root/source4/smb_server/smb_server.h

/* [<][>][^][v][top][bottom][index][help] */

INCLUDED FROM


   1 /* 
   2    Unix SMB/CIFS implementation.
   3    
   4    Copyright (C) Andrew Tridgell              2003
   5    Copyright (C) James J Myers                2003 <myersjj@samba.org>
   6    Copyright (C) Stefan Metzmacher            2004-2005
   7    
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 3 of the License, or
  11    (at your option) any later version.
  12    
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17    
  18    You should have received a copy of the GNU General Public License
  19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 */
  21 
  22 #include "libcli/raw/request.h"
  23 #include "libcli/raw/interfaces.h"
  24 #include "lib/socket/socket.h"
  25 #include "../lib/util/dlinklist.h"
  26 
  27 struct tevent_context;
  28 
  29 /*
  30   this header declares the core context structures associated with smb
  31   sockets, tree connects, requests etc
  32 
  33   the idea is that we will eventually get rid of all our global
  34   variables and instead store our state from structures hanging off
  35   these basic elements
  36 */
  37 
  38 struct smbsrv_tcons_context {
  39         /* an id tree used to allocate tids */
  40         struct idr_context *idtree_tid;
  41 
  42         /* this is the limit of vuid values for this connection */
  43         uint32_t idtree_limit;
  44 
  45         /* list of open tree connects */
  46         struct smbsrv_tcon *list;
  47 };
  48 
  49 struct smbsrv_sessions_context {
  50         /* an id tree used to allocate vuids */
  51         /* this holds info on session vuids that are already
  52          * validated for this VC */
  53         struct idr_context *idtree_vuid;
  54 
  55         /* this is the limit of vuid values for this connection */
  56         uint64_t idtree_limit;
  57 
  58         /* also kept as a link list so it can be enumerated by
  59            the management code */
  60         struct smbsrv_session *list;
  61 };
  62 
  63 struct smbsrv_handles_context {
  64         /* an id tree used to allocate file handles */
  65         struct idr_context *idtree_hid;
  66 
  67         /* this is the limit of handle values for this context */
  68         uint64_t idtree_limit;
  69 
  70         /* also kept as a link list so it can be enumerated by
  71            the management code */
  72         struct smbsrv_handle *list;
  73 };
  74 
  75 /* the current user context for a request */
  76 struct smbsrv_session {
  77         struct smbsrv_session *prev, *next;
  78 
  79         struct smbsrv_connection *smb_conn;
  80 
  81         /*
  82          * in SMB2 tcons belong to just one session
  83          * and not to the whole connection
  84          */
  85         struct smbsrv_tcons_context smb2_tcons;
  86 
  87         /*
  88          * the open file handles for this session,
  89          * used for SMBexit, SMBulogoff and SMB2 SessionLogoff
  90          */
  91         struct smbsrv_handle_session_item *handles;
  92 
  93         /* 
  94          * an index passed over the wire:
  95          * - 16 bit for smb
  96          * - 64 bit for smb2
  97          */
  98         uint64_t vuid;
  99 
 100         struct gensec_security *gensec_ctx;
 101 
 102         struct auth_session_info *session_info;
 103 
 104         struct {
 105                 bool required;
 106                 bool active;
 107         } smb2_signing;
 108 
 109         /* some statistics for the management tools */
 110         struct {
 111                 /* the time when the session setup started */
 112                 struct timeval connect_time;
 113                 /* the time when the session setup was finished */
 114                 struct timeval auth_time;
 115                 /* the time when the last request comes in */
 116                 struct timeval last_request_time;
 117         } statistics;
 118 };
 119 
 120 /* we need a forward declaration of the ntvfs_ops strucutre to prevent
 121    include recursion */
 122 struct ntvfs_context;
 123 
 124 struct smbsrv_tcon {
 125         struct smbsrv_tcon *next, *prev;
 126 
 127         /* the server context that this was created on */
 128         struct smbsrv_connection *smb_conn;
 129 
 130         /* the open file handles on this tcon */
 131         struct smbsrv_handles_context handles;
 132 
 133         /* 
 134          * an index passed over the wire:
 135          * - 16 bit for smb
 136          * - 32 bit for smb2
 137          */
 138         uint32_t tid; /* an index passed over the wire (the TID) */
 139 
 140         /* the share name */
 141         const char *share_name;
 142 
 143         /* the NTVFS context - see source/ntvfs/ for details */
 144         struct ntvfs_context *ntvfs;
 145 
 146         /* some stuff to support share level security */
 147         struct {
 148                 /* in share level security we need to fake up a session */
 149                 struct smbsrv_session *session;
 150         } sec_share;
 151 
 152         /* some stuff to support share level security */
 153         struct {
 154                 /* in SMB2 a tcon always belongs to one session */
 155                 struct smbsrv_session *session;
 156         } smb2;
 157 
 158         /* some statistics for the management tools */
 159         struct {
 160                 /* the time when the tree connect started */
 161                 struct timeval connect_time;
 162                 /* the time when the last request comes in */
 163                 struct timeval last_request_time;
 164         } statistics;
 165 };
 166 
 167 struct smbsrv_handle {
 168         struct smbsrv_handle *next, *prev;
 169 
 170         /* the tcon the handle belongs to */
 171         struct smbsrv_tcon *tcon;
 172 
 173         /* the session the handle was opened on */
 174         struct smbsrv_session *session;
 175 
 176         /* the smbpid used on the open, used for SMBexit */
 177         uint16_t smbpid;
 178 
 179         /*
 180          * this is for adding the handle into a linked list
 181          * on the smbsrv_session, we can't use *next,*prev
 182          * for this because they're used for the linked list on the 
 183          * smbsrv_tcon
 184          */
 185         struct smbsrv_handle_session_item {
 186                 struct smbsrv_handle_session_item *prev, *next;
 187                 struct smbsrv_handle *handle;
 188         } session_item;
 189 
 190         /*
 191          * the value passed over the wire
 192          * - 16 bit for smb
 193          * - 32 bit for smb2
 194          *   Note: for SMB2 handles are 128 bit
 195          *         we'll fill them with
 196          *         - 32 bit HID
 197          *         - 32 bit TID
 198          *         - 64 bit VUID
 199          */
 200         uint32_t hid;
 201 
 202         /*
 203          * the ntvfs handle passed to the ntvfs backend
 204          */
 205         struct ntvfs_handle *ntvfs;
 206 
 207         /* some statistics for the management tools */
 208         struct {
 209                 /* the time when the tree connect started */
 210                 struct timeval open_time;
 211                 /* the time when the last request comes in */
 212                 struct timeval last_use_time;
 213         } statistics;
 214 };
 215 
 216 /* a set of flags to control handling of request structures */
 217 #define SMBSRV_REQ_CONTROL_LARGE     (1<<1) /* allow replies larger than max_xmit */
 218 
 219 #define SMBSRV_REQ_DEFAULT_STR_FLAGS(req) (((req)->flags2 & FLAGS2_UNICODE_STRINGS) ? STR_UNICODE : STR_ASCII)
 220 
 221 /* the context for a single SMB request. This is passed to any request-context 
 222    functions */
 223 struct smbsrv_request {
 224         /* the smbsrv_connection needs a list of requests queued for send */
 225         struct smbsrv_request *next, *prev;
 226 
 227         /* the server_context contains all context specific to this SMB socket */
 228         struct smbsrv_connection *smb_conn;
 229 
 230         /* conn is only set for operations that have a valid TID */
 231         struct smbsrv_tcon *tcon;
 232 
 233         /* the session context is derived from the vuid */
 234         struct smbsrv_session *session;
 235 
 236         /* a set of flags to control usage of the request. See SMBSRV_REQ_CONTROL_* */
 237         uint32_t control_flags;
 238 
 239         /* the system time when the request arrived */
 240         struct timeval request_time;
 241 
 242         /* a pointer to the per request union smb_* io structure */
 243         void *io_ptr;
 244 
 245         /* the ntvfs_request */
 246         struct ntvfs_request *ntvfs;
 247 
 248         /* Now the SMB specific stuff */
 249 
 250         /* the flags from the SMB request, in raw form (host byte order) */
 251         uint16_t flags2;
 252 
 253         /* this can contain a fnum from an earlier part of a chained
 254          * message (such as an SMBOpenX), or -1 */
 255         int chained_fnum;
 256 
 257         /* how far through the chain of SMB commands have we gone? */
 258         unsigned chain_count;
 259 
 260         /* the sequence number for signing */
 261         uint64_t seq_num;
 262 
 263         struct smb_request_buffer in;
 264         struct smb_request_buffer out;
 265 };
 266 
 267 enum security_types {SEC_SHARE,SEC_USER};
 268 
 269 /* smb server context structure. This should contain all the state
 270  * information associated with a SMB server connection 
 271  */
 272 struct smbsrv_connection {
 273         /* context that has been negotiated between the client and server */
 274         struct {
 275                 /* have we already done the NBT session establishment? */
 276                 bool done_nbt_session;
 277         
 278                 /* only one negprot per connection is allowed */
 279                 bool done_negprot;
 280         
 281                 /* multiple session setups are allowed, but some parameters are
 282                    ignored in any but the first */
 283                 bool done_sesssetup;
 284                 
 285                 /* 
 286                  * Size of data we can send to client. Set
 287                  *  by the client for all protocols above CORE.
 288                  *  Set by us for CORE protocol.
 289                  */
 290                 unsigned max_send; /* init to BUFFER_SIZE */
 291         
 292                 /*
 293                  * Size of the data we can receive. Set by us.
 294                  * Can be modified by the max xmit parameter.
 295                  */
 296                 unsigned max_recv; /* init to BUFFER_SIZE */
 297         
 298                 /* the negotiatiated protocol */
 299                 enum protocol_types protocol;
 300 
 301                 /* authentication context for multi-part negprot */
 302                 struct auth_context *auth_context;
 303         
 304                 /* reference to the kerberos keytab, or machine trust account */
 305                 struct cli_credentials *server_credentials;
 306         
 307                 /* did we tell the client we support encrypted passwords? */
 308                 bool encrypted_passwords;
 309         
 310                 /* Did we choose SPNEGO, or perhaps raw NTLMSSP, or even no extended security at all? */
 311                 const char *oid;
 312         
 313                 /* client capabilities */
 314                 uint32_t client_caps;
 315         
 316                 /* the timezone we sent to the client */
 317                 int zone_offset;
 318 
 319                 /* NBT names only set when done_nbt_session is true */
 320                 struct nbt_name *called_name;
 321                 struct nbt_name *calling_name;
 322         } negotiate;
 323 
 324         /* the context associated with open tree connects on a smb socket, not for SMB2 */
 325         struct smbsrv_tcons_context smb_tcons;
 326 
 327         /* context associated with currently valid session setups */
 328         struct smbsrv_sessions_context sessions;
 329 
 330         /*
 331          * the server_context holds a linked list of pending requests,
 332          * this is used for finding the request structures on ntcancel requests
 333          * For SMB only
 334          */
 335         struct smbsrv_request *requests;
 336 
 337         /*
 338          * the server_context holds a linked list of pending requests,
 339          * and an idtree for finding the request structures on SMB2 Cancel
 340          * For SMB2 only
 341          */
 342         struct {
 343                 /* an id tree used to allocate ids */
 344                 struct idr_context *idtree_req;
 345 
 346                 /* this is the limit of pending requests values for this connection */
 347                 uint32_t idtree_limit;
 348 
 349                 /* list of open tree connects */
 350                 struct smb2srv_request *list;
 351         } requests2;
 352 
 353         struct smb_signing_context signing;
 354 
 355         struct stream_connection *connection;
 356 
 357         /* this holds a partially received request */
 358         struct packet_context *packet;
 359 
 360         /* a list of partially received transaction requests */
 361         struct smbsrv_trans_partial {
 362                 struct smbsrv_trans_partial *next, *prev;
 363                 struct smbsrv_request *req;
 364                 uint8_t command;
 365                 union {
 366                         struct smb_trans2 *trans;
 367                         struct smb_nttrans *nttrans;
 368                 } u;
 369         } *trans_partial;
 370 
 371         /* configuration parameters */
 372         struct {
 373                 enum security_types security;
 374                 bool nt_status_support;
 375         } config;
 376 
 377         /* some statictics for the management tools */
 378         struct {
 379                 /* the time when the client connects */
 380                 struct timeval connect_time;
 381                 /* the time when the last request comes in */
 382                 struct timeval last_request_time;
 383         } statistics;
 384 
 385         struct share_context *share_context;
 386 
 387         struct loadparm_context *lp_ctx;
 388 
 389         bool smb2_signing_required;
 390 
 391         uint64_t highest_smb2_seqnum;
 392 };
 393 
 394 struct model_ops;
 395 struct loadparm_context;
 396 
 397 NTSTATUS smbsrv_add_socket(struct tevent_context *event_context,
 398                            struct loadparm_context *lp_ctx,
 399                                const struct model_ops *model_ops,
 400                                const char *address);
 401 
 402 struct loadparm_context;
 403 
 404 #include "smb_server/smb_server_proto.h"
 405 #include "smb_server/smb/smb_proto.h"
 406 
 407 /* useful way of catching wct errors with file and line number */
 408 #define SMBSRV_CHECK_WCT(req, wcount) do { \
 409         if ((req)->in.wct != (wcount)) { \
 410                 DEBUG(1,("Unexpected WCT %u at %s(%d) - expected %d\n", \
 411                          (req)->in.wct, __FILE__, __LINE__, wcount)); \
 412                 smbsrv_send_error(req, NT_STATUS_DOS(ERRSRV, ERRerror)); \
 413                 return; \
 414         } \
 415 } while (0)
 416         
 417 /* useful wrapper for talloc with NO_MEMORY reply */
 418 #define SMBSRV_TALLOC_IO_PTR(ptr, type) do { \
 419         ptr = talloc(req, type); \
 420         if (!ptr) { \
 421                 smbsrv_send_error(req, NT_STATUS_NO_MEMORY); \
 422                 return; \
 423         } \
 424         req->io_ptr = ptr; \
 425 } while (0)
 426 
 427 #define SMBSRV_SETUP_NTVFS_REQUEST(send_fn, state) do { \
 428         req->ntvfs = ntvfs_request_create(req->tcon->ntvfs, req, \
 429                                           req->session->session_info,\
 430                                           SVAL(req->in.hdr,HDR_PID), \
 431                                           req->request_time, \
 432                                           req, send_fn, state); \
 433         if (!req->ntvfs) { \
 434                 smbsrv_send_error(req, NT_STATUS_NO_MEMORY); \
 435                 return; \
 436         } \
 437         (void)talloc_steal(req->tcon->ntvfs, req); \
 438         req->ntvfs->frontend_data.private_data = req; \
 439 } while (0)
 440 
 441 #define SMBSRV_CHECK_FILE_HANDLE(handle) do { \
 442         if (!handle) { \
 443                 smbsrv_send_error(req, NT_STATUS_INVALID_HANDLE); \
 444                 return; \
 445         } \
 446 } while (0)
 447 
 448 #define SMBSRV_CHECK_FILE_HANDLE_ERROR(handle, _status) do { \
 449         if (!handle) { \
 450                 smbsrv_send_error(req, _status); \
 451                 return; \
 452         } \
 453 } while (0)
 454 
 455 #define SMBSRV_CHECK_FILE_HANDLE_NTSTATUS(handle) do { \
 456         if (!handle) { \
 457                 return NT_STATUS_INVALID_HANDLE; \
 458         } \
 459 } while (0)
 460 
 461 #define SMBSRV_CHECK(cmd) do {\
 462         NTSTATUS _status; \
 463         _status = cmd; \
 464         if (!NT_STATUS_IS_OK(_status)) { \
 465                 smbsrv_send_error(req,  _status); \
 466                 return; \
 467         } \
 468 } while (0)
 469 
 470 /* 
 471    check if the backend wants to handle the request asynchronously.
 472    if it wants it handled synchronously then call the send function
 473    immediately
 474 */
 475 #define SMBSRV_CALL_NTVFS_BACKEND(cmd) do { \
 476         req->ntvfs->async_states->status = cmd; \
 477         if (req->ntvfs->async_states->state & NTVFS_ASYNC_STATE_ASYNC) { \
 478                 DLIST_ADD_END(req->smb_conn->requests, req, struct smbsrv_request *); \
 479         } else { \
 480                 req->ntvfs->async_states->send_fn(req->ntvfs); \
 481         } \
 482 } while (0)
 483 
 484 /* check req->ntvfs->async_states->status and if not OK then send an error reply */
 485 #define SMBSRV_CHECK_ASYNC_STATUS_ERR_SIMPLE do { \
 486         req = talloc_get_type(ntvfs->async_states->private_data, struct smbsrv_request); \
 487         if (ntvfs->async_states->state & NTVFS_ASYNC_STATE_CLOSE || NT_STATUS_EQUAL(ntvfs->async_states->status, NT_STATUS_NET_WRITE_FAULT)) { \
 488                 smbsrv_terminate_connection(req->smb_conn, get_friendly_nt_error_msg (ntvfs->async_states->status)); \
 489                 talloc_free(req); \
 490                 return; \
 491         } \
 492         if (NT_STATUS_IS_ERR(ntvfs->async_states->status)) { \
 493                 smbsrv_send_error(req, ntvfs->async_states->status); \
 494                 return; \
 495         } \
 496 } while (0)
 497 #define SMBSRV_CHECK_ASYNC_STATUS_ERR(ptr, type) do { \
 498         SMBSRV_CHECK_ASYNC_STATUS_ERR_SIMPLE; \
 499         ptr = talloc_get_type(req->io_ptr, type); \
 500 } while (0)
 501 #define SMBSRV_CHECK_ASYNC_STATUS_SIMPLE do { \
 502         req = talloc_get_type(ntvfs->async_states->private_data, struct smbsrv_request); \
 503         if (ntvfs->async_states->state & NTVFS_ASYNC_STATE_CLOSE || NT_STATUS_EQUAL(ntvfs->async_states->status, NT_STATUS_NET_WRITE_FAULT)) { \
 504                 smbsrv_terminate_connection(req->smb_conn, get_friendly_nt_error_msg (ntvfs->async_states->status)); \
 505                 talloc_free(req); \
 506                 return; \
 507         } \
 508         if (!NT_STATUS_IS_OK(ntvfs->async_states->status)) { \
 509                 smbsrv_send_error(req, ntvfs->async_states->status); \
 510                 return; \
 511         } \
 512 } while (0)
 513 #define SMBSRV_CHECK_ASYNC_STATUS(ptr, type) do { \
 514         SMBSRV_CHECK_ASYNC_STATUS_SIMPLE; \
 515         ptr = talloc_get_type(req->io_ptr, type); \
 516 } while (0)
 517 
 518 /* zero out some reserved fields in a reply */
 519 #define SMBSRV_VWV_RESERVED(start, count) memset(req->out.vwv + VWV(start), 0, (count)*2)
 520 
 521 #include "smb_server/service_smb_proto.h"

/* [<][>][^][v][top][bottom][index][help] */