diff options
Diffstat (limited to 'source/include/rpc_dce.h')
| -rw-r--r-- | source/include/rpc_dce.h | 74 |
1 files changed, 53 insertions, 21 deletions
diff --git a/source/include/rpc_dce.h b/source/include/rpc_dce.h index 52544ac6422..9ffcf50337d 100644 --- a/source/include/rpc_dce.h +++ b/source/include/rpc_dce.h @@ -26,6 +26,7 @@ #include "rpc_misc.h" /* this only pulls in STRHDR */ + /* DCE/RPC packet types */ enum RPC_PKT_TYPE @@ -35,15 +36,13 @@ enum RPC_PKT_TYPE RPC_FAULT = 0x03, RPC_BIND = 0x0B, RPC_BINDACK = 0x0C, - RPC_ALTCONT = 0x0E, - RPC_ALTCONTRESP = 0x0F, + RPC_BINDNACK = 0x0D, RPC_BINDRESP = 0x10 /* not the real name! this is undocumented! */ }; /* DCE/RPC flags */ #define RPC_FLG_FIRST 0x01 #define RPC_FLG_LAST 0x02 -#define RPC_FLG_NOCALL 0x20 /* NTLMSSP message types */ enum NTLM_MESSAGE_TYPE @@ -61,9 +60,7 @@ enum NTLM_MESSAGE_TYPE #define NTLMSSP_NEGOTIATE_SIGN 0x00000010 #define NTLMSSP_NEGOTIATE_SEAL 0x00000020 #define NTLMSSP_NEGOTIATE_LM_KEY 0x00000080 -#define NTLMSSP_NEGOTIATE_00000100 0x00000100 #define NTLMSSP_NEGOTIATE_NTLM 0x00000200 -#define NTLMSSP_NEGOTIATE_00000400 0x00000400 #define NTLMSSP_NEGOTIATE_00001000 0x00001000 #define NTLMSSP_NEGOTIATE_00002000 0x00002000 #define NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0x00008000 @@ -72,18 +69,42 @@ enum NTLM_MESSAGE_TYPE #define NTLMSSP_NEGOTIATE_128 0x20000000 #define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000 +#define SMBD_NTLMSSP_NEG_FLAGS 0x000082b1 + /* NTLMSSP signature version */ #define NTLMSSP_SIGN_VERSION 0x01 +/* NTLMSSP auth type and level. */ +#define NTLMSSP_AUTH_TYPE 0xa +#define NTLMSSP_AUTH_LEVEL 0x6 + +/* Maximum PDU fragment size. */ +#define MAX_PDU_FRAG_LEN 0x1630 + +/* + * Actual structure of a DCE UUID + */ + +typedef struct rpc_uuid +{ + uint32 time_low; + uint16 time_mid; + uint16 time_hi_and_version; + uint8 remaining[8]; +} RPC_UUID; + +#define RPC_UUID_LEN 16 /* RPC_IFACE */ typedef struct rpc_iface_info { - uint8 data[16]; /* 16 bytes of rpc interface identification */ + RPC_UUID uuid; /* 16 bytes of rpc interface identification */ uint32 version; /* the interface version number */ } RPC_IFACE; +#define RPC_IFACE_LEN (RPC_UUID_LEN + 4) + struct pipe_id_info { /* the names appear not to matter: the syntaxes _do_ matter */ @@ -102,13 +123,15 @@ typedef struct rpc_hdr_info uint8 minor; /* 0 - RPC minor version */ uint8 pkt_type; /* RPC_PKT_TYPE - RPC response packet */ uint8 flags; /* DCE/RPC flags */ - uint32 pack_type; /* 0x1000 0000 - packed data representation */ + uint8 pack_type[4]; /* 0x1000 0000 - little-endian packed data representation */ uint16 frag_len; /* fragment length - data size (bytes) inc header and tail. */ uint16 auth_len; /* 0 - authentication length */ uint32 call_id; /* call identifier. matches 12th uint32 of incoming RPC data. */ } RPC_HDR; +#define RPC_HEADER_LEN 16 + /* RPC_HDR_REQ - ms request rpc header */ typedef struct rpc_hdr_req_info { @@ -118,6 +141,8 @@ typedef struct rpc_hdr_req_info } RPC_HDR_REQ; +#define RPC_HDR_REQ_LEN 8 + /* RPC_HDR_RESP - ms response rpc header */ typedef struct rpc_hdr_resp_info { @@ -128,13 +153,7 @@ typedef struct rpc_hdr_resp_info } RPC_HDR_RESP; -/* RPC_HDR_FAULT - ms fault rpc header */ -typedef struct rpc_hdr_fault_info -{ - uint32 status; - uint32 reserved; /* 0x0000 0000 */ - -} RPC_HDR_FAULT; +#define RPC_HDR_RESP_LEN 8 /* this seems to be the same string name depending on the name of the pipe, * but is more likely to be linked to the interface name @@ -160,6 +179,8 @@ typedef struct rpc_hdr_bba_info } RPC_HDR_BBA; +#define RPC_HDR_BBA_LEN 8 + /* RPC_HDR_AUTHA */ typedef struct rpc_hdr_autha_info { @@ -175,6 +196,8 @@ typedef struct rpc_hdr_autha_info } RPC_HDR_AUTHA; +#define RPC_HDR_AUTHA_LEN 12 + /* RPC_HDR_AUTH */ typedef struct rpc_hdr_auth_info { @@ -187,6 +210,8 @@ typedef struct rpc_hdr_auth_info } RPC_HDR_AUTH; +#define RPC_HDR_AUTH_LEN 8 + /* RPC_BIND_REQ - ms req bind */ typedef struct rpc_bind_req_info { @@ -201,6 +226,13 @@ typedef struct rpc_bind_req_info } RPC_HDR_RB; +/* + * The following length is 8 bytes RPC_HDR_BBA_LEN, 8 bytes internals + * (with 3 bytes padding), + 2 x RPC_IFACE_LEN bytes for RPC_IFACE structs. + */ + +#define RPC_HDR_RB_LEN (RPC_HDR_BBA_LEN + 8 + (2*RPC_IFACE_LEN)) + /* RPC_RESULTS - can only cope with one reason, right now... */ typedef struct rpc_results_info { @@ -226,13 +258,13 @@ typedef struct rpc_hdr_ba_info } RPC_HDR_BA; -/* RPC_AUTH_NTLMSSP_VERIFIER */ -typedef struct rpc_auth_ntlmssp_verif_info +/* RPC_AUTH_VERIFIER */ +typedef struct rpc_auth_verif_info { fstring signature; /* "NTLMSSP" */ uint32 msg_type; /* NTLMSSP_MESSAGE_TYPE (1,2,3) */ -} RPC_AUTH_NTLMSSP_VERIFIER; +} RPC_AUTH_VERIFIER; /* this is TEMPORARILY coded up as a specific structure */ /* this structure comes after the bind request */ @@ -267,8 +299,8 @@ typedef struct rpc_auth_ntlmssp_chal_info /* RPC_AUTH_NTLMSSP_RESP */ typedef struct rpc_auth_ntlmssp_resp_info { - STRHDR hdr_lm_resp; /* LM response (NULL or 24 bytes) */ - STRHDR hdr_nt_resp; /* NT response (NULL, 24 or variable-length) */ + STRHDR hdr_lm_resp; /* 24 byte response */ + STRHDR hdr_nt_resp; /* 24 byte response */ STRHDR hdr_domain; STRHDR hdr_usr; STRHDR hdr_wks; @@ -284,7 +316,6 @@ typedef struct rpc_auth_ntlmssp_resp_info } RPC_AUTH_NTLMSSP_RESP; - /* attached to the end of encrypted rpc requests and responses */ /* RPC_AUTH_NTLMSSP_CHK */ typedef struct rpc_auth_ntlmssp_chk_info @@ -296,5 +327,6 @@ typedef struct rpc_auth_ntlmssp_chk_info } RPC_AUTH_NTLMSSP_CHK; -#endif /* _DCE_RPC_H */ +#define RPC_AUTH_NTLMSSP_CHK_LEN 16 +#endif /* _DCE_RPC_H */ |