summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source/lib/msrpc-client.c2
-rw-r--r--source/msrpc/msrpcd_process.c8
-rw-r--r--source/rpc_client/cli_pipe.c26
-rw-r--r--source/rpc_parse/parse_prs.c17
-rw-r--r--source/rpc_server/srv_pipe.c6
-rw-r--r--source/smbd/ipc.c8
6 files changed, 40 insertions, 27 deletions
diff --git a/source/lib/msrpc-client.c b/source/lib/msrpc-client.c
index ed7ed14c662..972cb591f7b 100644
--- a/source/lib/msrpc-client.c
+++ b/source/lib/msrpc-client.c
@@ -87,6 +87,8 @@ BOOL msrpc_receive_prs(struct msrpc_state *msrpc, prs_struct *ps)
memcpy(data, smb_base(msrpc->inbuf), len);
+ prs_debug_out(ps, "msrpc_receive_prs", 200);
+
return True;
}
diff --git a/source/msrpc/msrpcd_process.c b/source/msrpc/msrpcd_process.c
index d5e2f2846aa..42d3c3eec46 100644
--- a/source/msrpc/msrpcd_process.c
+++ b/source/msrpc/msrpcd_process.c
@@ -152,12 +152,8 @@ static int do_message(pipes_struct *p,
{
static int pid= -1;
- prs_struct pd;
int outsize = -1;
- /* make a static data parsing structure from the api_fd_reply data */
- prs_create(&pd, smb_base(inbuf), smb_len(inbuf), 4, True);
-
if (pid == -1)
pid = getpid();
@@ -176,10 +172,6 @@ static int do_message(pipes_struct *p,
DEBUG(10,("do_message: returned %d bytes\n", outsize));
- /* DO NOT free pd with prs_free_data because the memory it
- * uses is inbuf, which is not controlled by this function
- */
-
return outsize;
}
diff --git a/source/rpc_client/cli_pipe.c b/source/rpc_client/cli_pipe.c
index 638c626cb4a..2595bfcd4ce 100644
--- a/source/rpc_client/cli_pipe.c
+++ b/source/rpc_client/cli_pipe.c
@@ -291,6 +291,7 @@ static BOOL create_request_pdu(struct cli_connection *con,
prs_struct hdr_auth;
prs_struct auth_verf;
int data_len;
+ int frag_len;
int auth_len;
BOOL auth_verify;
BOOL auth_seal;
@@ -322,10 +323,10 @@ static BOOL create_request_pdu(struct cli_connection *con,
(*data_end) += data_len;
/* happen to know that NTLMSSP authentication verifier is 16 bytes */
- data_len = data_len + auth_len + (auth_verify ? 8 : 0) + 0x18;
+ frag_len = data_len + auth_len + (auth_verify ? 8 : 0) + 0x18;
prs_init(&data_t , 0 , 4, False);
- prs_init(&hdr , data_len, 4, False);
+ prs_init(&hdr , frag_len, 4, False);
prs_init(&hdr_auth , 8 , 4, False);
prs_init(&auth_verf, auth_len, 4, False);
@@ -333,12 +334,12 @@ static BOOL create_request_pdu(struct cli_connection *con,
data_t.end = data_t.data_size;
data_t.offset = data_t.data_size;
- create_rpc_request(&hdr, op_num, flags, data_len, auth_len);
+ create_rpc_request(&hdr, op_num, flags, frag_len, auth_len);
if (auth_seal)
{
- crc32 = crc32_calc_buffer(data_len, d);
- NTLMSSPcalc_ap(nt, (uchar*)d, data_len);
+ crc32 = crc32_calc_buffer(frag_len, d);
+ NTLMSSPcalc_ap(nt, (uchar*)d, frag_len);
}
if (auth_seal || auth_verify)
@@ -371,8 +372,8 @@ static BOOL create_request_pdu(struct cli_connection *con,
prs_link(&hdr, &data_t, NULL );
}
- DEBUG(100,("data_len: 0x%x data_calc_len: 0x%x\n",
- data_len, prs_buf_len(&data_t)));
+ DEBUG(100,("frag_len: 0x%x data_len: 0x%x data_calc_len: 0x%x\n",
+ frag_len, data_len, prs_buf_len(&data_t)));
if (data_len != prs_buf_len(&data_t))
{
@@ -384,9 +385,14 @@ static BOOL create_request_pdu(struct cli_connection *con,
return False;
}
+ DEBUG(100,("create_request_pdu: %d\n", __LINE__));
+
/* this is all a hack */
- prs_init(dataa, data_len, 4, False);
- prs_buf_copy(dataa->data, &hdr, 0, data_len);
+ prs_init(dataa, prs_buf_len(&hdr), 4, False);
+ prs_debug_out(dataa, "create_request_pdu", 200);
+ prs_buf_copy(dataa->data, &hdr, 0, frag_len);
+
+ DEBUG(100,("create_request_pdu: %d\n", __LINE__));
prs_free_data(&hdr_auth );
prs_free_data(&auth_verf);
@@ -463,6 +469,7 @@ BOOL rpc_api_pipe_bind(struct cli_connection *con, prs_struct *data, prs_struct
}
DEBUG(6,("cli_pipe: fragment first and last both set\n"));
+
return True;
}
@@ -507,6 +514,7 @@ BOOL rpc_api_pipe_req(struct cli_connection *con, uint8 opnum,
}
DEBUG(10,("rpc_api_pipe_req: end: %d\n", data_end));
+ dbgflush();
if (!rpc_api_send_rcv_pdu(con, &data_t, &rpdu))
{
diff --git a/source/rpc_parse/parse_prs.c b/source/rpc_parse/parse_prs.c
index a9ebe6ec79e..c5887cd7a12 100644
--- a/source/rpc_parse/parse_prs.c
+++ b/source/rpc_parse/parse_prs.c
@@ -37,14 +37,17 @@ void prs_debug(prs_struct *ps, int depth, char *desc, char *fn_name)
/*******************************************************************
debug a parse structure
********************************************************************/
-void prs_debug_out(prs_struct *ps, char *msg, int level)
+void prs_debug_out(const prs_struct *ps, char *msg, int level)
{
CHECK_STRUCT(ps);
DEBUG(level,("%s ps: io %s align %d offset %d err %d data %p len %d\n",
msg, BOOLSTR(ps->io), ps->align, ps->offset, ps->error,
ps->data, prs_buf_len(ps)));
- dump_data(level, ps->data, prs_buf_len(ps));
+ if (ps->data != NULL)
+ {
+ dump_data(level, ps->data, prs_buf_len(ps));
+ }
}
/*******************************************************************
@@ -80,6 +83,9 @@ void prs_init(prs_struct *ps, uint32 size, uint8 align, BOOL io)
********************************************************************/
void prs_create(prs_struct *ps, char *data, uint32 size, uint8 align, BOOL io)
{
+ DEBUG(200,("prs_create: data:%p size:%d align:%d io:%s\n",
+ data, size, align, BOOLSTR(io)));
+
prs_init(ps, 0, align, io);
ps->data = data;
ps->data_size = size;
@@ -185,6 +191,8 @@ BOOL prs_buf_copy(char *copy_into, const prs_struct *buf,
DEBUG(200,("prs_struct_copy: data[%d..%d] offset %d len %d\n",
buf->start, data_len, offset, len));
+ prs_debug_out(bcp, "prs_struct_copy", 200);
+
/* there's probably an off-by-one bug, here, and i haven't even tested the code :-) */
while (offset < end && ((q = prs_data(bcp, offset)) != NULL))
{
@@ -397,12 +405,9 @@ void prs_align(prs_struct *ps)
********************************************************************/
BOOL prs_grow(prs_struct *ps, uint32 new_size)
{
- BOOL ret;
CHECK_STRUCT(ps);
if (ps->error) return False;
- ret = prs_grow_data(ps, ps->io, new_size, False);
- prs_debug_out(ps, "prs_grow", 200);
- return ret;
+ return prs_grow_data(ps, ps->io, new_size, False);
}
/*******************************************************************
diff --git a/source/rpc_server/srv_pipe.c b/source/rpc_server/srv_pipe.c
index a8df40fad5d..3c7b2774e9d 100644
--- a/source/rpc_server/srv_pipe.c
+++ b/source/rpc_server/srv_pipe.c
@@ -948,6 +948,10 @@ static BOOL rpc_redir_local(rpcsrv_struct *l, prs_struct *req, prs_struct *resp,
if (reply)
{
/* flatten the data into a single pdu */
+ DEBUG(200,("rpc_redir_local: %d\n", __LINE__));
+ prs_init(resp, 0, 4, False);
+ prs_debug_out(resp , "redir_local resp", 200);
+ prs_debug_out(&l->rhdr, "send_rcv rhdr", 200);
reply = prs_copy(resp, &l->rhdr);
}
@@ -973,6 +977,8 @@ BOOL rpc_send_and_rcv_pdu(pipes_struct *p)
BOOL ret = create_rpc_reply(p->l, p->l->rdata_offset);
/* flatten the data into a single pdu */
if (!ret) return False;
+ prs_debug_out(&p->rsmb_pdu, "send_rcv rsmb_pdu", 200);
+ prs_debug_out(&p->l->rhdr , "send_rcv rhdr", 200);
return prs_copy(&p->rsmb_pdu, &p->l->rhdr);
}
else
diff --git a/source/smbd/ipc.c b/source/smbd/ipc.c
index 45004d3ad27..facc0d26139 100644
--- a/source/smbd/ipc.c
+++ b/source/smbd/ipc.c
@@ -3123,6 +3123,7 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param,
static void api_rpc_trans_reply(char *outbuf,
pipes_struct *p)
{
+ prs_debug_out(&p->rsmb_pdu, "api_rpc_trans_reply", 200);
send_trans_reply(outbuf, &p->rsmb_pdu, NULL, NULL, 0, p->file_offset);
if (prs_buf_len(&p->rsmb_pdu) <= p->file_offset)
@@ -3423,16 +3424,15 @@ static int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data
api_Unsupported(conn,vuid,params,data,mdrcnt,mprcnt,
&rdata,&rparam,&rdata_len,&rparam_len);
-
prs_create(&rdata_buf , rdata , rdata_len , 0, False);
prs_create(&rparam_buf, rparam, rparam_len, 0, False);
/* now send the reply */
send_trans_reply(outbuf, &rdata_buf, &rparam_buf, NULL, 0, 0);
- prs_free_data(&rdata_buf);
- prs_free_data(&rparam_buf);
-
+ prs_free_data(&rdata_buf );
+ prs_free_data(&rparam_buf);
+
return(-1);
}
View Lorry Controller Status