diff options
author | Gerald Carter <jerry@samba.org> | 2004-05-08 04:18:43 +0000 |
---|---|---|
committer | Gerald Carter <jerry@samba.org> | 2004-05-08 04:18:43 +0000 |
commit | 9195e5d9cf127c3af1b1f1a6ed19f5f9533b8024 (patch) | |
tree | bab440f78d47e0b3463044f2fa01ae31187f3afa | |
parent | 380fefe8c33a563467abe2127456657f47a1a746 (diff) | |
download | samba-9195e5d9cf127c3af1b1f1a6ed19f5f9533b8024.tar.gz |
r585: merge of fix for KB828741 -- pw chg -- from 3.0
-rw-r--r-- | source/rpc_server/srv_pipe.c | 42 |
1 files changed, 30 insertions, 12 deletions
diff --git a/source/rpc_server/srv_pipe.c b/source/rpc_server/srv_pipe.c index e3a5528bcf7..aa89441c00e 100644 --- a/source/rpc_server/srv_pipe.c +++ b/source/rpc_server/srv_pipe.c @@ -77,6 +77,7 @@ BOOL create_next_pdu(pipes_struct *p) RPC_HDR_RESP hdr_resp; BOOL auth_verify = ((p->ntlmssp_chal_flags & NTLMSSP_NEGOTIATE_SIGN) != 0); BOOL auth_seal = ((p->ntlmssp_chal_flags & NTLMSSP_NEGOTIATE_SEAL) != 0); + uint32 ss_padding_len = 0; uint32 data_len; uint32 data_space_available; uint32 data_len_left; @@ -140,11 +141,24 @@ BOOL create_next_pdu(pipes_struct *p) hdr_resp.alloc_hint = data_len_left; /* + * Work out if this PDU will be the last. + */ + + if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) { + p->hdr.flags |= RPC_FLG_LAST; + if ((auth_seal || auth_verify) && (data_len_left % 8)) { + ss_padding_len = 8 - (data_len_left % 8); + DEBUG(10,("create_next_pdu: adding sign/seal padding of %u\n", + ss_padding_len )); + } + } + + /* * Set up the header lengths. */ if (p->ntlmssp_auth_validated) { - p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len + + p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len + ss_padding_len + RPC_HDR_AUTH_LEN + RPC_AUTH_NTLMSSP_CHK_LEN; p->hdr.auth_len = RPC_AUTH_NTLMSSP_CHK_LEN; } else { @@ -153,13 +167,6 @@ BOOL create_next_pdu(pipes_struct *p) } /* - * Work out if this PDU will be the last. - */ - - if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) - p->hdr.flags |= RPC_FLG_LAST; - - /* * Init the parse struct to point at the outgoing * data. */ @@ -192,6 +199,17 @@ BOOL create_next_pdu(pipes_struct *p) return False; } + /* Copy the sign/seal padding data. */ + if (ss_padding_len) { + char pad[8]; + memset(pad, '\0', 8); + if (!prs_append_data(&outgoing_pdu, pad, ss_padding_len)) { + DEBUG(0,("create_next_pdu: failed to add %u bytes of pad data.\n", (unsigned int)ss_padding_len)); + prs_mem_free(&outgoing_pdu); + return False; + } + } + /* * Set data to point to where we copied the data into. */ @@ -202,18 +220,18 @@ BOOL create_next_pdu(pipes_struct *p) uint32 crc32 = 0; DEBUG(5,("create_next_pdu: sign: %s seal: %s data %d auth %d\n", - BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len, p->hdr.auth_len)); + BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len + ss_padding_len, p->hdr.auth_len)); if (auth_seal) { - crc32 = crc32_calc_buffer(data, data_len); - NTLMSSPcalc_p(p, (uchar*)data, data_len); + crc32 = crc32_calc_buffer(data, data_len + ss_padding_len); + NTLMSSPcalc_p(p, (uchar*)data, data_len + ss_padding_len); } if (auth_seal || auth_verify) { RPC_HDR_AUTH auth_info; init_rpc_hdr_auth(&auth_info, NTLMSSP_AUTH_TYPE, NTLMSSP_AUTH_LEVEL, - (auth_verify ? RPC_HDR_AUTH_LEN : 0), (auth_verify ? 1 : 0)); + (auth_verify ? ss_padding_len : 0), (auth_verify ? 1 : 0)); if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, &outgoing_pdu, 0)) { DEBUG(0,("create_next_pdu: failed to marshall RPC_HDR_AUTH.\n")); prs_mem_free(&outgoing_pdu); |