diff options
author | Simo Sorce <idra@samba.org> | 2010-07-19 17:51:18 -0400 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2010-07-28 12:16:29 -0400 |
commit | 1fc71c9c6ff26f2d49f314b8425c6cd4c91683f3 (patch) | |
tree | b67b4943bff30b89857f95a05afb060afff7335c | |
parent | 2ce169ce187cc7229aecdc3e5cd889c5194956aa (diff) | |
download | samba-1fc71c9c6ff26f2d49f314b8425c6cd4c91683f3.tar.gz samba-1fc71c9c6ff26f2d49f314b8425c6cd4c91683f3.tar.bz2 samba-1fc71c9c6ff26f2d49f314b8425c6cd4c91683f3.zip |
s3-dcerpc do not pass pipes_struct to dcesrv_auth_request()
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 54 |
1 files changed, 28 insertions, 26 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 521712a1a3..98dc52d100 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -1721,12 +1721,13 @@ void set_incoming_fault(struct pipes_struct *p) get_pipe_name_from_syntax(talloc_tos(), &p->syntax))); } -static NTSTATUS dcesrv_auth_request(struct pipes_struct *p, - struct ncacn_packet *pkt) +static NTSTATUS dcesrv_auth_request(struct pipe_auth_data *auth, + struct ncacn_packet *pkt, + DATA_BLOB *raw_pkt) { NTSTATUS status; size_t hdr_size = DCERPC_REQUEST_LENGTH; - struct dcerpc_auth auth; + struct dcerpc_auth auth_info; uint32_t auth_length; DATA_BLOB data; DATA_BLOB full_pkt; @@ -1737,7 +1738,7 @@ static NTSTATUS dcesrv_auth_request(struct pipes_struct *p, hdr_size += 16; } - switch (p->auth.auth_level) { + switch (auth->auth_level) { case DCERPC_AUTH_LEVEL_PRIVACY: DEBUG(10, ("Requested Privacy.\n")); break; @@ -1761,24 +1762,26 @@ static NTSTATUS dcesrv_auth_request(struct pipes_struct *p, return NT_STATUS_OK; default: + DEBUG(3, ("Unimplemented Auth Level %d", + auth->auth_level)); return NT_STATUS_INVALID_PARAMETER; } status = dcerpc_pull_auth_trailer(pkt, pkt, &pkt->u.request.stub_and_verifier, - &auth, &auth_length, false); + &auth_info, &auth_length, false); if (!NT_STATUS_IS_OK(status)) { return status; } pkt->u.request.stub_and_verifier.length -= auth_length; - data.data = p->in_data.pdu.data + hdr_size; - data.length = pkt->u.request.stub_and_verifier.length; - full_pkt.data = p->in_data.pdu.data; - full_pkt.length = p->in_data.pdu.length - auth.credentials.length; + data = data_blob_const(raw_pkt->data + hdr_size, + pkt->u.request.stub_and_verifier.length); + full_pkt = data_blob_const(raw_pkt->data, + raw_pkt->length - auth_info.credentials.length); - switch (p->auth.auth_type) { + switch (auth->auth_type) { case PIPE_AUTH_TYPE_NONE: return NT_STATUS_OK; @@ -1787,19 +1790,19 @@ static NTSTATUS dcesrv_auth_request(struct pipes_struct *p, DEBUG(10, ("NTLMSSP auth\n")); - if (!p->auth.a_u.auth_ntlmssp_state) { + if (!auth->a_u.auth_ntlmssp_state) { DEBUG(0, ("Invalid auth level, " "failed to process packet auth.\n")); return NT_STATUS_INVALID_PARAMETER; } - switch (p->auth.auth_level) { + switch (auth->auth_level) { case DCERPC_AUTH_LEVEL_PRIVACY: status = auth_ntlmssp_unseal_packet( - p->auth.a_u.auth_ntlmssp_state, + auth->a_u.auth_ntlmssp_state, data.data, data.length, full_pkt.data, full_pkt.length, - &auth.credentials); + &auth_info.credentials); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -1809,10 +1812,10 @@ static NTSTATUS dcesrv_auth_request(struct pipes_struct *p, case DCERPC_AUTH_LEVEL_INTEGRITY: status = auth_ntlmssp_check_packet( - p->auth.a_u.auth_ntlmssp_state, + auth->a_u.auth_ntlmssp_state, data.data, data.length, full_pkt.data, full_pkt.length, - &auth.credentials); + &auth_info.credentials); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -1829,13 +1832,13 @@ static NTSTATUS dcesrv_auth_request(struct pipes_struct *p, DEBUG(10, ("SCHANNEL auth\n")); - switch (p->auth.auth_level) { + switch (auth->auth_level) { case DCERPC_AUTH_LEVEL_PRIVACY: status = netsec_incoming_packet( - p->auth.a_u.schannel_auth, + auth->a_u.schannel_auth, pkt, true, data.data, data.length, - &auth.credentials); + &auth_info.credentials); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -1845,10 +1848,10 @@ static NTSTATUS dcesrv_auth_request(struct pipes_struct *p, case DCERPC_AUTH_LEVEL_INTEGRITY: status = netsec_incoming_packet( - p->auth.a_u.schannel_auth, + auth->a_u.schannel_auth, pkt, false, data.data, data.length, - &auth.credentials); + &auth_info.credentials); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -1864,16 +1867,15 @@ static NTSTATUS dcesrv_auth_request(struct pipes_struct *p, default: DEBUG(0, ("process_request_pdu: " "unknown auth type %u set.\n", - (unsigned int)p->auth.auth_type)); - set_incoming_fault(p); + (unsigned int)auth->auth_type)); return NT_STATUS_INVALID_PARAMETER; } /* remove the indicated amount of padding */ - if (pkt->u.request.stub_and_verifier.length < auth.auth_pad_length) { + if (pkt->u.request.stub_and_verifier.length < auth_info.auth_pad_length) { return NT_STATUS_INVALID_PARAMETER; } - pkt->u.request.stub_and_verifier.length -= auth.auth_pad_length; + pkt->u.request.stub_and_verifier.length -= auth_info.auth_pad_length; return NT_STATUS_OK; } @@ -1897,7 +1899,7 @@ static bool process_request_pdu(struct pipes_struct *p, struct ncacn_packet *pkt /* Store the opnum */ p->opnum = pkt->u.request.opnum; - status = dcesrv_auth_request(p, pkt); + status = dcesrv_auth_request(&p->auth, pkt, &p->in_data.pdu); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("Failed to check packet auth.\n")); set_incoming_fault(p); |