3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1997,
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
8 * Copyright (C) Paul Ashton 1997.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 extern int DEBUGLEVEL;
31 /*******************************************************************
32 interface/version dce/rpc pipe identification
33 ********************************************************************/
35 #define TRANS_SYNT_V2 \
38 0x04, 0x5d, 0x88, 0x8a, \
39 0xeb, 0x1c, 0xc9, 0x11, \
40 0x9f, 0xe8, 0x08, 0x00, \
41 0x2b, 0x10, 0x48, 0x60 \
45 #define SYNT_SVCCTL_V2 \
48 0x81, 0xbb, 0x7a, 0x36, \
49 0x44, 0x98, 0xf1, 0x35, \
50 0xad, 0x32, 0x98, 0xf0, \
51 0x38, 0x00, 0x10, 0x03 \
55 #define SYNT_NETLOGON_V2 \
58 0x04, 0x5d, 0x88, 0x8a, \
59 0xeb, 0x1c, 0xc9, 0x11, \
60 0x9f, 0xe8, 0x08, 0x00, \
61 0x2b, 0x10, 0x48, 0x60 \
65 #define SYNT_WKSSVC_V1 \
68 0x98, 0xd0, 0xff, 0x6b, \
69 0x12, 0xa1, 0x10, 0x36, \
70 0x98, 0x33, 0x46, 0xc3, \
71 0xf8, 0x7e, 0x34, 0x5a \
75 #define SYNT_SRVSVC_V3 \
78 0xc8, 0x4f, 0x32, 0x4b, \
79 0x70, 0x16, 0xd3, 0x01, \
80 0x12, 0x78, 0x5a, 0x47, \
81 0xbf, 0x6e, 0xe1, 0x88 \
85 #define SYNT_LSARPC_V0 \
88 0x78, 0x57, 0x34, 0x12, \
89 0x34, 0x12, 0xcd, 0xab, \
90 0xef, 0x00, 0x01, 0x23, \
91 0x45, 0x67, 0x89, 0xab \
95 #define SYNT_SAMR_V1 \
98 0x78, 0x57, 0x34, 0x12, \
99 0x34, 0x12, 0xcd, 0xab, \
100 0xef, 0x00, 0x01, 0x23, \
101 0x45, 0x67, 0x89, 0xac \
105 #define SYNT_NETLOGON_V1 \
108 0x78, 0x56, 0x34, 0x12, \
109 0x34, 0x12, 0xcd, 0xab, \
110 0xef, 0x00, 0x01, 0x23, \
111 0x45, 0x67, 0xcf, 0xfb \
115 #define SYNT_WINREG_V1 \
118 0x01, 0xd0, 0x8c, 0x33, \
119 0x44, 0x22, 0xf1, 0x31, \
120 0xaa, 0xaa, 0x90, 0x00, \
121 0x38, 0x00, 0x10, 0x03 \
125 #define SYNT_ATSVC_V1 \
128 0x82, 0x06, 0xf7, 0x1f, \
129 0x51, 0x0a, 0xe8, 0x30, \
130 0x07, 0x6d, 0x74, 0x0b, \
131 0xe8, 0xce, 0xe9, 0x8b \
135 #define SYNT_SPOOLSS_V1 \
138 0x78, 0x56, 0x34, 0x12, \
139 0x34, 0x12, 0xcd, 0xab, \
140 0xef, 0x00, 0x01, 0x23, \
141 0x45, 0x67, 0x89, 0xab \
145 #define SYNT_NONE_V0 \
148 0x00, 0x00, 0x00, 0x00, \
149 0x00, 0x00, 0x00, 0x00, \
150 0x00, 0x00, 0x00, 0x00, \
151 0x00, 0x00, 0x00, 0x00 \
155 #define SYNT_EVENTLOG_V0 \
158 0xdc, 0x3f, 0x27, 0x82, \
159 0x2a, 0xe3, 0xc3, 0x18, \
160 0x3f, 0x78, 0x82, 0x79, \
161 0x29, 0xdc, 0x23, 0xea \
165 struct pipe_id_info pipe_names [] =
167 /* client pipe , abstract syntax , server pipe , transfer syntax */
168 { PIPE_LSARPC , SYNT_LSARPC_V0 , PIPE_LSASS , TRANS_SYNT_V2 },
169 { PIPE_SAMR , SYNT_SAMR_V1 , PIPE_LSASS , TRANS_SYNT_V2 },
170 { PIPE_NETLOGON, SYNT_NETLOGON_V1, PIPE_LSASS , TRANS_SYNT_V2 },
171 { PIPE_SRVSVC , SYNT_SRVSVC_V3 , PIPE_NTSVCS , TRANS_SYNT_V2 },
172 { PIPE_SVCCTL , SYNT_SVCCTL_V2 , PIPE_NTSVCS , TRANS_SYNT_V2 },
173 { PIPE_WKSSVC , SYNT_WKSSVC_V1 , PIPE_NTSVCS , TRANS_SYNT_V2 },
174 { PIPE_WINREG , SYNT_WINREG_V1 , PIPE_WINREG , TRANS_SYNT_V2 },
175 { PIPE_ATSVC , SYNT_ATSVC_V1 , PIPE_ATSVC , TRANS_SYNT_V2 },
176 { PIPE_SPOOLSS , SYNT_SPOOLSS_V1 , PIPE_SPOOLSS , TRANS_SYNT_V2 },
177 { PIPE_EVENTLOG, SYNT_EVENTLOG_V0, PIPE_EVENTLOG , TRANS_SYNT_V2 },
178 { NULL , SYNT_NONE_V0 , NULL , SYNT_NONE_V0 }
181 /*******************************************************************
182 creates an RPC_HDR structure.
183 ********************************************************************/
184 void make_rpc_hdr(RPC_HDR *hdr, enum RPC_PKT_TYPE pkt_type, uint8 flags,
185 uint32 call_id, int data_len, int auth_len)
187 if (hdr == NULL) return;
189 hdr->major = 5; /* RPC version 5 */
190 hdr->minor = 0; /* minor version 0 */
191 hdr->pkt_type = pkt_type; /* RPC packet type */
192 hdr->flags = flags; /* dce/rpc flags */
193 hdr->pack_type = 0x10; /* packed data representation */
194 hdr->frag_len = data_len; /* fragment length, fill in later */
195 hdr->auth_len = auth_len; /* authentication length */
196 hdr->call_id = call_id; /* call identifier - match incoming RPC */
199 /*******************************************************************
200 reads or writes an RPC_HDR structure.
201 ********************************************************************/
202 void smb_io_rpc_hdr(char *desc, RPC_HDR *rpc, prs_struct *ps, int depth)
204 if (rpc == NULL) return;
206 prs_debug(ps, depth, desc, "smb_io_rpc_hdr");
209 prs_uint8 ("major ", ps, depth, &(rpc->major));
210 prs_uint8 ("minor ", ps, depth, &(rpc->minor));
211 prs_uint8 ("pkt_type ", ps, depth, &(rpc->pkt_type));
212 prs_uint8 ("flags ", ps, depth, &(rpc->flags));
213 prs_uint32("pack_type ", ps, depth, &(rpc->pack_type));
214 prs_uint16("frag_len ", ps, depth, &(rpc->frag_len));
215 prs_uint16("auth_len ", ps, depth, &(rpc->auth_len));
216 prs_uint32("call_id ", ps, depth, &(rpc->call_id));
219 /*******************************************************************
220 reads or writes an RPC_IFACE structure.
221 ********************************************************************/
222 static void smb_io_rpc_iface(char *desc, RPC_IFACE *ifc, prs_struct *ps, int depth)
224 if (ifc == NULL) return;
226 prs_debug(ps, depth, desc, "smb_io_rpc_iface");
231 prs_uint8s (False, "data ", ps, depth, ifc->data, sizeof(ifc->data));
232 prs_uint32 ( "version", ps, depth, &(ifc->version));
235 /*******************************************************************
236 creates an RPC_ADDR_STR structure.
238 The name can be null (RPC Alter-Context)
239 ********************************************************************/
240 static void make_rpc_addr_str(RPC_ADDR_STR *str, char *name)
242 if (str == NULL ) return;
246 fstrcpy(str->str, "");
250 str->len = strlen(name) + 1;
251 fstrcpy(str->str, name);
255 /*******************************************************************
256 reads or writes an RPC_ADDR_STR structure.
257 ********************************************************************/
258 static void smb_io_rpc_addr_str(char *desc, RPC_ADDR_STR *str, prs_struct *ps, int depth)
260 if (str == NULL) return;
262 prs_debug(ps, depth, desc, "smb_io_rpc_addr_str");
266 prs_uint16 ( "len", ps, depth, &(str->len));
267 prs_uint8s (True, "str", ps, depth, (uchar*)str->str, str->len);
270 /*******************************************************************
271 creates an RPC_HDR_BBA structure.
272 ********************************************************************/
273 static void make_rpc_hdr_bba(RPC_HDR_BBA *bba, uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid)
275 if (bba == NULL) return;
277 bba->max_tsize = max_tsize; /* maximum transmission fragment size (0x1630) */
278 bba->max_rsize = max_rsize; /* max receive fragment size (0x1630) */
279 bba->assoc_gid = assoc_gid; /* associated group id (0x0) */
282 /*******************************************************************
283 reads or writes an RPC_HDR_BBA structure.
284 ********************************************************************/
285 static void smb_io_rpc_hdr_bba(char *desc, RPC_HDR_BBA *rpc, prs_struct *ps, int depth)
287 if (rpc == NULL) return;
289 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_bba");
292 prs_uint16("max_tsize", ps, depth, &(rpc->max_tsize));
293 prs_uint16("max_rsize", ps, depth, &(rpc->max_rsize));
294 prs_uint32("assoc_gid", ps, depth, &(rpc->assoc_gid));
297 /*******************************************************************
298 creates an RPC_HDR_RB structure.
299 ********************************************************************/
300 void make_rpc_hdr_rb(RPC_HDR_RB *rpc,
301 uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
302 uint32 num_elements, uint16 context_id, uint8 num_syntaxes,
303 RPC_IFACE *abstract, RPC_IFACE *transfer)
305 if (rpc == NULL) return;
307 make_rpc_hdr_bba(&(rpc->bba), max_tsize, max_rsize, assoc_gid);
309 rpc->num_elements = num_elements ; /* the number of elements (0x1) */
310 rpc->context_id = context_id ; /* presentation context identifier (0x0) */
311 rpc->num_syntaxes = num_syntaxes ; /* the number of syntaxes (has always been 1?)(0x1) */
313 /* num and vers. of interface client is using */
314 memcpy(&(rpc->abstract), abstract, sizeof(rpc->abstract));
316 /* num and vers. of interface to use for replies */
317 memcpy(&(rpc->transfer), transfer, sizeof(rpc->transfer));
320 /*******************************************************************
321 reads or writes an RPC_HDR_RB structure.
322 ********************************************************************/
323 void smb_io_rpc_hdr_rb(char *desc, RPC_HDR_RB *rpc, prs_struct *ps, int depth)
325 if (rpc == NULL) return;
327 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_rb");
330 smb_io_rpc_hdr_bba("", &(rpc->bba), ps, depth);
332 prs_uint32("num_elements", ps, depth, &(rpc->num_elements));
333 prs_uint16("context_id ", ps, depth, &(rpc->context_id ));
334 prs_uint8 ("num_syntaxes", ps, depth, &(rpc->num_syntaxes));
336 smb_io_rpc_iface("", &(rpc->abstract), ps, depth);
337 smb_io_rpc_iface("", &(rpc->transfer), ps, depth);
340 /*******************************************************************
341 creates an RPC_RESULTS structure.
343 lkclXXXX only one reason at the moment!
345 ********************************************************************/
346 static void make_rpc_results(RPC_RESULTS *res,
347 uint8 num_results, uint16 result, uint16 reason)
349 if (res == NULL) return;
351 res->num_results = num_results; /* the number of results (0x01) */
352 res->result = result ; /* result (0x00 = accept) */
353 res->reason = reason ; /* reason (0x00 = no reason specified) */
356 /*******************************************************************
357 reads or writes an RPC_RESULTS structure.
359 lkclXXXX only one reason at the moment!
361 ********************************************************************/
362 static void smb_io_rpc_results(char *desc, RPC_RESULTS *res, prs_struct *ps, int depth)
364 if (res == NULL) return;
366 prs_debug(ps, depth, desc, "smb_io_rpc_results");
371 prs_uint8 ("num_results", ps, depth, &(res->num_results));
375 prs_uint16("result ", ps, depth, &(res->result ));
376 prs_uint16("reason ", ps, depth, &(res->reason ));
379 /*******************************************************************
380 creates an RPC_HDR_BA structure.
382 lkclXXXX only one reason at the moment!
383 jfm: nope two ! The pipe_addr can be NULL !
385 ********************************************************************/
386 void make_rpc_hdr_ba(RPC_HDR_BA *rpc,
387 uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
389 uint8 num_results, uint16 result, uint16 reason,
392 if (rpc == NULL || transfer == NULL) return;
394 make_rpc_hdr_bba (&(rpc->bba ), max_tsize, max_rsize, assoc_gid);
395 make_rpc_addr_str(&(rpc->addr), pipe_addr);
396 make_rpc_results (&(rpc->res ), num_results, result, reason);
398 /* the transfer syntax from the request */
399 memcpy(&(rpc->transfer), transfer, sizeof(rpc->transfer));
402 /*******************************************************************
403 reads or writes an RPC_HDR_BA structure.
404 ********************************************************************/
405 void smb_io_rpc_hdr_ba(char *desc, RPC_HDR_BA *rpc, prs_struct *ps, int depth)
407 if (rpc == NULL) return;
409 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_ba");
412 smb_io_rpc_hdr_bba ("", &(rpc->bba) , ps, depth);
413 smb_io_rpc_addr_str("", &(rpc->addr) , ps, depth);
414 smb_io_rpc_results ("", &(rpc->res) , ps, depth);
415 smb_io_rpc_iface ("", &(rpc->transfer), ps, depth);
418 /*******************************************************************
419 creates an RPC_HDR_REQ structure.
420 ********************************************************************/
421 void make_rpc_hdr_req(RPC_HDR_REQ *hdr, uint32 alloc_hint, uint16 opnum)
423 if (hdr == NULL) return;
425 hdr->alloc_hint = alloc_hint; /* allocation hint */
426 hdr->context_id = 0; /* presentation context identifier */
427 hdr->opnum = opnum; /* opnum */
430 /*******************************************************************
431 reads or writes an RPC_HDR_REQ structure.
432 ********************************************************************/
433 void smb_io_rpc_hdr_req(char *desc, RPC_HDR_REQ *rpc, prs_struct *ps, int depth)
435 if (rpc == NULL) return;
437 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_req");
440 prs_uint32("alloc_hint", ps, depth, &(rpc->alloc_hint));
441 prs_uint16("context_id", ps, depth, &(rpc->context_id));
442 prs_uint16("opnum ", ps, depth, &(rpc->opnum));
445 /*******************************************************************
446 reads or writes an RPC_HDR_RESP structure.
447 ********************************************************************/
448 void smb_io_rpc_hdr_resp(char *desc, RPC_HDR_RESP *rpc, prs_struct *ps, int depth)
450 if (rpc == NULL) return;
452 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_resp");
455 prs_uint32("alloc_hint", ps, depth, &(rpc->alloc_hint));
456 prs_uint16("context_id", ps, depth, &(rpc->context_id));
457 prs_uint8 ("cancel_ct ", ps, depth, &(rpc->cancel_count));
458 prs_uint8 ("reserved ", ps, depth, &(rpc->reserved));
461 /*******************************************************************
462 creates an RPC_HDR_AUTHA structure.
463 ********************************************************************/
464 void make_rpc_hdr_autha(RPC_HDR_AUTHA *rai,
465 uint16 max_tsize, uint16 max_rsize,
466 uint8 auth_type, uint8 auth_level,
469 if (rai == NULL) return;
471 rai->max_tsize = max_tsize; /* maximum transmission fragment size (0x1630) */
472 rai->max_rsize = max_rsize; /* max receive fragment size (0x1630) */
474 rai->auth_type = auth_type; /* nt lm ssp 0x0a */
475 rai->auth_level = auth_level; /* 0x06 */
476 rai->stub_type_len = stub_type_len; /* 0x00 */
477 rai->padding = 0; /* padding 0x00 */
479 rai->unknown = 0x0014a0c0; /* non-zero pointer to something */
482 /*******************************************************************
483 reads or writes an RPC_HDR_AUTHA structure.
484 ********************************************************************/
485 void smb_io_rpc_hdr_autha(char *desc, RPC_HDR_AUTHA *rai, prs_struct *ps, int depth)
487 if (rai == NULL) return;
489 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_autha");
492 prs_uint16("max_tsize ", ps, depth, &(rai->max_tsize));
493 prs_uint16("max_rsize ", ps, depth, &(rai->max_rsize));
495 prs_uint8 ("auth_type ", ps, depth, &(rai->auth_type )); /* 0x0a nt lm ssp */
496 prs_uint8 ("auth_level ", ps, depth, &(rai->auth_level ));/* 0x06 */
497 prs_uint8 ("stub_type_len", ps, depth, &(rai->stub_type_len));
498 prs_uint8 ("padding ", ps, depth, &(rai->padding ));
500 prs_uint32("unknown ", ps, depth, &(rai->unknown )); /* 0x0014a0c0 */
503 /*******************************************************************
504 checks an RPC_HDR_AUTH structure.
505 ********************************************************************/
506 BOOL rpc_hdr_auth_chk(RPC_HDR_AUTH *rai)
508 return ((rai->auth_type == 0x0a || rai->auth_type == 0x44) &&
509 rai->auth_level == 0x06);
512 /*******************************************************************
513 creates an RPC_HDR_AUTH structure.
514 ********************************************************************/
515 void make_rpc_hdr_auth(RPC_HDR_AUTH *rai,
516 uint8 auth_type, uint8 auth_level,
520 if (rai == NULL) return;
522 rai->auth_type = auth_type; /* nt lm ssp 0x0a */
523 rai->auth_level = auth_level; /* 0x06 */
524 rai->stub_type_len = stub_type_len; /* 0x00 */
525 rai->padding = 0; /* padding 0x00 */
527 rai->unknown = ptr; /* non-zero pointer to something */
530 /*******************************************************************
531 reads or writes an RPC_HDR_AUTH structure.
532 ********************************************************************/
533 void smb_io_rpc_hdr_auth(char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int depth)
535 if (rai == NULL) return;
537 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_auth");
540 prs_uint8 ("auth_type ", ps, depth, &(rai->auth_type )); /* 0x0a nt lm ssp */
541 prs_uint8 ("auth_level ", ps, depth, &(rai->auth_level ));/* 0x06 */
542 prs_uint8 ("stub_type_len", ps, depth, &(rai->stub_type_len));
543 prs_uint8 ("padding ", ps, depth, &(rai->padding ));
545 prs_uint32("unknown ", ps, depth, &(rai->unknown )); /* 0x0014a0c0 */
548 /*******************************************************************
549 checks an RPC_AUTH_NTLMSSP_VERIFIER structure.
550 ********************************************************************/
551 BOOL rpc_auth_ntlmssp_verifier_chk(RPC_AUTH_NTLMSSP_VERIFIER *rav,
552 char *signature, uint32 msg_type)
554 return (strequal(rav->signature, signature) && rav->msg_type == msg_type);
557 /*******************************************************************
558 creates an RPC_AUTH_NTLMSSP_VERIFIER structure.
559 ********************************************************************/
560 void make_rpc_auth_ntlmssp_verifier(RPC_AUTH_NTLMSSP_VERIFIER *rav,
561 char *signature, uint32 msg_type)
563 if (rav == NULL) return;
565 fstrcpy(rav->signature, signature); /* "NTLMSSP" */
566 rav->msg_type = msg_type; /* NTLMSSP_MESSAGE_TYPE */
569 /*******************************************************************
570 reads or writes an RPC_AUTH_NTLMSSP_VERIFIER structure.
571 ********************************************************************/
572 void smb_io_rpc_auth_ntlmssp_verifier(char *desc, RPC_AUTH_NTLMSSP_VERIFIER *rav, prs_struct *ps, int depth)
574 if (rav == NULL) return;
576 prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier");
579 prs_string("signature", ps, depth, rav->signature, 0, sizeof(rav->signature)); /* "NTLMSSP" */
580 prs_uint32("msg_type ", ps, depth, &(rav->msg_type )); /* NTLMSSP_MESSAGE_TYPE */
583 /*******************************************************************
584 creates an RPC_AUTH_NTLMSSP_NEG structure.
585 ********************************************************************/
586 void make_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
588 fstring myname, fstring domain)
590 int len_myname = strlen(myname);
591 int len_domain = strlen(domain);
593 if (neg == NULL) return;
595 neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */
597 make_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname);
598 make_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20);
600 fstrcpy(neg->myname, myname);
601 fstrcpy(neg->domain, domain);
604 /*******************************************************************
605 reads or writes an RPC_AUTH_NTLMSSP_NEG structure.
607 *** lkclXXXX HACK ALERT! ***
609 ********************************************************************/
610 void smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth)
612 if (neg == NULL) return;
614 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg");
617 prs_uint32("neg_flgs ", ps, depth, &(neg->neg_flgs));
627 smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
628 smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
630 old_offset = ps->offset;
632 ps->offset = neg->hdr_myname .buffer + 0x50; /* lkclXXXX HACK! */
633 prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname )));
634 old_offset += neg->hdr_myname .str_str_len;
636 ps->offset = neg->hdr_domain .buffer + 0x50; /* lkclXXXX HACK! */
637 prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain )));
638 old_offset += neg->hdr_domain .str_str_len;
640 ps->offset = old_offset;
645 smb_io_strhdr("hdr_domain", &(neg->hdr_domain), ps, depth);
646 smb_io_strhdr("hdr_myname", &(neg->hdr_myname), ps, depth);
648 prs_uint8s(True , "myname", ps, depth, (uint8*)neg->myname , MIN(neg->hdr_myname .str_str_len, sizeof(neg->myname )));
649 prs_uint8s(True , "domain", ps, depth, (uint8*)neg->domain , MIN(neg->hdr_domain .str_str_len, sizeof(neg->domain )));
653 /*******************************************************************
654 creates an RPC_AUTH_NTLMSSP_CHAL structure.
655 ********************************************************************/
656 void make_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl,
660 if (chl == NULL) return;
662 chl->unknown_1 = 0x0;
663 chl->unknown_2 = 0x00000028;
664 chl->neg_flags = neg_flags; /* 0x0082b1 */
666 memcpy(chl->challenge, challenge, sizeof(chl->challenge));
667 bzero (chl->reserved , sizeof(chl->reserved));
670 /*******************************************************************
671 reads or writes an RPC_AUTH_NTLMSSP_CHAL structure.
672 ********************************************************************/
673 void smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth)
675 if (chl == NULL) return;
677 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chal");
680 prs_uint32("unknown_1", ps, depth, &(chl->unknown_1)); /* 0x0000 0000 */
681 prs_uint32("unknown_2", ps, depth, &(chl->unknown_2)); /* 0x0000 b2b3 */
682 prs_uint32("neg_flags", ps, depth, &(chl->neg_flags)); /* 0x0000 82b1 */
684 prs_uint8s (False, "challenge", ps, depth, chl->challenge, sizeof(chl->challenge));
685 prs_uint8s (False, "reserved ", ps, depth, chl->reserved , sizeof(chl->reserved ));
688 /*******************************************************************
689 creates an RPC_AUTH_NTLMSSP_RESP structure.
691 *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
692 *** lkclXXXX the actual offset is at the start of the auth verifier ***
694 ********************************************************************/
695 void make_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
697 uchar *nt_resp, size_t nt_len,
698 char *domain, char *user, char *wks,
702 int dom_len = strlen(domain);
703 int wks_len = strlen(wks );
704 int usr_len = strlen(user );
705 int lm_len = lm_resp != NULL ? 24 : 0;
707 DEBUG(5,("make_rpc_auth_ntlmssp_resp\n"));
709 if (rsp == NULL) return;
711 #ifdef DEBUG_PASSWORD
712 DEBUG(100,("lm_resp\n"));
713 dump_data(100, lm_resp, lm_len);
714 DEBUG(100,("nt_resp\n"));
715 dump_data(100, nt_resp, nt_len);
718 DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n",
719 domain, user, wks, neg_flags));
723 if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
730 make_str_hdr(&rsp->hdr_domain , dom_len, dom_len, offset);
733 make_str_hdr(&rsp->hdr_usr , usr_len, usr_len, offset);
736 make_str_hdr(&rsp->hdr_wks , wks_len, wks_len, offset);
739 make_str_hdr(&rsp->hdr_lm_resp, lm_len , lm_len , offset);
742 make_str_hdr(&rsp->hdr_nt_resp, nt_len , nt_len , offset);
745 make_str_hdr(&rsp->hdr_sess_key, 0, 0, offset);
747 rsp->neg_flags = neg_flags;
749 memcpy(rsp->lm_resp, lm_resp, lm_len);
750 memcpy(rsp->nt_resp, nt_resp, nt_len);
752 if (IS_BITS_SET_ALL(neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
754 ascii_to_unibuf(rsp->domain, domain, sizeof(rsp->domain)-2);
755 ascii_to_unibuf(rsp->user , user , sizeof(rsp->user )-2);
756 ascii_to_unibuf(rsp->wks , wks , sizeof(rsp->wks )-2);
760 fstrcpy(rsp->domain, domain);
761 fstrcpy(rsp->user , user );
762 fstrcpy(rsp->wks , wks );
764 rsp->sess_key[0] = 0;
767 /*******************************************************************
768 reads or writes an RPC_AUTH_NTLMSSP_RESP structure.
770 *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
771 *** lkclXXXX the actual offset is at the start of the auth verifier ***
773 ********************************************************************/
774 void smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth)
776 if (rsp == NULL) return;
778 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp");
789 smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth);
790 smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth);
791 smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth);
792 smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth);
793 smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth);
794 smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth);
796 prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */
798 old_offset = ps->offset;
800 ps->offset = rsp->hdr_domain .buffer + 0x1c;
801 prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
802 old_offset += rsp->hdr_domain .str_str_len;
804 ps->offset = rsp->hdr_usr .buffer + 0x1c;
805 prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
806 old_offset += rsp->hdr_usr .str_str_len;
808 ps->offset = rsp->hdr_wks .buffer + 0x1c;
809 prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
810 old_offset += rsp->hdr_wks .str_str_len;
812 ps->offset = rsp->hdr_lm_resp .buffer + 0x1c;
813 prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
814 old_offset += rsp->hdr_lm_resp .str_str_len;
816 ps->offset = rsp->hdr_nt_resp .buffer + 0x1c;
817 prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
818 old_offset += rsp->hdr_nt_resp .str_str_len;
820 if (rsp->hdr_sess_key.str_str_len != 0)
822 ps->offset = rsp->hdr_sess_key.buffer + 0x1c;
823 old_offset += rsp->hdr_sess_key.str_str_len;
824 prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
827 ps->offset = old_offset;
832 smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp , ps, depth);
833 smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp , ps, depth);
834 smb_io_strhdr("hdr_domain ", &rsp->hdr_domain , ps, depth);
835 smb_io_strhdr("hdr_user ", &rsp->hdr_usr , ps, depth);
836 smb_io_strhdr("hdr_wks ", &rsp->hdr_wks , ps, depth);
837 smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth);
839 prs_uint32("neg_flags", ps, depth, &(rsp->neg_flags)); /* 0x0000 82b1 */
841 prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain , MIN(rsp->hdr_domain .str_str_len, sizeof(rsp->domain )));
842 prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user , MIN(rsp->hdr_usr .str_str_len, sizeof(rsp->user )));
843 prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks , MIN(rsp->hdr_wks .str_str_len, sizeof(rsp->wks )));
844 prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp , MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp )));
845 prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp , MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp )));
846 prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key, MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key)));
850 /*******************************************************************
851 checks an RPC_AUTH_NTLMSSP_CHK structure.
852 ********************************************************************/
853 BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num)
860 if (chk->crc32 != crc32 ||
861 chk->ver != NTLMSSP_SIGN_VERSION ||
862 chk->seq_num != seq_num)
864 DEBUG(5,("verify failed - crc %x ver %x seq %d\n",
865 crc32, NTLMSSP_SIGN_VERSION, seq_num));
866 DEBUG(5,("verify expect - crc %x ver %x seq %d\n",
867 chk->crc32, chk->ver, chk->seq_num));
873 /*******************************************************************
874 creates an RPC_AUTH_NTLMSSP_CHK structure.
875 ********************************************************************/
876 void make_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk,
877 uint32 ver, uint32 crc32, uint32 seq_num)
879 if (chk == NULL) return;
884 chk->seq_num = seq_num ;
887 /*******************************************************************
888 reads or writes an RPC_AUTH_NTLMSSP_CHK structure.
889 ********************************************************************/
890 void smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth)
892 if (chk == NULL) return;
894 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk");
897 prs_uint32("ver ", ps, depth, &(chk->ver ));
898 prs_uint32("reserved", ps, depth, &(chk->reserved));
899 prs_uint32("crc32 ", ps, depth, &(chk->crc32 ));
900 prs_uint32("seq_num ", ps, depth, &(chk->seq_num ));
git.samba.org / samba.git / blob