summaryrefslogtreecommitdiff
path: root/librpc/rpc/dcerpc_util.c
diff options
context:
space:
mode:
Diffstat (limited to 'librpc/rpc/dcerpc_util.c')
-rw-r--r--librpc/rpc/dcerpc_util.c64
1 files changed, 64 insertions, 0 deletions
diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c
index c859bedf2d..a4bc096ddd 100644
--- a/librpc/rpc/dcerpc_util.c
+++ b/librpc/rpc/dcerpc_util.c
@@ -51,3 +51,67 @@ void dcerpc_set_auth_length(DATA_BLOB *blob, uint16_t v)
RSSVAL(blob->data, DCERPC_AUTH_LEN_OFFSET, v);
}
}
+
+/*
+ pull an dcerpc_auth structure, taking account of any auth padding in
+ the blob at the end of the structure
+ */
+NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *pkt_auth_blob,
+ struct dcerpc_auth *auth,
+ uint32_t *auth_length,
+ bool check_pad)
+{
+ struct ndr_pull *ndr;
+ enum ndr_err_code ndr_err;
+ uint32_t pad;
+
+ pad = pkt_auth_blob->length - (DCERPC_AUTH_TRAILER_LENGTH + pkt->auth_length);
+
+ /* paranoia check for pad size. This would be caught anyway by
+ the ndr_pull_advance() a few lines down, but it scared
+ Jeremy enough for him to call me, so we might as well check
+ it now, just to prevent someone posting a bogus YouTube
+ video in the future.
+ */
+ if (pad > pkt_auth_blob->length) {
+ return NT_STATUS_INFO_LENGTH_MISMATCH;
+ }
+
+ *auth_length = pkt_auth_blob->length - pad;
+
+ ndr = ndr_pull_init_blob(pkt_auth_blob, mem_ctx);
+ if (!ndr) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!(pkt->drep[0] & DCERPC_DREP_LE)) {
+ ndr->flags |= LIBNDR_FLAG_BIGENDIAN;
+ }
+
+ ndr_err = ndr_pull_advance(ndr, pad);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ talloc_free(ndr);
+ return ndr_map_error2ntstatus(ndr_err);
+ }
+
+ ndr_err = ndr_pull_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, auth);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ talloc_free(ndr);
+ return ndr_map_error2ntstatus(ndr_err);
+ }
+
+ if (check_pad && pad != auth->auth_pad_length) {
+ DEBUG(1,(__location__ ": WARNING: pad length mismatch. Calculated %u got %u\n",
+ (unsigned)pad, (unsigned)auth->auth_pad_length));
+ }
+
+ DEBUG(6,(__location__ ": auth_pad_length %u\n",
+ (unsigned)auth->auth_pad_length));
+
+ talloc_steal(mem_ctx, auth->credentials.data);
+ talloc_free(ndr);
+
+ return NT_STATUS_OK;
+}