source: branches/samba-3.0/source/include/ntdomain.h@ 158

Last change on this file since 158 was 1, checked in by Paul Smedley, 18 years ago

Initial code import
File size: 10.3 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 SMB parameters and setup
4 Copyright (C) Andrew Tridgell 1992-1997
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
6 Copyright (C) Paul Ashton 1997
7 Copyright (C) Jeremy Allison 2000-2004
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22*/
23
24#ifndef _NT_DOMAIN_H /* _NT_DOMAIN_H */
25#define _NT_DOMAIN_H
26
27/*
28 * A bunch of stuff that was put into smb.h
29 * in the NTDOM branch - it didn't belong there.
30 */
31
32typedef struct _prs_struct {
33 BOOL io; /* parsing in or out of data stream */
34 /*
35 * If the (incoming) data is big-endian. On output we are
36 * always little-endian.
37 */
38 BOOL bigendian_data;
39 uint8 align; /* data alignment */
40 BOOL is_dynamic; /* Do we own this memory or not ? */
41 uint32 data_offset; /* Current working offset into data. */
42 uint32 buffer_size; /* Current allocated size of the buffer. */
43 uint32 grow_size; /* size requested via prs_grow() calls */
44 char *data_p; /* The buffer itself. */
45 TALLOC_CTX *mem_ctx; /* When unmarshalling, use this.... */
46 const char *sess_key; /* If we have to do encrypt/decrypt on the fly. */
47} prs_struct;
48
49/*
50 * Defines for io member of prs_struct.
51 */
52
53#define MARSHALL 0
54#define UNMARSHALL 1
55
56#define MARSHALLING(ps) (!(ps)->io)
57#define UNMARSHALLING(ps) ((ps)->io)
58
59#define RPC_BIG_ENDIAN 1
60#define RPC_LITTLE_ENDIAN 0
61
62#define RPC_PARSE_ALIGN 4
63
64typedef struct _output_data {
65 /*
66 * Raw RPC output data. This does not include RPC headers or footers.
67 */
68 prs_struct rdata;
69
70 /* The amount of data sent from the current rdata struct. */
71 uint32 data_sent_length;
72
73 /*
74 * The current PDU being returned. This inclues
75 * headers, data and authentication footer.
76 */
77 unsigned char current_pdu[RPC_MAX_PDU_FRAG_LEN];
78
79 /* The amount of data in the current_pdu buffer. */
80 uint32 current_pdu_len;
81
82 /* The amount of data sent from the current PDU. */
83 uint32 current_pdu_sent;
84} output_data;
85
86typedef struct _input_data {
87 /*
88 * This is the current incoming pdu. The data here
89 * is collected via multiple writes until a complete
90 * pdu is seen, then the data is copied into the in_data
91 * structure. The maximum size of this is 0x1630 (RPC_MAX_PDU_FRAG_LEN).
92 */
93 unsigned char current_in_pdu[RPC_MAX_PDU_FRAG_LEN];
94
95 /*
96 * The amount of data needed to complete the in_pdu.
97 * If this is zero, then we are at the start of a new
98 * pdu.
99 */
100 uint32 pdu_needed_len;
101
102 /*
103 * The amount of data received so far in the in_pdu.
104 * If this is zero, then we are at the start of a new
105 * pdu.
106 */
107 uint32 pdu_received_len;
108
109 /*
110 * This is the collection of input data with all
111 * the rpc headers and auth footers removed.
112 * The maximum length of this (1Mb) is strictly enforced.
113 */
114 prs_struct data;
115} input_data;
116
117/*
118 * Handle database - stored per pipe.
119 */
120
121struct policy {
122 struct policy *next, *prev;
123
124 POLICY_HND pol_hnd;
125
126 void *data_ptr;
127 void (*free_fn)(void *);
128};
129
130struct handle_list {
131 struct policy *Policy; /* List of policies. */
132 size_t count; /* Current number of handles. */
133 size_t pipe_ref_count; /* Number of pipe handles referring to this list. */
134};
135
136/* Domain controller authentication protocol info */
137struct dcinfo {
138 uint32 sequence; /* "timestamp" from client. */
139 DOM_CHAL seed_chal;
140 DOM_CHAL clnt_chal; /* Client credential */
141 DOM_CHAL srv_chal; /* Server credential */
142
143 unsigned char sess_key[16]; /* Session key - 8 bytes followed by 8 zero bytes */
144 unsigned char mach_pw[16]; /* md4(machine password) */
145
146 fstring mach_acct; /* Machine name we've authenticated. */
147
148 fstring remote_machine; /* Machine name we've authenticated. */
149 fstring domain;
150
151 BOOL challenge_sent;
152 BOOL authenticated;
153};
154
155typedef struct pipe_rpc_fns {
156
157 struct pipe_rpc_fns *next, *prev;
158
159 /* RPC function table associated with the current rpc_bind (associated by context) */
160
161 struct api_struct *cmds;
162 int n_cmds;
163 uint32 context_id;
164
165} PIPE_RPC_FNS;
166
167/*
168 * Different auth types we support.
169 * Can't keep in sync with wire values as spnego wraps different auth methods.
170 */
171
172enum pipe_auth_type { PIPE_AUTH_TYPE_NONE = 0, PIPE_AUTH_TYPE_NTLMSSP, PIPE_AUTH_TYPE_SCHANNEL,
173 PIPE_AUTH_TYPE_SPNEGO_NTLMSSP, PIPE_AUTH_TYPE_KRB5, PIPE_AUTH_TYPE_SPNEGO_KRB5 };
174
175/* Possible auth levels - keep these in sync with the wire values. */
176enum pipe_auth_level { PIPE_AUTH_LEVEL_NONE = 0,
177 PIPE_AUTH_LEVEL_CONNECT = 1, /* We treat as NONE. */
178 PIPE_AUTH_LEVEL_INTEGRITY = 5, /* Sign. */
179 PIPE_AUTH_LEVEL_PRIVACY = 6 /* Seal. */
180};
181
182/* auth state for krb5. */
183struct kerberos_auth_struct {
184 const char *service_principal;
185 DATA_BLOB session_key;
186};
187
188/* auth state for schannel. */
189struct schannel_auth_struct {
190 unsigned char sess_key[16];
191 uint32 seq_num;
192};
193
194/* auth state for all bind types. */
195
196struct pipe_auth_data {
197 enum pipe_auth_type auth_type; /* switch for union below. */
198 enum pipe_auth_level auth_level;
199 union {
200 struct schannel_auth_struct *schannel_auth;
201 AUTH_NTLMSSP_STATE *auth_ntlmssp_state;
202/* struct kerberos_auth_struct *kerberos_auth; TO BE ADDED... */
203 } a_u;
204 void (*auth_data_free_func)(struct pipe_auth_data *);
205};
206
207/*
208 * DCE/RPC-specific samba-internal-specific handling of data on
209 * NamedPipes.
210 */
211
212typedef struct pipes_struct {
213 struct pipes_struct *next, *prev;
214
215 connection_struct *conn;
216 uint16 vuid; /* points to the unauthenticated user that opened this pipe. */
217
218 fstring name;
219 fstring pipe_srv_name;
220
221 /* linked list of rpc dispatch tables associated
222 with the open rpc contexts */
223
224 PIPE_RPC_FNS *contexts;
225
226 RPC_HDR hdr; /* Incoming RPC header. */
227 RPC_HDR_REQ hdr_req; /* Incoming request header. */
228
229 /* This context is used for pipe state storage and is freed when the pipe is closed. */
230 TALLOC_CTX *pipe_state_mem_ctx;
231
232 struct pipe_auth_data auth;
233
234 struct dcinfo *dc; /* Keeps the creds data from netlogon. */
235
236 /*
237 * Windows user info.
238 */
239 fstring user_name;
240 fstring domain;
241 fstring wks;
242
243 /*
244 * Unix user name and credentials used when a pipe is authenticated.
245 */
246
247 fstring pipe_user_name;
248 struct current_user pipe_user;
249 DATA_BLOB session_key;
250
251 /*
252 * Set to true when an RPC bind has been done on this pipe.
253 */
254
255 BOOL pipe_bound;
256
257 /*
258 * Set to true when we should return fault PDU's for everything.
259 */
260
261 BOOL fault_state;
262
263 /*
264 * Set to true when we should return fault PDU's for a bad handle.
265 */
266
267 BOOL bad_handle_fault_state;
268
269 /*
270 * Set to true when the backend does not support a call.
271 */
272
273 BOOL rng_fault_state;
274
275 /*
276 * Set to RPC_BIG_ENDIAN when dealing with big-endian PDU's
277 */
278
279 BOOL endian;
280
281 /*
282 * Struct to deal with multiple pdu inputs.
283 */
284
285 input_data in_data;
286
287 /*
288 * Struct to deal with multiple pdu outputs.
289 */
290
291 output_data out_data;
292
293 /* This context is used for PDU data and is freed between each pdu.
294 Don't use for pipe state storage. */
295 TALLOC_CTX *mem_ctx;
296
297 /* handle database to use on this pipe. */
298 struct handle_list *pipe_handles;
299
300} pipes_struct;
301
302typedef struct smb_np_struct {
303 struct smb_np_struct *next, *prev;
304 int pnum;
305 connection_struct *conn;
306 uint16 vuid; /* points to the unauthenticated user that opened this pipe. */
307 BOOL open; /* open connection */
308 uint16 device_state;
309 uint16 priority;
310 fstring name;
311
312 /* When replying to an SMBtrans, this is the maximum amount of
313 data that can be sent in the initial reply. */
314 int max_trans_reply;
315
316 /*
317 * NamedPipe state information.
318 *
319 * (e.g. typecast a np_struct, above).
320 */
321 void *np_state;
322
323 /*
324 * NamedPipe functions, to be called to perform
325 * Named Pipe transactions on request from an
326 * SMB client.
327 */
328
329 /* call to create a named pipe connection.
330 * returns: state information representing the connection.
331 * is stored in np_state, above.
332 */
333 void * (*namedpipe_create)(char *pipe_name,
334 connection_struct *conn, uint16 vuid);
335
336 /* call to perform a write / read namedpipe transaction.
337 * TransactNamedPipe is weird: it returns whether there
338 * is more data outstanding to be read, and the
339 * caller is expected to take note and follow up with
340 * read requests.
341 */
342 ssize_t (*namedpipe_transact)(void *np_state,
343 char *data, int len,
344 char *rdata, int rlen,
345 BOOL *pipe_outstanding);
346
347 /* call to perform a write namedpipe operation
348 */
349 ssize_t (*namedpipe_write)(void * np_state,
350 char *data, size_t n);
351
352 /* call to perform a read namedpipe operation.
353 *
354 * NOTE: the only reason that the pipe_outstanding
355 * argument is here is because samba does not use
356 * the namedpipe_transact function yet: instead,
357 * it performs the same as what namedpipe_transact
358 * does - a write, followed by a read.
359 *
360 * when samba is modified to use namedpipe_transact,
361 * the pipe_outstanding argument may be removed.
362 */
363 ssize_t (*namedpipe_read)(void * np_state,
364 char *data, size_t max_len,
365 BOOL *pipe_outstanding);
366
367 /* call to close a namedpipe.
368 * function is expected to perform all cleanups
369 * necessary, free all memory etc.
370 *
371 * returns True if cleanup was successful (not that
372 * we particularly care).
373 */
374 BOOL (*namedpipe_close)(void * np_state);
375
376} smb_np_struct;
377
378struct api_struct {
379 const char *name;
380 uint8 opnum;
381 BOOL (*fn) (pipes_struct *);
382};
383
384typedef struct {
385 uint32 rid;
386 const char *name;
387} rid_name;
388
389/*
390 * higher order functions for use with msrpc client code
391 */
392
393#define PRINT_INFO_FN(fn)\
394 void (*fn)(const char*, uint32, uint32, void *const *const)
395#define JOB_INFO_FN(fn)\
396 void (*fn)(const char*, const char*, uint32, uint32, void *const *const)
397
398/* end higher order functions */
399
400typedef struct {
401 uint32 size;
402 prs_struct prs;
403 uint32 struct_start;
404 uint32 string_at_end;
405} RPC_BUFFER;
406
407#endif /* _NT_DOMAIN_H */
Note: See TracBrowser for help on using the repository browser.