summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_pipe.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server/srv_pipe.c')
-rw-r--r--source3/rpc_server/srv_pipe.c100
1 files changed, 45 insertions, 55 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 576bd85745..627dac0f82 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -84,11 +84,11 @@ static bool create_next_pdu_ntlmssp(pipes_struct *p)
memset((char *)&hdr_resp, '\0', sizeof(hdr_resp));
/* Change the incoming request header to a response. */
- p->hdr.pkt_type = RPC_RESPONSE;
+ p->hdr.pkt_type = DCERPC_PKT_RESPONSE;
/* Set up rpc header flags. */
if (p->out_data.data_sent_length == 0) {
- p->hdr.flags = RPC_FLG_FIRST;
+ p->hdr.flags = DCERPC_PFC_FLAG_FIRST;
} else {
p->hdr.flags = 0;
}
@@ -130,7 +130,7 @@ static bool create_next_pdu_ntlmssp(pipes_struct *p)
*/
if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) {
- p->hdr.flags |= RPC_FLG_LAST;
+ p->hdr.flags |= DCERPC_PFC_FLAG_LAST;
if (data_len_left % 8) {
ss_padding_len = 8 - (data_len_left % 8);
DEBUG(10,("create_next_pdu_ntlmssp: adding sign/seal padding of %u\n",
@@ -302,11 +302,11 @@ static bool create_next_pdu_schannel(pipes_struct *p)
memset((char *)&hdr_resp, '\0', sizeof(hdr_resp));
/* Change the incoming request header to a response. */
- p->hdr.pkt_type = RPC_RESPONSE;
+ p->hdr.pkt_type = DCERPC_PKT_RESPONSE;
/* Set up rpc header flags. */
if (p->out_data.data_sent_length == 0) {
- p->hdr.flags = RPC_FLG_FIRST;
+ p->hdr.flags = DCERPC_PFC_FLAG_FIRST;
} else {
p->hdr.flags = 0;
}
@@ -349,7 +349,7 @@ static bool create_next_pdu_schannel(pipes_struct *p)
*/
if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) {
- p->hdr.flags |= RPC_FLG_LAST;
+ p->hdr.flags |= DCERPC_PFC_FLAG_LAST;
if (data_len_left % 8) {
ss_padding_len = 8 - (data_len_left % 8);
DEBUG(10,("create_next_pdu_schannel: adding sign/seal padding of %u\n",
@@ -410,9 +410,8 @@ static bool create_next_pdu_schannel(pipes_struct *p)
* Schannel processing.
*/
RPC_HDR_AUTH auth_info;
- struct NL_AUTH_SIGNATURE verf;
DATA_BLOB blob;
- enum ndr_err_code ndr_err;
+ uint8_t *data;
/* Check it's the type of reply we were expecting to decode */
@@ -429,20 +428,24 @@ static bool create_next_pdu_schannel(pipes_struct *p)
return False;
}
+ data = (uint8_t *)prs_data_p(&p->out_data.frag) + data_pos;
+
switch (p->auth.auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
- status = schannel_seal_packet(p->auth.a_u.schannel_auth,
- talloc_tos(),
- (uint8_t *)prs_data_p(&p->out_data.frag) + data_pos,
- data_len + ss_padding_len,
- &blob);
+ status = netsec_outgoing_packet(p->auth.a_u.schannel_auth,
+ talloc_tos(),
+ true,
+ data,
+ data_len + ss_padding_len,
+ &blob);
break;
case DCERPC_AUTH_LEVEL_INTEGRITY:
- status = schannel_sign_packet(p->auth.a_u.schannel_auth,
- talloc_tos(),
- (uint8_t *)prs_data_p(&p->out_data.frag) + data_pos,
- data_len + ss_padding_len,
- &blob);
+ status = netsec_outgoing_packet(p->auth.a_u.schannel_auth,
+ talloc_tos(),
+ false,
+ data,
+ data_len + ss_padding_len,
+ &blob);
break;
default:
status = NT_STATUS_INTERNAL_ERROR;
@@ -458,18 +461,10 @@ static bool create_next_pdu_schannel(pipes_struct *p)
/* Finally marshall the blob. */
-#if 0
- ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), NULL, &verf,
- (ndr_push_flags_fn_t)ndr_push_NL_AUTH_SIGNATURE);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- prs_mem_free(&p->out_data.frag);
- return false;
- }
-
if (DEBUGLEVEL >= 10) {
- NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &verf);
+ dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
-#endif
+
if (!prs_copy_data_in(&p->out_data.frag, (const char *)blob.data, blob.length)) {
prs_mem_free(&p->out_data.frag);
return false;
@@ -511,11 +506,11 @@ static bool create_next_pdu_noauth(pipes_struct *p)
memset((char *)&hdr_resp, '\0', sizeof(hdr_resp));
/* Change the incoming request header to a response. */
- p->hdr.pkt_type = RPC_RESPONSE;
+ p->hdr.pkt_type = DCERPC_PKT_RESPONSE;
/* Set up rpc header flags. */
if (p->out_data.data_sent_length == 0) {
- p->hdr.flags = RPC_FLG_FIRST;
+ p->hdr.flags = DCERPC_PFC_FLAG_FIRST;
} else {
p->hdr.flags = 0;
}
@@ -557,7 +552,7 @@ static bool create_next_pdu_noauth(pipes_struct *p)
*/
if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) {
- p->hdr.flags |= RPC_FLG_LAST;
+ p->hdr.flags |= DCERPC_PFC_FLAG_LAST;
}
/*
@@ -836,7 +831,7 @@ static bool setup_bind_nak(pipes_struct *p)
* Initialize a bind_nak header.
*/
- init_rpc_hdr(&nak_hdr, RPC_BINDNACK, RPC_FLG_FIRST | RPC_FLG_LAST,
+ init_rpc_hdr(&nak_hdr, DCERPC_PKT_BIND_NAK, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST,
p->hdr.call_id, RPC_HEADER_LEN + sizeof(uint16), 0);
/*
@@ -896,7 +891,7 @@ bool setup_fault_pdu(pipes_struct *p, NTSTATUS status)
* Initialize a fault header.
*/
- init_rpc_hdr(&fault_hdr, RPC_FAULT, RPC_FLG_FIRST | RPC_FLG_LAST | RPC_FLG_NOCALL,
+ init_rpc_hdr(&fault_hdr, DCERPC_PKT_FAULT, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST | DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
p->hdr.call_id, RPC_HEADER_LEN + RPC_HDR_RESP_LEN + RPC_HDR_FAULT_LEN, 0);
/*
@@ -963,7 +958,7 @@ bool setup_cancel_ack_reply(pipes_struct *p, prs_struct *rpc_in_p)
* Initialize a cancel_ack header.
*/
- init_rpc_hdr(&ack_reply_hdr, RPC_CANCEL_ACK, RPC_FLG_FIRST | RPC_FLG_LAST,
+ init_rpc_hdr(&ack_reply_hdr, DCERPC_PKT_CANCEL_ACK, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST,
p->hdr.call_id, RPC_HEADER_LEN, 0);
/*
@@ -1557,7 +1552,7 @@ static bool pipe_ntlmssp_auth_bind(pipes_struct *p, prs_struct *rpc_in_p,
DEBUG(10,("pipe_ntlmssp_auth_bind: NTLMSSP auth started\n"));
- /* We can't set pipe_bound True yet - we need an RPC_AUTH3 response packet... */
+ /* We can't set pipe_bound True yet - we need an DCERPC_PKT_AUTH3 response packet... */
return True;
err:
@@ -1808,7 +1803,7 @@ bool api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p)
auth_len = prs_offset(&out_auth) - RPC_HDR_AUTH_LEN;
}
- init_rpc_hdr(&p->hdr, RPC_BINDACK, RPC_FLG_FIRST | RPC_FLG_LAST,
+ init_rpc_hdr(&p->hdr, DCERPC_PKT_BIND_ACK, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST,
p->hdr.call_id,
RPC_HEADER_LEN + prs_offset(&out_hdr_ba) + prs_offset(&out_auth),
auth_len);
@@ -1996,7 +1991,7 @@ bool api_pipe_alter_context(pipes_struct *p, prs_struct *rpc_in_p)
auth_len = prs_offset(&out_auth) - RPC_HDR_AUTH_LEN;
}
- init_rpc_hdr(&p->hdr, RPC_ALTCONTRESP, RPC_FLG_FIRST | RPC_FLG_LAST,
+ init_rpc_hdr(&p->hdr, DCERPC_PKT_ALTER_RESP, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST,
p->hdr.call_id,
RPC_HEADER_LEN + prs_offset(&out_hdr_ba) + prs_offset(&out_auth),
auth_len);
@@ -2170,10 +2165,9 @@ bool api_pipe_schannel_process(pipes_struct *p, prs_struct *rpc_in, uint32 *p_ss
uint32 auth_len;
uint32 save_offset = prs_offset(rpc_in);
RPC_HDR_AUTH auth_info;
- struct NL_AUTH_SIGNATURE schannel_chk;
- enum ndr_err_code ndr_err;
DATA_BLOB blob;
NTSTATUS status;
+ uint8_t *data;
auth_len = p->hdr.auth_len;
@@ -2223,32 +2217,28 @@ bool api_pipe_schannel_process(pipes_struct *p, prs_struct *rpc_in, uint32 *p_ss
blob = data_blob_const(prs_data_p(rpc_in) + prs_offset(rpc_in), auth_len);
- ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), NULL, &schannel_chk,
- (ndr_pull_flags_fn_t)ndr_pull_NL_AUTH_SIGNATURE);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- DEBUG(0,("failed to pull NL_AUTH_SIGNATURE\n"));
- dump_data(2, blob.data, blob.length);
- return false;
- }
-
if (DEBUGLEVEL >= 10) {
- NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &schannel_chk);
+ dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
+ data = (uint8_t *)prs_data_p(rpc_in)+RPC_HDR_REQ_LEN;
+
switch (auth_info.auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
- status = schannel_unseal_packet(p->auth.a_u.schannel_auth,
+ status = netsec_incoming_packet(p->auth.a_u.schannel_auth,
talloc_tos(),
- (uint8_t *)prs_data_p(rpc_in)+RPC_HDR_REQ_LEN,
+ true,
+ data,
data_len,
&blob);
break;
case DCERPC_AUTH_LEVEL_INTEGRITY:
- status = schannel_check_packet(p->auth.a_u.schannel_auth,
- talloc_tos(),
- (uint8_t *)prs_data_p(rpc_in)+RPC_HDR_REQ_LEN,
- data_len,
- &blob);
+ status = netsec_incoming_packet(p->auth.a_u.schannel_auth,
+ talloc_tos(),
+ false,
+ data,
+ data_len,
+ &blob);
break;
default:
status = NT_STATUS_INTERNAL_ERROR;
generated by cgit (git 2.34.1) at 2025-01-25 18:45:20 +0000