summaryrefslogtreecommitdiff
path: root/librpc/rpc
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2010-07-19 18:57:12 -0400
committerSimo Sorce <idra@samba.org>2010-07-20 08:28:19 -0400
commitb20e5eb3aab2d0c3b028e769dd126387699a8f7d (patch)
tree3a6b5840699d87ac8069881fd999d1629e2a2d8a /librpc/rpc
parent2a8399f7ce676e7e4fa70e8f8f04ba2876350695 (diff)
downloadsamba-b20e5eb3aab2d0c3b028e769dd126387699a8f7d.tar.gz
samba-b20e5eb3aab2d0c3b028e769dd126387699a8f7d.tar.bz2
samba-b20e5eb3aab2d0c3b028e769dd126387699a8f7d.zip
dcerpc: Clarify what the arguments of dcerpc_pull_auth_trailer() actually represent.
Diffstat (limited to 'librpc/rpc')
-rw-r--r--librpc/rpc/dcerpc_util.c49
1 files changed, 34 insertions, 15 deletions
diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c
index c79cfd506a..492d8ac939 100644
--- a/librpc/rpc/dcerpc_util.c
+++ b/librpc/rpc/dcerpc_util.c
@@ -57,22 +57,39 @@ uint8_t dcerpc_get_endian_flag(DATA_BLOB *blob)
return blob->data[DCERPC_DREP_OFFSET];
}
-/*
- pull an dcerpc_auth structure, taking account of any auth padding in
- the blob at the end of the structure
- */
+
+/**
+* @brief Pull a dcerpc_auth structure, taking account of any auth
+* padding in the blob. For request/response packets we pass
+* the whole data blob, so auth_data_only must be set to false
+* as the blob contains data+pad+auth and no just pad+auth.
+*
+* @param pkt - The ncacn_packet strcuture
+* @param mem_ctx - The mem_ctx used to allocate dcerpc_auth elements
+* @param pkt_trailer - The packet trailer data, usually the trailing
+* auth_info blob, but in the request/response case
+* this is the stub_and_verifier blob.
+* @param auth - A preallocated dcerpc_auth *empty* structure
+* @param auth_length - The length of the auth trail, sum of auth header
+* lenght and pkt->auth_length
+* @param auth_data_only - Whether the pkt_trailer includes only the auth_blob
+* (+ padding) or also other data.
+*
+* @return - A NTSTATUS error code.
+*/
NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
TALLOC_CTX *mem_ctx,
- DATA_BLOB *pkt_auth_blob,
+ DATA_BLOB *pkt_trailer,
struct dcerpc_auth *auth,
uint32_t *auth_length,
- bool check_pad)
+ bool auth_data_only)
{
struct ndr_pull *ndr;
enum ndr_err_code ndr_err;
- uint32_t pad;
+ uint32_t data_and_pad;
- pad = pkt_auth_blob->length - (DCERPC_AUTH_TRAILER_LENGTH + pkt->auth_length);
+ data_and_pad = pkt_trailer->length
+ - (DCERPC_AUTH_TRAILER_LENGTH + pkt->auth_length);
/* paranoia check for pad size. This would be caught anyway by
the ndr_pull_advance() a few lines down, but it scared
@@ -80,13 +97,13 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
it now, just to prevent someone posting a bogus YouTube
video in the future.
*/
- if (pad > pkt_auth_blob->length) {
+ if (data_and_pad > pkt_trailer->length) {
return NT_STATUS_INFO_LENGTH_MISMATCH;
}
- *auth_length = pkt_auth_blob->length - pad;
+ *auth_length = pkt_trailer->length - data_and_pad;
- ndr = ndr_pull_init_blob(pkt_auth_blob, mem_ctx);
+ ndr = ndr_pull_init_blob(pkt_trailer, mem_ctx);
if (!ndr) {
return NT_STATUS_NO_MEMORY;
}
@@ -95,7 +112,7 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
ndr->flags |= LIBNDR_FLAG_BIGENDIAN;
}
- ndr_err = ndr_pull_advance(ndr, pad);
+ ndr_err = ndr_pull_advance(ndr, data_and_pad);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
talloc_free(ndr);
return ndr_map_error2ntstatus(ndr_err);
@@ -107,9 +124,11 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
return ndr_map_error2ntstatus(ndr_err);
}
- if (check_pad && pad != auth->auth_pad_length) {
- DEBUG(1,(__location__ ": WARNING: pad length mismatch. Calculated %u got %u\n",
- (unsigned)pad, (unsigned)auth->auth_pad_length));
+ if (auth_data_only && data_and_pad != auth->auth_pad_length) {
+ DEBUG(1, (__location__ ": WARNING: pad length mismatch. "
+ "Calculated %u got %u\n",
+ (unsigned)data_and_pad,
+ (unsigned)auth->auth_pad_length));
}
DEBUG(6,(__location__ ": auth_pad_length %u\n",