|
|
/*++
Copyright (c) 1990-1993 Microsoft Corporation
Module Name:
splrpc.c
Abstract:
This file contains routines for starting and stopping RPC servers.
SpoolerStartRpcServer SpoolerStopRpcServer
Author:
Krishna Ganugapati krishnaG
Environment:
User Mode - Win32
Revision History:
14-Oct-1993 KrishnaG Created 25-May-1999 khaleds Added: CreateNamedPipeSecurityDescriptor BuildNamedPipeProtection--*/
#include "precomp.h"
#include "server.h"
#include "srvrmem.h"
#include "splsvr.h"
WCHAR szCallExitProcessOnShutdown []= L"CallExitProcessOnShutdown";WCHAR szMaxRpcSize []= L"MaxRpcSize";WCHAR szPrintKey[] = L"System\\CurrentControlSet\\Control\\Print";CRITICAL_SECTION RpcNamedPipeCriticalSection;
//
// Default RPC buffer max size 50 MB
//
#define DEFAULT_MAX_RPC_SIZE 50 * 1024 * 1024
DWORD dwCallExitProcessOnShutdown = TRUE;
struct{ BOOL bRpcEndPointEnabled; ERemoteRPCEndPointPolicy ePolicyValue; RPC_STATUS RpcStatus;
} gNamedPipeState = {FALSE, RpcEndPointPolicyUnconfigured, RPC_S_OK};
PSECURITY_DESCRIPTOR gpSecurityDescriptor = NULL;
/*++
Routine Description:
Determines the OS suite of the current system.
Arguments:
pSuiteMask - pointer to word that is going to hold the OS suite.
Return Value:
S_OK if succeeded
--*/HRESULTGetOSSuite( WORD* pSuiteMask ){ HRESULT hr = S_OK;
if (!pSuiteMask) { hr = HResultFromWin32(ERROR_INVALID_PARAMETER); }
if (SUCCEEDED(hr)) { OSVERSIONINFOEX OSVersionInfoEx = {0}; OSVersionInfoEx.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
*pSuiteMask = 0;
if (GetVersionEx((OSVERSIONINFO*)&OSVersionInfoEx)) { *pSuiteMask |= OSVersionInfoEx.wSuiteMask; } else { hr = HResultFromWin32(GetLastError()); } } return hr;}
RPC_STATUSSpoolerStartRpcServer( VOID)/*++
Routine Description:
Arguments:
Return Value:
NERR_Success, or any RPC error codes that can be returned from RpcServerUnregisterIf.
--*/{ RPC_STATUS status; PSECURITY_DESCRIPTOR SecurityDescriptor = NULL; BOOL Bool; HKEY hKey; DWORD cbData; DWORD dwType; DWORD dwMaxRpcSize = DEFAULT_MAX_RPC_SIZE; WORD OSSuite; //
// Craft up a security descriptor that will grant everyone
// all access to the object (basically, no security)
//
// We do this by putting in a NULL Dacl.
//
// NOTE: rpc should copy the security descriptor,
// Since it currently doesn't, simply allocate it for now and
// leave it around forever.
//
gpSecurityDescriptor = CreateNamedPipeSecurityDescriptor(); if (gpSecurityDescriptor == 0) { DBGMSG(DBG_ERROR, ("Spoolss: out of memory\n")); return FALSE; }
if (FAILED(GetOSSuite(&OSSuite))) { DBGMSG(DBG_ERROR, ("Failed to get the OS suite.\n")); return FALSE; } if (OSSuite & (VER_SUITE_BLADE | VER_SUITE_EMBEDDED_RESTRICTED)) { gNamedPipeState.ePolicyValue = RpcEndPointPolicyDisabled; } else {
gNamedPipeState.ePolicyValue = GetSpoolerNumericPolicyValidate(szRegisterSpoolerRemoteRpcEndPoint, RpcEndPointPolicyUnconfigured, RpcEndPointPolicyDisabled); }
if (gNamedPipeState.ePolicyValue == RpcEndPointPolicyEnabled) { if (FAILED(RegisterNamedPipe())) { return FALSE; } } else if (gNamedPipeState.ePolicyValue == RpcEndPointPolicyUnconfigured) { if (!InitializeCriticalSectionAndSpinCount(&RpcNamedPipeCriticalSection, 0x80000000)) { return FALSE; } }
//
// For now, ignore the second argument.
//
status = RpcServerUseProtseqEpA("ncalrpc", 10, "spoolss", gpSecurityDescriptor);
if (status) { DBGMSG(DBG_WARN, ("RpcServerUseProtseqEpA 2 = %u\n",status)); return FALSE; }
if (!RegOpenKeyEx(HKEY_LOCAL_MACHINE, szPrintKey, 0, KEY_READ, &hKey)) { //
// This value can be used to control if spooler controls ExitProcess
// on shutdown
//
cbData = sizeof(dwCallExitProcessOnShutdown); RegQueryValueEx(hKey, szCallExitProcessOnShutdown, NULL, &dwType, (LPBYTE)&dwCallExitProcessOnShutdown, &cbData);
//
// dwMaxRpcSize specifies the maximum size in bytes of incoming RPC data blocks.
//
cbData = sizeof(dwMaxRpcSize); if (RegQueryValueEx(hKey, szMaxRpcSize, NULL, &dwType, (LPBYTE)&dwMaxRpcSize, &cbData) != ERROR_SUCCESS) { dwMaxRpcSize = DEFAULT_MAX_RPC_SIZE; }
RegCloseKey(hKey); }
//
// Now we need to add the interface. We can just use the winspool_ServerIfHandle
// specified by the MIDL compiler in the stubs (winspl_s.c).
//
status = RpcServerRegisterIf2( winspool_ServerIfHandle, 0, 0, 0, RPC_C_PROTSEQ_MAX_REQS_DEFAULT, dwMaxRpcSize, NULL );
if (status) { DBGMSG(DBG_WARN, ("RpcServerRegisterIf = %u\n",status)); return FALSE; }
status = RpcMgmtSetServerStackSize(INITIAL_STACK_COMMIT);
if (status != RPC_S_OK) { DBGMSG(DBG_ERROR, ("Spoolss : RpcMgmtSetServerStackSize = %d\n", status)); }
if( (status = RpcServerRegisterAuthInfo(0, RPC_C_AUTHN_WINNT, 0, 0 )) == RPC_S_OK ) { // The first argument specifies the minimum number of threads to
// create to handle calls; the second argument specifies the maximum
// concurrent calls to handle. The third argument indicates that
// the routine should not wait.
status = RpcServerListen(1,SPL_MAX_RPC_CALLS,1);
if ( status != RPC_S_OK ) { DBGMSG(DBG_ERROR, ("Spoolss : RpcServerListen = %d\n", status)); } }
return (status);}
/*++
Routine Description: This routine adds prepares the required masks and flags required for the DACL on the named pipes used by RPC
Arguments: None
Return Value: An allocated Security Descriptor
--*/
/*++
Name:
CreateNamedPipeSecurityDescriptor
Description:
Creates the security descriptor for the named pipe used by RPC Arguments:
None.
Return Value:
valid pointer to SECURITY_DESCRIPTOR structure if successful NULL, on error, use GetLastError
--*/PSECURITY_DESCRIPTORCreateNamedPipeSecurityDescriptor( VOID ){ PSECURITY_DESCRIPTOR pServerSD = NULL; PCWSTR pszStringSecDesc = L"D:(A;;0x100003;;;BU)" L"(A;;0x100003;;;PU)" L"(A;;0x1201fb;;;WD)" L"(A;;0x1201fb;;;AN)" L"(A;;FA;;;CO)" L"(A;;FA;;;SY)" L"(A;;FA;;;BA)";
//
// Builtin Users - FILE_READ_DATA | FILE_WRITE_DATA | SYNCHRONIZE
// Power Users - FILE_READ_DATA | FILE_WRITE_DATA | SYNCHRONIZE
// Everyone - FILE_READ_DATA | FILE_WRITE_DATA | SYNCHRONIZE | READ_CONTROL | FILE_WRITE_ATTRIBUTES | FILE_READ_EA
// Anonymous - FILE_READ_DATA | FILE_WRITE_DATA | SYNCHRONIZE | READ_CONTROL | FILE_WRITE_ATTRIBUTES | FILE_READ_EA
// Creator Owner - file all access
// System - file all access
// Administrators - file all access
//
// Anonymous has more permission than BU and PU. The extra permission is needed by the back channel (pipe) used by the
// print server to communicate to the client
//
if (!ConvertStringSecurityDescriptorToSecurityDescriptor(pszStringSecDesc, SDDL_REVISION_1, &pServerSD, NULL)) { pServerSD = NULL; }
return pServerSD;}
/*++
Routine Name
ServerAllowRemoteCalls
Routine Description:
Enables the RPC pipe if policy permits. If the policy is disabled, then it will fail the call. If the policy is enbled, then it will succeeded the call without doing anything. If the policy is unconfigured, it will attempt to enable the pipe if disabled. It keep a retry count and fails directly after 5 times (hardcoded).
Arguments:
None
Return Value:
HRESULT
--*/HRESULTServerAllowRemoteCalls( VOID ){ HRESULT hr = S_OK; if (gNamedPipeState.ePolicyValue == RpcEndPointPolicyUnconfigured) { EnterCriticalSection(&RpcNamedPipeCriticalSection);
//
// Allow retries. Keep RpcStatus for debugging purposes.
//
if (!gNamedPipeState.bRpcEndPointEnabled) { hr = RegisterNamedPipe(); gNamedPipeState.bRpcEndPointEnabled = SUCCEEDED(hr); gNamedPipeState.RpcStatus = StatusFromHResult(hr); }
LeaveCriticalSection(&RpcNamedPipeCriticalSection); } else if (gNamedPipeState.ePolicyValue == RpcEndPointPolicyDisabled) { hr = HResultFromWin32(ERROR_REMOTE_PRINT_CONNECTIONS_BLOCKED);
DBGMSG(DBG_WARN, ("Remote connections are not allowed.\n")); }
return hr;}
/*++
Routine Name
RegisterNamedPipe
Routine Description:
Registers the named pipe protocol.
Arguments:
None
Return Value:
An HRESULT
--*/HRESULTRegisterNamedPipe( VOID ) { RPC_STATUS RpcStatus; HRESULT hr = S_OK; HANDLE hToken;
if (hToken = RevertToPrinterSelf()) { RpcStatus = RpcServerUseProtseqEpA("ncacn_np", 10, "\\pipe\\spoolss", gpSecurityDescriptor);
hr = (RpcStatus == RPC_S_OK) ? S_OK : MAKE_HRESULT(SEVERITY_ERROR, FACILITY_RPC, RpcStatus);
if (FAILED(hr)) { DBGMSG(DBG_WARN, ("RpcServerUseProtseqEpA (ncalrpc) = %u\n",RpcStatus)); }
if (!ImpersonatePrinterClient(hToken) && SUCCEEDED(hr)) { hr = MAKE_HRESULT(SEVERITY_ERROR, FACILITY_WINDOWS, GetLastError()); } }
return hr;}
/*++
Routine Name
ServerGetPolicy
Routine Description:
Gets a numeric policy value that was read from the server. This can be called by providers(localspl). The policy must be by the server read before initializing providers.
Arguments:
pszPolicyName - policy name pulValue - pointer to numeric value
Return Value:
HRESULT
--*/HRESULTServerGetPolicy( IN PCWSTR pszPolicyName, IN ULONG* pulValue ){ HRESULT hr; ULONG PolicyValue; ULONG Index; struct { PCWSTR pszName; ULONG ulValue;
} PolicyTable[] = { {szRegisterSpoolerRemoteRpcEndPoint, gNamedPipeState.ePolicyValue}, {NULL , 0} };
hr = (pulValue && pszPolicyName) ? S_OK : E_POINTER;
if (SUCCEEDED(hr)) { hr = E_INVALIDARG;
for (Index = 0; PolicyTable[Index].pszName ; Index++) { if (_wcsicmp(pszPolicyName, szRegisterSpoolerRemoteRpcEndPoint) == 0) { PolicyValue = PolicyTable[Index].ulValue; hr = S_OK; break; } } if (SUCCEEDED(hr)) { *pulValue = PolicyValue; } }
return hr;}
|
