source4/librpc/rpc/dcerpc_smb.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    dcerpc over SMB transport
   5
   6    Copyright (C) Tim Potter 2003
   7    Copyright (C) Andrew Tridgell 2003
   8
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 */
  22
  23 #include "includes.h"
  24 #include "system/filesys.h"
  25 #include <tevent.h>
  26 #include "lib/tsocket/tsocket.h"
  27 #include "libcli/smb/smb_constants.h"
  28 #include "libcli/smb/smbXcli_base.h"
  29 #include "libcli/smb/tstream_smbXcli_np.h"
  30 #include "libcli/raw/libcliraw.h"
  31 #include "libcli/smb2/smb2.h"
  32 #include "librpc/rpc/dcerpc.h"
  33 #include "librpc/rpc/dcerpc_proto.h"
  34 #include "libcli/composite/composite.h"
  35
  36 /* transport private information used by SMB pipe transport */
  37 struct smb_private {
  38         DATA_BLOB session_key;
  39
  40         /*
  41          * these are needed to open a secondary connection
  42          */
  43         struct smbXcli_conn *conn;
  44         struct smbXcli_session *session;
  45         struct smbXcli_tcon *tcon;
  46         uint32_t timeout_msec;
  47 };
  48
  49 /*
  50   fetch the user session key
  51 */
  52 static NTSTATUS smb_session_key(struct dcecli_connection *c, DATA_BLOB *session_key)
  53 {
  54         struct smb_private *smb = talloc_get_type_abort(
  55                 c->transport.private_data, struct smb_private);
  56
  57         if (smb == NULL) return NT_STATUS_CONNECTION_DISCONNECTED;
  58
  59         if (smb->session_key.length == 0) {
  60                 return NT_STATUS_NO_USER_SESSION_KEY;
  61         }
  62
  63         *session_key = smb->session_key;
  64         return NT_STATUS_OK;
  65 }
  66
  67 struct dcerpc_pipe_open_smb_state {
  68         struct dcecli_connection *c;
  69         struct composite_context *ctx;
  70
  71         const char *fname;
  72
  73         struct smb_private *smb;
  74 };
  75
  76 static void dcerpc_pipe_open_smb_done(struct tevent_req *subreq);
  77
  78 struct composite_context *dcerpc_pipe_open_smb_send(struct dcecli_connection *c,
  79                                                 struct smbXcli_conn *conn,
  80                                                 struct smbXcli_session *session,
  81                                                 struct smbXcli_tcon *tcon,
  82                                                 uint32_t timeout_msec,
  83                                                 const char *pipe_name)
  84 {
  85         struct composite_context *ctx;
  86         struct dcerpc_pipe_open_smb_state *state;
  87         uint16_t pid = 0;
  88         struct tevent_req *subreq;
  89
  90         ctx = composite_create(c, c->event_ctx);
  91         if (ctx == NULL) return NULL;
  92
  93         state = talloc(ctx, struct dcerpc_pipe_open_smb_state);
  94         if (composite_nomem(state, ctx)) return ctx;
  95         ctx->private_data = state;
  96
  97         state->c = c;
  98         state->ctx = ctx;
  99
 100         if ((strncasecmp(pipe_name, "/pipe/", 6) == 0) ||
 101             (strncasecmp(pipe_name, "\\pipe\\", 6) == 0)) {
 102                 pipe_name += 6;
 103         }
 104         if ((strncasecmp(pipe_name, "/", 1) == 0) ||
 105             (strncasecmp(pipe_name, "\\", 1) == 0)) {
 106                 pipe_name += 1;
 107         }
 108         state->fname = talloc_strdup(state, pipe_name);
 109         if (composite_nomem(state->fname, ctx)) return ctx;
 110
 111         state->smb = talloc_zero(state, struct smb_private);
 112         if (composite_nomem(state->smb, ctx)) return ctx;
 113
 114         state->smb->conn = conn;
 115         state->smb->session = session;
 116         state->smb->tcon = tcon;
 117         state->smb->timeout_msec = timeout_msec;
 118
 119         state->c->server_name = strupper_talloc(state->c,
 120                 smbXcli_conn_remote_name(conn));
 121         if (composite_nomem(state->c->server_name, ctx)) return ctx;
 122
 123         ctx->status = smbXcli_session_application_key(session,
 124                                                       state->smb,
 125                                                       &state->smb->session_key);
 126         if (NT_STATUS_EQUAL(ctx->status, NT_STATUS_NO_USER_SESSION_KEY)) {
 127                 state->smb->session_key = data_blob_null;
 128                 ctx->status = NT_STATUS_OK;
 129         }
 130         if (!composite_is_ok(ctx)) return ctx;
 131
 132         subreq = tstream_smbXcli_np_open_send(state, c->event_ctx,
 133                                               conn, session, tcon, pid,
 134                                               timeout_msec, state->fname);
 135         if (composite_nomem(subreq, ctx)) return ctx;
 136         tevent_req_set_callback(subreq, dcerpc_pipe_open_smb_done, state);
 137
 138         return ctx;
 139 }
 140
 141 static void dcerpc_pipe_open_smb_done(struct tevent_req *subreq)
 142 {
 143         struct dcerpc_pipe_open_smb_state *state =
 144                 tevent_req_callback_data(subreq,
 145                 struct dcerpc_pipe_open_smb_state);
 146         struct composite_context *ctx = state->ctx;
 147         struct dcecli_connection *c = state->c;
 148
 149         ctx->status = tstream_smbXcli_np_open_recv(subreq,
 150                                                    state->smb,
 151                                                    &state->c->transport.stream);
 152         TALLOC_FREE(subreq);
 153         if (!composite_is_ok(ctx)) return;
 154
 155         state->c->transport.write_queue =
 156                 tevent_queue_create(state->c, "dcerpc_smb write queue");
 157         if (composite_nomem(state->c->transport.write_queue, ctx)) return;
 158
 159         /*
 160           fill in the transport methods
 161         */
 162         c->transport.transport       = NCACN_NP;
 163         c->transport.private_data    = NULL;
 164
 165         /*
 166          * Windows uses 4280 for ncacn_np,
 167          * so we also use it, this is what our
 168          * tstream_smbXcli_np code relies on.
 169          */
 170         c->srv_max_xmit_frag = 4280;
 171         c->srv_max_recv_frag = 4280;
 172
 173         /* Over-ride the default session key with the SMB session key */
 174         c->security_state.session_key = smb_session_key;
 175
 176         c->transport.private_data = talloc_move(c, &state->smb);
 177
 178         composite_done(ctx);
 179 }
 180
 181 NTSTATUS dcerpc_pipe_open_smb_recv(struct composite_context *c)
 182 {
 183         NTSTATUS status = composite_wait(c);
 184         talloc_free(c);
 185         return status;
 186 }
 187
 188 _PUBLIC_ NTSTATUS dcerpc_pipe_open_smb(struct dcerpc_pipe *p,
 189                               struct smbcli_tree *t,
 190                               const char *pipe_name)
 191 {
 192         struct smbXcli_conn *conn;
 193         struct smbXcli_session *session;
 194         struct smbXcli_tcon *tcon;
 195         uint32_t timeout_msec;
 196         struct composite_context *ctx;
 197
 198         conn = t->session->transport->conn;
 199         session = t->session->smbXcli;
 200         tcon = t->smbXcli;
 201         smb1cli_tcon_set_id(tcon, t->tid);
 202         timeout_msec = t->session->transport->options.request_timeout * 1000;
 203
 204         /* if we don't have a binding on this pipe yet, then create one */
 205         if (p->binding == NULL) {
 206                 NTSTATUS status;
 207                 const char *r = smbXcli_conn_remote_name(conn);
 208                 char *str;
 209                 SMB_ASSERT(r != NULL);
 210                 str = talloc_asprintf(p, "ncacn_np:%s", r);
 211                 if (str == NULL) {
 212                         return NT_STATUS_NO_MEMORY;
 213                 }
 214                 status = dcerpc_parse_binding(p, str,
 215                                               &p->binding);
 216                 talloc_free(str);
 217                 if (!NT_STATUS_IS_OK(status)) {
 218                         return status;
 219                 }
 220         }
 221
 222         ctx = dcerpc_pipe_open_smb_send(p->conn,
 223                                         conn, session,
 224                                         tcon, timeout_msec,
 225                                         pipe_name);
 226         if (ctx == NULL) {
 227                 return NT_STATUS_NO_MEMORY;
 228         }
 229
 230         return dcerpc_pipe_open_smb_recv(ctx);
 231 }
 232
 233 _PUBLIC_ NTSTATUS dcerpc_pipe_open_smb2(struct dcerpc_pipe *p,
 234                               struct smb2_tree *t,
 235                               const char *pipe_name)
 236 {
 237         struct smbXcli_conn *conn;
 238         struct smbXcli_session *session;
 239         struct smbXcli_tcon *tcon;
 240         uint32_t timeout_msec;
 241         struct composite_context *ctx;
 242
 243         conn = t->session->transport->conn;
 244         session = t->session->smbXcli;
 245         tcon = t->smbXcli;
 246         timeout_msec = t->session->transport->options.request_timeout * 1000;
 247
 248         /* if we don't have a binding on this pipe yet, then create one */
 249         if (p->binding == NULL) {
 250                 NTSTATUS status;
 251                 const char *r = smbXcli_conn_remote_name(conn);
 252                 char *str;
 253                 SMB_ASSERT(r != NULL);
 254                 str = talloc_asprintf(p, "ncacn_np:%s", r);
 255                 if (str == NULL) {
 256                         return NT_STATUS_NO_MEMORY;
 257                 }
 258                 status = dcerpc_parse_binding(p, str,
 259                                               &p->binding);
 260                 talloc_free(str);
 261                 if (!NT_STATUS_IS_OK(status)) {
 262                         return status;
 263                 }
 264         }
 265
 266         ctx = dcerpc_pipe_open_smb_send(p->conn,
 267                                         conn, session,
 268                                         tcon, timeout_msec,
 269                                         pipe_name);
 270         if (ctx == NULL) {
 271                 return NT_STATUS_NO_MEMORY;
 272         }
 273
 274         return dcerpc_pipe_open_smb_recv(ctx);
 275 }
 276
 277 struct composite_context *dcerpc_secondary_smb_send(struct dcecli_connection *c1,
 278                                                     struct dcecli_connection *c2,
 279                                                     const char *pipe_name)
 280 {
 281         struct smb_private *smb;
 282
 283         if (c1->transport.transport != NCACN_NP) return NULL;
 284
 285         smb = talloc_get_type(c1->transport.private_data, struct smb_private);
 286         if (!smb) return NULL;
 287
 288         return dcerpc_pipe_open_smb_send(c2,
 289                                          smb->conn,
 290                                          smb->session,
 291                                          smb->tcon,
 292                                          smb->timeout_msec,
 293                                          pipe_name);
 294 }
 295
 296 NTSTATUS dcerpc_secondary_smb_recv(struct composite_context *c)
 297 {
 298         return dcerpc_pipe_open_smb_recv(c);
 299 }