summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h1
-rw-r--r--source3/include/smb.h1
-rw-r--r--source3/lib/util.c47
-rw-r--r--source3/ntclientpipe.c43
-rw-r--r--source3/smbd/ipc.c24
-rw-r--r--source3/smbparse.c22
6 files changed, 114 insertions, 24 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index a02fa86bb9..ee7bd41dbd 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1251,6 +1251,7 @@ enum remote_arch_types get_remote_arch();
char *skip_unicode_string(char *buf,int n);
char *unistrn2(uint16 *buf, int len);
char *unistr2(uint16 *buf);
+int struni2(uint16 *p, char *buf);
char *unistr(char *buf);
int unistrncpy(char *dst, char *src, int len);
int unistrcpy(char *dst, char *src);
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 62c3fec19d..9b54385eee 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -260,6 +260,7 @@ typedef fstring string;
#define PIPE_SRVSVC "\\PIPE\\srvsvc"
#define PIPE_NETLOGON "\\PIPE\\NETLOGON"
#define PIPE_NTLSA "\\PIPE\\ntlsa"
+#define PIPE_LSASS "\\PIPE\\lsass"
#define PIPE_LSARPC "\\PIPE\\lsarpc"
/* NETLOGON opcodes and data structures */
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 7f47cdbdb4..4d098013f2 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -4284,11 +4284,19 @@ char *unistrn2(uint16 *buf, int len)
static int nexti;
char *lbuf = lbufs[nexti];
char *p;
+
nexti = (nexti+1)%8;
+
+ DEBUG(10, ("unistrn2: "));
+
for (p = lbuf; *buf && p-lbuf < MAXUNI-2 && len > 0; len--, p++, buf++)
{
+ DEBUG(10, ("%4x ", *buf));
*p = *buf;
}
+
+ DEBUG(10,("\n"));
+
*p = 0;
return lbuf;
}
@@ -4304,16 +4312,55 @@ char *unistr2(uint16 *buf)
static int nexti;
char *lbuf = lbufs[nexti];
char *p;
+
nexti = (nexti+1)%8;
+
+ DEBUG(10, ("unistr2: "));
+
for (p = lbuf; *buf && p-lbuf < MAXUNI-2; p++, buf++)
{
+ DEBUG(10, ("%4x ", *buf));
*p = *buf;
}
+
+ DEBUG(10,("\n"));
+
*p = 0;
return lbuf;
}
/*******************************************************************
+create a null-terminated unicode string from a null-terminated ascii string.
+return number of unicode chars copied, excluding the null character.
+
+only handles ascii strings
+********************************************************************/
+#define MAXUNI 1024
+int struni2(uint16 *p, char *buf)
+{
+ int len = 0;
+
+ if (p == NULL) return 0;
+
+ DEBUG(10, ("struni2: "));
+
+ if (buf != NULL)
+ {
+ for (; *buf && len < MAXUNI-2; len++, p++, buf++)
+ {
+ DEBUG(10, ("%2x ", *buf));
+ *p = *buf;
+ }
+
+ DEBUG(10,("\n"));
+ }
+
+ *p = 0;
+
+ return len;
+}
+
+/*******************************************************************
Return a ascii version of a unicode string
Hack alert: uses fixed buffer(s) and only handles ascii strings
********************************************************************/
diff --git a/source3/ntclientpipe.c b/source3/ntclientpipe.c
index 6a4fa59f80..80991cea51 100644
--- a/source3/ntclientpipe.c
+++ b/source3/ntclientpipe.c
@@ -85,6 +85,17 @@ uint16 open_rpc_pipe(char *inbuf, char *outbuf, char *rname, int Client, int cnu
return fnum;
}
+struct
+{
+ char *client;
+ char *server;
+} pipe_names [] =
+{
+ { PIPE_LSARPC , PIPE_LSASS },
+ { PIPE_NETLOGON, PIPE_NETLOGON },
+ { NULL , NULL }
+};
+
/****************************************************************************
do an rpc bind
****************************************************************************/
@@ -140,6 +151,7 @@ BOOL bind_rpc_pipe(char *pipe_name, uint16 fnum, uint32 call_id,
RPC_HDR_BA hdr_ba;
int hdr_len;
int pkt_len;
+ int i = 0;
DEBUG(5, ("cli_call_api: return OK\n"));
@@ -172,10 +184,35 @@ BOOL bind_rpc_pipe(char *pipe_name, uint16 fnum, uint32 call_id,
}
#endif
- if (p && (strcmp(pipe_name, hdr_ba.addr.str) != 0))
+ while (p && (pipe_names[i].server != NULL))
+ {
+ DEBUG(6,("bind_rpc_pipe: searching pipe name: client:%s server:%s\n",
+ pipe_names[i].client, pipe_names[i].server));
+
+ if ((strcmp(pipe_name , pipe_names[i].client) == 0))
+ {
+ if (strcmp(hdr_ba.addr.str, pipe_names[i].server) == 0)
+ {
+ DEBUG(5,("bind_rpc_pipe: server pipe_name found: %s\n",
+ pipe_names[i].server));
+ break;
+ }
+ else
+ {
+ DEBUG(2,("bind_rpc_pipe: pipe_name %s != expected pipe %s\n",
+ pipe_names[i].server, hdr_ba.addr.str));
+ p = NULL;
+ }
+ }
+ else
+ {
+ i++;
+ }
+ }
+
+ if (p && pipe_names[i].server == NULL)
{
- DEBUG(2,("bind_rpc_pipe: pipe_name %s != expected pipe %s\n",
- pipe_name, hdr_ba.addr.str));
+ DEBUG(2,("bind_rpc_pipe: pipe name %s unsupported\n", hdr_ba.addr.str));
p = NULL;
}
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index c2cfc15a21..088ecfbddd 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -2862,23 +2862,27 @@ static BOOL api_WPrintPortEnum(int cnum,uint16 vuid, char *param,char *data,
struct
{
char * name;
- char * pipename;
+ char * pipe_clnt_name;
+#ifdef NTDOMAIN
+ char * pipe_srv_name;
+#endif
int subcommand;
BOOL (*fn) ();
} api_fd_commands [] =
{
#ifdef NTDOMAIN
- { "SetNmdPpHndState", "lsarpc", 1, api_LsarpcSNPHS },
- { "SetNmdPpHndState", "srvsvc", 1, api_LsarpcSNPHS },
- { "SetNmdPpHndState", "NETLOGON", 1, api_LsarpcSNPHS },
- { "TransactNmPipe", "lsarpc", 0x26, api_ntLsarpcTNP },
- { "TransactNmPipe", "srvsvc", 0x26, api_srvsvcTNP },
- { "TransactNmPipe", "NETLOGON", 0x26, api_netlogrpcTNP },
+ { "SetNmdPpHndState", "lsarpc", "lsass", 1, api_LsarpcSNPHS },
+ { "SetNmdPpHndState", "srvsvc", "lsass", 1, api_LsarpcSNPHS },
+ { "SetNmdPpHndState", "NETLOGON", "NETLOGON", 1, api_LsarpcSNPHS },
+ { "TransactNmPipe", "lsarpc", "lsass", 0x26, api_ntLsarpcTNP },
+ { "TransactNmPipe", "srvsvc", "lsass", 0x26, api_srvsvcTNP },
+ { "TransactNmPipe", "NETLOGON", "NETLOGON", 0x26, api_netlogrpcTNP },
+ { NULL, NULL, NULL, -1, (BOOL (*)())api_Unsupported }
#else
{ "SetNmdPpHndState", "lsarpc", 1, api_LsarpcSNPHS },
{ "TransactNmPipe" , "lsarpc", 0x26, api_LsarpcTNP },
-#endif
{ NULL, NULL, -1, (BOOL (*)())api_Unsupported }
+#endif
};
/****************************************************************************
@@ -2929,7 +2933,7 @@ static int api_fd_reply(int cnum,uint16 vuid,char *outbuf,
for (i = 0; api_fd_commands[i].name; i++)
{
- if (strequal(api_fd_commands[i].pipename, pipe_name) &&
+ if (strequal(api_fd_commands[i].pipe_clnt_name, pipe_name) &&
api_fd_commands[i].subcommand == subcommand &&
api_fd_commands[i].fn)
{
@@ -2964,7 +2968,7 @@ static int api_fd_reply(int cnum,uint16 vuid,char *outbuf,
/* name has to be \PIPE\xxxxx */
strcpy(ack_pipe_name, "\\PIPE\\");
- strcat(ack_pipe_name, api_fd_commands[i].pipename);
+ strcat(ack_pipe_name, api_fd_commands[i].pipe_srv_name);
/* make a bind acknowledgement */
make_rpc_hdr_ba(&hdr_ba,
diff --git a/source3/smbparse.c b/source3/smbparse.c
index 25ddeb56a8..b238cd513b 100644
--- a/source3/smbparse.c
+++ b/source3/smbparse.c
@@ -207,7 +207,7 @@ creates a UNISTR structure.
void make_unistr(UNISTR *str, char *buf)
{
/* store the string (null-terminated copy) */
- PutUniCode((char *)(str->buffer), buf);
+ struni2(str->buffer, buf);
}
/*******************************************************************
@@ -216,6 +216,8 @@ XXXX NOTE: UNISTR structures NEED to be null-terminated.
********************************************************************/
char* smb_io_unistr(BOOL io, UNISTR *uni, char *q, char *base, int align, int depth)
{
+ int i = 0;
+
if (uni == NULL) return NULL;
DEBUG(5,("%s%04x smb_io_unistr\n", tab_depth(depth), PTR_DIFF(q, base)));
@@ -223,16 +225,14 @@ char* smb_io_unistr(BOOL io, UNISTR *uni, char *q, char *base, int align, int de
q = align_offset(q, base, align);
- if (io)
- {
- /* io True indicates read _from_ the SMB buffer into the string */
- q += 2 * unistrcpy((char*)uni->buffer, q);
- }
- else
+ do
{
- /* io True indicates copy _from_ the string into SMB buffer */
- q += 2 * unistrcpy(q, (char*)uni->buffer);
- }
+ RW_SVAL(io, q, uni->buffer[i], 0); q += 2;
+ i++;
+
+ } while ((i < sizeof(uni->buffer) / sizeof(uni->buffer[0])) &&
+ (uni->buffer[i] != 0));
+
return q;
}
@@ -247,7 +247,7 @@ void make_unistr2(UNISTR2 *str, char *buf, int len)
str->uni_str_len = len;
/* store the string (null-terminated copy) */
- PutUniCode((char *)str->buffer, buf);
+ struni2(str->buffer, buf);
}
/*******************************************************************