1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 /* 27 * Server-side NDR stream (PDU) operations. Stream operations should 28 * return TRUE (non-zero) on success or FALSE (zero or a null pointer) 29 * on failure. When an operation returns FALSE, including ndo_malloc() 30 * returning NULL, it should set the nds->error to indicate what went 31 * wrong. 32 * 33 * When available, the relevant ndr reference is passed to the 34 * operation but keep in mind that it may be a null pointer. 35 * 36 * Functions ndo_get_pdu(), ndo_put_pdu(), and ndo_pad_pdu() 37 * must never grow the PDU data. A request for out-of-bounds data is 38 * an error. The swap_bytes flag is 1 if NDR knows that the byte- 39 * order in the PDU is different from the local system. 40 */ 41 42 #include <sys/types.h> 43 #include <stdarg.h> 44 #include <ctype.h> 45 #include <stdio.h> 46 #include <stdlib.h> 47 #include <strings.h> 48 #include <string.h> 49 #include <assert.h> 50 51 #include <smbsrv/libsmb.h> 52 #include <smbsrv/libmlrpc.h> 53 #include <smbsrv/ntstatus.h> 54 55 #define NDOBUFSZ 128 56 57 #define NDR_PDU_BLOCK_SIZE (4*1024) 58 #define NDR_PDU_BLOCK_MASK (NDR_PDU_BLOCK_SIZE - 1) 59 #define NDR_PDU_ALIGN(N) \ 60 (((N) + NDR_PDU_BLOCK_SIZE) & ~NDR_PDU_BLOCK_MASK) 61 #define NDR_PDU_MAX_SIZE (64*1024*1024) 62 63 static char *ndo_malloc(ndr_stream_t *, unsigned, ndr_ref_t *); 64 static int ndo_free(ndr_stream_t *, char *, ndr_ref_t *); 65 static int ndo_grow_pdu(ndr_stream_t *, unsigned long, ndr_ref_t *); 66 static int ndo_pad_pdu(ndr_stream_t *, unsigned long, unsigned long, 67 ndr_ref_t *); 68 static int ndo_get_pdu(ndr_stream_t *, unsigned long, unsigned long, 69 char *, int, ndr_ref_t *); 70 static int ndo_put_pdu(ndr_stream_t *, unsigned long, unsigned long, 71 char *, int, ndr_ref_t *); 72 static void ndo_tattle(ndr_stream_t *, char *, ndr_ref_t *); 73 static void ndo_tattle_error(ndr_stream_t *, ndr_ref_t *); 74 static int ndo_reset(ndr_stream_t *); 75 static void ndo_destruct(ndr_stream_t *); 76 static void ndo_hexfmt(uint8_t *, int, int, char *, int); 77 78 /* 79 * The ndr stream operations table. 80 */ 81 static ndr_stream_ops_t nds_ops = { 82 ndo_malloc, 83 ndo_free, 84 ndo_grow_pdu, 85 ndo_pad_pdu, 86 ndo_get_pdu, 87 ndo_put_pdu, 88 ndo_tattle, 89 ndo_tattle_error, 90 ndo_reset, 91 ndo_destruct 92 }; 93 94 /* 95 * nds_bswap 96 * 97 * Copies len bytes from src to dst such that dst contains the bytes 98 * from src in reverse order. 99 * 100 * We expect to be dealing with bytes, words, dwords etc. So the 101 * length must be non-zero and a power of 2. 102 */ 103 void 104 nds_bswap(void *srcbuf, void *dstbuf, size_t len) 105 { 106 uint8_t *src = (uint8_t *)srcbuf; 107 uint8_t *dst = (uint8_t *)dstbuf; 108 109 if ((len != 0) && ((len & (len - 1)) == 0)) { 110 src += len; 111 112 while (len--) 113 *dst++ = *(--src); 114 } 115 } 116 117 /* 118 * nds_initialize 119 * 120 * Initialize a stream. Sets up the PDU parameters and assigns the stream 121 * operations and the reference to the heap. An external heap is provided 122 * to the stream, rather than each stream creating its own heap. 123 */ 124 void 125 nds_initialize(ndr_stream_t *nds, unsigned pdu_size_hint, 126 int composite_op, ndr_heap_t *heap) 127 { 128 unsigned size; 129 130 assert(nds); 131 assert(heap); 132 133 bzero(nds, sizeof (*nds)); 134 135 if (pdu_size_hint > NDR_PDU_MAX_SIZE) 136 return; 137 138 size = (pdu_size_hint == 0) ? NDR_PDU_BLOCK_SIZE : pdu_size_hint; 139 nds->pdu_base_addr = malloc(size); 140 assert(nds->pdu_base_addr); 141 142 nds->pdu_max_size = size; 143 nds->pdu_size = 0; 144 nds->pdu_base_offset = (unsigned long)nds->pdu_base_addr; 145 146 nds->ndo = &nds_ops; 147 nds->heap = (struct ndr_heap *)heap; 148 149 nds->m_op = NDR_MODE_TO_M_OP(composite_op); 150 nds->dir = NDR_MODE_TO_DIR(composite_op); 151 152 nds->outer_queue_tailp = &nds->outer_queue_head; 153 } 154 155 void 156 nds_finalize(ndr_stream_t *nds, ndr_fraglist_t *frags) 157 { 158 iovec_t *iov; 159 ndr_frag_t *frag; 160 uint32_t size = 0; 161 162 bzero(frags, sizeof (ndr_fraglist_t)); 163 164 for (frag = nds->frags.head; frag; frag = frag->next) 165 size += frag->len; 166 167 if (size == 0 || size >= NDR_PDU_MAX_SIZE) 168 return; 169 170 frags->iov = malloc(nds->frags.nfrag * sizeof (iovec_t)); 171 if (frags->iov == NULL) 172 return; 173 174 frags->head = nds->frags.head; 175 frags->tail = nds->frags.tail; 176 frags->nfrag = nds->frags.nfrag; 177 bzero(&nds->frags, sizeof (ndr_fraglist_t)); 178 179 frags->uio.uio_iov = frags->iov; 180 frags->uio.uio_iovcnt = frags->nfrag; 181 frags->uio.uio_offset = 0; 182 frags->uio.uio_segflg = UIO_USERSPACE; 183 frags->uio.uio_resid = size; 184 185 iov = frags->uio.uio_iov; 186 for (frag = frags->head; frag; frag = frag->next) { 187 iov->iov_base = (caddr_t)frag->buf; 188 iov->iov_len = frag->len; 189 ++iov; 190 } 191 } 192 193 /* 194 * nds_destruct 195 * 196 * Destroy a stream. This is an external interface to provide access to 197 * the stream's destruct operation. 198 */ 199 void 200 nds_destruct(ndr_stream_t *nds) 201 { 202 if ((nds == NULL) || (nds->ndo == NULL)) 203 return; 204 205 NDS_DESTRUCT(nds); 206 } 207 208 /* 209 * Print NDR stream state. 210 */ 211 void 212 nds_show_state(ndr_stream_t *nds) 213 { 214 if (nds == NULL) { 215 ndo_printf(NULL, NULL, "nds: <null"); 216 return; 217 } 218 219 ndo_printf(NULL, NULL, "nds: base=0x%x, size=%d, max=%d, scan=%d", 220 nds->pdu_base_offset, nds->pdu_size, nds->pdu_max_size, 221 nds->pdu_scan_offset); 222 } 223 224 /* 225 * ndo_malloc 226 * 227 * Allocate memory from the stream heap. 228 */ 229 /*ARGSUSED*/ 230 static char * 231 ndo_malloc(ndr_stream_t *nds, unsigned len, ndr_ref_t *ref) 232 { 233 return (ndr_heap_malloc((ndr_heap_t *)nds->heap, len)); 234 } 235 236 /* 237 * ndo_free 238 * 239 * Always succeeds: cannot free individual stream allocations. 240 */ 241 /*ARGSUSED*/ 242 static int 243 ndo_free(ndr_stream_t *nds, char *p, ndr_ref_t *ref) 244 { 245 return (1); 246 } 247 248 /* 249 * ndo_grow_pdu 250 * 251 * This is the only place that should change the size of the PDU. If the 252 * desired offset is beyond the current PDU size, we realloc the PDU 253 * buffer to accommodate the request. For efficiency, the PDU is always 254 * extended to a NDR_PDU_BLOCK_SIZE boundary. Requests to grow the PDU 255 * beyond NDR_PDU_MAX_SIZE are rejected. 256 * 257 * Returns 1 to indicate success. Otherwise 0 to indicate failure. 258 */ 259 static int 260 ndo_grow_pdu(ndr_stream_t *nds, unsigned long want_end_offset, ndr_ref_t *ref) 261 { 262 unsigned char *pdu_addr; 263 unsigned pdu_max_size; 264 265 ndo_printf(nds, ref, "grow %d", want_end_offset); 266 267 pdu_max_size = nds->pdu_max_size; 268 269 if (want_end_offset > pdu_max_size) { 270 pdu_max_size = NDR_PDU_ALIGN(want_end_offset); 271 272 if (pdu_max_size >= NDR_PDU_MAX_SIZE) 273 return (0); 274 275 pdu_addr = realloc(nds->pdu_base_addr, pdu_max_size); 276 if (pdu_addr == 0) 277 return (0); 278 279 nds->pdu_max_size = pdu_max_size; 280 nds->pdu_base_addr = pdu_addr; 281 nds->pdu_base_offset = (unsigned long)pdu_addr; 282 } 283 284 nds->pdu_size = want_end_offset; 285 return (1); 286 } 287 288 static int 289 ndo_pad_pdu(ndr_stream_t *nds, unsigned long pdu_offset, 290 unsigned long n_bytes, ndr_ref_t *ref) 291 { 292 unsigned char *data; 293 294 data = (unsigned char *)nds->pdu_base_offset; 295 data += pdu_offset; 296 297 ndo_printf(nds, ref, "pad %d@%-3d", n_bytes, pdu_offset); 298 299 bzero(data, n_bytes); 300 return (1); 301 } 302 303 /* 304 * ndo_get_pdu 305 * 306 * The swap flag is 1 if NDR knows that the byte-order in the PDU 307 * is different from the local system. 308 * 309 * Returns 1 on success or 0 to indicate failure. 310 */ 311 static int 312 ndo_get_pdu(ndr_stream_t *nds, unsigned long pdu_offset, 313 unsigned long n_bytes, char *buf, int swap_bytes, ndr_ref_t *ref) 314 { 315 unsigned char *data; 316 char hexbuf[NDOBUFSZ]; 317 318 data = (unsigned char *)nds->pdu_base_offset; 319 data += pdu_offset; 320 321 ndo_hexfmt(data, n_bytes, swap_bytes, hexbuf, NDOBUFSZ); 322 323 ndo_printf(nds, ref, "get %d@%-3d = %s", 324 n_bytes, pdu_offset, hexbuf); 325 326 if (!swap_bytes) 327 bcopy(data, buf, n_bytes); 328 else 329 nds_bswap(data, (unsigned char *)buf, n_bytes); 330 331 return (1); 332 } 333 334 /* 335 * ndo_put_pdu 336 * 337 * This is a receiver makes right protocol. So we do not need 338 * to be concerned about the byte-order of an outgoing PDU. 339 */ 340 /*ARGSUSED*/ 341 static int 342 ndo_put_pdu(ndr_stream_t *nds, unsigned long pdu_offset, 343 unsigned long n_bytes, char *buf, int swap_bytes, ndr_ref_t *ref) 344 { 345 unsigned char *data; 346 char hexbuf[NDOBUFSZ]; 347 348 data = (unsigned char *)nds->pdu_base_offset; 349 data += pdu_offset; 350 351 ndo_hexfmt((uint8_t *)buf, n_bytes, 0, hexbuf, NDOBUFSZ); 352 353 ndo_printf(nds, ref, "put %d@%-3d = %s", 354 n_bytes, pdu_offset, hexbuf); 355 356 bcopy(buf, data, n_bytes); 357 return (1); 358 } 359 360 static void 361 ndo_tattle(ndr_stream_t *nds, char *what, ndr_ref_t *ref) 362 { 363 ndo_printf(nds, ref, what); 364 } 365 366 static void 367 ndo_tattle_error(ndr_stream_t *nds, ndr_ref_t *ref) 368 { 369 unsigned char *data; 370 char hexbuf[NDOBUFSZ]; 371 372 data = (unsigned char *)nds->pdu_base_offset; 373 if (ref) 374 data += ref->pdu_offset; 375 else 376 data += nds->pdu_scan_offset; 377 378 ndo_hexfmt(data, 16, 0, hexbuf, NDOBUFSZ); 379 380 ndo_printf(nds, ref, "ERROR=%d REF=%d OFFSET=%d SIZE=%d/%d", 381 nds->error, nds->error_ref, nds->pdu_scan_offset, 382 nds->pdu_size, nds->pdu_max_size); 383 ndo_printf(nds, ref, " %s", hexbuf); 384 } 385 386 /* 387 * ndo_reset 388 * 389 * Reset a stream: zap the outer_queue. We don't need to tamper 390 * with the stream heap: it's handled externally to the stream. 391 */ 392 static int 393 ndo_reset(ndr_stream_t *nds) 394 { 395 ndo_printf(nds, 0, "reset"); 396 397 nds->pdu_size = 0; 398 nds->pdu_scan_offset = 0; 399 nds->outer_queue_head = 0; 400 nds->outer_current = 0; 401 nds->outer_queue_tailp = &nds->outer_queue_head; 402 403 return (1); 404 } 405 406 /* 407 * ndo_destruct 408 * 409 * Destruct a stream: zap the outer_queue. 410 * Note: heap management (creation/destruction) is external to the stream. 411 */ 412 static void 413 ndo_destruct(ndr_stream_t *nds) 414 { 415 ndr_frag_t *frag; 416 417 ndo_printf(nds, 0, "destruct"); 418 419 if (nds == NULL) 420 return; 421 422 if (nds->pdu_base_addr != NULL) { 423 free(nds->pdu_base_addr); 424 nds->pdu_base_addr = NULL; 425 nds->pdu_base_offset = 0; 426 } 427 428 while ((frag = nds->frags.head) != NULL) { 429 nds->frags.head = frag->next; 430 free(frag); 431 } 432 433 bzero(&nds->frags, sizeof (ndr_fraglist_t)); 434 435 nds->outer_queue_head = 0; 436 nds->outer_current = 0; 437 nds->outer_queue_tailp = &nds->outer_queue_head; 438 } 439 440 /* 441 * Printf style formatting for NDR operations. 442 */ 443 void 444 ndo_printf(ndr_stream_t *nds, ndr_ref_t *ref, const char *fmt, ...) 445 { 446 va_list ap; 447 char buf[NDOBUFSZ]; 448 449 va_start(ap, fmt); 450 (void) vsnprintf(buf, NDOBUFSZ, fmt, ap); 451 va_end(ap); 452 453 if (nds) 454 ndo_fmt(nds, ref, buf); 455 else 456 ndo_trace(buf); 457 } 458 459 /* 460 * Main output formatter for NDR operations. 461 * 462 * UI 03 ... rpc_vers get 1@0 = 5 {05} 463 * UI 03 ... rpc_vers_minor get 1@1 = 0 {00} 464 * 465 * U Marshalling flag (M=marshal, U=unmarshal) 466 * I Direction flag (I=in, O=out) 467 * ... Field name 468 * get PDU operation (get or put) 469 * 1@0 Bytes @ offset (i.e. 1 byte at offset 0) 470 * {05} Value 471 */ 472 void 473 ndo_fmt(ndr_stream_t *nds, ndr_ref_t *ref, char *note) 474 { 475 ndr_ref_t *p; 476 int indent; 477 char ref_name[NDOBUFSZ]; 478 char buf[NDOBUFSZ]; 479 int m_op_c = '?', dir_c = '?'; 480 481 switch (nds->m_op) { 482 case 0: m_op_c = '-'; break; 483 case NDR_M_OP_MARSHALL: m_op_c = 'M'; break; 484 case NDR_M_OP_UNMARSHALL: m_op_c = 'U'; break; 485 default: m_op_c = '?'; break; 486 } 487 488 switch (nds->dir) { 489 case 0: dir_c = '-'; break; 490 case NDR_DIR_IN: dir_c = 'I'; break; 491 case NDR_DIR_OUT: dir_c = 'O'; break; 492 default: dir_c = '?'; break; 493 } 494 495 for (indent = 0, p = ref; p; p = p->enclosing) 496 indent++; 497 498 if (ref && ref->name) { 499 if (*ref->name == '[' && ref->enclosing) { 500 indent--; 501 (void) snprintf(ref_name, NDOBUFSZ, "%s%s", 502 ref->enclosing->name, ref->name); 503 } else { 504 (void) strlcpy(ref_name, ref->name, NDOBUFSZ); 505 } 506 } else { 507 (void) strlcpy(ref_name, "----", NDOBUFSZ); 508 } 509 510 (void) snprintf(buf, NDOBUFSZ, "%c%c %-.*s %-*s %s", 511 m_op_c, dir_c, indent, 512 "....+....+....+....+....+....", 513 20 - indent, ref_name, note); 514 515 ndo_trace(buf); 516 } 517 518 /*ARGSUSED*/ 519 void 520 ndo_trace(const char *s) 521 { 522 /* 523 * Temporary fbt for dtrace until user space sdt enabled. 524 */ 525 } 526 527 /* 528 * Format data as hex bytes (limit is 10 bytes): 529 * 530 * 1188689424 {10 f6 d9 46} 531 * 532 * If the input data is greater than 10 bytes, an ellipsis will 533 * be inserted before the closing brace. 534 */ 535 static void 536 ndo_hexfmt(uint8_t *data, int size, int swap_bytes, char *buf, int len) 537 { 538 char *p = buf; 539 int interp = 1; 540 uint32_t c; 541 int n; 542 int i; 543 544 n = (size > 10) ? 10 : size; 545 if (n > len-1) 546 n = len-1; 547 548 switch (size) { 549 case 1: 550 c = *(uint8_t *)data; 551 break; 552 case 2: 553 if (swap_bytes == 0) /*LINTED E_BAD_PTR_CAST_ALIGN*/ 554 c = *(uint16_t *)data; 555 else 556 c = (data[0] << 8) | data[1]; 557 break; 558 case 4: 559 if (swap_bytes == 0) { /*LINTED E_BAD_PTR_CAST_ALIGN*/ 560 c = *(uint32_t *)data; 561 } else { 562 c = (data[0] << 24) | (data[1] << 16) 563 | (data[2] << 8) | data[3]; 564 } 565 break; 566 default: 567 c = 0; 568 interp = 0; 569 break; 570 } 571 572 if (interp) 573 p += sprintf(p, "%4u {", c); 574 else 575 p += sprintf(p, " {"); 576 577 p += sprintf(p, "%02x", data[0]); 578 for (i = 1; i < n; i++) 579 p += sprintf(p, " %02x", data[i]); 580 if (size > 10) 581 p += sprintf(p, " ...}"); 582 else 583 p += sprintf(p, "}"); 584 585 /* 586 * Show c if it's a printable character or wide-char. 587 */ 588 if (size < 4 && isprint((uint8_t)c)) 589 (void) sprintf(p, " %c", (uint8_t)c); 590 } 591
Indexes created Fri Nov 27 17:59:51 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.