summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2010-07-14 13:56:13 -0400
committerGünther Deschner <gd@samba.org>2010-07-16 01:51:17 +0200
commit79c207ed62ef661add5d48ea898b7a415a9c17d9 (patch)
tree383c16c89e83eaadde50be41a47c84d7a681437e /source3
parent84c50a248e3a7c02d6cbcbb5ce49a6580700d39a (diff)
downloadsamba-79c207ed62ef661add5d48ea898b7a415a9c17d9.tar.gz
samba-79c207ed62ef661add5d48ea898b7a415a9c17d9.tar.bz2
samba-79c207ed62ef661add5d48ea898b7a415a9c17d9.zip
s3-dceprc: Use IDL defined constants for length calculations
Signed-off-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source3')
-rw-r--r--source3/include/rpc_dce.h9
-rw-r--r--source3/rpc_client/cli_pipe.c71
-rw-r--r--source3/rpc_server/srv_pipe.c18
3 files changed, 47 insertions, 51 deletions
diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h
index 32ab19c157..4a4068be6f 100644
--- a/source3/include/rpc_dce.h
+++ b/source3/include/rpc_dce.h
@@ -31,15 +31,6 @@
/* #define MAX_PDU_FRAG_LEN 0x1630 this is what wnt sets */
#define RPC_MAX_PDU_FRAG_LEN 0x10b8 /* this is what w2k sets */
-#define RPC_IFACE_LEN (UUID_SIZE + 4)
-
#define RPC_HEADER_LEN 16
-#define RPC_HDR_REQ_LEN 8
-
-#define RPC_HDR_RESP_LEN 8
-
-
-#define RPC_HDR_AUTH_LEN 8
-
#endif /* _DCE_RPC_H */
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 5093a54729..60dd22d3a0 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -993,11 +993,6 @@ static NTSTATUS cli_pipe_validate_current_pdu(struct rpc_pipe_client *cli,
case DCERPC_PKT_RESPONSE:
- if (!prs_set_offset(current_pdu,
- prs_offset(current_pdu) + RPC_HDR_RESP_LEN)) {
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
/* Here's where we deal with incoming sign/seal. */
ret = cli_pipe_validate_rpc_response(cli, pkt,
current_pdu, &ss_padding_len);
@@ -1007,22 +1002,24 @@ static NTSTATUS cli_pipe_validate_current_pdu(struct rpc_pipe_client *cli,
/* Point the return values at the NDR data.
* Remember to remove any ss padding. */
- *ppdata = prs_data_p(current_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN;
+ *ppdata = prs_data_p(current_pdu) + DCERPC_RESPONSE_LENGTH;
- if (current_pdu_len < RPC_HEADER_LEN + RPC_HDR_RESP_LEN + ss_padding_len) {
+ if (current_pdu_len < DCERPC_RESPONSE_LENGTH + ss_padding_len) {
return NT_STATUS_BUFFER_TOO_SMALL;
}
- *pdata_len = current_pdu_len - RPC_HEADER_LEN - RPC_HDR_RESP_LEN - ss_padding_len;
+ *pdata_len = current_pdu_len - DCERPC_RESPONSE_LENGTH - ss_padding_len;
/* Remember to remove the auth footer. */
if (pkt->auth_length) {
/* We've already done integer wrap tests on auth_len in
cli_pipe_validate_rpc_response(). */
- if (*pdata_len < RPC_HDR_AUTH_LEN + pkt->auth_length) {
+ if (*pdata_len < DCERPC_AUTH_TRAILER_LENGTH
+ + pkt->auth_length) {
return NT_STATUS_BUFFER_TOO_SMALL;
}
- *pdata_len -= (RPC_HDR_AUTH_LEN + pkt->auth_length);
+ *pdata_len -= (DCERPC_AUTH_TRAILER_LENGTH
+ + pkt->auth_length);
}
DEBUG(10, ("Got pdu len %u, data_len %u, ss_len %u\n",
@@ -1816,6 +1813,10 @@ static NTSTATUS create_bind_or_alt_ctx_internal(enum dcerpc_pkt_type ptype,
return status;
}
+ if (auth_len) {
+ auth_len -= DCERPC_AUTH_TRAILER_LENGTH;
+ }
+
u.bind.max_xmit_frag = RPC_MAX_PDU_FRAG_LEN;
u.bind.max_recv_frag = RPC_MAX_PDU_FRAG_LEN;
u.bind.assoc_group_id = 0x0;
@@ -1827,7 +1828,7 @@ static NTSTATUS create_bind_or_alt_ctx_internal(enum dcerpc_pkt_type ptype,
ptype,
DCERPC_PFC_FLAG_FIRST |
DCERPC_PFC_FLAG_LAST,
- auth_len ? auth_len - RPC_HDR_AUTH_LEN : 0,
+ auth_len,
rpc_call_id,
&u,
&blob);
@@ -1915,8 +1916,8 @@ static NTSTATUS add_ntlmssp_auth_footer(struct rpc_pipe_client *cli,
DATA_BLOB auth_info;
NTSTATUS status;
DATA_BLOB auth_blob = data_blob_null;
- uint16_t data_and_pad_len =
- prs_offset(rpc_out) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN;
+ uint16_t data_and_pad_len = prs_offset(rpc_out)
+ - DCERPC_RESPONSE_LENGTH;
if (!cli->auth->a_u.ntlmssp_state) {
return NT_STATUS_INVALID_PARAMETER;
@@ -1951,8 +1952,7 @@ static NTSTATUS add_ntlmssp_auth_footer(struct rpc_pipe_client *cli,
status = ntlmssp_seal_packet(cli->auth->a_u.ntlmssp_state,
prs_get_mem_context(rpc_out),
(unsigned char *)prs_data_p(rpc_out)
- + RPC_HEADER_LEN
- + RPC_HDR_RESP_LEN,
+ + DCERPC_RESPONSE_LENGTH,
data_and_pad_len,
(unsigned char *)prs_data_p(rpc_out),
(size_t)prs_offset(rpc_out),
@@ -1967,8 +1967,7 @@ static NTSTATUS add_ntlmssp_auth_footer(struct rpc_pipe_client *cli,
status = ntlmssp_sign_packet(cli->auth->a_u.ntlmssp_state,
prs_get_mem_context(rpc_out),
(unsigned char *)prs_data_p(rpc_out)
- + RPC_HEADER_LEN
- + RPC_HDR_RESP_LEN,
+ + DCERPC_RESPONSE_LENGTH,
data_and_pad_len,
(unsigned char *)prs_data_p(rpc_out),
(size_t)prs_offset(rpc_out),
@@ -2007,8 +2006,9 @@ static NTSTATUS add_schannel_auth_footer(struct rpc_pipe_client *cli,
{
DATA_BLOB auth_info;
struct schannel_state *sas = cli->auth->a_u.schannel_auth;
- char *data_p = prs_data_p(rpc_out) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN;
- size_t data_and_pad_len = prs_offset(rpc_out) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN;
+ char *data_p = prs_data_p(rpc_out) + DCERPC_RESPONSE_LENGTH;
+ size_t data_and_pad_len = prs_offset(rpc_out)
+ - DCERPC_RESPONSE_LENGTH;
DATA_BLOB blob;
NTSTATUS status;
@@ -2092,11 +2092,11 @@ static uint32 calculate_data_len_tosend(struct rpc_pipe_client *cli,
switch (cli->auth->auth_level) {
case DCERPC_AUTH_LEVEL_NONE:
case DCERPC_AUTH_LEVEL_CONNECT:
- data_space = cli->max_xmit_frag - RPC_HEADER_LEN - RPC_HDR_REQ_LEN;
+ data_space = cli->max_xmit_frag - DCERPC_REQUEST_LENGTH;
data_len = MIN(data_space, data_left);
*p_ss_padding = 0;
*p_auth_len = 0;
- *p_frag_len = RPC_HEADER_LEN + RPC_HDR_REQ_LEN + data_len;
+ *p_frag_len = DCERPC_REQUEST_LENGTH + data_len;
return data_len;
case DCERPC_AUTH_LEVEL_INTEGRITY:
@@ -2115,17 +2115,20 @@ static uint32 calculate_data_len_tosend(struct rpc_pipe_client *cli,
break;
}
- data_space = cli->max_xmit_frag - RPC_HEADER_LEN - RPC_HDR_REQ_LEN -
- RPC_HDR_AUTH_LEN - *p_auth_len;
+ data_space = cli->max_xmit_frag
+ - DCERPC_REQUEST_LENGTH
+ - DCERPC_AUTH_TRAILER_LENGTH
+ - *p_auth_len;
data_len = MIN(data_space, data_left);
*p_ss_padding = 0;
if (data_len % CLIENT_NDR_PADDING_SIZE) {
*p_ss_padding = CLIENT_NDR_PADDING_SIZE - (data_len % CLIENT_NDR_PADDING_SIZE);
}
- *p_frag_len = RPC_HEADER_LEN + RPC_HDR_REQ_LEN + /* Normal headers. */
- data_len + *p_ss_padding + /* data plus padding. */
- RPC_HDR_AUTH_LEN + *p_auth_len; /* Auth header and auth data. */
+ *p_frag_len = DCERPC_REQUEST_LENGTH
+ + data_len + *p_ss_padding
+ + DCERPC_AUTH_TRAILER_LENGTH
+ + *p_auth_len;
return data_len;
default:
@@ -2181,8 +2184,8 @@ struct tevent_req *rpc_api_pipe_req_send(TALLOC_CTX *mem_ctx,
state->req_data_sent = 0;
state->call_id = get_rpc_call_id();
- if (cli->max_xmit_frag
- < RPC_HEADER_LEN + RPC_HDR_REQ_LEN + RPC_MAX_SIGN_SIZE) {
+ if (cli->max_xmit_frag < DCERPC_REQUEST_LENGTH
+ + RPC_MAX_SIGN_SIZE) {
/* Server is screwed up ! */
status = NT_STATUS_INVALID_PARAMETER;
goto post_status;
@@ -2743,7 +2746,8 @@ static NTSTATUS rpc_finish_auth3_bind_send(struct tevent_req *req,
NTSTATUS status;
if ((r->auth_length == 0)
- || (r->frag_length < r->auth_length + RPC_HDR_AUTH_LEN)) {
+ || (r->frag_length < DCERPC_AUTH_TRAILER_LENGTH
+ + r->auth_length)) {
return NT_STATUS_INVALID_PARAMETER;
}
@@ -2818,14 +2822,15 @@ static NTSTATUS rpc_finish_spnego_ntlmssp_bind_send(struct tevent_req *req,
NTSTATUS status;
if ((r->auth_length == 0)
- || (r->frag_length < r->auth_length + RPC_HDR_AUTH_LEN)) {
+ || (r->frag_length < DCERPC_AUTH_TRAILER_LENGTH
+ + r->auth_length)) {
return NT_STATUS_INVALID_PARAMETER;
}
/* Process the returned NTLMSSP blob first. */
- if (!prs_set_offset(
- rpc_in,
- r->frag_length - r->auth_length - RPC_HDR_AUTH_LEN)) {
+ if (!prs_set_offset(rpc_in, r->frag_length
+ - DCERPC_AUTH_TRAILER_LENGTH
+ - r->auth_length)) {
return NT_STATUS_INVALID_PARAMETER;
}
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 12ec27bd04..29b6d8e261 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -498,22 +498,22 @@ static bool pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
bool api_pipe_bind_auth3(pipes_struct *p, struct ncacn_packet *pkt)
{
struct dcerpc_auth auth_info;
- uint32_t auth_len = pkt->auth_length;
NTSTATUS status;
- DEBUG(5,("api_pipe_bind_auth3: decode request. %d\n", __LINE__));
+ DEBUG(5, ("api_pipe_bind_auth3: decode request. %d\n", __LINE__));
- if (auth_len == 0) {
- DEBUG(0,("api_pipe_bind_auth3: No auth field sent !\n"));
+ if (pkt->auth_length == 0) {
+ DEBUG(0, ("No auth field sent for bind request!\n"));
goto err;
}
/* Ensure there's enough data for an authenticated request. */
- if (RPC_HEADER_LEN + RPC_HDR_AUTH_LEN + auth_len >
- pkt->frag_length) {
+ if (pkt->frag_length < RPC_HEADER_LEN
+ + DCERPC_AUTH_TRAILER_LENGTH
+ + pkt->auth_length) {
DEBUG(0,("api_pipe_ntlmssp_auth_process: auth_len "
"%u is too large.\n",
- (unsigned int)auth_len ));
+ (unsigned int)pkt->auth_length));
goto err;
}
@@ -1244,7 +1244,7 @@ bool api_pipe_bind_req(pipes_struct *p, struct ncacn_packet *pkt)
* prevents overrun. */
if (pkt->frag_length < RPC_HEADER_LEN +
- RPC_HDR_AUTH_LEN +
+ DCERPC_AUTH_TRAILER_LENGTH +
pkt->auth_length) {
DEBUG(0,("api_pipe_bind_req: auth_len (%u) "
"too long for fragment %u.\n",
@@ -1468,7 +1468,7 @@ bool api_pipe_alter_context(pipes_struct *p, struct ncacn_packet *pkt)
* prevents overrun. */
if (pkt->frag_length < RPC_HEADER_LEN +
- RPC_HDR_AUTH_LEN +
+ DCERPC_AUTH_TRAILER_LENGTH +
pkt->auth_length) {
DEBUG(0,("api_pipe_alter_context: auth_len (%u) "
"too long for fragment %u.\n",