sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Code

Merge branch 'master' of /home/tridge/samba/git/combined

Browse Source
This commit is contained in:
Andrew Tridgell 2009-09-16 03:58:13 -07:00
commit 7860817737
19 changed files with 392 additions and 398 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -138,6 +138,7 @@ source4/config.mk
source4/coverage
source4/data.mk
source4/dsdb/common/proto.h
source4/dsdb/kcc/kcc_service_proto.h
source4/dsdb/repl/drepl_service_proto.h
source4/dsdb/samdb/samdb_proto.h
source4/dsdb/schema/proto.h

2
lib/crypto/crypto.h
View File

@ -24,5 +24,5 @@
#include "../lib/crypto/sha256.h"
#include "../lib/crypto/hmacsha256.h"
#include "../lib/crypto/arcfour.h"
#include "../lib/crypto/aes.h"

21
libcli/auth/schannel_proto.h
View File

@ -23,20 +23,15 @@
#ifndef _LIBCLI_AUTH_SCHANNEL_PROTO_H__
#define _LIBCLI_AUTH_SCHANNEL_PROTO_H__
NTSTATUS schannel_unseal_packet(struct schannel_state *state,
NTSTATUS netsec_incoming_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
bool do_unseal,
uint8_t *data, size_t length,
const DATA_BLOB *sig);
NTSTATUS schannel_check_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const DATA_BLOB *sig);
NTSTATUS schannel_seal_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
DATA_BLOB *sig);
NTSTATUS schannel_sign_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
DATA_BLOB *sig);
NTSTATUS netsec_outgoing_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
bool do_seal,
uint8_t *data, size_t length,
DATA_BLOB *sig);
#endif

301
libcli/auth/schannel_sign.c
View File

@ -24,58 +24,89 @@
#include "../libcli/auth/schannel.h"
#include "../lib/crypto/crypto.h"
#define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 }
#define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 }
static void netsec_offset_and_sizes(struct schannel_state *state,
bool do_seal,
uint32_t *_min_sig_size,
uint32_t *_used_sig_size,
uint32_t *_checksum_length,
uint32_t *_confounder_ofs)
{
uint32_t min_sig_size = 24;
uint32_t used_sig_size = 32;
uint32_t checksum_length = 8;
uint32_t confounder_ofs = 24;
if (do_seal) {
min_sig_size += 8;
}
if (_min_sig_size) {
*_min_sig_size = min_sig_size;
}
if (_used_sig_size) {
*_used_sig_size = used_sig_size;
}
if (_checksum_length) {
*_checksum_length = checksum_length;
}
if (_confounder_ofs) {
*_confounder_ofs = confounder_ofs;
}
}
/*******************************************************************
Encode or Decode the sequence number (which is symmetric)
********************************************************************/
static void netsec_deal_with_seq_num(struct schannel_state *state,
const uint8_t packet_digest[8],
uint8_t seq_num[8])
static void netsec_do_seq_num(struct schannel_state *state,
const uint8_t *checksum,
uint32_t checksum_length,
uint8_t seq_num[8])
{
static const uint8_t zeros[4];
uint8_t sequence_key[16];
uint8_t digest1[16];
hmac_md5(state->creds->session_key, zeros, sizeof(zeros), digest1);
hmac_md5(digest1, packet_digest, 8, sequence_key);
hmac_md5(digest1, checksum, checksum_length, sequence_key);
arcfour_crypt(seq_num, sequence_key, 8);
state->seq_num++;
}
/*******************************************************************
Calculate the key with which to encode the data payload
********************************************************************/
static void netsec_get_sealing_key(const uint8_t session_key[16],
const uint8_t seq_num[8],
uint8_t sealing_key[16])
static void netsec_do_seal(struct schannel_state *state,
const uint8_t seq_num[8],
uint8_t confounder[8],
uint8_t *data, uint32_t length)
{
uint8_t sealing_key[16];
static const uint8_t zeros[4];
uint8_t digest2[16];
uint8_t sess_kf0[16];
int i;
for (i = 0; i < 16; i++) {
sess_kf0[i] = session_key[i] ^ 0xf0;
sess_kf0[i] = state->creds->session_key[i] ^ 0xf0;
}
hmac_md5(sess_kf0, zeros, 4, digest2);
hmac_md5(digest2, seq_num, 8, sealing_key);
}
arcfour_crypt(confounder, sealing_key, 8);
arcfour_crypt(data, sealing_key, length);
}
/*******************************************************************
Create a digest over the entire packet (including the data), and
MD5 it with the session key.
********************************************************************/
static void schannel_digest(const uint8_t sess_key[16],
const uint8_t netsec_sig[8],
const uint8_t *confounder,
const uint8_t *data, size_t data_len,
uint8_t digest_final[16])
static void netsec_do_sign(struct schannel_state *state,
const uint8_t *confounder,
const uint8_t *data, size_t data_len,
uint8_t header[8],
uint8_t *checksum)
{
uint8_t packet_digest[16];
static const uint8_t zeros[4];
@ -83,57 +114,88 @@ static void schannel_digest(const uint8_t sess_key[16],
MD5Init(&ctx);
MD5Update(&ctx, zeros, 4);
MD5Update(&ctx, netsec_sig, 8);
if (confounder) {
SSVAL(header, 0, NL_SIGN_HMAC_MD5);
SSVAL(header, 2, NL_SEAL_RC4);
SSVAL(header, 4, 0xFFFF);
SSVAL(header, 6, 0x0000);
MD5Update(&ctx, header, 8);
MD5Update(&ctx, confounder, 8);
} else {
SSVAL(header, 0, NL_SIGN_HMAC_MD5);
SSVAL(header, 2, NL_SEAL_NONE);
SSVAL(header, 4, 0xFFFF);
SSVAL(header, 6, 0x0000);
MD5Update(&ctx, header, 8);
}
MD5Update(&ctx, data, data_len);
MD5Final(packet_digest, &ctx);
hmac_md5(sess_key, packet_digest, sizeof(packet_digest), digest_final);
hmac_md5(state->creds->session_key,
packet_digest, sizeof(packet_digest),
checksum);
}
/*
unseal a packet
*/
NTSTATUS schannel_unseal_packet(struct schannel_state *state,
NTSTATUS netsec_incoming_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
bool do_unseal,
uint8_t *data, size_t length,
const DATA_BLOB *sig)
{
uint8_t digest_final[16];
uint8_t confounder[8];
uint32_t min_sig_size = 0;
uint8_t header[8];
uint8_t checksum[32];
uint32_t checksum_length = sizeof(checksum_length);
uint8_t _confounder[8];
uint8_t *confounder = NULL;
uint32_t confounder_ofs = 0;
uint8_t seq_num[8];
uint8_t sealing_key[16];
static const uint8_t netsec_sig[8] = NETSEC_SEAL_SIGNATURE;
int ret;
if (sig->length != 32) {
netsec_offset_and_sizes(state,
do_unseal,
&min_sig_size,
NULL,
&checksum_length,
&confounder_ofs);
if (sig->length < min_sig_size) {
return NT_STATUS_ACCESS_DENIED;
}
memcpy(confounder, sig->data+24, 8);
if (do_unseal) {
confounder = _confounder;
memcpy(confounder, sig->data+confounder_ofs, 8);
} else {
confounder = NULL;
}
RSIVAL(seq_num, 0, state->seq_num);
SIVAL(seq_num, 4, state->initiator?0:0x80);
netsec_get_sealing_key(state->creds->session_key, seq_num, sealing_key);
arcfour_crypt(confounder, sealing_key, 8);
arcfour_crypt(data, sealing_key, length);
if (do_unseal) {
netsec_do_seal(state, seq_num,
confounder,
data, length);
}
schannel_digest(state->creds->session_key,
netsec_sig, confounder,
data, length, digest_final);
netsec_do_sign(state, confounder,
data, length,
header, checksum);
if (memcmp(digest_final, sig->data+16, 8) != 0) {
dump_data_pw("calc digest:", digest_final, 8);
dump_data_pw("wire digest:", sig->data+16, 8);
ret = memcmp(checksum, sig->data+16, checksum_length);
if (ret != 0) {
dump_data_pw("calc digest:", checksum, checksum_length);
dump_data_pw("wire digest:", sig->data+16, checksum_length);
return NT_STATUS_ACCESS_DENIED;
}
netsec_deal_with_seq_num(state, digest_final, seq_num);
netsec_do_seq_num(state, checksum, checksum_length, seq_num);
if (memcmp(seq_num, sig->data+8, 8) != 0) {
ret = memcmp(seq_num, sig->data+8, 8);
if (ret != 0) {
dump_data_pw("calc seq num:", seq_num, 8);
dump_data_pw("wire seq num:", sig->data+8, 8);
return NT_STATUS_ACCESS_DENIED;
@ -142,128 +204,65 @@ NTSTATUS schannel_unseal_packet(struct schannel_state *state,
return NT_STATUS_OK;
}
/*
check the signature on a packet
*/
NTSTATUS schannel_check_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const DATA_BLOB *sig)
NTSTATUS netsec_outgoing_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
bool do_seal,
uint8_t *data, size_t length,
DATA_BLOB *sig)
{
uint8_t digest_final[16];
uint32_t min_sig_size = 0;
uint32_t used_sig_size = 0;
uint8_t header[8];
uint8_t checksum[32];
uint32_t checksum_length = sizeof(checksum_length);
uint8_t _confounder[8];
uint8_t *confounder = NULL;
uint32_t confounder_ofs = 0;
uint8_t seq_num[8];
static const uint8_t netsec_sig[8] = NETSEC_SIGN_SIGNATURE;
/* w2k sends just 24 bytes and skip the confounder */
if (sig->length != 32 && sig->length != 24) {
return NT_STATUS_ACCESS_DENIED;
}
RSIVAL(seq_num, 0, state->seq_num);
SIVAL(seq_num, 4, state->initiator?0:0x80);
dump_data_pw("seq_num:\n", seq_num, 8);
dump_data_pw("sess_key:\n", state->creds->session_key, 16);
schannel_digest(state->creds->session_key,
netsec_sig, NULL,
data, length, digest_final);
netsec_deal_with_seq_num(state, digest_final, seq_num);
if (memcmp(seq_num, sig->data+8, 8) != 0) {
dump_data_pw("calc seq num:", seq_num, 8);
dump_data_pw("wire seq num:", sig->data+8, 8);
return NT_STATUS_ACCESS_DENIED;
}
if (memcmp(digest_final, sig->data+16, 8) != 0) {
dump_data_pw("calc digest:", digest_final, 8);
dump_data_pw("wire digest:", sig->data+16, 8);
return NT_STATUS_ACCESS_DENIED;
}
return NT_STATUS_OK;
}
/*
seal a packet
*/
NTSTATUS schannel_seal_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
DATA_BLOB *sig)
{
uint8_t digest_final[16];
uint8_t confounder[8];
uint8_t seq_num[8];
uint8_t sealing_key[16];
static const uint8_t netsec_sig[8] = NETSEC_SEAL_SIGNATURE;
generate_random_buffer(confounder, 8);
netsec_offset_and_sizes(state,
do_seal,
&min_sig_size,
&used_sig_size,
&checksum_length,
&confounder_ofs);
RSIVAL(seq_num, 0, state->seq_num);
SIVAL(seq_num, 4, state->initiator?0x80:0);
schannel_digest(state->creds->session_key,
netsec_sig, confounder,
data, length, digest_final);
if (do_seal) {
confounder = _confounder;
generate_random_buffer(confounder, 8);
} else {
confounder = NULL;
}
netsec_get_sealing_key(state->creds->session_key, seq_num, sealing_key);
arcfour_crypt(confounder, sealing_key, 8);
arcfour_crypt(data, sealing_key, length);
netsec_do_sign(state, confounder,
data, length,
header, checksum);
netsec_deal_with_seq_num(state, digest_final, seq_num);
if (do_seal) {
netsec_do_seal(state, seq_num,
confounder,
data, length);
}
(*sig) = data_blob_talloc(mem_ctx, NULL, 32);
netsec_do_seq_num(state, checksum, checksum_length, seq_num);
memcpy(sig->data, netsec_sig, 8);
(*sig) = data_blob_talloc_zero(mem_ctx, used_sig_size);
memcpy(sig->data, header, 8);
memcpy(sig->data+8, seq_num, 8);
memcpy(sig->data+16, digest_final, 8);
memcpy(sig->data+24, confounder, 8);
memcpy(sig->data+16, checksum, checksum_length);
if (confounder) {
memcpy(sig->data+confounder_ofs, confounder, 8);
}
dump_data_pw("signature:", sig->data+ 0, 8);
dump_data_pw("seq_num :", sig->data+ 8, 8);
dump_data_pw("digest :", sig->data+16, 8);
dump_data_pw("confound :", sig->data+24, 8);
return NT_STATUS_OK;
}
/*
sign a packet
*/
NTSTATUS schannel_sign_packet(struct schannel_state *state,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
DATA_BLOB *sig)
{
uint8_t digest_final[16];
uint8_t seq_num[8];
static const uint8_t netsec_sig[8] = NETSEC_SIGN_SIGNATURE;
RSIVAL(seq_num, 0, state->seq_num);
SIVAL(seq_num, 4, state->initiator?0x80:0);
schannel_digest(state->creds->session_key,
netsec_sig, NULL,
data, length, digest_final);
netsec_deal_with_seq_num(state, digest_final, seq_num);
(*sig) = data_blob_talloc(mem_ctx, NULL, 32);
memcpy(sig->data, netsec_sig, 8);
memcpy(sig->data+8, seq_num, 8);
memcpy(sig->data+16, digest_final, 8);
memset(sig->data+24, 0, 8);
dump_data_pw("signature:", sig->data+ 0, 8);
dump_data_pw("seq_num :", sig->data+ 8, 8);
dump_data_pw("digest :", sig->data+16, 8);
dump_data_pw("confound :", sig->data+24, 8);
dump_data_pw("digest :", sig->data+16, checksum_length);
dump_data_pw("confound :", sig->data+confounder_ofs, 8);
return NT_STATUS_OK;
}

4
librpc/gen_ndr/ndr_ntlmssp.c
View File

@ -2279,7 +2279,7 @@ static const struct ndr_interface_call ntlmssp_calls[] = {
};
static const char * const ntlmssp_endpoint_strings[] = {
"ncacn_np:[\\pipe\\ntlmssp]",
"ncacn_np:[\\pipe\\ntlmssp]",
};
static const struct ndr_interface_string_array ntlmssp_endpoints = {
@ -2288,7 +2288,7 @@ static const struct ndr_interface_string_array ntlmssp_endpoints = {
};
static const char * const ntlmssp_authservice_strings[] = {
"host",
"host",
};
static const struct ndr_interface_string_array ntlmssp_authservices = {

1
librpc/gen_ndr/ndr_ntlmssp.h
View File

@ -50,6 +50,7 @@ void ndr_print_LM_RESPONSE(struct ndr_print *ndr, const char *name, const struct
enum ndr_err_code ndr_push_LMv2_RESPONSE(struct ndr_push *ndr, int ndr_flags, const struct LMv2_RESPONSE *r);
enum ndr_err_code ndr_pull_LMv2_RESPONSE(struct ndr_pull *ndr, int ndr_flags, struct LMv2_RESPONSE *r);
void ndr_print_LMv2_RESPONSE(struct ndr_print *ndr, const char *name, const struct LMv2_RESPONSE *r);
void ndr_print_ntlmssp_LM_RESPONSE(struct ndr_print *ndr, const char *name, const union ntlmssp_LM_RESPONSE *r);
enum ndr_err_code ndr_push_NTLM_RESPONSE(struct ndr_push *ndr, int ndr_flags, const struct NTLM_RESPONSE *r);
enum ndr_err_code ndr_pull_NTLM_RESPONSE(struct ndr_pull *ndr, int ndr_flags, struct NTLM_RESPONSE *r);
void ndr_print_NTLM_RESPONSE(struct ndr_print *ndr, const char *name, const struct NTLM_RESPONSE *r);

36
librpc/ndr/ndr_schannel.c
View File

@ -69,3 +69,39 @@ _PUBLIC_ void ndr_print_NL_AUTH_MESSAGE_BUFFER_REPLY(struct ndr_print *ndr, cons
}
}
void dump_NL_AUTH_SIGNATURE(TALLOC_CTX *mem_ctx,
const DATA_BLOB *blob)
{
enum ndr_err_code ndr_err;
uint16_t signature_algorithm;
if (blob->length < 2) {
return;
}
signature_algorithm = SVAL(blob->data, 0);
switch (signature_algorithm) {
case NL_SIGN_HMAC_MD5: {
struct NL_AUTH_SIGNATURE r;
ndr_err = ndr_pull_struct_blob(blob, mem_ctx, NULL, &r,
(ndr_pull_flags_fn_t)ndr_pull_NL_AUTH_SIGNATURE);
if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &r);
}
break;
}
case NL_SIGN_HMAC_SHA256: {
struct NL_AUTH_SHA2_SIGNATURE r;
ndr_err = ndr_pull_struct_blob(blob, mem_ctx, NULL, &r,
(ndr_pull_flags_fn_t)ndr_pull_NL_AUTH_SHA2_SIGNATURE);
if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
NDR_PRINT_DEBUG(NL_AUTH_SHA2_SIGNATURE, &r);
}
break;
}
default:
break;
}
}

3
librpc/ndr/ndr_schannel.h
View File

@ -21,4 +21,5 @@
void ndr_print_NL_AUTH_MESSAGE_BUFFER(struct ndr_print *ndr, const char *name, const union NL_AUTH_MESSAGE_BUFFER *r);
void ndr_print_NL_AUTH_MESSAGE_BUFFER_REPLY(struct ndr_print *ndr, const char *name, const union NL_AUTH_MESSAGE_BUFFER_REPLY *r);
void dump_NL_AUTH_SIGNATURE(TALLOC_CTX *mem_ctx,
const DATA_BLOB *blob);

2
source3/include/proto.h
View File

@ -5712,7 +5712,7 @@ bool prs_data_blob(prs_struct *prs, DATA_BLOB *blob, TALLOC_CTX *mem_ctx);
/* The following definitions come from rpc_parse/parse_rpc.c */
const char *get_pipe_name_from_iface(const struct ndr_syntax_id *interface);
void init_rpc_hdr(RPC_HDR *hdr, enum RPC_PKT_TYPE pkt_type, uint8 flags,
void init_rpc_hdr(RPC_HDR *hdr, enum dcerpc_pkt_type pkt_type, uint8 flags,
uint32 call_id, int data_len, int auth_len);
bool smb_io_rpc_hdr(const char *desc, RPC_HDR *rpc, prs_struct *ps, int depth);
void init_rpc_context(RPC_CONTEXT *rpc_ctx, uint16 context_id,

44
source3/include/rpc_dce.h
View File

@ -22,49 +22,7 @@
#ifndef _DCE_RPC_H /* _DCE_RPC_H */
#define _DCE_RPC_H
/* DCE/RPC packet types */
enum RPC_PKT_TYPE {
RPC_REQUEST = 0x00, /* Ordinary request. */
RPC_PING = 0x01, /* Connectionless is server alive ? */
RPC_RESPONSE = 0x02, /* Ordinary reply. */
RPC_FAULT = 0x03, /* Fault in processing of call. */
RPC_WORKING = 0x04, /* Connectionless reply to a ping when server busy. */
RPC_NOCALL = 0x05, /* Connectionless reply to a ping when server has lost part of clients call. */
RPC_REJECT = 0x06, /* Refuse a request with a code. */
RPC_ACK = 0x07, /* Connectionless client to server code. */
RPC_CL_CANCEL= 0x08, /* Connectionless cancel. */
RPC_FACK = 0x09, /* Connectionless fragment ack. Both client and server send. */
RPC_CANCEL_ACK = 0x0A, /* Server ACK to client cancel request. */
RPC_BIND = 0x0B, /* Bind to interface. */
RPC_BINDACK = 0x0C, /* Server ack of bind. */
RPC_BINDNACK = 0x0D, /* Server nack of bind. */
RPC_ALTCONT = 0x0E, /* Alter auth. */
RPC_ALTCONTRESP = 0x0F, /* Reply to alter auth. */
RPC_AUTH3 = 0x10, /* not the real name! this is undocumented! */
RPC_SHUTDOWN = 0x11, /* Server to client request to shutdown. */
RPC_CO_CANCEL= 0x12, /* Connection-oriented cancel request. */
RPC_ORPHANED = 0x13 /* Client telling server it's aborting a partially sent request or telling
server to stop sending replies. */
};
/* DCE/RPC flags */
#define RPC_FLG_FIRST 0x01
#define RPC_FLG_LAST 0x02
#define RPC_FLG_NOCALL 0x20
/* Netlogon schannel auth type and level */
#define SCHANNEL_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 }
#define SCHANNEL_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 }
#define RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN 0x20
#define RPC_AUTH_SCHANNEL_SIGN_ONLY_CHK_LEN 0x18
enum schannel_direction {
SENDER_IS_INITIATOR,
SENDER_IS_ACCEPTOR
};
/* Maximum size of the signing data in a fragment. */
#define RPC_MAX_SIGN_SIZE 0x38 /* 56 */
@ -79,7 +37,7 @@ enum schannel_direction {
typedef struct rpc_hdr_info {
uint8 major; /* 5 - RPC major version */
uint8 minor; /* 0 - RPC minor version */
uint8 pkt_type; /* RPC_PKT_TYPE - RPC response packet */
uint8 pkt_type; /* dcerpc_pkt_type - RPC response packet */
uint8 flags; /* DCE/RPC flags */
uint8 pack_type[4]; /* 0x1000 0000 - little-endian packed data representation */
uint16 frag_len; /* fragment length - data size (bytes) inc header and tail. */

6
source3/lib/netapi/user.c
View File

@ -466,7 +466,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
&user_handle);
done:
if (is_valid_policy_hnd(&user_handle)) {
if (is_valid_policy_hnd(&user_handle) && pipe_cli) {
rpccli_samr_Close(pipe_cli, ctx, &user_handle);
}
@ -1696,7 +1696,7 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx,
}
done:
if (is_valid_policy_hnd(&user_handle)) {
if (is_valid_policy_hnd(&user_handle) && pipe_cli) {
rpccli_samr_Close(pipe_cli, ctx, &user_handle);
}
@ -1864,7 +1864,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx,
werr = WERR_OK;
done:
if (is_valid_policy_hnd(&user_handle)) {
if (is_valid_policy_hnd(&user_handle) && pipe_cli) {
rpccli_samr_Close(pipe_cli, ctx, &user_handle);
}

108
source3/rpc_client/cli_pipe.c
View File

@ -672,13 +672,12 @@ static NTSTATUS cli_pipe_verify_schannel(struct rpc_pipe_client *cli, RPC_HDR *p
uint8 *p_ss_padding_len)
{
RPC_HDR_AUTH auth_info;
struct NL_AUTH_SIGNATURE schannel_chk;
uint32 auth_len = prhdr->auth_len;
uint32 save_offset = prs_offset(current_pdu);
struct schannel_state *schannel_auth =
cli->auth->a_u.schannel_auth;
uint8_t *data;
uint32 data_len;
enum ndr_err_code ndr_err;
DATA_BLOB blob;
NTSTATUS status;
@ -725,31 +724,28 @@ static NTSTATUS cli_pipe_verify_schannel(struct rpc_pipe_client *cli, RPC_HDR *p
blob = data_blob_const(prs_data_p(current_pdu) + prs_offset(current_pdu), auth_len);
ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), NULL, &schannel_chk,
(ndr_pull_flags_fn_t)ndr_pull_NL_AUTH_SIGNATURE);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
DEBUG(0,("cli_pipe_verify_schannel: failed to unmarshal RPC_AUTH_SCHANNEL_CHK.\n"));
return ndr_map_error2ntstatus(ndr_err);
if (DEBUGLEVEL >= 10) {
dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
if (DEBUGLEVEL >= 10) {
NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &schannel_chk);
}
data = (uint8_t *)prs_data_p(current_pdu)+RPC_HEADER_LEN+RPC_HDR_RESP_LEN;
switch (cli->auth->auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
status = schannel_unseal_packet(schannel_auth,
status = netsec_incoming_packet(schannel_auth,
talloc_tos(),
(uint8_t *)prs_data_p(current_pdu)+RPC_HEADER_LEN+RPC_HDR_RESP_LEN,
true,
data,
data_len,
&blob);
break;
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = schannel_check_packet(schannel_auth,
talloc_tos(),
(uint8_t *)prs_data_p(current_pdu)+RPC_HEADER_LEN+RPC_HDR_RESP_LEN,
data_len,
&blob);
status = netsec_incoming_packet(schannel_auth,
talloc_tos(),
false,
data,
data_len,
&blob);
break;
default:
status = NT_STATUS_INTERNAL_ERROR;
@ -881,14 +877,14 @@ static NTSTATUS cli_pipe_validate_current_pdu(struct rpc_pipe_client *cli, RPC_H
/* Ensure we have the correct type. */
switch (prhdr->pkt_type) {
case RPC_ALTCONTRESP:
case RPC_BINDACK:
case DCERPC_PKT_ALTER_RESP:
case DCERPC_PKT_BIND_ACK:
/* Alter context and bind ack share the same packet definitions. */
break;
case RPC_RESPONSE:
case DCERPC_PKT_RESPONSE:
{
RPC_HDR_RESP rhdr_resp;
uint8 ss_padding_len = 0;
@ -944,14 +940,14 @@ static NTSTATUS cli_pipe_validate_current_pdu(struct rpc_pipe_client *cli, RPC_H
break;
}
case RPC_BINDNACK:
case DCERPC_PKT_BIND_NAK:
DEBUG(1, ("cli_pipe_validate_current_pdu: Bind NACK "
"received from %s!\n",
rpccli_pipe_txt(debug_ctx(), cli)));
/* Use this for now... */
return NT_STATUS_NETWORK_ACCESS_DENIED;
case RPC_FAULT:
case DCERPC_PKT_FAULT:
{
RPC_HDR_RESP rhdr_resp;
RPC_HDR_FAULT fault_resp;
@ -998,10 +994,10 @@ static NTSTATUS cli_pipe_validate_current_pdu(struct rpc_pipe_client *cli, RPC_H
data before now as we may have needed to do cryptographic actions on
it before. */
if ((prhdr->pkt_type == RPC_BINDACK) && !(prhdr->flags & RPC_FLG_LAST)) {
if ((prhdr->pkt_type == DCERPC_PKT_BIND_ACK) && !(prhdr->flags & DCERPC_PFC_FLAG_LAST)) {
DEBUG(5,("cli_pipe_validate_current_pdu: bug in server (AS/U?), "
"setting fragment first/last ON.\n"));
prhdr->flags |= RPC_FLG_FIRST|RPC_FLG_LAST;
prhdr->flags |= DCERPC_PFC_FLAG_FIRST|DCERPC_PFC_FLAG_LAST;
}
return NT_STATUS_OK;
@ -1401,7 +1397,7 @@ static void rpc_api_pipe_got_pdu(struct tevent_req *subreq)
return;
}
if ((state->rhdr.flags & RPC_FLG_FIRST)
if ((state->rhdr.flags & DCERPC_PFC_FLAG_FIRST)
&& (state->rhdr.pack_type[0] == 0)) {
/*
* Set the data type correctly for big-endian data on the
@ -1442,7 +1438,7 @@ static void rpc_api_pipe_got_pdu(struct tevent_req *subreq)
return;
}
if (state->rhdr.flags & RPC_FLG_LAST) {
if (state->rhdr.flags & DCERPC_PFC_FLAG_LAST) {
DEBUG(10,("rpc_api_pipe: %s returned %u bytes.\n",
rpccli_pipe_txt(debug_ctx(), state->cli),
(unsigned)prs_data_size(&state->incoming_pdu)));
@ -1688,7 +1684,7 @@ static NTSTATUS create_schannel_auth_rpc_bind_req( struct rpc_pipe_client *cli,
Creates the internals of a DCE/RPC bind request or alter context PDU.
********************************************************************/
static NTSTATUS create_bind_or_alt_ctx_internal(enum RPC_PKT_TYPE pkt_type,
static NTSTATUS create_bind_or_alt_ctx_internal(enum dcerpc_pkt_type pkt_type,
prs_struct *rpc_out,
uint32 rpc_call_id,
const struct ndr_syntax_id *abstract,
@ -1723,7 +1719,7 @@ static NTSTATUS create_bind_or_alt_ctx_internal(enum RPC_PKT_TYPE pkt_type,
}
/* Create the request RPC_HDR */
init_rpc_hdr(&hdr, pkt_type, RPC_FLG_FIRST|RPC_FLG_LAST, rpc_call_id, frag_len, auth_len);
init_rpc_hdr(&hdr, pkt_type, DCERPC_PFC_FLAG_FIRST|DCERPC_PFC_FLAG_LAST, rpc_call_id, frag_len, auth_len);
/* Marshall the RPC header */
if(!smb_io_rpc_hdr("hdr" , &hdr, rpc_out, 0)) {
@ -1827,7 +1823,7 @@ static NTSTATUS create_rpc_bind_req(struct rpc_pipe_client *cli,
return NT_STATUS_INVALID_INFO_CLASS;
}
ret = create_bind_or_alt_ctx_internal(RPC_BIND,
ret = create_bind_or_alt_ctx_internal(DCERPC_PKT_BIND,
rpc_out,
rpc_call_id,
abstract,
@ -1930,11 +1926,9 @@ static NTSTATUS add_schannel_auth_footer(struct rpc_pipe_client *cli,
prs_struct *outgoing_pdu)
{
RPC_HDR_AUTH auth_info;
struct NL_AUTH_SIGNATURE verf;
struct schannel_state *sas = cli->auth->a_u.schannel_auth;
char *data_p = prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN;
size_t data_and_pad_len = prs_offset(outgoing_pdu) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN;
enum ndr_err_code ndr_err;
DATA_BLOB blob;
NTSTATUS status;
@ -1959,18 +1953,20 @@ static NTSTATUS add_schannel_auth_footer(struct rpc_pipe_client *cli,
switch (cli->auth->auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
status = schannel_seal_packet(sas,
talloc_tos(),
(uint8_t *)data_p,
data_and_pad_len,
&blob);
status = netsec_outgoing_packet(sas,
talloc_tos(),
true,
(uint8_t *)data_p,
data_and_pad_len,
&blob);
break;
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = schannel_sign_packet(sas,
talloc_tos(),
(uint8_t *)data_p,
data_and_pad_len,
&blob);
status = netsec_outgoing_packet(sas,
talloc_tos(),
false,
(uint8_t *)data_p,
data_and_pad_len,
&blob);
break;
default:
status = NT_STATUS_INTERNAL_ERROR;
@ -1982,17 +1978,11 @@ static NTSTATUS add_schannel_auth_footer(struct rpc_pipe_client *cli,
nt_errstr(status)));
return status;
}
#if 0
ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), NULL, &verf,
(ndr_push_flags_fn_t)ndr_push_NL_AUTH_SIGNATURE);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return ndr_map_error2ntstatus(ndr_err);
}
if (DEBUGLEVEL >= 10) {
NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &verf);
dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
#endif
/* Finally marshall the blob. */
if (!prs_copy_data_in(outgoing_pdu, (const char *)blob.data, blob.length)) {
return NT_STATUS_NO_MEMORY;
@ -2143,7 +2133,7 @@ struct tevent_req *rpc_api_pipe_req_send(TALLOC_CTX *mem_ctx,
if (is_last_frag) {
subreq = rpc_api_pipe_send(state, ev, state->cli,
&state->outgoing_frag,
RPC_RESPONSE);
DCERPC_PKT_RESPONSE);
if (subreq == NULL) {
goto fail;
}
@ -2189,11 +2179,11 @@ static NTSTATUS prepare_next_frag(struct rpc_api_pipe_req_state *state,
state->cli, data_left, &frag_len, &auth_len, &ss_padding);
if (state->req_data_sent == 0) {
flags = RPC_FLG_FIRST;
flags = DCERPC_PFC_FLAG_FIRST;
}
if (data_sent_thistime == data_left) {
flags |= RPC_FLG_LAST;
flags |= DCERPC_PFC_FLAG_LAST;
}
if (!prs_set_offset(&state->outgoing_frag, 0)) {
@ -2201,7 +2191,7 @@ static NTSTATUS prepare_next_frag(struct rpc_api_pipe_req_state *state,
}
/* Create and marshall the header and request header. */
init_rpc_hdr(&hdr, RPC_REQUEST, flags, state->call_id, frag_len,
init_rpc_hdr(&hdr, DCERPC_PKT_REQUEST, flags, state->call_id, frag_len,
auth_len);
if (!smb_io_rpc_hdr("hdr ", &hdr, &state->outgoing_frag, 0)) {
@ -2249,7 +2239,7 @@ static NTSTATUS prepare_next_frag(struct rpc_api_pipe_req_state *state,
}
state->req_data_sent += data_sent_thistime;
*is_last_frag = ((flags & RPC_FLG_LAST) != 0);
*is_last_frag = ((flags & DCERPC_PFC_FLAG_LAST) != 0);
return status;
}
@ -2279,7 +2269,7 @@ static void rpc_api_pipe_req_write_done(struct tevent_req *subreq)
if (is_last_frag) {
subreq = rpc_api_pipe_send(state, state->ev, state->cli,
&state->outgoing_frag,
RPC_RESPONSE);
DCERPC_PKT_RESPONSE);
if (tevent_req_nomem(subreq, req)) {
return;
}
@ -2436,7 +2426,7 @@ static NTSTATUS create_rpc_bind_auth3(struct rpc_pipe_client *cli,
uint32 pad = 0;
/* Create the request RPC_HDR */
init_rpc_hdr(&hdr, RPC_AUTH3, RPC_FLG_FIRST|RPC_FLG_LAST, rpc_call_id,
init_rpc_hdr(&hdr, DCERPC_PKT_AUTH3, DCERPC_PFC_FLAG_FIRST|DCERPC_PFC_FLAG_LAST, rpc_call_id,
RPC_HEADER_LEN + 4 /* pad */ + RPC_HDR_AUTH_LEN + pauth_blob->length,
pauth_blob->length );
@ -2509,7 +2499,7 @@ static NTSTATUS create_rpc_alter_context(uint32 rpc_call_id,
}
}
ret = create_bind_or_alt_ctx_internal(RPC_ALTCONT,
ret = create_bind_or_alt_ctx_internal(DCERPC_PKT_ALTER,
rpc_out,
rpc_call_id,
abstract,
@ -2590,7 +2580,7 @@ struct tevent_req *rpc_pipe_bind_send(TALLOC_CTX *mem_ctx,
}
subreq = rpc_api_pipe_send(state, ev, cli, &state->rpc_out,
RPC_BINDACK);
DCERPC_PKT_BIND_ACK);
if (subreq == NULL) {
goto fail;
}
@ -2858,7 +2848,7 @@ static NTSTATUS rpc_finish_spnego_ntlmssp_bind_send(struct tevent_req *req,
}
subreq = rpc_api_pipe_send(state, state->ev, state->cli,
&state->rpc_out, RPC_ALTCONTRESP);
&state->rpc_out, DCERPC_PKT_ALTER_RESP);
if (subreq == NULL) {
return NT_STATUS_NO_MEMORY;
}

2
source3/rpc_parse/parse_rpc.c
View File

@ -29,7 +29,7 @@
Inits an RPC_HDR structure.
********************************************************************/
void init_rpc_hdr(RPC_HDR *hdr, enum RPC_PKT_TYPE pkt_type, uint8 flags,
void init_rpc_hdr(RPC_HDR *hdr, enum dcerpc_pkt_type pkt_type, uint8 flags,
uint32 call_id, int data_len, int auth_len)
{
hdr->major = 5; /* RPC version 5 */

100
source3/rpc_server/srv_pipe.c
View File

@ -84,11 +84,11 @@ static bool create_next_pdu_ntlmssp(pipes_struct *p)
memset((char *)&hdr_resp, '\0', sizeof(hdr_resp));
/* Change the incoming request header to a response. */
p->hdr.pkt_type = RPC_RESPONSE;
p->hdr.pkt_type = DCERPC_PKT_RESPONSE;
/* Set up rpc header flags. */
if (p->out_data.data_sent_length == 0) {
p->hdr.flags = RPC_FLG_FIRST;
p->hdr.flags = DCERPC_PFC_FLAG_FIRST;
} else {
p->hdr.flags = 0;
}
@ -130,7 +130,7 @@ static bool create_next_pdu_ntlmssp(pipes_struct *p)
*/
if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) {
p->hdr.flags |= RPC_FLG_LAST;
p->hdr.flags |= DCERPC_PFC_FLAG_LAST;
if (data_len_left % 8) {
ss_padding_len = 8 - (data_len_left % 8);
DEBUG(10,("create_next_pdu_ntlmssp: adding sign/seal padding of %u\n",
@ -302,11 +302,11 @@ static bool create_next_pdu_schannel(pipes_struct *p)
memset((char *)&hdr_resp, '\0', sizeof(hdr_resp));
/* Change the incoming request header to a response. */
p->hdr.pkt_type = RPC_RESPONSE;
p->hdr.pkt_type = DCERPC_PKT_RESPONSE;
/* Set up rpc header flags. */
if (p->out_data.data_sent_length == 0) {
p->hdr.flags = RPC_FLG_FIRST;
p->hdr.flags = DCERPC_PFC_FLAG_FIRST;
} else {
p->hdr.flags = 0;
}
@ -349,7 +349,7 @@ static bool create_next_pdu_schannel(pipes_struct *p)
*/
if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) {
p->hdr.flags |= RPC_FLG_LAST;
p->hdr.flags |= DCERPC_PFC_FLAG_LAST;
if (data_len_left % 8) {
ss_padding_len = 8 - (data_len_left % 8);
DEBUG(10,("create_next_pdu_schannel: adding sign/seal padding of %u\n",
@ -410,9 +410,8 @@ static bool create_next_pdu_schannel(pipes_struct *p)
* Schannel processing.
*/
RPC_HDR_AUTH auth_info;
struct NL_AUTH_SIGNATURE verf;
DATA_BLOB blob;
enum ndr_err_code ndr_err;
uint8_t *data;
/* Check it's the type of reply we were expecting to decode */
@ -429,20 +428,24 @@ static bool create_next_pdu_schannel(pipes_struct *p)
return False;
}
data = (uint8_t *)prs_data_p(&p->out_data.frag) + data_pos;
switch (p->auth.auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
status = schannel_seal_packet(p->auth.a_u.schannel_auth,
talloc_tos(),
(uint8_t *)prs_data_p(&p->out_data.frag) + data_pos,
data_len + ss_padding_len,
&blob);
status = netsec_outgoing_packet(p->auth.a_u.schannel_auth,
talloc_tos(),
true,
data,
data_len + ss_padding_len,
&blob);
break;
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = schannel_sign_packet(p->auth.a_u.schannel_auth,
talloc_tos(),
(uint8_t *)prs_data_p(&p->out_data.frag) + data_pos,
data_len + ss_padding_len,
&blob);
status = netsec_outgoing_packet(p->auth.a_u.schannel_auth,
talloc_tos(),
false,
data,
data_len + ss_padding_len,
&blob);
break;
default:
status = NT_STATUS_INTERNAL_ERROR;
@ -458,18 +461,10 @@ static bool create_next_pdu_schannel(pipes_struct *p)
/* Finally marshall the blob. */
#if 0
ndr_err = ndr_push_struct_blob(&blob, talloc_tos(), NULL, &verf,
(ndr_push_flags_fn_t)ndr_push_NL_AUTH_SIGNATURE);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
prs_mem_free(&p->out_data.frag);
return false;
if (DEBUGLEVEL >= 10) {
dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
if (DEBUGLEVEL >= 10) {
NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &verf);
}
#endif
if (!prs_copy_data_in(&p->out_data.frag, (const char *)blob.data, blob.length)) {
prs_mem_free(&p->out_data.frag);
return false;
@ -511,11 +506,11 @@ static bool create_next_pdu_noauth(pipes_struct *p)
memset((char *)&hdr_resp, '\0', sizeof(hdr_resp));
/* Change the incoming request header to a response. */
p->hdr.pkt_type = RPC_RESPONSE;
p->hdr.pkt_type = DCERPC_PKT_RESPONSE;
/* Set up rpc header flags. */
if (p->out_data.data_sent_length == 0) {
p->hdr.flags = RPC_FLG_FIRST;
p->hdr.flags = DCERPC_PFC_FLAG_FIRST;
} else {
p->hdr.flags = 0;
}
@ -557,7 +552,7 @@ static bool create_next_pdu_noauth(pipes_struct *p)
*/
if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) {
p->hdr.flags |= RPC_FLG_LAST;
p->hdr.flags |= DCERPC_PFC_FLAG_LAST;
}
/*
@ -836,7 +831,7 @@ static bool setup_bind_nak(pipes_struct *p)
* Initialize a bind_nak header.
*/
init_rpc_hdr(&nak_hdr, RPC_BINDNACK, RPC_FLG_FIRST | RPC_FLG_LAST,
init_rpc_hdr(&nak_hdr, DCERPC_PKT_BIND_NAK, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST,
p->hdr.call_id, RPC_HEADER_LEN + sizeof(uint16), 0);
/*
@ -896,7 +891,7 @@ bool setup_fault_pdu(pipes_struct *p, NTSTATUS status)
* Initialize a fault header.
*/
init_rpc_hdr(&fault_hdr, RPC_FAULT, RPC_FLG_FIRST | RPC_FLG_LAST | RPC_FLG_NOCALL,
init_rpc_hdr(&fault_hdr, DCERPC_PKT_FAULT, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST | DCERPC_PFC_FLAG_DID_NOT_EXECUTE,
p->hdr.call_id, RPC_HEADER_LEN + RPC_HDR_RESP_LEN + RPC_HDR_FAULT_LEN, 0);
/*
@ -963,7 +958,7 @@ bool setup_cancel_ack_reply(pipes_struct *p, prs_struct *rpc_in_p)
* Initialize a cancel_ack header.
*/
init_rpc_hdr(&ack_reply_hdr, RPC_CANCEL_ACK, RPC_FLG_FIRST | RPC_FLG_LAST,
init_rpc_hdr(&ack_reply_hdr, DCERPC_PKT_CANCEL_ACK, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST,
p->hdr.call_id, RPC_HEADER_LEN, 0);
/*
@ -1557,7 +1552,7 @@ static bool pipe_ntlmssp_auth_bind(pipes_struct *p, prs_struct *rpc_in_p,
DEBUG(10,("pipe_ntlmssp_auth_bind: NTLMSSP auth started\n"));
/* We can't set pipe_bound True yet - we need an RPC_AUTH3 response packet... */
/* We can't set pipe_bound True yet - we need an DCERPC_PKT_AUTH3 response packet... */
return True;
err:
@ -1808,7 +1803,7 @@ bool api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p)
auth_len = prs_offset(&out_auth) - RPC_HDR_AUTH_LEN;
}
init_rpc_hdr(&p->hdr, RPC_BINDACK, RPC_FLG_FIRST | RPC_FLG_LAST,
init_rpc_hdr(&p->hdr, DCERPC_PKT_BIND_ACK, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST,
p->hdr.call_id,
RPC_HEADER_LEN + prs_offset(&out_hdr_ba) + prs_offset(&out_auth),
auth_len);
@ -1996,7 +1991,7 @@ bool api_pipe_alter_context(pipes_struct *p, prs_struct *rpc_in_p)
auth_len = prs_offset(&out_auth) - RPC_HDR_AUTH_LEN;
}
init_rpc_hdr(&p->hdr, RPC_ALTCONTRESP, RPC_FLG_FIRST | RPC_FLG_LAST,
init_rpc_hdr(&p->hdr, DCERPC_PKT_ALTER_RESP, DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST,
p->hdr.call_id,
RPC_HEADER_LEN + prs_offset(&out_hdr_ba) + prs_offset(&out_auth),
auth_len);
@ -2170,10 +2165,9 @@ bool api_pipe_schannel_process(pipes_struct *p, prs_struct *rpc_in, uint32 *p_ss
uint32 auth_len;
uint32 save_offset = prs_offset(rpc_in);
RPC_HDR_AUTH auth_info;
struct NL_AUTH_SIGNATURE schannel_chk;
enum ndr_err_code ndr_err;
DATA_BLOB blob;
NTSTATUS status;
uint8_t *data;
auth_len = p->hdr.auth_len;
@ -2223,32 +2217,28 @@ bool api_pipe_schannel_process(pipes_struct *p, prs_struct *rpc_in, uint32 *p_ss
blob = data_blob_const(prs_data_p(rpc_in) + prs_offset(rpc_in), auth_len);
ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), NULL, &schannel_chk,
(ndr_pull_flags_fn_t)ndr_pull_NL_AUTH_SIGNATURE);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
DEBUG(0,("failed to pull NL_AUTH_SIGNATURE\n"));
dump_data(2, blob.data, blob.length);
return false;
if (DEBUGLEVEL >= 10) {
dump_NL_AUTH_SIGNATURE(talloc_tos(), &blob);
}
if (DEBUGLEVEL >= 10) {
NDR_PRINT_DEBUG(NL_AUTH_SIGNATURE, &schannel_chk);
}
data = (uint8_t *)prs_data_p(rpc_in)+RPC_HDR_REQ_LEN;
switch (auth_info.auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
status = schannel_unseal_packet(p->auth.a_u.schannel_auth,
status = netsec_incoming_packet(p->auth.a_u.schannel_auth,
talloc_tos(),
(uint8_t *)prs_data_p(rpc_in)+RPC_HDR_REQ_LEN,
true,
data,
data_len,
&blob);
break;
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = schannel_check_packet(p->auth.a_u.schannel_auth,
talloc_tos(),
(uint8_t *)prs_data_p(rpc_in)+RPC_HDR_REQ_LEN,
data_len,
&blob);
status = netsec_incoming_packet(p->auth.a_u.schannel_auth,
talloc_tos(),
false,
data,
data_len,
&blob);
break;
default:
status = NT_STATUS_INTERNAL_ERROR;

58
source3/rpc_server/srv_pipe_hnd.c
View File

@ -264,7 +264,7 @@ static ssize_t unmarshall_rpc_header(pipes_struct *p)
* AS/U doesn't set FIRST flag in a BIND packet it seems.
*/
if ((p->hdr.pkt_type == RPC_REQUEST) && !(p->hdr.flags & RPC_FLG_FIRST)) {
if ((p->hdr.pkt_type == DCERPC_PKT_REQUEST) && !(p->hdr.flags & DCERPC_PFC_FLAG_FIRST)) {
/*
* Ensure that the FIRST flag is set. If not then we have
* a stream missmatch.
@ -444,7 +444,7 @@ static bool process_request_pdu(pipes_struct *p, prs_struct *rpc_in_p)
return False;
}
if(p->hdr.flags & RPC_FLG_LAST) {
if(p->hdr.flags & DCERPC_PFC_FLAG_LAST) {
bool ret = False;
/*
* Ok - we finally have a complete RPC stream.
@ -534,35 +534,35 @@ static void process_complete_pdu(pipes_struct *p)
(unsigned int)p->hdr.pkt_type ));
switch (p->hdr.pkt_type) {
case RPC_REQUEST:
case DCERPC_PKT_REQUEST:
reply = process_request_pdu(p, &rpc_in);
break;
case RPC_PING: /* CL request - ignore... */
case DCERPC_PKT_PING: /* CL request - ignore... */
DEBUG(0,("process_complete_pdu: Error. Connectionless packet type %u received on pipe %s.\n",
(unsigned int)p->hdr.pkt_type,
get_pipe_name_from_iface(&p->syntax)));
break;
case RPC_RESPONSE: /* No responses here. */
DEBUG(0,("process_complete_pdu: Error. RPC_RESPONSE received from client on pipe %s.\n",
case DCERPC_PKT_RESPONSE: /* No responses here. */
DEBUG(0,("process_complete_pdu: Error. DCERPC_PKT_RESPONSE received from client on pipe %s.\n",
get_pipe_name_from_iface(&p->syntax)));
break;
case RPC_FAULT:
case RPC_WORKING: /* CL request - reply to a ping when a call in process. */
case RPC_NOCALL: /* CL - server reply to a ping call. */
case RPC_REJECT:
case RPC_ACK:
case RPC_CL_CANCEL:
case RPC_FACK:
case RPC_CANCEL_ACK:
case DCERPC_PKT_FAULT:
case DCERPC_PKT_WORKING: /* CL request - reply to a ping when a call in process. */
case DCERPC_PKT_NOCALL: /* CL - server reply to a ping call. */
case DCERPC_PKT_REJECT:
case DCERPC_PKT_ACK:
case DCERPC_PKT_CL_CANCEL:
case DCERPC_PKT_FACK:
case DCERPC_PKT_CANCEL_ACK:
DEBUG(0,("process_complete_pdu: Error. Connectionless packet type %u received on pipe %s.\n",
(unsigned int)p->hdr.pkt_type,
get_pipe_name_from_iface(&p->syntax)));
break;
case RPC_BIND:
case DCERPC_PKT_BIND:
/*
* We assume that a pipe bind is only in one pdu.
*/
@ -571,15 +571,15 @@ static void process_complete_pdu(pipes_struct *p)
}
break;
case RPC_BINDACK:
case RPC_BINDNACK:
DEBUG(0,("process_complete_pdu: Error. RPC_BINDACK/RPC_BINDNACK packet type %u received on pipe %s.\n",
case DCERPC_PKT_BIND_ACK:
case DCERPC_PKT_BIND_NAK:
DEBUG(0,("process_complete_pdu: Error. DCERPC_PKT_BINDACK/DCERPC_PKT_BINDNACK packet type %u received on pipe %s.\n",
(unsigned int)p->hdr.pkt_type,
get_pipe_name_from_iface(&p->syntax)));
break;
case RPC_ALTCONT:
case DCERPC_PKT_ALTER:
/*
* We assume that a pipe bind is only in one pdu.
*/
@ -588,12 +588,12 @@ static void process_complete_pdu(pipes_struct *p)
}
break;
case RPC_ALTCONTRESP:
DEBUG(0,("process_complete_pdu: Error. RPC_ALTCONTRESP on pipe %s: Should only be server -> client.\n",
case DCERPC_PKT_ALTER_RESP:
DEBUG(0,("process_complete_pdu: Error. DCERPC_PKT_ALTER_RESP on pipe %s: Should only be server -> client.\n",
get_pipe_name_from_iface(&p->syntax)));
break;
case RPC_AUTH3:
case DCERPC_PKT_AUTH3:
/*
* The third packet in an NTLMSSP auth exchange.
*/
@ -602,14 +602,14 @@ static void process_complete_pdu(pipes_struct *p)
}
break;
case RPC_SHUTDOWN:
DEBUG(0,("process_complete_pdu: Error. RPC_SHUTDOWN on pipe %s: Should only be server -> client.\n",
case DCERPC_PKT_SHUTDOWN:
DEBUG(0,("process_complete_pdu: Error. DCERPC_PKT_SHUTDOWN on pipe %s: Should only be server -> client.\n",
get_pipe_name_from_iface(&p->syntax)));
break;
case RPC_CO_CANCEL:
case DCERPC_PKT_CO_CANCEL:
/* For now just free all client data and continue processing. */
DEBUG(3,("process_complete_pdu: RPC_ORPHANED. Abandoning rpc call.\n"));
DEBUG(3,("process_complete_pdu: DCERPC_PKT_CO_CANCEL. Abandoning rpc call.\n"));
/* As we never do asynchronous RPC serving, we can never cancel a
call (as far as I know). If we ever did we'd have to send a cancel_ack
reply. For now, just free all client data and continue processing. */
@ -626,10 +626,10 @@ static void process_complete_pdu(pipes_struct *p)
break;
#endif
case RPC_ORPHANED:
case DCERPC_PKT_ORPHANED:
/* We should probably check the auth-verifier here.
For now just free all client data and continue processing. */
DEBUG(3,("process_complete_pdu: RPC_ORPHANED. Abandoning rpc call.\n"));
DEBUG(3,("process_complete_pdu: DCERPC_PKT_ORPHANED. Abandoning rpc call.\n"));
reply = True;
break;
@ -712,7 +712,7 @@ incoming data size = %u\n", (unsigned int)p->in_data.pdu_received_len, (unsigned
return rret;
}
/* If rret == 0 and pdu_needed_len == 0 here we have a PDU that consists
of an RPC_HEADER only. This is a RPC_SHUTDOWN, RPC_CO_CANCEL or RPC_ORPHANED
of an RPC_HEADER only. This is a DCERPC_PKT_SHUTDOWN, DCERPC_PKT_CO_CANCEL or DCERPC_PKT_ORPHANED
pdu type. Deal with this in process_complete_pdu(). */
}

2
source3/rpcclient/cmd_lsarpc.c
View File

@ -1731,7 +1731,7 @@ static NTSTATUS cmd_lsa_retrieve_private_data(struct rpc_pipe_client *cli,
struct lsa_String name;
struct lsa_DATA_BUF *val;
DATA_BLOB session_key;
DATA_BLOB blob;
DATA_BLOB blob = data_blob_null;
char *secret;
if (argc < 2) {

2
source3/utils/eventlogadm.c
View File

@ -91,7 +91,7 @@ static int DoWriteCommand( int argc, char **argv, bool debugflag, char *exename
char linein[1024];
bool is_eor;
struct eventlog_Record_tdb ee;
uint32_t record_number;
uint32_t record_number = 0;
TALLOC_CTX *mem_ctx = talloc_tos();
f1 = stdin;

95
source4/auth/gensec/schannel.c
View File

@ -282,48 +282,71 @@ static bool schannel_have_feature(struct gensec_security *gensec_security,
return false;
}
static NTSTATUS schannel_seal_packet_wrap(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
/*
unseal a packet
*/
static NTSTATUS schannel_unseal_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
struct schannel_state *state =
talloc_get_type(gensec_security->private_data,
struct schannel_state);
return schannel_seal_packet(state, mem_ctx, data, length, sig);
return netsec_incoming_packet(state, mem_ctx, true,
data, length, sig);
}
static NTSTATUS schannel_sign_packet_wrap(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
/*
check the signature on a packet
*/
static NTSTATUS schannel_check_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
struct schannel_state *state =
talloc_get_type(gensec_security->private_data,
struct schannel_state);
return schannel_sign_packet(state, mem_ctx, data, length, sig);
return netsec_incoming_packet(state, mem_ctx, false,
data, length, sig);
}
/*
seal a packet
*/
static NTSTATUS schannel_seal_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
{
struct schannel_state *state =
talloc_get_type(gensec_security->private_data,
struct schannel_state);
return netsec_outgoing_packet(state, mem_ctx, true,
data, length, sig);
}
static NTSTATUS schannel_check_packet_wrap(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
/*
sign a packet
*/
static NTSTATUS schannel_sign_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
DATA_BLOB *sig)
{
struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
struct schannel_state *state =
talloc_get_type(gensec_security->private_data,
struct schannel_state);
return schannel_check_packet(state, mem_ctx, data, length, sig);
}
static NTSTATUS schannel_unseal_packet_wrap(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
const DATA_BLOB *sig)
{
struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
return schannel_unseal_packet(state, mem_ctx, data, length, sig);
return netsec_outgoing_packet(state, mem_ctx, false,
data, length, sig);
}
static const struct gensec_security_ops gensec_schannel_security_ops = {
@ -332,10 +355,10 @@ static const struct gensec_security_ops gensec_schannel_security_ops = {
.client_start = schannel_client_start,
.server_start = schannel_server_start,
.update = schannel_update,
.seal_packet = schannel_seal_packet_wrap,
.sign_packet = schannel_sign_packet_wrap,
.check_packet = schannel_check_packet_wrap,
.unseal_packet = schannel_unseal_packet_wrap,
.seal_packet = schannel_seal_packet,
.sign_packet = schannel_sign_packet,
.check_packet = schannel_check_packet,
.unseal_packet = schannel_unseal_packet,
.session_key = schannel_session_key,
.session_info = schannel_session_info,
.sig_size = schannel_sig_size,

2
source4/dsdb/repl/drepl_out_pull.c
View File

@ -109,7 +109,7 @@ static void dreplsrv_pending_op_callback(struct dreplsrv_out_operation *op)
if (W_ERROR_IS_OK(rf->result_last_attempt)) {
rf->consecutive_sync_failures = 0;
rf->last_success = now;
DEBUG(2,("dreplsrv_op_pull_source(%s)\n",
DEBUG(3,("dreplsrv_op_pull_source(%s)\n",
win_errstr(rf->result_last_attempt)));
goto done;
}