From 54abd2aa66069e6baf7769c496f46d9dba18db39 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 30 Sep 2005 17:13:37 +0000 Subject: r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3) --- source3/rpc_parse/parse_buffer.c | 2 +- source3/rpc_parse/parse_dfs.c | 2 - source3/rpc_parse/parse_ds.c | 28 +- source3/rpc_parse/parse_echo.c | 2 - source3/rpc_parse/parse_eventlog.c | 84 ++---- source3/rpc_parse/parse_misc.c | 8 +- source3/rpc_parse/parse_net.c | 54 ++-- source3/rpc_parse/parse_ntsvcs.c | 415 +++++++++++++++++++++++++++++ source3/rpc_parse/parse_prs.c | 146 ++++++----- source3/rpc_parse/parse_reg.c | 2 +- source3/rpc_parse/parse_rpc.c | 518 ++++--------------------------------- source3/rpc_parse/parse_samr.c | 6 +- source3/rpc_parse/parse_svcctl.c | 305 ++++++++++++++++++---- 13 files changed, 881 insertions(+), 691 deletions(-) create mode 100644 source3/rpc_parse/parse_ntsvcs.c (limited to 'source3/rpc_parse') diff --git a/source3/rpc_parse/parse_buffer.c b/source3/rpc_parse/parse_buffer.c index ff2a7cc2f6..36d8eda847 100644 --- a/source3/rpc_parse/parse_buffer.c +++ b/source3/rpc_parse/parse_buffer.c @@ -106,7 +106,7 @@ BOOL prs_rpcbuffer_p(const char *desc, prs_struct *ps, int depth, RPC_BUFFER **b /* caputure the pointer value to stream */ - data_p = (uint32) *buffer; + data_p = *buffer ? 0xf000baaa : 0; if ( !prs_uint32("ptr", ps, depth, &data_p )) return False; diff --git a/source3/rpc_parse/parse_dfs.c b/source3/rpc_parse/parse_dfs.c index 3f7b2a4cd5..f102e95004 100644 --- a/source3/rpc_parse/parse_dfs.c +++ b/source3/rpc_parse/parse_dfs.c @@ -22,8 +22,6 @@ */ #include "includes.h" -#include "nterr.h" -#include "rpc_parse.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_PARSE diff --git a/source3/rpc_parse/parse_ds.c b/source3/rpc_parse/parse_ds.c index 9155419ae4..c613145222 100644 --- a/source3/rpc_parse/parse_ds.c +++ b/source3/rpc_parse/parse_ds.c @@ -24,12 +24,13 @@ /************************************************************************ ************************************************************************/ -static BOOL ds_io_dominfobasic( const char *desc, prs_struct *ps, int depth, DSROLE_PRIMARY_DOMAIN_INFO_BASIC **basic) +static BOOL ds_io_dominfobasic(const char *desc, DSROLE_PRIMARY_DOMAIN_INFO_BASIC **basic, prs_struct *ps, int depth) { DSROLE_PRIMARY_DOMAIN_INFO_BASIC *p = *basic; - if ( UNMARSHALLING(ps) ) + if ( UNMARSHALLING(ps) ) { p = *basic = PRS_ALLOC_MEM(ps, DSROLE_PRIMARY_DOMAIN_INFO_BASIC, 1); + } if ( !p ) return False; @@ -75,7 +76,7 @@ static BOOL ds_io_dominfobasic( const char *desc, prs_struct *ps, int depth, DSR /************************************************************************ ************************************************************************/ -BOOL ds_io_q_getprimdominfo( const char *desc, prs_struct *ps, int depth, DS_Q_GETPRIMDOMINFO *q_u) +BOOL ds_io_q_getprimdominfo( const char *desc, DS_Q_GETPRIMDOMINFO *q_u, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "ds_io_q_getprimdominfo"); depth++; @@ -92,7 +93,7 @@ BOOL ds_io_q_getprimdominfo( const char *desc, prs_struct *ps, int depth, DS_Q_G /************************************************************************ ************************************************************************/ -BOOL ds_io_r_getprimdominfo( const char *desc, prs_struct *ps, int depth, DS_R_GETPRIMDOMINFO *r_u) +BOOL ds_io_r_getprimdominfo( const char *desc, DS_R_GETPRIMDOMINFO *r_u, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "ds_io_r_getprimdominfo"); depth++; @@ -114,7 +115,7 @@ BOOL ds_io_r_getprimdominfo( const char *desc, prs_struct *ps, int depth, DS_R_G switch ( r_u->level ) { case DsRolePrimaryDomainInfoBasic: - if ( !ds_io_dominfobasic( "dominfobasic", ps, depth, &r_u->info.basic ) ) + if ( !ds_io_dominfobasic( "dominfobasic", &r_u->info.basic, ps, depth) ) return False; break; default: @@ -135,8 +136,7 @@ BOOL ds_io_r_getprimdominfo( const char *desc, prs_struct *ps, int depth, DS_R_G initialize a DS_ENUM_DOM_TRUSTS structure ************************************************************************/ -BOOL init_q_ds_enum_domain_trusts( DS_Q_ENUM_DOM_TRUSTS *q, const char *server, - uint32 flags ) +BOOL init_q_ds_enum_domain_trusts( DS_Q_ENUM_DOM_TRUSTS *q, const char *server, uint32 flags ) { q->flags = flags; @@ -153,7 +153,7 @@ BOOL init_q_ds_enum_domain_trusts( DS_Q_ENUM_DOM_TRUSTS *q, const char *server, /************************************************************************ ************************************************************************/ -static BOOL ds_io_domain_trusts( const char *desc, prs_struct *ps, int depth, DS_DOMAIN_TRUSTS *trust) +static BOOL ds_io_domain_trusts( const char *desc, DS_DOMAIN_TRUSTS *trust, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "ds_io_dom_trusts_ctr"); depth++; @@ -188,7 +188,7 @@ static BOOL ds_io_domain_trusts( const char *desc, prs_struct *ps, int depth, DS /************************************************************************ ************************************************************************/ -static BOOL ds_io_dom_trusts_ctr( const char *desc, prs_struct *ps, int depth, DS_DOMAIN_TRUSTS_CTR *ctr) +static BOOL ds_io_dom_trusts_ctr( const char *desc, DS_DOMAIN_TRUSTS_CTR *ctr, prs_struct *ps, int depth) { int i; @@ -217,7 +217,7 @@ static BOOL ds_io_dom_trusts_ctr( const char *desc, prs_struct *ps, int depth, D we need another loop to read the UNISTR2's and SID's */ for ( i=0; imax_count;i++ ) { - if ( !ds_io_domain_trusts("domain_trusts", ps, depth, &ctr->trusts[i] ) ) + if ( !ds_io_domain_trusts("domain_trusts", &ctr->trusts[i], ps, depth) ) return False; } @@ -248,7 +248,7 @@ static BOOL ds_io_dom_trusts_ctr( const char *desc, prs_struct *ps, int depth, D initialize a DS_ENUM_DOM_TRUSTS request ************************************************************************/ -BOOL ds_io_q_enum_domain_trusts( const char *desc, prs_struct *ps, int depth, DS_Q_ENUM_DOM_TRUSTS *q_u) +BOOL ds_io_q_enum_domain_trusts( const char *desc, DS_Q_ENUM_DOM_TRUSTS *q_u, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "ds_io_q_enum_domain_trusts"); depth++; @@ -274,7 +274,7 @@ BOOL ds_io_q_enum_domain_trusts( const char *desc, prs_struct *ps, int depth, DS /************************************************************************ ************************************************************************/ -BOOL ds_io_r_enum_domain_trusts( const char *desc, prs_struct *ps, int depth, DS_R_ENUM_DOM_TRUSTS *r_u) +BOOL ds_io_r_enum_domain_trusts( const char *desc, DS_R_ENUM_DOM_TRUSTS *r_u, prs_struct *ps, int depth) { prs_debug(ps, depth, desc, "ds_io_r_enum_domain_trusts"); depth++; @@ -286,7 +286,7 @@ BOOL ds_io_r_enum_domain_trusts( const char *desc, prs_struct *ps, int depth, DS return False; if ( r_u->num_domains ) { - if ( !ds_io_dom_trusts_ctr("domains", ps, depth, &r_u->domains ) ) + if ( !ds_io_dom_trusts_ctr("domains", &r_u->domains, ps, depth) ) return False; } @@ -298,5 +298,3 @@ BOOL ds_io_r_enum_domain_trusts( const char *desc, prs_struct *ps, int depth, DS return True; } - - diff --git a/source3/rpc_parse/parse_echo.c b/source3/rpc_parse/parse_echo.c index b4aa8de24a..48dda7b171 100644 --- a/source3/rpc_parse/parse_echo.c +++ b/source3/rpc_parse/parse_echo.c @@ -21,8 +21,6 @@ */ #include "includes.h" -#include "nterr.h" -#include "rpc_parse.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_PARSE diff --git a/source3/rpc_parse/parse_eventlog.c b/source3/rpc_parse/parse_eventlog.c index 734f52fffb..1b57272ca4 100644 --- a/source3/rpc_parse/parse_eventlog.c +++ b/source3/rpc_parse/parse_eventlog.c @@ -23,9 +23,24 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_PARSE -/* - * called from eventlog_q_open_eventlog (srv_eventlog.c) - */ +/******************************************************************** +********************************************************************/ + +BOOL prs_ev_open_unknown0( const char *desc, prs_struct *ps, int depth, EVENTLOG_OPEN_UNKNOWN0 *u ) +{ + if ( !u ) + return False; + + if ( !prs_uint16("", ps, depth, &u->unknown1) ) + return False; + if ( !prs_uint16("", ps, depth, &u->unknown2) ) + return False; + + return True; +} + +/******************************************************************** +********************************************************************/ BOOL eventlog_io_q_open_eventlog(const char *desc, EVENTLOG_Q_OPEN_EVENTLOG *q_u, prs_struct *ps, int depth) @@ -33,62 +48,28 @@ BOOL eventlog_io_q_open_eventlog(const char *desc, EVENTLOG_Q_OPEN_EVENTLOG *q_u if(q_u == NULL) return False; - /** Data format seems to be: - UNKNOWN structure - uint32 unknown - uint16 unknown - uint16 unknown - Eventlog name - uint16 eventlog name length - uint16 eventlog name size - Character Array - uint32 unknown - uint32 max count - uint32 offset - uint32 actual count - UNISTR2 log file name - Server Name - uint16 server name length - uint16 server name size - Character Array - UNISTR2 server name - */ - prs_debug(ps, depth, desc, "eventlog_io_q_open_eventlog"); depth++; if(!prs_align(ps)) return False; - /* Munch unknown bits */ - - if(!prs_uint32("", ps, depth, &q_u->unknown1)) - return False; - if(!prs_uint16("", ps, depth, &q_u->unknown2)) - return False; - if(!prs_uint16("", ps, depth, &q_u->unknown3)) - return False; - if(!prs_align(ps)) + if ( !prs_pointer("", ps, depth, (void**)&q_u->unknown0, sizeof(EVENTLOG_OPEN_UNKNOWN0), (PRS_POINTER_CAST)prs_ev_open_unknown0)) return False; - /* Get name of log source */ - - if(!prs_uint16("sourcename_length", ps, depth, &q_u->sourcename_length)) - return False; - if(!prs_uint16("sourcename_size", ps, depth, &q_u->sourcename_size)) + if ( !prs_unistr4("logname", ps, depth, &q_u->logname) ) return False; - if(!prs_uint32("sourcename_ptr", ps, depth, &q_u->sourcename_ptr)) + if ( !prs_align(ps) ) return False; - if(!smb_io_unistr2("", &q_u->sourcename, q_u->sourcename_ptr, ps, depth)) + + if ( !prs_unistr4("servername", ps, depth, &q_u->servername) ) return False; - if(!prs_align(ps)) + if ( !prs_align(ps) ) return False; - /* Get server name */ - - if(!prs_uint32("servername_ptr", ps, depth, &q_u->servername_ptr)) + if ( !prs_uint32("unknown1", ps, depth, &q_u->unknown1) ) return False; - if(!smb_io_unistr2("", &q_u->servername, q_u->servername_ptr, ps, depth)) + if ( !prs_uint32("unknown2", ps, depth, &q_u->unknown2) ) return False; return True; @@ -424,17 +405,8 @@ BOOL eventlog_io_q_clear_eventlog(const char *desc, EVENTLOG_Q_CLEAR_EVENTLOG *q return False; if(!(smb_io_pol_hnd("log handle", &(q_u->handle), ps, depth))) return False; - if(!prs_align(ps)) - return False; - if(!(prs_uint32("unknown1", ps, depth, &q_u->unknown1))) - return False; - if(!(prs_uint16("backup_file_length", ps, depth, &q_u->backup_file_length))) - return False; - if(!(prs_uint16("backup_file_size", ps, depth, &q_u->backup_file_size))) - return False; - if(!prs_uint32("backup_file_ptr", ps, depth, &q_u->backup_file_ptr)) - return False; - if(!smb_io_unistr2("backup file", &q_u->backup_file, q_u->backup_file_ptr, ps, depth)) + + if ( !prs_unistr4("backupfile", ps, depth, &q_u->backupfile) ) return False; return True; diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index 921e366f11..8bbb97f226 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -296,7 +296,7 @@ BOOL smb_io_dom_sid2_p(const char *desc, prs_struct *ps, int depth, DOM_SID2 **s /* caputure the pointer value to stream */ - data_p = (uint32) *sid2; + data_p = *sid2 ? 0xf000baaa : 0; if ( !prs_uint32("dom_sid2_p", ps, depth, &data_p )) return False; @@ -1003,7 +1003,7 @@ BOOL prs_io_unistr2_p(const char *desc, prs_struct *ps, int depth, UNISTR2 **uni /* caputure the pointer value to stream */ - data_p = (uint32) *uni2; + data_p = *uni2 ? 0xf000baaa : 0; if ( !prs_uint32("ptr", ps, depth, &data_p )) return False; @@ -1038,7 +1038,7 @@ BOOL prs_io_unistr2(const char *desc, prs_struct *ps, int depth, UNISTR2 *uni2 ) /* just pass off to smb_io_unstr2() passing the uni2 address as the pointer (like you would expect) */ - return smb_io_unistr2( desc, uni2, (uint32)uni2, ps, depth ); + return smb_io_unistr2( desc, uni2, uni2 ? 1 : 0, ps, depth ); } /******************************************************************* @@ -1139,7 +1139,7 @@ BOOL prs_unistr4_str(const char *desc, prs_struct *ps, int depth, UNISTR4 *uni4) } /******************************************************************* - Reads or writes a UNISTR2_ARRAY structure. + Reads or writes a UNISTR4_ARRAY structure. ********************************************************************/ BOOL prs_unistr4_array(const char *desc, prs_struct *ps, int depth, UNISTR4_ARRAY *array ) diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c index 3a050148c9..35533e360a 100644 --- a/source3/rpc_parse/parse_net.c +++ b/source3/rpc_parse/parse_net.c @@ -671,7 +671,7 @@ BOOL net_io_q_trust_dom(const char *desc, NET_Q_TRUST_DOM_LIST *q_l, prs_struct void init_q_req_chal(NET_Q_REQ_CHAL *q_c, const char *logon_srv, const char *logon_clnt, - DOM_CHAL *clnt_chal) + const DOM_CHAL *clnt_chal) { DEBUG(5,("init_q_req_chal: %d\n", __LINE__)); @@ -860,7 +860,7 @@ BOOL net_io_r_auth_2(const char *desc, NET_R_AUTH_2 *r_a, prs_struct *ps, int de void init_q_auth_3(NET_Q_AUTH_3 *q_a, const char *logon_srv, const char *acct_name, uint16 sec_chan, const char *comp_name, - DOM_CHAL *clnt_chal, uint32 clnt_flgs) + const DOM_CHAL *clnt_chal, uint32 clnt_flgs) { DEBUG(5,("init_q_auth_3: %d\n", __LINE__)); @@ -1496,7 +1496,7 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr, ********************************************************************/ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, - int depth, uint16 validation_level) + int depth, uint16 validation_level, BOOL kerb_validation_level) { unsigned int i; @@ -1595,6 +1595,18 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, } } + /* get kerb validation info (not really part of user_info_3) - Guenther */ + + if (kerb_validation_level) { + + if(!prs_uint32("ptr_res_group_dom_sid", ps, depth, &usr->ptr_res_group_dom_sid)) + return False; + if(!prs_uint32("res_group_count", ps, depth, &usr->res_group_count)) + return False; + if(!prs_uint32("ptr_res_groups", ps, depth, &usr->ptr_res_groups)) + return False; + } + if(!smb_io_unistr2("uni_user_name", &usr->uni_user_name, usr->hdr_user_name.buffer, ps, depth)) /* username unicode string */ return False; if(!smb_io_unistr2("uni_full_name", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth)) /* user's full name unicode string */ @@ -1636,6 +1648,11 @@ BOOL net_io_user_info3(const char *desc, NET_USER_INFO_3 *usr, prs_struct *ps, uint32 num_other_sids = usr->num_other_sids; + if (!(usr->user_flgs & LOGON_EXTRA_SIDS)) { + DEBUG(10,("net_io_user_info3: user_flgs attribute does not have LOGON_EXTRA_SIDS\n")); + /* return False; */ + } + if (!prs_uint32("num_other_sids", ps, depth, &num_other_sids)) return False; @@ -1724,8 +1741,10 @@ BOOL net_io_r_sam_logon(const char *desc, NET_R_SAM_LOGON *r_l, prs_struct *ps, if(!prs_uint32("buffer_creds", ps, depth, &r_l->buffer_creds)) /* undocumented buffer pointer */ return False; - if(!smb_io_cred("", &r_l->srv_creds, ps, depth)) /* server credentials. server time stamp appears to be ignored. */ - return False; + if (&r_l->buffer_creds) { + if(!smb_io_cred("", &r_l->srv_creds, ps, depth)) /* server credentials. server time stamp appears to be ignored. */ + return False; + } if(!prs_uint16("switch_value", ps, depth, &r_l->switch_value)) return False; @@ -1733,11 +1752,11 @@ BOOL net_io_r_sam_logon(const char *desc, NET_R_SAM_LOGON *r_l, prs_struct *ps, return False; #if 1 /* W2k always needs this - even for bad passwd. JRA */ - if(!net_io_user_info3("", r_l->user, ps, depth, r_l->switch_value)) + if(!net_io_user_info3("", r_l->user, ps, depth, r_l->switch_value, False)) return False; #else if (r_l->switch_value != 0) { - if(!net_io_user_info3("", r_l->user, ps, depth, r_l->switch_value)) + if(!net_io_user_info3("", r_l->user, ps, depth, r_l->switch_value, False)) return False; } #endif @@ -2139,9 +2158,8 @@ BOOL make_sam_account_info(SAM_ACCOUNT_INFO * info, /******************************************************************* reads or writes a structure. ********************************************************************/ -static BOOL net_io_sam_account_info(const char *desc, uint8 sess_key[16], - SAM_ACCOUNT_INFO * info, prs_struct *ps, - int depth) +static BOOL net_io_sam_account_info(const char *desc, SAM_ACCOUNT_INFO *info, + prs_struct *ps, int depth) { BUFHDR2 hdr_priv_data; uint32 i; @@ -2295,7 +2313,7 @@ static BOOL net_io_sam_account_info(const char *desc, uint8 sess_key[16], if (ps->io) { /* reading */ - if (!prs_hash1(ps, ps->data_offset, sess_key, len)) + if (!prs_hash1(ps, ps->data_offset, len)) return False; } if (!net_io_sam_passwd_info("pass", &info->pass, @@ -2305,7 +2323,7 @@ static BOOL net_io_sam_account_info(const char *desc, uint8 sess_key[16], if (!ps->io) { /* writing */ - if (!prs_hash1(ps, old_offset, sess_key, len)) + if (!prs_hash1(ps, old_offset, len)) return False; } } @@ -2834,7 +2852,7 @@ static BOOL net_io_sam_privs_info(const char *desc, SAM_DELTA_PRIVS *info, /******************************************************************* reads or writes a structure. ********************************************************************/ -static BOOL net_io_sam_delta_ctr(const char *desc, uint8 sess_key[16], +static BOOL net_io_sam_delta_ctr(const char *desc, SAM_DELTA_CTR * delta, uint16 type, prs_struct *ps, int depth) { @@ -2859,7 +2877,7 @@ static BOOL net_io_sam_delta_ctr(const char *desc, uint8 sess_key[16], break; case SAM_DELTA_ACCOUNT_INFO: - if (!net_io_sam_account_info("", sess_key, &delta->account_info, ps, depth)) + if (!net_io_sam_account_info("", &delta->account_info, ps, depth)) return False; break; @@ -2912,7 +2930,7 @@ static BOOL net_io_sam_delta_ctr(const char *desc, uint8 sess_key[16], /******************************************************************* reads or writes a structure. ********************************************************************/ -BOOL net_io_r_sam_sync(const char *desc, uint8 sess_key[16], +BOOL net_io_r_sam_sync(const char *desc, NET_R_SAM_SYNC * r_s, prs_struct *ps, int depth) { uint32 i; @@ -2976,7 +2994,7 @@ BOOL net_io_r_sam_sync(const char *desc, uint8 sess_key[16], for (i = 0; i < r_s->num_deltas2; i++) { if (!net_io_sam_delta_ctr( - "", sess_key, &r_s->deltas[i], + "", &r_s->deltas[i], r_s->hdr_deltas[i].type3, ps, depth)) { DEBUG(0, ("hmm, failed on i=%d\n", i)); @@ -3048,7 +3066,7 @@ BOOL net_io_q_sam_deltas(const char *desc, NET_Q_SAM_DELTAS *q_s, prs_struct *ps /******************************************************************* reads or writes a structure. ********************************************************************/ -BOOL net_io_r_sam_deltas(const char *desc, uint8 sess_key[16], +BOOL net_io_r_sam_deltas(const char *desc, NET_R_SAM_DELTAS *r_s, prs_struct *ps, int depth) { unsigned int i; @@ -3104,7 +3122,7 @@ BOOL net_io_r_sam_deltas(const char *desc, uint8 sess_key[16], for (i = 0; i < r_s->num_deltas; i++) { if (!net_io_sam_delta_ctr( - "", sess_key, + "", &r_s->deltas[i], r_s->hdr_deltas[i].type2, ps, depth)) diff --git a/source3/rpc_parse/parse_ntsvcs.c b/source3/rpc_parse/parse_ntsvcs.c new file mode 100644 index 0000000000..f2e4456025 --- /dev/null +++ b/source3/rpc_parse/parse_ntsvcs.c @@ -0,0 +1,415 @@ +/* + * Unix SMB/CIFS implementation. + * RPC Pipe client / server routines + * Copyright (C) Gerald (Jerry) Carter 2005. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_PARSE + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_q_get_version(const char *desc, NTSVCS_Q_GET_VERSION *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_q_get_version"); + depth++; + + /* there is nothing to parse in this PDU */ + + return True; + +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_r_get_version(const char *desc, NTSVCS_R_GET_VERSION *r_u, prs_struct *ps, int depth) +{ + if ( !r_u ) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_r_get_version"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!prs_uint32("version", ps, depth, &r_u->version)) + return False; + + if(!prs_werror("status", ps, depth, &r_u->status)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_q_get_device_list_size(const char *desc, NTSVCS_Q_GET_DEVICE_LIST_SIZE *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_q_get_device_list_size"); + depth++; + + if(!prs_align(ps)) + return False; + + if ( !prs_pointer("devicename", ps, depth, (void**)&q_u->devicename, sizeof(UNISTR2), (PRS_POINTER_CAST)prs_io_unistr2) ) + return False; + if( !prs_align(ps) ) + return False; + + if ( !prs_uint32("flags", ps, depth, &q_u->flags) ) + return False; + + return True; + +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_r_get_device_list_size(const char *desc, NTSVCS_R_GET_DEVICE_LIST_SIZE *r_u, prs_struct *ps, int depth) +{ + if ( !r_u ) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_r_get_device_list_size"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!prs_uint32("size", ps, depth, &r_u->size)) + return False; + + if(!prs_werror("status", ps, depth, &r_u->status)) + return False; + + return True; +} + + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_q_get_device_list(const char *desc, NTSVCS_Q_GET_DEVICE_LIST *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_q_get_device_list"); + depth++; + + if(!prs_align(ps)) + return False; + + if ( !prs_pointer("devicename", ps, depth, (void**)&q_u->devicename, sizeof(UNISTR2), (PRS_POINTER_CAST)prs_io_unistr2) ) + return False; + if( !prs_align(ps) ) + return False; + + if ( !prs_uint32("buffer_size", ps, depth, &q_u->buffer_size) ) + return False; + if ( !prs_uint32("flags", ps, depth, &q_u->flags) ) + return False; + + return True; + +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_r_get_device_list(const char *desc, NTSVCS_R_GET_DEVICE_LIST *r_u, prs_struct *ps, int depth) +{ + if ( !r_u ) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_r_get_device_list_size"); + depth++; + + if(!prs_align(ps)) + return False; + + if ( !prs_io_unistr2("devicepath", ps, depth, &r_u->devicepath) ) + return False; + if(!prs_align(ps)) + return False; + + if(!prs_uint32("needed", ps, depth, &r_u->needed)) + return False; + + if(!prs_werror("status", ps, depth, &r_u->status)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_q_validate_device_instance(const char *desc, NTSVCS_Q_VALIDATE_DEVICE_INSTANCE *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_q_validate_device_instance"); + depth++; + + if(!prs_align(ps)) + return False; + + if ( !prs_io_unistr2("devicepath", ps, depth, &q_u->devicepath) ) + return False; + if( !prs_align(ps) ) + return False; + + if ( !prs_uint32("flags", ps, depth, &q_u->flags) ) + return False; + + return True; + +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_r_validate_device_instance(const char *desc, NTSVCS_R_VALIDATE_DEVICE_INSTANCE *r_u, prs_struct *ps, int depth) +{ + if ( !r_u ) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_r_validate_device_instance"); + depth++; + + if(!prs_werror("status", ps, depth, &r_u->status)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_q_get_device_reg_property(const char *desc, NTSVCS_Q_GET_DEVICE_REG_PROPERTY *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_q_get_device_reg_property"); + depth++; + + if(!prs_align(ps)) + return False; + + if ( !prs_io_unistr2("devicepath", ps, depth, &q_u->devicepath) ) + return False; + if( !prs_align(ps) ) + return False; + + if ( !prs_uint32("property", ps, depth, &q_u->property) ) + return False; + if ( !prs_uint32("unknown2", ps, depth, &q_u->unknown2) ) + return False; + if ( !prs_uint32("buffer_size1", ps, depth, &q_u->buffer_size1) ) + return False; + if ( !prs_uint32("buffer_size2", ps, depth, &q_u->buffer_size2) ) + return False; + if ( !prs_uint32("unknown5", ps, depth, &q_u->unknown5) ) + return False; + + return True; + +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_r_get_device_reg_property(const char *desc, NTSVCS_R_GET_DEVICE_REG_PROPERTY *r_u, prs_struct *ps, int depth) +{ + if ( !r_u ) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_r_get_device_reg_property"); + depth++; + + if ( !prs_align(ps) ) + return False; + + if ( !prs_uint32("unknown1", ps, depth, &r_u->unknown1) ) + return False; + + if ( !smb_io_regval_buffer("value", ps, depth, &r_u->value) ) + return False; + if ( !prs_align(ps) ) + return False; + + if ( !prs_uint32("size", ps, depth, &r_u->size) ) + return False; + + if ( !prs_uint32("needed", ps, depth, &r_u->needed) ) + return False; + + if(!prs_werror("status", ps, depth, &r_u->status)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_q_get_hw_profile_info(const char *desc, NTSVCS_Q_GET_HW_PROFILE_INFO *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_q_get_hw_profile_info"); + depth++; + + if(!prs_align(ps)) + return False; + + if ( !prs_uint32("index", ps, depth, &q_u->index) ) + return False; + + q_u->buffer_size = 0x000000a8; + + if ( UNMARSHALLING(ps) ) + q_u->buffer = TALLOC_ARRAY(get_talloc_ctx(), uint8, q_u->buffer_size ); + + if ( !prs_uint8s(True, "buffer", ps, depth, q_u->buffer, q_u->buffer_size) ) + return False; + + if ( !prs_uint32("buffer_size", ps, depth, &q_u->buffer_size) ) + return False; + + if ( !prs_uint32("unknown1", ps, depth, &q_u->unknown1) ) + return False; + + return True; + +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_r_get_hw_profile_info(const char *desc, NTSVCS_R_GET_HW_PROFILE_INFO *r_u, prs_struct *ps, int depth) +{ + if ( !r_u ) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_r_get_device_reg_property"); + depth++; + + if ( !prs_align(ps) ) + return False; + + if ( UNMARSHALLING(ps) ) + r_u->buffer = TALLOC_ARRAY(get_talloc_ctx(), uint8, r_u->buffer_size ); + + if ( !prs_uint8s(True, "buffer", ps, depth, r_u->buffer, r_u->buffer_size) ) + return False; + + if(!prs_werror("status", ps, depth, &r_u->status)) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_q_hw_profile_flags(const char *desc, NTSVCS_Q_HW_PROFILE_FLAGS *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_q_hw_profile_flags"); + depth++; + + if(!prs_align(ps)) + return False; + + if ( !prs_uint32("unknown1", ps, depth, &q_u->unknown1) ) + return False; + + + if ( !prs_io_unistr2("devicepath", ps, depth, &q_u->devicepath) ) + return False; + if( !prs_align(ps) ) + return False; + + if ( !prs_uint32("unknown2", ps, depth, &q_u->unknown2) ) + return False; + if ( !prs_uint32("unknown3", ps, depth, &q_u->unknown3) ) + return False; + if ( !prs_uint32("unknown4", ps, depth, &q_u->unknown4) ) + return False; + if ( !prs_uint32("unknown5", ps, depth, &q_u->unknown5) ) + return False; + if ( !prs_uint32("unknown6", ps, depth, &q_u->unknown6) ) + return False; + if ( !prs_uint32("unknown7", ps, depth, &q_u->unknown7) ) + return False; + + if ( !prs_uint32("unknown1", ps, depth, &q_u->unknown1) ) + return False; + + return True; + +} + +/******************************************************************* +********************************************************************/ + +BOOL ntsvcs_io_r_hw_profile_flags(const char *desc, NTSVCS_R_HW_PROFILE_FLAGS *r_u, prs_struct *ps, int depth) +{ + if ( !r_u ) + return False; + + prs_debug(ps, depth, desc, "ntsvcs_io_r_hw_profile_flags"); + depth++; + + if ( !prs_align(ps) ) + return False; + + if ( !prs_uint32("unknown1", ps, depth, &r_u->unknown1) ) + return False; + if ( !prs_uint32("unknown2", ps, depth, &r_u->unknown2) ) + return False; + if ( !prs_uint32("unknown3", ps, depth, &r_u->unknown3) ) + return False; + if(!prs_werror("status", ps, depth, &r_u->status)) + return False; + + return True; +} + + + + diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 709a5d39af..d174bad444 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -34,7 +34,6 @@ void prs_dump(char *name, int v, prs_struct *ps) prs_dump_region(name, v, ps, ps->data_offset, ps->buffer_size); } - /** * Dump from the start of the prs to the current location. **/ @@ -43,7 +42,6 @@ void prs_dump_before(char *name, int v, prs_struct *ps) prs_dump_region(name, v, ps, 0, ps->data_offset); } - /** * Dump everything from the start of the prs up to the current location. **/ @@ -52,6 +50,7 @@ void prs_dump_region(char *name, int v, prs_struct *ps, { int fd, i; pstring fname; + ssize_t sz; if (DEBUGLEVEL < 50) return; for (i=1;i<100;i++) { if (v != -1) { @@ -63,26 +62,28 @@ void prs_dump_region(char *name, int v, prs_struct *ps, if (fd != -1 || errno != EEXIST) break; } if (fd != -1) { - write(fd, ps->data_p + from_off, to_off - from_off); - close(fd); - DEBUG(0,("created %s\n", fname)); + sz = write(fd, ps->data_p + from_off, to_off - from_off); + i = close(fd); + if ( (sz != to_off-from_off) || (i != 0) ) { + DEBUG(0,("Error writing/closing %s: %ld!=%ld %d\n", fname, (unsigned long)sz, (unsigned long)to_off-from_off, i )); + } else { + DEBUG(0,("created %s\n", fname)); + } } } - - /******************************************************************* - debug output for parsing info. + Debug output for parsing info - XXXX side-effect of this function is to increase the debug depth XXXX + XXXX side-effect of this function is to increase the debug depth XXXX. + +********************************************************************/ - ********************************************************************/ void prs_debug(prs_struct *ps, int depth, const char *desc, const char *fn_name) { DEBUG(5+depth, ("%s%06x %s %s\n", tab_depth(depth), ps->data_offset, fn_name, desc)); } - /** * Initialise an expandable parse structure. * @@ -91,6 +92,7 @@ void prs_debug(prs_struct *ps, int depth, const char *desc, const char *fn_name) * * @return False if allocation fails, otherwise True. **/ + BOOL prs_init(prs_struct *ps, uint32 size, TALLOC_CTX *ctx, BOOL io) { ZERO_STRUCTP(ps); @@ -111,6 +113,9 @@ BOOL prs_init(prs_struct *ps, uint32 size, TALLOC_CTX *ctx, BOOL io) } memset(ps->data_p, '\0', (size_t)size); ps->is_dynamic = True; /* We own this memory. */ + } else if (MARSHALLING(ps)) { + /* If size is zero and we're marshalling we should allocate memory on demand. */ + ps->is_dynamic = True; } return True; @@ -254,7 +259,7 @@ BOOL prs_grow(prs_struct *ps, uint32 extra_space) * is greater. */ - new_size = MAX(MAX_PDU_FRAG_LEN,extra_space); + new_size = MAX(RPC_MAX_PDU_FRAG_LEN,extra_space); if((new_data = SMB_MALLOC(new_size)) == NULL) { DEBUG(0,("prs_grow: Malloc failure for size %u.\n", (unsigned int)new_size)); @@ -398,7 +403,7 @@ BOOL prs_append_some_prs_data(prs_struct *dst, prs_struct *src, int32 start, uin Append the data from a buffer into a parse_struct. ********************************************************************/ -BOOL prs_copy_data_in(prs_struct *dst, char *src, uint32 len) +BOOL prs_copy_data_in(prs_struct *dst, const char *src, uint32 len) { if (len == 0) return True; @@ -564,6 +569,15 @@ void prs_force_dynamic(prs_struct *ps) ps->is_dynamic=True; } +/******************************************************************* + Associate a session key with a parse struct. + ********************************************************************/ + +void prs_set_session_key(prs_struct *ps, const char sess_key[16]) +{ + ps->sess_key = sess_key; +} + /******************************************************************* Stream a uint8. ********************************************************************/ @@ -596,9 +610,9 @@ BOOL prs_pointer( const char *name, prs_struct *ps, int depth, { uint32 data_p; - /* caputure the pointer value to stream */ + /* output f000baaa to stream if the pointer is non-zero. */ - data_p = (uint32) *data; + data_p = *data ? 0xf000baaa : 0; if ( !prs_uint32("ptr", ps, depth, &data_p )) return False; @@ -1387,7 +1401,7 @@ int tdb_prs_fetch(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps, TALLOC_CTX *me hash a stream. ********************************************************************/ -BOOL prs_hash1(prs_struct *ps, uint32 offset, uint8 sess_key[16], int len) +BOOL prs_hash1(prs_struct *ps, uint32 offset, int len) { char *q; @@ -1396,10 +1410,10 @@ BOOL prs_hash1(prs_struct *ps, uint32 offset, uint8 sess_key[16], int len) #ifdef DEBUG_PASSWORD DEBUG(100, ("prs_hash1\n")); - dump_data(100, sess_key, 16); + dump_data(100, ps->sess_key, 16); dump_data(100, q, len); #endif - SamOEMhash((uchar *) q, sess_key, len); + SamOEMhash((uchar *) q, ps->sess_key, len); #ifdef DEBUG_PASSWORD dump_data(100, q, len); @@ -1413,9 +1427,9 @@ BOOL prs_hash1(prs_struct *ps, uint32 offset, uint8 sess_key[16], int len) MD5 it with the session key. ********************************************************************/ -static void netsec_digest(struct netsec_auth_struct *a, - int auth_flags, - RPC_AUTH_NETSEC_CHK * verf, +static void schannel_digest(struct schannel_auth_struct *a, + enum pipe_auth_level auth_level, + RPC_AUTH_SCHANNEL_CHK * verf, char *data, size_t data_len, uchar digest_final[16]) { @@ -1429,7 +1443,7 @@ static void netsec_digest(struct netsec_auth_struct *a, out of order */ MD5Update(&ctx3, zeros, sizeof(zeros)); MD5Update(&ctx3, verf->sig, sizeof(verf->sig)); - if (auth_flags & AUTH_PIPE_SEAL) { + if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) { MD5Update(&ctx3, verf->confounder, sizeof(verf->confounder)); } MD5Update(&ctx3, (const unsigned char *)data, data_len); @@ -1445,8 +1459,8 @@ static void netsec_digest(struct netsec_auth_struct *a, Calculate the key with which to encode the data payload ********************************************************************/ -static void netsec_get_sealing_key(struct netsec_auth_struct *a, - RPC_AUTH_NETSEC_CHK *verf, +static void schannel_get_sealing_key(struct schannel_auth_struct *a, + RPC_AUTH_SCHANNEL_CHK *verf, uchar sealing_key[16]) { static uchar zeros[4]; @@ -1473,8 +1487,8 @@ static void netsec_get_sealing_key(struct netsec_auth_struct *a, Encode or Decode the sequence number (which is symmetric) ********************************************************************/ -static void netsec_deal_with_seq_num(struct netsec_auth_struct *a, - RPC_AUTH_NETSEC_CHK *verf) +static void schannel_deal_with_seq_num(struct schannel_auth_struct *a, + RPC_AUTH_SCHANNEL_CHK *verf) { static uchar zeros[4]; uchar sequence_key[16]; @@ -1493,10 +1507,10 @@ static void netsec_deal_with_seq_num(struct netsec_auth_struct *a, } /******************************************************************* -creates an RPC_AUTH_NETSEC_CHK structure. +creates an RPC_AUTH_SCHANNEL_CHK structure. ********************************************************************/ -static BOOL init_rpc_auth_netsec_chk(RPC_AUTH_NETSEC_CHK * chk, +static BOOL init_rpc_auth_schannel_chk(RPC_AUTH_SCHANNEL_CHK * chk, const uchar sig[8], const uchar packet_digest[8], const uchar seq_num[8], const uchar confounder[8]) @@ -1513,15 +1527,15 @@ static BOOL init_rpc_auth_netsec_chk(RPC_AUTH_NETSEC_CHK * chk, } /******************************************************************* - Encode a blob of data using the netsec (schannel) alogrithm, also produceing + Encode a blob of data using the schannel alogrithm, also produceing a checksum over the original data. We currently only support signing and sealing togeather - the signing-only code is close, but not quite compatible with what MS does. ********************************************************************/ -void netsec_encode(struct netsec_auth_struct *a, int auth_flags, - enum netsec_direction direction, - RPC_AUTH_NETSEC_CHK * verf, +void schannel_encode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level, + enum schannel_direction direction, + RPC_AUTH_SCHANNEL_CHK * verf, char *data, size_t data_len) { uchar digest_final[16]; @@ -1529,16 +1543,16 @@ void netsec_encode(struct netsec_auth_struct *a, int auth_flags, uchar seq_num[8]; static const uchar nullbytes[8]; - static const uchar netsec_seal_sig[8] = NETSEC_SEAL_SIGNATURE; - static const uchar netsec_sign_sig[8] = NETSEC_SIGN_SIGNATURE; - const uchar *netsec_sig = NULL; + static const uchar schannel_seal_sig[8] = SCHANNEL_SEAL_SIGNATURE; + static const uchar schannel_sign_sig[8] = SCHANNEL_SIGN_SIGNATURE; + const uchar *schannel_sig = NULL; - DEBUG(10,("SCHANNEL: netsec_encode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len)); + DEBUG(10,("SCHANNEL: schannel_encode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len)); - if (auth_flags & AUTH_PIPE_SEAL) { - netsec_sig = netsec_seal_sig; - } else if (auth_flags & AUTH_PIPE_SIGN) { - netsec_sig = netsec_sign_sig; + if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) { + schannel_sig = schannel_seal_sig; + } else { + schannel_sig = schannel_sign_sig; } /* fill the 'confounder' with random data */ @@ -1559,18 +1573,18 @@ void netsec_encode(struct netsec_auth_struct *a, int auth_flags, dump_data_pw("verf->seq_num:\n", seq_num, sizeof(verf->seq_num)); - init_rpc_auth_netsec_chk(verf, netsec_sig, nullbytes, + init_rpc_auth_schannel_chk(verf, schannel_sig, nullbytes, seq_num, confounder); /* produce a digest of the packet to prove it's legit (before we seal it) */ - netsec_digest(a, auth_flags, verf, data, data_len, digest_final); + schannel_digest(a, auth_level, verf, data, data_len, digest_final); memcpy(verf->packet_digest, digest_final, sizeof(verf->packet_digest)); - if (auth_flags & AUTH_PIPE_SEAL) { + if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) { uchar sealing_key[16]; /* get the key to encode the data with */ - netsec_get_sealing_key(a, verf, sealing_key); + schannel_get_sealing_key(a, verf, sealing_key); /* encode the verification data */ dump_data_pw("verf->confounder:\n", verf->confounder, sizeof(verf->confounder)); @@ -1587,35 +1601,35 @@ void netsec_encode(struct netsec_auth_struct *a, int auth_flags, /* encode the sequence number (key based on packet digest) */ /* needs to be done after the sealing, as the original version is used in the sealing stuff... */ - netsec_deal_with_seq_num(a, verf); + schannel_deal_with_seq_num(a, verf); return; } /******************************************************************* - Decode a blob of data using the netsec (schannel) alogrithm, also verifiying + Decode a blob of data using the schannel alogrithm, also verifiying a checksum over the original data. We currently can verify signed messages, as well as decode sealed messages ********************************************************************/ -BOOL netsec_decode(struct netsec_auth_struct *a, int auth_flags, - enum netsec_direction direction, - RPC_AUTH_NETSEC_CHK * verf, char *data, size_t data_len) +BOOL schannel_decode(struct schannel_auth_struct *a, enum pipe_auth_level auth_level, + enum schannel_direction direction, + RPC_AUTH_SCHANNEL_CHK * verf, char *data, size_t data_len) { uchar digest_final[16]; - static const uchar netsec_seal_sig[8] = NETSEC_SEAL_SIGNATURE; - static const uchar netsec_sign_sig[8] = NETSEC_SIGN_SIGNATURE; - const uchar *netsec_sig = NULL; + static const uchar schannel_seal_sig[8] = SCHANNEL_SEAL_SIGNATURE; + static const uchar schannel_sign_sig[8] = SCHANNEL_SIGN_SIGNATURE; + const uchar *schannel_sig = NULL; uchar seq_num[8]; - DEBUG(10,("SCHANNEL: netsec_encode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len)); + DEBUG(10,("SCHANNEL: schannel_decode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len)); - if (auth_flags & AUTH_PIPE_SEAL) { - netsec_sig = netsec_seal_sig; - } else if (auth_flags & AUTH_PIPE_SIGN) { - netsec_sig = netsec_sign_sig; + if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) { + schannel_sig = schannel_seal_sig; + } else { + schannel_sig = schannel_sign_sig; } /* Create the expected sequence number for comparison */ @@ -1630,7 +1644,7 @@ BOOL netsec_decode(struct netsec_auth_struct *a, int auth_flags, break; } - DEBUG(10,("SCHANNEL: netsec_decode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len)); + DEBUG(10,("SCHANNEL: schannel_decode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len)); dump_data_pw("a->sess_key:\n", a->sess_key, sizeof(a->sess_key)); dump_data_pw("seq_num:\n", seq_num, sizeof(seq_num)); @@ -1638,7 +1652,7 @@ BOOL netsec_decode(struct netsec_auth_struct *a, int auth_flags, /* extract the sequence number (key based on supplied packet digest) */ /* needs to be done before the sealing, as the original version is used in the sealing stuff... */ - netsec_deal_with_seq_num(a, verf); + schannel_deal_with_seq_num(a, verf); if (memcmp(verf->seq_num, seq_num, sizeof(seq_num))) { /* don't even bother with the below if the sequence number is out */ @@ -1646,7 +1660,7 @@ BOOL netsec_decode(struct netsec_auth_struct *a, int auth_flags, digest, as supplied by the client. We check that it's a valid checksum after the decode, below */ - DEBUG(2, ("netsec_decode: FAILED: packet sequence number:\n")); + DEBUG(2, ("schannel_decode: FAILED: packet sequence number:\n")); dump_data(2, (const char*)verf->seq_num, sizeof(verf->seq_num)); DEBUG(2, ("should be:\n")); dump_data(2, (const char*)seq_num, sizeof(seq_num)); @@ -1654,20 +1668,20 @@ BOOL netsec_decode(struct netsec_auth_struct *a, int auth_flags, return False; } - if (memcmp(verf->sig, netsec_sig, sizeof(verf->sig))) { + if (memcmp(verf->sig, schannel_sig, sizeof(verf->sig))) { /* Validate that the other end sent the expected header */ - DEBUG(2, ("netsec_decode: FAILED: packet header:\n")); + DEBUG(2, ("schannel_decode: FAILED: packet header:\n")); dump_data(2, (const char*)verf->sig, sizeof(verf->sig)); DEBUG(2, ("should be:\n")); - dump_data(2, (const char*)netsec_sig, sizeof(netsec_sig)); + dump_data(2, (const char*)schannel_sig, sizeof(schannel_sig)); return False; } - if (auth_flags & AUTH_PIPE_SEAL) { + if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) { uchar sealing_key[16]; /* get the key to extract the data with */ - netsec_get_sealing_key(a, verf, sealing_key); + schannel_get_sealing_key(a, verf, sealing_key); /* extract the verification data */ dump_data_pw("verf->confounder:\n", verf->confounder, @@ -1684,7 +1698,7 @@ BOOL netsec_decode(struct netsec_auth_struct *a, int auth_flags, } /* digest includes 'data' after unsealing */ - netsec_digest(a, auth_flags, verf, data, data_len, digest_final); + schannel_digest(a, auth_level, verf, data, data_len, digest_final); dump_data_pw("Calculated digest:\n", digest_final, sizeof(digest_final)); diff --git a/source3/rpc_parse/parse_reg.c b/source3/rpc_parse/parse_reg.c index be452033fe..295fead103 100644 --- a/source3/rpc_parse/parse_reg.c +++ b/source3/rpc_parse/parse_reg.c @@ -33,7 +33,7 @@ Fill in a REGVAL_BUFFER for the data given a REGISTRY_VALUE *******************************************************************/ -static uint32 reg_init_regval_buffer( REGVAL_BUFFER *buf2, REGISTRY_VALUE *val ) +uint32 reg_init_regval_buffer( REGVAL_BUFFER *buf2, REGISTRY_VALUE *val ) { uint32 real_size = 0; diff --git a/source3/rpc_parse/parse_rpc.c b/source3/rpc_parse/parse_rpc.c index ce081b92e8..ea4ec2c863 100644 --- a/source3/rpc_parse/parse_rpc.c +++ b/source3/rpc_parse/parse_rpc.c @@ -191,6 +191,26 @@ interface/version dce/rpc pipe identification }, 0x00 \ } +#define SYNT_UNIXINFO_V0 \ +{ \ + { \ + 0x9c54e310, 0xa955, 0x4885, \ + { 0xbd, 0x31 }, \ + { 0x78, 0x78, \ + 0x71, 0x47, 0xdf, 0xa6 } \ + }, 0x00 \ +} + +#define SYNT_NTSVCS_V1 \ +{ \ + { \ + 0x8d9f4e40, 0xa03d, 0x11ce, \ + { 0x8f, 0x69}, \ + { 0x08, 0x00, \ + 0x3e, 0x30, 0x05, 0x1b } \ + }, 0x01 \ +} + /* * IMPORTANT!! If you update this structure, make sure to * update the index #defines in smb.h. @@ -212,9 +232,19 @@ const struct pipe_id_info pipe_names [] = { PIPE_SHUTDOWN, SYNT_SHUTDOWN_V1 , PIPE_SHUTDOWN , TRANS_SYNT_V2 }, { PIPE_SVCCTL , SYNT_SVCCTL_V2 , PIPE_NTSVCS , TRANS_SYNT_V2 }, { PIPE_EVENTLOG, SYNT_EVENTLOG_V0 , PIPE_EVENTLOG , TRANS_SYNT_V2 }, + { PIPE_NTSVCS , SYNT_NTSVCS_V1 , PIPE_NTSVCS , TRANS_SYNT_V2 }, { NULL , SYNT_NONE_V0 , NULL , SYNT_NONE_V0 } }; +/**************************************************************************** + Return the pipe name from the index. + ****************************************************************************/ + +const char *cli_get_pipe_name(int pipe_idx) +{ + return &pipe_names[pipe_idx].client_pipe[5]; +} + /******************************************************************* Inits an RPC_HDR structure. ********************************************************************/ @@ -658,8 +688,8 @@ void init_rpc_hdr_auth(RPC_HDR_AUTH *rai, uint8 auth_pad_len, uint32 auth_context_id) { - rai->auth_type = auth_type; /* nt lm ssp 0x0a */ - rai->auth_level = auth_level; /* 0x06 */ + rai->auth_type = auth_type; + rai->auth_level = auth_level; rai->auth_pad_len = auth_pad_len; rai->auth_reserved = 0; rai->auth_context_id = auth_context_id; @@ -680,9 +710,9 @@ BOOL smb_io_rpc_hdr_auth(const char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, in if(!prs_align(ps)) return False; - if(!prs_uint8 ("auth_type ", ps, depth, &rai->auth_type)) /* 0x0a nt lm ssp */ + if(!prs_uint8 ("auth_type ", ps, depth, &rai->auth_type)) return False; - if(!prs_uint8 ("auth_level ", ps, depth, &rai->auth_level)) /* 0x06 */ + if(!prs_uint8 ("auth_level ", ps, depth, &rai->auth_level)) return False; if(!prs_uint8 ("auth_pad_len ", ps, depth, &rai->auth_pad_len)) return False; @@ -694,43 +724,6 @@ BOOL smb_io_rpc_hdr_auth(const char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, in return True; } - -/******************************************************************* - Init an RPC_HDR_AUTHA structure. -********************************************************************/ - -void init_rpc_hdr_autha(RPC_HDR_AUTHA *rai, - uint16 max_tsize, uint16 max_rsize, - RPC_HDR_AUTH *auth) -{ - rai->max_tsize = max_tsize; /* maximum transmission fragment size (0x1630) */ - rai->max_rsize = max_rsize; /* max receive fragment size (0x1630) */ - rai->auth = *auth; -} - -/******************************************************************* - Reads or writes an RPC_HDR_AUTHA structure. -********************************************************************/ - -BOOL smb_io_rpc_hdr_autha(const char *desc, RPC_HDR_AUTHA *rai, prs_struct *ps, int depth) -{ - if (rai == NULL) - return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_hdr_autha"); - depth++; - - if(!prs_uint16("max_tsize ", ps, depth, &rai->max_tsize)) - return False; - if(!prs_uint16("max_rsize ", ps, depth, &rai->max_rsize)) - return False; - - if(!smb_io_rpc_hdr_auth("auth", &rai->auth, ps, depth)) - return False; - - return True; -} - /******************************************************************* Checks an RPC_AUTH_VERIFIER structure. ********************************************************************/ @@ -775,17 +768,15 @@ BOOL smb_io_rpc_auth_verifier(const char *desc, RPC_AUTH_VERIFIER *rav, prs_stru } /******************************************************************* - This parses an RPC_AUTH_VERIFIER for NETLOGON schannel. I think - assuming "NTLMSSP" in sm_io_rpc_auth_verifier is somewhat wrong. - I have to look at that later... + This parses an RPC_AUTH_VERIFIER for schannel. I think ********************************************************************/ -BOOL smb_io_rpc_netsec_verifier(const char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps, int depth) +BOOL smb_io_rpc_schannel_verifier(const char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps, int depth) { if (rav == NULL) return False; - prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier"); + prs_debug(ps, depth, desc, "smb_io_rpc_schannel_verifier"); depth++; if(!prs_string("signature", ps, depth, rav->signature, sizeof(rav->signature))) @@ -797,424 +788,10 @@ BOOL smb_io_rpc_netsec_verifier(const char *desc, RPC_AUTH_VERIFIER *rav, prs_st } /******************************************************************* - Inits an RPC_AUTH_NTLMSSP_NEG structure. -********************************************************************/ - -void init_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg, - uint32 neg_flgs, - const char *myname, const char *domain) -{ - int len_myname = strlen(myname); - int len_domain = strlen(domain); - - neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */ - - init_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname); - init_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20); - - fstrcpy(neg->myname, myname); - fstrcpy(neg->domain, domain); -} - -/******************************************************************* - Reads or writes an RPC_AUTH_NTLMSSP_NEG structure. - - *** lkclXXXX HACK ALERT! *** -********************************************************************/ - -BOOL smb_io_rpc_auth_ntlmssp_neg(const char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth) -{ - uint32 start_offset = prs_offset(ps); - if (neg == NULL) - return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg"); - depth++; - - if(!prs_uint32("neg_flgs ", ps, depth, &neg->neg_flgs)) - return False; - - if (ps->io) { - uint32 old_offset; - uint32 old_neg_flags = neg->neg_flgs; - - /* reading */ - - ZERO_STRUCTP(neg); - - neg->neg_flgs = old_neg_flags; - - if(!smb_io_strhdr("hdr_domain", &neg->hdr_domain, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_myname", &neg->hdr_myname, ps, depth)) - return False; - - old_offset = prs_offset(ps); - - if(!prs_set_offset(ps, neg->hdr_myname.buffer + start_offset - 12)) - return False; - - if(!prs_uint8s(True, "myname", ps, depth, (uint8*)neg->myname, - MIN(neg->hdr_myname.str_str_len, sizeof(neg->myname)))) - return False; - - old_offset += neg->hdr_myname.str_str_len; - - if(!prs_set_offset(ps, neg->hdr_domain.buffer + start_offset - 12)) - return False; - - if(!prs_uint8s(True, "domain", ps, depth, (uint8*)neg->domain, - MIN(neg->hdr_domain.str_str_len, sizeof(neg->domain )))) - return False; - - old_offset += neg->hdr_domain .str_str_len; - - if(!prs_set_offset(ps, old_offset)) - return False; - } else { - /* writing */ - if(!smb_io_strhdr("hdr_domain", &neg->hdr_domain, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_myname", &neg->hdr_myname, ps, depth)) - return False; - - if(!prs_uint8s(True, "myname", ps, depth, (uint8*)neg->myname, - MIN(neg->hdr_myname.str_str_len, sizeof(neg->myname)))) - return False; - if(!prs_uint8s(True, "domain", ps, depth, (uint8*)neg->domain, - MIN(neg->hdr_domain.str_str_len, sizeof(neg->domain )))) - return False; - } - - return True; -} - -/******************************************************************* -creates an RPC_AUTH_NTLMSSP_CHAL structure. -********************************************************************/ - -void init_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl, - uint32 neg_flags, - uint8 challenge[8]) -{ - chl->unknown_1 = 0x0; - chl->unknown_2 = 0x00000028; - chl->neg_flags = neg_flags; /* 0x0082b1 */ - - memcpy(chl->challenge, challenge, sizeof(chl->challenge)); - memset((char *)chl->reserved , '\0', sizeof(chl->reserved)); -} - -/******************************************************************* - Reads or writes an RPC_AUTH_NTLMSSP_CHAL structure. -********************************************************************/ - -BOOL smb_io_rpc_auth_ntlmssp_chal(const char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth) -{ - if (chl == NULL) - return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chal"); - depth++; - - if(!prs_uint32("unknown_1", ps, depth, &chl->unknown_1)) /* 0x0000 0000 */ - return False; - if(!prs_uint32("unknown_2", ps, depth, &chl->unknown_2)) /* 0x0000 b2b3 */ - return False; - if(!prs_uint32("neg_flags", ps, depth, &chl->neg_flags)) /* 0x0000 82b1 */ - return False; - - if(!prs_uint8s (False, "challenge", ps, depth, chl->challenge, sizeof(chl->challenge))) - return False; - if(!prs_uint8s (False, "reserved ", ps, depth, chl->reserved , sizeof(chl->reserved ))) - return False; - - return True; -} - -/******************************************************************* - Inits an RPC_AUTH_NTLMSSP_RESP structure. - - *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) *** - *** lkclXXXX the actual offset is at the start of the auth verifier *** -********************************************************************/ - -void init_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp, - uchar lm_resp[24], uchar nt_resp[24], - const char *domain, const char *user, const char *wks, - uint32 neg_flags) -{ - uint32 offset; - int dom_len = strlen(domain); - int wks_len = strlen(wks); - int usr_len = strlen(user); - int lm_len = (lm_resp != NULL) ? 24 : 0; - int nt_len = (nt_resp != NULL) ? 24 : 0; - - DEBUG(5,("make_rpc_auth_ntlmssp_resp\n")); - -#ifdef DEBUG_PASSWORD - DEBUG(100,("lm_resp\n")); - dump_data(100, (char *)lm_resp, 24); - DEBUG(100,("nt_resp\n")); - dump_data(100, (char *)nt_resp, 24); -#endif - - DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n", - domain, user, wks, neg_flags)); - - offset = 0x40; - - if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) { - dom_len *= 2; - wks_len *= 2; - usr_len *= 2; - } - - init_str_hdr(&rsp->hdr_domain, dom_len, dom_len, offset); - offset += dom_len; - - init_str_hdr(&rsp->hdr_usr, usr_len, usr_len, offset); - offset += usr_len; - - init_str_hdr(&rsp->hdr_wks, wks_len, wks_len, offset); - offset += wks_len; - - init_str_hdr(&rsp->hdr_lm_resp, lm_len, lm_len, offset); - offset += lm_len; - - init_str_hdr(&rsp->hdr_nt_resp, nt_len, nt_len, offset); - offset += nt_len; - - init_str_hdr(&rsp->hdr_sess_key, 0, 0, offset); - - rsp->neg_flags = neg_flags; - - memcpy(rsp->lm_resp, lm_resp, 24); - memcpy(rsp->nt_resp, nt_resp, 24); - - if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) { - rpcstr_push(rsp->domain, domain, sizeof(rsp->domain), 0); - rpcstr_push(rsp->user, user, sizeof(rsp->user), 0); - rpcstr_push(rsp->wks, wks, sizeof(rsp->wks), 0); - } else { - fstrcpy(rsp->domain, domain); - fstrcpy(rsp->user, user); - fstrcpy(rsp->wks, wks); - } - - rsp->sess_key[0] = 0; -} - -/******************************************************************* - Reads or writes an RPC_AUTH_NTLMSSP_RESP structure. - - *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) *** - *** lkclXXXX the actual offset is at the start of the auth verifier *** -********************************************************************/ - -BOOL smb_io_rpc_auth_ntlmssp_resp(const char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth) -{ - if (rsp == NULL) - return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp"); - depth++; - - if (ps->io) { - uint32 old_offset; - - /* reading */ - - ZERO_STRUCTP(rsp); - - if(!smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_domain ", &rsp->hdr_domain, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_user ", &rsp->hdr_usr, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_wks ", &rsp->hdr_wks, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth)) - return False; - - if(!prs_uint32("neg_flags", ps, depth, &rsp->neg_flags)) /* 0x0000 82b1 */ - return False; - - old_offset = prs_offset(ps); - - if(!prs_set_offset(ps, rsp->hdr_domain.buffer + 0xc)) - return False; - - if(!prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain, - MIN(rsp->hdr_domain.str_str_len, sizeof(rsp->domain)))) - return False; - - old_offset += rsp->hdr_domain.str_str_len; - - if(!prs_set_offset(ps, rsp->hdr_usr.buffer + 0xc)) - return False; - - if(!prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user, - MIN(rsp->hdr_usr.str_str_len, sizeof(rsp->user)))) - return False; - - old_offset += rsp->hdr_usr.str_str_len; - - if(!prs_set_offset(ps, rsp->hdr_wks.buffer + 0xc)) - return False; - - if(!prs_uint8s(True, "wks ", ps, depth, (uint8*)rsp->wks, - MIN(rsp->hdr_wks.str_str_len, sizeof(rsp->wks)))) - return False; - - old_offset += rsp->hdr_wks.str_str_len; - - if(!prs_set_offset(ps, rsp->hdr_lm_resp.buffer + 0xc)) - return False; - - if(!prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp, - MIN(rsp->hdr_lm_resp.str_str_len, sizeof(rsp->lm_resp )))) - return False; - - old_offset += rsp->hdr_lm_resp.str_str_len; - - if(!prs_set_offset(ps, rsp->hdr_nt_resp.buffer + 0xc)) - return False; - - if(!prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp, - MIN(rsp->hdr_nt_resp.str_str_len, sizeof(rsp->nt_resp )))) - return False; - - old_offset += rsp->hdr_nt_resp.str_str_len; - - if (rsp->hdr_sess_key.str_str_len != 0) { - - if(!prs_set_offset(ps, rsp->hdr_sess_key.buffer + 0x10)) - return False; - - old_offset += rsp->hdr_sess_key.str_str_len; - - if(!prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, - MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)))) - return False; - } - - if(!prs_set_offset(ps, old_offset)) - return False; - } else { - /* writing */ - if(!smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_domain ", &rsp->hdr_domain, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_user ", &rsp->hdr_usr, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_wks ", &rsp->hdr_wks, ps, depth)) - return False; - if(!smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth)) - return False; - - if(!prs_uint32("neg_flags", ps, depth, &rsp->neg_flags)) /* 0x0000 82b1 */ - return False; - - if(!prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain, - MIN(rsp->hdr_domain.str_str_len, sizeof(rsp->domain)))) - return False; - - if(!prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user, - MIN(rsp->hdr_usr.str_str_len, sizeof(rsp->user)))) - return False; - - if(!prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks, - MIN(rsp->hdr_wks.str_str_len, sizeof(rsp->wks)))) - return False; - if(!prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp, - MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp)))) - return False; - if(!prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp, - MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )))) - return False; - if(!prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, - MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)))) - return False; - } - - return True; -} - -/******************************************************************* - Checks an RPC_AUTH_NTLMSSP_CHK structure. -********************************************************************/ - -BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num) -{ - if (chk == NULL) - return False; - - if (chk->crc32 != crc32 || - chk->ver != NTLMSSP_SIGN_VERSION || - chk->seq_num != seq_num) - { - DEBUG(5,("verify failed - crc %x ver %x seq %d\n", - chk->crc32, chk->ver, chk->seq_num)); - - DEBUG(5,("verify expect - crc %x ver %x seq %d\n", - crc32, NTLMSSP_SIGN_VERSION, seq_num)); - return False; - } - return True; -} - -/******************************************************************* - Inits an RPC_AUTH_NTLMSSP_CHK structure. -********************************************************************/ - -void init_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, - uint32 ver, uint32 crc32, uint32 seq_num) -{ - chk->ver = ver; - chk->reserved = 0x0; - chk->crc32 = crc32; - chk->seq_num = seq_num; -} - -/******************************************************************* - Reads or writes an RPC_AUTH_NTLMSSP_CHK structure. +creates an RPC_AUTH_SCHANNEL_NEG structure. ********************************************************************/ -BOOL smb_io_rpc_auth_ntlmssp_chk(const char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth) -{ - if (chk == NULL) - return False; - - prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_uint32("ver ", ps, depth, &chk->ver)) - return False; - if(!prs_uint32("reserved", ps, depth, &chk->reserved)) - return False; - if(!prs_uint32("crc32 ", ps, depth, &chk->crc32)) - return False; - if(!prs_uint32("seq_num ", ps, depth, &chk->seq_num)) - return False; - - return True; -} - -/******************************************************************* -creates an RPC_AUTH_NETSEC_NEG structure. -********************************************************************/ -void init_rpc_auth_netsec_neg(RPC_AUTH_NETSEC_NEG *neg, +void init_rpc_auth_schannel_neg(RPC_AUTH_SCHANNEL_NEG *neg, const char *domain, const char *myname) { neg->type1 = 0; @@ -1224,16 +801,16 @@ void init_rpc_auth_netsec_neg(RPC_AUTH_NETSEC_NEG *neg, } /******************************************************************* - Reads or writes an RPC_AUTH_NETSEC_NEG structure. + Reads or writes an RPC_AUTH_SCHANNEL_NEG structure. ********************************************************************/ -BOOL smb_io_rpc_auth_netsec_neg(const char *desc, RPC_AUTH_NETSEC_NEG *neg, +BOOL smb_io_rpc_auth_schannel_neg(const char *desc, RPC_AUTH_SCHANNEL_NEG *neg, prs_struct *ps, int depth) { if (neg == NULL) return False; - prs_debug(ps, depth, desc, "smb_io_rpc_auth_netsec_neg"); + prs_debug(ps, depth, desc, "smb_io_rpc_auth_schannel_neg"); depth++; if(!prs_align(ps)) @@ -1252,16 +829,17 @@ BOOL smb_io_rpc_auth_netsec_neg(const char *desc, RPC_AUTH_NETSEC_NEG *neg, } /******************************************************************* -reads or writes an RPC_AUTH_NETSEC_CHK structure. +reads or writes an RPC_AUTH_SCHANNEL_CHK structure. ********************************************************************/ -BOOL smb_io_rpc_auth_netsec_chk(const char *desc, int auth_len, - RPC_AUTH_NETSEC_CHK * chk, + +BOOL smb_io_rpc_auth_schannel_chk(const char *desc, int auth_len, + RPC_AUTH_SCHANNEL_CHK * chk, prs_struct *ps, int depth) { if (chk == NULL) return False; - prs_debug(ps, depth, desc, "smb_io_rpc_auth_netsec_chk"); + prs_debug(ps, depth, desc, "smb_io_rpc_auth_schannel_chk"); depth++; if ( !prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig)) ) @@ -1273,7 +851,7 @@ BOOL smb_io_rpc_auth_netsec_chk(const char *desc, int auth_len, if ( !prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest, sizeof(chk->packet_digest)) ) return False; - if ( auth_len == RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN ) { + if ( auth_len == RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN ) { if ( !prs_uint8s(False, "confounder", ps, depth, chk->confounder, sizeof(chk->confounder)) ) return False; } diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c index 6b0193c6e4..1aaebf71e3 100644 --- a/source3/rpc_parse/parse_samr.c +++ b/source3/rpc_parse/parse_samr.c @@ -25,8 +25,6 @@ */ #include "includes.h" -#include "rpc_parse.h" -#include "nterr.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_PARSE @@ -7038,9 +7036,9 @@ inits a SAMR_R_GET_DOM_PWINFO structure. void init_samr_q_chgpasswd_user(SAMR_Q_CHGPASSWD_USER * q_u, const char *dest_host, const char *user_name, - const char nt_newpass[516], + const uchar nt_newpass[516], const uchar nt_oldhash[16], - const char lm_newpass[516], + const uchar lm_newpass[516], const uchar lm_oldhash[16]) { DEBUG(5, ("init_samr_q_chgpasswd_user\n")); diff --git a/source3/rpc_parse/parse_svcctl.c b/source3/rpc_parse/parse_svcctl.c index b86ca23df1..e1a7ad8427 100644 --- a/source3/rpc_parse/parse_svcctl.c +++ b/source3/rpc_parse/parse_svcctl.c @@ -100,40 +100,48 @@ static BOOL svcctl_io_service_config( const char *desc, SERVICE_CONFIG *config, return True; } + /******************************************************************* ********************************************************************/ -BOOL svcctl_io_service_description( const char *desc, UNISTR2 *svcdesc, prs_struct *ps, int depth ) +BOOL svcctl_io_enum_services_status( const char *desc, ENUM_SERVICES_STATUS *enum_status, RPC_BUFFER *buffer, int depth ) { - - prs_debug(ps, depth, desc, "svcctl_io_service_description"); + prs_struct *ps=&buffer->prs; + + prs_debug(ps, depth, desc, "svcctl_io_enum_services_status"); depth++; - - if (!prs_io_unistr2("", ps, depth, svcdesc)) + + if ( !smb_io_relstr("servicename", buffer, depth, &enum_status->servicename) ) + return False; + if ( !smb_io_relstr("displayname", buffer, depth, &enum_status->displayname) ) return False; + if ( !svcctl_io_service_status("svc_status", &enum_status->status, ps, depth) ) + return False; + return True; } - /******************************************************************* ********************************************************************/ -BOOL svcctl_io_enum_services_status( const char *desc, ENUM_SERVICES_STATUS *enum_status, RPC_BUFFER *buffer, int depth ) +BOOL svcctl_io_service_status_process( const char *desc, SERVICE_STATUS_PROCESS *status, RPC_BUFFER *buffer, int depth ) { prs_struct *ps=&buffer->prs; - - prs_debug(ps, depth, desc, "svcctl_io_enum_services_status"); + + prs_debug(ps, depth, desc, "svcctl_io_service_status_process"); depth++; - - if ( !smb_io_relstr("servicename", buffer, depth, &enum_status->servicename) ) + + if ( !svcctl_io_service_status("status", &status->status, ps, depth) ) return False; - if ( !smb_io_relstr("displayname", buffer, depth, &enum_status->displayname) ) + if(!prs_align(ps)) return False; - if ( !svcctl_io_service_status("svc_status", &enum_status->status, ps, depth) ) + if(!prs_uint32("process_id", ps, depth, &status->process_id)) return False; - + if(!prs_uint32("service_flags", ps, depth, &status->service_flags)) + return False; + return True; } @@ -151,6 +159,45 @@ uint32 svcctl_sizeof_enum_services_status( ENUM_SERVICES_STATUS *status ) return size; } +/******************************************************************** +********************************************************************/ + +static uint32 sizeof_unistr2( UNISTR2 *string ) +{ + uint32 size = 0; + + if ( !string ) + return 0; + + size = sizeof(uint32) * 3; /* length fields */ + size += 2 * string->uni_max_len; /* string data */ + size += size % 4; /* alignment */ + + return size; +} + +/******************************************************************** +********************************************************************/ + +uint32 svcctl_sizeof_service_config( SERVICE_CONFIG *config ) +{ + uint32 size = 0; + + size = sizeof(uint32) * 4; /* static uint32 fields */ + + /* now add the UNISTR2 + pointer sizes */ + + size += sizeof(uint32) * sizeof_unistr2(config->executablepath); + size += sizeof(uint32) * sizeof_unistr2(config->loadordergroup); + size += sizeof(uint32) * sizeof_unistr2(config->dependencies); + size += sizeof(uint32) * sizeof_unistr2(config->startname); + size += sizeof(uint32) * sizeof_unistr2(config->displayname); + + return size; +} + + + /******************************************************************* ********************************************************************/ @@ -694,7 +741,7 @@ BOOL svcctl_io_q_query_service_config2(const char *desc, SVCCTL_Q_QUERY_SERVICE_ if(!smb_io_pol_hnd("service_pol", &q_u->handle, ps, depth)) return False; - if(!prs_uint32("info_level", ps, depth, &q_u->info_level)) + if(!prs_uint32("level", ps, depth, &q_u->level)) return False; if(!prs_uint32("buffer_size", ps, depth, &q_u->buffer_size)) @@ -705,36 +752,145 @@ BOOL svcctl_io_q_query_service_config2(const char *desc, SVCCTL_Q_QUERY_SERVICE_ /******************************************************************* - Creates a service description response buffer. - The format seems to be DWORD:length of buffer - DWORD:offset (fixed as four) - UNISTR: unicode description in the rest of the buffer ********************************************************************/ -void init_service_description_buffer(RPC_DATA_BLOB *str, const char *service_desc, int blob_length) +void init_service_description_buffer(SERVICE_DESCRIPTION *desc, const char *service_desc ) { - uint32 offset; - uint8 *bp; + desc->unknown = 0x04; /* always 0x0000 0004 (no idea what this is) */ + init_unistr( &desc->description, service_desc ); +} - ZERO_STRUCTP(str); +/******************************************************************* +********************************************************************/ - offset = 4; +BOOL svcctl_io_service_description( const char *desc, SERVICE_DESCRIPTION *description, RPC_BUFFER *buffer, int depth ) +{ + prs_struct *ps = &buffer->prs; - /* set up string lengths. */ + prs_debug(ps, depth, desc, "svcctl_io_service_description"); + depth++; - str->buf_len = create_rpc_blob(str, blob_length); - DEBUG(10, ("init_service_description buffer: Allocated a blob of [%d] \n",str->buf_len)); + if ( !prs_uint32("unknown", ps, depth, &description->unknown) ) + return False; + if ( !prs_unistr("description", ps, depth, &description->description) ) + return False; - if ( str && str->buffer && str->buf_len) { - memset(str->buffer,0,str->buf_len); - memcpy(str->buffer, &offset, sizeof(uint32)); - bp = &str->buffer[4]; - if (service_desc) { - rpcstr_push(bp, service_desc,str->buf_len-4,0); + return True; +} + +/******************************************************************* +********************************************************************/ + +uint32 svcctl_sizeof_service_description( SERVICE_DESCRIPTION *desc ) +{ + if ( !desc ) + return 0; + + /* make sure to include the terminating NULL */ + return ( sizeof(uint32) + (2*(str_len_uni(&desc->description)+1)) ); +} + +/******************************************************************* +********************************************************************/ + +static BOOL svcctl_io_action( const char *desc, SC_ACTION *action, prs_struct *ps, int depth ) +{ + + prs_debug(ps, depth, desc, "svcctl_io_action"); + depth++; + + if ( !prs_uint32("type", ps, depth, &action->type) ) + return False; + if ( !prs_uint32("delay", ps, depth, &action->delay) ) + return False; + + return True; +} + +/******************************************************************* +********************************************************************/ + +BOOL svcctl_io_service_fa( const char *desc, SERVICE_FAILURE_ACTIONS *fa, RPC_BUFFER *buffer, int depth ) +{ + prs_struct *ps = &buffer->prs; + int i; + + prs_debug(ps, depth, desc, "svcctl_io_service_description"); + depth++; + + if ( !prs_uint32("reset_period", ps, depth, &fa->reset_period) ) + return False; + + if ( !prs_pointer( desc, ps, depth, (void**)&fa->rebootmsg, sizeof(UNISTR2), (PRS_POINTER_CAST)prs_io_unistr2 ) ) + return False; + if ( !prs_pointer( desc, ps, depth, (void**)&fa->command, sizeof(UNISTR2), (PRS_POINTER_CAST)prs_io_unistr2 ) ) + return False; + + if ( !prs_uint32("num_actions", ps, depth, &fa->num_actions) ) + return False; + + if ( UNMARSHALLING(ps) && fa->num_actions ) { + if ( !(fa->actions = TALLOC_ARRAY( get_talloc_ctx(), SC_ACTION, fa->num_actions )) ) { + DEBUG(0,("svcctl_io_service_fa: talloc() failure!\n")); + return False; } } + + for ( i=0; inum_actions; i++ ) { + if ( !svcctl_io_action( "actions", &fa->actions[i], ps, depth ) ) + return False; + } + + return True; +} + +/******************************************************************* +********************************************************************/ + +uint32 svcctl_sizeof_service_fa( SERVICE_FAILURE_ACTIONS *fa) +{ + uint32 size = 0; + + if ( !fa ) + return 0; + + size = sizeof(uint32) * 2; + size += sizeof_unistr2( fa->rebootmsg ); + size += sizeof_unistr2( fa->command ); + size += sizeof(SC_ACTION) * fa->num_actions; + + return size; } +/******************************************************************* +********************************************************************/ + +BOOL svcctl_io_r_query_service_config2(const char *desc, SVCCTL_R_QUERY_SERVICE_CONFIG2 *r_u, prs_struct *ps, int depth) +{ + if ( !r_u ) + return False; + + prs_debug(ps, depth, desc, "svcctl_io_r_query_service_config2"); + depth++; + + if ( !prs_align(ps) ) + return False; + + if (!prs_rpcbuffer("", ps, depth, &r_u->buffer)) + return False; + if(!prs_align(ps)) + return False; + + if (!prs_uint32("needed", ps, depth, &r_u->needed)) + return False; + + if(!prs_werror("status", ps, depth, &r_u->status)) + return False; + + return True; +} + + /******************************************************************* ********************************************************************/ @@ -752,7 +908,7 @@ BOOL svcctl_io_q_query_service_status_ex(const char *desc, SVCCTL_Q_QUERY_SERVIC if(!smb_io_pol_hnd("service_pol", &q_u->handle, ps, depth)) return False; - if(!prs_uint32("info_level", ps, depth, &q_u->info_level)) + if(!prs_uint32("level", ps, depth, &q_u->level)) return False; if(!prs_uint32("buffer_size", ps, depth, &q_u->buffer_size)) @@ -771,7 +927,7 @@ BOOL svcctl_io_r_query_service_status_ex(const char *desc, SVCCTL_R_QUERY_SERVIC return False; prs_debug(ps, depth, desc, "svcctl_io_r_query_service_status_ex"); - depth++; + depth++; if (!prs_rpcbuffer("", ps, depth, &r_u->buffer)) return False; @@ -791,37 +947,80 @@ BOOL svcctl_io_r_query_service_status_ex(const char *desc, SVCCTL_R_QUERY_SERVIC /******************************************************************* ********************************************************************/ -BOOL svcctl_io_r_query_service_config2(const char *desc, SVCCTL_R_QUERY_SERVICE_CONFIG2 *r_u, prs_struct *ps, int depth) +BOOL svcctl_io_q_lock_service_db(const char *desc, SVCCTL_Q_LOCK_SERVICE_DB *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) + return False; + + prs_debug(ps, depth, desc, "svcctl_io_q_lock_service_db"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("scm_handle", &q_u->handle, ps, depth)) + return False; + + return True; + +} + +/******************************************************************* +********************************************************************/ + +BOOL svcctl_io_r_lock_service_db(const char *desc, SVCCTL_R_LOCK_SERVICE_DB *r_u, prs_struct *ps, int depth) { if ( !r_u ) return False; - prs_debug(ps, depth, desc, "svcctl_io_r_query_service_config2"); + prs_debug(ps, depth, desc, "svcctl_io_r_lock_service_db"); depth++; if(!prs_align(ps)) return False; - if(!prs_uint32("returned", ps, depth, &r_u->returned)) + if(!smb_io_pol_hnd("lock_handle", &r_u->h_lock, ps, depth)) return False; - if (r_u->returned > 4) { - if (!prs_uint32("offset", ps, depth, &r_u->offset)) - return False; + if(!prs_werror("status", ps, depth, &r_u->status)) + return False; - if ( !prs_pointer( desc, ps, depth, (void**)&r_u->description, sizeof(UNISTR2), (PRS_POINTER_CAST)prs_io_unistr2 ) ) - return False; + return True; +} - if(!prs_align(ps)) - return False; - } else { - /* offset does double duty here */ - r_u->offset = 0; - if (!prs_uint32("offset", ps, depth, &r_u->offset)) - return False; - } +/******************************************************************* +********************************************************************/ - if (!prs_uint32("needed", ps, depth, &r_u->needed)) +BOOL svcctl_io_q_unlock_service_db(const char *desc, SVCCTL_Q_UNLOCK_SERVICE_DB *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) + return False; + + prs_debug(ps, depth, desc, "svcctl_io_q_unlock_service_db"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("h_lock", &q_u->h_lock, ps, depth)) + return False; + + return True; + +} + +/******************************************************************* +********************************************************************/ + +BOOL svcctl_io_r_unlock_service_db(const char *desc, SVCCTL_R_UNLOCK_SERVICE_DB *r_u, prs_struct *ps, int depth) +{ + if ( !r_u ) + return False; + + prs_debug(ps, depth, desc, "svcctl_io_r_unlock_service_db"); + depth++; + + if(!prs_align(ps)) return False; if(!prs_werror("status", ps, depth, &r_u->status)) @@ -831,3 +1030,5 @@ BOOL svcctl_io_r_query_service_config2(const char *desc, SVCCTL_R_QUERY_SERVICE_ } + + -- cgit