mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
more epmapper and mgmt magic
protocol 0x1f is interesting - its ncacn_http !
(This used to be commit e3d40e3da6
)
This commit is contained in:
parent
4884a97f3b
commit
c7c9e61987
@ -34,8 +34,12 @@ interface epmapper
|
||||
typedef enum {
|
||||
EPM_PROTOCOL_TCP = 0x07,
|
||||
EPM_PROTOCOL_IP = 0x09,
|
||||
EPM_PROTOCOL_PIPE = 0x10,
|
||||
EPM_PROTOCOL_NETBIOS = 0x11,
|
||||
EPM_PROTOCOL_RPC_C = 0x0b,
|
||||
EPM_PROTOCOL_UUID = 0x0d
|
||||
EPM_PROTOCOL_UUID = 0x0d,
|
||||
EPM_PROTOCOL_SMB = 0x0f,
|
||||
EPM_PROTOCOL_HTTP = 0x1f
|
||||
} epm_protocols;
|
||||
|
||||
typedef [nodiscriminant] union {
|
||||
|
@ -48,6 +48,16 @@ static NTSTATUS tcp_raw_recv(struct dcerpc_pipe *p,
|
||||
return NT_STATUS_NET_WRITE_FAULT;
|
||||
}
|
||||
|
||||
/* this could be a ncacn_http endpoint - this doesn't work
|
||||
yet, but it goes close */
|
||||
if (strncmp(blob1.data, "ncacn_http/1.0", 14) == 0) {
|
||||
memmove(blob1.data, blob1.data+14, 2);
|
||||
ret = read_data(tcp->fd, blob1.data+2, 14);
|
||||
if (ret != 14) {
|
||||
return NT_STATUS_NET_WRITE_FAULT;
|
||||
}
|
||||
}
|
||||
|
||||
/* we might have recieved a partial fragment, in which case we
|
||||
need to pull the rest of it */
|
||||
frag_length = SVAL(blob1.data, 8);
|
||||
|
@ -143,7 +143,7 @@ NTSTATUS dcerpc_epm_map_tcp_port(const char *server,
|
||||
}
|
||||
|
||||
if (twr_r->towers.num_floors != 5 ||
|
||||
twr_r->towers.floors[3].lhs.protocol != EPM_PROTOCOL_TCP ||
|
||||
twr_r->towers.floors[3].lhs.protocol != twr.towers.floors[3].lhs.protocol ||
|
||||
twr_r->towers.floors[3].rhs.rhs_data.length != 2) {
|
||||
dcerpc_pipe_close(p);
|
||||
return NT_STATUS_PORT_UNREACHABLE;
|
||||
@ -155,3 +155,35 @@ NTSTATUS dcerpc_epm_map_tcp_port(const char *server,
|
||||
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
find the pipe name for a local IDL interface
|
||||
*/
|
||||
const char *idl_pipe_name(const char *uuid, uint32 if_version)
|
||||
{
|
||||
int i;
|
||||
for (i=0;dcerpc_pipes[i];i++) {
|
||||
if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 &&
|
||||
dcerpc_pipes[i]->if_version == if_version) {
|
||||
return dcerpc_pipes[i]->name;
|
||||
}
|
||||
}
|
||||
return "UNKNOWN";
|
||||
}
|
||||
|
||||
/*
|
||||
find the number of calls defined by local IDL
|
||||
*/
|
||||
int idl_num_calls(const char *uuid, uint32 if_version)
|
||||
{
|
||||
int i;
|
||||
for (i=0;dcerpc_pipes[i];i++) {
|
||||
if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 &&
|
||||
dcerpc_pipes[i]->if_version == if_version) {
|
||||
return dcerpc_pipes[i]->num_calls;
|
||||
}
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
@ -34,7 +34,7 @@ static void display_tower(TALLOC_CTX *mem_ctx, struct epm_towers *twr)
|
||||
struct epm_lhs *lhs = &twr->floors[i].lhs;
|
||||
struct epm_rhs *rhs = &twr->floors[i].rhs;
|
||||
switch (lhs->protocol) {
|
||||
case 0xd:
|
||||
case EPM_PROTOCOL_UUID:
|
||||
uuid = GUID_string(mem_ctx, &lhs->info.uuid.uuid);
|
||||
if (strcasecmp(uuid, NDR_GUID) == 0) {
|
||||
printf(" NDR");
|
||||
@ -42,11 +42,12 @@ static void display_tower(TALLOC_CTX *mem_ctx, struct epm_towers *twr)
|
||||
printf(" uuid %s/0x%02x", uuid, lhs->info.uuid.version);
|
||||
}
|
||||
break;
|
||||
case 0xb:
|
||||
|
||||
case EPM_PROTOCOL_RPC_C:
|
||||
printf(" RPC-C");
|
||||
break;
|
||||
|
||||
case 0x9:
|
||||
case EPM_PROTOCOL_IP:
|
||||
printf(" IP:");
|
||||
if (rhs->rhs_data.length == 4) {
|
||||
struct in_addr in;
|
||||
@ -55,15 +56,15 @@ static void display_tower(TALLOC_CTX *mem_ctx, struct epm_towers *twr)
|
||||
}
|
||||
break;
|
||||
|
||||
case 0x10:
|
||||
case EPM_PROTOCOL_PIPE:
|
||||
printf(" PIPE:%.*s", rhs->rhs_data.length, rhs->rhs_data.data);
|
||||
break;
|
||||
|
||||
case 0x0f:
|
||||
case EPM_PROTOCOL_SMB:
|
||||
printf(" SMB:%.*s", rhs->rhs_data.length, rhs->rhs_data.data);
|
||||
break;
|
||||
|
||||
case 0x11:
|
||||
case EPM_PROTOCOL_NETBIOS:
|
||||
printf(" NetBIOS:%.*s", rhs->rhs_data.length, rhs->rhs_data.data);
|
||||
break;
|
||||
|
||||
@ -71,14 +72,14 @@ static void display_tower(TALLOC_CTX *mem_ctx, struct epm_towers *twr)
|
||||
printf(" UNK(1):%.*s", rhs->rhs_data.length, rhs->rhs_data.data);
|
||||
break;
|
||||
|
||||
case 0x1f:
|
||||
printf(" TCP2:");
|
||||
case EPM_PROTOCOL_HTTP:
|
||||
printf(" HTTP:");
|
||||
if (rhs->rhs_data.length == 2) {
|
||||
printf("%d", RSVAL(rhs->rhs_data.data, 0));
|
||||
}
|
||||
break;
|
||||
|
||||
case 0x07:
|
||||
case EPM_PROTOCOL_TCP:
|
||||
/* what is the difference between this and 0x1f? */
|
||||
printf(" TCP:");
|
||||
if (rhs->rhs_data.length == 2) {
|
||||
@ -104,6 +105,7 @@ static BOOL test_Map(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
|
||||
NTSTATUS status;
|
||||
struct epm_Map r;
|
||||
GUID uuid;
|
||||
const char *uuid_str;
|
||||
struct policy_handle handle;
|
||||
int i;
|
||||
|
||||
@ -116,20 +118,61 @@ static BOOL test_Map(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
|
||||
r.out.entry_handle = &handle;
|
||||
r.in.max_towers = 100;
|
||||
|
||||
uuid_str = GUID_string(mem_ctx, &twr->towers.floors[0].lhs.info.uuid.uuid);
|
||||
|
||||
printf("epm_Map results for '%s':\n",
|
||||
idl_pipe_name(uuid_str, twr->towers.floors[0].lhs.info.uuid.version));
|
||||
|
||||
twr->towers.floors[2].lhs.protocol = EPM_PROTOCOL_RPC_C;
|
||||
twr->towers.floors[2].lhs.info.lhs_data = data_blob(NULL, 0);
|
||||
twr->towers.floors[2].rhs.rhs_data = data_blob_talloc(p->mem_ctx, NULL, 2);
|
||||
|
||||
twr->towers.floors[3].lhs.protocol = EPM_PROTOCOL_TCP;
|
||||
twr->towers.floors[3].lhs.info.lhs_data = data_blob(NULL, 0);
|
||||
twr->towers.floors[3].rhs.rhs_data = data_blob_talloc(p->mem_ctx, NULL, 2);
|
||||
|
||||
twr->towers.floors[4].lhs.protocol = EPM_PROTOCOL_IP;
|
||||
twr->towers.floors[4].lhs.info.lhs_data = data_blob(NULL, 0);
|
||||
twr->towers.floors[4].rhs.rhs_data = data_blob_talloc(p->mem_ctx, NULL, 4);
|
||||
|
||||
status = dcerpc_epm_Map(p, mem_ctx, &r);
|
||||
if (!NT_STATUS_IS_OK(status) || r.out.status != 0) {
|
||||
printf("epm_Map failed - %s/0x%x\n",
|
||||
nt_errstr(status), r.out.status);
|
||||
return False;
|
||||
}
|
||||
|
||||
printf("epm_Map results:\n");
|
||||
|
||||
if (NT_STATUS_IS_OK(status) && r.out.status == 0) {
|
||||
for (i=0;i<r.out.num_towers;i++) {
|
||||
if (r.out.towers[i].twr) {
|
||||
display_tower(mem_ctx, &r.out.towers[i].twr->towers);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
twr->towers.floors[3].lhs.protocol = EPM_PROTOCOL_HTTP;
|
||||
twr->towers.floors[3].lhs.info.lhs_data = data_blob(NULL, 0);
|
||||
twr->towers.floors[3].rhs.rhs_data = data_blob_talloc(p->mem_ctx, NULL, 2);
|
||||
|
||||
status = dcerpc_epm_Map(p, mem_ctx, &r);
|
||||
if (NT_STATUS_IS_OK(status) && r.out.status == 0) {
|
||||
for (i=0;i<r.out.num_towers;i++) {
|
||||
if (r.out.towers[i].twr) {
|
||||
display_tower(mem_ctx, &r.out.towers[i].twr->towers);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
twr->towers.floors[3].lhs.protocol = EPM_PROTOCOL_SMB;
|
||||
twr->towers.floors[3].lhs.info.lhs_data = data_blob(NULL, 0);
|
||||
twr->towers.floors[3].rhs.rhs_data = data_blob_talloc(p->mem_ctx, NULL, 2);
|
||||
|
||||
twr->towers.floors[4].lhs.protocol = EPM_PROTOCOL_NETBIOS;
|
||||
twr->towers.floors[4].lhs.info.lhs_data = data_blob(NULL, 0);
|
||||
twr->towers.floors[4].rhs.rhs_data = data_blob_talloc(p->mem_ctx, NULL, 2);
|
||||
|
||||
status = dcerpc_epm_Map(p, mem_ctx, &r);
|
||||
if (NT_STATUS_IS_OK(status) && r.out.status == 0) {
|
||||
for (i=0;i<r.out.num_towers;i++) {
|
||||
if (r.out.towers[i].twr) {
|
||||
display_tower(mem_ctx, &r.out.towers[i].twr->towers);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return True;
|
||||
}
|
||||
|
@ -96,7 +96,7 @@ static BOOL test_inq_princ_name(struct dcerpc_pipe *p,
|
||||
int i;
|
||||
BOOL ret = False;
|
||||
|
||||
for (i=0;i<30;i++) {
|
||||
for (i=0;i<100;i++) {
|
||||
r.in.authn_proto = i; /* DCERPC_AUTH_TYPE_* */
|
||||
r.in.princ_name_size = 100;
|
||||
|
||||
|
@ -22,36 +22,6 @@
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
/*
|
||||
find the number of calls defined by local IDL
|
||||
*/
|
||||
static const char *find_idl_name(const char *uuid, uint32 if_version)
|
||||
{
|
||||
int i;
|
||||
for (i=0;dcerpc_pipes[i];i++) {
|
||||
if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 &&
|
||||
dcerpc_pipes[i]->if_version == if_version) {
|
||||
return dcerpc_pipes[i]->name;
|
||||
}
|
||||
}
|
||||
return "UNKNOWN";
|
||||
}
|
||||
|
||||
/*
|
||||
find the number of calls defined by local IDL
|
||||
*/
|
||||
static int num_idl_calls(const char *uuid, uint32 if_version)
|
||||
{
|
||||
int i;
|
||||
for (i=0;dcerpc_pipes[i];i++) {
|
||||
if (strcasecmp(dcerpc_pipes[i]->uuid, uuid) == 0 &&
|
||||
dcerpc_pipes[i]->if_version == if_version) {
|
||||
return dcerpc_pipes[i]->num_calls;
|
||||
}
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*
|
||||
work out how many calls there are for an interface
|
||||
*/
|
||||
@ -82,7 +52,7 @@ static BOOL test_num_calls(const struct dcerpc_interface_table *iface,
|
||||
status = dcerpc_request(p, 10000, mem_ctx, &stub_in, &stub_out);
|
||||
if (NT_STATUS_IS_OK(status) ||
|
||||
p->last_fault_code != DCERPC_FAULT_OP_RNG_ERROR) {
|
||||
printf("unable to determine call count - %s %08x\n",
|
||||
printf("\tunable to determine call count - %s %08x\n",
|
||||
nt_errstr(status), p->last_fault_code);
|
||||
goto done;
|
||||
}
|
||||
@ -94,7 +64,7 @@ static BOOL test_num_calls(const struct dcerpc_interface_table *iface,
|
||||
}
|
||||
|
||||
printf("\t%d calls available\n", i+1);
|
||||
idl_calls = num_idl_calls(uuid, id->major_version);
|
||||
idl_calls = idl_num_calls(uuid, id->major_version);
|
||||
if (idl_calls == -1) {
|
||||
printf("\tinterface not known in local IDL\n");
|
||||
} else if (i+1 != idl_calls) {
|
||||
@ -145,7 +115,7 @@ static BOOL test_inq_if_ids(struct dcerpc_pipe *p,
|
||||
printf("\n\tuuid %s version 0x%04x:0x%04x '%s'\n",
|
||||
uuid,
|
||||
id->major_version, id->minor_version,
|
||||
find_idl_name(uuid, id->major_version));
|
||||
idl_pipe_name(uuid, id->major_version));
|
||||
test_num_calls(iface, mem_ctx, id);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user