summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h1
-rw-r--r--source3/rpc_server/srv_pipe.c33
-rw-r--r--source3/smbd/nttrans.c36
-rw-r--r--source3/smbd/pipes.c12
4 files changed, 36 insertions, 46 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 136abca7f3..ab923830bc 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -8815,6 +8815,7 @@ NTSTATUS rpc_pipe_register_commands(int version, const char *clnt,
const char *srv,
const struct ndr_syntax_id *interface,
const struct api_struct *cmds, int size);
+bool is_known_pipename(const char *cli_filename);
bool api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p);
bool api_pipe_alter_context(pipes_struct *p, prs_struct *rpc_in_p);
bool api_pipe_ntlmssp_auth_process(pipes_struct *p, prs_struct *rpc_in,
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index fa8fffa350..7b066d3830 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -1078,6 +1078,39 @@ NTSTATUS rpc_pipe_register_commands(int version, const char *clnt,
return NT_STATUS_OK;
}
+/**
+ * Is a named pipe known?
+ * @param[in] cli_filename The pipe name requested by the client
+ * @result Do we want to serve this?
+ */
+bool is_known_pipename(const char *cli_filename)
+{
+ const char *pipename = cli_filename;
+ int i;
+
+ if (strnequal(pipename, "\\PIPE\\", 6)) {
+ pipename += 5;
+ }
+
+ if (*pipename == '\\') {
+ pipename += 1;
+ }
+
+ if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
+ DEBUG(10, ("refusing spoolss access\n"));
+ return false;
+ }
+
+ for (i=0; i<rpc_lookup_size; i++) {
+ if (strequal(pipename, rpc_lookup[i].pipe.clnt)) {
+ return true;
+ }
+ }
+
+ DEBUG(10, ("is_known_pipename: %s unknown\n", cli_filename));
+ return false;
+}
+
/*******************************************************************
Handle a SPNEGO krb5 bind auth.
*******************************************************************/
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 12f4da627b..149e6ecbd9 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -23,27 +23,6 @@
extern int max_send;
extern enum protocol_types Protocol;
-static const char *known_nt_pipes[] = {
- "\\LANMAN",
- "\\srvsvc",
- "\\samr",
- "\\wkssvc",
- "\\NETLOGON",
- "\\ntlsa",
- "\\ntsvcs",
- "\\lsass",
- "\\lsarpc",
- "\\winreg",
- "\\initshutdown",
- "\\spoolss",
- "\\netdfs",
- "\\rpcecho",
- "\\svcctl",
- "\\eventlog",
- "\\unixinfo",
- NULL
-};
-
static char *nttrans_realloc(char **ptr, size_t size)
{
if (ptr==NULL) {
@@ -291,25 +270,12 @@ static void nt_open_pipe(char *fname, connection_struct *conn,
struct smb_request *req, int *ppnum)
{
smb_np_struct *p = NULL;
- int i;
DEBUG(4,("nt_open_pipe: Opening pipe %s.\n", fname));
/* See if it is one we want to handle. */
- if (lp_disable_spoolss() && strequal(fname, "\\spoolss")) {
- reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
- ERRDOS, ERRbadpipe);
- return;
- }
-
- for( i = 0; known_nt_pipes[i]; i++ ) {
- if( strequal(fname,known_nt_pipes[i])) {
- break;
- }
- }
-
- if ( known_nt_pipes[i] == NULL ) {
+ if (!is_known_pipename(fname)) {
reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
ERRDOS, ERRbadpipe);
return;
diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c
index 6b4b83d97d..4fdcdcc557 100644
--- a/source3/smbd/pipes.c
+++ b/source3/smbd/pipes.c
@@ -44,9 +44,6 @@ struct pipe_dbrec {
fstring user;
};
-
-extern struct pipe_id_info pipe_names[];
-
/****************************************************************************
Reply to an open and X on a named pipe.
This code is basically stolen from reply_open_and_X with some
@@ -59,7 +56,6 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req)
char *pipe_name = NULL;
smb_np_struct *p;
int size=0,fmode=0,mtime=0,rmode=0;
- int i;
TALLOC_CTX *ctx = talloc_tos();
/* XXXX we need to handle passed times, sattr and flags */
@@ -82,13 +78,7 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req)
DEBUG(4,("Opening pipe %s.\n", pipe_name));
/* See if it is one we want to handle. */
- for( i = 0; pipe_names[i].client_pipe ; i++ ) {
- if( strequal(pipe_name,pipe_names[i].client_pipe)) {
- break;
- }
- }
-
- if (pipe_names[i].client_pipe == NULL) {
+ if (!is_known_pipename(pipe_name)) {
reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
ERRDOS, ERRbadpipe);
return;