summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_pipe.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server/srv_pipe.c')
-rw-r--r--source3/rpc_server/srv_pipe.c274
1 files changed, 0 insertions, 274 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 74c67f3832..559ac5d4ba 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -2055,280 +2055,6 @@ bool api_pipe_alter_context(pipes_struct *p, struct ncacn_packet *pkt)
}
/****************************************************************************
- Deal with NTLMSSP sign & seal processing on an RPC request.
-****************************************************************************/
-
-bool api_pipe_ntlmssp_auth_process(pipes_struct *p, prs_struct *rpc_in,
- uint32 *p_ss_padding_len, NTSTATUS *pstatus)
-{
- RPC_HDR_AUTH auth_info;
- uint32 auth_len = p->hdr.auth_len;
- uint32 save_offset = prs_offset(rpc_in);
- struct auth_ntlmssp_state *a = p->auth.a_u.auth_ntlmssp_state;
- unsigned char *data = NULL;
- size_t data_len;
- unsigned char *full_packet_data = NULL;
- size_t full_packet_data_len;
- DATA_BLOB auth_blob;
-
- *pstatus = NT_STATUS_OK;
-
- if (p->auth.auth_level == DCERPC_AUTH_LEVEL_NONE || p->auth.auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
- return True;
- }
-
- if (!a) {
- *pstatus = NT_STATUS_INVALID_PARAMETER;
- return False;
- }
-
- /* Ensure there's enough data for an authenticated request. */
- if (RPC_HEADER_LEN + RPC_HDR_REQ_LEN + RPC_HDR_AUTH_LEN
- + auth_len > p->hdr.frag_len) {
- DEBUG(0,("api_pipe_ntlmssp_auth_process: auth_len %u is too large.\n",
- (unsigned int)auth_len ));
- *pstatus = NT_STATUS_INVALID_PARAMETER;
- return False;
- }
-
- /*
- * We need the full packet data + length (minus auth stuff) as well as the packet data + length
- * after the RPC header.
- * We need to pass in the full packet (minus auth len) to the NTLMSSP sign and check seal
- * functions as NTLMv2 checks the rpc headers also.
- * Both of these values include any auth_pad_len bytes.
- */
-
- data = (unsigned char *)(prs_data_p(rpc_in) + RPC_HDR_REQ_LEN);
- data_len = (size_t)(p->hdr.frag_len - RPC_HEADER_LEN - RPC_HDR_REQ_LEN - RPC_HDR_AUTH_LEN - auth_len);
-
- full_packet_data = p->in_data.pdu.data;
- full_packet_data_len = p->hdr.frag_len - auth_len;
-
- /* Pull the auth header and the following data into a blob. */
- /* NB. The offset of the auth_header is relative to the *end*
- * of the packet, not the start. Also, the length of the
- * data in rpc_in_p is p->hdr.frag_len - RPC_HEADER_LEN,
- * as the RPC header isn't included in rpc_in_p. */
- if(!prs_set_offset(rpc_in,
- p->hdr.frag_len - RPC_HEADER_LEN -
- RPC_HDR_AUTH_LEN - auth_len)) {
- DEBUG(0,("api_pipe_ntlmssp_auth_process: cannot move "
- "offset to %u.\n",
- (unsigned int)(p->hdr.frag_len -
- RPC_HDR_AUTH_LEN - auth_len) ));
- *pstatus = NT_STATUS_INVALID_PARAMETER;
- return False;
- }
-
- if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, rpc_in, 0)) {
- DEBUG(0,("api_pipe_ntlmssp_auth_process: failed to "
- "unmarshall RPC_HDR_AUTH.\n"));
- *pstatus = NT_STATUS_INVALID_PARAMETER;
- return False;
- }
-
- /* Ensure auth_pad_len fits into the packet. */
- if (RPC_HEADER_LEN + RPC_HDR_REQ_LEN + auth_info.auth_pad_len +
- RPC_HDR_AUTH_LEN + auth_len > p->hdr.frag_len) {
- DEBUG(0,("api_pipe_ntlmssp_auth_process: auth_info.auth_pad_len "
- "too large (%u), auth_len (%u), frag_len = (%u).\n",
- (unsigned int)auth_info.auth_pad_len,
- (unsigned int)auth_len,
- (unsigned int)p->hdr.frag_len ));
- *pstatus = NT_STATUS_INVALID_PARAMETER;
- return False;
- }
-
- auth_blob.data = (unsigned char *)prs_data_p(rpc_in) + prs_offset(rpc_in);
- auth_blob.length = auth_len;
-
- switch (p->auth.auth_level) {
- case DCERPC_AUTH_LEVEL_PRIVACY:
- /* Data is encrypted. */
- *pstatus = auth_ntlmssp_unseal_packet(a,
- data, data_len,
- full_packet_data,
- full_packet_data_len,
- &auth_blob);
- if (!NT_STATUS_IS_OK(*pstatus)) {
- return False;
- }
- break;
- case DCERPC_AUTH_LEVEL_INTEGRITY:
- /* Data is signed. */
- *pstatus = auth_ntlmssp_check_packet(a,
- data, data_len,
- full_packet_data,
- full_packet_data_len,
- &auth_blob);
- if (!NT_STATUS_IS_OK(*pstatus)) {
- return False;
- }
- break;
- default:
- *pstatus = NT_STATUS_INVALID_PARAMETER;
- return False;
- }
-
- /*
- * Return the current pointer to the data offset.
- */
-
- if(!prs_set_offset(rpc_in, save_offset)) {
- DEBUG(0,("api_pipe_auth_process: failed to set offset back to %u\n",
- (unsigned int)save_offset ));
- *pstatus = NT_STATUS_INVALID_PARAMETER;
- return False;
- }
-
- /*
- * Remember the padding length. We must remove it from the real data
- * stream once the sign/seal is done.
- */
-
- *p_ss_padding_len = auth_info.auth_pad_len;
-
- return True;
-}
-
-/****************************************************************************
- Deal with schannel processing on an RPC request.
-****************************************************************************/
-
-bool api_pipe_schannel_process(pipes_struct *p, prs_struct *rpc_in, uint32 *p_ss_padding_len)
-{
- uint32 data_len;
- uint32 auth_len;
- uint32 save_offset = prs_offset(rpc_in);
- RPC_HDR_AUTH auth_info;
- DATA_BLOB blob;
- NTSTATUS status;
- uint8_t *data;
-
- auth_len = p->hdr.auth_len;
-
- if (auth_len < RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN ||
- auth_len > RPC_HEADER_LEN +
- RPC_HDR_REQ_LEN +
- RPC_HDR_AUTH_LEN +
- auth_len) {
- DEBUG(0,("Incorrect auth_len %u.\n", (unsigned int)auth_len ));
- return False;
- }
-
- /*
- * The following is that length of the data we must verify or unseal.
- * This doesn't include the RPC headers or the auth_len or the RPC_HDR_AUTH_LEN
- * preceeding the auth_data, but does include the auth_pad_len bytes.
- */
-
- if (p->hdr.frag_len < RPC_HEADER_LEN + RPC_HDR_REQ_LEN + RPC_HDR_AUTH_LEN + auth_len) {
- DEBUG(0,("Incorrect frag %u, auth %u.\n",
- (unsigned int)p->hdr.frag_len,
- (unsigned int)auth_len ));
- return False;
- }
-
- data_len = p->hdr.frag_len - RPC_HEADER_LEN - RPC_HDR_REQ_LEN -
- RPC_HDR_AUTH_LEN - auth_len;
-
- DEBUG(5,("data %d auth %d\n", data_len, auth_len));
-
- /* Pull the auth header and the following data into a blob. */
- /* NB. The offset of the auth_header is relative to the *end*
- * of the packet, not the start. Also, the length of the
- * data in rpc_in_p is p->hdr.frag_len - RPC_HEADER_LEN,
- * as the RPC header isn't included in rpc_in_p. */
- if(!prs_set_offset(rpc_in,
- p->hdr.frag_len - RPC_HEADER_LEN -
- RPC_HDR_AUTH_LEN - auth_len)) {
- DEBUG(0,("api_pipe_schannel_process: cannot move "
- "offset to %u.\n",
- (unsigned int)(p->hdr.frag_len -
- RPC_HDR_AUTH_LEN - auth_len) ));
- return False;
- }
-
- if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, rpc_in, 0)) {
- DEBUG(0,("api_pipe_schannel_process: failed to "
- "unmarshall RPC_HDR_AUTH.\n"));
- return False;
- }
-
- /* Ensure auth_pad_len fits into the packet. */
- if (RPC_HEADER_LEN + RPC_HDR_REQ_LEN + auth_info.auth_pad_len +
- RPC_HDR_AUTH_LEN + auth_len > p->hdr.frag_len) {
- DEBUG(0,("api_pipe_schannel_process: auth_info.auth_pad_len "
- "too large (%u), auth_len (%u), frag_len = (%u).\n",
- (unsigned int)auth_info.auth_pad_len,
- (unsigned int)auth_len,
- (unsigned int)p->hdr.frag_len ));
- return False;
- }
-
- if (auth_info.auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
- DEBUG(0,("Invalid auth info %d on schannel\n",
- auth_info.auth_type));
- return False;
- }
-
- blob = data_blob_const(prs_data_p(rpc_in) + prs_offset(rpc_in), auth_len);
-
- if (DEBUGLEVEL >= 10) {
- dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
- }
-
- data = (uint8_t *)prs_data_p(rpc_in)+RPC_HDR_REQ_LEN;
-
- switch (auth_info.auth_level) {
- case DCERPC_AUTH_LEVEL_PRIVACY:
- status = netsec_incoming_packet(p->auth.a_u.schannel_auth,
- talloc_tos(),
- true,
- data,
- data_len,
- &blob);
- break;
- case DCERPC_AUTH_LEVEL_INTEGRITY:
- status = netsec_incoming_packet(p->auth.a_u.schannel_auth,
- talloc_tos(),
- false,
- data,
- data_len,
- &blob);
- break;
- default:
- status = NT_STATUS_INTERNAL_ERROR;
- break;
- }
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("failed to unseal packet: %s\n", nt_errstr(status)));
- return false;
- }
-
- /*
- * Return the current pointer to the data offset.
- */
-
- if(!prs_set_offset(rpc_in, save_offset)) {
- DEBUG(0,("failed to set offset back to %u\n",
- (unsigned int)save_offset ));
- return False;
- }
-
- /*
- * Remember the padding length. We must remove it from the real data
- * stream once the sign/seal is done.
- */
-
- *p_ss_padding_len = auth_info.auth_pad_len;
-
- return True;
-}
-
-/****************************************************************************
Find the set of RPC functions associated with this context_id
****************************************************************************/
generated by cgit (git 2.34.1) at 2024-06-29 09:03:10 +0000