diff options
-rw-r--r-- | source3/include/ntdomain.h | 66 | ||||
-rw-r--r-- | source3/include/proto.h | 2 | ||||
-rw-r--r-- | source3/lib/system.c | 1 | ||||
-rw-r--r-- | source3/libsmb/clientgen.c | 4 | ||||
-rw-r--r-- | source3/nmbd/nmbd_processlogon.c | 4 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe_hnd.c | 46 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe_srv.c | 40 | ||||
-rw-r--r-- | source3/smbd/ipc.c | 2 |
8 files changed, 101 insertions, 64 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index c1b966aa59..7f3d4b4950 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -63,6 +63,52 @@ typedef struct _prs_struct #define MARSHALLING(ps) (!(ps)->io) #define UNMARSHALLING(ps) ((ps)->io) +typedef struct _input_data { + /* + * This is the current incoming pdu. The data here + * is collected via multiple writes until a complete + * pdu is seen, then the data is copied into the in_data + * structure. The maximum size of this is 64k (2 byte length). + */ + prs_struct in_pdu; + + /* + * The amount of data needed to complete the in_pdu. + * If this is zero, then we are at the start of a new + * pdu. + */ + uint32 in_pdu_needed_len; + + /* + * This is the collection of input data with all + * the rpc headers and auth footers removed. + * The maximum length of this is strictly enforced. + */ + prs_struct in_data; +} input_data; + +typedef struct _output_data { + /* + * Raw RPC output data. This does not include RPC headers or footers. + */ + prs_struct rdata; + + /* The amount of data sent from the current rdata struct. */ + uint32 data_sent_length; + + /* + * The current PDU being returned. This inclues + * headers, data and authentication footer. + */ + unsigned char current_pdu[MAX_PDU_FRAG_LEN]; + + /* The amount of data in the current_pdu buffer. */ + uint32 current_pdu_len; + + /* The amount of data sent from the current PDU. */ + uint32 current_pdu_sent; +} output_data; + typedef struct pipes_struct { struct pipes_struct *next, *prev; @@ -99,25 +145,17 @@ typedef struct pipes_struct uid_t uid; gid_t gid; - /* - * Raw RPC output data. This does not include RPC headers or footers. + /* + * Struct to deal with multiple pdu inputs. */ - prs_struct rdata; - /* The amount of data sent from the current rdata struct. */ - uint32 data_sent_length; + input_data in_data; - /* - * The current PDU being returned. This inclues - * headers, data and authentication footer. + /* + * Struct to deal with multiple pdu outputs. */ - unsigned char current_pdu[MAX_PDU_FRAG_LEN]; - /* The amount of data in the current_pdu buffer. */ - uint32 current_pdu_len; - - /* The amount of data sent from the current PDU. */ - uint32 current_pdu_sent; + output_data out_data; /* When replying to an SMBtrans, this is the maximum amount of data that can be sent in the initial reply. */ diff --git a/source3/include/proto.h b/source3/include/proto.h index ee0de29eb6..837eb27eda 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -2577,7 +2577,7 @@ int read_pipe(pipes_struct *p, char *data, int n); void set_pipe_handle_offset(int max_open_files); void reset_chain_p(void); void init_rpc_pipe_hnd(void); -BOOL pipe_init_outgoing_data( pipes_struct *p); +BOOL pipe_init_outgoing_data(output_data *out_data); pipes_struct *open_rpc_pipe_p(char *pipe_name, connection_struct *conn, uint16 vuid); ssize_t write_to_pipe(pipes_struct *p, char *data, size_t n); diff --git a/source3/lib/system.c b/source3/lib/system.c index 25925b6d8e..9ef0af494f 100644 --- a/source3/lib/system.c +++ b/source3/lib/system.c @@ -968,7 +968,6 @@ FILE *sys_popen(const char *command, const char *mode) int parent_end, child_end; int pipe_fds[2]; popen_list *entry = NULL; - pid_t child_pid; char **argl = NULL; if (pipe(pipe_fds) < 0) diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index 32148a4e12..df3df0b4ba 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -3260,8 +3260,8 @@ BOOL attempt_netbios_session_request(struct cli_state *cli, char *srchost, char * The name used was *SMBSERVER, don't bother with another name. */ - DEBUG(0,("attempt_netbios_session_request: %s rejected the session for name %s \ -with error %s.\n", desthost, "*SMBSERVER", cli_errstr(cli) )); + DEBUG(0,("attempt_netbios_session_request: %s rejected the session for name *SMBSERVER \ +with error %s.\n", desthost, cli_errstr(cli) )); cli_shutdown(cli); return False; } diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c index e13dff8302..d3b7f92fc7 100644 --- a/source3/nmbd/nmbd_processlogon.c +++ b/source3/nmbd/nmbd_processlogon.c @@ -48,7 +48,7 @@ void process_logon_packet(struct packet_struct *p,char *buf,int len, uint16 lmnttoken = 0; uint16 lm20token = 0; uint32 domainsidsize; - BOOL short_request = 0; + BOOL short_request = False; char *getdc; char *uniuser; /* Unicode user name. */ pstring ascuser; @@ -123,7 +123,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) )); if ((buf - q) >= len) { /* Check for a short request */ - short_request = 1; + short_request = True; } else { /* A full length request */ diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index b8e7c1946a..32a804d5d5 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -78,27 +78,27 @@ void init_rpc_pipe_hnd(void) Initialise an outgoing packet. ****************************************************************************/ -BOOL pipe_init_outgoing_data( pipes_struct *p) +BOOL pipe_init_outgoing_data(output_data *out_data) { - memset(p->current_pdu, '\0', sizeof(p->current_pdu)); + memset(out_data->current_pdu, '\0', sizeof(out_data->current_pdu)); /* Free any memory in the current return data buffer. */ - prs_mem_free(&p->rdata); + prs_mem_free(&out_data->rdata); /* * Initialize the outgoing RPC data buffer. * we will use this as the raw data area for replying to rpc requests. */ - if(!prs_init(&p->rdata, 1024, 4, MARSHALL)) { + if(!prs_init(&out_data->rdata, 1024, 4, MARSHALL)) { DEBUG(0,("pipe_init_outgoing_data: malloc fail.\n")); return False; } /* Reset the offset counters. */ - p->data_sent_length = 0; - p->current_pdu_len = 0; - p->current_pdu_sent = 0; + out_data->data_sent_length = 0; + out_data->current_pdu_len = 0; + out_data->current_pdu_sent = 0; return True; } @@ -188,7 +188,7 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name, /* * Initialize the RPC and PDU data buffers with no memory. */ - prs_init(&p->rdata, 0, 4, MARSHALL); + prs_init(&p->out_data.rdata, 0, 4, MARSHALL); DLIST_ADD(Pipes, p); @@ -213,9 +213,9 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name, p->ntlmssp_auth_validated = False; p->ntlmssp_auth_requested = False; - p->current_pdu_len = 0; - p->current_pdu_sent = 0; - p->data_sent_length = 0; + p->out_data.current_pdu_len = 0; + p->out_data.current_pdu_sent = 0; + p->out_data.data_sent_length = 0; p->uid = (uid_t)-1; p->gid = (gid_t)-1; @@ -303,15 +303,15 @@ only service %d sized reads.\n", n, p->name, MAX_PDU_FRAG_LEN )); * PDU. */ - if((pdu_remaining = p->current_pdu_len - p->current_pdu_sent) > 0) { + if((pdu_remaining = p->out_data.current_pdu_len - p->out_data.current_pdu_sent) > 0) { data_returned = MIN(n, pdu_remaining); DEBUG(10,("read_from_pipe: %s: current_pdu_len = %u, current_pdu_sent = %u \ -returning %d bytes.\n", p->name, (unsigned int)p->current_pdu_len, - (unsigned int)p->current_pdu_sent, (int)data_returned)); +returning %d bytes.\n", p->name, (unsigned int)p->out_data.current_pdu_len, + (unsigned int)p->out_data.current_pdu_sent, (int)data_returned)); - memcpy( data, &p->current_pdu[p->current_pdu_sent], (size_t)data_returned); - p->current_pdu_sent += (uint32)data_returned; + memcpy( data, &p->out_data.current_pdu[p->out_data.current_pdu_sent], (size_t)data_returned); + p->out_data.current_pdu_sent += (uint32)data_returned; return data_returned; } @@ -320,10 +320,10 @@ returning %d bytes.\n", p->name, (unsigned int)p->current_pdu_len, * may of course be zero if this is the first return fragment. */ - DEBUG(10,("read_from_pipe: %s: data_sent_length = %u, prs_offset(&p->rdata) = %u.\n", - p->name, (unsigned int)p->data_sent_length, (unsigned int)prs_offset(&p->rdata) )); + DEBUG(10,("read_from_pipe: %s: data_sent_length = %u, prs_offset(&p->out_data.rdata) = %u.\n", + p->name, (unsigned int)p->out_data.data_sent_length, (unsigned int)prs_offset(&p->out_data.rdata) )); - if(p->data_sent_length >= prs_offset(&p->rdata)) { + if(p->out_data.data_sent_length >= prs_offset(&p->out_data.rdata)) { /* * We have sent all possible data. Return 0. */ @@ -343,10 +343,10 @@ returning %d bytes.\n", p->name, (unsigned int)p->current_pdu_len, return -1; } - data_returned = MIN(n, p->current_pdu_len); + data_returned = MIN(n, p->out_data.current_pdu_len); - memcpy( data, p->current_pdu, (size_t)data_returned); - p->current_pdu_sent += (uint32)data_returned; + memcpy( data, p->out_data.current_pdu, (size_t)data_returned); + p->out_data.current_pdu_sent += (uint32)data_returned; return data_returned; } @@ -409,7 +409,7 @@ BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn) return False; } - prs_mem_free(&p->rdata); + prs_mem_free(&p->out_data.rdata); bitmap_clear(bmap, p->pnum - pipe_handle_offset); diff --git a/source3/rpc_server/srv_pipe_srv.c b/source3/rpc_server/srv_pipe_srv.c index 6e8b306760..86cc9e47e6 100644 --- a/source3/rpc_server/srv_pipe_srv.c +++ b/source3/rpc_server/srv_pipe_srv.c @@ -94,7 +94,7 @@ BOOL create_next_pdu(pipes_struct *p) p->hdr.pkt_type = RPC_RESPONSE; /* Set up rpc header flags. */ - if (p->data_sent_length == 0) + if (p->out_data.data_sent_length == 0) p->hdr.flags = RPC_FLG_FIRST; else p->hdr.flags = 0; @@ -103,7 +103,7 @@ BOOL create_next_pdu(pipes_struct *p) * Work out how much we can fit in a sigle PDU. */ - data_space_available = sizeof(p->current_pdu) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN; + data_space_available = sizeof(p->out_data.current_pdu) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN; if(p->ntlmssp_auth_validated) data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NTLMSSP_CHK_LEN); @@ -112,7 +112,7 @@ BOOL create_next_pdu(pipes_struct *p) * space and the amount left to send. */ - data_len_left = prs_offset(&p->rdata) - p->data_sent_length; + data_len_left = prs_offset(&p->out_data.rdata) - p->out_data.data_sent_length; /* * Ensure there really is data left to send. @@ -149,7 +149,7 @@ BOOL create_next_pdu(pipes_struct *p) * Work out if this PDU will be the last. */ - if(p->data_sent_length + data_len >= prs_offset(&p->rdata)) + if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) p->hdr.flags |= RPC_FLG_LAST; /* @@ -158,7 +158,7 @@ BOOL create_next_pdu(pipes_struct *p) */ prs_init( &outgoing_pdu, 0, 4, MARSHALL); - prs_give_memory( &outgoing_pdu, (char *)p->current_pdu, sizeof(p->current_pdu), False); + prs_give_memory( &outgoing_pdu, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False); /* Store the header in the data stream. */ if(!smb_io_rpc_hdr("hdr", &p->hdr, &outgoing_pdu, 0)) { @@ -175,7 +175,7 @@ BOOL create_next_pdu(pipes_struct *p) data_pos = prs_offset(&outgoing_pdu); /* Copy the data into the PDU. */ - data_from = prs_data_p(&p->rdata) + p->data_sent_length; + data_from = prs_data_p(&p->out_data.rdata) + p->out_data.data_sent_length; if(!prs_append_data(&outgoing_pdu, data_from, data_len)) { DEBUG(0,("create_next_pdu: failed to copy %u bytes of data.\n", (unsigned int)data_len)); @@ -230,9 +230,9 @@ BOOL create_next_pdu(pipes_struct *p) * Setup the counts for this PDU. */ - p->data_sent_length += data_len; - p->current_pdu_len = p->hdr.frag_len; - p->current_pdu_sent = 0; + p->out_data.data_sent_length += data_len; + p->out_data.current_pdu_len = p->hdr.frag_len; + p->out_data.current_pdu_sent = 0; return True; } @@ -549,7 +549,7 @@ static BOOL setup_bind_nak(pipes_struct *p, prs_struct *pd) */ prs_init( &outgoing_rpc, 0, 4, MARSHALL); - prs_give_memory( &outgoing_rpc, (char *)p->current_pdu, sizeof(p->current_pdu), False); + prs_give_memory( &outgoing_rpc, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False); /* @@ -575,9 +575,9 @@ static BOOL setup_bind_nak(pipes_struct *p, prs_struct *pd) if(!prs_uint16("reject code", &outgoing_rpc, 0, &zero)) return False; - p->data_sent_length = 0; - p->current_pdu_len = prs_offset(&outgoing_rpc); - p->current_pdu_sent = 0; + p->out_data.data_sent_length = 0; + p->out_data.current_pdu_len = prs_offset(&outgoing_rpc); + p->out_data.current_pdu_sent = 0; return True; } @@ -710,7 +710,7 @@ static BOOL api_pipe_bind_and_alt_req(pipes_struct *p, prs_struct *pd, enum RPC_ */ prs_init( &outgoing_rpc, 0, 4, MARSHALL); - prs_give_memory( &outgoing_rpc, (char *)p->current_pdu, sizeof(p->current_pdu), False); + prs_give_memory( &outgoing_rpc, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False); /* * Setup the memory to marshall the ba header, and the @@ -828,9 +828,9 @@ static BOOL api_pipe_bind_and_alt_req(pipes_struct *p, prs_struct *pd, enum RPC_ * Setup the lengths for the initial reply. */ - p->data_sent_length = 0; - p->current_pdu_len = prs_offset(&outgoing_rpc); - p->current_pdu_sent = 0; + p->out_data.data_sent_length = 0; + p->out_data.current_pdu_len = prs_offset(&outgoing_rpc); + p->out_data.current_pdu_sent = 0; prs_mem_free(&out_hdr_ba); prs_mem_free(&out_auth); @@ -1038,7 +1038,7 @@ BOOL rpc_command(pipes_struct *p, char *input_data, int data_len) * Create the response data buffer. */ - if(!pipe_init_outgoing_data(p)) { + if(!pipe_init_outgoing_data(&p->out_data)) { DEBUG(0,("rpc_command: failed to unmarshall RPC_HDR.\n")); return False; } @@ -1104,9 +1104,9 @@ BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, struct api_struct *api_rpc_cmds } /* do the actual command */ - if(!api_rpc_cmds[fn_num].fn(p->vuid, rpc_in, &p->rdata)) { + if(!api_rpc_cmds[fn_num].fn(p->vuid, rpc_in, &p->out_data.rdata)) { DEBUG(0,("api_rpcTNP: %s: failed.\n", rpc_name)); - prs_mem_free(&p->rdata); + prs_mem_free(&p->out_data.rdata); return False; } diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index b5a6e4ba90..5ee70e7d94 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -3225,7 +3225,7 @@ static BOOL api_rpc_trans_reply(char *outbuf, pipes_struct *p, return False; } - send_trans_reply(outbuf, NULL, 0, rdata, data_len, (int)prs_offset(&p->rdata) > data_len); + send_trans_reply(outbuf, NULL, 0, rdata, data_len, (int)prs_offset(&p->out_data.rdata) > data_len); free(rdata); return True; |