diff options
| author | Gerald Carter <jerry@samba.org> | 2005-07-28 02:34:04 +0000 |
|---|---|---|
| committer | Gerald Carter <jerry@samba.org> | 2005-07-28 02:34:04 +0000 |
| commit | e23ac5f041c10be8a9b16e89c269bb3fc4cb50bc (patch) | |
| tree | 362084a0398ae7ad9f858870af83b3a519fa37cc | |
| parent | 0452f23f10a7e25246534ef2ccfeaeea8270c420 (diff) | |
| download | samba-e23ac5f041c10be8a9b16e89c269bb3fc4cb50bc.tar.gz | |
r8815: reverting the rpc bind struct cleanup
| -rw-r--r-- | source/include/rpc_dce.h | 36 | ||||
| -rw-r--r-- | source/rpc_client/cli_pipe.c | 7 | ||||
| -rw-r--r-- | source/rpc_parse/parse_rpc.c | 74 | ||||
| -rw-r--r-- | source/rpc_server/srv_pipe.c | 125 |
4 files changed, 128 insertions, 114 deletions
diff --git a/source/include/rpc_dce.h b/source/include/rpc_dce.h index 88b8380870e..abc85035ea5 100644 --- a/source/include/rpc_dce.h +++ b/source/include/rpc_dce.h @@ -66,9 +66,6 @@ enum RPC_PKT_TYPE { #define RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN 0x20 #define RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN 0x18 -/* SPNEGO auth type. */ -#define SPNEGO_AUTH_TYPE 0x9 - /* The 7 here seems to be required to get Win2k not to downgrade us to NT4. Actually, anything other than 1ff would seem to do... */ #define NETLOGON_NEG_AUTH2_FLAGS 0x000701ff @@ -172,25 +169,32 @@ typedef struct rpc_hdr_bba_info { #define RPC_HDR_BBA_LEN 8 -/* RPC_HDR_AUTH */ -typedef struct rpc_hdr_auth_info { - uint8 auth_type; /* See XXX_AUTH_TYPE above. */ - uint8 auth_level; /* See RPC_PIPE_AUTH_XXX_LEVEL above. */ - uint8 auth_pad_len; - uint8 auth_reserved; - uint32 auth_context_id; -} RPC_HDR_AUTH; - -#define RPC_HDR_AUTH_LEN 8 - /* RPC_HDR_AUTHA */ typedef struct rpc_hdr_autha_info { uint16 max_tsize; /* maximum transmission fragment size (0x1630) */ uint16 max_rsize; /* max receive fragment size (0x1630) */ - RPC_HDR_AUTH auth; + + uint8 auth_type; /* 0x0a */ + uint8 auth_level; /* 0x06 */ + uint8 stub_type_len; /* don't know */ + uint8 padding; /* padding */ + + uint32 unknown; /* 0x0014a0c0 */ } RPC_HDR_AUTHA; -#define RPC_HDR_AUTHA_LEN (RPC_HDR_AUTH_LEN+4) +#define RPC_HDR_AUTHA_LEN 12 + +/* RPC_HDR_AUTH */ +typedef struct rpc_hdr_auth_info { + uint8 auth_type; /* 0x0a */ + uint8 auth_level; /* 0x06 */ + uint8 padding; + uint8 reserved; /* padding */ + + uint32 auth_context; /* pointer */ +} RPC_HDR_AUTH; + +#define RPC_HDR_AUTH_LEN 8 /* this is TEMPORARILY coded up as a specific structure */ /* this structure comes after the bind request */ diff --git a/source/rpc_client/cli_pipe.c b/source/rpc_client/cli_pipe.c index 230750817a9..5f34fbde5d2 100644 --- a/source/rpc_client/cli_pipe.c +++ b/source/rpc_client/cli_pipe.c @@ -242,7 +242,7 @@ static BOOL rpc_auth_pipe(struct rpc_pipe_client *cli, prs_struct *rdata, } /* Let the caller know how much padding at the end of the data */ - *pauth_padding_len = rhdr_auth.auth_pad_len; + *pauth_padding_len = rhdr_auth.padding; /* Check it's the type of reply we were expecting to decode */ @@ -796,7 +796,6 @@ static NTSTATUS create_rpc_bind_resp(struct rpc_pipe_client *cli, { NTSTATUS nt_status; RPC_HDR hdr; - RPC_HDR_AUTH hdr_auth; RPC_HDR_AUTHA hdr_autha; DATA_BLOB ntlmssp_null_response = data_blob(NULL, 0); DATA_BLOB ntlmssp_reply; @@ -827,8 +826,8 @@ static NTSTATUS create_rpc_bind_resp(struct rpc_pipe_client *cli, get_auth_type_level(cli->pipe_auth_flags, &auth_type, &auth_level); /* Create the request RPC_HDR_AUTHA */ - init_rpc_hdr_auth(&hdr_auth, auth_type, auth_level, 0, 0x0014a0c0); - init_rpc_hdr_autha(&hdr_autha, MAX_PDU_FRAG_LEN, MAX_PDU_FRAG_LEN, &hdr_auth); + init_rpc_hdr_autha(&hdr_autha, MAX_PDU_FRAG_LEN, MAX_PDU_FRAG_LEN, + auth_type, auth_level, 0x00); if(!smb_io_rpc_hdr_autha("hdr_autha", &hdr_autha, rpc_out, 0)) { DEBUG(0,("create_rpc_bind_resp: failed to marshall RPC_HDR_AUTHA.\n")); diff --git a/source/rpc_parse/parse_rpc.c b/source/rpc_parse/parse_rpc.c index ce081b92e83..3c109758766 100644 --- a/source/rpc_parse/parse_rpc.c +++ b/source/rpc_parse/parse_rpc.c @@ -650,82 +650,98 @@ BOOL smb_io_rpc_hdr_fault(const char *desc, RPC_HDR_FAULT *rpc, prs_struct *ps, } /******************************************************************* - Inits an RPC_HDR_AUTH structure. + Init an RPC_HDR_AUTHA structure. ********************************************************************/ -void init_rpc_hdr_auth(RPC_HDR_AUTH *rai, +void init_rpc_hdr_autha(RPC_HDR_AUTHA *rai, + uint16 max_tsize, uint16 max_rsize, uint8 auth_type, uint8 auth_level, - uint8 auth_pad_len, - uint32 auth_context_id) + uint8 stub_type_len) { + rai->max_tsize = max_tsize; /* maximum transmission fragment size (0x1630) */ + rai->max_rsize = max_rsize; /* max receive fragment size (0x1630) */ + rai->auth_type = auth_type; /* nt lm ssp 0x0a */ rai->auth_level = auth_level; /* 0x06 */ - rai->auth_pad_len = auth_pad_len; - rai->auth_reserved = 0; - rai->auth_context_id = auth_context_id; + rai->stub_type_len = stub_type_len; /* 0x00 */ + rai->padding = 0; /* padding 0x00 */ + + rai->unknown = 0x0014a0c0; /* non-zero pointer to something */ } /******************************************************************* - Reads or writes an RPC_HDR_AUTH structure. + Reads or writes an RPC_HDR_AUTHA structure. ********************************************************************/ -BOOL smb_io_rpc_hdr_auth(const char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int depth) +BOOL smb_io_rpc_hdr_autha(const char *desc, RPC_HDR_AUTHA *rai, prs_struct *ps, int depth) { if (rai == NULL) return False; - prs_debug(ps, depth, desc, "smb_io_rpc_hdr_auth"); + prs_debug(ps, depth, desc, "smb_io_rpc_hdr_autha"); depth++; - if(!prs_align(ps)) + if(!prs_uint16("max_tsize ", ps, depth, &rai->max_tsize)) + return False; + if(!prs_uint16("max_rsize ", ps, depth, &rai->max_rsize)) return False; if(!prs_uint8 ("auth_type ", ps, depth, &rai->auth_type)) /* 0x0a nt lm ssp */ return False; if(!prs_uint8 ("auth_level ", ps, depth, &rai->auth_level)) /* 0x06 */ return False; - if(!prs_uint8 ("auth_pad_len ", ps, depth, &rai->auth_pad_len)) + if(!prs_uint8 ("stub_type_len", ps, depth, &rai->stub_type_len)) return False; - if(!prs_uint8 ("auth_reserved", ps, depth, &rai->auth_reserved)) + if(!prs_uint8 ("padding ", ps, depth, &rai->padding)) return False; - if(!prs_uint32("auth_context_id", ps, depth, &rai->auth_context_id)) + + if(!prs_uint32("unknown ", ps, depth, &rai->unknown)) /* 0x0014a0c0 */ return False; return True; } - /******************************************************************* - Init an RPC_HDR_AUTHA structure. + Inits an RPC_HDR_AUTH structure. ********************************************************************/ -void init_rpc_hdr_autha(RPC_HDR_AUTHA *rai, - uint16 max_tsize, uint16 max_rsize, - RPC_HDR_AUTH *auth) +void init_rpc_hdr_auth(RPC_HDR_AUTH *rai, + uint8 auth_type, uint8 auth_level, + uint8 padding, + uint32 ptr) { - rai->max_tsize = max_tsize; /* maximum transmission fragment size (0x1630) */ - rai->max_rsize = max_rsize; /* max receive fragment size (0x1630) */ - rai->auth = *auth; + rai->auth_type = auth_type; /* nt lm ssp 0x0a */ + rai->auth_level = auth_level; /* 0x06 */ + rai->padding = padding; + rai->reserved = 0; + + rai->auth_context = ptr; /* non-zero pointer to something */ } /******************************************************************* - Reads or writes an RPC_HDR_AUTHA structure. + Reads or writes an RPC_HDR_AUTH structure. ********************************************************************/ -BOOL smb_io_rpc_hdr_autha(const char *desc, RPC_HDR_AUTHA *rai, prs_struct *ps, int depth) +BOOL smb_io_rpc_hdr_auth(const char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int depth) { if (rai == NULL) return False; - prs_debug(ps, depth, desc, "smb_io_rpc_hdr_autha"); + prs_debug(ps, depth, desc, "smb_io_rpc_hdr_auth"); depth++; - if(!prs_uint16("max_tsize ", ps, depth, &rai->max_tsize)) - return False; - if(!prs_uint16("max_rsize ", ps, depth, &rai->max_rsize)) + if(!prs_align(ps)) return False; - if(!smb_io_rpc_hdr_auth("auth", &rai->auth, ps, depth)) + if(!prs_uint8 ("auth_type ", ps, depth, &rai->auth_type)) /* 0x0a nt lm ssp */ + return False; + if(!prs_uint8 ("auth_level ", ps, depth, &rai->auth_level)) /* 0x06 */ + return False; + if(!prs_uint8 ("padding ", ps, depth, &rai->padding)) + return False; + if(!prs_uint8 ("reserved ", ps, depth, &rai->reserved)) + return False; + if(!prs_uint32("auth_context ", ps, depth, &rai->auth_context)) return False; return True; diff --git a/source/rpc_server/srv_pipe.c b/source/rpc_server/srv_pipe.c index 70563d30295..30aacdc4c5e 100644 --- a/source/rpc_server/srv_pipe.c +++ b/source/rpc_server/srv_pipe.c @@ -582,9 +582,9 @@ BOOL api_pipe_bind_auth_resp(pipes_struct *p, prs_struct *rpc_in_p) return False; } - if (autha_info.auth.auth_type != NTLMSSP_AUTH_TYPE || autha_info.auth.auth_level != RPC_PIPE_AUTH_SEAL_LEVEL) { + if (autha_info.auth_type != NTLMSSP_AUTH_TYPE || autha_info.auth_level != RPC_PIPE_AUTH_SEAL_LEVEL) { DEBUG(0,("api_pipe_bind_auth_resp: incorrect auth type (%d) or level (%d).\n", - (int)autha_info.auth.auth_type, (int)autha_info.auth.auth_level )); + (int)autha_info.auth_type, (int)autha_info.auth_level )); return False; } @@ -941,72 +941,67 @@ BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *rpc_in_p) return False; } - switch(auth_info.auth_type) { - case NTLMSSP_AUTH_TYPE: - - if(!smb_io_rpc_auth_verifier("", &auth_verifier, rpc_in_p, 0)) { - DEBUG(0,("api_pipe_bind_req: unable to " - "unmarshall RPC_HDR_AUTH struct.\n")); - return False; - } - - if(!strequal(auth_verifier.signature, "NTLMSSP")) { - DEBUG(0,("api_pipe_bind_req: " - "auth_verifier.signature != NTLMSSP\n")); - return False; - } - - if(auth_verifier.msg_type != NTLMSSP_NEGOTIATE) { - DEBUG(0,("api_pipe_bind_req: " - "auth_verifier.msg_type (%d) != NTLMSSP_NEGOTIATE\n", - auth_verifier.msg_type)); - return False; - } - - if(!smb_io_rpc_auth_ntlmssp_neg("", &ntlmssp_neg, rpc_in_p, 0)) { - DEBUG(0,("api_pipe_bind_req: " - "Failed to unmarshall RPC_AUTH_NTLMSSP_NEG.\n")); - return False; - } - - p->ntlmssp_chal_flags = SMBD_NTLMSSP_NEG_FLAGS; - p->ntlmssp_auth_requested = True; - break; - - case NETSEC_AUTH_TYPE: - { - RPC_AUTH_NETSEC_NEG neg; - struct netsec_auth_struct *a = &(p->netsec_auth); - - if (!server_auth2_negotiated) { - DEBUG(0, ("Attempt to bind using schannel " - "without successful serverauth2\n")); - return False; - } - - if (!smb_io_rpc_auth_netsec_neg("", &neg, rpc_in_p, 0)) { - DEBUG(0,("api_pipe_bind_req: " - "Could not unmarshal SCHANNEL auth neg\n")); - return False; - } - - p->netsec_auth_validated = True; - - memset(a->sess_key, 0, sizeof(a->sess_key)); - memcpy(a->sess_key, last_dcinfo.sess_key, sizeof(last_dcinfo.sess_key)); - - a->seq_num = 0; - - DEBUG(10,("schannel auth: domain [%s] myname [%s]\n", - neg.domain, neg.myname)); - break; + if(auth_info.auth_type == NTLMSSP_AUTH_TYPE) { + + if(!smb_io_rpc_auth_verifier("", &auth_verifier, rpc_in_p, 0)) { + DEBUG(0,("api_pipe_bind_req: unable to " + "unmarshall RPC_HDR_AUTH struct.\n")); + return False; + } + + if(!strequal(auth_verifier.signature, "NTLMSSP")) { + DEBUG(0,("api_pipe_bind_req: " + "auth_verifier.signature != NTLMSSP\n")); + return False; + } + + if(auth_verifier.msg_type != NTLMSSP_NEGOTIATE) { + DEBUG(0,("api_pipe_bind_req: " + "auth_verifier.msg_type (%d) != NTLMSSP_NEGOTIATE\n", + auth_verifier.msg_type)); + return False; + } + + if(!smb_io_rpc_auth_ntlmssp_neg("", &ntlmssp_neg, rpc_in_p, 0)) { + DEBUG(0,("api_pipe_bind_req: " + "Failed to unmarshall RPC_AUTH_NTLMSSP_NEG.\n")); + return False; + } + + p->ntlmssp_chal_flags = SMBD_NTLMSSP_NEG_FLAGS; + p->ntlmssp_auth_requested = True; + + } else if (auth_info.auth_type == NETSEC_AUTH_TYPE) { + + RPC_AUTH_NETSEC_NEG neg; + struct netsec_auth_struct *a = &(p->netsec_auth); + + if (!server_auth2_negotiated) { + DEBUG(0, ("Attempt to bind using schannel " + "without successful serverauth2\n")); + return False; } - case SPNEGO_AUTH_TYPE: - default: - DEBUG(0,("api_pipe_bind_req: unknown auth type %x requested.\n", - auth_info.auth_type )); + if (!smb_io_rpc_auth_netsec_neg("", &neg, rpc_in_p, 0)) { + DEBUG(0,("api_pipe_bind_req: " + "Could not unmarshal SCHANNEL auth neg\n")); return False; + } + + p->netsec_auth_validated = True; + + memset(a->sess_key, 0, sizeof(a->sess_key)); + memcpy(a->sess_key, last_dcinfo.sess_key, sizeof(last_dcinfo.sess_key)); + + a->seq_num = 0; + + DEBUG(10,("schannel auth: domain [%s] myname [%s]\n", + neg.domain, neg.myname)); + + } else { + DEBUG(0,("api_pipe_bind_req: unknown auth type %x requested.\n", + auth_info.auth_type )); + return False; } } |