data
+ * structure. The maximum size of this is 0x1630 (RPC_MAX_PDU_FRAG_LEN).
+ */
+ unsigned char current_in_pdu[RPC_MAX_PDU_FRAG_LEN];
+
+ /*
+ * The amount of data needed to complete the in_pdu.
+ * If this is zero, then we are at the start of a new
+ * pdu.
+ */
+ uint32 pdu_needed_len;
+
+ /*
+ * The amount of data received so far in the in_pdu.
+ * If this is zero, then we are at the start of a new
+ * pdu.
+ */
+ uint32 pdu_received_len;
+
+ /*
+ * This is the collection of input data with all
+ * the rpc headers and auth footers removed.
+ * The maximum length of this (1Mb) is strictly enforced.
+ */
+ prs_struct data;
+} input_data;
-/* security descriptor structures */
-#include "rpc_secdes.h"
+/*
+ * Handle database - stored per pipe.
+ */
-/* different dce/rpc pipes */
-#include "rpc_lsa.h"
-#include "rpc_netlogon.h"
-#include "rpc_reg.h"
-#include "rpc_samr.h"
-#include "rpc_srvsvc.h"
-#include "rpc_svcctl.h"
-#include "rpc_wkssvc.h"
-#include "rpc_atsvc.h"
-#include "rpc_spoolss.h"
-#include "rpc_eventlog.h"
+struct policy {
+ struct policy *next, *prev;
-/*
- * A bunch of stuff that was put into smb.h
- * in the NTDOM branch - it didn't belong there.
- */
+ POLICY_HND pol_hnd;
+
+ void *data_ptr;
+ void (*free_fn)(void *);
+};
+
+struct handle_list {
+ struct policy *Policy; /* List of policies. */
+ size_t count; /* Current number of handles. */
+ size_t pipe_ref_count; /* Number of pipe handles referring to this list. */
+};
+
+/* Domain controller authentication protocol info */
+struct dcinfo {
+ uint32 sequence; /* "timestamp" from client. */
+ DOM_CHAL seed_chal;
+ DOM_CHAL clnt_chal; /* Client credential */
+ DOM_CHAL srv_chal; /* Server credential */
-typedef struct
-{
- struct mem_buf *data; /* memory buffer */
- uint32 offset; /* offset currently being accessed in memory buffer */
- uint8 align; /* data alignment */
- BOOL io; /* parsing in or out of data stream */
- BOOL error; /* error occurred */
+ unsigned char sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
+ unsigned char mach_pw[16]; /* md4(machine password) */
-} prs_struct;
+ fstring mach_acct; /* Machine name we've authenticated. */
+
+ fstring remote_machine; /* Machine name we've authenticated. */
+ fstring domain;
+
+ BOOL challenge_sent;
+ BOOL authenticated;
+};
-typedef struct pipes_struct
-{
+typedef struct pipe_rpc_fns {
+
+ struct pipe_rpc_fns *next, *prev;
+
+ /* RPC function table associated with the current rpc_bind (associated by context) */
+
+ struct api_struct *cmds;
+ int n_cmds;
+ uint32 context_id;
+
+} PIPE_RPC_FNS;
+
+/*
+ * Different auth types we support.
+ * Can't keep in sync with wire values as spnego wraps different auth methods.
+ */
+
+enum pipe_auth_type { PIPE_AUTH_TYPE_NONE = 0, PIPE_AUTH_TYPE_NTLMSSP, PIPE_AUTH_TYPE_SCHANNEL,
+ PIPE_AUTH_TYPE_SPNEGO_NTLMSSP, PIPE_AUTH_TYPE_KRB5, PIPE_AUTH_TYPE_SPNEGO_KRB5 };
+
+/* Possible auth levels - keep these in sync with the wire values. */
+enum pipe_auth_level { PIPE_AUTH_LEVEL_NONE = 0,
+ PIPE_AUTH_LEVEL_CONNECT = 1, /* We treat as NONE. */
+ PIPE_AUTH_LEVEL_INTEGRITY = 5, /* Sign. */
+ PIPE_AUTH_LEVEL_PRIVACY = 6 /* Seal. */
+};
+
+/* auth state for krb5. */
+struct kerberos_auth_struct {
+ const char *service_principal;
+ DATA_BLOB session_key;
+};
+
+/* auth state for schannel. */
+struct schannel_auth_struct {
+ unsigned char sess_key[16];
+ uint32 seq_num;
+};
+
+/* auth state for all bind types. */
+
+struct pipe_auth_data {
+ enum pipe_auth_type auth_type; /* switch for union below. */
+ enum pipe_auth_level auth_level;
+ union {
+ struct schannel_auth_struct *schannel_auth;
+ AUTH_NTLMSSP_STATE *auth_ntlmssp_state;
+/* struct kerberos_auth_struct *kerberos_auth; TO BE ADDED... */
+ } a_u;
+ void (*auth_data_free_func)(struct pipe_auth_data *);
+};
+
+/*
+ * DCE/RPC-specific samba-internal-specific handling of data on
+ * NamedPipes.
+ */
+
+typedef struct pipes_struct {
struct pipes_struct *next, *prev;
- int pnum;
+
connection_struct *conn;
- uint16 vuid;
- BOOL open; /* open connection */
- uint16 device_state;
- uint16 priority;
+ uint16 vuid; /* points to the unauthenticated user that opened this pipe. */
+
fstring name;
fstring pipe_srv_name;
+
+ /* linked list of rpc dispatch tables associated
+ with the open rpc contexts */
+
+ PIPE_RPC_FNS *contexts;
+
+ RPC_HDR hdr; /* Incoming RPC header. */
+ RPC_HDR_REQ hdr_req; /* Incoming request header. */
- prs_struct rhdr; /* output header */
- prs_struct rfault; /* fault */
- prs_struct rdata; /* output data */
- prs_struct rdata_i; /* output data (intermediate, for fragments) */
- prs_struct rauth; /* output authentication verifier */
- prs_struct rverf; /* output verifier */
- prs_struct rntlm; /* output ntlmssp */
-
- RPC_HDR hdr;
- RPC_HDR_BA hdr_ba;
- RPC_HDR_RB hdr_rb;
- RPC_HDR_REQ hdr_req;
- RPC_HDR_RESP hdr_resp;
- RPC_HDR_FAULT hdr_fault;
- RPC_HDR_AUTH auth_info;
- RPC_HDR_AUTHA autha_info;
-
- RPC_AUTH_NTLMSSP_VERIFIER auth_verifier;
- RPC_AUTH_NTLMSSP_NEG ntlmssp_neg;
- RPC_AUTH_NTLMSSP_CHAL ntlmssp_chal;
- RPC_AUTH_NTLMSSP_RESP ntlmssp_resp;
- RPC_AUTH_NTLMSSP_CHK ntlmssp_chk;
-
- BOOL ntlmssp_auth;
- BOOL ntlmssp_validated;
- unsigned char ntlmssp_hash[258];
- uint32 ntlmssp_seq_num;
+ /* This context is used for pipe state storage and is freed when the pipe is closed. */
+ TALLOC_CTX *pipe_state_mem_ctx;
+
+ struct pipe_auth_data auth;
+
+ struct dcinfo *dc; /* Keeps the creds data from netlogon. */
+
+ /*
+ * Windows user info.
+ */
fstring user_name;
fstring domain;
fstring wks;
- uint32 file_offset;
- uint32 prev_pdu_file_offset;
- uint32 hdr_offsets;
-
-} pipes_struct;
-
-struct api_struct
-{
- char *name;
- uint8 opnum;
- void (*fn) (pipes_struct*, prs_struct*, prs_struct*);
-};
+ /*
+ * Unix user name and credentials used when a pipe is authenticated.
+ */
-struct mem_desc
-{
- /* array memory offsets */
- uint32 start;
- uint32 end;
-};
-
-struct mem_buf
-{
- BOOL dynamic; /* True iff data has been dynamically allocated
- (and therefore can be freed) */
- char *data;
- uint32 data_size;
- uint32 data_used;
+ fstring pipe_user_name;
+ struct current_user pipe_user;
+ DATA_BLOB session_key;
+
+ /*
+ * Set to true when an RPC bind has been done on this pipe.
+ */
+
+ BOOL pipe_bound;
+
+ /*
+ * Set to true when we should return fault PDU's for everything.
+ */
+
+ BOOL fault_state;
+
+ /*
+ * Set to true when we should return fault PDU's for a bad handle.
+ */
+
+ BOOL bad_handle_fault_state;
+
+ /*
+ * Set to true when the backend does not support a call.
+ */
+
+ BOOL rng_fault_state;
+
+ /*
+ * Set to RPC_BIG_ENDIAN when dealing with big-endian PDU's
+ */
+
+ BOOL endian;
+
+ /*
+ * Struct to deal with multiple pdu inputs.
+ */
+
+ input_data in_data;
+
+ /*
+ * Struct to deal with multiple pdu outputs.
+ */
+
+ output_data out_data;
+
+ /* This context is used for PDU data and is freed between each pdu.
+ Don't use for pipe state storage. */
+ TALLOC_CTX *mem_ctx;
+
+ /* handle database to use on this pipe. */
+ struct handle_list *pipe_handles;
- uint32 margin; /* safety margin when reallocing. */
- /* this can be abused quite nicely */
- uint8 align; /* alignment of data structures (smb, dce/rpc, udp etc) */
+} pipes_struct;
- struct mem_desc offset;
+typedef struct smb_np_struct {
+ struct smb_np_struct *next, *prev;
+ int pnum;
+ connection_struct *conn;
+ uint16 vuid; /* points to the unauthenticated user that opened this pipe. */
+ BOOL open; /* open connection */
+ uint16 device_state;
+ uint16 priority;
+ fstring name;
- struct mem_buf *next;
+ /* When replying to an SMBtrans, this is the maximum amount of
+ data that can be sent in the initial reply. */
+ int max_trans_reply;
+
+ /*
+ * NamedPipe state information.
+ *
+ * (e.g. typecast a np_struct, above).
+ */
+ void *np_state;
+
+ /*
+ * NamedPipe functions, to be called to perform
+ * Named Pipe transactions on request from an
+ * SMB client.
+ */
+
+ /* call to create a named pipe connection.
+ * returns: state information representing the connection.
+ * is stored in np_state, above.
+ */
+ void * (*namedpipe_create)(const char *pipe_name,
+ connection_struct *conn, uint16 vuid);
+
+ /* call to perform a write / read namedpipe transaction.
+ * TransactNamedPipe is weird: it returns whether there
+ * is more data outstanding to be read, and the
+ * caller is expected to take note and follow up with
+ * read requests.
+ */
+ ssize_t (*namedpipe_transact)(void *np_state,
+ char *data, int len,
+ char *rdata, int rlen,
+ BOOL *pipe_outstanding);
+
+ /* call to perform a write namedpipe operation
+ */
+ ssize_t (*namedpipe_write)(void * np_state,
+ char *data, size_t n);
+
+ /* call to perform a read namedpipe operation.
+ *
+ * NOTE: the only reason that the pipe_outstanding
+ * argument is here is because samba does not use
+ * the namedpipe_transact function yet: instead,
+ * it performs the same as what namedpipe_transact
+ * does - a write, followed by a read.
+ *
+ * when samba is modified to use namedpipe_transact,
+ * the pipe_outstanding argument may be removed.
+ */
+ ssize_t (*namedpipe_read)(void * np_state,
+ char *data, size_t max_len,
+ BOOL *pipe_outstanding);
+
+ /* call to close a namedpipe.
+ * function is expected to perform all cleanups
+ * necessary, free all memory etc.
+ *
+ * returns True if cleanup was successful (not that
+ * we particularly care).
+ */
+ BOOL (*namedpipe_close)(void * np_state);
+
+} smb_np_struct;
+
+struct api_struct {
+ const char *name;
+ uint8 opnum;
+ BOOL (*fn) (pipes_struct *);
};
-struct acct_info
-{
- fstring acct_name; /* account name */
- fstring acct_desc; /* account description */
- uint32 rid; /* domain-relative RID */
-};
+typedef struct {
+ uint32 rid;
+ const char *name;
+} rid_name;
/*
* higher order functions for use with msrpc client code
*/
-#define ALIAS_FN(fn)\
- void (*fn)(const char*, const DOM_SID*, uint32, const char*)
-#define ALIAS_INFO_FN(fn)\
- void (*fn)(const char*, const DOM_SID*, uint32, ALIAS_INFO_CTR *const)
-#define ALIAS_MEM_FN(fn)\
- void(*fn)(const char*, const DOM_SID*, uint32, const char*,\
- uint32, DOM_SID *const *const, char *const *const,\
- uint8*const)
-
-#define GROUP_FN(fn)\
- void (*fn)(const char*, const DOM_SID*, uint32, const char*)
-#define GROUP_INFO_FN(fn)\
- void (*fn)(const char*, const DOM_SID*, uint32, GROUP_INFO_CTR *const)
-#define GROUP_MEM_FN(fn)\
- void(*fn)(const char*, const DOM_SID*, uint32, const char*,\
- uint32, const uint32*, char *const *const,\
- uint32*const)
-
-#define DOMAIN_FN(fn)\
- void (*fn)(const char*)
-
-#define USER_FN(fn)\
- void (*fn)(const char*, const DOM_SID*, uint32, const char*)
-#define USER_INFO_FN(fn)\
- void (*fn)(const char*, const DOM_SID*, uint32,\
- SAM_USER_INFO_21 *const)
-#define USER_MEM_FN(fn)\
- void (*fn)(const char*, const DOM_SID*, uint32, const char*,\
- uint32, const uint32*, char *const *const, uint32* const)
-
-#define REG_FN(fn)\
- void (*fn)(int, const char *, int)
-#define REG_KEY_FN(fn)\
- void (*fn)(const char*, const char*, time_t)
-#define REG_VAL_FN(fn)\
- void (*fn)(const char *, const char*, uint32, const BUFFER2 *)
-
-#define SVC_QUERY_FN(fn)\
- void (*fn)(const QUERY_SERVICE_CONFIG *)
-#define SVC_INFO_FN(fn)\
- void (*fn)(const ENUM_SRVC_STATUS *)
-
-#define TPRT_INFO_FN(fn)\
- void (*fn)(const SRV_TPRT_INFO_CTR *)
-
#define PRINT_INFO_FN(fn)\
- void (*fn)(const char*, uint32, uint32, void *const *const)
+ void (*fn)(const char*, uint32, uint32, void *const *const)
#define JOB_INFO_FN(fn)\
- void (*fn)(const char*, const char*, uint32, uint32, void *const *const)
+ void (*fn)(const char*, const char*, uint32, uint32, void *const *const)
-#endif /* _NT_DOMAIN_H */
+/* end higher order functions */
+typedef struct {
+ uint32 size;
+ prs_struct prs;
+ uint32 struct_start;
+ uint32 string_at_end;
+} RPC_BUFFER;
+
+#endif /* _NT_DOMAIN_H */
git.samba.org / samba.git / blobdiff