1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Commit Graph

394 Commits

Author SHA1 Message Date
Simo Sorce
f0626d14f0 s3-dcerpc: Stop using hand marshalling in rpc_finish_auth3_bind_send()
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16 01:51:16 +02:00
Simo Sorce
7d9c62c646 s3-dcerpc: Do not parse the packet twice.
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16 01:51:16 +02:00
Simo Sorce
282db1f5d2 s3-dcerpc: Remove unused function
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16 01:51:16 +02:00
Simo Sorce
137743fac2 s3-dcerpc: Do not reparse the header
Instead pass back and use the packet we have already parsed.

Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16 01:51:15 +02:00
Simo Sorce
459c8e32fd s3-dcerpc: Pull the whole packet at once instead of fetching just the header
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16 01:51:15 +02:00
Simo Sorce
602e10f3fd s3-dcerpc: Delay parsing rpc header in client code
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-16 01:51:15 +02:00
Simo Sorce
87605e2030 s3-dcerpc: fix dcerpc_push_ncacn_packet, pass arg by address
There is no need to copy the whole structure twice by passing it in by value.

Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-13 14:44:11 +02:00
Simo Sorce
77699c777e sr-dcerpc: add dcerpc_push_ncacn_packet_header()
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-13 14:44:10 +02:00
Simo Sorce
cf664b73a4 s3-dcerpc: Use dcerpc_set_frag_length()
Automatically calculate the fragment length where possible.

Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-13 14:44:09 +02:00
Simo Sorce
25d487bebf s3-dcerpc: Fix ntlmssp sign/seal.
Header calculation was misplaced.

Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-13 01:35:16 +02:00
Simo Sorce
6555307aa1 s3-dceprc: Fix auth_length in auth3 response
Signed-off-by: Günther Deschner <gd@samba.org>
2010-07-13 01:35:05 +02:00
Simo Sorce
1b51ddd370 s3-dcerpc: Fix miscalculation of buffer start address
This was breaking schannel
2010-07-12 15:10:45 -04:00
Simo Sorce
1796767a36 s3-dcerpc: make dcerpc_pull_dcerpc_auth() public 2010-07-08 18:38:56 -04:00
Simo Sorce
a054832f4f s3-dcerpc: make dceprc_push_dcerpc_auth public 2010-07-08 18:38:56 -04:00
Simo Sorce
aca60c29e7 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in rpc_finish_spnego_ntlmssp_bind_send() 2010-07-08 18:38:55 -04:00
Simo Sorce
5591135964 s3-dcerpc: use dcerpc_push_dcerpc_auth in add_schannel_auth_footer() 2010-07-08 18:38:55 -04:00
Simo Sorce
1febe9de6b s3-dcerpc: use dcerpc_push_dcerpc_auth() in add_ntlmssp_auth_footer() 2010-07-08 18:38:55 -04:00
Simo Sorce
c609e84170 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_schannel() 2010-07-08 18:38:55 -04:00
Simo Sorce
91cb2aed54 s3-dcerpc: use dcerpc_push_ncacn_packet() in create_rpc_bind_auth3() 2010-07-08 18:38:55 -04:00
Jeremy Allison
7e134f179f Change one more use of "struct rpc_hdr_info" -> "struct ncacn_packet_header"
Jeremy
2010-07-08 15:18:30 -07:00
Günther Deschner
d57ecf920c s3-dcerpc: use dcerpc_pull_ncacn_packet() for rpc_pipe_bind_step_one_done().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:56:16 -04:00
Günther Deschner
5351a8919d s3-dcerpc: use dcerpc_push_ncacn_packet() in push_next_frag().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:53:10 -04:00
Günther Deschner
e8e2fa586b s3-dcerpc: use dcerpc_pull_ncacn_packet() in cli_pipe_validate_current_pdu().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:53:01 -04:00
Günther Deschner
dbeaa5efc7 s3-dcerpc: use dcerpc_pull_dcerpc_auth() in cli_pipe_verify_ntlmssp().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:52:38 -04:00
Günther Deschner
49c5293492 s3-dcerpc: add dcerpc_pull_dcerpc_auth().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:52:34 -04:00
Günther Deschner
fe9ce4b60c s3-dcerpc: use struct ncacn_packet_header instead of struct rpc_hdr_info.
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:47:53 -04:00
Günther Deschner
77e3fffd09 s3-dcerpc: add dcerpc_pull_ncacn_packet_header().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-08 00:29:33 -04:00
Günther Deschner
eeb034e72a s3-dcerpc: use dcerpc_push_dcerpc_auth() for all authenticated binds.
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:51 -04:00
Günther Deschner
4b56e6e95b s3-dcerpc: add dcerpc_push_schannel_bind().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:51 -04:00
Günther Deschner
0f02dda915 s3-dcerpc: add dcerpc_push_dcerpc_auth().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:51 -04:00
Günther Deschner
5aabd9af8e s3-dcerpc: use dcerpc_push_ncacn_packet() for create_bind_or_alt_ctx_internal().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:51 -04:00
Günther Deschner
d6de820480 s3-dcerpc: use dcerpc_pull_ncacn_packet() for pulling a RPC fault pdu.
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:50 -04:00
Günther Deschner
cb9eddb312 s3-dcerpc: add dcerpc_pull_ncacn_packet().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:50 -04:00
Günther Deschner
3d9a12dca7 s3-dcerpc: add dcerpc_push_ncacn_packet().
Guenther

Signed-off-by: Simo Sorce <idra@samba.org>
2010-07-07 23:45:50 -04:00
Volker Lendecke
dee72d807f s3: Remove an unreachable line of code 2010-06-21 15:03:59 +02:00
Jeremy Allison
2e8c563961 Second part of fix converting prs_XX struct and functions to talloc. Remove unneeded prs_mem_free calls.
Jeremy.

Signed-off-by: Simo Sorce <idra@samba.org>
2010-06-18 07:42:05 -04:00
Jeremy Allison
f4e7d9d38e Convert the prs_XXX struct and functions to use talloc instead of malloc. Passes valgrind and make tests for client and server. Second version of this patch after splitting up at Simo's request. Patch to follow will delete extraneous prs_mem_free() calls.
Jeremy.

Signed-off-by: Simo Sorce <idra@samba.org>
2010-06-18 07:41:47 -04:00
Andrew Bartlett
d6fa371b92 s3:ntlmssp Use a TALLOC_CTX for ntlmssp_sign_packet() and ntlmssp_seal_packet()
This ensures the results can't be easily left to leak.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31 15:11:27 +02:00
Andrew Bartlett
ebae21f023 ntlmssp: Make the ntlmssp.h from source3/ a common header
The code is not yet in common, but I hope to fix that soon.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Günther Deschner <gd@samba.org>
2010-05-31 15:10:56 +02:00
Günther Deschner
5ed3654112 s3-rpc_client: move protos to cli_netlogon.h
Guenther
2010-05-18 21:42:37 +02:00
Jelmer Vernooij
b8268cf7b0 s3: Remove use of iconv_convenience. 2010-05-18 11:45:31 +02:00
Günther Deschner
c6ebab846d s3: only include gen_ndr headers where needed.
This shrinks include/includes.h.gch by the size of 7 MB and reduces build time
as follows:

ccache build w/o patch
real    4m21.529s
ccache build with patch
real    3m6.402s

pch build w/o patch
real    4m26.318s
pch build with patch
real    3m6.932s

Guenther
2010-05-06 00:22:59 +02:00
Stefan Metzmacher
3e70da3f47 s3:rpc_client: return at least 10 sec as old timeout in rpccli_set_timeout() instead of 0
metze
2010-03-29 18:11:17 +02:00
Stefan Metzmacher
99664ad154 s3:rpc_client: add set_timeout hook to rpc_cli_transport
metze
2010-03-29 18:11:17 +02:00
Stefan Metzmacher
4f41b53487 s3:rpc_client: add rpccli_is_connected()
metze
2010-03-29 18:11:16 +02:00
Stefan Metzmacher
dc09b12681 s3:rpc_client: don't mix layers and keep a reference to cli_state in the caller
We should not rely on the backend to have a reference to the cli_state.
This will make it possible for the backend to set its cli_state reference
to NULL, when the transport is dead.

metze
2010-03-29 18:11:16 +02:00
Stefan Metzmacher
7d977da925 s3:ntlmssp: pass names and use_ntlmv2 to ntlmssp_client_start() and store them
Inspired by the NTLMSSP merge work by Andrew Bartlett.

metze

Signed-off-by: Günther Deschner <gd@samba.org>
2010-03-24 17:34:55 +01:00
Jeremy Allison
7b4387f765 Fix bug #7146 - Samba miss-parses authenticated RPC packets.
Parts of the Samba RPC client and server code misinterpret authenticated
packets.

DCE authenticated packets actually look like this :

+--------------------------+
|header                    |
| ... frag_len (packet len)|
| ... auth_len             |
+--------------------------+
|                          |
| Data payload             |
...                     ....
|                          |
+--------------------------+
|                          |
| auth_pad_len bytes       |
+--------------------------+
|                          |
| Auth footer              |
| auth_pad_len value       |
+--------------------------+
|                          |
| Auth payload             |
| (auth_len bytes long)    |
+--------------------------+

That's right. The pad bytes come *before* the footer specifying how many pad
bytes there are. In order to read this you must seek to the end of the packet
and subtract the auth_len (in the packet header) and the auth footer length (a
known value).

The client and server code gets this right (mostly) in 3.0.x -> 3.4.x so long
as the pad alignment is on an 8 byte boundary (there are some special cases in
the code for this).

Tridge discovered there are some (DRS replication) cases where on 64-bit
machines where the pad alignment is on a 16-byte boundary. This breaks the
existing S3 hand-optimized rpc code.

This patch removes all the special cases in client and server code, and allows
the pad alignment for generated packets to be specified by changing a constant
in include/local.h (this doesn't affect received packets, the new code always
handles them correctly whatever pad alignment is used).

This patch also works correctly with rpcclient using sign+seal from
the 3.4.x and 3.3.x builds (testing with 3.0.x and 3.2.x to follow)
so even as a server it should still work with older libsmbclient and
winbindd code.

Jeremy
2010-02-17 15:27:59 -08:00
Bo Yang
36493bf2f6 s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response.
Signed-off-by: Bo Yang <boyang@samba.org>
2010-01-06 19:19:35 +08:00
Andrew Bartlett
802e9328ed s3:ntlmssp: only include ntlmssp.h where actually needed
Andrew Bartlett
2009-12-22 21:07:53 +01:00