Samba: rpc_server/srv_lsa_hnd.c ソースファイル

00001 /* 
00002  *  Unix SMB/CIFS implementation.
00003  *  RPC Pipe client / server routines
00004  *  Copyright (C) Andrew Tridgell              1992-1997,
00005  *  Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
00006  *  Copyright (C) Jeremy Allison                           2001.
00007  *  
00008  *  This program is free software; you can redistribute it and/or modify
00009  *  it under the terms of the GNU General Public License as published by
00010  *  the Free Software Foundation; either version 2 of the License, or
00011  *  (at your option) any later version.
00012  *  
00013  *  This program is distributed in the hope that it will be useful,
00014  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00015  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00016  *  GNU General Public License for more details.
00017  *  
00018  *  You should have received a copy of the GNU General Public License
00019  *  along with this program; if not, write to the Free Software
00020  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
00021  */
00022 
00023 #include "includes.h"
00024 
00025 #undef DBGC_CLASS
00026 #define DBGC_CLASS DBGC_RPC_SRV
00027 
00028 /* This is the max handles across all instances of a pipe name. */
00029 #ifndef MAX_OPEN_POLS
00030 #define MAX_OPEN_POLS 1024
00031 #endif
00032 
00033 /****************************************************************************
00034  Hack as handles need to be persisant over lsa pipe closes so long as a samr
00035  pipe is open. JRA.
00036 ****************************************************************************/
00037 
00038 static BOOL is_samr_lsa_pipe(const char *pipe_name)
00039 {
00040         return (strstr(pipe_name, "samr") || strstr(pipe_name, "lsa"));
00041 }
00042 
00043 /****************************************************************************
00044  Initialise a policy handle list on a pipe. Handle list is shared between all
00045  pipes of the same name.
00046 ****************************************************************************/
00047 
00048 BOOL init_pipe_handle_list(pipes_struct *p, char *pipe_name)
00049 {
00050         pipes_struct *plist = get_first_internal_pipe();
00051         struct handle_list *hl = NULL;
00052 
00053         for (plist = get_first_internal_pipe(); plist; plist = get_next_internal_pipe(plist)) {
00054                 if (strequal( plist->name, pipe_name) ||
00055                                 (is_samr_lsa_pipe(plist->name) && is_samr_lsa_pipe(pipe_name))) {
00056                         if (!plist->pipe_handles) {
00057                                 pstring msg;
00058                                 slprintf(msg, sizeof(msg)-1, "init_pipe_handles: NULL pipe_handle pointer in pipe %s",
00059                                                 pipe_name );
00060                                 smb_panic(msg);
00061                         }
00062                         hl = plist->pipe_handles;
00063                         break;
00064                 }
00065         }
00066 
00067         if (!hl) {
00068                 /*
00069                  * No handle list for this pipe (first open of pipe).
00070                  * Create list.
00071                  */
00072 
00073                 if ((hl = SMB_MALLOC_P(struct handle_list)) == NULL)
00074                         return False;
00075                 ZERO_STRUCTP(hl);
00076 
00077                 DEBUG(10,("init_pipe_handles: created handle list for pipe %s\n", pipe_name ));
00078         }
00079 
00080         /*
00081          * One more pipe is using this list.
00082          */
00083 
00084         hl->pipe_ref_count++;
00085 
00086         /*
00087          * Point this pipe at this list.
00088          */
00089 
00090         p->pipe_handles = hl;
00091 
00092         DEBUG(10,("init_pipe_handles: pipe_handles ref count = %lu for pipe %s\n",
00093                   (unsigned long)p->pipe_handles->pipe_ref_count, pipe_name ));
00094 
00095         return True;
00096 }
00097 
00098 /****************************************************************************
00099   find first available policy slot.  creates a policy handle for you.
00100 ****************************************************************************/
00101 
00102 BOOL create_policy_hnd(pipes_struct *p, POLICY_HND *hnd, void (*free_fn)(void *), void *data_ptr)
00103 {
00104         static uint32 pol_hnd_low  = 0;
00105         static uint32 pol_hnd_high = 0;
00106         time_t t = time(NULL);
00107 
00108         struct policy *pol;
00109 
00110         if (p->pipe_handles->count > MAX_OPEN_POLS) {
00111                 DEBUG(0,("create_policy_hnd: ERROR: too many handles (%d) on this pipe.\n",
00112                                 (int)p->pipe_handles->count));
00113                 return False;
00114         }
00115 
00116         pol = SMB_MALLOC_P(struct policy);
00117         if (!pol) {
00118                 DEBUG(0,("create_policy_hnd: ERROR: out of memory!\n"));
00119                 return False;
00120         }
00121 
00122         ZERO_STRUCTP(pol);
00123 
00124         pol->data_ptr = data_ptr;
00125         pol->free_fn = free_fn;
00126 
00127         pol_hnd_low++;
00128         if (pol_hnd_low == 0)
00129                 (pol_hnd_high)++;
00130 
00131         SIVAL(&pol->pol_hnd.handle_type, 0 , 0);  /* first bit must be null */
00132         SIVAL(&pol->pol_hnd.uuid.time_low, 0 , pol_hnd_low ); /* second bit is incrementing */
00133         SSVAL(&pol->pol_hnd.uuid.time_mid, 0 , pol_hnd_high); /* second bit is incrementing */
00134         SSVAL(&pol->pol_hnd.uuid.time_hi_and_version, 0 , (pol_hnd_high>>16)); /* second bit is incrementing */
00135 
00136         /* split the current time into two 16 bit values */
00137 
00138         SSVAL(pol->pol_hnd.uuid.clock_seq, 0, (t>>16)); /* something random */
00139         SSVAL(pol->pol_hnd.uuid.node, 0, t); /* something random */
00140 
00141         SIVAL(pol->pol_hnd.uuid.node, 2, sys_getpid()); /* something more random */
00142 
00143         DLIST_ADD(p->pipe_handles->Policy, pol);
00144         p->pipe_handles->count++;
00145 
00146         *hnd = pol->pol_hnd;
00147         
00148         DEBUG(4,("Opened policy hnd[%d] ", (int)p->pipe_handles->count));
00149         dump_data(4, (char *)hnd, sizeof(*hnd));
00150 
00151         return True;
00152 }
00153 
00154 /****************************************************************************
00155   find policy by handle - internal version.
00156 ****************************************************************************/
00157 
00158 static struct policy *find_policy_by_hnd_internal(pipes_struct *p, POLICY_HND *hnd, void **data_p)
00159 {
00160         struct policy *pol;
00161         size_t i;
00162 
00163         if (data_p)
00164                 *data_p = NULL;
00165 
00166         for (i = 0, pol=p->pipe_handles->Policy;pol;pol=pol->next, i++) {
00167                 if (memcmp(&pol->pol_hnd, hnd, sizeof(*hnd)) == 0) {
00168                         DEBUG(4,("Found policy hnd[%d] ", (int)i));
00169                         dump_data(4, (char *)hnd, sizeof(*hnd));
00170                         if (data_p)
00171                                 *data_p = pol->data_ptr;
00172                         return pol;
00173                 }
00174         }
00175 
00176         DEBUG(4,("Policy not found: "));
00177         dump_data(4, (char *)hnd, sizeof(*hnd));
00178 
00179         p->bad_handle_fault_state = True;
00180 
00181         return NULL;
00182 }
00183 
00184 /****************************************************************************
00185   find policy by handle
00186 ****************************************************************************/
00187 
00188 BOOL find_policy_by_hnd(pipes_struct *p, POLICY_HND *hnd, void **data_p)
00189 {
00190         return find_policy_by_hnd_internal(p, hnd, data_p) == NULL ? False : True;
00191 }
00192 
00193 /****************************************************************************
00194   Close a policy.
00195 ****************************************************************************/
00196 
00197 BOOL close_policy_hnd(pipes_struct *p, POLICY_HND *hnd)
00198 {
00199         struct policy *pol = find_policy_by_hnd_internal(p, hnd, NULL);
00200 
00201         if (!pol) {
00202                 DEBUG(3,("Error closing policy\n"));
00203                 return False;
00204         }
00205 
00206         DEBUG(3,("Closed policy\n"));
00207 
00208         if (pol->free_fn && pol->data_ptr)
00209                 (*pol->free_fn)(pol->data_ptr);
00210 
00211         p->pipe_handles->count--;
00212 
00213         DLIST_REMOVE(p->pipe_handles->Policy, pol);
00214 
00215         ZERO_STRUCTP(pol);
00216 
00217         SAFE_FREE(pol);
00218 
00219         return True;
00220 }
00221 
00222 /****************************************************************************
00223  Close a pipe - free the handle list if it was the last pipe reference.
00224 ****************************************************************************/
00225 
00226 void close_policy_by_pipe(pipes_struct *p)
00227 {
00228         p->pipe_handles->pipe_ref_count--;
00229 
00230         if (p->pipe_handles->pipe_ref_count == 0) {
00231                 /*
00232                  * Last pipe open on this list - free the list.
00233                  */
00234                 while (p->pipe_handles->Policy)
00235                         close_policy_hnd(p, &p->pipe_handles->Policy->pol_hnd);
00236 
00237                 p->pipe_handles->Policy = NULL;
00238                 p->pipe_handles->count = 0;
00239 
00240                 SAFE_FREE(p->pipe_handles);
00241                 DEBUG(10,("close_policy_by_pipe: deleted handle list for pipe %s\n", p->name ));
00242         }
00243 }
00244 
00245 /*******************************************************************
00246 Shall we allow access to this rpc?  Currently this function
00247 implements the 'restrict anonymous' setting by denying access to
00248 anonymous users if the restrict anonymous level is > 0.  Further work
00249 will be checking a security descriptor to determine whether a user
00250 token has enough access to access the pipe.
00251 ********************************************************************/
00252 
00253 BOOL pipe_access_check(pipes_struct *p)
00254 {
00255         /* Don't let anonymous users access this RPC if restrict
00256            anonymous > 0 */
00257 
00258         if (lp_restrict_anonymous() > 0) {
00259                 user_struct *user = get_valid_user_struct(p->vuid);
00260 
00261                 /* schannel, so we must be ok */
00262                 if (p->pipe_bound && (p->auth.auth_type == PIPE_AUTH_TYPE_SCHANNEL)) {
00263                         return True;
00264                 }
00265 
00266                 if (!user) {
00267                         DEBUG(3, ("invalid vuid %d\n", p->vuid));
00268                         return False;
00269                 }
00270 
00271                 if (user->guest) {
00272                         return False;
00273                 }
00274         }
00275 
00276         return True;
00277 }