/* [<][>][^][v][top][bottom][index][help] */
1 /*
2 Unix SMB/CIFS implementation.
3
4 DCERPC client side interface structures
5
6 Copyright (C) Tim Potter 2003
7 Copyright (C) Andrew Tridgell 2003-2005
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 /* This is a public header file that is installed as part of Samba.
24 * If you remove any functions or change their signature, update
25 * the so version number. */
26
27 #ifndef __DCERPC_H__
28 #define __DCERPC_H__
29
30 #include "../lib/util/data_blob.h"
31 #include "librpc/gen_ndr/dcerpc.h"
32 #include "../librpc/ndr/libndr.h"
33
34 enum dcerpc_transport_t {
35 NCA_UNKNOWN, NCACN_NP, NCACN_IP_TCP, NCACN_IP_UDP, NCACN_VNS_IPC,
36 NCACN_VNS_SPP, NCACN_AT_DSP, NCADG_AT_DDP, NCALRPC, NCACN_UNIX_STREAM,
37 NCADG_UNIX_DGRAM, NCACN_HTTP, NCADG_IPX, NCACN_SPX };
38
39 /*
40 this defines a generic security context for signed/sealed dcerpc pipes.
41 */
42 struct dcerpc_connection;
43 struct gensec_settings;
44 struct dcerpc_security {
45 struct dcerpc_auth *auth_info;
46 struct gensec_security *generic_state;
47
48 /* get the session key */
49 NTSTATUS (*session_key)(struct dcerpc_connection *, DATA_BLOB *);
50 };
51
52 /*
53 this holds the information that is not specific to a particular rpc context_id
54 */
55 struct dcerpc_connection {
56 uint32_t call_id;
57 uint32_t srv_max_xmit_frag;
58 uint32_t srv_max_recv_frag;
59 uint32_t flags;
60 struct dcerpc_security security_state;
61 const char *binding_string;
62 struct tevent_context *event_ctx;
63 struct smb_iconv_convenience *iconv_convenience;
64
65 /** Directory in which to save ndrdump-parseable files */
66 const char *packet_log_dir;
67
68 bool dead;
69 bool free_skipped;
70
71 struct dcerpc_transport {
72 enum dcerpc_transport_t transport;
73 void *private_data;
74
75 NTSTATUS (*shutdown_pipe)(struct dcerpc_connection *, NTSTATUS status);
76
77 const char *(*peer_name)(struct dcerpc_connection *);
78
79 const char *(*target_hostname)(struct dcerpc_connection *);
80
81 /* send a request to the server */
82 NTSTATUS (*send_request)(struct dcerpc_connection *, DATA_BLOB *, bool trigger_read);
83
84 /* send a read request to the server */
85 NTSTATUS (*send_read)(struct dcerpc_connection *);
86
87 /* a callback to the dcerpc code when a full fragment
88 has been received */
89 void (*recv_data)(struct dcerpc_connection *, DATA_BLOB *, NTSTATUS status);
90 } transport;
91
92 /* Requests that have been sent, waiting for a reply */
93 struct rpc_request *pending;
94
95 /* Sync requests waiting to be shipped */
96 struct rpc_request *request_queue;
97
98 /* the next context_id to be assigned */
99 uint32_t next_context_id;
100 };
101
102 /*
103 this encapsulates a full dcerpc client side pipe
104 */
105 struct dcerpc_pipe {
106 uint32_t context_id;
107
108 uint32_t assoc_group_id;
109
110 struct ndr_syntax_id syntax;
111 struct ndr_syntax_id transfer_syntax;
112
113 struct dcerpc_connection *conn;
114 struct dcerpc_binding *binding;
115
116 /** the last fault code from a DCERPC fault */
117 uint32_t last_fault_code;
118
119 /** timeout for individual rpc requests, in seconds */
120 uint32_t request_timeout;
121 };
122
123 /* default timeout for all rpc requests, in seconds */
124 #define DCERPC_REQUEST_TIMEOUT 60
125
126
127 /* dcerpc pipe flags */
128 #define DCERPC_DEBUG_PRINT_IN (1<<0)
129 #define DCERPC_DEBUG_PRINT_OUT (1<<1)
130 #define DCERPC_DEBUG_PRINT_BOTH (DCERPC_DEBUG_PRINT_IN | DCERPC_DEBUG_PRINT_OUT)
131
132 #define DCERPC_DEBUG_VALIDATE_IN (1<<2)
133 #define DCERPC_DEBUG_VALIDATE_OUT (1<<3)
134 #define DCERPC_DEBUG_VALIDATE_BOTH (DCERPC_DEBUG_VALIDATE_IN | DCERPC_DEBUG_VALIDATE_OUT)
135
136 #define DCERPC_CONNECT (1<<4)
137 #define DCERPC_SIGN (1<<5)
138 #define DCERPC_SEAL (1<<6)
139
140 #define DCERPC_PUSH_BIGENDIAN (1<<7)
141 #define DCERPC_PULL_BIGENDIAN (1<<8)
142
143 #define DCERPC_SCHANNEL (1<<9)
144
145 /* use a 128 bit session key */
146 #define DCERPC_SCHANNEL_128 (1<<12)
147
148 /* check incoming pad bytes */
149 #define DCERPC_DEBUG_PAD_CHECK (1<<13)
150
151 /* set LIBNDR_FLAG_REF_ALLOC flag when decoding NDR */
152 #define DCERPC_NDR_REF_ALLOC (1<<14)
153
154 #define DCERPC_AUTH_OPTIONS (DCERPC_SEAL|DCERPC_SIGN|DCERPC_SCHANNEL|DCERPC_AUTH_SPNEGO|DCERPC_AUTH_KRB5|DCERPC_AUTH_NTLM)
155
156 /* select spnego auth */
157 #define DCERPC_AUTH_SPNEGO (1<<15)
158
159 /* select krb5 auth */
160 #define DCERPC_AUTH_KRB5 (1<<16)
161
162 #define DCERPC_SMB2 (1<<17)
163
164 /* select NTLM auth */
165 #define DCERPC_AUTH_NTLM (1<<18)
166
167 /* this triggers the DCERPC_PFC_FLAG_CONC_MPX flag in the bind request */
168 #define DCERPC_CONCURRENT_MULTIPLEX (1<<19)
169
170 /* this triggers the DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN flag in the bind request */
171 #define DCERPC_HEADER_SIGNING (1<<20)
172
173 /* this describes a binding to a particular transport/pipe */
174 struct dcerpc_binding {
175 enum dcerpc_transport_t transport;
176 struct ndr_syntax_id object;
177 const char *host;
178 const char *target_hostname;
179 const char *endpoint;
180 const char **options;
181 uint32_t flags;
182 uint32_t assoc_group_id;
183 };
184
185
186 struct dcerpc_pipe_connect {
187 struct dcerpc_pipe *pipe;
188 struct dcerpc_binding *binding;
189 const char *pipe_name;
190 const struct ndr_interface_table *interface;
191 struct cli_credentials *creds;
192 struct resolve_context *resolve_ctx;
193 };
194
195
196 enum rpc_request_state {
197 RPC_REQUEST_QUEUED,
198 RPC_REQUEST_PENDING,
199 RPC_REQUEST_DONE
200 };
201
202 /*
203 handle for an async dcerpc request
204 */
205 struct rpc_request {
206 struct rpc_request *next, *prev;
207 struct dcerpc_pipe *p;
208 NTSTATUS status;
209 uint32_t call_id;
210 enum rpc_request_state state;
211 DATA_BLOB payload;
212 uint32_t flags;
213 uint32_t fault_code;
214
215 /* this is used to distinguish bind and alter_context requests
216 from normal requests */
217 void (*recv_handler)(struct rpc_request *conn,
218 DATA_BLOB *blob, struct ncacn_packet *pkt);
219
220 const struct GUID *object;
221 uint16_t opnum;
222 DATA_BLOB request_data;
223 bool async_call;
224 bool ignore_timeout;
225
226 /* use by the ndr level async recv call */
227 struct {
228 const struct ndr_interface_table *table;
229 uint32_t opnum;
230 void *struct_ptr;
231 TALLOC_CTX *mem_ctx;
232 } ndr;
233
234 struct {
235 void (*callback)(struct rpc_request *);
236 void *private_data;
237 } async;
238 };
239
240 struct epm_tower;
241 struct epm_floor;
242
243 struct smbcli_tree;
244 struct smb2_tree;
245 struct socket_address;
246
247 NTSTATUS dcerpc_pipe_connect(TALLOC_CTX *parent_ctx,
248 struct dcerpc_pipe **pp,
249 const char *binding,
250 const struct ndr_interface_table *table,
251 struct cli_credentials *credentials,
252 struct tevent_context *ev,
253 struct loadparm_context *lp_ctx);
254 NTSTATUS dcerpc_ndr_request_recv(struct rpc_request *req);
255 struct rpc_request *dcerpc_ndr_request_send(struct dcerpc_pipe *p,
256 const struct GUID *object,
257 const struct ndr_interface_table *table,
258 uint32_t opnum,
259 TALLOC_CTX *mem_ctx,
260 void *r);
261 const char *dcerpc_server_name(struct dcerpc_pipe *p);
262 struct dcerpc_pipe *dcerpc_pipe_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
263 struct smb_iconv_convenience *ic);
264 NTSTATUS dcerpc_pipe_open_smb(struct dcerpc_pipe *p,
265 struct smbcli_tree *tree,
266 const char *pipe_name);
267 NTSTATUS dcerpc_bind_auth_none(struct dcerpc_pipe *p,
268 const struct ndr_interface_table *table);
269 NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p,
270 DATA_BLOB *session_key);
271 struct composite_context;
272 NTSTATUS dcerpc_secondary_connection_recv(struct composite_context *c,
273 struct dcerpc_pipe **p2);
274 NTSTATUS dcerpc_parse_binding(TALLOC_CTX *mem_ctx, const char *s, struct dcerpc_binding **b_out);
275
276 struct composite_context* dcerpc_pipe_connect_b_send(TALLOC_CTX *parent_ctx,
277 struct dcerpc_binding *binding,
278 const struct ndr_interface_table *table,
279 struct cli_credentials *credentials,
280 struct tevent_context *ev,
281 struct loadparm_context *lp_ctx);
282
283 NTSTATUS dcerpc_pipe_connect_b_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
284 struct dcerpc_pipe **p);
285
286 NTSTATUS dcerpc_pipe_connect_b(TALLOC_CTX *parent_ctx,
287 struct dcerpc_pipe **pp,
288 struct dcerpc_binding *binding,
289 const struct ndr_interface_table *table,
290 struct cli_credentials *credentials,
291 struct tevent_context *ev,
292 struct loadparm_context *lp_ctx);
293 const char *dcerpc_errstr(TALLOC_CTX *mem_ctx, uint32_t fault_code);
294
295 NTSTATUS dcerpc_pipe_auth(TALLOC_CTX *mem_ctx,
296 struct dcerpc_pipe **p,
297 struct dcerpc_binding *binding,
298 const struct ndr_interface_table *table,
299 struct cli_credentials *credentials,
300 struct loadparm_context *lp_ctx);
301 char *dcerpc_binding_string(TALLOC_CTX *mem_ctx, const struct dcerpc_binding *b);
302 NTSTATUS dcerpc_secondary_connection(struct dcerpc_pipe *p,
303 struct dcerpc_pipe **p2,
304 struct dcerpc_binding *b);
305 NTSTATUS dcerpc_bind_auth_schannel(TALLOC_CTX *tmp_ctx,
306 struct dcerpc_pipe *p,
307 const struct ndr_interface_table *table,
308 struct cli_credentials *credentials,
309 struct loadparm_context *lp_ctx,
310 uint8_t auth_level);
311 struct tevent_context *dcerpc_event_context(struct dcerpc_pipe *p);
312 NTSTATUS dcerpc_init(struct loadparm_context *lp_ctx);
313 struct smbcli_tree *dcerpc_smb_tree(struct dcerpc_connection *c);
314 uint16_t dcerpc_smb_fnum(struct dcerpc_connection *c);
315 NTSTATUS dcerpc_secondary_context(struct dcerpc_pipe *p,
316 struct dcerpc_pipe **pp2,
317 const struct ndr_interface_table *table);
318 NTSTATUS dcerpc_alter_context(struct dcerpc_pipe *p,
319 TALLOC_CTX *mem_ctx,
320 const struct ndr_syntax_id *syntax,
321 const struct ndr_syntax_id *transfer_syntax);
322
323 NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p,
324 const struct ndr_interface_table *table,
325 struct cli_credentials *credentials,
326 struct gensec_settings *gensec_settings,
327 uint8_t auth_type, uint8_t auth_level,
328 const char *service);
329 struct composite_context* dcerpc_pipe_connect_send(TALLOC_CTX *parent_ctx,
330 const char *binding,
331 const struct ndr_interface_table *table,
332 struct cli_credentials *credentials,
333 struct tevent_context *ev, struct loadparm_context *lp_ctx);
334 NTSTATUS dcerpc_pipe_connect_recv(struct composite_context *c,
335 TALLOC_CTX *mem_ctx,
336 struct dcerpc_pipe **pp);
337
338 NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *binding,
339 const struct ndr_interface_table *table, struct tevent_context *ev,
340 struct loadparm_context *lp_ctx);
341 struct composite_context* dcerpc_secondary_auth_connection_send(struct dcerpc_pipe *p,
342 struct dcerpc_binding *binding,
343 const struct ndr_interface_table *table,
344 struct cli_credentials *credentials,
345 struct loadparm_context *lp_ctx);
346 NTSTATUS dcerpc_secondary_auth_connection_recv(struct composite_context *c,
347 TALLOC_CTX *mem_ctx,
348 struct dcerpc_pipe **p);
349
350 struct composite_context* dcerpc_secondary_connection_send(struct dcerpc_pipe *p,
351 struct dcerpc_binding *b);
352 void dcerpc_log_packet(const char *lockdir,
353 const struct ndr_interface_table *ndr,
354 uint32_t opnum, uint32_t flags,
355 DATA_BLOB *pkt);
356 NTSTATUS dcerpc_binding_build_tower(TALLOC_CTX *mem_ctx,
357 const struct dcerpc_binding *binding,
358 struct epm_tower *tower);
359
360 NTSTATUS dcerpc_floor_get_lhs_data(const struct epm_floor *epm_floor, struct ndr_syntax_id *syntax);
361
362 enum dcerpc_transport_t dcerpc_transport_by_tower(const struct epm_tower *tower);
363 const char *derpc_transport_string_by_transport(enum dcerpc_transport_t t);
364
365 NTSTATUS dcerpc_ndr_request(struct dcerpc_pipe *p,
366 const struct GUID *object,
367 const struct ndr_interface_table *table,
368 uint32_t opnum,
369 TALLOC_CTX *mem_ctx,
370 void *r);
371
372 NTSTATUS dcerpc_binding_from_tower(TALLOC_CTX *mem_ctx,
373 struct epm_tower *tower,
374 struct dcerpc_binding **b_out);
375
376 NTSTATUS dcerpc_request(struct dcerpc_pipe *p,
377 struct GUID *object,
378 uint16_t opnum,
379 bool async,
380 TALLOC_CTX *mem_ctx,
381 DATA_BLOB *stub_data_in,
382 DATA_BLOB *stub_data_out);
383
384 typedef NTSTATUS (*dcerpc_call_fn) (struct dcerpc_pipe *, TALLOC_CTX *, void *);
385
386 enum dcerpc_transport_t dcerpc_transport_by_endpoint_protocol(int prot);
387
388 const char *dcerpc_floor_get_rhs_data(TALLOC_CTX *mem_ctx, struct epm_floor *epm_floor);
389
390 #endif /* __DCERPC_H__ */