static NTSTATUS rpcint_dispatch(struct pipes_struct *p, TALLOC_CTX *mem_ctx, uint32_t opnum, const DATA_BLOB *in_data, DATA_BLOB *out_data) { struct pipe_rpc_fns *fns = find_pipe_fns_by_context(p->contexts, 0); uint32_t num_cmds = fns->n_cmds; const struct api_struct *cmds = fns->cmds; uint32_t i; bool ok; /* set opnum */ p->opnum = opnum; for (i = 0; i < num_cmds; i++) { if (cmds[i].opnum == opnum && cmds[i].fn != NULL) { break; } } if (i == num_cmds) { return NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE; } p->in_data.data = *in_data; p->out_data.rdata = data_blob_null; ok = cmds[i].fn(p); p->in_data.data = data_blob_null; if (!ok) { data_blob_free(&p->out_data.rdata); talloc_free_children(p->mem_ctx); return NT_STATUS_RPC_CALL_FAILED; } if (p->fault_state) { NTSTATUS status; status = NT_STATUS(p->fault_state); p->fault_state = 0; data_blob_free(&p->out_data.rdata); talloc_free_children(p->mem_ctx); return status; } *out_data = p->out_data.rdata; talloc_steal(mem_ctx, out_data->data); p->out_data.rdata = data_blob_null; talloc_free_children(p->mem_ctx); return NT_STATUS_OK; }
static bool api_pipe_request(struct pipes_struct *p, struct ncacn_packet *pkt) { bool ret = False; struct pipe_rpc_fns *pipe_fns; if (!p->pipe_bound) { DEBUG(1, ("Pipe not bound!\n")); data_blob_free(&p->out_data.rdata); return false; } if (!become_authenticated_pipe_user(p->session_info)) { DEBUG(1, ("Failed to become pipe user!\n")); data_blob_free(&p->out_data.rdata); return false; } /* get the set of RPC functions for this context */ pipe_fns = find_pipe_fns_by_context(p->contexts, pkt->u.request.context_id); if ( pipe_fns ) { TALLOC_CTX *frame = talloc_stackframe(); DEBUG(5, ("Requested %s rpc service\n", ndr_interface_name(&pipe_fns->syntax.uuid, pipe_fns->syntax.if_version))); ret = api_rpcTNP(p, pkt, pipe_fns->cmds, pipe_fns->n_cmds, &pipe_fns->syntax); TALLOC_FREE(frame); } else { DEBUG(0, ("No rpc function table associated with context " "[%d]\n", pkt->u.request.context_id)); } unbecome_authenticated_pipe_user(); return ret; }
static bool srv_pipe_check_verification_trailer(struct pipes_struct *p, struct ncacn_packet *pkt, struct pipe_rpc_fns *pipe_fns) { TALLOC_CTX *frame = talloc_stackframe(); struct dcerpc_sec_verification_trailer *vt = NULL; const uint32_t bitmask1 = p->auth.client_hdr_signing ? DCERPC_SEC_VT_CLIENT_SUPPORTS_HEADER_SIGNING : 0; const struct dcerpc_sec_vt_pcontext pcontext = { .abstract_syntax = pipe_fns->syntax, .transfer_syntax = ndr_transfer_syntax_ndr, }; const struct dcerpc_sec_vt_header2 header2 = dcerpc_sec_vt_header2_from_ncacn_packet(pkt); struct ndr_pull *ndr; enum ndr_err_code ndr_err; bool ret = false; ndr = ndr_pull_init_blob(&p->in_data.data, frame); if (ndr == NULL) { goto done; } ndr_err = ndr_pop_dcerpc_sec_verification_trailer(ndr, frame, &vt); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { goto done; } ret = dcerpc_sec_verification_trailer_check(vt, &bitmask1, &pcontext, &header2); done: TALLOC_FREE(frame); return ret; } /**************************************************************************** Find the correct RPC function to call for this request. If the pipe is authenticated then become the correct UNIX user before doing the call. ****************************************************************************/ static bool api_pipe_request(struct pipes_struct *p, struct ncacn_packet *pkt) { TALLOC_CTX *frame = talloc_stackframe(); bool ret = False; struct pipe_rpc_fns *pipe_fns; if (!p->pipe_bound) { DEBUG(1, ("Pipe not bound!\n")); data_blob_free(&p->out_data.rdata); TALLOC_FREE(frame); return false; } /* get the set of RPC functions for this context */ pipe_fns = find_pipe_fns_by_context(p->contexts, pkt->u.request.context_id); if (pipe_fns == NULL) { DEBUG(0, ("No rpc function table associated with context " "[%d]\n", pkt->u.request.context_id)); data_blob_free(&p->out_data.rdata); TALLOC_FREE(frame); return false; } if (!srv_pipe_check_verification_trailer(p, pkt, pipe_fns)) { DEBUG(1, ("srv_pipe_check_verification_trailer: failed\n")); setup_fault_pdu(p, NT_STATUS(DCERPC_FAULT_ACCESS_DENIED)); data_blob_free(&p->out_data.rdata); TALLOC_FREE(frame); return true; } if (!become_authenticated_pipe_user(p->session_info)) { DEBUG(1, ("Failed to become pipe user!\n")); data_blob_free(&p->out_data.rdata); TALLOC_FREE(frame); return false; } DEBUG(5, ("Requested %s rpc service\n", ndr_interface_name(&pipe_fns->syntax.uuid, pipe_fns->syntax.if_version))); ret = api_rpcTNP(p, pkt, pipe_fns->cmds, pipe_fns->n_cmds, &pipe_fns->syntax); unbecome_authenticated_pipe_user(); TALLOC_FREE(frame); return ret; }