summaryrefslogtreecommitdiff
path: root/source3/rpc_client/cli_pipe.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_client/cli_pipe.c')
-rw-r--r--source3/rpc_client/cli_pipe.c401
1 files changed, 0 insertions, 401 deletions
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 63d3689620..85085ad504 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1585,41 +1585,6 @@ static NTSTATUS rpc_api_pipe_recv(struct async_req *req, TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
-#if 0
-static NTSTATUS rpc_api_pipe(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *cli,
- prs_struct *data, /* Outgoing pdu fragment,
- * already formatted for
- * send. */
- prs_struct *rbuf, /* Incoming reply - return as
- * an NDR stream. */
- uint8 expected_pkt_type)
-{
- TALLOC_CTX *frame = talloc_stackframe();
- struct event_context *ev;
- struct async_req *req;
- NTSTATUS status = NT_STATUS_NO_MEMORY;
-
- ev = event_context_init(frame);
- if (ev == NULL) {
- goto fail;
- }
-
- req = rpc_api_pipe_send(frame, ev, cli, data, expected_pkt_type);
- if (req == NULL) {
- goto fail;
- }
-
- while (req->state < ASYNC_REQ_DONE) {
- event_loop_once(ev);
- }
-
- status = rpc_api_pipe_recv(req, mem_ctx, rbuf);
- fail:
- TALLOC_FREE(frame);
- return status;
-}
-#endif
-
/*******************************************************************
Creates krb5 auth bind.
********************************************************************/
@@ -2611,109 +2576,6 @@ static NTSTATUS create_rpc_bind_auth3(struct rpc_pipe_client *cli,
return NT_STATUS_OK;
}
-/****************************************************************************
- Create and send the third packet in an RPC auth.
-****************************************************************************/
-
-#if 0
-static NTSTATUS rpc_finish_auth3_bind(struct rpc_pipe_client *cli,
- RPC_HDR *phdr,
- prs_struct *rbuf,
- uint32 rpc_call_id,
- enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level)
-{
- DATA_BLOB server_response = data_blob_null;
- DATA_BLOB client_reply = data_blob_null;
- RPC_HDR_AUTH hdr_auth;
- NTSTATUS nt_status;
- prs_struct rpc_out;
- ssize_t ret;
-
- if (!phdr->auth_len || (phdr->frag_len < phdr->auth_len + RPC_HDR_AUTH_LEN)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* Process the returned NTLMSSP blob first. */
- if (!prs_set_offset(rbuf, phdr->frag_len - phdr->auth_len - RPC_HDR_AUTH_LEN)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if(!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, rbuf, 0)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* TODO - check auth_type/auth_level match. */
-
- server_response = data_blob(NULL, phdr->auth_len);
- prs_copy_data_out((char *)server_response.data, rbuf, phdr->auth_len);
-
- nt_status = ntlmssp_update(cli->auth->a_u.ntlmssp_state,
- server_response,
- &client_reply);
-
- if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(0,("rpc_finish_auth3_bind: NTLMSSP update using server blob failed.\n"));
- data_blob_free(&server_response);
- return nt_status;
- }
-
- prs_init_empty(&rpc_out, prs_get_mem_context(rbuf), MARSHALL);
-
- nt_status = create_rpc_bind_auth3(cli, rpc_call_id,
- auth_type, auth_level,
- &client_reply, &rpc_out);
-
- if (!NT_STATUS_IS_OK(nt_status)) {
- prs_mem_free(&rpc_out);
- data_blob_free(&client_reply);
- data_blob_free(&server_response);
- return nt_status;
- }
-
- switch (cli->transport_type) {
- case NCACN_NP:
- /* 8 here is named pipe message mode. */
- ret = cli_write(cli->trans.np.cli, cli->trans.np.fnum,
- 0x8, prs_data_p(&rpc_out), 0,
- (size_t)prs_offset(&rpc_out));
- break;
-
- if (ret != (ssize_t)prs_offset(&rpc_out)) {
- nt_status = cli_get_nt_error(cli->trans.np.cli);
- }
- case NCACN_IP_TCP:
- case NCACN_UNIX_STREAM:
- ret = write_data(cli->trans.sock.fd, prs_data_p(&rpc_out),
- (size_t)prs_offset(&rpc_out));
- if (ret != (ssize_t)prs_offset(&rpc_out)) {
- nt_status = map_nt_error_from_unix(errno);
- }
- break;
- default:
- DEBUG(0, ("unknown transport type %d\n", cli->transport_type));
- return NT_STATUS_INTERNAL_ERROR;
- }
-
- if (ret != (ssize_t)prs_offset(&rpc_out)) {
- DEBUG(0,("rpc_send_auth_auth3: write failed. Return was %s\n",
- nt_errstr(nt_status)));
- prs_mem_free(&rpc_out);
- data_blob_free(&client_reply);
- data_blob_free(&server_response);
- return nt_status;
- }
-
- DEBUG(5,("rpc_send_auth_auth3: %s sent auth3 response ok.\n",
- rpccli_pipe_txt(debug_ctx(), cli)));
-
- prs_mem_free(&rpc_out);
- data_blob_free(&client_reply);
- data_blob_free(&server_response);
- return NT_STATUS_OK;
-}
-#endif
-
/*******************************************************************
Creates a DCE/RPC bind alter context authentication request which
may contain a spnego auth blobl
@@ -2755,273 +2617,10 @@ static NTSTATUS create_rpc_alter_context(uint32 rpc_call_id,
return ret;
}
-/*******************************************************************
- Third leg of the SPNEGO bind mechanism - sends alter context PDU
- and gets a response.
- ********************************************************************/
-
-#if 0
-static NTSTATUS rpc_finish_spnego_ntlmssp_bind(struct rpc_pipe_client *cli,
- RPC_HDR *phdr,
- prs_struct *rbuf,
- uint32 rpc_call_id,
- const RPC_IFACE *abstract,
- const RPC_IFACE *transfer,
- enum pipe_auth_type auth_type,
- enum pipe_auth_level auth_level)
-{
- DATA_BLOB server_spnego_response = data_blob_null;
- DATA_BLOB server_ntlm_response = data_blob_null;
- DATA_BLOB client_reply = data_blob_null;
- DATA_BLOB tmp_blob = data_blob_null;
- RPC_HDR_AUTH hdr_auth;
- NTSTATUS nt_status;
- prs_struct rpc_out;
-
- if (!phdr->auth_len || (phdr->frag_len < phdr->auth_len + RPC_HDR_AUTH_LEN)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* Process the returned NTLMSSP blob first. */
- if (!prs_set_offset(rbuf, phdr->frag_len - phdr->auth_len - RPC_HDR_AUTH_LEN)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if(!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, rbuf, 0)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- server_spnego_response = data_blob(NULL, phdr->auth_len);
- prs_copy_data_out((char *)server_spnego_response.data, rbuf, phdr->auth_len);
-
- /* The server might give us back two challenges - tmp_blob is for the second. */
- if (!spnego_parse_challenge(server_spnego_response, &server_ntlm_response, &tmp_blob)) {
- data_blob_free(&server_spnego_response);
- data_blob_free(&server_ntlm_response);
- data_blob_free(&tmp_blob);
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* We're finished with the server spnego response and the tmp_blob. */
- data_blob_free(&server_spnego_response);
- data_blob_free(&tmp_blob);
-
- nt_status = ntlmssp_update(cli->auth->a_u.ntlmssp_state,
- server_ntlm_response,
- &client_reply);
-
- /* Finished with the server_ntlm response */
- data_blob_free(&server_ntlm_response);
-
- if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(0,("rpc_finish_spnego_ntlmssp_bind: NTLMSSP update using server blob failed.\n"));
- data_blob_free(&client_reply);
- return nt_status;
- }
-
- /* SPNEGO wrap the client reply. */
- tmp_blob = spnego_gen_auth(client_reply);
- data_blob_free(&client_reply);
- client_reply = tmp_blob;
- tmp_blob = data_blob_null; /* Ensure it's safe to free this just in case. */
-
- /* Now prepare the alter context pdu. */
- prs_init_empty(&rpc_out, prs_get_mem_context(rbuf), MARSHALL);
-
- nt_status = create_rpc_alter_context(rpc_call_id,
- abstract,
- transfer,
- auth_level,
- &client_reply,
- &rpc_out);
-
- data_blob_free(&client_reply);
-
- if (!NT_STATUS_IS_OK(nt_status)) {
- prs_mem_free(&rpc_out);
- return nt_status;
- }
-
- /* Initialize the returning data struct. */
- prs_mem_free(rbuf);
-
- nt_status = rpc_api_pipe(talloc_tos(), cli, &rpc_out, rbuf,
- RPC_ALTCONTRESP);
- prs_mem_free(&rpc_out);
- if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
- }
-
- /* Get the auth blob from the reply. */
- if(!smb_io_rpc_hdr("rpc_hdr ", phdr, rbuf, 0)) {
- DEBUG(0,("rpc_finish_spnego_ntlmssp_bind: Failed to unmarshall RPC_HDR.\n"));
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
- if (!prs_set_offset(rbuf, phdr->frag_len - phdr->auth_len - RPC_HDR_AUTH_LEN)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- if(!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, rbuf, 0)) {
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- server_spnego_response = data_blob(NULL, phdr->auth_len);
- prs_copy_data_out((char *)server_spnego_response.data, rbuf, phdr->auth_len);
-
- /* Check we got a valid auth response. */
- if (!spnego_parse_auth_response(server_spnego_response, NT_STATUS_OK, OID_NTLMSSP, &tmp_blob)) {
- data_blob_free(&server_spnego_response);
- data_blob_free(&tmp_blob);
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- data_blob_free(&server_spnego_response);
- data_blob_free(&tmp_blob);
-
- DEBUG(5,("rpc_finish_spnego_ntlmssp_bind: alter context request to "
- "%s.\n", rpccli_pipe_txt(debug_ctx(), cli)));
-
- return NT_STATUS_OK;
-}
-#endif
-
/****************************************************************************
Do an rpc bind.
****************************************************************************/
-#if 0
-NTSTATUS rpc_pipe_bind(struct rpc_pipe_client *cli,
- struct cli_pipe_auth_data *auth)
-{
- RPC_HDR hdr;
- RPC_HDR_BA hdr_ba;
- prs_struct rpc_out;
- prs_struct rbuf;
- uint32 rpc_call_id;
- NTSTATUS status;
-
- DEBUG(5,("Bind RPC Pipe: %s auth_type %u, auth_level %u\n",
- rpccli_pipe_txt(debug_ctx(), cli),
- (unsigned int)auth->auth_type,
- (unsigned int)auth->auth_level ));
-
- cli->auth = talloc_move(cli, &auth);
-
- prs_init_empty(&rpc_out, talloc_tos(), MARSHALL);
-
- rpc_call_id = get_rpc_call_id();
-
- /* Marshall the outgoing data. */
- status = create_rpc_bind_req(cli, &rpc_out, rpc_call_id,
- &cli->abstract_syntax,
- &cli->transfer_syntax,
- cli->auth->auth_type,
- cli->auth->auth_level);
-
- if (!NT_STATUS_IS_OK(status)) {
- prs_mem_free(&rpc_out);
- return status;
- }
-
- /* send data on \PIPE\. receive a response */
- status = rpc_api_pipe(talloc_tos(), cli, &rpc_out, &rbuf, RPC_BINDACK);
- prs_mem_free(&rpc_out);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- DEBUG(3,("rpc_pipe_bind: %s bind request returned ok.\n",
- rpccli_pipe_txt(debug_ctx(), cli)));
-
- /* Unmarshall the RPC header */
- if(!smb_io_rpc_hdr("hdr" , &hdr, &rbuf, 0)) {
- DEBUG(0,("rpc_pipe_bind: failed to unmarshall RPC_HDR.\n"));
- prs_mem_free(&rbuf);
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
- if(!smb_io_rpc_hdr_ba("", &hdr_ba, &rbuf, 0)) {
- DEBUG(0,("rpc_pipe_bind: Failed to unmarshall RPC_HDR_BA.\n"));
- prs_mem_free(&rbuf);
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
- if(!check_bind_response(&hdr_ba, &cli->transfer_syntax)) {
- DEBUG(2,("rpc_pipe_bind: check_bind_response failed.\n"));
- prs_mem_free(&rbuf);
- return NT_STATUS_BUFFER_TOO_SMALL;
- }
-
- cli->max_xmit_frag = hdr_ba.bba.max_tsize;
- cli->max_recv_frag = hdr_ba.bba.max_rsize;
-
- /* For authenticated binds we may need to do 3 or 4 leg binds. */
- switch(cli->auth->auth_type) {
-
- case PIPE_AUTH_TYPE_NONE:
- case PIPE_AUTH_TYPE_SCHANNEL:
- /* Bind complete. */
- break;
-
- case PIPE_AUTH_TYPE_NTLMSSP:
- /* Need to send AUTH3 packet - no reply. */
- status = rpc_finish_auth3_bind(
- cli, &hdr, &rbuf, rpc_call_id,
- cli->auth->auth_type,
- cli->auth->auth_level);
- if (!NT_STATUS_IS_OK(status)) {
- prs_mem_free(&rbuf);
- return status;
- }
- break;
-
- case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP:
- /* Need to send alter context request and reply. */
- status = rpc_finish_spnego_ntlmssp_bind(
- cli, &hdr, &rbuf, rpc_call_id,
- &cli->abstract_syntax, &cli->transfer_syntax,
- cli->auth->auth_type, cli->auth->auth_level);
- if (!NT_STATUS_IS_OK(status)) {
- prs_mem_free(&rbuf);
- return status;
- }
- break;
-
- case PIPE_AUTH_TYPE_KRB5:
- /* */
-
- default:
- DEBUG(0,("cli_finish_bind_auth: unknown auth type "
- "%u\n", (unsigned int)cli->auth->auth_type));
- prs_mem_free(&rbuf);
- return NT_STATUS_INVALID_INFO_CLASS;
- }
-
- /* For NTLMSSP ensure the server gave us the auth_level we wanted. */
- if (cli->auth->auth_type == PIPE_AUTH_TYPE_NTLMSSP
- || cli->auth->auth_type == PIPE_AUTH_TYPE_SPNEGO_NTLMSSP) {
- if (cli->auth->auth_level == PIPE_AUTH_LEVEL_INTEGRITY) {
- if (!(cli->auth->a_u.ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SIGN)) {
- DEBUG(0,("cli_finish_bind_auth: requested NTLMSSSP signing and server refused.\n"));
- prs_mem_free(&rbuf);
- return NT_STATUS_INVALID_PARAMETER;
- }
- }
- if (cli->auth->auth_level == PIPE_AUTH_LEVEL_INTEGRITY) {
- if (!(cli->auth->a_u.ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL)) {
- DEBUG(0,("cli_finish_bind_auth: requested NTLMSSSP sealing and server refused.\n"));
- prs_mem_free(&rbuf);
- return NT_STATUS_INVALID_PARAMETER;
- }
- }
- }
-
- prs_mem_free(&rbuf);
- return NT_STATUS_OK;
-}
-#endif
-
struct rpc_pipe_bind_state {
struct event_context *ev;
struct rpc_pipe_client *cli;