summaryrefslogtreecommitdiff
path: root/source4/librpc
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2008-09-30 14:57:51 +0200
committerJelmer Vernooij <jelmer@samba.org>2008-09-30 14:57:51 +0200
commitae385145347f8e7a10acd61a5217685c6c617661 (patch)
tree4aeee2a3bea4fd7fbde09bb44dc4c00150562ffe /source4/librpc
parentac5e69a999c4dcd337c5b8467aba3018df50126b (diff)
parent394f24b374e1fda8dc8222b71ce164a1a79efde6 (diff)
downloadsamba-ae385145347f8e7a10acd61a5217685c6c617661.tar.gz
samba-ae385145347f8e7a10acd61a5217685c6c617661.tar.bz2
samba-ae385145347f8e7a10acd61a5217685c6c617661.zip
Merge branch 'master' of ssh://git.samba.org/data/git/samba
Diffstat (limited to 'source4/librpc')
-rw-r--r--source4/librpc/config.mk4
-rw-r--r--source4/librpc/idl/dcerpc.idl1
-rw-r--r--source4/librpc/idl/drsblobs.idl25
-rw-r--r--source4/librpc/ndr/ndr_drsblobs.c213
-rw-r--r--source4/librpc/rpc/dcerpc.c6
5 files changed, 237 insertions, 12 deletions
diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk
index cf41f9884a..41dd17e428 100644
--- a/source4/librpc/config.mk
+++ b/source4/librpc/config.mk
@@ -144,9 +144,9 @@ PUBLIC_DEPENDENCIES = LIBNDR NDR_COMPRESSION NDR_SECURITY NDR_SAMR ASN1_UTIL
NDR_DRSUAPI_OBJ_FILES = $(gen_ndrsrcdir)/ndr_drsuapi.o $(ndrsrcdir)/ndr_drsuapi.o
[SUBSYSTEM::NDR_DRSBLOBS]
-PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_DRSUAPI LIBCLI_DRSBLOBS
+PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_DRSUAPI
-NDR_DRSBLOBS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_drsblobs.o
+NDR_DRSBLOBS_OBJ_FILES = $(gen_ndrsrcdir)/ndr_drsblobs.o $(ndrsrcdir)/ndr_drsblobs.o
[SUBSYSTEM::NDR_SASL_HELPERS]
PUBLIC_DEPENDENCIES = LIBNDR
diff --git a/source4/librpc/idl/dcerpc.idl b/source4/librpc/idl/dcerpc.idl
index 1c6574b11b..a78329d990 100644
--- a/source4/librpc/idl/dcerpc.idl
+++ b/source4/librpc/idl/dcerpc.idl
@@ -261,6 +261,7 @@ interface dcerpc
const uint8 DCERPC_PFC_FLAG_OBJECT_UUID = 0x80; /* on valid guid is in the optional object field */
/* these offsets are needed by the signing code */
+ const uint8 DCERPC_PFC_OFFSET = 3;
const uint8 DCERPC_DREP_OFFSET = 4;
const uint8 DCERPC_FRAG_LEN_OFFSET = 8;
const uint8 DCERPC_AUTH_LEN_OFFSET = 10;
diff --git a/source4/librpc/idl/drsblobs.idl b/source4/librpc/idl/drsblobs.idl
index 6b1f649ff5..31fe8a359e 100644
--- a/source4/librpc/idl/drsblobs.idl
+++ b/source4/librpc/idl/drsblobs.idl
@@ -415,18 +415,27 @@ interface drsblobs {
[relative] AuthenticationInformationArray *previous;
} trustAuthInOutBlob;
- typedef [public] struct {
- uint8 confounder[512];
- trustAuthInOutBlob outgoing;
- trustAuthInOutBlob incoming;
- [value(ndr_size_trustAuthInOutBlob(&outgoing, ndr->flags))] uint32 outgoing_size;
- [value(ndr_size_trustAuthInOutBlob(&incoming, ndr->flags))] uint32 incoming_size;
- } trustAuthInAndOutBlob;
-
+ typedef [public,gensize] struct {
+ uint32 count;
+ [relative] AuthenticationInformation *current[count];
+ } trustCurrentPasswords;
+
void decode_trustAuthInOut(
[in] trustAuthInOutBlob blob
);
+ typedef [public,nopull] struct {
+ uint8 confounder[512];
+ [subcontext(0),subcontext_size(outgoing_size)] trustCurrentPasswords outgoing;
+ [subcontext(0),subcontext_size(incoming_size)] trustCurrentPasswords incoming;
+ [value(ndr_size_trustCurrentPasswords(&outgoing, ndr->flags))] uint32 outgoing_size;
+ [value(ndr_size_trustCurrentPasswords(&incoming, ndr->flags))] uint32 incoming_size;
+ } trustDomainPasswords;
+
+ void decode_trustDomainPasswords(
+ [in] trustDomainPasswords blob
+ );
+
typedef [public] struct {
uint32 marker;
DATA_BLOB data;
diff --git a/source4/librpc/ndr/ndr_drsblobs.c b/source4/librpc/ndr/ndr_drsblobs.c
new file mode 100644
index 0000000000..aecb0c3b16
--- /dev/null
+++ b/source4/librpc/ndr/ndr_drsblobs.c
@@ -0,0 +1,213 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Manually parsed structures found in the DRS protocol
+
+ Copyright (C) Andrew Bartlett <abartlet@samba.org> 2008
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "librpc/gen_ndr/ndr_drsblobs.h"
+
+/* parser auto-generated by pidl, then hand-modified by abartlet */
+
+/* Modified to have 'count' specified */
+static enum ndr_err_code ndr_push_AuthenticationInformationArray_with_count(struct ndr_push *ndr, int ndr_flags, int count,
+ const struct AuthenticationInformationArray *r)
+{
+ uint32_t cntr_array_0;
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_push_align(ndr, 4));
+ for (cntr_array_0 = 0; cntr_array_0 < count; cntr_array_0++) {
+ NDR_CHECK(ndr_push_AuthenticationInformation(ndr, NDR_SCALARS, &r->array[cntr_array_0]));
+ }
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ for (cntr_array_0 = 0; cntr_array_0 < count; cntr_array_0++) {
+ NDR_CHECK(ndr_push_AuthenticationInformation(ndr, NDR_BUFFERS, &r->array[cntr_array_0]));
+ }
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+/* Modified to have 'count' specified, and to allocate the array */
+static enum ndr_err_code ndr_pull_AuthenticationInformationArray_with_count(struct ndr_pull *ndr, int ndr_flags, int count, struct AuthenticationInformationArray *r)
+{
+ uint32_t cntr_array_0;
+ TALLOC_CTX *_mem_save_array_0;
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_pull_align(ndr, 4));
+ NDR_PULL_ALLOC_N(ndr, r->array, count);
+ _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->array, 0);
+ for (cntr_array_0 = 0; cntr_array_0 < count; cntr_array_0++) {
+ NDR_CHECK(ndr_pull_AuthenticationInformation(ndr, NDR_SCALARS, &r->array[cntr_array_0]));
+ }
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_0, 0);
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ for (cntr_array_0 = 0; cntr_array_0 < count; cntr_array_0++) {
+ NDR_CHECK(ndr_pull_AuthenticationInformation(ndr, NDR_BUFFERS, &r->array[cntr_array_0]));
+ }
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+/* Modified to have 'count' specified */
+_PUBLIC_ void ndr_print_AuthenticationInformationArray_with_count(struct ndr_print *ndr, const char *name, int count, const struct AuthenticationInformationArray *r)
+{
+ uint32_t cntr_array_0;
+ ndr_print_struct(ndr, name, "AuthenticationInformationArray");
+ ndr->depth++;
+ ndr->print(ndr, "%s: ARRAY(%d)", "array", (int)1);
+ ndr->depth++;
+ for (cntr_array_0=0;cntr_array_0<count;cntr_array_0++) {
+ char *idx_0=NULL;
+ if (asprintf(&idx_0, "[%d]", cntr_array_0) != -1) {
+ ndr_print_AuthenticationInformation(ndr, "array", &r->array[cntr_array_0]);
+ free(idx_0);
+ }
+ }
+ ndr->depth--;
+ ndr->depth--;
+}
+
+/* Modified to call AuthenticationInformationArray with 'count' specified */
+_PUBLIC_ enum ndr_err_code ndr_push_trustAuthInOutBlob(struct ndr_push *ndr, int ndr_flags, const struct trustAuthInOutBlob *r)
+{
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_push_align(ndr, 4));
+ NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->count));
+ NDR_CHECK(ndr_push_relative_ptr1(ndr, r->current));
+ NDR_CHECK(ndr_push_relative_ptr1(ndr, r->previous));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ if (r->current) {
+ NDR_CHECK(ndr_push_relative_ptr2(ndr, r->current));
+ NDR_CHECK(ndr_push_AuthenticationInformationArray_with_count(ndr, NDR_SCALARS|NDR_BUFFERS, r->count, r->current));
+ }
+ if (r->previous) {
+ NDR_CHECK(ndr_push_relative_ptr2(ndr, r->previous));
+ NDR_CHECK(ndr_push_AuthenticationInformationArray_with_count(ndr, NDR_SCALARS|NDR_BUFFERS, r->count, r->previous));
+ }
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_trustAuthInOutBlob(struct ndr_pull *ndr, int ndr_flags, struct trustAuthInOutBlob *r)
+{
+ uint32_t _ptr_current;
+ TALLOC_CTX *_mem_save_current_0;
+ uint32_t _ptr_previous;
+ TALLOC_CTX *_mem_save_previous_0;
+ if (ndr_flags & NDR_SCALARS) {
+ NDR_CHECK(ndr_pull_align(ndr, 4));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->count));
+ NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_current));
+ if (_ptr_current) {
+ NDR_PULL_ALLOC(ndr, r->current);
+ NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->current, _ptr_current));
+ } else {
+ r->current = NULL;
+ }
+ NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_previous));
+ if (_ptr_previous) {
+ NDR_PULL_ALLOC(ndr, r->previous);
+ NDR_CHECK(ndr_pull_relative_ptr1(ndr, r->previous, _ptr_previous));
+ } else {
+ r->previous = NULL;
+ }
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ if (r->current) {
+ uint32_t _relative_save_offset;
+ _relative_save_offset = ndr->offset;
+ NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->current));
+ _mem_save_current_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->current, 0);
+ NDR_CHECK(ndr_pull_AuthenticationInformationArray_with_count(ndr, NDR_SCALARS|NDR_BUFFERS, r->count, r->current));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_current_0, 0);
+ ndr->offset = _relative_save_offset;
+ }
+ if (r->previous) {
+ uint32_t _relative_save_offset;
+ _relative_save_offset = ndr->offset;
+ NDR_CHECK(ndr_pull_relative_ptr2(ndr, r->previous));
+ _mem_save_previous_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->previous, 0);
+ NDR_CHECK(ndr_pull_AuthenticationInformationArray_with_count(ndr, NDR_SCALARS|NDR_BUFFERS, r->count, r->previous));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_previous_0, 0);
+ ndr->offset = _relative_save_offset;
+ }
+ }
+ return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ void ndr_print_trustAuthInOutBlob(struct ndr_print *ndr, const char *name, const struct trustAuthInOutBlob *r)
+{
+ ndr_print_struct(ndr, name, "trustAuthInOutBlob");
+ ndr->depth++;
+ ndr_print_uint32(ndr, "count", r->count);
+ ndr_print_ptr(ndr, "current", r->current);
+ ndr->depth++;
+ if (r->current) {
+ ndr_print_AuthenticationInformationArray_with_count(ndr, "current", r->count, r->current);
+ }
+ ndr->depth--;
+ ndr_print_ptr(ndr, "previous", r->previous);
+ ndr->depth++;
+ if (r->previous) {
+ ndr_print_AuthenticationInformationArray_with_count(ndr, "previous", r->count, r->previous);
+ }
+ ndr->depth--;
+ ndr->depth--;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_pull_trustDomainPasswords(struct ndr_pull *ndr, int ndr_flags, struct trustDomainPasswords *r)
+{
+ if (ndr_flags & NDR_SCALARS) {
+ uint32_t offset;
+ NDR_PULL_ALIGN(ndr, 4);
+ NDR_PULL_NEED_BYTES(ndr, 8);
+
+ offset = ndr->offset;
+ ndr->offset = ndr->data_size - 8;
+
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->outgoing_size));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->incoming_size));
+
+ ndr->offset = offset;
+ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->confounder, 512));
+ {
+ struct ndr_pull *_ndr_outgoing;
+ NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_outgoing, 0, r->outgoing_size));
+ NDR_CHECK(ndr_pull_trustCurrentPasswords(_ndr_outgoing, NDR_SCALARS|NDR_BUFFERS, &r->outgoing));
+ NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_outgoing, 0, r->outgoing_size));
+ }
+ {
+ struct ndr_pull *_ndr_incoming;
+ NDR_CHECK(ndr_pull_subcontext_start(ndr, &_ndr_incoming, 0, r->incoming_size));
+ NDR_CHECK(ndr_pull_trustCurrentPasswords(_ndr_incoming, NDR_SCALARS|NDR_BUFFERS, &r->incoming));
+ NDR_CHECK(ndr_pull_subcontext_end(ndr, _ndr_incoming, 0, r->incoming_size));
+ }
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->outgoing_size));
+ NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->incoming_size));
+ }
+ if (ndr_flags & NDR_BUFFERS) {
+ }
+ return NDR_ERR_SUCCESS;
+}
+
diff --git a/source4/librpc/rpc/dcerpc.c b/source4/librpc/rpc/dcerpc.c
index 5cee9f27ad..4e07cc7b57 100644
--- a/source4/librpc/rpc/dcerpc.c
+++ b/source4/librpc/rpc/dcerpc.c
@@ -332,6 +332,7 @@ static NTSTATUS ncacn_push_request_sign(struct dcerpc_connection *c,
DATA_BLOB creds2;
size_t payload_length;
enum ndr_err_code ndr_err;
+ size_t hdr_size = DCERPC_REQUEST_LENGTH;
/* non-signed packets are simpler */
if (sig_size == 0) {
@@ -365,6 +366,7 @@ static NTSTATUS ncacn_push_request_sign(struct dcerpc_connection *c,
if (pkt->pfc_flags & DCERPC_PFC_FLAG_OBJECT_UUID) {
ndr->flags |= LIBNDR_FLAG_OBJECT_PRESENT;
+ hdr_size += 16;
}
ndr_err = ndr_push_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, pkt);
@@ -413,7 +415,7 @@ static NTSTATUS ncacn_push_request_sign(struct dcerpc_connection *c,
case DCERPC_AUTH_LEVEL_PRIVACY:
status = gensec_seal_packet(c->security_state.generic_state,
mem_ctx,
- blob->data + DCERPC_REQUEST_LENGTH,
+ blob->data + hdr_size,
payload_length,
blob->data,
blob->length,
@@ -426,7 +428,7 @@ static NTSTATUS ncacn_push_request_sign(struct dcerpc_connection *c,
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = gensec_sign_packet(c->security_state.generic_state,
mem_ctx,
- blob->data + DCERPC_REQUEST_LENGTH,
+ blob->data + hdr_size,
payload_length,
blob->data,
blob->length,