diff options
-rw-r--r-- | source3/include/proto.h | 1 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 33 | ||||
-rw-r--r-- | source3/smbd/nttrans.c | 36 | ||||
-rw-r--r-- | source3/smbd/pipes.c | 12 |
4 files changed, 36 insertions, 46 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 136abca7f3..ab923830bc 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -8815,6 +8815,7 @@ NTSTATUS rpc_pipe_register_commands(int version, const char *clnt, const char *srv, const struct ndr_syntax_id *interface, const struct api_struct *cmds, int size); +bool is_known_pipename(const char *cli_filename); bool api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p); bool api_pipe_alter_context(pipes_struct *p, prs_struct *rpc_in_p); bool api_pipe_ntlmssp_auth_process(pipes_struct *p, prs_struct *rpc_in, diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index fa8fffa350..7b066d3830 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -1078,6 +1078,39 @@ NTSTATUS rpc_pipe_register_commands(int version, const char *clnt, return NT_STATUS_OK; } +/** + * Is a named pipe known? + * @param[in] cli_filename The pipe name requested by the client + * @result Do we want to serve this? + */ +bool is_known_pipename(const char *cli_filename) +{ + const char *pipename = cli_filename; + int i; + + if (strnequal(pipename, "\\PIPE\\", 6)) { + pipename += 5; + } + + if (*pipename == '\\') { + pipename += 1; + } + + if (lp_disable_spoolss() && strequal(pipename, "spoolss")) { + DEBUG(10, ("refusing spoolss access\n")); + return false; + } + + for (i=0; i<rpc_lookup_size; i++) { + if (strequal(pipename, rpc_lookup[i].pipe.clnt)) { + return true; + } + } + + DEBUG(10, ("is_known_pipename: %s unknown\n", cli_filename)); + return false; +} + /******************************************************************* Handle a SPNEGO krb5 bind auth. *******************************************************************/ diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 12f4da627b..149e6ecbd9 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -23,27 +23,6 @@ extern int max_send; extern enum protocol_types Protocol; -static const char *known_nt_pipes[] = { - "\\LANMAN", - "\\srvsvc", - "\\samr", - "\\wkssvc", - "\\NETLOGON", - "\\ntlsa", - "\\ntsvcs", - "\\lsass", - "\\lsarpc", - "\\winreg", - "\\initshutdown", - "\\spoolss", - "\\netdfs", - "\\rpcecho", - "\\svcctl", - "\\eventlog", - "\\unixinfo", - NULL -}; - static char *nttrans_realloc(char **ptr, size_t size) { if (ptr==NULL) { @@ -291,25 +270,12 @@ static void nt_open_pipe(char *fname, connection_struct *conn, struct smb_request *req, int *ppnum) { smb_np_struct *p = NULL; - int i; DEBUG(4,("nt_open_pipe: Opening pipe %s.\n", fname)); /* See if it is one we want to handle. */ - if (lp_disable_spoolss() && strequal(fname, "\\spoolss")) { - reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND, - ERRDOS, ERRbadpipe); - return; - } - - for( i = 0; known_nt_pipes[i]; i++ ) { - if( strequal(fname,known_nt_pipes[i])) { - break; - } - } - - if ( known_nt_pipes[i] == NULL ) { + if (!is_known_pipename(fname)) { reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND, ERRDOS, ERRbadpipe); return; diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c index 6b4b83d97d..4fdcdcc557 100644 --- a/source3/smbd/pipes.c +++ b/source3/smbd/pipes.c @@ -44,9 +44,6 @@ struct pipe_dbrec { fstring user; }; - -extern struct pipe_id_info pipe_names[]; - /**************************************************************************** Reply to an open and X on a named pipe. This code is basically stolen from reply_open_and_X with some @@ -59,7 +56,6 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req) char *pipe_name = NULL; smb_np_struct *p; int size=0,fmode=0,mtime=0,rmode=0; - int i; TALLOC_CTX *ctx = talloc_tos(); /* XXXX we need to handle passed times, sattr and flags */ @@ -82,13 +78,7 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req) DEBUG(4,("Opening pipe %s.\n", pipe_name)); /* See if it is one we want to handle. */ - for( i = 0; pipe_names[i].client_pipe ; i++ ) { - if( strequal(pipe_name,pipe_names[i].client_pipe)) { - break; - } - } - - if (pipe_names[i].client_pipe == NULL) { + if (!is_known_pipename(pipe_name)) { reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND, ERRDOS, ERRbadpipe); return; |