diff options
author | Jeremy Allison <jra@samba.org> | 1998-04-23 22:45:53 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 1998-04-23 22:45:53 +0000 |
commit | d5114f624591c55a75d86a1efec3378fd4c9ef5a (patch) | |
tree | 66f4bc1950efc1bf37913ac8ae2ee10bc60c4a49 | |
parent | 5baa991aef0088a1e0f5d0e9350f3fd3168b13fb (diff) | |
download | samba-d5114f624591c55a75d86a1efec3378fd4c9ef5a.tar.gz samba-d5114f624591c55a75d86a1efec3378fd4c9ef5a.tar.bz2 samba-d5114f624591c55a75d86a1efec3378fd4c9ef5a.zip |
These don't compile yet - but they are the core code in what
will be DOMAIN_CLIENT called code.
Jeremy.
(This used to be commit ad81735fa1ce02937f6aae3d6518c1cd6156b090)
-rw-r--r-- | source3/rpc_client/cli_login.c | 452 | ||||
-rw-r--r-- | source3/rpc_client/cli_netlogon.c | 674 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 964 |
3 files changed, 1004 insertions, 1086 deletions
diff --git a/source3/rpc_client/cli_login.c b/source3/rpc_client/cli_login.c index 049dcf19e6..771ff7108e 100644 --- a/source3/rpc_client/cli_login.c +++ b/source3/rpc_client/cli_login.c @@ -20,126 +20,60 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - - -#ifdef SYSLOG -#undef SYSLOG -#endif - #include "includes.h" #include "nterr.h" extern int DEBUGLEVEL; - -#if 0 - if (!cli_initialise(cli, t_idx)) - { - DEBUG(1,("do_nt_session_open: cli_initialise failed\n")); - return False; - } - - DEBUG(1,("do_nt_session_open: server connect initialisation\n")); - - if (!server_connect_init(cli, t_idx, myhostname, dest_ip, dest_host)) - { - uint8 err_cls; - uint32 err_num; - cli_error(cli, t_idx, &err_cls, &err_num); - DEBUG(1,("server_connect_init failed (%s)\n", cli_errstr(cli, t_idx))); - - return False; - } - - DEBUG(1,("do_nt_session_open: server connect initialisation succeeded\n")); - - if (!cli_session_setup(cli, t_idx, "", "", 1, NULL, 0, workgroup)) - { - uint8 err_cls; - uint32 err_num; - cli_error(cli, t_idx, &err_cls, &err_num); - DEBUG(1,("session setup failed (%s)\n", cli_errstr(cli, t_idx))); - - return False; - } - - DEBUG(1,("do_nt_session_open: server session setup succeeded\n")); - - if (!cli_send_tconX(cli, t_idx, "IPC$", "IPC", "", 1)) - { - uint8 err_cls; - uint32 err_num; - cli_error(cli, t_idx, &err_cls, &err_num); - DEBUG(1,("cli_send_tconX failed (%s)\n", cli_errstr(cli, t_idx))); - - return False; - } - - DEBUG(1,("do_nt_session_open: server IPC$ connection succeeded\n")); -#endif - - /**************************************************************************** -experimental nt login. - +Initialize domain session. ****************************************************************************/ -BOOL do_nt_session_open(struct cli_state *cli, int t_idx, uint16 *fnum, - char *dest_host, char *myhostname, - char *mach_acct, - char *username, char *workgroup, - uchar sess_key[16], DOM_CRED *clnt_cred) -{ - DOM_CHAL clnt_chal; - DOM_CHAL srv_chal; - - DOM_CHAL auth2_srv_chal; - UTIME zerotime; +BOOL do_nt_session_open(struct cli_state *cli, uint16 fnum, + char *dest_host, char *myhostname, + char *mach_acct, + uchar sess_key[16], DOM_CRED *clnt_cred) +{ + DOM_CHAL clnt_chal; + DOM_CHAL srv_chal; - char nt_owf_mach_pwd[16]; - char nt_owf_prev_mpd[16]; + DOM_CHAL auth2_srv_chal; - RPC_IFACE abstract; - RPC_IFACE transfer; + UTIME zerotime; - fstring mach_pwd; - fstring prev_mpd; - fstring dest_srv; + char nt_owf_mach_pwd[16]; - /******************** initialise ********************************/ + RPC_IFACE abstract; + RPC_IFACE transfer; - zerotime.time = 0; + fstring mach_pwd; + fstring dest_srv; - DEBUG(1,("do_nt_session_open: %d\n", __LINE__)); + /******************** initialise ********************************/ - /******************* open the \PIPE\NETLOGON file *****************/ + zerotime.time = 0; - if (((*fnum) = cli_open(cli, t_idx, PIPE_NETLOGON, O_CREAT, DENY_NONE, - NULL, NULL, NULL)) == 0xffff) - { - DEBUG(1,("do_nt_session_open: cli_open failed\n")); - return False; - } + DEBUG(10,("do_nt_session_open: %d\n", __LINE__)); - /**************** Set Named Pipe State ***************/ - if (!rpc_pipe_set_hnd_state(cli, t_idx, PIPE_NETLOGON, *fnum, 0x4300)) - { - DEBUG(1,("do_nt_session_open: pipe hnd state failed\n")); - return False; - } + /**************** Set Named Pipe State ***************/ + if (!rpc_pipe_set_hnd_state(cli, PIPE_NETLOGON, fnum, 0x4300)) + { + DEBUG(0,("do_nt_session_open: pipe hnd state failed\n")); + return False; + } - /******************* bind request on \PIPE\NETLOGON *****************/ + /******************* bind request on \PIPE\NETLOGON *****************/ - if (!rpc_pipe_bind(cli, t_idx, PIPE_NETLOGON, *fnum, - &abstract, &transfer, - False, NULL, NULL)) - { - DEBUG(1,("do_nt_session_open: rpc bind failed\n")); - return False; - } + if (!rpc_pipe_bind(cli, PIPE_NETLOGON, fnum, &abstract, &transfer, + False, NULL, NULL)) + { + DEBUG(0,("do_nt_session_open: rpc bind failed\n")); + return False; + } - /************ Check workstation trust account *******************/ + /************ Check workstation trust account *******************/ +FIXME !! /* default machine password is lower-case machine name (really secure) */ fstrcpy(mach_pwd, myhostname); strlower(mach_pwd); @@ -148,266 +82,242 @@ BOOL do_nt_session_open(struct cli_state *cli, int t_idx, uint16 *fnum, fstrcpy(prev_mpd, myhostname); strlower(prev_mpd); - /******************* Request Challenge ********************/ + /******************* Request Challenge ********************/ - SIVAL(clnt_chal.data, 0, 0x11111111); - SIVAL(clnt_chal.data, 4, 0x22222222); + generate_random_buffer( clnt_chal.data, 8, False); - strcpy(dest_srv, "\\\\"); - strcat(dest_srv, dest_host); - strupper(dest_srv); + strcpy(dest_srv, "\\\\"); + strcat(dest_srv, dest_host); + strupper(dest_srv); - /* send a client challenge; receive a server challenge */ - if (!do_net_req_chal(cli, t_idx, *fnum, dest_srv, myhostname, &clnt_chal, &srv_chal)) - { - DEBUG(1,("do_nt_session_open: request challenge failed\n")); - return False; - } + /* send a client challenge; receive a server challenge */ + if (!do_net_req_chal(cli, fnum, dest_srv, myhostname, &clnt_chal, &srv_chal)) + { + DEBUG(0,("do_nt_session_open: request challenge failed\n")); + return False; + } - /**************** Long-term Session key **************/ + /**************** Long-term Session key **************/ #ifdef DEBUG_PASSWORD - DEBUG(100,("generating nt owf from initial machine pwd: %s\n", mach_pwd)); + DEBUG(100,("generating nt owf from initial machine pwd: %s\n", mach_pwd)); #endif - nt_owf_gen( mach_pwd, nt_owf_mach_pwd); + nt_owf_gen( mach_pwd, nt_owf_mach_pwd); #ifdef DEBUG_PASSWORD - dump_data(6, nt_owf_mach_pwd, 16); + dump_data(6, nt_owf_mach_pwd, 16); #endif -#ifdef DEBUG_PASSWORD - DEBUG(100,("generating nt owf from previous machine pwd: %s\n", prev_mpd)); -#endif - nt_owf_gen( mach_pwd, nt_owf_prev_mpd); + /* calculate the session key */ + cred_session_key(&clnt_chal, &srv_chal, nt_owf_mach_pwd, sess_key); + bzero(sess_key+8, 8); -#ifdef DEBUG_PASSWORD - dump_data(6, nt_owf_prev_mpd, 16); -#endif + /******************* Authenticate 2 ********************/ - /* calculate the session key */ - cred_session_key(&clnt_chal, &srv_chal, nt_owf_mach_pwd, sess_key); -#if 0 - cred_session_key(&clnt_chal, &srv_chal, nt_owf_prev_mpd, sess_key+8); -#else - bzero(sess_key+8, 8); -#endif + /* calculate auth-2 credentials */ + cred_create(sess_key, &clnt_chal, zerotime, &(clnt_cred->challenge)); - /******************* Authenticate 2 ********************/ + /* send client auth-2 challenge; receive an auth-2 challenge */ + if (!do_net_auth2(cli, fnum, dest_srv, mach_acct, + SEC_CHAN_WKSTA, myhostname, + &(clnt_cred->challenge), 0x000001ff, &auth2_srv_chal)) + { + DEBUG(0,("do_nt_session_open: request challenge failed\n")); + return False; + } - /* calculate auth-2 credentials */ - cred_create(sess_key, &clnt_chal, zerotime, &(clnt_cred->challenge)); - - /* send client auth-2 challenge; receive an auth-2 challenge */ - if (!do_net_auth2(cli, t_idx, *fnum, - dest_srv, mach_acct, - SEC_CHAN_WKSTA, myhostname, - &(clnt_cred->challenge), 0x000001ff, &auth2_srv_chal)) - { - DEBUG(1,("do_nt_session_open: request challenge failed\n")); - return False; - } - - return True; + return True; } /**************************************************************************** server password set ****************************************************************************/ + BOOL do_nt_srv_pwset(struct cli_state *cli, int t_idx, uint16 fnum, - uint8 sess_key[16], DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, - char *new_mach_pwd, - char *dest_host, char *mach_acct, char *myhostname) + uint8 sess_key[16], DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, + char *new_mach_pwd, + char *dest_host, char *mach_acct, char *myhostname) { - /**************** Net Server Password Set **************/ - - DOM_CRED cred; - char nt_cypher[16]; - uint8 mode = 1; - char nt_owf_new_mach_pwd[16]; + DOM_CRED cred; + char nt_cypher[16]; + uint8 mode = 1; + char nt_owf_new_mach_pwd[16]; #ifdef DEBUG_PASSWORD - DEBUG(100,("generating nt owf from new machine pwd: %s\n", new_mach_pwd)); + DEBUG(100,("generating nt owf from new machine pwd: %s\n", new_mach_pwd)); #endif - nt_owf_gen(new_mach_pwd, nt_owf_new_mach_pwd); + nt_owf_gen(new_mach_pwd, nt_owf_new_mach_pwd); #ifdef DEBUG_PASSWORD -dump_data(6, nt_owf_new_mach_pwd, 16); + dump_data(6, nt_owf_new_mach_pwd, 16); #endif - if (!obfuscate_pwd(nt_cypher, nt_owf_new_mach_pwd, mode)) - { - DEBUG(5,("do_nt_srv_pwset: encrypt mach pwd failed\n")); - return False; - } + if (!obfuscate_pwd(nt_cypher, nt_owf_new_mach_pwd, mode)) + { + DEBUG(5,("do_nt_srv_pwset: encrypt mach pwd failed\n")); + return False; + } - clnt_cred->timestamp.time = time(NULL); + clnt_cred->timestamp.time = time(NULL); - memcpy(&cred, clnt_cred, sizeof(cred)); + memcpy(&cred, clnt_cred, sizeof(cred)); - /* calculate credentials */ - cred_create(sess_key, &(clnt_cred->challenge), - cred.timestamp, - &(cred.challenge)); + /* calculate credentials */ + cred_create(sess_key, &(clnt_cred->challenge), + cred.timestamp, &(cred.challenge)); - /* send client srv_pwset challenge */ - return do_net_srv_pwset(cli, t_idx, fnum, sess_key, clnt_cred, - dest_host, mach_acct, 2, myhostname, - &cred, rtn_cred, - nt_cypher); + /* send client srv_pwset challenge */ + return do_net_srv_pwset(cli, fnum, sess_key, clnt_cred, + dest_host, mach_acct, 2, myhostname, + &cred, rtn_cred, nt_cypher); } /**************************************************************************** make interactive sam login info ****************************************************************************/ + void make_nt_login_interactive(NET_ID_INFO_CTR *ctr, - uchar sess_key[16], - char *workgroup, char *myhostname, - uint32 smb_userid, char *username) + uchar sess_key[16], + char *workgroup, char *myhostname, + uint32 smb_userid, char *username) { - /****************** SAM Info Preparation *******************/ + /****************** SAM Info Preparation *******************/ - char *smb_user_passwd = getpass("Enter NT Login Password:"); + char *smb_user_passwd = getpass("Enter NT Login Password:"); - char lm_owf_user_pwd[16]; - char nt_owf_user_pwd[16]; + char lm_owf_user_pwd[16]; + char nt_owf_user_pwd[16]; - nt_lm_owf_gen(smb_user_passwd, nt_owf_user_pwd, lm_owf_user_pwd); + nt_lm_owf_gen(smb_user_passwd, nt_owf_user_pwd, lm_owf_user_pwd); #ifdef DEBUG_PASSWORD - DEBUG(100,("nt owf of user password: ")); - dump_data(100, lm_owf_user_pwd, 16); + DEBUG(100,("nt owf of user password: ")); + dump_data(100, lm_owf_user_pwd, 16); - DEBUG(100,("nt owf of user password: ")); - dump_data(100, nt_owf_user_pwd, 16); + DEBUG(100,("nt owf of user password: ")); + dump_data(100, nt_owf_user_pwd, 16); #endif - /* indicate an "interactive" login */ - ctr->switch_value = 1; + /* indicate an "interactive" login */ + ctr->switch_value = 1; - /* this is used in both the SAM Logon and the SAM Logoff */ - make_id_info1(&ctr->auth.id1, workgroup, 0, - smb_userid, 0, - username, myhostname, - sess_key, lm_owf_user_pwd, nt_owf_user_pwd); + /* this is used in both the SAM Logon and the SAM Logoff */ + make_id_info1(&ctr->auth.id1, workgroup, 0, + smb_userid, 0, username, myhostname, + sess_key, lm_owf_user_pwd, nt_owf_user_pwd); } /**************************************************************************** make network sam login info ****************************************************************************/ + void make_nt_login_network(NET_ID_INFO_CTR *ctr, - char *workgroup, char *myhostname, - uint32 smb_userid, char *username, - char lm_chal[8], char lm_chal_resp[24], char nt_chal_resp[24]) + char *workgroup, char *myhostname, + uint32 smb_userid, char *username, + char lm_chal[8], char lm_chal_resp[24], + char nt_chal_resp[24]) { - /* indicate a "network" login */ - ctr->switch_value = 2; - - /* this is used in both the SAM Logon and the SAM Logoff */ - make_id_info2(&ctr->auth.id2, workgroup, 0, - smb_userid, 0, - username, myhostname, - lm_chal, lm_chal_resp, nt_chal_resp); + /* indicate a "network" login */ + ctr->switch_value = 2; + + /* this is used in both the SAM Logon and the SAM Logoff */ + make_id_info2(&ctr->auth.id2, workgroup, 0, smb_userid, 0, + username, myhostname, + lm_chal, lm_chal_resp, nt_chal_resp); } /**************************************************************************** -experimental nt login. +NT login. ****************************************************************************/ -BOOL do_nt_login(struct cli_state *cli, int t_idx, uint16 fnum, - uint8 sess_key[16], DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, - NET_ID_INFO_CTR *ctr, char *dest_host, char *myhostname, - NET_USER_INFO_3 *user_info3) + +BOOL do_nt_login(struct cli_state *cli, uint16 fnum, + uint8 sess_key[16], DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, + NET_ID_INFO_CTR *ctr, char *dest_host, char *myhostname, + NET_USER_INFO_3 *user_info3) { - DOM_CRED sam_logon_rtn_cred; - DOM_CRED cred; - fstring dest_srv; - fstring my_host_name; + DOM_CRED sam_logon_rtn_cred; + DOM_CRED cred; + fstring dest_srv; + fstring my_host_name; - DEBUG(5,("do_nt_login: %d\n", __LINE__)); + DEBUG(5,("do_nt_login: %d\n", __LINE__)); - /*********************** SAM Logon **********************/ + /*********************** SAM Logon **********************/ - clnt_cred->timestamp.time = time(NULL); + clnt_cred->timestamp.time = time(NULL); - memcpy(&cred, clnt_cred, sizeof(cred)); + memcpy(&cred, clnt_cred, sizeof(cred)); - /* calculate sam logon credentials */ - cred_create(sess_key, &(clnt_cred->challenge), - cred.timestamp, - &(cred.challenge)); + /* calculate sam logon credentials */ + cred_create(sess_key, &(clnt_cred->challenge), + cred.timestamp, &(cred.challenge)); - strcpy(dest_srv, "\\\\"); - strcat(dest_srv, dest_host); - strupper(dest_srv); + strcpy(dest_srv, "\\\\"); + strcat(dest_srv, dest_host); + strupper(dest_srv); - fstrcpy(my_host_name, myhostname); - strupper(my_host_name); + fstrcpy(my_host_name, myhostname); + strupper(my_host_name); - /* send client sam-logon challenge */ - return do_net_sam_logon(cli, t_idx, fnum, sess_key, clnt_cred, - dest_srv, my_host_name, - &cred, &sam_logon_rtn_cred, - ctr->switch_value, ctr, 3, user_info3, - rtn_cred); + /* send client sam-logon challenge */ + return do_net_sam_logon(cli, fnum, sess_key, clnt_cred, + dest_srv, my_host_name, + &cred, &sam_logon_rtn_cred, + ctr->switch_value, ctr, 3, user_info3, + rtn_cred); } /**************************************************************************** nt sam logoff ****************************************************************************/ -BOOL do_nt_logoff(struct cli_state *cli, int t_idx, uint16 fnum, - uint8 sess_key[16], DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, - NET_ID_INFO_CTR *ctr, char *dest_host, char *myhostname) + +BOOL do_nt_logoff(struct cli_state *cli, uint16 fnum, + uint8 sess_key[16], DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, + NET_ID_INFO_CTR *ctr, char *dest_host, char *myhostname) { - DOM_CRED sam_logoff_rtn_cred; - DOM_CRED cred; - fstring dest_srv; - fstring my_host_name; + DOM_CRED sam_logoff_rtn_cred; + DOM_CRED cred; + fstring dest_srv; + fstring my_host_name; - DEBUG(5,("do_nt_logoff: %d\n", __LINE__)); + DEBUG(5,("do_nt_logoff: %d\n", __LINE__)); - /*********************** SAM Logoff *********************/ + /*********************** SAM Logoff *********************/ - clnt_cred->timestamp.time = time(NULL); + clnt_cred->timestamp.time = time(NULL); - memcpy(&cred, clnt_cred, sizeof(cred)); + memcpy(&cred, clnt_cred, sizeof(cred)); - /* calculate sam logoff credentials */ - cred_create(sess_key, &(clnt_cred->challenge), - cred.timestamp, - &(cred.challenge)); + /* calculate sam logoff credentials */ + cred_create(sess_key, &(clnt_cred->challenge), + cred.timestamp, &(cred.challenge)); - strcpy(dest_srv, "\\\\"); - strcat(dest_srv, dest_host); - strupper(dest_srv); + strcpy(dest_srv, "\\\\"); + strcat(dest_srv, dest_host); + strupper(dest_srv); - fstrcpy(my_host_name, myhostname); - strupper(my_host_name); + fstrcpy(my_host_name, myhostname); + strupper(my_host_name); - /* send client sam-logoff challenge; receive a sam-logoff challenge */ - return do_net_sam_logoff(cli, t_idx, fnum, sess_key, clnt_cred, - dest_srv, my_host_name, - &cred, &sam_logoff_rtn_cred, - ctr->switch_value, ctr, 3, - rtn_cred); + /* send client sam-logoff challenge; receive a sam-logoff challenge */ + return do_net_sam_logoff(cli, fnum, sess_key, clnt_cred, + dest_srv, my_host_name, + &cred, &sam_logoff_rtn_cred, + ctr->switch_value, ctr, 3, + rtn_cred); } -#if 0 - /* free memory used in all rpc transactions, above */ - cli_shutdown(cli, t_idx); -#endif - /**************************************************************************** -experimental nt login. +Close the NT pipe. ****************************************************************************/ -void do_nt_session_close(struct cli_state *cli, int t_idx, uint16 fnum) -{ - /******************** close the \PIPE\NETLOGON file **************/ - if (fnum != 0xffff) - { - cli_close(cli, t_idx, fnum, 0); - } +void do_nt_session_close(struct cli_state *cli, uint16 fnum) +{ + /******************** close the \PIPE\NETLOGON file **************/ + if (fnum != 0xffff) + { + cli_close(cli, fnum); + } } - - diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index aafde8d775..a1a868ce96 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -30,432 +30,432 @@ #include "includes.h" extern int DEBUGLEVEL; -extern pstring username; -extern pstring workgroup; - -#define CLIENT_TIMEOUT (30*1000) - /**************************************************************************** do a LSA Logon Control2 ****************************************************************************/ -BOOL do_net_logon_ctrl2(struct cli_state *cli, int t_idx, uint16 fnum, - char *host_name, uint32 status_level) + +BOOL do_net_logon_ctrl2(struct cli_state *cli, uint16 fnum, + char *host_name, uint32 status_level) { - prs_struct rbuf; - prs_struct buf; - NET_Q_LOGON_CTRL2 q_l; - BOOL valid_ctrl2 = False; - fstring acct_name; + prs_struct rbuf; + prs_struct buf; + NET_Q_LOGON_CTRL2 q_l; + BOOL valid_ctrl2 = False; + fstring acct_name; - prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); - prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); + if (host_name == NULL) + return False; - if (host_name == NULL) return False; + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); - strcpy(acct_name, "\\\\"); - strcat(acct_name, host_name); + strcpy(acct_name, "\\\\"); + strcat(acct_name, host_name); - /* create and send a MSRPC command with api NET_LOGON_CTRL2 */ + /* create and send a MSRPC command with api NET_LOGON_CTRL2 */ - DEBUG(4,("LSA Logon Control2 from %s status level:%x\n", - host_name, status_level)); + DEBUG(4,("LSA Logon Control2 from %s status level:%x\n", + host_name, status_level)); - /* store the parameters */ - make_q_logon_ctrl2(&q_l, acct_name, status_level); + /* store the parameters */ + make_q_logon_ctrl2(&q_l, acct_name, status_level); - /* turn parameters into data stream */ - net_io_q_logon_ctrl2("", &q_l, &buf, 0); + /* turn parameters into data stream */ + net_io_q_logon_ctrl2("", &q_l, &buf, 0); - /* send the data on \PIPE\ */ - if (rpc_api_pipe_req(cli, t_idx, fnum, NET_LOGON_CTRL2, &buf, &rbuf)) - { - NET_R_LOGON_CTRL2 r_l; - BOOL p; + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, fnum, NET_LOGON_CTRL2, &buf, &rbuf)) + { + NET_R_LOGON_CTRL2 r_l; + BOOL ok; - net_io_r_logon_ctrl2("", &r_l, &rbuf, 0); - p = rbuf.offset != 0; + net_io_r_logon_ctrl2("", &r_l, &rbuf, 0); + ok = (rbuf.offset != 0); - if (p && r_l.status != 0) - { - /* report error code */ - DEBUG(0,("NET_R_LOGON_CTRL: %s\n", get_nt_error_msg(r_l.status))); - p = False; - } - - if (p) - { - valid_ctrl2 = True; - } - } - - prs_mem_free(&rbuf); - prs_mem_free(&buf ); - - - return valid_ctrl2; + if (ok && r_l.status != 0) + { + /* report error code */ + DEBUG(0,("NET_R_LOGON_CTRL: %s\n", get_nt_error_msg(r_l.status))); + ok = False; + } + + if (ok) + { + valid_ctrl2 = True; + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_ctrl2; } /**************************************************************************** do a LSA Authenticate 2 ****************************************************************************/ -BOOL do_net_auth2(struct cli_state *cli, int t_idx, uint16 fnum, - char *logon_srv, char *acct_name, uint16 sec_chan, char *comp_name, - DOM_CHAL *clnt_chal, uint32 neg_flags, DOM_CHAL *srv_chal) + +BOOL do_net_auth2(struct cli_state *cli, uint16 fnum, + char *logon_srv, char *acct_name, uint16 sec_chan, + char *comp_name, DOM_CHAL *clnt_chal, uint32 neg_flags, + DOM_CHAL *srv_chal) { - prs_struct rbuf; - prs_struct buf; - NET_Q_AUTH_2 q_a; - BOOL valid_chal = False; + prs_struct rbuf; + prs_struct buf; + NET_Q_AUTH_2 q_a; + BOOL valid_chal = False; - prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); - prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); + if (srv_chal == NULL || clnt_chal == NULL) + return False; - if (srv_chal == NULL || clnt_chal == NULL) return False; + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); - /* create and send a MSRPC command with api NET_AUTH2 */ - DEBUG(4,("LSA Authenticate 2: srv:%s acct:%s sc:%x mc: %s chal %s neg: %lx\n", - logon_srv, acct_name, sec_chan, comp_name, - credstr(clnt_chal->data), neg_flags)); + /* create and send a MSRPC command with api NET_AUTH2 */ - /* store the parameters */ - make_q_auth_2(&q_a, logon_srv, acct_name, sec_chan, comp_name, - clnt_chal, neg_flags); + DEBUG(4,("LSA Authenticate 2: srv:%s acct:%s sc:%x mc: %s chal %s neg: %lx\n", + logon_srv, acct_name, sec_chan, comp_name, + credstr(clnt_chal->data), neg_flags)); - /* turn parameters into data stream */ - net_io_q_auth_2("", &q_a, &buf, 0); + /* store the parameters */ + make_q_auth_2(&q_a, logon_srv, acct_name, sec_chan, comp_name, + clnt_chal, neg_flags); - /* send the data on \PIPE\ */ - if (rpc_api_pipe_req(cli, t_idx, fnum, NET_AUTH2, &buf, &rbuf)) - { - NET_R_AUTH_2 r_a; - BOOL p; + /* turn parameters into data stream */ + net_io_q_auth_2("", &q_a, &buf, 0); - net_io_r_auth_2("", &r_a, &rbuf, 0); - p = rbuf.offset != 0; + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, fnum, NET_AUTH2, &buf, &rbuf)) + { + NET_R_AUTH_2 r_a; + BOOL ok; + + net_io_r_auth_2("", &r_a, &rbuf, 0); + ok = (rbuf.offset != 0); - if (p && r_a.status != 0) - { - /* report error code */ - DEBUG(0,("NET_AUTH2: %s\n", get_nt_error_msg(r_a.status))); - p = False; - } - - if (p && r_a.srv_flgs.neg_flags != q_a.clnt_flgs.neg_flags) - { - /* report different neg_flags */ - DEBUG(0,("NET_AUTH2: error neg_flags (q,r) differ - (%lx,%lx)\n", - q_a.clnt_flgs.neg_flags, r_a.srv_flgs.neg_flags)); - p = False; - } - - if (p) - { - /* ok, at last: we're happy. return the challenge */ - memcpy(srv_chal, r_a.srv_chal.data, sizeof(srv_chal->data)); - valid_chal = True; - } - } - - prs_mem_free(&rbuf); - prs_mem_free(&buf ); - - - return valid_chal; + if (ok && r_a.status != 0) + { + /* report error code */ + DEBUG(0,("NET_AUTH2: %s\n", get_nt_error_msg(r_a.status))); + ok = False; + } + + if (ok && r_a.srv_flgs.neg_flags != q_a.clnt_flgs.neg_flags) + { + /* report different neg_flags */ + DEBUG(0,("NET_AUTH2: error neg_flags (q,r) differ - (%lx,%lx)\n", + q_a.clnt_flgs.neg_flags, r_a.srv_flgs.neg_flags)); + ok = False; + } + + if (ok) + { + /* ok, at last: we're happy. return the challenge */ + memcpy(srv_chal, r_a.srv_chal.data, sizeof(srv_chal->data)); + valid_chal = True; + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_chal; } /**************************************************************************** do a LSA Request Challenge ****************************************************************************/ -BOOL do_net_req_chal(struct cli_state *cli, int t_idx, uint16 fnum, - char *desthost, char *myhostname, - DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal) + +BOOL do_net_req_chal(struct cli_state *cli, uint16 fnum, + char *desthost, char *myhostname, + DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal) { - prs_struct rbuf; - prs_struct buf; - NET_Q_REQ_CHAL q_c; - BOOL valid_chal = False; + prs_struct rbuf; + prs_struct buf; + NET_Q_REQ_CHAL q_c; + BOOL valid_chal = False; + + if (srv_chal == NULL || clnt_chal == NULL) + return False; - prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); - prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); - if (srv_chal == NULL || clnt_chal == NULL) return False; - /* create and send a MSRPC command with api NET_REQCHAL */ + /* create and send a MSRPC command with api NET_REQCHAL */ - DEBUG(4,("LSA Request Challenge from %s to %s: %s\n", - desthost, myhostname, credstr(clnt_chal->data))); + DEBUG(4,("LSA Request Challenge from %s to %s: %s\n", + desthost, myhostname, credstr(clnt_chal->data))); - /* store the parameters */ - make_q_req_chal(&q_c, desthost, myhostname, clnt_chal); + /* store the parameters */ + make_q_req_chal(&q_c, desthost, myhostname, clnt_chal); - /* turn parameters into data stream */ - net_io_q_req_chal("", &q_c, &buf, 0); + /* turn parameters into data stream */ + net_io_q_req_chal("", &q_c, &buf, 0); - /* send the data on \PIPE\ */ - if (rpc_api_pipe_req(cli, t_idx, fnum, NET_REQCHAL, &buf, &rbuf)) - { - NET_R_REQ_CHAL r_c; - BOOL p; + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, fnum, NET_REQCHAL, &buf, &rbuf)) + { + NET_R_REQ_CHAL r_c; + BOOL ok; - net_io_r_req_chal("", &r_c, &rbuf, 0); - p = rbuf.offset != 0; + net_io_r_req_chal("", &r_c, &rbuf, 0); + ok = (rbuf.offset != 0); - if (p && r_c.status != 0) - { - /* report error code */ - DEBUG(0,("NET_REQ_CHAL: %s\n", get_nt_error_msg(r_c.status))); - p = False; - } - - if (p) - { - /* ok, at last: we're happy. return the challenge */ - memcpy(srv_chal, r_c.srv_chal.data, sizeof(srv_chal->data)); - valid_chal = True; - } - } - - prs_mem_free(&rbuf); - prs_mem_free(&buf ); - - - return valid_chal; + if (ok && r_c.status != 0) + { + /* report error code */ + DEBUG(0,("NET_REQ_CHAL: %s\n", get_nt_error_msg(r_c.status))); + ok = False; + } + + if (ok) + { + /* ok, at last: we're happy. return the challenge */ + memcpy(srv_chal, r_c.srv_chal.data, sizeof(srv_chal->data)); + valid_chal = True; + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_chal; } /*************************************************************************** do a LSA Server Password Set ****************************************************************************/ -BOOL do_net_srv_pwset(struct cli_state *cli, int t_idx, uint16 fnum, - uchar sess_key[16], DOM_CRED *sto_clnt_cred, - char *logon_srv, char *mach_acct, uint16 sec_chan_type, char *comp_name, - DOM_CRED *clnt_cred, DOM_CRED *srv_cred, - uint8 nt_owf_new_mach_pwd[16]) + +BOOL do_net_srv_pwset(struct cli_state *cli, uint16 fnum, + uchar sess_key[16], DOM_CRED *sto_clnt_cred, + char *logon_srv, char *mach_acct, uint16 sec_chan_type, + char *comp_name, DOM_CRED *clnt_cred, DOM_CRED *srv_cred, + uint8 nt_owf_new_mach_pwd[16]) { - prs_struct rbuf; - prs_struct buf; - NET_Q_SRV_PWSET q_s; - BOOL valid_cred = False; + prs_struct rbuf; + prs_struct buf; + NET_Q_SRV_PWSET q_s; + BOOL valid_cred = False; + + if (srv_cred == NULL || clnt_cred == NULL) + return False; - prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); - prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); - if (srv_cred == NULL || clnt_cred == NULL) return False; - /* create and send a MSRPC command with api NET_SRV_PWSET */ + /* create and send a MSRPC command with api NET_SRV_PWSET */ - DEBUG(4,("LSA Server Password Set: srv:%s acct:%s sc: %d mc: %s clnt %s %lx\n", - logon_srv, mach_acct, sec_chan_type, comp_name, - credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time)); + DEBUG(4,("LSA Server Password Set: srv:%s acct:%s sc: %d mc: %s clnt %s %lx\n", + logon_srv, mach_acct, sec_chan_type, comp_name, + credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time)); - /* store the parameters */ - make_q_srv_pwset(&q_s, - sess_key, - logon_srv, mach_acct, sec_chan_type, comp_name, - clnt_cred, - nt_owf_new_mach_pwd); + /* store the parameters */ + make_q_srv_pwset(&q_s, sess_key, logon_srv, mach_acct, sec_chan_type, + comp_name, clnt_cred, nt_owf_new_mach_pwd); - /* turn parameters into data stream */ - net_io_q_srv_pwset("", &q_s, &buf, 0); + /* turn parameters into data stream */ + net_io_q_srv_pwset("", &q_s, &buf, 0); - /* send the data on \PIPE\ */ - if (rpc_api_pipe_req(cli, t_idx, fnum, NET_SRVPWSET, &buf, &rbuf)) - { - NET_R_SRV_PWSET r_s; - BOOL p; + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, fnum, NET_SRVPWSET, &buf, &rbuf)) + { + NET_R_SRV_PWSET r_s; + BOOL ok; - net_io_r_srv_pwset("", &r_s, &rbuf, 0); - p = rbuf.offset != 0; + net_io_r_srv_pwset("", &r_s, &rbuf, 0); + ok = (rbuf.offset != 0); - if (p && r_s.status != 0) - { - /* report error code */ - DEBUG(0,("NET_R_SRV_PWSET: %s\n", get_nt_error_msg(r_s.status))); - p = False; - } - - if (p) - { - if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_cred))) - { - DEBUG(5, ("do_net_srv_pwset: server credential check OK\n")); - /* ok, at last: we're happy. return the challenge */ - memcpy(srv_cred, &(r_s.srv_cred), sizeof(r_s.srv_cred)); - valid_cred = True; - } - else - { - DEBUG(5, ("do_net_srv_pwset: server credential check failed\n")); - } - } - } - - prs_mem_free(&rbuf); - prs_mem_free(&buf ); - - - return valid_cred; + if (ok && r_s.status != 0) + { + /* report error code */ + DEBUG(0,("NET_R_SRV_PWSET: %s\n", get_nt_error_msg(r_s.status))); + ok = False; + } + + if (ok) + { + if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_cred))) + { + DEBUG(5, ("do_net_srv_pwset: server credential check OK\n")); + /* ok, at last: we're happy. return the challenge */ + memcpy(srv_cred, &(r_s.srv_cred), sizeof(r_s.srv_cred)); + valid_cred = True; + } + else + { + DEBUG(5, ("do_net_srv_pwset: server credential check failed\n")); + } + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_cred; } /*************************************************************************** do a LSA SAM Logon ****************************************************************************/ -BOOL do_net_sam_logon(struct cli_state *cli, int t_idx, uint16 fnum, - uchar sess_key[8], DOM_CRED *sto_clnt_cred, - char *logon_srv, char *comp_name, - DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, - uint16 logon_level, NET_ID_INFO_CTR *ctr, uint16 validation_level, - NET_USER_INFO_3 *user_info3, - DOM_CRED *srv_cred) + +BOOL do_net_sam_logon(struct cli_state *cli, uint16 fnum, + uchar sess_key[8], DOM_CRED *sto_clnt_cred, + char *logon_srv, char *comp_name, + DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, + uint16 logon_level, NET_ID_INFO_CTR *ctr, + uint16 validation_level, NET_USER_INFO_3 *user_info3, + DOM_CRED *srv_cred) { - prs_struct rbuf; - prs_struct buf; - NET_Q_SAM_LOGON q_s; - BOOL valid_cred = False; + prs_struct rbuf; + prs_struct buf; + NET_Q_SAM_LOGON q_s; + BOOL valid_cred = False; + + if (srv_cred == NULL || clnt_cred == NULL || rtn_cred == NULL || user_info3 == NULL) + return False; - prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); - prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); - if (srv_cred == NULL || clnt_cred == NULL || rtn_cred == NULL || user_info3 == NULL) return False; - /* create and send a MSRPC command with api NET_SAMLOGON */ + /* create and send a MSRPC command with api NET_SAMLOGON */ - DEBUG(4,("LSA SAM Logon: srv:%s mc:%s clnt %s %lx rtn: %s %lx ll: %d\n", - logon_srv, comp_name, - credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time, - credstr(rtn_cred->challenge.data), rtn_cred ->timestamp.time, - logon_level)); + DEBUG(4,("LSA SAM Logon: srv:%s mc:%s clnt %s %lx rtn: %s %lx ll: %d\n", + logon_srv, comp_name, + credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time, + credstr(rtn_cred->challenge.data), rtn_cred ->timestamp.time, + logon_level)); - /* store the parameters */ - make_sam_info(&(q_s.sam_id), logon_srv, comp_name, - clnt_cred, rtn_cred, - logon_level, ctr, validation_level); + /* store the parameters */ + make_sam_info(&(q_s.sam_id), logon_srv, comp_name, + clnt_cred, rtn_cred, logon_level, ctr, validation_level); - /* turn parameters into data stream */ - net_io_q_sam_logon("", &q_s, &buf, 0); + /* turn parameters into data stream */ + net_io_q_sam_logon("", &q_s, &buf, 0); - /* send the data on \PIPE\ */ - if (rpc_api_pipe_req(cli, t_idx, fnum, NET_SAMLOGON, &buf, &rbuf)) - { - NET_R_SAM_LOGON r_s; - BOOL p; + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, fnum, NET_SAMLOGON, &buf, &rbuf)) + { + NET_R_SAM_LOGON r_s; + BOOL ok; - r_s.user = user_info3; + r_s.user = user_info3; - net_io_r_sam_logon("", &r_s, &rbuf, 0); - p = rbuf.offset != 0; + net_io_r_sam_logon("", &r_s, &rbuf, 0); + ok = (rbuf.offset != 0); - if (p && r_s.status != 0) - { - /* report error code */ - DEBUG(0,("NET_SAMLOGON: %s\n", get_nt_error_msg(r_s.status))); - p = False; - } - - if (p && r_s.switch_value != 3) - { - /* report different switch_value */ - DEBUG(0,("NET_SAMLOGON: switch_value of 3 expected %x\n", - r_s.switch_value)); - p = False; - } - - if (p) - { - if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_creds))) - { - DEBUG(5, ("do_net_sam_logon: server credential check OK\n")); - /* ok, at last: we're happy. return the challenge */ - memcpy(srv_cred, &(r_s.srv_creds), sizeof(r_s.srv_creds)); - valid_cred = True; - } - else - { - DEBUG(5, ("do_net_sam_logon: server credential check failed\n")); - } - } - } - - prs_mem_free(&rbuf); - prs_mem_free(&buf ); - - return valid_cred; + if (ok && r_s.status != 0) + { + /* report error code */ + DEBUG(0,("NET_SAMLOGON: %s\n", get_nt_error_msg(r_s.status))); + ok = False; + } + + if (ok && r_s.switch_value != 3) + { + /* report different switch_value */ + DEBUG(0,("NET_SAMLOGON: switch_value of 3 expected %x\n", + r_s.switch_value)); + ok = False; + } + + if (ok) + { + if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_creds))) + { + DEBUG(5, ("do_net_sam_logon: server credential check OK\n")); + /* ok, at last: we're happy. return the challenge */ + memcpy(srv_cred, &(r_s.srv_creds), sizeof(r_s.srv_creds)); + valid_cred = True; + } + else + { + DEBUG(5, ("do_net_sam_logon: server credential check failed\n")); + } + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_cred; } /*************************************************************************** do a LSA SAM Logoff ****************************************************************************/ -BOOL do_net_sam_logoff(struct cli_state *cli, int t_idx, uint16 fnum, - uchar sess_key[8], DOM_CRED *sto_clnt_cred, - char *logon_srv, char *comp_name, - DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, - uint16 logon_level, NET_ID_INFO_CTR *ctr, uint16 validation_level, - DOM_CRED *srv_cred) + +BOOL do_net_sam_logoff(struct cli_state *cli, uint16 fnum, + uchar sess_key[8], DOM_CRED *sto_clnt_cred, + char *logon_srv, char *comp_name, + DOM_CRED *clnt_cred, DOM_CRED *rtn_cred, + uint16 logon_level, NET_ID_INFO_CTR *ctr, + uint16 validation_level, DOM_CRED *srv_cred) { - prs_struct rbuf; - prs_struct buf; - NET_Q_SAM_LOGOFF q_s; - BOOL valid_cred = False; + prs_struct rbuf; + prs_struct buf; + NET_Q_SAM_LOGOFF q_s; + BOOL valid_cred = False; - prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); - prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); + if (srv_cred == NULL || clnt_cred == NULL || rtn_cred == NULL) + return False; - if (srv_cred == NULL || clnt_cred == NULL || rtn_cred == NULL) return False; + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0, 4, SAFETY_MARGIN, True ); - /* create and send a MSRPC command with api NET_SAMLOGON */ + /* create and send a MSRPC command with api NET_SAMLOGON */ - DEBUG(4,("LSA SAM Logoff: srv:%s mc:%s clnt %s %lx rtn: %s %lx ll: %d\n", - logon_srv, comp_name, - credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time, - credstr(rtn_cred->challenge.data), rtn_cred ->timestamp.time, - logon_level)); + DEBUG(4,("LSA SAM Logoff: srv:%s mc:%s clnt %s %lx rtn: %s %lx ll: %d\n", + logon_srv, comp_name, + credstr(clnt_cred->challenge.data), clnt_cred->timestamp.time, + credstr(rtn_cred->challenge.data), rtn_cred ->timestamp.time, + logon_level)); - /* store the parameters */ - make_sam_info(&(q_s.sam_id), logon_srv, comp_name, - clnt_cred, rtn_cred, - logon_level, ctr, validation_level); + /* store the parameters */ + make_sam_info(&(q_s.sam_id), logon_srv, comp_name, + clnt_cred, rtn_cred, logon_level, ctr, validation_level); - /* turn parameters into data stream */ - net_io_q_sam_logoff("", &q_s, &buf, 0); + /* turn parameters into data stream */ + net_io_q_sam_logoff("", &q_s, &buf, 0); - /* send the data on \PIPE\ */ - if (rpc_api_pipe_req(cli, t_idx, fnum, NET_SAMLOGOFF, &buf, &rbuf)) - { - NET_R_SAM_LOGOFF r_s; - BOOL p; + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, fnum, NET_SAMLOGOFF, &buf, &rbuf)) + { + NET_R_SAM_LOGOFF r_s; + BOOL ok; - net_io_r_sam_logoff("", &r_s, &rbuf, 0); - p = rbuf.offset != 0; + net_io_r_sam_logoff("", &r_s, &rbuf, 0); + ok = (rbuf.offset != 0); - if (p && r_s.status != 0) - { - /* report error code */ - DEBUG(0,("NET_SAMLOGOFF: %s\n", get_nt_error_msg(r_s.status))); - p = False; - } - - if (p) - { - if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_creds))) - { - DEBUG(5, ("do_net_sam_logoff: server credential check OK\n")); - /* ok, at last: we're happy. return the challenge */ - memcpy(srv_cred, &(r_s.srv_creds), sizeof(r_s.srv_creds)); - valid_cred = True; - } - else - { - DEBUG(5, ("do_net_sam_logoff: server credential check failed\n")); - } - } - } - - prs_mem_free(&rbuf); - prs_mem_free(&buf ); - - - return valid_cred; + if (ok && r_s.status != 0) + { + /* report error code */ + DEBUG(0,("NET_SAMLOGOFF: %s\n", get_nt_error_msg(r_s.status))); + ok = False; + } + + if (ok) + { + if (clnt_deal_with_creds(sess_key, sto_clnt_cred, &(r_s.srv_creds))) + { + DEBUG(5, ("do_net_sam_logoff: server credential check OK\n")); + /* ok, at last: we're happy. return the challenge */ + memcpy(srv_cred, &(r_s.srv_creds), sizeof(r_s.srv_creds)); + valid_cred = True; + } + else + { + DEBUG(5, ("do_net_sam_logoff: server credential check failed\n")); + } + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_cred; } - - diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 91ba8a263e..e4853f8da9 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -30,103 +30,109 @@ #include "includes.h" extern int DEBUGLEVEL; - - extern struct pipe_id_info pipe_names[]; /******************************************************************** rpc pipe call id ********************************************************************/ + uint32 get_rpc_call_id(void) { - static uint32 call_id = 1; - return ++call_id; + static uint32 call_id = 1; + return ++call_id; } /******************************************************************* uses SMBreadX to get rest of rpc data ********************************************************************/ -static BOOL rpc_read(struct cli_state *cli, int t_idx, uint16 fnum, - prs_struct *rdata, uint32 data_to_read, uint32 rdata_offset) + +static BOOL rpc_read(struct cli_state *cli, uint16 fnum, + prs_struct *rdata, uint32 data_to_read, + uint32 rdata_offset) { - int size = 0x1630; - int file_offset = rdata_offset; - int num_read; - char *data = rdata->data->data; - uint32 err; - uint32 new_data_size = rdata->data->data_used + data_to_read; - data += rdata_offset; + int size = 0x1630; + int file_offset = rdata_offset; + int num_read; + char *data = rdata->data->data; + uint32 err; + uint32 new_data_size = rdata->data->data_used + data_to_read; + + data += rdata_offset; - file_offset -= rdata_offset; + file_offset -= rdata_offset; - DEBUG(5,("rpc_read: data_to_read: %d data offset: %d file offset: %d\n", - data_to_read, rdata_offset, file_offset)); + DEBUG(5,("rpc_read: data_to_read: %d data offset: %d file offset: %d\n", + data_to_read, rdata_offset, file_offset)); - if (new_data_size > rdata->data->data_size) - { - mem_grow_data(&rdata->data, True, new_data_size, True); - DEBUG(5,("rpc_read: grow buffer to %d\n", rdata->data->data_used)); - } + if (new_data_size > rdata->data->data_size) + { + mem_grow_data(&rdata->data, True, new_data_size, True); + DEBUG(5,("rpc_read: grow buffer to %d\n", rdata->data->data_used)); + } - do /* read data using SMBreadX */ - { - if (size > data_to_read) size = data_to_read; + do /* read data using SMBreadX */ + { + if (size > data_to_read) + size = data_to_read; - new_data_size = rdata->data->data_used + size; + new_data_size = rdata->data->data_used + size; - if (new_data_size > rdata->data->data_size) - { - mem_grow_data(&rdata->data, True, new_data_size, True); - DEBUG(5,("rpc_read: grow buffer to %d\n", rdata->data->data_used)); - } + if (new_data_size > rdata->data->data_size) + { + mem_grow_data(&rdata->data, True, new_data_size, True); + DEBUG(5,("rpc_read: grow buffer to %d\n", rdata->data->data_used)); + } - num_read = cli_readx(cli, t_idx, fnum, data, file_offset + 0x100000, size); + num_read = cli_read(cli, fnum, data, file_offset + 0x100000, size); - DEBUG(5,("rpc_read: read offset: %d read: %d to read: %d\n", - file_offset, num_read, data_to_read)); + DEBUG(5,("rpc_read: read offset: %d read: %d to read: %d\n", + file_offset, num_read, data_to_read)); - data_to_read -= num_read; - file_offset += num_read; - data += num_read; + data_to_read -= num_read; + file_offset += num_read; + data += num_read; - if (cli_error(cli, NULL, &err)) return False; + if (cli_error(cli, NULL, &err)) + return False; - } while (num_read > 0 && data_to_read > 0); /* && err == (0x80000000 | STATUS_BUFFER_OVERFLOW)); */ + } while (num_read > 0 && data_to_read > 0); + /* && err == (0x80000000 | STATUS_BUFFER_OVERFLOW)); */ - mem_realloc_data(rdata->data, file_offset + rdata_offset); - rdata->data->offset.end = file_offset + rdata_offset; + mem_realloc_data(rdata->data, file_offset + rdata_offset); + rdata->data->offset.end = file_offset + rdata_offset; - DEBUG(5,("rpc_read: data supposedly left to read:0x%x\n", data_to_read)); + DEBUG(5,("rpc_read: data supposedly left to read:0x%x\n", data_to_read)); - return data_to_read == 0; + return data_to_read == 0; } /**************************************************************************** checks the header ****************************************************************************/ static BOOL rpc_check_hdr(prs_struct *rdata, uint8 *pkt_type, - BOOL *first, BOOL *last, int *len) + BOOL *first, BOOL *last, int *len) { - RPC_HDR rhdr; + RPC_HDR rhdr; - DEBUG(5,("rpc_check_hdr: rdata->data->data_used: %d\n", rdata->data->data_used)); + DEBUG(5,("rpc_check_hdr: rdata->data->data_used: %d\n", rdata->data->data_used)); - smb_io_rpc_hdr ("rpc_hdr ", &rhdr , rdata, 0); + smb_io_rpc_hdr ("rpc_hdr ", &rhdr , rdata, 0); - if (!rdata->offset || rdata->offset != 0x10) - { - DEBUG(5,("cli_pipe: error in rpc header\n")); - return False; - } + if (!rdata->offset || rdata->offset != 0x10) + { + DEBUG(5,("cli_pipe: error in rpc header\n")); + return False; + } - DEBUG(5,("rpc_check_hdr: (after smb_io_rpc_hdr call) rdata->data->data_used: %d\n", rdata->data->data_used)); + DEBUG(5,("rpc_check_hdr: (after smb_io_rpc_hdr call) rdata->data->data_used: %d\n", + rdata->data->data_used)); - (*first ) = IS_BITS_SET_ALL(rhdr.flags, RPC_FLG_FIRST); - (*last ) = IS_BITS_SET_ALL(rhdr.flags, RPC_FLG_LAST ); - (*len ) = rhdr.frag_len - rdata->data->data_used; - (*pkt_type) = rhdr.pkt_type; + (*first ) = IS_BITS_SET_ALL(rhdr.flags, RPC_FLG_FIRST); + (*last ) = IS_BITS_SET_ALL(rhdr.flags, RPC_FLG_LAST ); + (*len ) = rhdr.frag_len - rdata->data->data_used; + (*pkt_type) = rhdr.pkt_type; - return True; + return True; } /**************************************************************************** @@ -146,116 +152,119 @@ static BOOL rpc_check_hdr(prs_struct *rdata, uint8 *pkt_type, down. in other words, state-based (kernel) techniques...] ****************************************************************************/ -BOOL rpc_api_pipe(struct cli_state *cli, int t_idx, - uint16 cmd, uint16 fnum, - prs_struct *param , prs_struct *data, - prs_struct *rparam, prs_struct *rdata) -{ - int len; - uint16 setup[2]; /* only need 2 uint16 setup parameters */ - uint32 err; - uint8 pkt_type = 0xff; - BOOL first = True; - BOOL last = True; +BOOL rpc_api_pipe(struct cli_state *cli, uint16 cmd, uint16 fnum, + prs_struct *param , prs_struct *data, + prs_struct *rparam, prs_struct *rdata) +{ + int len; - /* prepare return data and params */ + uint16 setup[2]; /* only need 2 uint16 setup parameters */ + uint32 err; + uint8 pkt_type = 0xff; + BOOL first = True; + BOOL last = True; - /* create setup parameters. */ - setup[0] = cmd; - setup[1] = fnum; /* pipe file handle. got this from an SMBcreateX. */ + /* prepare return data and params */ - /* send the data: receive a response. */ - if (!cli_api_pipe(cli, t_idx, "\\PIPE\\\0\0\0", 8, + /* create setup parameters. */ + setup[0] = cmd; + setup[1] = fnum; /* pipe file handle. got this from an SMBcreateX. */ + /* send the data: receive a response. */ + if (!cli_api_pipe(cli, "\\PIPE\\\0\0\0", 8, param != NULL ? param->data->data_used : 0, data != NULL ? data ->data->data_used : 0, 2, - 0, data != NULL ? 1024 : 0 , - param != NULL ? param->data->data : NULL, data != NULL ? data ->data->data : NULL, setup, - rparam != NULL ? rparam->data : NULL, rdata != NULL ? rdata ->data : NULL)) - { - DEBUG(5, ("cli_pipe: return critical error\n")); - return False; - } + { + DEBUG(5, ("cli_pipe: return critical error\n")); + return False; + } - if (cli_error(cli, NULL, &err)) return False; + if (cli_error(cli, NULL, &err)) + return False; - if (rdata->data->data == NULL) return False; + if (rdata->data->data == NULL) + return False; - /**** parse the header: check it's a response record */ + /**** parse the header: check it's a response record */ - rdata->data->offset.start = 0; - rdata->data->offset.end = rdata->data->data_used; - rdata->offset = 0; + rdata->data->offset.start = 0; + rdata->data->offset.end = rdata->data->data_used; + rdata->offset = 0; - if (!rpc_check_hdr(rdata, &pkt_type, &first, &last, &len)) return False; + if (!rpc_check_hdr(rdata, &pkt_type, &first, &last, &len)) + return False; + + if (pkt_type == RPC_RESPONSE) + { + RPC_HDR_RESP rhdr_resp; + smb_io_rpc_hdr_resp("rpc_hdr_resp", &rhdr_resp, rdata, 0); + } + + DEBUG(5,("rpc_api_pipe: len left: %d smbtrans read: %d\n", + len, rdata->data->data_used)); + + /* check if data to be sent back was too large for one SMB. */ + /* err status is only informational: the _real_ check is on the length */ + if (len > 0) /* || err == (0x80000000 | STATUS_BUFFER_OVERFLOW)) */ + { + if (!rpc_read(cli, fnum, rdata, len, rdata->data->data_used)) + return False; + } + + /* only one rpc fragment, and it has been read */ + if (first && last) + { + DEBUG(6,("rpc_api_pipe: fragment first and last both set\n")); + return True; + } + + while (!last) /* read more fragments until we get the last one */ + { + RPC_HDR rhdr; + RPC_HDR_RESP rhdr_resp; + int num_read; + prs_struct hps; + + prs_init(&hps, 0x18, 4, 0, True); - if (pkt_type == RPC_RESPONSE) - { - RPC_HDR_RESP rhdr_resp; - smb_io_rpc_hdr_resp("rpc_hdr_resp", &rhdr_resp, rdata, 0); - } - - DEBUG(5,("rpc_api_pipe: len left: %d smbtrans read: %d\n", - len, rdata->data->data_used)); - - /* check if data to be sent back was too large for one SMB. */ - /* err status is only informational: the _real_ check is on the length */ - if (len > 0) /* || err == (0x80000000 | STATUS_BUFFER_OVERFLOW)) */ - { - if (!rpc_read(cli, t_idx, fnum, rdata, len, rdata->data->data_used)) return False; - } - - /* only one rpc fragment, and it has been read */ - if (first && last) - { - DEBUG(6,("rpc_api_pipe: fragment first and last both set\n")); - return True; - } - - while (!last) /* read more fragments until we get the last one */ - { - RPC_HDR rhdr; - RPC_HDR_RESP rhdr_resp; - int num_read; - prs_struct hps; - - prs_init(&hps, 0x18, 4, 0, True); - - num_read = cli_readx(cli, t_idx, fnum, hps.data->data, 0, 0x18); - DEBUG(5,("rpc_api_pipe: read header (size:%d)\n", num_read)); - - if (num_read != 0x18) return False; - - smb_io_rpc_hdr ("rpc_hdr ", &rhdr , &hps, 0); - smb_io_rpc_hdr_resp("rpc_hdr_resp", &rhdr_resp, &hps, 0); - - prs_mem_free(&hps); - - if (cli_error(cli, NULL, &err)) return False; - - first = IS_BITS_SET_ALL(rhdr.flags, RPC_FLG_FIRST); - last = IS_BITS_SET_ALL(rhdr.flags, RPC_FLG_LAST ); - - if (first) - { - DEBUG(4,("rpc_api_pipe: wierd rpc header received\n")); - return False; - } - - len = rhdr.frag_len - hps.offset; - if (!rpc_read(cli, t_idx, fnum, rdata, len, rdata->data->data_used)) return False; - } - - return True; + num_read = cli_read(cli, fnum, hps.data->data, 0, 0x18); + DEBUG(5,("rpc_api_pipe: read header (size:%d)\n", num_read)); + + if (num_read != 0x18) + return False; + + smb_io_rpc_hdr ("rpc_hdr ", &rhdr , &hps, 0); + smb_io_rpc_hdr_resp("rpc_hdr_resp", &rhdr_resp, &hps, 0); + + prs_mem_free(&hps); + + if (cli_error(cli, NULL, &err)) + return False; + + first = IS_BITS_SET_ALL(rhdr.flags, RPC_FLG_FIRST); + last = IS_BITS_SET_ALL(rhdr.flags, RPC_FLG_LAST ); + + if (first) + { + DEBUG(4,("rpc_api_pipe: wierd rpc header received\n")); + return False; + } + + len = rhdr.frag_len - hps.offset; + if (!rpc_read(cli, fnum, rdata, len, rdata->data->data_used)) + return False; + } + + return True; } /******************************************************************* @@ -266,72 +275,72 @@ BOOL rpc_api_pipe(struct cli_state *cli, int t_idx, - caller is expected to free the header data structure once used. ********************************************************************/ + static BOOL create_rpc_bind_req(prs_struct *rhdr, - prs_struct *rhdr_rb, - prs_struct *auth_req, - RPC_IFACE *abstract, RPC_IFACE *transfer, - char *my_name, char *domain) + prs_struct *rhdr_rb, + prs_struct *auth_req, + RPC_IFACE *abstract, RPC_IFACE *transfer, + char *my_name, char *domain) { - RPC_HDR_RB hdr_rb; - RPC_HDR hdr; - RPC_AUTH_NTLMSSP_REQ ntlmssp_req; - - /* create the bind request RPC_HDR_RB */ - make_rpc_hdr_rb(&hdr_rb, - 0x1630, 0x1630, 0x0, - 0x1, 0x0, 0x1, - abstract, transfer); - - /* stream the bind request data */ - smb_io_rpc_hdr_rb("", &hdr_rb, rhdr_rb, 0); - mem_realloc_data(rhdr_rb->data, rhdr_rb->offset); - - if (auth_req != NULL) - { - make_rpc_auth_ntlmssp_req(&ntlmssp_req, - "NTLMSSP", 0x1, - 0x0000b2b3, - my_name, domain); - smb_io_rpc_auth_ntlmssp_req("", &ntlmssp_req, auth_req, 0); - mem_realloc_data(auth_req->data, auth_req->offset); - } - - /* create the request RPC_HDR */ - make_rpc_hdr(&hdr, RPC_BIND, 0x0, get_rpc_call_id(), - rhdr_rb->offset, - auth_req != NULL ? auth_req->offset : 0); - - smb_io_rpc_hdr("hdr" , &hdr , rhdr, 0); - mem_realloc_data(rhdr->data, rhdr->offset); - - if (rhdr->data == NULL || rhdr_rb->data == NULL) return False; - - /***/ - /*** link rpc header, bind acknowledgment and authentication responses ***/ - /***/ - - rhdr->data->offset.start = 0; - rhdr->data->offset.end = rhdr->offset; - rhdr->data->next = rhdr_rb->data; - - if (auth_req != NULL) - { - rhdr_rb->data->offset.start = rhdr->offset; - rhdr_rb->data->offset.end = rhdr->offset + rhdr_rb->offset; - rhdr_rb->data->next = auth_req->data; - - auth_req->data->offset.start = rhdr->offset + rhdr_rb->offset; - auth_req->data->offset.end = rhdr->offset + auth_req->offset + rhdr_rb->offset; - auth_req->data->next = NULL; - } - else - { - rhdr_rb->data->offset.start = rhdr->offset; - rhdr_rb->data->offset.end = rhdr->offset + rhdr_rb->offset; - rhdr_rb->data->next = NULL; - } - - return True; + RPC_HDR_RB hdr_rb; + RPC_HDR hdr; + RPC_AUTH_NTLMSSP_REQ ntlmssp_req; + + /* create the bind request RPC_HDR_RB */ + make_rpc_hdr_rb(&hdr_rb, 0x1630, 0x1630, 0x0, + 0x1, 0x0, 0x1, abstract, transfer); + + /* stream the bind request data */ + smb_io_rpc_hdr_rb("", &hdr_rb, rhdr_rb, 0); + mem_realloc_data(rhdr_rb->data, rhdr_rb->offset); + + if (auth_req != NULL) + { + /* + * I have a feeling this is broken right now... JRA. + */ + make_rpc_auth_ntlmssp_req(&ntlmssp_req, "NTLMSSP", 0x1, + 0x0000b2b3, my_name, domain); + smb_io_rpc_auth_ntlmssp_req("", &ntlmssp_req, auth_req, 0); + mem_realloc_data(auth_req->data, auth_req->offset); + } + + /* create the request RPC_HDR */ + make_rpc_hdr(&hdr, RPC_BIND, 0x0, get_rpc_call_id(), + rhdr_rb->offset, auth_req != NULL ? auth_req->offset : 0); + + smb_io_rpc_hdr("hdr" , &hdr , rhdr, 0); + mem_realloc_data(rhdr->data, rhdr->offset); + + if (rhdr->data == NULL || rhdr_rb->data == NULL) + return False; + + /***/ + /*** link rpc header, bind acknowledgment and authentication responses ***/ + /***/ + + rhdr->data->offset.start = 0; + rhdr->data->offset.end = rhdr->offset; + rhdr->data->next = rhdr_rb->data; + + if (auth_req != NULL) + { + rhdr_rb->data->offset.start = rhdr->offset; + rhdr_rb->data->offset.end = rhdr->offset + rhdr_rb->offset; + rhdr_rb->data->next = auth_req->data; + + auth_req->data->offset.start = rhdr->offset + rhdr_rb->offset; + auth_req->data->offset.end = rhdr->offset + auth_req->offset + rhdr_rb->offset; + auth_req->data->next = NULL; + } + else + { + rhdr_rb->data->offset.start = rhdr->offset; + rhdr_rb->data->offset.end = rhdr->offset + rhdr_rb->offset; + rhdr_rb->data->next = NULL; + } + + return True; } @@ -343,354 +352,353 @@ static BOOL create_rpc_bind_req(prs_struct *rhdr, - caller is expected to free the header data structure once used. ********************************************************************/ + static BOOL create_rpc_request(prs_struct *rhdr, uint8 op_num, int data_len) { - RPC_HDR_REQ hdr_req; - RPC_HDR hdr; + RPC_HDR_REQ hdr_req; + RPC_HDR hdr; - DEBUG(5,("create_rpc_request: opnum: 0x%x data_len: 0x%x\n", - op_num, data_len)); + DEBUG(5,("create_rpc_request: opnum: 0x%x data_len: 0x%x\n", + op_num, data_len)); - /* create the rpc header RPC_HDR */ - make_rpc_hdr(&hdr , RPC_REQUEST, RPC_FLG_FIRST | RPC_FLG_LAST, - get_rpc_call_id(), data_len + 0x18, 0); + /* create the rpc header RPC_HDR */ + make_rpc_hdr(&hdr , RPC_REQUEST, RPC_FLG_FIRST | RPC_FLG_LAST, + get_rpc_call_id(), data_len + 0x18, 0); - /* create the rpc request RPC_HDR_REQ */ - make_rpc_hdr_req(&hdr_req, data_len, op_num); + /* create the rpc request RPC_HDR_REQ */ + make_rpc_hdr_req(&hdr_req, data_len, op_num); - /* stream-time... */ - smb_io_rpc_hdr ("hdr ", &hdr , rhdr, 0); - smb_io_rpc_hdr_req("hdr_req", &hdr_req, rhdr, 0); + /* stream-time... */ + smb_io_rpc_hdr ("hdr ", &hdr , rhdr, 0); + smb_io_rpc_hdr_req("hdr_req", &hdr_req, rhdr, 0); - if (rhdr->data == NULL || rhdr->offset != 0x18) return False; + if (rhdr->data == NULL || rhdr->offset != 0x18) + return False; - rhdr->data->offset.start = 0; - rhdr->data->offset.end = rhdr->offset; + rhdr->data->offset.start = 0; + rhdr->data->offset.end = rhdr->offset; - return True; + return True; } /**************************************************************************** send a request on an rpc pipe. ****************************************************************************/ -BOOL rpc_api_pipe_req(struct cli_state *cli, int t_idx, uint16 fnum, - uint8 op_num, - prs_struct *data, prs_struct *rdata) +BOOL rpc_api_pipe_req(struct cli_state *cli, uint16 fnum, uint8 op_num, + prs_struct *data, prs_struct *rdata) { - /* fudge this, at the moment: create the header; memcpy the data. oops. */ - prs_struct rparam; - prs_struct hdr; - int data_len; - BOOL ret; + /* fudge this, at the moment: create the header; memcpy the data. oops. */ + prs_struct rparam; + prs_struct hdr; + int data_len; + BOOL ret; - data_len = data->offset + 0x18; - data->data->offset.end = data->offset; + data_len = data->offset + 0x18; + data->data->offset.end = data->offset; - prs_init(&hdr , data_len, 4, SAFETY_MARGIN, False); - prs_init(&rparam, 0 , 4, 0 , True ); + prs_init(&hdr , data_len, 4, SAFETY_MARGIN, False); + prs_init(&rparam, 0 , 4, 0 , True ); - create_rpc_request(&hdr, op_num, data_len); + create_rpc_request(&hdr, op_num, data_len); - mem_realloc_data(hdr.data, data_len); - hdr.data->offset.end = data_len; - mem_buf_copy(mem_data(&(hdr.data), 0x18), data->data, 0, data->offset); + mem_realloc_data(hdr.data, data_len); + hdr.data->offset.end = data_len; + mem_buf_copy(mem_data(&(hdr.data), 0x18), data->data, 0, data->offset); - ret = rpc_api_pipe(cli, t_idx, 0x0026, fnum, NULL, &hdr, &rparam, rdata); + ret = rpc_api_pipe(cli, 0x0026, fnum, NULL, &hdr, &rparam, rdata); - prs_mem_free(&rparam); - prs_mem_free(&hdr); + prs_mem_free(&rparam); + prs_mem_free(&hdr); - return ret; + return ret; } /**************************************************************************** do an rpc bind ****************************************************************************/ -BOOL rpc_pipe_set_hnd_state(struct cli_state *cli, int t_idx, - char *pipe_name, uint16 fnum, uint16 device_state) -{ - prs_struct param; - prs_struct rdata; - prs_struct rparam; - BOOL state_set = False; - uint16 setup[2]; /* only need 2 uint16 setup parameters */ - - if (pipe_name == NULL) return False; - prs_init(¶m , 2, 4, 0 , False); - prs_init(&rdata , 0, 4, SAFETY_MARGIN, True ); - prs_init(&rparam, 0, 4, SAFETY_MARGIN, True ); - - param.data->offset.start = 0; - param.data->offset.end = 2; - - DEBUG(5,("Set Handle state Pipe[%x]: %s - device state:%x\n", - fnum, pipe_name, device_state)); - - /* create data parameters: device state */ - SSVAL(param.data->data, 0, device_state); - - /* create setup parameters. */ - setup[0] = 0x0001; - setup[1] = fnum; /* pipe file handle. got this from an SMBcreateX. */ - - /* send the data on \PIPE\ */ - if (cli_api_pipe(cli, t_idx, "\\PIPE\\\0\0\0", 8, - - 2, 0, 2, - - 0, 1024, - - param.data->data, NULL, setup, - - rparam.data, rdata.data)) - { - DEBUG(5, ("Set Handle state: return OK\n")); - state_set = True; - } - - prs_mem_free(¶m ); - prs_mem_free(&rparam); - prs_mem_free(&rdata ); - - return state_set; +BOOL rpc_pipe_set_hnd_state(struct cli_state *cli, char *pipe_name, + uint16 fnum, uint16 device_state) +{ + prs_struct param; + prs_struct rdata; + prs_struct rparam; + BOOL state_set = False; + uint16 setup[2]; /* only need 2 uint16 setup parameters */ + + if (pipe_name == NULL) + return False; + + prs_init(¶m , 2, 4, 0 , False); + prs_init(&rdata , 0, 4, SAFETY_MARGIN, True ); + prs_init(&rparam, 0, 4, SAFETY_MARGIN, True ); + + param.data->offset.start = 0; + param.data->offset.end = 2; + + DEBUG(5,("Set Handle state Pipe[%x]: %s - device state:%x\n", + fnum, pipe_name, device_state)); + + /* create data parameters: device state */ + SSVAL(param.data->data, 0, device_state); + + /* create setup parameters. */ + setup[0] = 0x0001; + setup[1] = fnum; /* pipe file handle. got this from an SMBcreateX. */ + + /* send the data on \PIPE\ */ + if (cli_api_pipe(cli, "\\PIPE\\\0\0\0", 8, + 2, 0, 2, + 0, 1024, + param.data->data, NULL, setup, + rparam.data, rdata.data)) + { + DEBUG(5, ("Set Handle state: return OK\n")); + state_set = True; + } + + prs_mem_free(¶m ); + prs_mem_free(&rparam); + prs_mem_free(&rdata ); + + return state_set; } /**************************************************************************** check the rpc bind acknowledge response ****************************************************************************/ -static BOOL valid_pipe_name(char *pipe_name, - RPC_IFACE *abstract, RPC_IFACE *transfer) + +static BOOL valid_pipe_name(char *pipe_name, RPC_IFACE *abstract, RPC_IFACE *transfer) { - int pipe_idx = 0; - - while (pipe_names[pipe_idx].client_pipe != NULL) - { - if (strcmp(pipe_name, pipe_names[pipe_idx].client_pipe ) == 0) - { - DEBUG(5,("Bind Abstract Syntax: ")); - dump_data(5, (uchar*)&(pipe_names[pipe_idx].abstr_syntax), sizeof(pipe_names[pipe_idx].abstr_syntax)); - DEBUG(5,("Bind Transfer Syntax: ")); - dump_data(5, (uchar*)&(pipe_names[pipe_idx].trans_syntax), sizeof(pipe_names[pipe_idx].trans_syntax)); - - /* copy the required syntaxes out so we can do the right bind */ - memcpy(transfer, &(pipe_names[pipe_idx].trans_syntax), sizeof(pipe_names[pipe_idx].trans_syntax)); - memcpy(abstract, &(pipe_names[pipe_idx].abstr_syntax), sizeof(pipe_names[pipe_idx].abstr_syntax)); - - return True; - } - pipe_idx++; - }; - - DEBUG(5,("Bind RPC Pipe[%s] unsupported\n", pipe_name)); - return False; + int pipe_idx = 0; + + while (pipe_names[pipe_idx].client_pipe != NULL) + { + if (strequal(pipe_name, pipe_names[pipe_idx].client_pipe )) + { + DEBUG(5,("Bind Abstract Syntax: ")); + dump_data(5, (uchar*)&(pipe_names[pipe_idx].abstr_syntax), + sizeof(pipe_names[pipe_idx].abstr_syntax)); + DEBUG(5,("Bind Transfer Syntax: ")); + dump_data(5, (uchar*)&(pipe_names[pipe_idx].trans_syntax), + sizeof(pipe_names[pipe_idx].trans_syntax)); + + /* copy the required syntaxes out so we can do the right bind */ + memcpy(transfer, &(pipe_names[pipe_idx].trans_syntax), + sizeof(pipe_names[pipe_idx].trans_syntax)); + memcpy(abstract, &(pipe_names[pipe_idx].abstr_syntax), + sizeof(pipe_names[pipe_idx].abstr_syntax)); + + return True; + } + pipe_idx++; + }; + + DEBUG(5,("Bind RPC Pipe[%s] unsupported\n", pipe_name)); + return False; } /**************************************************************************** check the rpc bind acknowledge response ****************************************************************************/ + static BOOL check_bind_response(RPC_HDR_BA *hdr_ba, char *pipe_name, RPC_IFACE *transfer) { - int i = 0; - - while ((pipe_names[i].client_pipe != NULL)) - { - DEBUG(6,("bind_rpc_pipe: searching pipe name: client:%s server:%s\n", - pipe_names[i].client_pipe , pipe_names[i].server_pipe )); - - if ((strcmp(pipe_name, pipe_names[i].client_pipe ) == 0)) - { - if (strcmp(hdr_ba->addr.str, pipe_names[i].server_pipe ) == 0) - { - DEBUG(5,("bind_rpc_pipe: server pipe_name found: %s\n", - pipe_names[i].server_pipe )); - break; - } - else - { - DEBUG(2,("bind_rpc_pipe: pipe_name %s != expected pipe %s\n", - pipe_names[i].server_pipe , hdr_ba->addr.str)); - return False; - } - } - else - { - i++; - } - } - - if (pipe_names[i].server_pipe == NULL) - { - DEBUG(2,("bind_rpc_pipe: pipe name %s unsupported\n", hdr_ba->addr.str)); - return False; - } - - /* check the transfer syntax */ - if (!((hdr_ba->transfer.version == transfer->version) && - (memcmp(hdr_ba->transfer.data, transfer->data, - sizeof(transfer->version)) ==0))) - { - DEBUG(2,("bind_rpc_pipe: transfer syntax differs\n")); - return False; - } + int i = 0; + + while ((pipe_names[i].client_pipe != NULL)) + { + DEBUG(6,("bind_rpc_pipe: searching pipe name: client:%s server:%s\n", + pipe_names[i].client_pipe , pipe_names[i].server_pipe )); + + if ((strequal(pipe_name, pipe_names[i].client_pipe ))) + { + if (strequal(hdr_ba->addr.str, pipe_names[i].server_pipe )) + { + DEBUG(5,("bind_rpc_pipe: server pipe_name found: %s\n", + pipe_names[i].server_pipe )); + break; + } + else + { + DEBUG(2,("bind_rpc_pipe: pipe_name %s != expected pipe %s\n", + pipe_names[i].server_pipe , hdr_ba->addr.str)); + return False; + } + } + else + { + i++; + } + } + + if (pipe_names[i].server_pipe == NULL) + { + DEBUG(2,("bind_rpc_pipe: pipe name %s unsupported\n", hdr_ba->addr.str)); + return False; + } + + /* check the transfer syntax */ + if (!((hdr_ba->transfer.version == transfer->version) && + (memcmp(hdr_ba->transfer.data, transfer->data, + sizeof(transfer->version)) ==0))) + { + DEBUG(2,("bind_rpc_pipe: transfer syntax differs\n")); + return False; + } - /* lkclXXXX only accept one result: check the result(s) */ - if (hdr_ba->res.num_results != 0x1 || hdr_ba->res.result != 0) - { - DEBUG(2,("bind_rpc_pipe: bind denied results: %d reason: %x\n", - hdr_ba->res.num_results, - hdr_ba->res.reason)); - } - - DEBUG(5,("bind_rpc_pipe: accepted!\n")); - return True; + /* lkclXXXX only accept one result: check the result(s) */ + if (hdr_ba->res.num_results != 0x1 || hdr_ba->res.result != 0) + { + DEBUG(2,("bind_rpc_pipe: bind denied results: %d reason: %x\n", + hdr_ba->res.num_results, hdr_ba->res.reason)); + } + + DEBUG(5,("bind_rpc_pipe: accepted!\n")); + return True; } /**************************************************************************** do an rpc bind ****************************************************************************/ -BOOL rpc_pipe_bind(struct cli_state *cli, int t_idx, char *pipe_name, uint16 fnum, - RPC_IFACE *abstract, RPC_IFACE *transfer, BOOL ntlmssp_auth, - char *my_name, char *domain) + +BOOL rpc_pipe_bind(struct cli_state *cli, char *pipe_name, uint16 fnum, + RPC_IFACE *abstract, RPC_IFACE *transfer, BOOL ntlmssp_auth, + char *my_name, char *domain) { - prs_struct hdr; - prs_struct hdr_rb; - prs_struct auth_req; - prs_struct data; - prs_struct rdata; - prs_struct rparam; + prs_struct hdr; + prs_struct hdr_rb; + prs_struct auth_req; + prs_struct data; + prs_struct rdata; + prs_struct rparam; - BOOL valid_ack = False; + BOOL valid_ack = False; - if (pipe_name == NULL || abstract == NULL || transfer == NULL) return False; + if (pipe_name == NULL || abstract == NULL || transfer == NULL) + return False; - DEBUG(5,("Bind RPC Pipe[%x]: %s\n", fnum, pipe_name)); + DEBUG(5,("Bind RPC Pipe[%x]: %s\n", fnum, pipe_name)); - if (!valid_pipe_name(pipe_name, abstract, transfer)) return False; + if (!valid_pipe_name(pipe_name, abstract, transfer)) + return False; - prs_init(&hdr , 0x10 , 4, 0x0 , False); - prs_init(&hdr_rb , 1024 , 4, SAFETY_MARGIN, False); - prs_init(&auth_req, ntlmssp_auth ? 1024 : 0, 4, SAFETY_MARGIN, False); + prs_init(&hdr , 0x10 , 4, 0x0 , False); + prs_init(&hdr_rb , 1024 , 4, SAFETY_MARGIN, False); + prs_init(&auth_req, ntlmssp_auth ? 1024 : 0, 4, SAFETY_MARGIN, False); - prs_init(&rdata , 0 , 4, SAFETY_MARGIN, True ); - prs_init(&rparam, 0 , 4, SAFETY_MARGIN, True ); + prs_init(&rdata , 0 , 4, SAFETY_MARGIN, True ); + prs_init(&rparam, 0 , 4, SAFETY_MARGIN, True ); - create_rpc_bind_req(&hdr, &hdr_rb, ntlmssp_auth ? &auth_req : NULL, - abstract, transfer, - my_name, domain); + create_rpc_bind_req(&hdr, &hdr_rb, ntlmssp_auth ? &auth_req : NULL, + abstract, transfer, my_name, domain); - /* this is a hack due to limitations in rpc_api_pipe */ - prs_init(&data, mem_buf_len(hdr.data), 4, 0x0, False); - mem_buf_copy(data.data->data, hdr.data, 0, mem_buf_len(hdr.data)); + /* this is a hack due to limitations in rpc_api_pipe */ + prs_init(&data, mem_buf_len(hdr.data), 4, 0x0, False); + mem_buf_copy(data.data->data, hdr.data, 0, mem_buf_len(hdr.data)); - /* send data on \PIPE\. receive a response */ - if (rpc_api_pipe(cli, t_idx, 0x0026, fnum, NULL, &data, &rparam, &rdata)) - { - RPC_HDR_BA hdr_ba; + /* send data on \PIPE\. receive a response */ + if (rpc_api_pipe(cli, 0x0026, fnum, NULL, &data, &rparam, &rdata)) + { + RPC_HDR_BA hdr_ba; - DEBUG(5, ("rpc_api_pipe: return OK\n")); + DEBUG(5, ("rpc_api_pipe: return OK\n")); - smb_io_rpc_hdr_ba("", &hdr_ba, &rdata, 0); + smb_io_rpc_hdr_ba("", &hdr_ba, &rdata, 0); - if (rdata.offset != 0) valid_ack = check_bind_response(&hdr_ba, pipe_name, transfer); - } + if (rdata.offset != 0) + valid_ack = check_bind_response(&hdr_ba, pipe_name, transfer); + } - prs_mem_free(&data ); - prs_mem_free(&hdr ); - prs_mem_free(&hdr_rb ); - prs_mem_free(&auth_req); - prs_mem_free(&rdata ); - prs_mem_free(&rparam ); + prs_mem_free(&data ); + prs_mem_free(&hdr ); + prs_mem_free(&hdr_rb ); + prs_mem_free(&auth_req); + prs_mem_free(&rdata ); + prs_mem_free(&rparam ); - return valid_ack; + return valid_ack; } /**************************************************************************** open a session ****************************************************************************/ -BOOL do_session_open(struct cli_state *cli, int t_idx, - char *pipe_name, uint16 *fnum) + +BOOL do_session_open(struct cli_state *cli, char *pipe_name, uint16 *fnum) { - RPC_IFACE abstract; - RPC_IFACE transfer; - - - /******************* open the pipe *****************/ - if (((*fnum) = cli_open(cli, t_idx, pipe_name, O_CREAT|O_WRONLY, DENY_NONE, - NULL, NULL, NULL)) == 0xffff) - { - DEBUG(1,("do_session_open: cli_open failed\n")); - return False; - } - - /**************** Set Named Pipe State ***************/ - if (!rpc_pipe_set_hnd_state(cli, t_idx, pipe_name, (*fnum), 0x4300)) - { - DEBUG(1,("do_session_open: pipe hnd state failed\n")); - return False; - } - - /******************* bind request on pipe *****************/ - if (!rpc_pipe_bind(cli, t_idx, pipe_name, (*fnum), - &abstract, &transfer, - False, NULL, NULL)) - { - DEBUG(1,("do_session_open: rpc bind failed\n")); - return False; - } - - return True; + RPC_IFACE abstract; + RPC_IFACE transfer; + + /******************* open the pipe *****************/ + if (((*fnum) = cli_open(cli, pipe_name, O_CREAT|O_WRONLY, DENY_NONE)) == 0xffff) + { + DEBUG(1,("do_session_open: cli_open failed\n")); + return False; + } + + /**************** Set Named Pipe State ***************/ + if (!rpc_pipe_set_hnd_state(cli, pipe_name, (*fnum), 0x4300)) + { + DEBUG(1,("do_session_open: pipe hnd state failed\n")); + return False; + } + + /******************* bind request on pipe *****************/ + if (!rpc_pipe_bind(cli, pipe_name, (*fnum), &abstract, &transfer, + False, NULL, NULL)) + { + DEBUG(1,("do_session_open: rpc bind failed\n")); + return False; + } + + return True; } - /**************************************************************************** open an encrypted session ****************************************************************************/ -BOOL do_ntlm_session_open(struct cli_state *cli, int t_idx, - char *pipe_name, uint16 *fnum, - char *my_name, char *domain) + +BOOL do_ntlm_session_open(struct cli_state *cli, char *pipe_name, uint16 *fnum, + char *my_name, char *domain) { - RPC_IFACE abstract; - RPC_IFACE transfer; - - /******************* open the pipe *****************/ - if (((*fnum) = cli_open(cli, t_idx, pipe_name, O_CREAT|O_WRONLY, DENY_NONE, - NULL, NULL, NULL)) == 0xffff) - { - DEBUG(1,("do_ntlm_session_open: cli_open failed\n")); - return False; - } - - /**************** Set Named Pipe State ***************/ - if (!rpc_pipe_set_hnd_state(cli, t_idx, pipe_name, (*fnum), 0x4300)) - { - DEBUG(1,("do_ntlm_session_open: pipe hnd state failed\n")); - return False; - } - - /******************* bind request on pipe *****************/ - if (!rpc_pipe_bind(cli, t_idx, pipe_name, (*fnum), - &abstract, &transfer, - True, my_name, domain)) - { - DEBUG(1,("do_ntlm_session_open: rpc bind failed\n")); - return False; - } - - return True; + RPC_IFACE abstract; + RPC_IFACE transfer; + + /******************* open the pipe *****************/ + if (((*fnum) = cli_open(cli, pipe_name, O_CREAT|O_WRONLY, DENY_NONE)) == 0xffff) + { + DEBUG(1,("do_ntlm_session_open: cli_open failed\n")); + return False; + } + + /**************** Set Named Pipe State ***************/ + if (!rpc_pipe_set_hnd_state(cli, pipe_name, (*fnum), 0x4300)) + { + DEBUG(1,("do_ntlm_session_open: pipe hnd state failed\n")); + return False; + } + + /******************* bind request on pipe *****************/ + if (!rpc_pipe_bind(cli, pipe_name, (*fnum), &abstract, &transfer, + True, my_name, domain)) + { + DEBUG(1,("do_ntlm_session_open: rpc bind failed\n")); + return False; + } + + return True; } - /**************************************************************************** close the session ****************************************************************************/ -void do_session_close(struct cli_state *cli, int t_idx, uint16 fnum) + +void do_session_close(struct cli_state *cli, uint16 fnum) { - if (fnum != 0xffff) - { - cli_close(cli, t_idx, fnum, 0); - } + if (fnum != 0xffff) + { + cli_close(cli, fnum); + } } - |