summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuke Leighton <lkcl@samba.org>1997-10-22 17:51:02 +0000
committerLuke Leighton <lkcl@samba.org>1997-10-22 17:51:02 +0000
commita947dff4c001023d0f7c2f6f13c3a4b594c88139 (patch)
tree8ca4b41e80837d163b0507ac8066c4a96ed654f3
parent5897f0493d0665ae53ea181e122c467faa0c7642 (diff)
downloadsamba-a947dff4c001023d0f7c2f6f13c3a4b594c88139.tar.gz
samba-a947dff4c001023d0f7c2f6f13c3a4b594c88139.tar.bz2
samba-a947dff4c001023d0f7c2f6f13c3a4b594c88139.zip
Makefile client.c :
adding start of undocumented options to do NT domain logons, client-side. starting with LSA_REQCHAL. the code here happily crashes smbd: i'll investigate this further... :-) smbparse.c pipeutil.c lsaparse.c : moved some of the common make_xxxx() functions out of pipeutil.c so that the make_xxxx and (smb/lsa)_io_xxxx functions now sit together. makes sense, really... added a make_q_req_chal() function. restructured make_rpc_reply() and called it make_rpc_hdr(). created functions create_rpc_reply() and create_rpc_response(). pipenetlog.c pipentlsa.c pipesrvsvc.c calling new create_rpc_reply() function instead of old make_rpc_reply(). proto.h : usual. smb.h: added enum for RPC_PACKET_TYPE (This used to be commit b88ee3e16c6b671069f53ca2e9c5694ec8b1c030)
-rw-r--r--source3/client/client.c100
-rw-r--r--source3/include/proto.h23
-rw-r--r--source3/include/smb.h8
-rw-r--r--source3/lsaparse.c23
-rw-r--r--source3/pipenetlog.c17
-rw-r--r--source3/pipentlsa.c16
-rw-r--r--source3/pipesrvsvc.c15
-rw-r--r--source3/pipeutil.c117
-rw-r--r--source3/smbparse.c140
9 files changed, 315 insertions, 144 deletions
diff --git a/source3/client/client.c b/source3/client/client.c
index aaa0186a78..6d488bd2f5 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -3515,6 +3515,67 @@ static BOOL process(char *base_directory)
return(True);
}
+/****************************************************************************
+LSA Request Challenge on the NETLOGON pipe.
+****************************************************************************/
+static BOOL cli_lsa_req_chal(void)
+{
+ char *rparam = NULL;
+ char *rdata = NULL;
+ char *p;
+ int rdrcnt,rprcnt;
+ int count = 0;
+ pstring param; /* only 1024 bytes */
+ LSA_Q_REQ_CHAL q_c;
+ DOM_CHAL clnt_chal;
+ int call_id = 0x1;
+
+ /* create and send a MSRPC command with api LSA_REQCHAL */
+
+ clnt_chal.data[0] = 0x11111111;
+ clnt_chal.data[1] = 0x22222222;
+
+ DEBUG(4,("LSA Request Challenge from %s to %s: %lx %lx\n",
+ desthost, myhostname, clnt_chal.data[0], clnt_chal.data[1]));
+
+ /* store the parameters */
+ make_q_req_chal(&q_c, desthost, myhostname, &clnt_chal);
+
+ /* turn parameters into data stream */
+ p = lsa_io_q_req_chal(False, &q_c, param + 0x18, param, 4, 5);
+
+ /* create the request RPC_HDR _after_ the main data: length is now known */
+ create_rpc_request(call_id, LSA_REQCHAL, param, PTR_DIFF(p, param));
+
+ /* send the data on \PIPE\NETLOGON */
+ if (cli_call_api(PIPE_NETLOGON, PTR_DIFF(p, param),0,
+ 1024,BUFFER_SIZE,
+ &rprcnt,&rdrcnt,
+ param,NULL,
+ &rparam,&rdata))
+ {
+#if 0
+ /* oh, now what??? */
+
+ int res = SVAL(rparam,0);
+ int converter=SVAL(rparam,2);
+ int i;
+ BOOL long_share_name=False;
+
+ if (res == 0)
+ {
+ count=SVAL(rparam,4);
+ p = rdata;
+
+ }
+#endif
+ }
+
+ if (rparam) free(rparam);
+ if (rdata) free(rdata);
+
+ return(count>0);
+}
/****************************************************************************
usage on the program
@@ -3559,6 +3620,7 @@ static void usage(char *pname)
extern int optind;
pstring query_host;
BOOL message = False;
+ BOOL nt_domain_logon = False;
extern char tar_type;
static pstring servicesf = CONFIGFILE;
pstring term_code;
@@ -3658,7 +3720,7 @@ static void usage(char *pname)
}
while ((opt =
- getopt(argc, argv,"s:B:O:M:i:Nn:d:Pp:l:hI:EB:U:L:t:m:W:T:D:c:")) != EOF)
+ getopt(argc, argv,"s:B:O:M:S:i:Nn:d:Pp:l:hI:EB:U:L:t:m:W:T:D:c:")) != EOF)
switch (opt)
{
case 'm':
@@ -3667,6 +3729,11 @@ static void usage(char *pname)
case 'O':
strcpy(user_socket_options,optarg);
break;
+ case 'S':
+ strcpy(desthost,optarg);
+ strupper(desthost);
+ nt_domain_logon = True;
+ break;
case 'M':
name_type = 0x03; /* messages are sent to NetBIOS name type 0x3 */
strcpy(desthost,optarg);
@@ -3822,7 +3889,7 @@ static void usage(char *pname)
return(1);
}
- if (*query_host)
+ if (*query_host && !nt_domain_logon)
{
int ret = 0;
sprintf(service,"\\\\%s\\IPC$",query_host);
@@ -3871,6 +3938,35 @@ static void usage(char *pname)
return(ret);
}
+ if (nt_domain_logon)
+ {
+ int ret = 0;
+ sprintf(service,"\\\\%s\\IPC$",query_host);
+ strupper(service);
+ connect_as_ipc = True;
+
+ DEBUG(5,("NT Domain Logon. Service: %s\n", service));
+
+ if (cli_open_sockets(port))
+ {
+ if (!cli_send_login(NULL,NULL,True,True))
+ {
+ return(1);
+ }
+
+ cli_lsa_req_chal();
+#if 0
+ cli_lsa_auth2();
+ cli_lsa_sam_logon();
+ cli_lsa_sam_logoff();
+#endif
+ cli_send_logout();
+ close_sockets();
+ }
+
+ return(ret);
+ }
+
if (cli_open_sockets(port))
{
if (!process(base_directory))
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 636b99e646..d62adb9f84 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -372,6 +372,9 @@ char* lsa_io_q_lookup_sids(BOOL io, LSA_Q_LOOKUP_SIDS *q_s, char *q, char *base,
char* lsa_io_r_lookup_sids(BOOL io, LSA_R_LOOKUP_SIDS *r_s, char *q, char *base, int align, int depth);
char* lsa_io_q_lookup_rids(BOOL io, LSA_Q_LOOKUP_RIDS *q_r, char *q, char *base, int align, int depth);
char* lsa_io_r_lookup_rids(BOOL io, LSA_R_LOOKUP_RIDS *r_r, char *q, char *base, int align, int depth);
+void make_q_req_chal(LSA_Q_REQ_CHAL *q_c,
+ char *logon_srv, char *logon_clnt,
+ DOM_CHAL *clnt_chal);
char* lsa_io_q_req_chal(BOOL io, LSA_Q_REQ_CHAL *q_c, char *q, char *base, int align, int depth);
char* lsa_io_r_req_chal(BOOL io, LSA_R_REQ_CHAL *r_c, char *q, char *base, int align, int depth);
char* lsa_io_q_auth_2(BOOL io, LSA_Q_AUTH_2 *q_a, char *q, char *base, int align, int depth);
@@ -708,17 +711,10 @@ void initrpcreply(char *inbuf, char *q);
void endrpcreply(char *inbuf, char *q, int datalen, int rtnval, int *rlen);
BOOL name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid);
char *dom_sid_to_string(DOM_SID *sid);
-void make_dom_sid(DOM_SID *sid, char *domsid);
int make_dom_sids(char *sids_str, DOM_SID *sids, int max_sids);
int make_dom_gids(char *gids_str, DOM_GID *gids);
-void create_rpc_reply(RPC_HDR *hdr, uint32 call_id, int data_len);
-int make_rpc_reply(char *inbuf, char *q, int data_len);
-void make_uni_hdr(UNIHDR *hdr, int max_len, int len, uint16 terminate);
-void make_uni_hdr2(UNIHDR2 *hdr, int max_len, int len, uint16 terminate);
-void make_unistr(UNISTR *str, char *buf);
-void make_unistr2(UNISTR2 *str, char *buf, int len);
-void make_dom_rid2(DOM_RID2 *rid2, uint32 rid);
-void make_dom_sid2(DOM_SID2 *sid2, char *sid_str);
+int create_rpc_request(uint32 call_id, uint16 op_num, char *q, int data_len);
+int create_rpc_reply(uint32 call_id, char *q, int data_len);
/*The following definitions come from predict.c */
@@ -893,12 +889,19 @@ void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24);
char* smb_io_utime(BOOL io, UTIME *t, char *q, char *base, int align, int depth);
char* smb_io_time(BOOL io, NTTIME *nttime, char *q, char *base, int align, int depth);
+void make_dom_sid(DOM_SID *sid, char *domsid);
char* smb_io_dom_sid(BOOL io, DOM_SID *sid, char *q, char *base, int align, int depth);
+void make_uni_hdr(UNIHDR *hdr, int max_len, int len, uint16 terminate);
char* smb_io_unihdr(BOOL io, UNIHDR *hdr, char *q, char *base, int align, int depth);
+void make_uni_hdr2(UNIHDR2 *hdr, int max_len, int len, uint16 terminate);
char* smb_io_unihdr2(BOOL io, UNIHDR2 *hdr2, char *q, char *base, int align, int depth);
+void make_unistr(UNISTR *str, char *buf);
char* smb_io_unistr(BOOL io, UNISTR *uni, char *q, char *base, int align, int depth);
+void make_unistr2(UNISTR2 *str, char *buf, int len);
char* smb_io_unistr2(BOOL io, UNISTR2 *uni2, char *q, char *base, int align, int depth);
+void make_dom_sid2(DOM_SID2 *sid2, char *sid_str);
char* smb_io_dom_sid2(BOOL io, DOM_SID2 *sid2, char *q, char *base, int align, int depth);
+void make_dom_rid2(DOM_RID2 *rid2, uint32 rid);
char* smb_io_dom_rid2(BOOL io, DOM_RID2 *rid2, char *q, char *base, int align, int depth);
char* smb_io_clnt_srv(BOOL io, DOM_CLNT_SRV *log, char *q, char *base, int align, int depth);
char* smb_io_log_info(BOOL io, DOM_LOG_INFO *log, char *q, char *base, int align, int depth);
@@ -911,6 +914,8 @@ char* smb_io_arc4_owf(BOOL io, ARC4_OWF *hash, char *q, char *base, int align, i
char* smb_io_id_info1(BOOL io, DOM_ID_INFO_1 *id, char *q, char *base, int align, int depth);
char* smb_io_sam_info(BOOL io, DOM_SAM_INFO *sam, char *q, char *base, int align, int depth);
char* smb_io_gid(BOOL io, DOM_GID *gid, char *q, char *base, int align, int depth);
+void make_rpc_header(RPC_HDR *hdr, enum RPC_PKT_TYPE pkt_type,
+ uint32 call_id, int data_len, int opnum);
char* smb_io_rpc_hdr(BOOL io, RPC_HDR *rpc, char *q, char *base, int align, int depth);
char* smb_io_pol_hnd(BOOL io, LSA_POL_HND *pol, char *q, char *base, int align, int depth);
char* smb_io_dom_query_3(BOOL io, DOM_QUERY_3 *d_q, char *q, char *base, int align, int depth);
diff --git a/source3/include/smb.h b/source3/include/smb.h
index d10b449e6f..83ed54c998 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -268,6 +268,14 @@ typedef fstring string;
/* NETLOGON opcodes and data structures */
+enum RPC_PKT_TYPE
+{
+ RPC_REQUEST = 0x00,
+ RPC_RESPONSE = 0x02,
+ RPC_BIND = 0x0B,
+ RPC_BINDACK = 0x0C
+};
+
#define NET_QUERYFORPDC 7 /* Query for PDC */
#define NET_QUERYFORPDC_R 12 /* Response to Query for PDC */
#define NET_SAMLOGON 18
diff --git a/source3/lsaparse.c b/source3/lsaparse.c
index ae3d06faac..7b23f057f1 100644
--- a/source3/lsaparse.c
+++ b/source3/lsaparse.c
@@ -232,7 +232,28 @@ char* lsa_io_r_lookup_rids(BOOL io, LSA_R_LOOKUP_RIDS *r_r, char *q, char *base,
}
/*******************************************************************
-reads or writes a structure.
+makes an LSA_Q_REQ_CHAL structure.
+********************************************************************/
+void make_q_req_chal(LSA_Q_REQ_CHAL *q_c,
+ char *logon_srv, char *logon_clnt,
+ DOM_CHAL *clnt_chal)
+{
+ if (q_c == NULL) return;
+
+ DEBUG(5,("make_q_req_chal: %d\n", __LINE__));
+
+ q_c->undoc_buffer = 1; /* don't know what this buffer is */
+
+ make_unistr2(&(q_c->uni_logon_srv ), logon_srv , strlen(logon_srv ));
+ make_unistr2(&(q_c->uni_logon_clnt), logon_clnt, strlen(logon_clnt));
+
+ memcpy(q_c->clnt_chal.data, clnt_chal->data, sizeof(clnt_chal->data));
+
+ DEBUG(5,("make_q_req_chal: %d\n", __LINE__));
+}
+
+/*******************************************************************
+reads or writes an LSA_Q_REQ_CHAL structure.
********************************************************************/
char* lsa_io_q_req_chal(BOOL io, LSA_Q_REQ_CHAL *q_c, char *q, char *base, int align, int depth)
{
diff --git a/source3/pipenetlog.c b/source3/pipenetlog.c
index 7e69ac3880..fcd44b9701 100644
--- a/source3/pipenetlog.c
+++ b/source3/pipenetlog.c
@@ -624,12 +624,14 @@ BOOL api_netlogrpcTNP(int cnum,int uid, char *param,char *data,
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- uint16 opnum = SVAL(data,22);
- int pkttype = CVAL(data, 2);
+ /* really should decode these using an RPC_HDR structure */
+ int pkttype = CVAL(data, 2);
+ uint32 call_id = SVAL(data,12);
+ uint16 opnum = SVAL(data,22);
user_struct *vuser;
- if (pkttype == 0x0b) /* RPC BIND */
+ if (pkttype == RPC_BIND) /* RPC BIND */
{
DEBUG(4,("netlogon rpc bind %x\n",pkttype));
LsarpcTNP1(data,rdata,rdata_len);
@@ -648,7 +650,7 @@ BOOL api_netlogrpcTNP(int cnum,int uid, char *param,char *data,
{
DEBUG(3,("LSA_REQCHAL\n"));
api_lsa_req_chal(cnum, uid, vuser, param, data, rdata, rdata_len);
- make_rpc_reply(data, *rdata, *rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
@@ -656,7 +658,7 @@ BOOL api_netlogrpcTNP(int cnum,int uid, char *param,char *data,
{
DEBUG(3,("LSA_AUTH2\n"));
api_lsa_auth_2(vuser, param, data, rdata, rdata_len);
- make_rpc_reply(data, *rdata, *rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
@@ -664,7 +666,7 @@ BOOL api_netlogrpcTNP(int cnum,int uid, char *param,char *data,
{
DEBUG(3,("LSA_SRVPWSET\n"));
api_lsa_srv_pwset(vuser, param, data, rdata, rdata_len);
- make_rpc_reply(data, *rdata, *rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
@@ -672,7 +674,7 @@ BOOL api_netlogrpcTNP(int cnum,int uid, char *param,char *data,
{
DEBUG(3,("LSA_SAMLOGON\n"));
api_lsa_sam_logon(vuser, param, data, rdata, rdata_len);
- make_rpc_reply(data, *rdata, *rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
@@ -680,6 +682,7 @@ BOOL api_netlogrpcTNP(int cnum,int uid, char *param,char *data,
{
DEBUG(3,("LSA_SAMLOGOFF\n"));
api_lsa_sam_logoff(vuser, param, data, rdata, rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
diff --git a/source3/pipentlsa.c b/source3/pipentlsa.c
index 592cf8901e..cabde4f8cd 100644
--- a/source3/pipentlsa.c
+++ b/source3/pipentlsa.c
@@ -300,10 +300,12 @@ BOOL api_ntLsarpcTNP(int cnum,int uid, char *param,char *data,
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- uint16 opnum = SVAL(data,22);
+ /* really should decode these using an RPC_HDR structure */
+ int pkttype = CVAL(data, 2);
+ uint32 call_id = CVAL(data, 12);
+ uint16 opnum = SVAL(data, 22);
- int pkttype = CVAL(data, 2);
- if (pkttype == 0x0b) /* RPC BIND */
+ if (pkttype == RPC_BIND) /* RPC BIND */
{
DEBUG(4,("netlogon rpc bind %x\n",pkttype));
LsarpcTNP1(data,rdata,rdata_len);
@@ -317,7 +319,7 @@ BOOL api_ntLsarpcTNP(int cnum,int uid, char *param,char *data,
{
DEBUG(3,("LSA_OPENPOLICY\n"));
api_lsa_open_policy(param, data, rdata, rdata_len);
- make_rpc_reply(data, *rdata, *rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
@@ -326,7 +328,7 @@ BOOL api_ntLsarpcTNP(int cnum,int uid, char *param,char *data,
DEBUG(3,("LSA_QUERYINFOPOLICY\n"));
api_lsa_query_info(param, data, rdata, rdata_len);
- make_rpc_reply(data, *rdata, *rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
@@ -394,7 +396,7 @@ BOOL api_ntLsarpcTNP(int cnum,int uid, char *param,char *data,
{
DEBUG(3,("LSA_OPENSECRET\n"));
api_lsa_lookup_sids(param, data, rdata, rdata_len);
- make_rpc_reply(data, *rdata, *rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
@@ -402,7 +404,7 @@ BOOL api_ntLsarpcTNP(int cnum,int uid, char *param,char *data,
{
DEBUG(3,("LSA_LOOKUPNAMES\n"));
api_lsa_lookup_names(param, data, rdata, rdata_len);
- make_rpc_reply(data, *rdata, *rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
diff --git a/source3/pipesrvsvc.c b/source3/pipesrvsvc.c
index 845590d98c..2c94bb2ebf 100644
--- a/source3/pipesrvsvc.c
+++ b/source3/pipesrvsvc.c
@@ -188,15 +188,14 @@ BOOL api_srvsvcTNP(int cnum,int uid, char *param,char *data,
char **rdata,char **rparam,
int *rdata_len,int *rparam_len)
{
- uint16 opnum;
- char *q;
- int pkttype;
- extern pstring myname;
+ int pkttype = CVAL(data, 2);
+ uint32 call_id = SVAL(data,12);
+ uint16 opnum = SVAL(data,22);
- opnum = SVAL(data,22);
+ extern pstring myname;
+ char *q;
- pkttype = CVAL(data, 2);
- if (pkttype == 0x0b) /* RPC BIND */
+ if (pkttype == RPC_BIND) /* RPC BIND */
{
DEBUG(4,("srvsvc rpc bind %x\n",pkttype));
LsarpcTNP1(data,rdata,rdata_len);
@@ -214,7 +213,7 @@ BOOL api_srvsvcTNP(int cnum,int uid, char *param,char *data,
{
api_srv_net_share_info( param, data, rdata, rdata_len);
- make_rpc_reply(data, *rdata, *rdata_len);
+ create_rpc_reply(call_id, *rdata, *rdata_len);
break;
}
diff --git a/source3/pipeutil.c b/source3/pipeutil.c
index a939e12766..135eb19190 100644
--- a/source3/pipeutil.c
+++ b/source3/pipeutil.c
@@ -123,51 +123,6 @@ char *dom_sid_to_string(DOM_SID *sid)
return sidstr;
}
-/* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
-/* identauth >= 2^32 can be detected because it will be specified in hex */
-void make_dom_sid(DOM_SID *sid, char *domsid)
-{
- int identauth;
- char *p;
-
- if (sid == NULL) return;
-
- if (domsid == NULL)
- {
- DEBUG(4,("netlogon domain SID: none\n"));
- sid->sid_rev_num = 0;
- sid->num_auths = 0;
- return;
- }
-
- DEBUG(4,("netlogon domain SID: %s\n", domsid));
-
- /* assume, but should check, that domsid starts "S-" */
- p = strtok(domsid+2,"-");
- sid->sid_rev_num = atoi(p);
-
- /* identauth in decimal should be < 2^32 */
- /* identauth in hex should be >= 2^32 */
- identauth = atoi(strtok(0,"-"));
-
- DEBUG(4,("netlogon rev %d\n", sid->sid_rev_num));
- DEBUG(4,("netlogon %s ia %d\n", p, identauth));
-
- sid->id_auth[0] = 0;
- sid->id_auth[1] = 0;
- sid->id_auth[2] = (identauth & 0xff000000) >> 24;
- sid->id_auth[3] = (identauth & 0x00ff0000) >> 16;
- sid->id_auth[4] = (identauth & 0x0000ff00) >> 8;
- sid->id_auth[5] = (identauth & 0x000000ff);
-
- sid->num_auths = 0;
-
- while ((p = strtok(0, "-")) != NULL)
- {
- sid->sub_auths[sid->num_auths++] = atoi(p);
- }
-}
-
int make_dom_sids(char *sids_str, DOM_SID *sids, int max_sids)
{
char *ptr;
@@ -262,77 +217,21 @@ int make_dom_gids(char *gids_str, DOM_GID *gids)
return count;
}
-void create_rpc_reply(RPC_HDR *hdr, uint32 call_id, int data_len)
-{
- if (hdr == NULL) return;
-
- hdr->major = 5; /* RPC version 5 */
- hdr->minor = 0; /* minor version 0 */
- hdr->pkt_type = 2; /* RPC response packet */
- hdr->frag = 3; /* first frag + last frag */
- hdr->pack_type = 0x10; /* packed data representation */
- hdr->frag_len = data_len; /* fragment length, fill in later */
- hdr->auth_len = 0; /* authentication length */
- hdr->call_id = call_id; /* call identifier - match incoming RPC */
- hdr->alloc_hint = data_len - 0x18; /* allocation hint (no idea) */
- hdr->context_id = 0; /* presentation context identifier */
- hdr->cancel_count = 0; /* cancel count */
- hdr->reserved = 0; /* reserved */
-}
-
-int make_rpc_reply(char *inbuf, char *q, int data_len)
+int create_rpc_request(uint32 call_id, uint16 op_num, char *q, int data_len)
{
- uint32 callid = IVAL(inbuf, 12);
RPC_HDR hdr;
- create_rpc_reply(&hdr, callid, data_len);
+ /* XXXX cheat - use cancel count to store opnum */
+ make_rpc_header(&hdr, RPC_RESPONSE, call_id, data_len, op_num);
return smb_io_rpc_hdr(False, &hdr, q, q, 4, 0) - q;
}
-void make_uni_hdr(UNIHDR *hdr, int max_len, int len, uint16 terminate)
-{
- hdr->uni_max_len = 2 * max_len;
- hdr->uni_str_len = 2 * len;
- hdr->undoc = terminate;
-}
-
-void make_uni_hdr2(UNIHDR2 *hdr, int max_len, int len, uint16 terminate)
-{
- make_uni_hdr(&(hdr->unihdr), max_len, len, terminate);
- hdr->undoc_buffer = len > 0 ? 1 : 0;
-}
-
-void make_unistr(UNISTR *str, char *buf)
-{
- /* store the string (null-terminated copy) */
- PutUniCode((char *)(str->buffer), buf);
-}
-
-void make_unistr2(UNISTR2 *str, char *buf, int len)
+int create_rpc_reply(uint32 call_id, char *q, int data_len)
{
- /* set up string lengths. add one if string is not null-terminated */
- str->uni_max_len = len;
- str->undoc = 0;
- str->uni_str_len = len;
-
- /* store the string (null-terminated copy) */
- PutUniCode((char *)str->buffer, buf);
-}
+ RPC_HDR hdr;
-void make_dom_rid2(DOM_RID2 *rid2, uint32 rid)
-{
- rid2->type = 0x5;
- rid2->undoc = 0x5;
- rid2->rid = rid;
- rid2->rid_idx = 0;
+ /* XXXX cheat - use cancel count to store opnum */
+ make_rpc_header(&hdr, RPC_RESPONSE, call_id, data_len, 0);
+ return smb_io_rpc_hdr(False, &hdr, q, q, 4, 0) - q;
}
-void make_dom_sid2(DOM_SID2 *sid2, char *sid_str)
-{
- int len_sid_str = strlen(sid_str);
-
- sid2->type = 0x5;
- sid2->undoc = 0;
- make_uni_hdr2(&(sid2->hdr), len_sid_str, len_sid_str, 0);
- make_unistr (&(sid2->str), sid_str);
-}
diff --git a/source3/smbparse.c b/source3/smbparse.c
index c9a3337c22..ec0e877778 100644
--- a/source3/smbparse.c
+++ b/source3/smbparse.c
@@ -23,7 +23,6 @@
extern int DEBUGLEVEL;
-
/*******************************************************************
reads or writes a UTIME type.
********************************************************************/
@@ -60,6 +59,56 @@ char* smb_io_time(BOOL io, NTTIME *nttime, char *q, char *base, int align, int d
}
/*******************************************************************
+creates a DOM_SID structure.
+
+BIG NOTE: this function only does SIDS where the identauth is not >= 2^32
+identauth >= 2^32 can be detected because it will be specified in hex
+
+********************************************************************/
+void make_dom_sid(DOM_SID *sid, char *domsid)
+{
+ int identauth;
+ char *p;
+
+ if (sid == NULL) return;
+
+ if (domsid == NULL)
+ {
+ DEBUG(4,("netlogon domain SID: none\n"));
+ sid->sid_rev_num = 0;
+ sid->num_auths = 0;
+ return;
+ }
+
+ DEBUG(4,("netlogon domain SID: %s\n", domsid));
+
+ /* assume, but should check, that domsid starts "S-" */
+ p = strtok(domsid+2,"-");
+ sid->sid_rev_num = atoi(p);
+
+ /* identauth in decimal should be < 2^32 */
+ /* identauth in hex should be >= 2^32 */
+ identauth = atoi(strtok(0,"-"));
+
+ DEBUG(4,("netlogon rev %d\n", sid->sid_rev_num));
+ DEBUG(4,("netlogon %s ia %d\n", p, identauth));
+
+ sid->id_auth[0] = 0;
+ sid->id_auth[1] = 0;
+ sid->id_auth[2] = (identauth & 0xff000000) >> 24;
+ sid->id_auth[3] = (identauth & 0x00ff0000) >> 16;
+ sid->id_auth[4] = (identauth & 0x0000ff00) >> 8;
+ sid->id_auth[5] = (identauth & 0x000000ff);
+
+ sid->num_auths = 0;
+
+ while ((p = strtok(0, "-")) != NULL)
+ {
+ sid->sub_auths[sid->num_auths++] = atoi(p);
+ }
+}
+
+/*******************************************************************
reads or writes a DOM_SID structure.
********************************************************************/
char* smb_io_dom_sid(BOOL io, DOM_SID *sid, char *q, char *base, int align, int depth)
@@ -93,6 +142,16 @@ char* smb_io_dom_sid(BOOL io, DOM_SID *sid, char *q, char *base, int align, int
}
/*******************************************************************
+creates a UNIHDR structure.
+********************************************************************/
+void make_uni_hdr(UNIHDR *hdr, int max_len, int len, uint16 terminate)
+{
+ hdr->uni_max_len = 2 * max_len;
+ hdr->uni_str_len = 2 * len;
+ hdr->undoc = terminate;
+}
+
+/*******************************************************************
reads or writes a UNIHDR structure.
********************************************************************/
char* smb_io_unihdr(BOOL io, UNIHDR *hdr, char *q, char *base, int align, int depth)
@@ -116,6 +175,15 @@ char* smb_io_unihdr(BOOL io, UNIHDR *hdr, char *q, char *base, int align, int de
}
/*******************************************************************
+creates a UNIHDR2 structure.
+********************************************************************/
+void make_uni_hdr2(UNIHDR2 *hdr, int max_len, int len, uint16 terminate)
+{
+ make_uni_hdr(&(hdr->unihdr), max_len, len, terminate);
+ hdr->undoc_buffer = len > 0 ? 1 : 0;
+}
+
+/*******************************************************************
reads or writes a UNIHDR2 structure.
********************************************************************/
char* smb_io_unihdr2(BOOL io, UNIHDR2 *hdr2, char *q, char *base, int align, int depth)
@@ -134,6 +202,15 @@ char* smb_io_unihdr2(BOOL io, UNIHDR2 *hdr2, char *q, char *base, int align, int
}
/*******************************************************************
+creates a UNISTR structure.
+********************************************************************/
+void make_unistr(UNISTR *str, char *buf)
+{
+ /* store the string (null-terminated copy) */
+ PutUniCode((char *)(str->buffer), buf);
+}
+
+/*******************************************************************
reads or writes a UNISTR structure.
XXXX NOTE: UNISTR structures NEED to be null-terminated.
********************************************************************/
@@ -160,6 +237,20 @@ char* smb_io_unistr(BOOL io, UNISTR *uni, char *q, char *base, int align, int de
}
/*******************************************************************
+creates a UNISTR2 structure.
+********************************************************************/
+void make_unistr2(UNISTR2 *str, char *buf, int len)
+{
+ /* set up string lengths. add one if string is not null-terminated */
+ str->uni_max_len = len;
+ str->undoc = 0;
+ str->uni_str_len = len;
+
+ /* store the string (null-terminated copy) */
+ PutUniCode((char *)str->buffer, buf);
+}
+
+/*******************************************************************
reads or writes a UNISTR2 structure.
XXXX NOTE: UNISTR2 structures need NOT be null-terminated.
the uni_str_len member tells you how long the string is;
@@ -193,6 +284,19 @@ char* smb_io_unistr2(BOOL io, UNISTR2 *uni2, char *q, char *base, int align, int
}
/*******************************************************************
+creates a DOM_SID2 structure.
+********************************************************************/
+void make_dom_sid2(DOM_SID2 *sid2, char *sid_str)
+{
+ int len_sid_str = strlen(sid_str);
+
+ sid2->type = 0x5;
+ sid2->undoc = 0;
+ make_uni_hdr2(&(sid2->hdr), len_sid_str, len_sid_str, 0);
+ make_unistr (&(sid2->str), sid_str);
+}
+
+/*******************************************************************
reads or writes a DOM_SID2 structure.
********************************************************************/
char* smb_io_dom_sid2(BOOL io, DOM_SID2 *sid2, char *q, char *base, int align, int depth)
@@ -220,6 +324,17 @@ char* smb_io_dom_sid2(BOOL io, DOM_SID2 *sid2, char *q, char *base, int align, i
}
/*******************************************************************
+creates a DOM_RID2 structure.
+********************************************************************/
+void make_dom_rid2(DOM_RID2 *rid2, uint32 rid)
+{
+ rid2->type = 0x5;
+ rid2->undoc = 0x5;
+ rid2->rid = rid;
+ rid2->rid_idx = 0;
+}
+
+/*******************************************************************
reads or writes a DOM_RID2 structure.
********************************************************************/
char* smb_io_dom_rid2(BOOL io, DOM_RID2 *rid2, char *q, char *base, int align, int depth)
@@ -494,6 +609,28 @@ char* smb_io_gid(BOOL io, DOM_GID *gid, char *q, char *base, int align, int dept
}
/*******************************************************************
+creates an RPC_HDR structure.
+********************************************************************/
+void make_rpc_header(RPC_HDR *hdr, enum RPC_PKT_TYPE pkt_type,
+ uint32 call_id, int data_len, int opnum)
+{
+ if (hdr == NULL) return;
+
+ hdr->major = 5; /* RPC version 5 */
+ hdr->minor = 0; /* minor version 0 */
+ hdr->pkt_type = pkt_type; /* RPC packet type */
+ hdr->frag = 3; /* first frag + last frag */
+ hdr->pack_type = 0x10; /* packed data representation */
+ hdr->frag_len = data_len; /* fragment length, fill in later */
+ hdr->auth_len = 0; /* authentication length */
+ hdr->call_id = call_id; /* call identifier - match incoming RPC */
+ hdr->alloc_hint = data_len - 0x18; /* allocation hint (no idea) */
+ hdr->context_id = 0; /* presentation context identifier */
+ hdr->cancel_count = opnum; /* cancel count. or opnum. XXXX CHEAT! */
+ hdr->reserved = 0; /* reserved */
+}
+
+/*******************************************************************
reads or writes an RPC_HDR structure.
********************************************************************/
char* smb_io_rpc_hdr(BOOL io, RPC_HDR *rpc, char *q, char *base, int align, int depth)
@@ -516,6 +653,7 @@ char* smb_io_rpc_hdr(BOOL io, RPC_HDR *rpc, char *q, char *base, int align, int
DBG_RW_IVAL("call_id ", depth, base, io, q, rpc->call_id); q += 4;
DBG_RW_IVAL("alloc_hint", depth, base, io, q, rpc->alloc_hint); q += 4;
DBG_RW_CVAL("context_id", depth, base, io, q, rpc->context_id); q++;
+ DBG_RW_CVAL("cancel_ct ", depth, base, io, q, rpc->cancel_count); q++;
DBG_RW_CVAL("reserved ", depth, base, io, q, rpc->reserved); q++;
return q;