LCOV - code coverage report
Current view: top level - source3/rpc_server/epmapper - srv_epmapper.c (source / functions) Hit Total Coverage
Test: coverage report for support-claim-type-attributes 6b5c566e Lines: 275 483 56.9 %
Date: 2023-11-21 12:31:41 Functions: 10 14 71.4 %

          Line data    Source code
       1             : /*
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    Endpoint server for the epmapper pipe
       5             : 
       6             :    Copyright (C) 2010-2011 Andreas Schneider <asn@samba.org>
       7             : 
       8             :    This program is free software; you can redistribute it and/or modify
       9             :    it under the terms of the GNU General Public License as published by
      10             :    the Free Software Foundation; either version 3 of the License, or
      11             :    (at your option) any later version.
      12             : 
      13             :    This program is distributed in the hope that it will be useful,
      14             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :    GNU General Public License for more details.
      17             : 
      18             :    You should have received a copy of the GNU General Public License
      19             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      20             : */
      21             : 
      22             : #include "includes.h"
      23             : #include "ntdomain.h"
      24             : #include "../libcli/security/security.h"
      25             : #include "../lib/tsocket/tsocket.h"
      26             : #include "auth.h"
      27             : 
      28             : #include "librpc/rpc/dcesrv_core.h"
      29             : #include "librpc/gen_ndr/ndr_epmapper.h"
      30             : #include "librpc/gen_ndr/ndr_epmapper_scompat.h"
      31             : #include "rpc_server/rpc_server.h"
      32             : #include "lib/tdb_wrap/tdb_wrap.h"
      33             : #include "lib/util/util_tdb.h"
      34             : #include "lib/util/strv.h"
      35             : 
      36             : static struct tdb_wrap *epmdb = NULL;
      37             : 
      38             : /* handle types for this module */
      39             : enum handle_types {HTYPE_LOOKUP};
      40             : 
      41             : typedef uint32_t error_status_t;
      42             : 
      43             : /* An endpoint combined with an interface description */
      44             : struct dcesrv_ep_iface {
      45             :         const char *name;
      46             :         struct ndr_syntax_id syntax_id;
      47             :         struct epm_tower ep;
      48             : };
      49             : 
      50             : /* A rpc service interface like samr, lsarpc or netlogon */
      51             : struct dcesrv_iface {
      52             :         const char *name;
      53             :         struct ndr_syntax_id syntax_id;
      54             : };
      55             : 
      56             : struct dcesrv_iface_list {
      57             :         struct dcesrv_iface_list *next, *prev;
      58             :         struct dcesrv_iface *iface;
      59             : };
      60             : 
      61             : /*
      62             :  * An endpoint can serve multiple rpc services interfaces.
      63             :  * For example \\pipe\netlogon can be used by lsarpc and netlogon.
      64             :  */
      65             : struct dcesrv_epm_endpoint {
      66             :         struct dcesrv_epm_endpoint *next, *prev;
      67             : 
      68             :         /* The type and the location of the endpoint */
      69             :         struct dcerpc_binding *ep_description;
      70             : 
      71             :         /* A list of rpc services able to connect to the endpoint */
      72             :         struct dcesrv_iface_list *iface_list;
      73             : };
      74             : 
      75             : struct rpc_eps {
      76             :         struct dcesrv_ep_iface *e;
      77             :         uint32_t count;
      78             : };
      79             : 
      80             : struct build_ep_list_state {
      81             :         const struct GUID *uuid;
      82             :         const char *srv_addr;
      83             :         TALLOC_CTX *mem_ctx;
      84             :         struct dcesrv_ep_iface *ifaces;
      85             : };
      86             : 
      87         352 : static bool build_ep_list_fill_iface(
      88             :         TALLOC_CTX *mem_ctx,
      89             :         const struct ndr_syntax_id *syntax_id,
      90             :         const char *endpoint,
      91             :         const char *name,
      92             :         const char *srv_addr,
      93             :         struct dcesrv_ep_iface *dst)
      94             : {
      95         352 :         struct dcesrv_ep_iface iface = {
      96             :                 .syntax_id = *syntax_id,
      97             :         };
      98         352 :         struct dcerpc_binding *binding = NULL;
      99           0 :         enum dcerpc_transport_t transport;
     100         352 :         char *name_dup = NULL;
     101         352 :         const char *host_addr = NULL;
     102           0 :         NTSTATUS status;
     103             : 
     104             :         /* copy without const for error path TALLOC_FREE */
     105         352 :         name_dup = talloc_strdup(mem_ctx, name);
     106         352 :         if (name_dup == NULL) {
     107           0 :                 goto fail;
     108             :         }
     109         352 :         iface.name = name_dup;
     110             : 
     111         352 :         status = dcerpc_parse_binding(mem_ctx, endpoint, &binding);
     112         352 :         if (!NT_STATUS_IS_OK(status)) {
     113           0 :                 DBG_DEBUG("dcerpc_parse_binding failed: %s\n",
     114             :                           nt_errstr(status));
     115           0 :                 goto fail;
     116             :         }
     117             : 
     118         352 :         status = dcerpc_binding_set_abstract_syntax(binding, syntax_id);
     119         352 :         if (!NT_STATUS_IS_OK(status)) {
     120           0 :                 DBG_DEBUG("dcerpc_binding_set_abstract_syntax failed: %s\n",
     121             :                           nt_errstr(status));
     122           0 :                 goto fail;
     123             :         }
     124             : 
     125         352 :         transport = dcerpc_binding_get_transport(binding);
     126         352 :         if (transport == NCACN_IP_TCP) {
     127          80 :                 const char *host = NULL;
     128             : 
     129          80 :                 host = dcerpc_binding_get_string_option(binding, "host");
     130          80 :                 if (host == NULL) {
     131          80 :                         host_addr = srv_addr;
     132           0 :                 } else if (!is_ipaddress_v4(host)) {
     133           0 :                         host_addr = srv_addr;
     134           0 :                 } else if (strcmp(host, "0.0.0.0") == 0) {
     135           0 :                         host_addr = srv_addr;
     136             :                 }
     137             :         }
     138             : 
     139         352 :         if (host_addr != NULL) {
     140          20 :                 status = dcerpc_binding_set_string_option(
     141             :                         binding, "host", host_addr);
     142          20 :                 if (!NT_STATUS_IS_OK(status)) {
     143           0 :                         DBG_DEBUG("dcerpc_binding_set_string_option "
     144             :                                   "failed: %s\n",
     145             :                                   nt_errstr(status));
     146           0 :                         goto fail;
     147             :                 }
     148             :         }
     149             : 
     150         352 :         status = dcerpc_binding_build_tower(mem_ctx, binding, &iface.ep);
     151         352 :         TALLOC_FREE(binding);
     152         352 :         if (!NT_STATUS_IS_OK(status)) {
     153           0 :                 DBG_DEBUG("dcerpc_binding_build_tower failed: %s\n",
     154             :                           nt_errstr(status));
     155           0 :                 goto fail;
     156             :         }
     157             : 
     158         352 :         *dst = iface;
     159         352 :         return true;
     160             : 
     161           0 : fail:
     162           0 :         TALLOC_FREE(binding);
     163           0 :         TALLOC_FREE(name_dup);
     164           0 :         TALLOC_FREE(iface.ep.floors);
     165           0 :         return false;
     166             : }
     167             : 
     168         136 : static int build_ep_list_fn(
     169             :         struct tdb_context *tdb,
     170             :         TDB_DATA key,
     171             :         TDB_DATA value,
     172             :         void *private_data)
     173             : {
     174         136 :         struct build_ep_list_state *state = private_data;
     175         136 :         struct ndr_syntax_id syntax_id = { .if_version = 0 };
     176         136 :         const char *name = NULL;
     177         136 :         char *endpoints = NULL;
     178         136 :         const char *endpoint = NULL;
     179           0 :         bool ok;
     180             : 
     181         136 :         if ((key.dsize == 0) || (key.dptr[key.dsize-1] != '\0') ||
     182         136 :             (value.dsize == 0) || (value.dptr[value.dsize-1] != '\0')) {
     183           0 :                 DBG_DEBUG("Invalid record\n");
     184           0 :                 return 0;
     185             :         }
     186             : 
     187         136 :         ok = ndr_syntax_id_from_string((char *)key.dptr, &syntax_id);
     188         136 :         if (!ok) {
     189           0 :                 DBG_DEBUG("Invalid interface: %s\n", (char *)key.dptr);
     190           0 :                 return 0;
     191             :         }
     192             : 
     193         136 :         endpoints = (char *)value.dptr;
     194         136 :         endpoint = endpoints;
     195         136 :         name = endpoints;
     196             : 
     197         488 :         while ((endpoint = strv_len_next(endpoints, value.dsize, endpoint))) {
     198         352 :                 size_t num_ifaces = talloc_array_length(state->ifaces);
     199         352 :                 struct dcesrv_ep_iface *tmp = NULL;
     200             : 
     201         352 :                 if (num_ifaces+1 < num_ifaces) {
     202           0 :                         return 1;
     203             :                 }
     204             : 
     205         352 :                 tmp = talloc_realloc(
     206             :                         state->mem_ctx,
     207             :                         state->ifaces,
     208             :                         struct dcesrv_ep_iface,
     209             :                         num_ifaces+1);
     210         352 :                 if (tmp == NULL) {
     211           0 :                         return 1;
     212             :                 }
     213         352 :                 state->ifaces = tmp;
     214             : 
     215         352 :                 ok = build_ep_list_fill_iface(
     216         352 :                         state->ifaces,
     217             :                         &syntax_id,
     218             :                         endpoint,
     219             :                         name,
     220             :                         state->srv_addr,
     221         352 :                         &state->ifaces[num_ifaces]);
     222         352 :                 if (!ok) {
     223           0 :                         state->ifaces = talloc_realloc(
     224             :                                 state->mem_ctx,
     225             :                                 state->ifaces,
     226             :                                 struct dcesrv_ep_iface,
     227             :                                 num_ifaces);
     228             :                 }
     229             :         }
     230             : 
     231         136 :         return 0;
     232             : }
     233             : 
     234             : /*
     235             :  * Build a list of all interfaces handled by all endpoint servers.
     236             :  */
     237           8 : static uint32_t build_ep_list(TALLOC_CTX *mem_ctx,
     238             :                               const struct GUID *uuid,
     239             :                               const char *srv_addr,
     240             :                               struct dcesrv_ep_iface **peps)
     241             : {
     242           8 :         struct build_ep_list_state state = {
     243             :                 .mem_ctx = mem_ctx, .uuid = uuid, .srv_addr = srv_addr,
     244             :         };
     245           0 :         int ret;
     246             : 
     247           8 :         ret = tdb_traverse_read(epmdb->tdb, build_ep_list_fn, &state);
     248           8 :         if (ret == -1) {
     249           0 :                 DBG_DEBUG("tdb_traverse_read failed\n");
     250           0 :                 return 0;
     251             :         }
     252             : 
     253           8 :         *peps = state.ifaces;
     254           8 :         return talloc_array_length(*peps);
     255             : }
     256             : 
     257             : /*
     258             :  * epm_Insert
     259             :  *
     260             :  * Add the specified entries to an endpoint map.
     261             :  */
     262           4 : error_status_t _epm_Insert(struct pipes_struct *p,
     263             :                            struct epm_Insert *r)
     264             : {
     265           4 :         p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
     266           4 :         return EPMAPPER_STATUS_CANT_PERFORM_OP;
     267             : }
     268             : 
     269             : /*
     270             :  * epm_Delete
     271             :  *
     272             :  * Delete the specified entries from an endpoint map.
     273             :  */
     274           0 : error_status_t _epm_Delete(struct pipes_struct *p,
     275             :                            struct epm_Delete *r)
     276             : {
     277           0 :         p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
     278           0 :         return EPMAPPER_STATUS_CANT_PERFORM_OP;
     279             : }
     280             : 
     281             : /*
     282             :  * epm_Lookup
     283             :  *
     284             :  * Lookup entries in an endpoint map.
     285             :  */
     286          28 : error_status_t _epm_Lookup(struct pipes_struct *p,
     287             :                            struct epm_Lookup *r)
     288             : {
     289          28 :         struct dcesrv_call_state *dce_call = p->dce_call;
     290          28 :         struct dcesrv_connection *dcesrv_conn = dce_call->conn;
     291           0 :         struct policy_handle *entry_handle;
     292           0 :         struct rpc_eps *eps;
     293           0 :         TALLOC_CTX *tmp_ctx;
     294           0 :         error_status_t rc;
     295          28 :         uint32_t count = 0;
     296          28 :         uint32_t num_ents = 0;
     297           0 :         uint32_t i;
     298          28 :         bool match = false;
     299           0 :         bool ok;
     300           0 :         NTSTATUS status;
     301             : 
     302          28 :         *r->out.num_ents = 0;
     303          28 :         r->out.entries = NULL;
     304             : 
     305          28 :         tmp_ctx = talloc_stackframe();
     306          28 :         if (tmp_ctx == NULL) {
     307           0 :                 return EPMAPPER_STATUS_NO_MEMORY;
     308             :         }
     309             : 
     310          28 :         DEBUG(5, ("_epm_Lookup: Trying to lookup max. %u entries.\n",
     311             :                   r->in.max_ents));
     312             : 
     313          56 :         if (r->in.entry_handle == NULL ||
     314          28 :             ndr_policy_handle_empty(r->in.entry_handle)) {
     315           0 :                 const struct tsocket_address *local_address =
     316           8 :                         dcesrv_connection_get_local_address(dcesrv_conn);
     317           8 :                 char *srv_addr = NULL;
     318             : 
     319           8 :                 DEBUG(7, ("_epm_Lookup: No entry_handle found, creating it.\n"));
     320             : 
     321           8 :                 eps = talloc_zero(tmp_ctx, struct rpc_eps);
     322           8 :                 if (eps == NULL) {
     323           0 :                         rc = EPMAPPER_STATUS_NO_MEMORY;
     324           0 :                         goto done;
     325             :                 }
     326             : 
     327          16 :                 if (local_address != NULL &&
     328           8 :                     tsocket_address_is_inet(local_address, "ipv4"))
     329             :                 {
     330           2 :                         srv_addr = tsocket_address_inet_addr_string(
     331             :                                 local_address, tmp_ctx);
     332             :                 }
     333             : 
     334           8 :                 switch (r->in.inquiry_type) {
     335           8 :                 case RPC_C_EP_ALL_ELTS:
     336             :                         /*
     337             :                          * Return all elements from the endpoint map. The
     338             :                          * interface_id, vers_option, and object parameters MUST
     339             :                          * be ignored.
     340             :                          */
     341           8 :                         eps->count = build_ep_list(eps,
     342             :                                                    NULL,
     343             :                                                    srv_addr,
     344             :                                                    &eps->e);
     345           8 :                         break;
     346           0 :                 case RPC_C_EP_MATCH_BY_IF:
     347             :                         /*
     348             :                          * Return endpoint map elements that contain the
     349             :                          * interface identifier specified by the interface_id
     350             :                          * and vers_option values.
     351             :                          *
     352             :                          * RPC_C_EP_MATCH_BY_IF and RPC_C_EP_MATCH_BY_BOTH
     353             :                          * need both the same endpoint list. There is a second
     354             :                          * check for the inquiry_type below which differentiates
     355             :                          * between them.
     356             :                          */
     357             :                 case RPC_C_EP_MATCH_BY_BOTH:
     358             :                         /*
     359             :                          * Return endpoint map elements that contain the
     360             :                          * interface identifier and object UUID specified by
     361             :                          * interface_id, vers_option, and object.
     362             :                          */
     363           0 :                         eps->count = build_ep_list(eps,
     364           0 :                                                    &r->in.interface_id->uuid,
     365             :                                                    srv_addr,
     366             :                                                    &eps->e);
     367           0 :                         break;
     368           0 :                 case RPC_C_EP_MATCH_BY_OBJ:
     369             :                         /*
     370             :                          * Return endpoint map elements that contain the object
     371             :                          * UUID specified by object.
     372             :                          */
     373           0 :                         eps->count = build_ep_list(eps,
     374           0 :                                                    r->in.object,
     375             :                                                    srv_addr,
     376             :                                                    &eps->e);
     377           0 :                         break;
     378           0 :                 default:
     379           0 :                         rc = EPMAPPER_STATUS_CANT_PERFORM_OP;
     380           0 :                         goto done;
     381             :                 }
     382             : 
     383           8 :                 if (eps->count == 0) {
     384           0 :                         rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     385           0 :                         goto done;
     386             :                 }
     387             : 
     388           8 :                 ok = create_policy_hnd(p, r->out.entry_handle, HTYPE_LOOKUP, eps);
     389           8 :                 if (!ok) {
     390           0 :                         rc = EPMAPPER_STATUS_NO_MEMORY;
     391           0 :                         goto done;
     392             :                 }
     393             : 
     394           8 :                 eps = find_policy_by_hnd(p,
     395             :                                          r->out.entry_handle,
     396             :                                          HTYPE_LOOKUP,
     397             :                                          struct rpc_eps,
     398           0 :                                          &status);
     399           8 :                 if (!NT_STATUS_IS_OK(status)) {
     400           0 :                         rc = EPMAPPER_STATUS_NO_MEMORY;
     401           0 :                         goto done;
     402             :                 }
     403           8 :                 entry_handle = r->out.entry_handle;
     404             :         } else {
     405          20 :                 DEBUG(7, ("_epm_Lookup: Trying to find entry_handle.\n"));
     406             : 
     407          20 :                 eps = find_policy_by_hnd(p,
     408             :                                          r->in.entry_handle,
     409             :                                          HTYPE_LOOKUP,
     410             :                                          struct rpc_eps,
     411           0 :                                          &status);
     412          20 :                 if (!NT_STATUS_IS_OK(status)) {
     413           2 :                         rc = EPMAPPER_STATUS_NO_MEMORY;
     414           2 :                         goto done;
     415             :                 }
     416          18 :                 entry_handle = r->in.entry_handle;
     417             :         }
     418             : 
     419          26 :         if (eps == NULL || eps->e == NULL) {
     420           0 :                 rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     421           0 :                 goto done;
     422             :         }
     423             : 
     424             :         /* return the next N elements */
     425          26 :         count = r->in.max_ents;
     426          26 :         if (count > eps->count) {
     427           4 :                 count = eps->count;
     428             :         }
     429             : 
     430          26 :         DEBUG(5, ("_epm_Lookup: Find %u entries\n", count));
     431             : 
     432          26 :         if (count == 0) {
     433           0 :                 close_policy_hnd(p, entry_handle);
     434           0 :                 ZERO_STRUCTP(r->out.entry_handle);
     435             : 
     436           0 :                 rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     437           0 :                 goto done;
     438             :         }
     439             : 
     440          26 :         r->out.entries = talloc_array(p->mem_ctx, struct epm_entry_t, count);
     441          26 :         if (r->out.entries == NULL) {
     442           0 :                 rc = EPMAPPER_STATUS_NO_MEMORY;
     443           0 :                 goto done;
     444             :         }
     445             : 
     446         210 :         for (i = 0; i < count; i++) {
     447         184 :                 match = false;
     448             : 
     449         184 :                 switch (r->in.inquiry_type) {
     450         184 :                 case RPC_C_EP_ALL_ELTS:
     451             :                         /*
     452             :                          * Return all elements from the endpoint map. The
     453             :                          * interface_id, vers_option, and object parameters MUST
     454             :                          * be ignored.
     455             :                          */
     456         184 :                         match = true;
     457         184 :                         break;
     458           0 :                 case RPC_C_EP_MATCH_BY_IF:
     459             :                         /*
     460             :                          * Return endpoint map elements that contain the
     461             :                          * interface identifier specified by the interface_id
     462             :                          * and vers_option values.
     463             :                          */
     464           0 :                         if (GUID_equal(&r->in.interface_id->uuid,
     465           0 :                                        &eps->e[i].syntax_id.uuid)) {
     466           0 :                                 match = true;
     467             :                         }
     468           0 :                         break;
     469           0 :                 case RPC_C_EP_MATCH_BY_OBJ:
     470             :                         /*
     471             :                          * Return endpoint map elements that contain the object
     472             :                          * UUID specified by object.
     473             :                          */
     474           0 :                         if (GUID_equal(r->in.object,
     475           0 :                                        &eps->e[i].syntax_id.uuid)) {
     476           0 :                                 match = true;
     477             :                         }
     478           0 :                         break;
     479           0 :                 case RPC_C_EP_MATCH_BY_BOTH:
     480             :                         /*
     481             :                          * Return endpoint map elements that contain the
     482             :                          * interface identifier and object UUID specified by
     483             :                          * interface_id, vers_option, and object.
     484             :                          */
     485           0 :                         if (GUID_equal(&r->in.interface_id->uuid,
     486           0 :                                        &eps->e[i].syntax_id.uuid) &&
     487           0 :                             GUID_equal(r->in.object, &eps->e[i].syntax_id.uuid)) {
     488           0 :                                 match = true;
     489             :                         }
     490           0 :                         break;
     491           0 :                 default:
     492           0 :                         return EPMAPPER_STATUS_CANT_PERFORM_OP;
     493             :                 }
     494             : 
     495         184 :                 if (match) {
     496         184 :                         if (r->in.inquiry_type == RPC_C_EP_MATCH_BY_IF ||
     497         184 :                             r->in.inquiry_type == RPC_C_EP_MATCH_BY_OBJ) {
     498             :                                 /* Check interface version */
     499             : 
     500           0 :                                 match = false;
     501           0 :                                 switch (r->in.vers_option) {
     502           0 :                                 case RPC_C_VERS_ALL:
     503             :                                         /*
     504             :                                          * Return endpoint map elements that
     505             :                                          * contain the specified interface UUID,
     506             :                                          * regardless of the version numbers.
     507             :                                          */
     508           0 :                                         match = true;
     509           0 :                                         break;
     510           0 :                                 case RPC_C_VERS_COMPATIBLE:
     511             :                                         /*
     512             :                                          * Return the endpoint map elements that
     513             :                                          * contain the same major versions of
     514             :                                          * the specified interface UUID and a
     515             :                                          * minor version greater than or equal
     516             :                                          * to the minor version of the specified
     517             :                                          * UUID.
     518             :                                          */
     519           0 :                                         if (r->in.interface_id->vers_major ==
     520           0 :                                             (eps->e[i].syntax_id.if_version >> 16) &&
     521           0 :                                             r->in.interface_id->vers_minor <=
     522           0 :                                             (eps->e[i].syntax_id.if_version & 0xFFFF)) {
     523           0 :                                                 match = true;
     524             :                                         }
     525           0 :                                         break;
     526           0 :                                 case RPC_C_VERS_EXACT:
     527             :                                         /*
     528             :                                          * Return endpoint map elements that
     529             :                                          * contain the specified version of the
     530             :                                          * specified interface UUID.
     531             :                                          */
     532           0 :                                         if (r->in.interface_id->vers_major ==
     533           0 :                                             (eps->e[i].syntax_id.if_version >> 16) &&
     534           0 :                                             r->in.interface_id->vers_minor ==
     535           0 :                                             (eps->e[i].syntax_id.if_version & 0xFFFF)) {
     536           0 :                                                 match = true;
     537             :                                         }
     538           0 :                                         match = true;
     539           0 :                                         break;
     540           0 :                                 case RPC_C_VERS_MAJOR_ONLY:
     541             :                                         /*
     542             :                                          * Return endpoint map elements that
     543             :                                          * contain the same version of the
     544             :                                          * specified interface UUID and ignore
     545             :                                          * the minor version.
     546             :                                          */
     547           0 :                                         if (r->in.interface_id->vers_major ==
     548           0 :                                             (eps->e[i].syntax_id.if_version >> 16)) {
     549           0 :                                                 match = true;
     550             :                                         }
     551           0 :                                         match = true;
     552           0 :                                         break;
     553           0 :                                 case RPC_C_VERS_UPTO:
     554             :                                         /*
     555             :                                          * Return endpoint map elements that
     556             :                                          * contain a version of the specified
     557             :                                          * interface UUID less than or equal to
     558             :                                          * the specified major and minor
     559             :                                          * version.
     560             :                                          */
     561           0 :                                         if (r->in.interface_id->vers_major >
     562           0 :                                             eps->e[i].syntax_id.if_version >> 16) {
     563           0 :                                                 match = true;
     564             :                                         } else {
     565           0 :                                                 if (r->in.interface_id->vers_major ==
     566           0 :                                                     (eps->e[i].syntax_id.if_version >> 16) &&
     567           0 :                                                     r->in.interface_id->vers_minor >=
     568           0 :                                                     (eps->e[i].syntax_id.if_version & 0xFFFF)) {
     569           0 :                                                         match = true;
     570             :                                                 }
     571             :                                         }
     572           0 :                                         break;
     573           0 :                                 default:
     574           0 :                                         return EPMAPPER_STATUS_CANT_PERFORM_OP;
     575             :                                 }
     576             :                         }
     577             :                 }
     578             : 
     579         184 :                 if (match) {
     580         184 :                         ZERO_STRUCT(r->out.entries[num_ents].object);
     581             : 
     582         184 :                         DEBUG(10, ("_epm_Lookup: Adding tower for '%s'\n",
     583             :                                    eps->e[i].name));
     584         368 :                         r->out.entries[num_ents].annotation = talloc_strdup(r->out.entries,
     585         184 :                                                                             eps->e[i].name);
     586         184 :                         r->out.entries[num_ents].tower = talloc(r->out.entries,
     587             :                                                                 struct epm_twr_t);
     588         184 :                         if (r->out.entries[num_ents].tower == NULL) {
     589           0 :                                 rc = EPMAPPER_STATUS_NO_MEMORY;
     590           0 :                                 goto done;
     591             :                         }
     592         184 :                         r->out.entries[num_ents].tower->tower.floors = talloc_move(r->out.entries[num_ents].tower, &eps->e[i].ep.floors);
     593         184 :                         r->out.entries[num_ents].tower->tower.num_floors = eps->e[i].ep.num_floors;
     594         184 :                         r->out.entries[num_ents].tower->tower_length = 0;
     595             : 
     596         184 :                         num_ents++;
     597             :                 }
     598             :         } /* end for loop */
     599             : 
     600          26 :         *r->out.num_ents = num_ents;
     601             : 
     602          26 :         eps->count -= count;
     603          26 :         eps->e += count;
     604          26 :         if (eps->count == 0) {
     605           4 :                 close_policy_hnd(p, entry_handle);
     606           4 :                 ZERO_STRUCTP(r->out.entry_handle);
     607           4 :                 rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     608           4 :                 goto done;
     609             :         }
     610             : 
     611          22 :         rc = EPMAPPER_STATUS_OK;
     612          28 : done:
     613          28 :         talloc_free(tmp_ctx);
     614             : 
     615          28 :         return rc;
     616             : }
     617             : 
     618         716 : static struct rpc_eps *epm_map_get_towers(
     619             :         TALLOC_CTX *mem_ctx,
     620             :         const struct ndr_syntax_id *iface,
     621             :         enum dcerpc_transport_t transport,
     622             :         const char *local_address)
     623             : {
     624           0 :         struct ndr_syntax_id_buf idbuf;
     625         716 :         char *iface_string = ndr_syntax_id_buf_string(iface, &idbuf);
     626         716 :         struct rpc_eps *eps = NULL;
     627         716 :         uint8_t *buf = NULL;
     628           0 :         size_t buflen;
     629         716 :         char *bindings = NULL;
     630         716 :         char *binding = NULL;
     631         716 :         char *name = NULL;
     632           0 :         NTSTATUS status;
     633           0 :         int ret;
     634             : 
     635         716 :         DBG_DEBUG("Mapping interface %s\n", iface_string);
     636             : 
     637         716 :         eps = talloc_zero(mem_ctx, struct rpc_eps);
     638         716 :         if (eps == NULL) {
     639           0 :                 goto fail;
     640             :         }
     641             : 
     642         716 :         ret = tdb_fetch_talloc(
     643         716 :                 epmdb->tdb, string_term_tdb_data(iface_string), eps, &buf);
     644         716 :         if (ret != 0) {
     645          48 :                 DBG_DEBUG("Could not find epm entry for %s: %s\n",
     646             :                           iface_string,
     647             :                           strerror(ret));
     648          48 :                 goto fail;
     649             :         }
     650         668 :         buflen = talloc_array_length(buf);
     651             : 
     652         668 :         if ((buflen < 1) || (buf[buflen-1] != '\0')) {
     653           0 :                 DBG_DEBUG("epm entry for %s invalid\n", iface_string);
     654           0 :                 goto fail;
     655             :         }
     656         668 :         bindings = (char *)buf;
     657             : 
     658         668 :         name = bindings;        /* name comes first */
     659         668 :         binding = name;         /* strv_next will skip name */
     660             : 
     661        3026 :         while ((binding = strv_next(bindings, binding)) != NULL) {
     662        2358 :                 struct dcerpc_binding *b = NULL;
     663           0 :                 enum dcerpc_transport_t found_transport;
     664        2358 :                 struct dcesrv_ep_iface *tmp = NULL, *new_ep = NULL;
     665             : 
     666        2358 :                 DBG_DEBUG("Found %s for %s\n", binding, name);
     667             : 
     668        2358 :                 status = dcerpc_parse_binding(mem_ctx, binding, &b);
     669        2358 :                 if (!NT_STATUS_IS_OK(status)) {
     670           0 :                         DBG_DEBUG("dcerpc_parse_binding() for %s failed: %s\n",
     671             :                                   binding,
     672             :                                   nt_errstr(status));
     673           0 :                         goto fail;
     674             :                 }
     675             : 
     676        2358 :                 found_transport = dcerpc_binding_get_transport(b);
     677        2358 :                 if (found_transport != transport) {
     678        1560 :                         DBG_DEBUG("Transport %d does not match %d\n",
     679             :                                   (int)found_transport,
     680             :                                   (int)transport);
     681        1560 :                         TALLOC_FREE(b);
     682        1560 :                         continue;
     683             :                 }
     684             : 
     685         798 :                 if (found_transport == NCACN_IP_TCP) {
     686         210 :                         status = dcerpc_binding_set_string_option(
     687             :                                 b, "host", local_address);
     688         210 :                         if (!NT_STATUS_IS_OK(status)) {
     689           0 :                                 DBG_DEBUG("Could not set host: %s\n",
     690             :                                           nt_errstr(status));
     691           0 :                                 goto fail;
     692             :                         }
     693             :                 }
     694             : 
     695         798 :                 status = dcerpc_binding_set_abstract_syntax(b, iface);
     696         798 :                 if (!NT_STATUS_IS_OK(status)) {
     697           0 :                         DBG_DEBUG("Could not set abstract syntax: %s\n",
     698             :                                   nt_errstr(status));
     699           0 :                         goto fail;
     700             :                 }
     701             : 
     702         798 :                 tmp = talloc_realloc(
     703             :                         eps,
     704             :                         eps->e,
     705             :                         struct dcesrv_ep_iface,
     706             :                         eps->count+1);
     707         798 :                 if (tmp == NULL) {
     708           0 :                         goto fail;
     709             :                 }
     710         798 :                 eps->e = tmp;
     711             : 
     712         798 :                 new_ep = &eps->e[eps->count];
     713             : 
     714         798 :                 new_ep->name = talloc_strdup(eps->e, name);
     715         798 :                 if (new_ep->name == NULL) {
     716           0 :                         goto fail;
     717             :                 }
     718         798 :                 new_ep->syntax_id = *iface;
     719             : 
     720         798 :                 status = dcerpc_binding_build_tower(eps->e, b, &new_ep->ep);
     721         798 :                 if (!NT_STATUS_IS_OK(status)) {
     722           0 :                         DBG_DEBUG("dcerpc_binding_build_tower failed: %s\n",
     723             :                                   nt_errstr(status));
     724           0 :                         goto fail;
     725             :                 }
     726             : 
     727         798 :                 eps->count += 1;
     728             : 
     729         798 :                 TALLOC_FREE(b);
     730             :         }
     731         668 :         return eps;
     732             : 
     733          48 : fail:
     734          48 :         TALLOC_FREE(eps);
     735          48 :         return NULL;
     736             : }
     737             : 
     738             : /*
     739             :  * epm_Map
     740             :  *
     741             :  * Apply some algorithm (using the fields in the map_tower) to an endpoint map
     742             :  * to produce a list of protocol towers.
     743             :  */
     744         716 : error_status_t _epm_Map(struct pipes_struct *p,
     745             :                         struct epm_Map *r)
     746             : {
     747         716 :         struct dcesrv_call_state *dce_call = p->dce_call;
     748         716 :         struct dcesrv_connection *dcesrv_conn = dce_call->conn;
     749           0 :         struct policy_handle *entry_handle;
     750           0 :         enum dcerpc_transport_t transport;
     751           0 :         struct ndr_syntax_id ifid;
     752           0 :         struct epm_floor *floors;
     753           0 :         struct rpc_eps *eps;
     754           0 :         TALLOC_CTX *tmp_ctx;
     755           0 :         error_status_t rc;
     756         716 :         uint32_t count = 0;
     757         716 :         uint32_t num_towers = 0;
     758           0 :         uint32_t i;
     759           0 :         bool ok;
     760           0 :         NTSTATUS status;
     761             : 
     762         716 :         *r->out.num_towers = 0;
     763         716 :         r->out.towers = NULL;
     764             : 
     765         716 :         if (r->in.map_tower == NULL || r->in.max_towers == 0 ||
     766         716 :             r->in.map_tower->tower.num_floors < 3) {
     767           0 :                 return EPMAPPER_STATUS_NO_MORE_ENTRIES;
     768             :         }
     769             : 
     770         716 :         tmp_ctx = talloc_stackframe();
     771             : 
     772         716 :         ZERO_STRUCTP(r->out.entry_handle);
     773             : 
     774         716 :         DEBUG(5, ("_epm_Map: Trying to map max. %u towers.\n",
     775             :                   r->in.max_towers));
     776             : 
     777             :         /*
     778             :          * A tower has normally up to 6 floors
     779             :          *
     780             :          * +-----------------------------------------------------------------+
     781             :          * | Floor 1 | Provides the RPC interface identifier. (e.g. UUID for |
     782             :          * |         | netlogon)                                             |
     783             :          * +---------+-------------------------------------------------------+
     784             :          * | Floor 2 | Transfer syntax (NDR encoded)                        |
     785             :          * +---------+-------------------------------------------------------+
     786             :          * | Floor 3 | RPC protocol identifier (ncacn_tcp_ip, ncacn_np, ...) |
     787             :          * +---------+-------------------------------------------------------+
     788             :          * | Floor 4 | Port address (e.g. TCP Port: 49156)                   |
     789             :          * +---------+-------------------------------------------------------+
     790             :          * | Floor 5 | Transport (e.g. IP:192.168.51.10)                     |
     791             :          * +---------+-------------------------------------------------------+
     792             :          * | Floor 6 | Routing                                               |
     793             :          * +---------+-------------------------------------------------------+
     794             :          */
     795         716 :         floors = r->in.map_tower->tower.floors;
     796             : 
     797             :         /* We accept NDR as the transfer syntax */
     798         716 :         status = dcerpc_floor_get_uuid_full(&floors[1], &ifid);
     799         716 :         if (!NT_STATUS_IS_OK(status)) {
     800           0 :                 DBG_DEBUG("dcerpc_floor_get_uuid_full() failed: %s\n",
     801             :                           nt_errstr(status));
     802           0 :                 rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     803           0 :                 goto done;
     804             :         }
     805             : 
     806         716 :         if (floors[1].lhs.protocol != EPM_PROTOCOL_UUID ||
     807         716 :             !ndr_syntax_id_equal(&ifid, &ndr_transfer_syntax_ndr)) {
     808           0 :                 rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     809           0 :                 goto done;
     810             :         }
     811             : 
     812             :         /* We only talk to sane transports */
     813         716 :         transport = dcerpc_transport_by_tower(&r->in.map_tower->tower);
     814         716 :         if (transport == NCA_UNKNOWN) {
     815           0 :                 DEBUG(2, ("epm_Map: Client requested unknown transport with "
     816             :                           "levels: "));
     817           0 :                 for (i = 2; i < r->in.map_tower->tower.num_floors; i++) {
     818           0 :                         DEBUG(2, ("%d, ", r->in.map_tower->tower.floors[i].lhs.protocol));
     819             :                 }
     820           0 :                 DEBUG(2, ("\n"));
     821           0 :                 rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     822           0 :                 goto done;
     823             :         }
     824             : 
     825        1432 :         if (r->in.entry_handle == NULL ||
     826         716 :             ndr_policy_handle_empty(r->in.entry_handle)) {
     827           0 :                 const struct tsocket_address *local_addr =
     828         716 :                         dcesrv_connection_get_local_address(dcesrv_conn);
     829         716 :                 char *local_address = NULL;
     830           0 :                 struct ndr_syntax_id_buf buf;
     831         716 :                 char *if_string = NULL;
     832             : 
     833         716 :                 DEBUG(7, ("_epm_Map: No entry_handle found, creating it.\n"));
     834             : 
     835         716 :                 status = dcerpc_floor_get_uuid_full(&floors[0], &ifid);
     836         716 :                 if (!NT_STATUS_IS_OK(status)) {
     837           0 :                         DBG_DEBUG("dcerpc_floor_get_uuid_full() failed: %s\n",
     838             :                                   nt_errstr(status));
     839           0 :                         rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     840          48 :                         goto done;
     841             :                 }
     842             : 
     843         716 :                 if_string = ndr_syntax_id_buf_string(&ifid, &buf);
     844             : 
     845         716 :                 DBG_INFO("Mapping interface %s\n", if_string);
     846             : 
     847         974 :                 if ((transport == NCACN_IP_TCP) &&
     848         258 :                     tsocket_address_is_inet(local_addr, "ip")) {
     849             :                         /*
     850             :                          * We don't have the host ip in the epm
     851             :                          * database. For NCACN_IP_TCP, add the IP that
     852             :                          * the client connected to.
     853             :                          */
     854         182 :                         local_address = tsocket_address_inet_addr_string(
     855             :                                 local_addr, tmp_ctx);
     856             :                 }
     857             : 
     858         716 :                 eps = epm_map_get_towers(
     859             :                         tmp_ctx, &ifid, transport, local_address);
     860         716 :                 if (eps == NULL) {
     861          48 :                         DBG_DEBUG("No bindings found\n");
     862          48 :                         rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     863          48 :                         goto done;
     864             :                 }
     865             : 
     866         668 :                 ok = create_policy_hnd(p, r->out.entry_handle, HTYPE_LOOKUP, eps);
     867         668 :                 if (!ok) {
     868           0 :                         rc = EPMAPPER_STATUS_NO_MEMORY;
     869           0 :                         goto done;
     870             :                 }
     871             : 
     872         668 :                 eps = find_policy_by_hnd(p,
     873             :                                          r->out.entry_handle,
     874             :                                          HTYPE_LOOKUP,
     875             :                                          struct rpc_eps,
     876           0 :                                          &status);
     877         668 :                 if (!NT_STATUS_IS_OK(status)) {
     878           0 :                         rc = EPMAPPER_STATUS_NO_MEMORY;
     879           0 :                         goto done;
     880             :                 }
     881         668 :                 entry_handle = r->out.entry_handle;
     882             :         } else {
     883           0 :                 DEBUG(7, ("_epm_Map: Trying to find entry_handle.\n"));
     884             : 
     885           0 :                 eps = find_policy_by_hnd(p,
     886             :                                          r->in.entry_handle,
     887             :                                          HTYPE_LOOKUP,
     888             :                                          struct rpc_eps,
     889           0 :                                          &status);
     890           0 :                 if (!NT_STATUS_IS_OK(status)) {
     891           0 :                         rc = EPMAPPER_STATUS_NO_MEMORY;
     892           0 :                         goto done;
     893             :                 }
     894           0 :                 entry_handle = r->in.entry_handle;
     895             :         }
     896             : 
     897         668 :         if (eps == NULL || eps->e == NULL) {
     898         126 :                 rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     899         126 :                 goto done;
     900             :         }
     901             : 
     902             :         /* return the next N elements */
     903         542 :         count = r->in.max_towers;
     904         542 :         if (count > eps->count) {
     905         392 :                 count = eps->count;
     906             :         }
     907             : 
     908         542 :         if (count == 0) {
     909           0 :                 close_policy_hnd(p, entry_handle);
     910           0 :                 ZERO_STRUCTP(r->out.entry_handle);
     911             : 
     912           0 :                 rc = EPMAPPER_STATUS_NO_MORE_ENTRIES;
     913           0 :                 goto done;
     914             :         }
     915             : 
     916         542 :         r->out.towers = talloc_array(p->mem_ctx, struct epm_twr_p_t, count);
     917         542 :         if (r->out.towers == NULL) {
     918           0 :                 rc = EPMAPPER_STATUS_NO_MEMORY;
     919           0 :                 goto done;
     920             :         }
     921             : 
     922        1340 :         for (i = 0; i < count; i++) {
     923         798 :                 DEBUG(7, ("_epm_Map: Map tower for '%s'\n",
     924             :                            eps->e[i].name));
     925             : 
     926         798 :                 r->out.towers[num_towers].twr = talloc(r->out.towers,
     927             :                                                        struct epm_twr_t);
     928         798 :                 if (r->out.towers[num_towers].twr == NULL) {
     929           0 :                         rc = EPMAPPER_STATUS_NO_MEMORY;
     930           0 :                         goto done;
     931             :                 }
     932         798 :                 r->out.towers[num_towers].twr->tower.floors = talloc_move(r->out.towers[num_towers].twr, &eps->e[i].ep.floors);
     933         798 :                 r->out.towers[num_towers].twr->tower.num_floors = eps->e[i].ep.num_floors;
     934         798 :                 r->out.towers[num_towers].twr->tower_length = 0;
     935             : 
     936         798 :                 num_towers++;
     937             :         }
     938             : 
     939         542 :         *r->out.num_towers = num_towers;
     940             : 
     941         542 :         eps->count -= count;
     942         542 :         eps->e += count;
     943         542 :         if (eps->count == 0) {
     944         542 :                 close_policy_hnd(p, entry_handle);
     945         542 :                 ZERO_STRUCTP(r->out.entry_handle);
     946             :         }
     947             : 
     948         542 :         rc = EPMAPPER_STATUS_OK;
     949         716 : done:
     950         716 :         talloc_free(tmp_ctx);
     951             : 
     952         716 :         return rc;
     953             : }
     954             : 
     955             : /*
     956             :  * epm_LookupHandleFree
     957             :  */
     958           4 : error_status_t _epm_LookupHandleFree(struct pipes_struct *p,
     959             :                                      struct epm_LookupHandleFree *r)
     960             : {
     961           4 :         if (r->in.entry_handle == NULL) {
     962           0 :                 return EPMAPPER_STATUS_OK;
     963             :         }
     964             : 
     965           4 :         if (is_valid_policy_hnd(r->in.entry_handle)) {
     966           4 :                 close_policy_hnd(p, r->in.entry_handle);
     967             :         }
     968             : 
     969           4 :         r->out.entry_handle = r->in.entry_handle;
     970             : 
     971           4 :         return EPMAPPER_STATUS_OK;
     972             : }
     973             : 
     974             : 
     975             : /*
     976             :  * epm_InqObject
     977             :  *
     978             :  * A client implementation SHOULD NOT call this method. These extensions do not
     979             :  * provide an alternative method.
     980             :  */
     981           0 : error_status_t _epm_InqObject(struct pipes_struct *p,
     982             :                       struct epm_InqObject *r)
     983             : {
     984           0 :         p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
     985           0 :         return EPMAPPER_STATUS_CANT_PERFORM_OP;
     986             : }
     987             : 
     988             : 
     989             : /*
     990             :  * epm_MgmtDelete
     991             :  *
     992             :  * A client implementation SHOULD NOT call this method. These extensions do not
     993             :  * provide an alternative method.
     994             : */
     995           0 : error_status_t _epm_MgmtDelete(struct pipes_struct *p,
     996             :                        struct epm_MgmtDelete *r)
     997             : {
     998           0 :         p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
     999           0 :         return EPMAPPER_STATUS_CANT_PERFORM_OP;
    1000             : }
    1001             : 
    1002             : 
    1003             : /*
    1004             :   epm_MapAuth
    1005             : */
    1006           0 : error_status_t _epm_MapAuth(struct pipes_struct *p,
    1007             :                     struct epm_MapAuth *r)
    1008             : {
    1009           0 :         p->fault_state = DCERPC_FAULT_OP_RNG_ERROR;
    1010           0 :         return EPMAPPER_STATUS_CANT_PERFORM_OP;
    1011             : }
    1012             : 
    1013             : static NTSTATUS epmapper__op_shutdown_server(struct dcesrv_context *dce_ctx,
    1014             :                         const struct dcesrv_endpoint_server *ep_server);
    1015             : 
    1016             : #define DCESRV_INTERFACE_EPMAPPER_SHUTDOWN_SERVER \
    1017             :        epmapper_shutdown_server
    1018             : 
    1019          26 : static NTSTATUS epmapper_shutdown_server(struct dcesrv_context *dce_ctx,
    1020             :                 const struct dcesrv_endpoint_server *ep_server)
    1021             : {
    1022          26 :         return epmapper__op_shutdown_server(dce_ctx, ep_server);
    1023             : }
    1024             : 
    1025             : static NTSTATUS epmapper__op_init_server(
    1026             :         struct dcesrv_context *dce_ctx,
    1027             :         const struct dcesrv_endpoint_server *ep_server);
    1028             : 
    1029          26 : static NTSTATUS epmapper_init_server(
    1030             :         struct dcesrv_context *dce_ctx,
    1031             :         const struct dcesrv_endpoint_server *ep_server)
    1032             : {
    1033          26 :         char *epmdb_path = NULL;
    1034           0 :         NTSTATUS status;
    1035             : 
    1036          26 :         epmdb_path = lock_path(dce_ctx, "epmdb.tdb");
    1037          26 :         if (epmdb_path == NULL) {
    1038           0 :                 return NT_STATUS_NO_MEMORY;
    1039             :         }
    1040             : 
    1041          26 :         epmdb = tdb_wrap_open(
    1042             :                 dce_ctx,
    1043             :                 epmdb_path,
    1044             :                 0,
    1045             :                 TDB_CLEAR_IF_FIRST|TDB_INCOMPATIBLE_HASH,
    1046             :                 O_RDONLY,
    1047             :                 0644);
    1048          26 :         if (epmdb == NULL) {
    1049           0 :                 DBG_DEBUG("Could not open epmdb.tdb: %s\n", strerror(errno));
    1050           0 :                 return map_nt_error_from_unix(errno);
    1051             :         }
    1052          26 :         TALLOC_FREE(epmdb_path);
    1053             : 
    1054          26 :         status = epmapper__op_init_server(dce_ctx, ep_server);
    1055          26 :         return status;
    1056             : }
    1057             : 
    1058             : #define DCESRV_INTERFACE_EPMAPPER_INIT_SERVER epmapper_init_server
    1059             : 
    1060             : /* include the generated boilerplate */
    1061             : #include "librpc/gen_ndr/ndr_epmapper_scompat.c"
    1062             : 
    1063             : /* vim: set ts=8 sw=8 noet cindent syntax=c.doxygen: */

Generated by: LCOV version 1.14