LCOV - code coverage report
Current view: top level - librpc/rpc - dcesrv_handles.c (source / functions) Hit Total Coverage
Test: coverage report for support-claim-type-attributes 6b5c566e Lines: 128 147 87.1 %
Date: 2023-11-21 12:31:41 Functions: 10 10 100.0 %

          Line data    Source code
       1             : /*
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    server side dcerpc handle code
       5             : 
       6             :    Copyright (C) Andrew Tridgell 2003
       7             : 
       8             :    This program is free software; you can redistribute it and/or modify
       9             :    it under the terms of the GNU General Public License as published by
      10             :    the Free Software Foundation; either version 3 of the License, or
      11             :    (at your option) any later version.
      12             : 
      13             :    This program is distributed in the hope that it will be useful,
      14             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :    GNU General Public License for more details.
      17             : 
      18             :    You should have received a copy of the GNU General Public License
      19             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      20             : */
      21             : 
      22             : #include "includes.h"
      23             : #include "lib/util/dlinklist.h"
      24             : #include "rpc_server/dcerpc_server.h"
      25             : #include "libcli/security/security.h"
      26             : #include "librpc/gen_ndr/auth.h"
      27             : 
      28             : /*
      29             :   destroy a rpc handle
      30             : */
      31      123326 : static int dcesrv_handle_destructor(struct dcesrv_handle *h)
      32             : {
      33      123326 :         DLIST_REMOVE(h->assoc_group->handles, h);
      34      123326 :         return 0;
      35             : }
      36             : 
      37             : 
      38             : /*
      39             :   allocate a new rpc handle
      40             : */
      41             : _PUBLIC_
      42      121359 : struct dcesrv_handle *dcesrv_handle_create(struct dcesrv_call_state *call,
      43             :                                            uint8_t handle_type)
      44             : {
      45      121359 :         struct dcesrv_connection_context *context = call->context;
      46         591 :         struct auth_session_info *session_info =
      47      121359 :                 dcesrv_call_session_info(call);
      48         591 :         struct dcesrv_handle *h;
      49         591 :         struct dom_sid *sid;
      50             : 
      51             :         /*
      52             :          * For simplicity, ensure we abort here for an interface that
      53             :          * has no handles (programmer error)
      54             :          */
      55      121359 :         SMB_ASSERT((context->iface->flags & DCESRV_INTERFACE_FLAGS_HANDLES_NOT_USED) == 0);
      56             : 
      57      121359 :         sid = &session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
      58             : 
      59      121359 :         h = talloc_zero(context->conn->assoc_group, struct dcesrv_handle);
      60      121359 :         if (!h) {
      61           0 :                 return NULL;
      62             :         }
      63      121359 :         h->data = NULL;
      64      121359 :         sid_copy(&h->sid, sid);
      65      121359 :         h->min_auth_level = call->auth_state->auth_level;
      66      121359 :         h->assoc_group = context->conn->assoc_group;
      67      121359 :         h->iface = context->iface;
      68      121359 :         h->wire_handle.handle_type = handle_type;
      69      121359 :         h->wire_handle.uuid = GUID_random();
      70             : 
      71      121359 :         DLIST_ADD(context->conn->assoc_group->handles, h);
      72             : 
      73      121359 :         talloc_set_destructor(h, dcesrv_handle_destructor);
      74             : 
      75      121359 :         return h;
      76             : }
      77             : 
      78             : /**
      79             :   find an internal handle given a wire handle. If the wire handle is NULL then
      80             :   allocate a new handle
      81             : */
      82             : 
      83             : _PUBLIC_
      84      757175 : struct dcesrv_handle *dcesrv_handle_lookup(struct dcesrv_call_state *call,
      85             :                                            const struct policy_handle *p,
      86             :                                            uint8_t handle_type)
      87             : {
      88      757175 :         struct dcesrv_connection_context *context = call->context;
      89         977 :         struct auth_session_info *session_info =
      90      757175 :                 dcesrv_call_session_info(call);
      91         977 :         struct dcesrv_handle *h;
      92         977 :         struct dom_sid *sid;
      93             : 
      94             :         /*
      95             :          * For simplicity, ensure we abort here for an interface that
      96             :          * has no handles (programmer error)
      97             :          */
      98      757175 :         SMB_ASSERT((context->iface->flags & DCESRV_INTERFACE_FLAGS_HANDLES_NOT_USED) == 0);
      99             : 
     100      757175 :         sid = &session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
     101             : 
     102      757175 :         if (ndr_policy_handle_empty(p)) {
     103             :                 /* TODO: we should probably return a NULL handle here */
     104          14 :                 return dcesrv_handle_create(call, handle_type);
     105             :         }
     106             : 
     107      757161 :         if (handle_type != DCESRV_HANDLE_ANY &&
     108       29973 :             p->handle_type != handle_type) {
     109           0 :                 DBG_WARNING("client gave us the wrong handle type "
     110             :                             "(%"PRIu32" should be %"PRIu8")\n",
     111             :                             p->handle_type,
     112             :                             handle_type);
     113           0 :                 return NULL;
     114             :         }
     115             : 
     116     1221896 :         for (h=context->conn->assoc_group->handles; h; h=h->next) {
     117     2203523 :                 if (h->wire_handle.handle_type == p->handle_type &&
     118      981843 :                     GUID_equal(&p->uuid, &h->wire_handle.uuid)) {
     119      755997 :                         break;
     120             :                 }
     121             :         }
     122             : 
     123      757161 :         if (h == NULL) {
     124             :                 /* not found */
     125         187 :                 return NULL;
     126             :         }
     127             : 
     128      756945 :         if (!dom_sid_equal(&h->sid, sid)) {
     129           0 :                 struct dom_sid_buf buf1, buf2;
     130           0 :                 DBG_ERR("Attempt to use invalid sid %s - %s\n",
     131             :                         dom_sid_str_buf(&h->sid, &buf1),
     132             :                         dom_sid_str_buf(sid, &buf2));
     133           0 :                 return NULL;
     134             :         }
     135             : 
     136      756945 :         if (call->auth_state->auth_level < h->min_auth_level) {
     137           0 :                 DBG_ERR("Attempt to use invalid auth_level %u < %u\n",
     138             :                         call->auth_state->auth_level,
     139             :                         h->min_auth_level);
     140           0 :                 return NULL;
     141             :         }
     142             : 
     143      756945 :         if (h->iface != context->iface) {
     144          12 :                 DBG_ERR("Attempt to use invalid iface\n");
     145          12 :                 return NULL;
     146             :         }
     147             : 
     148      755988 :         return h;
     149             : }
     150             : 
     151             : struct dcesrv_iface_state {
     152             :         struct dcesrv_iface_state *prev, *next;
     153             :         struct dcesrv_assoc_group *assoc;
     154             :         const struct dcesrv_interface *iface;
     155             :         struct dom_sid owner;
     156             :         const struct dcesrv_connection *conn;
     157             :         const struct dcesrv_auth *auth;
     158             :         const struct dcesrv_connection_context *pres;
     159             :         uint64_t magic;
     160             :         void *ptr;
     161             :         const char *location;
     162             : };
     163             : 
     164       13952 : static int dcesrv_iface_state_destructor(struct dcesrv_iface_state *istate)
     165             : {
     166       13952 :         DLIST_REMOVE(istate->assoc->iface_states, istate);
     167       13952 :         return 0;
     168             : }
     169             : 
     170       52589 : static void *dcesrv_iface_state_find(struct dcesrv_assoc_group *assoc,
     171             :                         const struct dcesrv_interface *iface,
     172             :                         const struct dom_sid *owner,
     173             :                         const struct dcesrv_connection *conn,
     174             :                         const struct dcesrv_auth *auth,
     175             :                         const struct dcesrv_connection_context *pres,
     176             :                         uint64_t magic,
     177             :                         const void *ptr)
     178             : {
     179       52589 :         struct dcesrv_iface_state *cur = NULL;
     180             : 
     181       71581 :         for (cur = assoc->iface_states; cur != NULL; cur = cur->next) {
     182        6177 :                 bool match;
     183             : 
     184       52311 :                 SMB_ASSERT(cur->assoc == assoc);
     185             : 
     186       52311 :                 if (cur->ptr == ptr) {
     187           0 :                         return cur->ptr;
     188             :                 }
     189             : 
     190       52311 :                 if (cur->iface != iface) {
     191           0 :                         continue;
     192             :                 }
     193             : 
     194       52311 :                 match = dom_sid_equal(&cur->owner, owner);
     195       52311 :                 if (!match) {
     196       15759 :                         continue;
     197             :                 }
     198             : 
     199       36552 :                 if (cur->conn != conn) {
     200        1670 :                         continue;
     201             :                 }
     202             : 
     203       34882 :                 if (cur->auth != auth) {
     204           0 :                         continue;
     205             :                 }
     206             : 
     207       34882 :                 if (cur->pres != pres) {
     208           0 :                         continue;
     209             :                 }
     210             : 
     211       34882 :                 if (cur->magic != magic) {
     212        1563 :                         continue;
     213             :                 }
     214             : 
     215       33319 :                 return cur->ptr;
     216             :         }
     217             : 
     218       17366 :         return NULL;
     219             : }
     220             : 
     221       13936 : static NTSTATUS dcesrv_iface_state_store(struct dcesrv_assoc_group *assoc,
     222             :                                 const struct dcesrv_interface *iface,
     223             :                                 const struct dom_sid *owner,
     224             :                                 const struct dcesrv_connection *conn,
     225             :                                 const struct dcesrv_auth *auth,
     226             :                                 const struct dcesrv_connection_context *pres,
     227             :                                 uint64_t magic,
     228             :                                 TALLOC_CTX *mem_ctx,
     229             :                                 void *ptr,
     230             :                                 const char *location)
     231             : {
     232       13936 :         struct dcesrv_iface_state *istate = NULL;
     233       13936 :         void *optr = NULL;
     234             : 
     235       13936 :         optr = dcesrv_iface_state_find(assoc,
     236             :                                        iface,
     237             :                                        owner,
     238             :                                        conn,
     239             :                                        auth,
     240             :                                        pres,
     241             :                                        magic,
     242             :                                        ptr);
     243       13936 :         if (optr != NULL) {
     244           0 :                 return NT_STATUS_OBJECTID_EXISTS;
     245             :         }
     246             : 
     247       13936 :         istate = talloc_zero(ptr, struct dcesrv_iface_state);
     248       13936 :         if (istate == NULL) {
     249           0 :                 return NT_STATUS_NO_MEMORY;
     250             :         }
     251             : 
     252       13936 :         *istate = (struct dcesrv_iface_state) {
     253             :                 .assoc = assoc,
     254             :                 .iface = iface,
     255       13936 :                 .owner = *owner,
     256             :                 .conn  = conn,
     257             :                 .auth  = auth,
     258             :                 .pres  = pres,
     259             :                 .magic = magic,
     260             :                 .location = location,
     261             :         };
     262             : 
     263       13936 :         istate->ptr = talloc_steal(mem_ctx, ptr);
     264             : 
     265       13936 :         talloc_set_destructor(istate, dcesrv_iface_state_destructor);
     266             : 
     267       13936 :         DLIST_ADD_END(assoc->iface_states, istate);
     268             : 
     269       13936 :         return NT_STATUS_OK;
     270             : }
     271             : 
     272           2 : NTSTATUS _dcesrv_iface_state_store_assoc(struct dcesrv_call_state *call,
     273             :                                 uint64_t magic,
     274             :                                 void *ptr,
     275             :                                 const char *location)
     276             : {
     277           0 :         struct auth_session_info *session_info =
     278           2 :                 dcesrv_call_session_info(call);
     279           2 :         const struct dom_sid *owner =
     280           2 :                 &session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
     281           0 :         NTSTATUS status;
     282             : 
     283           2 :         status = dcesrv_iface_state_store(call->conn->assoc_group,
     284           2 :                                           call->context->iface,
     285             :                                           owner,
     286             :                                           NULL, /* conn */
     287             :                                           NULL, /* auth */
     288             :                                           NULL, /* pres */
     289             :                                           magic,
     290           2 :                                           call->conn->assoc_group, /* mem_ctx */
     291             :                                           ptr,
     292             :                                           location);
     293           2 :         if (!NT_STATUS_IS_OK(status)) {
     294           0 :                 return status;
     295             :         }
     296             : 
     297           2 :         return NT_STATUS_OK;
     298             : }
     299             : 
     300           4 : void *_dcesrv_iface_state_find_assoc(struct dcesrv_call_state *call, uint64_t magic)
     301             : {
     302           0 :         struct auth_session_info *session_info =
     303           4 :                 dcesrv_call_session_info(call);
     304           4 :         const struct dom_sid *owner =
     305           4 :                 &session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
     306           4 :         void *ptr = NULL;
     307             : 
     308           4 :         ptr = dcesrv_iface_state_find(call->conn->assoc_group,
     309           4 :                                       call->context->iface,
     310             :                                       owner,
     311             :                                       NULL, /* conn */
     312             :                                       NULL, /* auth */
     313             :                                       NULL, /* pres */
     314             :                                       magic,
     315             :                                       NULL); /* ptr */
     316           4 :         if (ptr == NULL) {
     317           2 :                 return NULL;
     318             :         }
     319             : 
     320           2 :         return ptr;
     321             : }
     322             : 
     323       13934 : NTSTATUS _dcesrv_iface_state_store_conn(struct dcesrv_call_state *call,
     324             :                                         uint64_t magic,
     325             :                                         void *ptr,
     326             :                                         const char *location)
     327             : {
     328        1503 :         struct auth_session_info *session_info =
     329       13934 :                 dcesrv_call_session_info(call);
     330       13934 :         const struct dom_sid *owner =
     331       13934 :                 &session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
     332        1503 :         NTSTATUS status;
     333             : 
     334       13934 :         status = dcesrv_iface_state_store(call->conn->assoc_group,
     335       12431 :                                           call->context->iface,
     336             :                                           owner,
     337       12431 :                                           call->conn,
     338       13934 :                                           call->auth_state,
     339       13934 :                                           call->context,
     340             :                                           magic,
     341       13934 :                                           call->conn, /* mem_ctx */
     342             :                                           ptr,
     343             :                                           location);
     344       13934 :         if (!NT_STATUS_IS_OK(status)) {
     345           0 :                 return status;
     346             :         }
     347             : 
     348       13934 :         return NT_STATUS_OK;
     349             : }
     350             : 
     351       38649 : void *_dcesrv_iface_state_find_conn(struct dcesrv_call_state *call, uint64_t magic)
     352             : {
     353        3095 :         struct auth_session_info *session_info =
     354       38649 :                 dcesrv_call_session_info(call);
     355       38649 :         const struct dom_sid *owner =
     356       38649 :                 &session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
     357       38649 :         void *ptr = NULL;
     358             : 
     359       41744 :         ptr = dcesrv_iface_state_find(call->conn->assoc_group,
     360       35554 :                                       call->context->iface,
     361             :                                       owner,
     362       38649 :                                       call->conn,
     363       38649 :                                       call->auth_state,
     364       38649 :                                       call->context,
     365             :                                       magic,
     366             :                                       NULL); /* ptr */
     367       38649 :         if (ptr == NULL) {
     368        5332 :                 return NULL;
     369             :         }
     370             : 
     371       30623 :         return ptr;
     372             : }

Generated by: LCOV version 1.14