summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--librpc/rpc/dcerpc_util.c178
-rw-r--r--source4/librpc/rpc/dcerpc.h9
-rw-r--r--source4/rpc_server/service_rpc.c174
3 files changed, 187 insertions, 174 deletions
diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c
index 492d8ac939..1db43df34a 100644
--- a/librpc/rpc/dcerpc_util.c
+++ b/librpc/rpc/dcerpc_util.c
@@ -20,6 +20,10 @@
*/
#include "includes.h"
+#include "system/network.h"
+#include <tevent.h>
+#include "lib/tsocket/tsocket.h"
+#include "lib/util/tevent_ntstatus.h"
#include "librpc/rpc/dcerpc.h"
#include "librpc/gen_ndr/ndr_dcerpc.h"
@@ -139,3 +143,177 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
return NT_STATUS_OK;
}
+
+struct dcerpc_read_ncacn_packet_state {
+#if 0
+ struct {
+ } caller;
+#endif
+ DATA_BLOB buffer;
+ struct ncacn_packet *pkt;
+};
+
+static int dcerpc_read_ncacn_packet_next_vector(struct tstream_context *stream,
+ void *private_data,
+ TALLOC_CTX *mem_ctx,
+ struct iovec **_vector,
+ size_t *_count);
+static void dcerpc_read_ncacn_packet_done(struct tevent_req *subreq);
+
+struct tevent_req *dcerpc_read_ncacn_packet_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *stream)
+{
+ struct tevent_req *req;
+ struct dcerpc_read_ncacn_packet_state *state;
+ struct tevent_req *subreq;
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct dcerpc_read_ncacn_packet_state);
+ if (req == NULL) {
+ return NULL;
+ }
+
+ state->buffer = data_blob_const(NULL, 0);
+ state->pkt = talloc(state, struct ncacn_packet);
+ if (tevent_req_nomem(state->pkt, req)) {
+ goto post;
+ }
+
+ subreq = tstream_readv_pdu_send(state, ev,
+ stream,
+ dcerpc_read_ncacn_packet_next_vector,
+ state);
+ if (tevent_req_nomem(subreq, req)) {
+ goto post;
+ }
+ tevent_req_set_callback(subreq, dcerpc_read_ncacn_packet_done, req);
+
+ return req;
+ post:
+ tevent_req_post(req, ev);
+ return req;
+}
+
+static int dcerpc_read_ncacn_packet_next_vector(struct tstream_context *stream,
+ void *private_data,
+ TALLOC_CTX *mem_ctx,
+ struct iovec **_vector,
+ size_t *_count)
+{
+ struct dcerpc_read_ncacn_packet_state *state =
+ talloc_get_type_abort(private_data,
+ struct dcerpc_read_ncacn_packet_state);
+ struct iovec *vector;
+ off_t ofs = 0;
+
+ if (state->buffer.length == 0) {
+ /* first get enough to read the fragment length */
+ ofs = 0;
+ state->buffer.length = DCERPC_FRAG_LEN_OFFSET + 2;
+ state->buffer.data = talloc_array(state, uint8_t,
+ state->buffer.length);
+ if (!state->buffer.data) {
+ return -1;
+ }
+ } else if (state->buffer.length == (DCERPC_FRAG_LEN_OFFSET + 2)) {
+ /* now read the fragment length and allocate the full buffer */
+ size_t frag_len = dcerpc_get_frag_length(&state->buffer);
+
+ ofs = state->buffer.length;
+
+ state->buffer.data = talloc_realloc(state,
+ state->buffer.data,
+ uint8_t, frag_len);
+ if (!state->buffer.data) {
+ return -1;
+ }
+ state->buffer.length = frag_len;
+ } else {
+ /* if we reach this we have a full fragment */
+ *_vector = NULL;
+ *_count = 0;
+ return 0;
+ }
+
+ /* now create the vector that we want to be filled */
+ vector = talloc_array(mem_ctx, struct iovec, 1);
+ if (!vector) {
+ return -1;
+ }
+
+ vector[0].iov_base = (void *) (state->buffer.data + ofs);
+ vector[0].iov_len = state->buffer.length - ofs;
+
+ *_vector = vector;
+ *_count = 1;
+ return 0;
+}
+
+static void dcerpc_read_ncacn_packet_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct dcerpc_read_ncacn_packet_state *state = tevent_req_data(req,
+ struct dcerpc_read_ncacn_packet_state);
+ int ret;
+ int sys_errno;
+ struct ndr_pull *ndr;
+ enum ndr_err_code ndr_err;
+ NTSTATUS status;
+
+ ret = tstream_readv_pdu_recv(subreq, &sys_errno);
+ TALLOC_FREE(subreq);
+ if (ret == -1) {
+ status = map_nt_error_from_unix(sys_errno);
+ tevent_req_nterror(req, status);
+ return;
+ }
+
+ ndr = ndr_pull_init_blob(&state->buffer, state->pkt);
+ if (tevent_req_nomem(ndr, req)) {
+ return;
+ }
+
+ if (!(CVAL(ndr->data, DCERPC_DREP_OFFSET) & DCERPC_DREP_LE)) {
+ ndr->flags |= LIBNDR_FLAG_BIGENDIAN;
+ }
+
+ if (CVAL(ndr->data, DCERPC_PFC_OFFSET) & DCERPC_PFC_FLAG_OBJECT_UUID) {
+ ndr->flags |= LIBNDR_FLAG_OBJECT_PRESENT;
+ }
+
+ ndr_err = ndr_pull_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, state->pkt);
+ TALLOC_FREE(ndr);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ status = ndr_map_error2ntstatus(ndr_err);
+ tevent_req_nterror(req, status);
+ return;
+ }
+
+ tevent_req_done(req);
+}
+
+NTSTATUS dcerpc_read_ncacn_packet_recv(struct tevent_req *req,
+ TALLOC_CTX *mem_ctx,
+ struct ncacn_packet **pkt,
+ DATA_BLOB *buffer)
+{
+ struct dcerpc_read_ncacn_packet_state *state = tevent_req_data(req,
+ struct dcerpc_read_ncacn_packet_state);
+ NTSTATUS status;
+
+ if (tevent_req_is_nterror(req, &status)) {
+ tevent_req_received(req);
+ return status;
+ }
+
+ *pkt = talloc_move(mem_ctx, &state->pkt);
+ if (buffer) {
+ buffer->data = talloc_move(mem_ctx, &state->buffer.data);
+ buffer->length = state->buffer.length;
+ }
+
+ tevent_req_received(req);
+ return NT_STATUS_OK;
+}
diff --git a/source4/librpc/rpc/dcerpc.h b/source4/librpc/rpc/dcerpc.h
index 435fbf15a0..9ff2c1b022 100644
--- a/source4/librpc/rpc/dcerpc.h
+++ b/source4/librpc/rpc/dcerpc.h
@@ -34,6 +34,7 @@
struct tevent_context;
struct tevent_req;
struct dcerpc_binding_handle;
+struct tstream_context;
enum dcerpc_transport_t {
NCA_UNKNOWN, NCACN_NP, NCACN_IP_TCP, NCACN_IP_UDP, NCACN_VNS_IPC,
@@ -394,6 +395,14 @@ enum dcerpc_transport_t dcerpc_transport_by_endpoint_protocol(int prot);
const char *dcerpc_floor_get_rhs_data(TALLOC_CTX *mem_ctx, struct epm_floor *epm_floor);
+struct tevent_req *dcerpc_read_ncacn_packet_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *stream);
+NTSTATUS dcerpc_read_ncacn_packet_recv(struct tevent_req *req,
+ TALLOC_CTX *mem_ctx,
+ struct ncacn_packet **pkt,
+ DATA_BLOB *buffer);
+
struct dcerpc_binding_handle_ops {
const char *name;
diff --git a/source4/rpc_server/service_rpc.c b/source4/rpc_server/service_rpc.c
index 6be3fe9029..36e6a54cc8 100644
--- a/source4/rpc_server/service_rpc.c
+++ b/source4/rpc_server/service_rpc.c
@@ -133,180 +133,6 @@ static void dcesrv_sock_reply_done(struct tevent_req *subreq)
}
}
-struct dcerpc_read_ncacn_packet_state {
-#if 0
- struct {
- } caller;
-#endif
- DATA_BLOB buffer;
- struct ncacn_packet *pkt;
-};
-
-static int dcerpc_read_ncacn_packet_next_vector(struct tstream_context *stream,
- void *private_data,
- TALLOC_CTX *mem_ctx,
- struct iovec **_vector,
- size_t *_count);
-static void dcerpc_read_ncacn_packet_done(struct tevent_req *subreq);
-
-static struct tevent_req *dcerpc_read_ncacn_packet_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct tstream_context *stream)
-{
- struct tevent_req *req;
- struct dcerpc_read_ncacn_packet_state *state;
- struct tevent_req *subreq;
-
- req = tevent_req_create(mem_ctx, &state,
- struct dcerpc_read_ncacn_packet_state);
- if (req == NULL) {
- return NULL;
- }
-
- state->buffer = data_blob_const(NULL, 0);
- state->pkt = talloc(state, struct ncacn_packet);
- if (tevent_req_nomem(state->pkt, req)) {
- goto post;
- }
-
- subreq = tstream_readv_pdu_send(state, ev,
- stream,
- dcerpc_read_ncacn_packet_next_vector,
- state);
- if (tevent_req_nomem(subreq, req)) {
- goto post;
- }
- tevent_req_set_callback(subreq, dcerpc_read_ncacn_packet_done, req);
-
- return req;
- post:
- tevent_req_post(req, ev);
- return req;
-}
-
-static int dcerpc_read_ncacn_packet_next_vector(struct tstream_context *stream,
- void *private_data,
- TALLOC_CTX *mem_ctx,
- struct iovec **_vector,
- size_t *_count)
-{
- struct dcerpc_read_ncacn_packet_state *state =
- talloc_get_type_abort(private_data,
- struct dcerpc_read_ncacn_packet_state);
- struct iovec *vector;
- off_t ofs = 0;
-
- if (state->buffer.length == 0) {
- /* first get enough to read the fragment length */
- ofs = 0;
- state->buffer.length = DCERPC_FRAG_LEN_OFFSET + 2;
- state->buffer.data = talloc_array(state, uint8_t,
- state->buffer.length);
- if (!state->buffer.data) {
- return -1;
- }
- } else if (state->buffer.length == (DCERPC_FRAG_LEN_OFFSET + 2)) {
- /* now read the fragment length and allocate the full buffer */
- size_t frag_len = dcerpc_get_frag_length(&state->buffer);
-
- ofs = state->buffer.length;
-
- state->buffer.data = talloc_realloc(state,
- state->buffer.data,
- uint8_t, frag_len);
- if (!state->buffer.data) {
- return -1;
- }
- state->buffer.length = frag_len;
- } else {
- /* if we reach this we have a full fragment */
- *_vector = NULL;
- *_count = 0;
- return 0;
- }
-
- /* now create the vector that we want to be filled */
- vector = talloc_array(mem_ctx, struct iovec, 1);
- if (!vector) {
- return -1;
- }
-
- vector[0].iov_base = (void *) (state->buffer.data + ofs);
- vector[0].iov_len = state->buffer.length - ofs;
-
- *_vector = vector;
- *_count = 1;
- return 0;
-}
-
-static void dcerpc_read_ncacn_packet_done(struct tevent_req *subreq)
-{
- struct tevent_req *req = tevent_req_callback_data(subreq,
- struct tevent_req);
- struct dcerpc_read_ncacn_packet_state *state = tevent_req_data(req,
- struct dcerpc_read_ncacn_packet_state);
- int ret;
- int sys_errno;
- struct ndr_pull *ndr;
- enum ndr_err_code ndr_err;
- NTSTATUS status;
-
- ret = tstream_readv_pdu_recv(subreq, &sys_errno);
- TALLOC_FREE(subreq);
- if (ret == -1) {
- status = map_nt_error_from_unix(sys_errno);
- tevent_req_nterror(req, status);
- return;
- }
-
- ndr = ndr_pull_init_blob(&state->buffer, state->pkt);
- if (tevent_req_nomem(ndr, req)) {
- return;
- }
-
- if (!(CVAL(ndr->data, DCERPC_DREP_OFFSET) & DCERPC_DREP_LE)) {
- ndr->flags |= LIBNDR_FLAG_BIGENDIAN;
- }
-
- if (CVAL(ndr->data, DCERPC_PFC_OFFSET) & DCERPC_PFC_FLAG_OBJECT_UUID) {
- ndr->flags |= LIBNDR_FLAG_OBJECT_PRESENT;
- }
-
- ndr_err = ndr_pull_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, state->pkt);
- TALLOC_FREE(ndr);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- status = ndr_map_error2ntstatus(ndr_err);
- tevent_req_nterror(req, status);
- return;
- }
-
- tevent_req_done(req);
-}
-
-static NTSTATUS dcerpc_read_ncacn_packet_recv(struct tevent_req *req,
- TALLOC_CTX *mem_ctx,
- struct ncacn_packet **pkt,
- DATA_BLOB *buffer)
-{
- struct dcerpc_read_ncacn_packet_state *state = tevent_req_data(req,
- struct dcerpc_read_ncacn_packet_state);
- NTSTATUS status;
-
- if (tevent_req_is_nterror(req, &status)) {
- tevent_req_received(req);
- return status;
- }
-
- *pkt = talloc_move(mem_ctx, &state->pkt);
- if (buffer) {
- buffer->data = talloc_move(mem_ctx, &state->buffer.data);
- buffer->length = state->buffer.length;
- }
-
- tevent_req_received(req);
- return NT_STATUS_OK;
-}
-
static void dcesrv_read_fragment_done(struct tevent_req *subreq);
static void dcesrv_sock_accept(struct stream_connection *srv_conn)