diff options
author | Andrew Tridgell <tridge@samba.org> | 2003-11-03 06:22:45 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2003-11-03 06:22:45 +0000 |
commit | c5cf47443985c34ad32c44c322901e0fc3a065d7 (patch) | |
tree | f7d6abd03304c4f2359a4753aae23e41982c0e17 /source4/libcli/raw | |
parent | 7fd381376f88ae99a4bf022d89f21ae497b48c1a (diff) | |
download | samba-c5cf47443985c34ad32c44c322901e0fc3a065d7.tar.gz samba-c5cf47443985c34ad32c44c322901e0fc3a065d7.tar.bz2 samba-c5cf47443985c34ad32c44c322901e0fc3a065d7.zip |
a major revamp of the low level dcerpc code in samba4, We can now do a
successful LSA OpenPolicy using smbtorture
(This used to be commit e925c315f55905060fcca1b188ae1f7e40baf514)
Diffstat (limited to 'source4/libcli/raw')
-rw-r--r-- | source4/libcli/raw/clisession.c | 4 | ||||
-rw-r--r-- | source4/libcli/raw/rawacl.c | 52 | ||||
-rw-r--r-- | source4/libcli/raw/rawdcerpc.c | 215 | ||||
-rw-r--r-- | source4/libcli/raw/rawsearch.c | 8 |
4 files changed, 92 insertions, 187 deletions
diff --git a/source4/libcli/raw/clisession.c b/source4/libcli/raw/clisession.c index 406491e432..9d154e10cd 100644 --- a/source4/libcli/raw/clisession.c +++ b/source4/libcli/raw/clisession.c @@ -318,8 +318,8 @@ static NTSTATUS smb_raw_session_setup_generic_nt1(struct cli_session *session, s2.nt1.in.os = "Unix"; s2.nt1.in.lanman = "Samba"; - if (session->transport->negotiate.sec_mode & - NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) { + if (s2.nt1.in.user[0] && + (session->transport->negotiate.sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE)) { s2.nt1.in.password1 = lanman_blob(parms->generic.in.password, session->transport->negotiate.secblob); s2.nt1.in.password2 = nt_blob(parms->generic.in.password, diff --git a/source4/libcli/raw/rawacl.c b/source4/libcli/raw/rawacl.c index 4cd3338ec5..c45152381d 100644 --- a/source4/libcli/raw/rawacl.c +++ b/source4/libcli/raw/rawacl.c @@ -58,7 +58,7 @@ NTSTATUS smb_raw_query_secdesc_recv(struct cli_request *req, { NTSTATUS status; struct smb_nttrans nt; - struct ndr_parse *rpc; + struct ndr_pull *ndr; status = smb_raw_nttrans_recv(req, mem_ctx, &nt); if (!NT_STATUS_IS_OK(status)) { @@ -73,12 +73,12 @@ NTSTATUS smb_raw_query_secdesc_recv(struct cli_request *req, nt.out.data.length = IVAL(nt.out.params.data, 0); - rpc = ndr_parse_init_blob(&nt.out.data, mem_ctx); - if (!rpc) { + ndr = ndr_pull_init_blob(&nt.out.data, mem_ctx); + if (!ndr) { return NT_STATUS_INVALID_PARAMETER; } - status = ndr_parse_security_descriptor(rpc, &query->out.sd); + status = ndr_pull_security_descriptor(ndr, &query->out.sd); return NT_STATUS_OK; } @@ -95,3 +95,47 @@ NTSTATUS smb_raw_query_secdesc(struct cli_tree *tree, return smb_raw_query_secdesc_recv(req, mem_ctx, query); } + + +/**************************************************************************** +set file ACL (async send) +****************************************************************************/ +struct cli_request *smb_raw_set_secdesc_send(struct cli_tree *tree, + struct smb_set_secdesc *set) +{ + struct smb_nttrans nt; + uint8 params[8]; + struct ndr_push *ndr; + struct cli_request *req; + NTSTATUS status; + + nt.in.max_setup = 0; + nt.in.max_param = 0; + nt.in.max_data = 0; + nt.in.setup_count = 0; + nt.in.function = NT_TRANSACT_SET_SECURITY_DESC; + nt.in.setup = NULL; + + SSVAL(params, 0, set->in.fnum); + SSVAL(params, 2, 0); /* padding */ + SIVAL(params, 4, set->in.secinfo_flags); + + nt.in.params.data = params; + nt.in.params.length = 8; + + ndr = ndr_push_init(); + if (!ndr) return NULL; + +// status = ndr_push_security_descriptor(ndr, set->in.sd); + if (!NT_STATUS_IS_OK(status)) { + ndr_push_free(ndr); + return NULL; + } + + nt.in.data = ndr_push_blob(ndr); + + req = smb_raw_nttrans_send(tree, &nt); + + ndr_push_free(ndr); + return req; +} diff --git a/source4/libcli/raw/rawdcerpc.c b/source4/libcli/raw/rawdcerpc.c index 1cc034de78..4a5159948d 100644 --- a/source4/libcli/raw/rawdcerpc.c +++ b/source4/libcli/raw/rawdcerpc.c @@ -2,7 +2,8 @@ Unix SMB/CIFS implementation. raw dcerpc operations - Copyright (C) Tim Potter, 2003 + Copyright (C) Tim Potter 2003 + Copyright (C) Andrew Tridgell 2003 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,202 +22,62 @@ #include "includes.h" -static int put_uuid(char *data, int offset, struct dcerpc_uuid *uuid) -{ - int i; - - SIVAL(data, offset, uuid->time_low); offset += 4; - SSVAL(data, offset, uuid->time_mid); offset += 2; - SSVAL(data, offset, uuid->time_hi_and_version); offset += 2; - for (i = 0; i < 8; i++) - SCVAL(data, offset + i, uuid->remaining[i]); - offset += 8; - - return offset; -} - -DATA_BLOB dcerpc_raw_bind_setup(struct dcerpc_bind *parms) -{ - int i, offset, size; - char *data; - - /* Allocate storage for bind request */ - - size = 28; - for (i = 0; i < parms->in.num_contexts; i++) { - size += 24; /* as header + uuid */ - size += 20 * parms->in.ctx_list[i].num_ts; /* xfer syntaxes */ - } - size += parms->in.auth_verifier.length; - - data = smb_xmalloc(size); - memset(data, 0, size); - - parms->in.hdr.frag_len = size; - - /* Create bind request */ - - SCVAL(data, 0, parms->in.hdr.rpc_vers); - SCVAL(data, 1, parms->in.hdr.rpc_vers_minor); - SCVAL(data, 2, parms->in.hdr.ptype); - SCVAL(data, 3, parms->in.hdr.pfc_flags); - for (i = 0; i < 4; i++) - SCVAL(data, 4 + i, parms->in.hdr.drep[i]); - SSVAL(data, 8, parms->in.hdr.frag_len); - SSVAL(data, 10, parms->in.auth_verifier.length); - SIVAL(data, 12, parms->in.hdr.call_id); - - SSVAL(data, 16, parms->in.max_xmit_frag); - SSVAL(data, 18, parms->in.max_recv_frag); - SIVAL(data, 20, parms->in.assoc_group_id); - SIVAL(data, 24, parms->in.num_contexts); - - offset = 28; - for (i = 0; i < parms->in.num_contexts; i++) { - struct p_ctx_list *ctx = &parms->in.ctx_list[i]; - int j; - - SSVAL(data, offset, ctx->cont_id); offset += 2; - SSVAL(data, offset, ctx->num_ts); offset += 2; - offset = put_uuid(data, offset, &ctx->as->if_uuid); - SIVAL(data, offset, ctx->as->if_version); offset += 4; - for (j = 0; j < ctx->num_ts; j++) { - offset = put_uuid(data, offset, &ctx->ts[i].if_uuid); - SIVAL(data, offset, ctx->ts[i].if_version); - offset += 4; - } - } - - if (parms->in.auth_verifier.length) - memcpy(&data[offset], parms->in.auth_verifier.data, - parms->in.auth_verifier.length); - - return data_blob(data, size); -} - -NTSTATUS dcerpc_raw_bind_send(struct cli_dcerpc_pipe *p, - struct dcerpc_bind *parms) +struct cli_request *dcerpc_raw_send(struct dcerpc_pipe *p, DATA_BLOB *blob) { struct smb_trans2 trans; - DATA_BLOB blob; - NTSTATUS result; uint16 setup[2]; + struct cli_request *req; + TALLOC_CTX *mem_ctx; - blob = dcerpc_raw_bind_setup(parms); + mem_ctx = talloc_init("dcerpc_raw_send"); + if (!mem_ctx) return NULL; - ZERO_STRUCT(trans); + trans.in.data = *blob; + trans.in.params = data_blob(NULL, 0); + + setup[0] = TRANSACT_DCERPCCMD; + setup[1] = p->fnum; - trans.in.max_data = blob.length; + trans.in.max_param = 0; + trans.in.max_data = 0x8000; trans.in.setup_count = 2; trans.in.setup = setup; trans.in.trans_name = "\\PIPE\\"; - setup[0] = TRANSACT_DCERPCCMD; - setup[1] = p->fnum; - - trans.in.data = blob; - - result = smb_raw_trans(p->tree, p->mem_ctx, &trans); - - data_blob_free(&blob); + req = smb_raw_trans_send(p->tree, &trans); - return result; -} + talloc_destroy(mem_ctx); -NTSTATUS dcerpc_raw_bind_recv(struct cli_dcerpc_pipe *p, - struct dcerpc_bind *parms) -{ - return NT_STATUS_UNSUCCESSFUL; + return req; } -NTSTATUS dcerpc_raw_bind(struct cli_dcerpc_pipe *p, struct dcerpc_bind *parms) -{ - NTSTATUS result; - - result = dcerpc_raw_bind_send(p, parms); - if (NT_STATUS_IS_ERR(result)) - return result; - return dcerpc_raw_bind_recv(p, parms); -} - -DATA_BLOB dcerpc_raw_request_setup(struct dcerpc_request *parms) -{ - int size, i; - char *data; - - /* Allocate storage for request */ - - size = 24 + parms->in.stub_data.length; - - data = smb_xmalloc(size); - memset(data, 0, size); - - parms->in.hdr.frag_len = size; - parms->in.alloc_hint = parms->in.stub_data.length; - - SCVAL(data, 0, parms->in.hdr.rpc_vers); - SCVAL(data, 1, parms->in.hdr.rpc_vers_minor); - SCVAL(data, 2, parms->in.hdr.ptype); - SCVAL(data, 3, parms->in.hdr.pfc_flags); - for (i = 0; i < 4; i++) - SCVAL(data, 4 + i, parms->in.hdr.drep[i]); - SSVAL(data, 8, parms->in.hdr.frag_len); - SSVAL(data, 10, parms->in.auth_verifier.length); - SIVAL(data, 12, parms->in.hdr.call_id); - - SIVAL(data, 16, parms->in.alloc_hint); - SSVAL(data, 20, parms->in.cont_id); - SSVAL(data, 22, parms->in.opnum); - - if (parms->in.stub_data.length) - memcpy(&data[24], parms->in.stub_data.data, - parms->in.stub_data.length); - - return data_blob(data, size); -} - -NTSTATUS dcerpc_raw_request_send(struct cli_dcerpc_pipe *p, - struct dcerpc_request *parms) +NTSTATUS dcerpc_raw_recv(struct dcerpc_pipe *p, + struct cli_request *req, + TALLOC_CTX *mem_ctx, + DATA_BLOB *blob) { struct smb_trans2 trans; - DATA_BLOB blob; - NTSTATUS result; - uint16 setup[2]; - - blob = dcerpc_raw_request_setup(parms); - - ZERO_STRUCT(trans); + NTSTATUS status; - trans.in.max_data = blob.length; - trans.in.setup_count = 2; - trans.in.setup = setup; - trans.in.trans_name = "\\PIPE\\"; - - setup[0] = TRANSACT_DCERPCCMD; - setup[1] = p->fnum; - - trans.in.data = blob; - - result = smb_raw_trans(p->tree, p->mem_ctx, &trans); + status = smb_raw_trans_recv(req, mem_ctx, &trans); + if (!NT_STATUS_IS_OK(status)) { + return status; + } - data_blob_free(&blob); + if (blob) { + *blob = trans.out.data; + } - return result; + return status; } -NTSTATUS dcerpc_raw_request_recv(struct cli_dcerpc_pipe *p, - struct dcerpc_request *parms) +NTSTATUS dcerpc_raw_packet(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + DATA_BLOB *request_blob, + DATA_BLOB *reply_blob) { - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS dcerpc_raw_request(struct cli_dcerpc_pipe *p, - struct dcerpc_request *parms) -{ - NTSTATUS result; - - result = dcerpc_raw_request_send(p, parms); - if (NT_STATUS_IS_ERR(result)) - return result; - return dcerpc_raw_request_recv(p, parms); + struct cli_request *req; + req = dcerpc_raw_send(p, request_blob); + return dcerpc_raw_recv(p, req, mem_ctx, reply_blob); } + diff --git a/source4/libcli/raw/rawsearch.c b/source4/libcli/raw/rawsearch.c index 430cf925a6..4c7da6ec4d 100644 --- a/source4/libcli/raw/rawsearch.c +++ b/source4/libcli/raw/rawsearch.c @@ -307,7 +307,7 @@ static int parse_trans2_search(struct cli_tree *tree, case RAW_SEARCH_FULL_DIRECTORY_INFO: if (blob->length < 69) return -1; - ofs = IVAL(blob->data, 0); + ofs = IVAL(blob->data, 0); data->full_directory_info.file_index = IVAL(blob->data, 4); data->full_directory_info.create_time = cli_pull_nttime(blob->data, 8); data->full_directory_info.access_time = cli_pull_nttime(blob->data, 16); @@ -364,7 +364,7 @@ static int parse_trans2_search(struct cli_tree *tree, case RAW_SEARCH_ID_FULL_DIRECTORY_INFO: if (blob->length < 81) return -1; - ofs = IVAL(blob->data, 0); + ofs = IVAL(blob->data, 0); data->id_full_directory_info.file_index = IVAL(blob->data, 4); data->id_full_directory_info.create_time = cli_pull_nttime(blob->data, 8); data->id_full_directory_info.access_time = cli_pull_nttime(blob->data, 16); @@ -385,7 +385,7 @@ static int parse_trans2_search(struct cli_tree *tree, case RAW_SEARCH_ID_BOTH_DIRECTORY_INFO: if (blob->length < 105) return -1; - ofs = IVAL(blob->data, 0); + ofs = IVAL(blob->data, 0); data->id_both_directory_info.file_index = IVAL(blob->data, 4); data->id_both_directory_info.create_time = cli_pull_nttime(blob->data, 8); data->id_both_directory_info.access_time = cli_pull_nttime(blob->data, 16); @@ -481,7 +481,7 @@ NTSTATUS smb_raw_search_first(struct cli_tree *tree, return status; } - if (p_blob.length != 10) { + if (p_blob.length < 10) { DEBUG(1,("smb_raw_search_first: parms wrong size %d != expected_param_size\n", p_blob.length)); return NT_STATUS_INVALID_PARAMETER; |