Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : common server info functions
5 :
6 : Copyright (C) Stefan (metze) Metzmacher 2004
7 :
8 : This program is free software; you can redistribute it and/or modify
9 : it under the terms of the GNU General Public License as published by
10 : the Free Software Foundation; either version 3 of the License, or
11 : (at your option) any later version.
12 :
13 : This program is distributed in the hope that it will be useful,
14 : but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : GNU General Public License for more details.
17 :
18 : You should have received a copy of the GNU General Public License
19 : along with this program. If not, see <http://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include "includes.h"
23 : #include "librpc/gen_ndr/srvsvc.h"
24 : #include "rpc_server/dcerpc_server.h"
25 : #include "dsdb/samdb/samdb.h"
26 : #include "dsdb/common/util.h"
27 : #include "auth/auth.h"
28 : #include "param/param.h"
29 : #include "rpc_server/common/common.h"
30 : #include "libds/common/roles.h"
31 : #include "auth/auth_util.h"
32 : #include "lib/tsocket/tsocket.h"
33 :
34 : /*
35 : Here are common server info functions used by some dcerpc server interfaces
36 : */
37 :
38 : /* This hardcoded value should go into a ldb database! */
39 18 : enum srvsvc_PlatformId dcesrv_common_get_platform_id(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx)
40 : {
41 0 : enum srvsvc_PlatformId id;
42 :
43 18 : id = lpcfg_parm_int(dce_ctx->lp_ctx, NULL, "server_info", "platform_id", PLATFORM_ID_NT);
44 :
45 18 : return id;
46 : }
47 :
48 18 : const char *dcesrv_common_get_server_name(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx, const char *server_unc)
49 : {
50 18 : const char *p = server_unc;
51 :
52 : /* if there's no string return our NETBIOS name */
53 18 : if (!p) {
54 8 : return talloc_strdup(mem_ctx, lpcfg_netbios_name(dce_ctx->lp_ctx));
55 : }
56 :
57 : /* if there're '\\\\' in front remove them otherwise just pass the string */
58 10 : if (p[0] == '\\' && p[1] == '\\') {
59 10 : p += 2;
60 : }
61 :
62 10 : return talloc_strdup(mem_ctx, p);
63 : }
64 :
65 :
66 : /* This hardcoded value should go into a ldb database! */
67 7 : uint32_t dcesrv_common_get_server_type(TALLOC_CTX *mem_ctx, struct tevent_context *event_ctx, struct dcesrv_context *dce_ctx)
68 : {
69 7 : int default_server_announce = 0;
70 7 : default_server_announce |= SV_TYPE_WORKSTATION;
71 7 : default_server_announce |= SV_TYPE_SERVER;
72 7 : default_server_announce |= SV_TYPE_SERVER_UNIX;
73 :
74 7 : default_server_announce |= SV_TYPE_SERVER_NT;
75 7 : default_server_announce |= SV_TYPE_NT;
76 :
77 7 : switch (lpcfg_server_role(dce_ctx->lp_ctx)) {
78 0 : case ROLE_DOMAIN_MEMBER:
79 0 : default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
80 0 : break;
81 7 : case ROLE_ACTIVE_DIRECTORY_DC:
82 : {
83 0 : struct ldb_context *samctx;
84 7 : TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
85 7 : if (!tmp_ctx) {
86 0 : break;
87 : }
88 : /* open main ldb */
89 7 : samctx = samdb_connect(
90 : tmp_ctx,
91 : event_ctx,
92 : dce_ctx->lp_ctx,
93 : anonymous_session(tmp_ctx, dce_ctx->lp_ctx),
94 : NULL,
95 : 0);
96 7 : if (samctx == NULL) {
97 0 : DEBUG(2,("Unable to open samdb in determining server announce flags\n"));
98 : } else {
99 : /* Determine if we are the pdc */
100 7 : bool is_pdc = samdb_is_pdc(samctx);
101 7 : if (is_pdc) {
102 7 : default_server_announce |= SV_TYPE_DOMAIN_CTRL;
103 : } else {
104 0 : default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
105 : }
106 : }
107 : /* Close it */
108 7 : talloc_free(tmp_ctx);
109 7 : break;
110 : }
111 0 : case ROLE_STANDALONE:
112 : default:
113 0 : break;
114 : }
115 7 : if (lpcfg_time_server(dce_ctx->lp_ctx))
116 0 : default_server_announce |= SV_TYPE_TIME_SOURCE;
117 :
118 7 : if (lpcfg_host_msdfs(dce_ctx->lp_ctx))
119 7 : default_server_announce |= SV_TYPE_DFS_SERVER;
120 :
121 :
122 : #if 0
123 : {
124 : /* TODO: announce us as print server when we are a print server */
125 : bool is_print_server = false;
126 : if (is_print_server) {
127 : default_server_announce |= SV_TYPE_PRINTQ_SERVER;
128 : }
129 : }
130 : #endif
131 7 : return default_server_announce;
132 : }
133 :
134 : /* This hardcoded value should go into a ldb database! */
135 3 : const char *dcesrv_common_get_lan_root(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx)
136 : {
137 3 : return talloc_strdup(mem_ctx, "");
138 : }
139 :
140 : /* This hardcoded value should go into a ldb database! */
141 3 : uint32_t dcesrv_common_get_users(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx)
142 : {
143 3 : return -1;
144 : }
145 :
146 : /* This hardcoded value should go into a ldb database! */
147 3 : uint32_t dcesrv_common_get_disc(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx)
148 : {
149 3 : return 15;
150 : }
151 :
152 : /* This hardcoded value should go into a ldb database! */
153 3 : uint32_t dcesrv_common_get_hidden(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx)
154 : {
155 3 : return 0;
156 : }
157 :
158 : /* This hardcoded value should go into a ldb database! */
159 3 : uint32_t dcesrv_common_get_announce(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx)
160 : {
161 3 : return 240;
162 : }
163 :
164 : /* This hardcoded value should go into a ldb database! */
165 3 : uint32_t dcesrv_common_get_anndelta(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx)
166 : {
167 3 : return 3000;
168 : }
169 :
170 : /* This hardcoded value should go into a ldb database! */
171 3 : uint32_t dcesrv_common_get_licenses(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx)
172 : {
173 3 : return 0;
174 : }
175 :
176 : /* This hardcoded value should go into a ldb database! */
177 3 : const char *dcesrv_common_get_userpath(TALLOC_CTX *mem_ctx, struct dcesrv_context *dce_ctx)
178 : {
179 3 : return talloc_strdup(mem_ctx, "c:\\");
180 : }
181 :
182 : #define INVALID_SHARE_NAME_CHARS " \"*+,./:;<=>?[\\]|"
183 :
184 582 : bool dcesrv_common_validate_share_name(TALLOC_CTX *mem_ctx, const char *share_name)
185 : {
186 582 : if (strpbrk(share_name, INVALID_SHARE_NAME_CHARS)) {
187 102 : return false;
188 : }
189 :
190 480 : return true;
191 : }
192 :
193 : /*
194 : * call_session_info is session info for samdb. call_audit_session_info is for
195 : * auditing and may be NULL.
196 : */
197 18533 : struct ldb_context *dcesrv_samdb_connect_session_info(
198 : TALLOC_CTX *mem_ctx,
199 : struct dcesrv_call_state *dce_call,
200 : const struct auth_session_info *call_session_info,
201 : const struct auth_session_info *call_audit_session_info)
202 : {
203 18533 : struct ldb_context *samdb = NULL;
204 18533 : struct auth_session_info *user_session_info = NULL;
205 18533 : struct auth_session_info *audit_session_info = NULL;
206 18533 : struct tsocket_address *remote_address = NULL;
207 :
208 18533 : user_session_info = copy_session_info(mem_ctx, call_session_info);
209 18533 : if (user_session_info == NULL) {
210 0 : return NULL;
211 : }
212 :
213 18533 : if (call_audit_session_info != NULL) {
214 6557 : audit_session_info = copy_session_info(mem_ctx, call_audit_session_info);
215 6557 : if (audit_session_info == NULL) {
216 0 : talloc_free(user_session_info);
217 0 : return NULL;
218 : }
219 : }
220 :
221 18533 : if (dce_call->conn->remote_address != NULL) {
222 18533 : remote_address = tsocket_address_copy(dce_call->conn->remote_address,
223 : user_session_info);
224 18533 : if (remote_address == NULL) {
225 0 : TALLOC_FREE(audit_session_info);
226 0 : talloc_free(user_session_info);
227 0 : return NULL;
228 : }
229 : }
230 :
231 : /*
232 : * We need to make sure every argument
233 : * stays around for the lifetime of 'samdb',
234 : * typically it is allocated on the scope of
235 : * an assoc group, so we can't reference dce_call->conn,
236 : * as the assoc group may stay when the current connection
237 : * gets disconnected.
238 : *
239 : * The following are global per process:
240 : * - dce_call->conn->dce_ctx->lp_ctx
241 : * - dce_call->event_ctx
242 : * - system_session
243 : *
244 : * We make a copy of:
245 : * - dce_call->conn->remote_address
246 : * - dce_call->auth_state->session_info
247 : */
248 19807 : samdb = samdb_connect(
249 : mem_ctx,
250 : dce_call->event_ctx,
251 18533 : dce_call->conn->dce_ctx->lp_ctx,
252 : user_session_info,
253 : remote_address,
254 : 0);
255 18533 : if (samdb == NULL) {
256 0 : TALLOC_FREE(audit_session_info);
257 0 : talloc_free(user_session_info);
258 0 : return NULL;
259 : }
260 18533 : talloc_move(samdb, &user_session_info);
261 :
262 18533 : if (audit_session_info != NULL) {
263 367 : int ret;
264 :
265 6557 : talloc_steal(samdb, audit_session_info);
266 :
267 6557 : ret = ldb_set_opaque(samdb,
268 : DSDB_NETWORK_SESSION_INFO,
269 : audit_session_info);
270 6557 : if (ret != LDB_SUCCESS) {
271 0 : talloc_free(samdb);
272 0 : return NULL;
273 : }
274 : }
275 :
276 17259 : return samdb;
277 : }
278 :
279 : /*
280 : * Open an ldb connection under the system session and save the remote users
281 : * session details in a ldb_opaque. This will allow the audit logging to
282 : * log the original session for operations performed in the system session.
283 : *
284 : * Access checks are required by the caller!
285 : */
286 6410 : struct ldb_context *dcesrv_samdb_connect_as_system(
287 : TALLOC_CTX *mem_ctx,
288 : struct dcesrv_call_state *dce_call)
289 : {
290 6410 : const struct auth_session_info *system_session_info = NULL;
291 6410 : const struct auth_session_info *call_session_info = NULL;
292 :
293 6410 : system_session_info = system_session(dce_call->conn->dce_ctx->lp_ctx);
294 6410 : if (system_session_info == NULL) {
295 0 : return NULL;
296 : }
297 :
298 6410 : call_session_info = dcesrv_call_session_info(dce_call);
299 :
300 6410 : return dcesrv_samdb_connect_session_info(mem_ctx, dce_call,
301 : system_session_info, call_session_info);
302 : }
303 :
304 : /*
305 : * Open an ldb connection under the remote users session details.
306 : *
307 : * Access checks are done at the ldb level.
308 : */
309 11976 : struct ldb_context *dcesrv_samdb_connect_as_user(
310 : TALLOC_CTX *mem_ctx,
311 : struct dcesrv_call_state *dce_call)
312 : {
313 11976 : const struct auth_session_info *call_session_info = NULL;
314 :
315 11976 : call_session_info = dcesrv_call_session_info(dce_call);
316 :
317 11976 : return dcesrv_samdb_connect_session_info(mem_ctx, dce_call,
318 : call_session_info, NULL);
319 : }
|
