/* [<][>][^][v][top][bottom][index][help] */
1 /*
2 Unix SMB/CIFS implementation.
3 SMB parameters and setup
4 Copyright (C) Andrew Tridgell 1992-1997
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
6 Copyright (C) Paul Ashton 1997
7 Copyright (C) Jeremy Allison 2000-2004
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #ifndef _NT_DOMAIN_H /* _NT_DOMAIN_H */
24 #define _NT_DOMAIN_H
25
26 /*
27 * A bunch of stuff that was put into smb.h
28 * in the NTDOM branch - it didn't belong there.
29 */
30
31 typedef struct _prs_struct {
32 bool io; /* parsing in or out of data stream */
33 /*
34 * If the (incoming) data is big-endian. On output we are
35 * always little-endian.
36 */
37 bool bigendian_data;
38 uint8 align; /* data alignment */
39 bool is_dynamic; /* Do we own this memory or not ? */
40 uint32 data_offset; /* Current working offset into data. */
41 uint32 buffer_size; /* Current allocated size of the buffer. */
42 uint32 grow_size; /* size requested via prs_grow() calls */
43 char *data_p; /* The buffer itself. */
44 TALLOC_CTX *mem_ctx; /* When unmarshalling, use this.... */
45 const char *sess_key; /* If we have to do encrypt/decrypt on the fly. */
46 } prs_struct;
47
48 /*
49 * Defines for io member of prs_struct.
50 */
51
52 #define MARSHALL 0
53 #define UNMARSHALL 1
54
55 #define MARSHALLING(ps) (!(ps)->io)
56 #define UNMARSHALLING(ps) ((ps)->io)
57
58 #define RPC_BIG_ENDIAN 1
59 #define RPC_LITTLE_ENDIAN 0
60
61 #define RPC_PARSE_ALIGN 4
62
63 typedef struct _output_data {
64 /*
65 * Raw RPC output data. This does not include RPC headers or footers.
66 */
67 prs_struct rdata;
68
69 /* The amount of data sent from the current rdata struct. */
70 uint32 data_sent_length;
71
72 /*
73 * The current fragment being returned. This inclues
74 * headers, data and authentication footer.
75 */
76 prs_struct frag;
77
78 /* The amount of data sent from the current PDU. */
79 uint32 current_pdu_sent;
80 } output_data;
81
82 typedef struct _input_data {
83 /*
84 * This is the current incoming pdu. The data here
85 * is collected via multiple writes until a complete
86 * pdu is seen, then the data is copied into the in_data
87 * structure. The maximum size of this is 0x1630 (RPC_MAX_PDU_FRAG_LEN).
88 */
89 uint8_t *current_in_pdu;
90
91 /*
92 * The amount of data needed to complete the in_pdu.
93 * If this is zero, then we are at the start of a new
94 * pdu.
95 */
96 uint32 pdu_needed_len;
97
98 /*
99 * The amount of data received so far in the in_pdu.
100 * If this is zero, then we are at the start of a new
101 * pdu.
102 */
103 uint32 pdu_received_len;
104
105 /*
106 * This is the collection of input data with all
107 * the rpc headers and auth footers removed.
108 * The maximum length of this (1Mb) is strictly enforced.
109 */
110 prs_struct data;
111 } input_data;
112
113 /*
114 * Handle database - stored per pipe.
115 */
116
117 struct policy {
118 struct policy *next, *prev;
119
120 struct policy_handle pol_hnd;
121
122 void *data_ptr;
123 };
124
125 struct handle_list {
126 struct policy *Policy; /* List of policies. */
127 size_t count; /* Current number of handles. */
128 size_t pipe_ref_count; /* Number of pipe handles referring to this list. */
129 };
130
131 /* Domain controller authentication protocol info */
132 struct dcinfo {
133 uint32 sequence; /* "timestamp" from client. */
134 struct netr_Credential seed_chal;
135 struct netr_Credential clnt_chal; /* Client credential */
136 struct netr_Credential srv_chal; /* Server credential */
137
138 unsigned char sess_key[16]; /* Session key */
139 unsigned char mach_pw[16]; /* md4(machine password) */
140
141 fstring mach_acct; /* Machine name we've authenticated. */
142
143 fstring remote_machine; /* Machine name we've authenticated. */
144 fstring domain;
145
146 bool challenge_sent;
147 bool authenticated;
148 };
149
150 typedef struct pipe_rpc_fns {
151
152 struct pipe_rpc_fns *next, *prev;
153
154 /* RPC function table associated with the current rpc_bind (associated by context) */
155
156 const struct api_struct *cmds;
157 int n_cmds;
158 uint32 context_id;
159
160 } PIPE_RPC_FNS;
161
162 /*
163 * Different auth types we support.
164 * Can't keep in sync with wire values as spnego wraps different auth methods.
165 */
166
167 enum pipe_auth_type { PIPE_AUTH_TYPE_NONE = 0, PIPE_AUTH_TYPE_NTLMSSP, PIPE_AUTH_TYPE_SCHANNEL,
168 PIPE_AUTH_TYPE_SPNEGO_NTLMSSP, PIPE_AUTH_TYPE_KRB5, PIPE_AUTH_TYPE_SPNEGO_KRB5 };
169
170 /* Possible auth levels - keep these in sync with the wire values. */
171 enum pipe_auth_level { PIPE_AUTH_LEVEL_NONE = 0,
172 PIPE_AUTH_LEVEL_CONNECT = 1, /* We treat as NONE. */
173 PIPE_AUTH_LEVEL_INTEGRITY = 5, /* Sign. */
174 PIPE_AUTH_LEVEL_PRIVACY = 6 /* Seal. */
175 };
176
177 /* auth state for krb5. */
178 struct kerberos_auth_struct {
179 const char *service_principal;
180 DATA_BLOB session_key;
181 };
182
183 /* auth state for schannel. */
184 struct schannel_auth_struct {
185 unsigned char sess_key[16];
186 uint32 seq_num;
187 };
188
189 /* auth state for all bind types. */
190
191 struct pipe_auth_data {
192 enum pipe_auth_type auth_type; /* switch for union below. */
193 enum pipe_auth_level auth_level;
194 union {
195 struct schannel_auth_struct *schannel_auth;
196 AUTH_NTLMSSP_STATE *auth_ntlmssp_state;
197 /* struct kerberos_auth_struct *kerberos_auth; TO BE ADDED... */
198 } a_u;
199 void (*auth_data_free_func)(struct pipe_auth_data *);
200 };
201
202 /*
203 * DCE/RPC-specific samba-internal-specific handling of data on
204 * NamedPipes.
205 */
206
207 typedef struct pipes_struct {
208 struct pipes_struct *next, *prev;
209
210 char client_address[INET6_ADDRSTRLEN];
211
212 struct auth_serversupplied_info *server_info;
213
214 struct ndr_syntax_id syntax;
215
216 /* linked list of rpc dispatch tables associated
217 with the open rpc contexts */
218
219 PIPE_RPC_FNS *contexts;
220
221 RPC_HDR hdr; /* Incoming RPC header. */
222 RPC_HDR_REQ hdr_req; /* Incoming request header. */
223
224 struct pipe_auth_data auth;
225
226 struct dcinfo *dc; /* Keeps the creds data from netlogon. */
227
228 /*
229 * Set to true when an RPC bind has been done on this pipe.
230 */
231
232 bool pipe_bound;
233
234 /*
235 * Set to true when we should return fault PDU's for everything.
236 */
237
238 bool fault_state;
239
240 /*
241 * Set to true when we should return fault PDU's for a bad handle.
242 */
243
244 bool bad_handle_fault_state;
245
246 /*
247 * Set to true when the backend does not support a call.
248 */
249
250 bool rng_fault_state;
251
252 /*
253 * Set to RPC_BIG_ENDIAN when dealing with big-endian PDU's
254 */
255
256 bool endian;
257
258 /*
259 * Struct to deal with multiple pdu inputs.
260 */
261
262 input_data in_data;
263
264 /*
265 * Struct to deal with multiple pdu outputs.
266 */
267
268 output_data out_data;
269
270 /* This context is used for PDU data and is freed between each pdu.
271 Don't use for pipe state storage. */
272 TALLOC_CTX *mem_ctx;
273
274 /* handle database to use on this pipe. */
275 struct handle_list *pipe_handles;
276
277 } pipes_struct;
278
279 struct api_struct {
280 const char *name;
281 uint8 opnum;
282 bool (*fn) (pipes_struct *);
283 };
284
285 /*
286 * higher order functions for use with msrpc client code
287 */
288
289 #define PRINT_INFO_FN(fn)\
290 void (*fn)(const char*, uint32, uint32, void *const *const)
291 #define JOB_INFO_FN(fn)\
292 void (*fn)(const char*, const char*, uint32, uint32, void *const *const)
293
294 /* end higher order functions */
295
296 #endif /* _NT_DOMAIN_H */