summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/ntdomain.h66
-rw-r--r--source3/include/proto.h2
-rw-r--r--source3/lib/system.c1
-rw-r--r--source3/libsmb/clientgen.c4
-rw-r--r--source3/nmbd/nmbd_processlogon.c4
-rw-r--r--source3/rpc_server/srv_pipe_hnd.c46
-rw-r--r--source3/rpc_server/srv_pipe_srv.c40
-rw-r--r--source3/smbd/ipc.c2
8 files changed, 101 insertions, 64 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index c1b966aa59..7f3d4b4950 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -63,6 +63,52 @@ typedef struct _prs_struct
#define MARSHALLING(ps) (!(ps)->io)
#define UNMARSHALLING(ps) ((ps)->io)
+typedef struct _input_data {
+ /*
+ * This is the current incoming pdu. The data here
+ * is collected via multiple writes until a complete
+ * pdu is seen, then the data is copied into the in_data
+ * structure. The maximum size of this is 64k (2 byte length).
+ */
+ prs_struct in_pdu;
+
+ /*
+ * The amount of data needed to complete the in_pdu.
+ * If this is zero, then we are at the start of a new
+ * pdu.
+ */
+ uint32 in_pdu_needed_len;
+
+ /*
+ * This is the collection of input data with all
+ * the rpc headers and auth footers removed.
+ * The maximum length of this is strictly enforced.
+ */
+ prs_struct in_data;
+} input_data;
+
+typedef struct _output_data {
+ /*
+ * Raw RPC output data. This does not include RPC headers or footers.
+ */
+ prs_struct rdata;
+
+ /* The amount of data sent from the current rdata struct. */
+ uint32 data_sent_length;
+
+ /*
+ * The current PDU being returned. This inclues
+ * headers, data and authentication footer.
+ */
+ unsigned char current_pdu[MAX_PDU_FRAG_LEN];
+
+ /* The amount of data in the current_pdu buffer. */
+ uint32 current_pdu_len;
+
+ /* The amount of data sent from the current PDU. */
+ uint32 current_pdu_sent;
+} output_data;
+
typedef struct pipes_struct
{
struct pipes_struct *next, *prev;
@@ -99,25 +145,17 @@ typedef struct pipes_struct
uid_t uid;
gid_t gid;
- /*
- * Raw RPC output data. This does not include RPC headers or footers.
+ /*
+ * Struct to deal with multiple pdu inputs.
*/
- prs_struct rdata;
- /* The amount of data sent from the current rdata struct. */
- uint32 data_sent_length;
+ input_data in_data;
- /*
- * The current PDU being returned. This inclues
- * headers, data and authentication footer.
+ /*
+ * Struct to deal with multiple pdu outputs.
*/
- unsigned char current_pdu[MAX_PDU_FRAG_LEN];
- /* The amount of data in the current_pdu buffer. */
- uint32 current_pdu_len;
-
- /* The amount of data sent from the current PDU. */
- uint32 current_pdu_sent;
+ output_data out_data;
/* When replying to an SMBtrans, this is the maximum amount of
data that can be sent in the initial reply. */
diff --git a/source3/include/proto.h b/source3/include/proto.h
index ee0de29eb6..837eb27eda 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -2577,7 +2577,7 @@ int read_pipe(pipes_struct *p, char *data, int n);
void set_pipe_handle_offset(int max_open_files);
void reset_chain_p(void);
void init_rpc_pipe_hnd(void);
-BOOL pipe_init_outgoing_data( pipes_struct *p);
+BOOL pipe_init_outgoing_data(output_data *out_data);
pipes_struct *open_rpc_pipe_p(char *pipe_name,
connection_struct *conn, uint16 vuid);
ssize_t write_to_pipe(pipes_struct *p, char *data, size_t n);
diff --git a/source3/lib/system.c b/source3/lib/system.c
index 25925b6d8e..9ef0af494f 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -968,7 +968,6 @@ FILE *sys_popen(const char *command, const char *mode)
int parent_end, child_end;
int pipe_fds[2];
popen_list *entry = NULL;
- pid_t child_pid;
char **argl = NULL;
if (pipe(pipe_fds) < 0)
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 32148a4e12..df3df0b4ba 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -3260,8 +3260,8 @@ BOOL attempt_netbios_session_request(struct cli_state *cli, char *srchost, char
* The name used was *SMBSERVER, don't bother with another name.
*/
- DEBUG(0,("attempt_netbios_session_request: %s rejected the session for name %s \
-with error %s.\n", desthost, "*SMBSERVER", cli_errstr(cli) ));
+ DEBUG(0,("attempt_netbios_session_request: %s rejected the session for name *SMBSERVER \
+with error %s.\n", desthost, cli_errstr(cli) ));
cli_shutdown(cli);
return False;
}
diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c
index e13dff8302..d3b7f92fc7 100644
--- a/source3/nmbd/nmbd_processlogon.c
+++ b/source3/nmbd/nmbd_processlogon.c
@@ -48,7 +48,7 @@ void process_logon_packet(struct packet_struct *p,char *buf,int len,
uint16 lmnttoken = 0;
uint16 lm20token = 0;
uint32 domainsidsize;
- BOOL short_request = 0;
+ BOOL short_request = False;
char *getdc;
char *uniuser; /* Unicode user name. */
pstring ascuser;
@@ -123,7 +123,7 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
if ((buf - q) >= len) { /* Check for a short request */
- short_request = 1;
+ short_request = True;
}
else { /* A full length request */
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index b8e7c1946a..32a804d5d5 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -78,27 +78,27 @@ void init_rpc_pipe_hnd(void)
Initialise an outgoing packet.
****************************************************************************/
-BOOL pipe_init_outgoing_data( pipes_struct *p)
+BOOL pipe_init_outgoing_data(output_data *out_data)
{
- memset(p->current_pdu, '\0', sizeof(p->current_pdu));
+ memset(out_data->current_pdu, '\0', sizeof(out_data->current_pdu));
/* Free any memory in the current return data buffer. */
- prs_mem_free(&p->rdata);
+ prs_mem_free(&out_data->rdata);
/*
* Initialize the outgoing RPC data buffer.
* we will use this as the raw data area for replying to rpc requests.
*/
- if(!prs_init(&p->rdata, 1024, 4, MARSHALL)) {
+ if(!prs_init(&out_data->rdata, 1024, 4, MARSHALL)) {
DEBUG(0,("pipe_init_outgoing_data: malloc fail.\n"));
return False;
}
/* Reset the offset counters. */
- p->data_sent_length = 0;
- p->current_pdu_len = 0;
- p->current_pdu_sent = 0;
+ out_data->data_sent_length = 0;
+ out_data->current_pdu_len = 0;
+ out_data->current_pdu_sent = 0;
return True;
}
@@ -188,7 +188,7 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name,
/*
* Initialize the RPC and PDU data buffers with no memory.
*/
- prs_init(&p->rdata, 0, 4, MARSHALL);
+ prs_init(&p->out_data.rdata, 0, 4, MARSHALL);
DLIST_ADD(Pipes, p);
@@ -213,9 +213,9 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name,
p->ntlmssp_auth_validated = False;
p->ntlmssp_auth_requested = False;
- p->current_pdu_len = 0;
- p->current_pdu_sent = 0;
- p->data_sent_length = 0;
+ p->out_data.current_pdu_len = 0;
+ p->out_data.current_pdu_sent = 0;
+ p->out_data.data_sent_length = 0;
p->uid = (uid_t)-1;
p->gid = (gid_t)-1;
@@ -303,15 +303,15 @@ only service %d sized reads.\n", n, p->name, MAX_PDU_FRAG_LEN ));
* PDU.
*/
- if((pdu_remaining = p->current_pdu_len - p->current_pdu_sent) > 0) {
+ if((pdu_remaining = p->out_data.current_pdu_len - p->out_data.current_pdu_sent) > 0) {
data_returned = MIN(n, pdu_remaining);
DEBUG(10,("read_from_pipe: %s: current_pdu_len = %u, current_pdu_sent = %u \
-returning %d bytes.\n", p->name, (unsigned int)p->current_pdu_len,
- (unsigned int)p->current_pdu_sent, (int)data_returned));
+returning %d bytes.\n", p->name, (unsigned int)p->out_data.current_pdu_len,
+ (unsigned int)p->out_data.current_pdu_sent, (int)data_returned));
- memcpy( data, &p->current_pdu[p->current_pdu_sent], (size_t)data_returned);
- p->current_pdu_sent += (uint32)data_returned;
+ memcpy( data, &p->out_data.current_pdu[p->out_data.current_pdu_sent], (size_t)data_returned);
+ p->out_data.current_pdu_sent += (uint32)data_returned;
return data_returned;
}
@@ -320,10 +320,10 @@ returning %d bytes.\n", p->name, (unsigned int)p->current_pdu_len,
* may of course be zero if this is the first return fragment.
*/
- DEBUG(10,("read_from_pipe: %s: data_sent_length = %u, prs_offset(&p->rdata) = %u.\n",
- p->name, (unsigned int)p->data_sent_length, (unsigned int)prs_offset(&p->rdata) ));
+ DEBUG(10,("read_from_pipe: %s: data_sent_length = %u, prs_offset(&p->out_data.rdata) = %u.\n",
+ p->name, (unsigned int)p->out_data.data_sent_length, (unsigned int)prs_offset(&p->out_data.rdata) ));
- if(p->data_sent_length >= prs_offset(&p->rdata)) {
+ if(p->out_data.data_sent_length >= prs_offset(&p->out_data.rdata)) {
/*
* We have sent all possible data. Return 0.
*/
@@ -343,10 +343,10 @@ returning %d bytes.\n", p->name, (unsigned int)p->current_pdu_len,
return -1;
}
- data_returned = MIN(n, p->current_pdu_len);
+ data_returned = MIN(n, p->out_data.current_pdu_len);
- memcpy( data, p->current_pdu, (size_t)data_returned);
- p->current_pdu_sent += (uint32)data_returned;
+ memcpy( data, p->out_data.current_pdu, (size_t)data_returned);
+ p->out_data.current_pdu_sent += (uint32)data_returned;
return data_returned;
}
@@ -409,7 +409,7 @@ BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn)
return False;
}
- prs_mem_free(&p->rdata);
+ prs_mem_free(&p->out_data.rdata);
bitmap_clear(bmap, p->pnum - pipe_handle_offset);
diff --git a/source3/rpc_server/srv_pipe_srv.c b/source3/rpc_server/srv_pipe_srv.c
index 6e8b306760..86cc9e47e6 100644
--- a/source3/rpc_server/srv_pipe_srv.c
+++ b/source3/rpc_server/srv_pipe_srv.c
@@ -94,7 +94,7 @@ BOOL create_next_pdu(pipes_struct *p)
p->hdr.pkt_type = RPC_RESPONSE;
/* Set up rpc header flags. */
- if (p->data_sent_length == 0)
+ if (p->out_data.data_sent_length == 0)
p->hdr.flags = RPC_FLG_FIRST;
else
p->hdr.flags = 0;
@@ -103,7 +103,7 @@ BOOL create_next_pdu(pipes_struct *p)
* Work out how much we can fit in a sigle PDU.
*/
- data_space_available = sizeof(p->current_pdu) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN;
+ data_space_available = sizeof(p->out_data.current_pdu) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN;
if(p->ntlmssp_auth_validated)
data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NTLMSSP_CHK_LEN);
@@ -112,7 +112,7 @@ BOOL create_next_pdu(pipes_struct *p)
* space and the amount left to send.
*/
- data_len_left = prs_offset(&p->rdata) - p->data_sent_length;
+ data_len_left = prs_offset(&p->out_data.rdata) - p->out_data.data_sent_length;
/*
* Ensure there really is data left to send.
@@ -149,7 +149,7 @@ BOOL create_next_pdu(pipes_struct *p)
* Work out if this PDU will be the last.
*/
- if(p->data_sent_length + data_len >= prs_offset(&p->rdata))
+ if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata))
p->hdr.flags |= RPC_FLG_LAST;
/*
@@ -158,7 +158,7 @@ BOOL create_next_pdu(pipes_struct *p)
*/
prs_init( &outgoing_pdu, 0, 4, MARSHALL);
- prs_give_memory( &outgoing_pdu, (char *)p->current_pdu, sizeof(p->current_pdu), False);
+ prs_give_memory( &outgoing_pdu, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False);
/* Store the header in the data stream. */
if(!smb_io_rpc_hdr("hdr", &p->hdr, &outgoing_pdu, 0)) {
@@ -175,7 +175,7 @@ BOOL create_next_pdu(pipes_struct *p)
data_pos = prs_offset(&outgoing_pdu);
/* Copy the data into the PDU. */
- data_from = prs_data_p(&p->rdata) + p->data_sent_length;
+ data_from = prs_data_p(&p->out_data.rdata) + p->out_data.data_sent_length;
if(!prs_append_data(&outgoing_pdu, data_from, data_len)) {
DEBUG(0,("create_next_pdu: failed to copy %u bytes of data.\n", (unsigned int)data_len));
@@ -230,9 +230,9 @@ BOOL create_next_pdu(pipes_struct *p)
* Setup the counts for this PDU.
*/
- p->data_sent_length += data_len;
- p->current_pdu_len = p->hdr.frag_len;
- p->current_pdu_sent = 0;
+ p->out_data.data_sent_length += data_len;
+ p->out_data.current_pdu_len = p->hdr.frag_len;
+ p->out_data.current_pdu_sent = 0;
return True;
}
@@ -549,7 +549,7 @@ static BOOL setup_bind_nak(pipes_struct *p, prs_struct *pd)
*/
prs_init( &outgoing_rpc, 0, 4, MARSHALL);
- prs_give_memory( &outgoing_rpc, (char *)p->current_pdu, sizeof(p->current_pdu), False);
+ prs_give_memory( &outgoing_rpc, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False);
/*
@@ -575,9 +575,9 @@ static BOOL setup_bind_nak(pipes_struct *p, prs_struct *pd)
if(!prs_uint16("reject code", &outgoing_rpc, 0, &zero))
return False;
- p->data_sent_length = 0;
- p->current_pdu_len = prs_offset(&outgoing_rpc);
- p->current_pdu_sent = 0;
+ p->out_data.data_sent_length = 0;
+ p->out_data.current_pdu_len = prs_offset(&outgoing_rpc);
+ p->out_data.current_pdu_sent = 0;
return True;
}
@@ -710,7 +710,7 @@ static BOOL api_pipe_bind_and_alt_req(pipes_struct *p, prs_struct *pd, enum RPC_
*/
prs_init( &outgoing_rpc, 0, 4, MARSHALL);
- prs_give_memory( &outgoing_rpc, (char *)p->current_pdu, sizeof(p->current_pdu), False);
+ prs_give_memory( &outgoing_rpc, (char *)p->out_data.current_pdu, sizeof(p->out_data.current_pdu), False);
/*
* Setup the memory to marshall the ba header, and the
@@ -828,9 +828,9 @@ static BOOL api_pipe_bind_and_alt_req(pipes_struct *p, prs_struct *pd, enum RPC_
* Setup the lengths for the initial reply.
*/
- p->data_sent_length = 0;
- p->current_pdu_len = prs_offset(&outgoing_rpc);
- p->current_pdu_sent = 0;
+ p->out_data.data_sent_length = 0;
+ p->out_data.current_pdu_len = prs_offset(&outgoing_rpc);
+ p->out_data.current_pdu_sent = 0;
prs_mem_free(&out_hdr_ba);
prs_mem_free(&out_auth);
@@ -1038,7 +1038,7 @@ BOOL rpc_command(pipes_struct *p, char *input_data, int data_len)
* Create the response data buffer.
*/
- if(!pipe_init_outgoing_data(p)) {
+ if(!pipe_init_outgoing_data(&p->out_data)) {
DEBUG(0,("rpc_command: failed to unmarshall RPC_HDR.\n"));
return False;
}
@@ -1104,9 +1104,9 @@ BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, struct api_struct *api_rpc_cmds
}
/* do the actual command */
- if(!api_rpc_cmds[fn_num].fn(p->vuid, rpc_in, &p->rdata)) {
+ if(!api_rpc_cmds[fn_num].fn(p->vuid, rpc_in, &p->out_data.rdata)) {
DEBUG(0,("api_rpcTNP: %s: failed.\n", rpc_name));
- prs_mem_free(&p->rdata);
+ prs_mem_free(&p->out_data.rdata);
return False;
}
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index b5a6e4ba90..5ee70e7d94 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -3225,7 +3225,7 @@ static BOOL api_rpc_trans_reply(char *outbuf, pipes_struct *p,
return False;
}
- send_trans_reply(outbuf, NULL, 0, rdata, data_len, (int)prs_offset(&p->rdata) > data_len);
+ send_trans_reply(outbuf, NULL, 0, rdata, data_len, (int)prs_offset(&p->out_data.rdata) > data_len);
free(rdata);
return True;