diff options
Diffstat (limited to 'source4/librpc')
| -rw-r--r-- | source4/librpc/idl/samr.idl | 54 | ||||
| -rw-r--r-- | source4/librpc/rpc/dcerpc_smb.c | 1 | ||||
| -rw-r--r-- | source4/librpc/rpc/dcerpc_tcp.c | 31 |
3 files changed, 72 insertions, 14 deletions
diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl index 8f8a96a819..170ccda08b 100644 --- a/source4/librpc/idl/samr.idl +++ b/source4/librpc/idl/samr.idl @@ -54,7 +54,13 @@ /******************/ /* Function: 0x04 */ - NTSTATUS samr_Shutdown (); + + /* + shutdown the SAM - once you call this the SAM will be dead + */ + NTSTATUS samr_Shutdown ( + [in,ref] policy_handle *handle + ); /******************/ /* Function: 0x05 */ @@ -401,13 +407,44 @@ [in] uint32 rid ); + /************************/ /* Function 0x19 */ - NTSTATUS samr_QUERY_GROUPMEM(); + /* + this isn't really valid IDL, but it does work. I suspect + I need to do some more pidl work to get this really right + */ + typedef struct { + uint32 count; + uint32 v[count]; + } samr_intArray; + + typedef struct { + samr_intArray *rids; + samr_intArray *unknown7; + } samr_ridArray; + + NTSTATUS samr_QueryGroupMember( + [in,ref] policy_handle *handle, + [out] uint32 *count, + [out] samr_ridArray rids + ); + /************************/ /* Function 0x1a */ - NTSTATUS samr_SET_MEMBER_ATTRIBUTES_OF_GROUP(); + + /* + win2003 seems to accept any data at all for the two integers + below, and doesn't seem to do anything with them that I can + see. Weird. I really expected the first integer to be a rid + and the second to be the attributes for that rid member. + */ + NTSTATUS samr_SetMemberAttributesOfGroup( + [in,ref] policy_handle *handle, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); /************************/ @@ -457,14 +494,14 @@ /************************/ /* Function 0x1f */ - NTSTATUS samr_AddAliasMem( + NTSTATUS samr_AddAliasMember( [in,ref] policy_handle *handle, [in,ref] dom_sid2 *sid ); /************************/ /* Function 0x20 */ - NTSTATUS samr_DelAliasMem( + NTSTATUS samr_DeleteAliasMember( [in,ref] policy_handle *handle, [in,ref] dom_sid2 *sid ); @@ -1093,12 +1130,17 @@ [out] dom_sid2 *sid ); + /************************/ /* Function 0x42 */ NTSTATUS samr_SET_DSRM_PASSWORD(); /************************/ /* Function 0x43 */ - NTSTATUS samr_VALIDATE_PASSWORD(); + /* + I haven't been able to work out the format of this one yet. + Seems to start with a switch level for a union? + */ + NTSTATUS samr_ValidatePassword(); } diff --git a/source4/librpc/rpc/dcerpc_smb.c b/source4/librpc/rpc/dcerpc_smb.c index 7822231b82..3d646944ac 100644 --- a/source4/librpc/rpc/dcerpc_smb.c +++ b/source4/librpc/rpc/dcerpc_smb.c @@ -75,6 +75,7 @@ static NTSTATUS dcerpc_raw_recv(struct dcerpc_pipe *p, DATA_BLOB payload; status = smb_raw_trans_recv(req, mem_ctx, &trans); + /* STATUS_BUFFER_OVERFLOW means that there is more data available via SMBreadX */ if (!NT_STATUS_IS_OK(status) && diff --git a/source4/librpc/rpc/dcerpc_tcp.c b/source4/librpc/rpc/dcerpc_tcp.c index 77b536b10c..1b016b8957 100644 --- a/source4/librpc/rpc/dcerpc_tcp.c +++ b/source4/librpc/rpc/dcerpc_tcp.c @@ -29,6 +29,18 @@ struct tcp_private { uint32 port; }; + +/* + mark the socket dead +*/ +static void tcp_sock_dead(struct tcp_private *tcp) +{ + if (tcp && tcp->fd != -1) { + close(tcp->fd); + tcp->fd = -1; + } +} + static NTSTATUS tcp_raw_recv(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, DATA_BLOB *blob) @@ -45,7 +57,8 @@ static NTSTATUS tcp_raw_recv(struct dcerpc_pipe *p, ret = read_data(tcp->fd, blob1.data, blob1.length); if (ret != blob1.length) { - return NT_STATUS_NET_WRITE_FAULT; + tcp_sock_dead(tcp); + return NT_STATUS_UNEXPECTED_NETWORK_ERROR; } /* this could be a ncacn_http endpoint - this doesn't work @@ -54,7 +67,8 @@ static NTSTATUS tcp_raw_recv(struct dcerpc_pipe *p, memmove(blob1.data, blob1.data+14, 2); ret = read_data(tcp->fd, blob1.data+2, 14); if (ret != 14) { - return NT_STATUS_NET_WRITE_FAULT; + tcp_sock_dead(tcp); + return NT_STATUS_UNEXPECTED_NETWORK_ERROR; } } @@ -74,7 +88,8 @@ static NTSTATUS tcp_raw_recv(struct dcerpc_pipe *p, ret = read_data(tcp->fd, blob->data + blob1.length, frag_length - blob1.length); if (ret != frag_length - blob1.length) { - return NT_STATUS_NET_WRITE_FAULT; + tcp_sock_dead(tcp); + return NT_STATUS_UNEXPECTED_NETWORK_ERROR; } return NT_STATUS_OK; @@ -90,7 +105,8 @@ static NTSTATUS tcp_full_request(struct dcerpc_pipe *p, ret = write_data(tcp->fd, request_blob->data, request_blob->length); if (ret != request_blob->length) { - return NT_STATUS_NET_WRITE_FAULT; + tcp_sock_dead(tcp); + return NT_STATUS_UNEXPECTED_NETWORK_ERROR; } return tcp_raw_recv(p, mem_ctx, reply_blob); @@ -120,7 +136,8 @@ static NTSTATUS tcp_initial_request(struct dcerpc_pipe *p, ret = write_data(tcp->fd, blob->data, blob->length); if (ret != blob->length) { - return NT_STATUS_NET_WRITE_FAULT; + tcp_sock_dead(tcp); + return NT_STATUS_UNEXPECTED_NETWORK_ERROR; } return NT_STATUS_OK; @@ -134,9 +151,7 @@ static NTSTATUS tcp_shutdown_pipe(struct dcerpc_pipe *p) { struct tcp_private *tcp = p->transport.private; - if (tcp) { - close(tcp->fd); - } + tcp_sock_dead(tcp); return NT_STATUS_OK; } |