3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1998
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
8 * Copyright (C) Paul Ashton 1997-1998.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 /* this module apparently provides an implementation of DCE/RPC over a
26 * named pipe (IPC$ connection using SMBtrans). details of DCE/RPC
27 * documentation are available (in on-line form) from the X-Open group.
29 * this module should provide a level of abstraction between SMB
30 * and DCE/RPC, while minimising the amount of mallocs, unnecessary
31 * data copies, and network traffic.
33 * in this version, which takes a "let's learn what's going on and
34 * get something running" approach, there is additional network
35 * traffic generated, but the code should be easier to understand...
37 * ... if you read the docs. or stare at packets for weeks on end.
44 extern int DEBUGLEVEL;
46 static void NTLMSSPcalc_p( pipes_struct *p, unsigned char *data, int len)
48 unsigned char *hash = p->ntlmssp_hash;
49 unsigned char index_i = hash[256];
50 unsigned char index_j = hash[257];
53 for( ind = 0; ind < len; ind++)
59 index_j += hash[index_i];
62 hash[index_i] = hash[index_j];
65 t = hash[index_i] + hash[index_j];
66 data[ind] = data[ind] ^ hash[t];
73 /*******************************************************************
74 turns a DCE/RPC request into a DCE/RPC reply
76 this is where the data really should be split up into an array of
77 headers and data sections.
79 ********************************************************************/
80 BOOL create_rpc_reply(pipes_struct *p,
81 uint32 data_start, uint32 data_end)
84 BOOL auth_verify = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SIGN);
85 BOOL auth_seal = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SEAL);
89 DEBUG(5,("create_rpc_reply: data_start: %d data_end: %d max_tsize: %d\n",
90 data_start, data_end, p->hdr_ba.bba.max_tsize));
92 auth_len = p->hdr.auth_len;
96 DEBUG(10,("create_rpc_reply: auth\n"));
103 prs_init(&p->rhdr , 0x18, 4, 0, False);
104 prs_init(&p->rauth, 1024, 4, 0, False);
105 prs_init(&p->rverf, 0x10, 4, 0, False);
107 p->hdr.pkt_type = RPC_RESPONSE; /* mark header as an rpc response */
109 /* set up rpc header (fragmentation issues) */
112 p->hdr.flags = RPC_FLG_FIRST;
119 p->hdr_resp.alloc_hint = data_end - data_start; /* calculate remaining data to be sent */
121 if (p->hdr_resp.alloc_hint + 0x18 <= p->hdr_ba.bba.max_tsize)
123 p->hdr.flags |= RPC_FLG_LAST;
124 p->hdr.frag_len = p->hdr_resp.alloc_hint + 0x18;
128 p->hdr.frag_len = p->hdr_ba.bba.max_tsize;
133 p->hdr_resp.alloc_hint -= auth_len + 8;
138 data_len = p->hdr.frag_len - auth_len - (auth_verify ? 8 : 0) - 0x18;
142 data_len = p->hdr.frag_len - 0x18;
145 p->rhdr.data->offset.start = 0;
146 p->rhdr.data->offset.end = 0x18;
148 /* store the header in the data stream */
149 smb_io_rpc_hdr ("hdr" , &(p->hdr ), &(p->rhdr), 0);
150 smb_io_rpc_hdr_resp("resp", &(p->hdr_resp), &(p->rhdr), 0);
152 /* don't use rdata: use rdata_i instead, which moves... */
153 /* make a pointer to the rdata data, NOT A COPY */
155 p->rdata_i.data = NULL;
156 prs_init(&p->rdata_i, 0, p->rdata.align, p->rdata.data->margin, p->rdata.io);
157 data = mem_data(&(p->rdata.data), data_start);
158 mem_create(p->rdata_i.data, data, 0, data_len, 0, False);
159 p->rdata_i.offset = data_len;
165 DEBUG(5,("create_rpc_reply: sign: %s seal: %s data %d auth %d\n",
166 BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len, auth_len));
170 crc32 = crc32_calc_buffer(data_len, data);
171 NTLMSSPcalc_p(p, (uchar*)data, data_len);
174 if (auth_seal || auth_verify)
176 make_rpc_hdr_auth(&p->auth_info, 0x0a, 0x06, 0x08, (auth_verify ? 1 : 0));
177 smb_io_rpc_hdr_auth("hdr_auth", &p->auth_info, &p->rauth, 0);
183 p->ntlmssp_seq_num++;
184 make_rpc_auth_ntlmssp_chk(&p->ntlmssp_chk, NTLMSSP_SIGN_VERSION, crc32, p->ntlmssp_seq_num++);
185 smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), &p->rverf, 0);
186 auth_data = mem_data(&p->rverf.data, 4);
187 NTLMSSPcalc_p(p, (uchar*)auth_data, 12);
191 /* set up the data chain */
194 prs_link(NULL , &p->rhdr , &p->rdata_i);
195 prs_link(&p->rhdr , &p->rdata_i, &p->rauth );
196 prs_link(&p->rdata_i, &p->rauth , &p->rverf );
197 prs_link(&p->rauth , &p->rverf , NULL );
201 prs_link(NULL , &p->rhdr , &p->rdata_i);
202 prs_link(&p->rhdr, &p->rdata_i, NULL );
205 return p->rhdr.data != NULL && p->rhdr.offset == 0x18;
208 static BOOL api_pipe_ntlmssp_verify(pipes_struct *p)
219 BOOL anonymous = False;
221 struct smb_passwd *smb_pass = NULL;
223 user_struct *vuser = get_valid_user_struct(p->vuid);
225 memset(null_pwd, 0, sizeof(null_pwd));
227 DEBUG(5,("api_pipe_ntlmssp_verify: checking user details\n"));
231 DEBUG(0,("get user struct %d failed\n", p->vuid));
235 lm_owf_len = p->ntlmssp_resp.hdr_lm_resp.str_str_len;
236 nt_owf_len = p->ntlmssp_resp.hdr_nt_resp.str_str_len;
237 usr_len = p->ntlmssp_resp.hdr_usr .str_str_len;
238 dom_len = p->ntlmssp_resp.hdr_domain .str_str_len;
239 wks_len = p->ntlmssp_resp.hdr_wks .str_str_len;
241 if (lm_owf_len == 0 && nt_owf_len == 0 &&
242 usr_len == 0 && dom_len == 0 && wks_len == 0)
248 if (lm_owf_len == 0) return False;
249 if (nt_owf_len == 0) return False;
250 if (p->ntlmssp_resp.hdr_usr .str_str_len == 0) return False;
251 if (p->ntlmssp_resp.hdr_domain .str_str_len == 0) return False;
252 if (p->ntlmssp_resp.hdr_wks .str_str_len == 0) return False;
255 if (lm_owf_len > sizeof(lm_owf)) return False;
256 if (nt_owf_len > sizeof(nt_owf)) return False;
258 memcpy(lm_owf, p->ntlmssp_resp.lm_resp, sizeof(lm_owf));
259 memcpy(nt_owf, p->ntlmssp_resp.nt_resp, sizeof(nt_owf));
261 #ifdef DEBUG_PASSWORD
262 DEBUG(100,("lm, nt owfs, chal\n"));
263 dump_data(100, lm_owf, sizeof(lm_owf));
264 dump_data(100, nt_owf, sizeof(nt_owf));
265 dump_data(100, p->ntlmssp_chal.challenge, 8);
268 memset(p->user_name, 0, sizeof(p->user_name));
269 memset(p->domain , 0, sizeof(p->domain ));
270 memset(p->wks , 0, sizeof(p->wks ));
272 if (IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
274 unibuf_to_ascii(p->user_name, p->ntlmssp_resp.user,
275 MIN(p->ntlmssp_resp.hdr_usr .str_str_len/2,
276 sizeof(p->user_name)-1));
277 unibuf_to_ascii(p->domain , p->ntlmssp_resp.domain,
278 MIN(p->ntlmssp_resp.hdr_domain.str_str_len/2,
279 sizeof(p->domain )-1));
280 unibuf_to_ascii(p->wks , p->ntlmssp_resp.wks,
281 MIN(p->ntlmssp_resp.hdr_wks .str_str_len/2,
286 fstrcpy(p->user_name, p->ntlmssp_resp.user );
287 fstrcpy(p->domain , p->ntlmssp_resp.domain);
288 fstrcpy(p->wks , p->ntlmssp_resp.wks );
294 DEBUG(5,("anonymous user session\n"));
295 mdfour(vuser->dc.user_sess_key, null_pwd, 16);
297 p->ntlmssp_validated = True;
301 DEBUG(5,("user: %s domain: %s wks: %s\n", p->user_name, p->domain, p->wks));
303 smb_pass = getsmbpwnam(p->user_name);
304 p->ntlmssp_validated = pass_check_smb(smb_pass, p->domain,
305 (uchar*)p->ntlmssp_chal.challenge,
308 NULL, vuser->dc.user_sess_key);
311 if (smb_pass != NULL)
313 pwd = smb_pass->smb_passwd;
317 if (p->ntlmssp_validated && pwd != NULL)
320 NTLMSSPOWFencrypt(pwd, lm_owf, p24);
332 for (ind = 0; ind < 256; ind++)
334 p->ntlmssp_hash[ind] = (unsigned char)ind;
337 for( ind = 0; ind < 256; ind++)
341 j += (p->ntlmssp_hash[ind] + k2[ind%8]);
343 tc = p->ntlmssp_hash[ind];
344 p->ntlmssp_hash[ind] = p->ntlmssp_hash[j];
345 p->ntlmssp_hash[j] = tc;
348 p->ntlmssp_hash[256] = 0;
349 p->ntlmssp_hash[257] = 0;
351 p->ntlmssp_seq_num = 0;
355 p->ntlmssp_validated = False;
358 return p->ntlmssp_validated;
361 static BOOL api_pipe_ntlmssp(pipes_struct *p, prs_struct *pd)
363 /* receive a negotiate; send a challenge; receive a response */
364 switch (p->auth_verifier.msg_type)
366 case NTLMSSP_NEGOTIATE:
368 smb_io_rpc_auth_ntlmssp_neg("", &p->ntlmssp_neg, pd, 0);
373 smb_io_rpc_auth_ntlmssp_resp("", &p->ntlmssp_resp, pd, 0);
374 if (!api_pipe_ntlmssp_verify(p))
382 /* NTLMSSP expected: unexpected message type */
383 DEBUG(3,("unexpected message type in NTLMSSP %d\n",
384 p->auth_verifier.msg_type));
389 return (pd->offset != 0);
394 char * pipe_clnt_name;
395 char * pipe_srv_name;
396 BOOL (*fn) (pipes_struct *, prs_struct *);
399 static struct api_cmd **api_fd_commands = NULL;
402 static void api_cmd_free(struct api_cmd *item)
406 if (item->pipe_clnt_name != NULL)
408 free(item->pipe_clnt_name);
410 if (item->pipe_srv_name != NULL)
412 free(item->pipe_srv_name);
418 static struct api_cmd *api_cmd_dup(const struct api_cmd *from)
420 struct api_cmd *copy = NULL;
425 copy = (struct api_cmd *) malloc(sizeof(struct api_cmd));
429 if (from->pipe_clnt_name != NULL)
431 copy->pipe_clnt_name = strdup(from->pipe_clnt_name );
433 if (from->pipe_srv_name != NULL)
435 copy->pipe_srv_name = strdup(from->pipe_srv_name);
437 if (from->fn != NULL)
445 static void free_api_cmd_array(uint32 num_entries, struct api_cmd **entries)
447 void(*fn)(void*) = (void(*)(void*))&api_cmd_free;
448 free_void_array(num_entries, (void**)entries, *fn);
451 static struct api_cmd* add_api_cmd_to_array(uint32 *len,
452 struct api_cmd ***array,
453 const struct api_cmd *name)
455 void*(*fn)(const void*) = (void*(*)(const void*))&api_cmd_dup;
456 return (struct api_cmd*)add_copy_to_array(len,
457 (void***)array, (const void*)name, *fn, False);
463 { "lsarpc", "lsass", api_ntlsa_rpc },
464 { "samr", "lsass", api_samr_rpc },
465 { "srvsvc", "ntsvcs", api_srvsvc_rpc },
466 { "wkssvc", "ntsvcs", api_wkssvc_rpc },
467 { "browser", "ntsvcs", api_brs_rpc },
468 { "svcctl", "ntsvcs", api_svcctl_rpc },
469 { "NETLOGON", "lsass", api_netlog_rpc },
470 { "winreg", "winreg", api_reg_rpc },
471 { "spoolss", "spoolss", api_spoolss_rpc },
476 void close_msrpc_command_processor(void)
478 free_api_cmd_array(num_cmds, api_fd_commands);
481 void add_msrpc_command_processor(char* pipe_name,
483 BOOL (*fn) (pipes_struct *, prs_struct *))
486 cmd.pipe_clnt_name = pipe_name;
487 cmd.pipe_srv_name = process_name;
490 add_api_cmd_to_array(&num_cmds, &api_fd_commands, &cmd);
493 static BOOL api_pipe_bind_auth_resp(pipes_struct *p, prs_struct *pd)
495 DEBUG(5,("api_pipe_bind_auth_resp: decode request. %d\n", __LINE__));
497 if (p->hdr.auth_len == 0) return False;
499 /* decode the authentication verifier response */
500 smb_io_rpc_hdr_autha("", &p->autha_info, pd, 0);
501 if (pd->offset == 0) return False;
503 if (!rpc_hdr_auth_chk(&(p->auth_info))) return False;
505 smb_io_rpc_auth_ntlmssp_verifier("", &p->auth_verifier, pd, 0);
506 if (pd->offset == 0) return False;
508 if (!rpc_auth_ntlmssp_verifier_chk(&(p->auth_verifier), "NTLMSSP", NTLMSSP_AUTH)) return False;
510 return api_pipe_ntlmssp(p, pd);
513 static BOOL api_pipe_fault_resp(pipes_struct *p, prs_struct *pd, uint32 status)
515 DEBUG(5,("api_pipe_fault_resp: make response\n"));
517 prs_init(&(p->rhdr ), 0x18, 4, 0, False);
518 prs_init(&(p->rfault ), 0x8 , 4, 0, False);
521 /*** set up the header, response header and fault status ***/
524 p->hdr_fault.status = status;
525 p->hdr_fault.reserved = 0x0;
527 p->hdr_resp.alloc_hint = 0x0;
528 p->hdr_resp.cancel_count = 0x0;
529 p->hdr_resp.reserved = 0x0;
531 make_rpc_hdr(&p->hdr, RPC_FAULT, RPC_FLG_NOCALL | RPC_FLG_FIRST | RPC_FLG_LAST,
536 smb_io_rpc_hdr ("hdr" , &(p->hdr ), &(p->rhdr), 0);
537 smb_io_rpc_hdr_resp ("resp" , &(p->hdr_resp ), &(p->rhdr), 0);
538 smb_io_rpc_hdr_fault("fault", &(p->hdr_fault), &(p->rfault), 0);
539 mem_realloc_data(p->rhdr.data, p->rhdr.offset);
540 mem_realloc_data(p->rfault.data, p->rfault.offset);
543 /*** link rpc header and fault together ***/
546 prs_link(NULL , &p->rhdr , &p->rfault);
547 prs_link(&p->rhdr, &p->rfault, NULL );
552 static BOOL api_pipe_bind_and_alt_req(pipes_struct *p, prs_struct *pd, enum RPC_PKT_TYPE pkt_type)
555 fstring ack_pipe_name;
558 p->ntlmssp_auth = False;
560 DEBUG(5,("api_pipe_bind_req: decode request. %d\n", __LINE__));
562 for (i = 0; i < num_cmds; i++)
564 if (strequal(api_fd_commands[i]->pipe_clnt_name, p->name) &&
565 api_fd_commands[i]->fn != NULL)
567 DEBUG(3,("api_pipe_bind_req: \\PIPE\\%s -> \\PIPE\\%s\n",
568 api_fd_commands[i]->pipe_clnt_name,
569 api_fd_commands[i]->pipe_srv_name));
570 fstrcpy(p->pipe_srv_name, api_fd_commands[i]->pipe_srv_name);
575 if (api_fd_commands[i]->fn == NULL) return False;
577 /* decode the bind request */
578 smb_io_rpc_hdr_rb("", &p->hdr_rb, pd, 0);
580 if (pd->offset == 0) return False;
582 if (p->hdr.auth_len != 0)
584 /* decode the authentication verifier */
585 smb_io_rpc_hdr_auth ("", &p->auth_info , pd, 0);
586 if (pd->offset == 0) return False;
588 p->ntlmssp_auth = p->auth_info.auth_type = 0x0a;
592 smb_io_rpc_auth_ntlmssp_verifier("", &p->auth_verifier, pd, 0);
593 if (pd->offset == 0) return False;
595 p->ntlmssp_auth = strequal(p->auth_verifier.signature, "NTLMSSP");
600 if (!api_pipe_ntlmssp(p, pd)) return False;
608 /* name has to be \PIPE\xxxxx */
609 fstrcpy(ack_pipe_name, "\\PIPE\\");
610 fstrcat(ack_pipe_name, p->pipe_srv_name);
613 case RPC_ALTCONTRESP:
615 /* secondary address CAN be NULL
616 * as the specs says it's ignored.
617 * It MUST NULL to have the spoolss working.
619 fstrcpy(ack_pipe_name, "");
628 DEBUG(5,("api_pipe_bind_req: make response. %d\n", __LINE__));
630 prs_init(&(p->rdata), 1024, 4, 0, False);
631 prs_init(&(p->rhdr ), 0x18, 4, 0, False);
632 prs_init(&(p->rauth), 1024, 4, 0, False);
633 prs_init(&(p->rverf), 0x08, 4, 0, False);
634 prs_init(&(p->rntlm), 1024, 4, 0, False);
637 /*** do the bind ack first ***/
646 assoc_gid = p->hdr_rb.bba.assoc_gid;
649 make_rpc_hdr_ba(&p->hdr_ba,
650 p->hdr_rb.bba.max_tsize,
651 p->hdr_rb.bba.max_rsize,
655 &(p->hdr_rb.transfer));
657 smb_io_rpc_hdr_ba("", &p->hdr_ba, &p->rdata, 0);
658 mem_realloc_data(p->rdata.data, p->rdata.offset);
661 /*** now the authentication ***/
667 generate_random_buffer(challenge, 8, False);
669 /*** authentication info ***/
671 make_rpc_hdr_auth(&p->auth_info, 0x0a, 0x06, 0, 1);
672 smb_io_rpc_hdr_auth("", &p->auth_info, &p->rverf, 0);
673 mem_realloc_data(p->rverf.data, p->rverf.offset);
675 /*** NTLMSSP verifier ***/
677 make_rpc_auth_ntlmssp_verifier(&p->auth_verifier,
678 "NTLMSSP", NTLMSSP_CHALLENGE);
679 smb_io_rpc_auth_ntlmssp_verifier("", &p->auth_verifier, &p->rauth, 0);
680 mem_realloc_data(p->rauth.data, p->rauth.offset);
682 /* NTLMSSP challenge ***/
684 make_rpc_auth_ntlmssp_chal(&p->ntlmssp_chal,
685 0x000082b1, challenge);
686 smb_io_rpc_auth_ntlmssp_chal("", &p->ntlmssp_chal, &p->rntlm, 0);
687 mem_realloc_data(p->rntlm.data, p->rntlm.offset);
691 /*** then do the header, now we know the length ***/
694 make_rpc_hdr(&p->hdr, pkt_type, RPC_FLG_FIRST | RPC_FLG_LAST,
696 p->rdata.offset + p->rverf.offset + p->rauth.offset + p->rntlm.offset + 0x10,
697 p->rauth.offset + p->rntlm.offset);
699 smb_io_rpc_hdr("", &p->hdr, &p->rhdr, 0);
700 mem_realloc_data(p->rhdr.data, p->rdata.offset);
703 /*** link rpc header, bind acknowledgment and authentication responses ***/
708 prs_link(NULL , &p->rhdr , &p->rdata);
709 prs_link(&p->rhdr , &p->rdata, &p->rverf);
710 prs_link(&p->rdata, &p->rverf, &p->rauth);
711 prs_link(&p->rverf, &p->rauth, &p->rntlm);
712 prs_link(&p->rauth, &p->rntlm, NULL );
716 prs_link(NULL , &p->rhdr , &p->rdata);
717 prs_link(&p->rhdr, &p->rdata, NULL );
724 * The RPC Alter-Context call is used only by the spoolss pipe
725 * simply because there is a bug (?) in the MS unmarshalling code
726 * or in the marshalling code. If it's in the later, then Samba
729 static BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *pd)
731 return api_pipe_bind_and_alt_req(p, pd, RPC_BINDACK);
734 static BOOL api_pipe_alt_req(pipes_struct *p, prs_struct *pd)
736 return api_pipe_bind_and_alt_req(p, pd, RPC_ALTCONTRESP);
739 static BOOL api_pipe_auth_process(pipes_struct *p, prs_struct *pd)
741 BOOL auth_verify = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SIGN);
742 BOOL auth_seal = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SEAL);
748 auth_len = p->hdr.auth_len;
750 if (auth_len != 16 && auth_verify)
755 data_len = p->hdr.frag_len - auth_len - (auth_verify ? 8 : 0) - 0x18;
757 DEBUG(5,("api_pipe_auth_process: sign: %s seal: %s data %d auth %d\n",
758 BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len, auth_len));
762 char *data = mem_data(&pd->data, pd->offset);
763 DEBUG(5,("api_pipe_auth_process: data %d\n", pd->offset));
764 NTLMSSPcalc_p(p, (uchar*)data, data_len);
765 crc32 = crc32_calc_buffer(data_len, data);
768 /*** skip the data, record the offset so we can restore it again */
769 old_offset = pd->offset;
771 if (auth_seal || auth_verify)
773 pd->offset += data_len;
774 smb_io_rpc_hdr_auth("hdr_auth", &p->auth_info, pd, 0);
779 char *req_data = mem_data(&pd->data, pd->offset + 4);
780 DEBUG(5,("api_pipe_auth_process: auth %d\n", pd->offset + 4));
781 NTLMSSPcalc_p(p, (uchar*)req_data, 12);
782 smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), pd, 0);
784 if (!rpc_auth_ntlmssp_chk(&(p->ntlmssp_chk), crc32,
791 pd->offset = old_offset;
796 static BOOL api_pipe_request(pipes_struct *p, prs_struct *pd)
800 if (p->ntlmssp_auth && p->ntlmssp_validated)
802 if (!api_pipe_auth_process(p, pd)) return False;
804 DEBUG(0,("api_pipe_request: **** MUST CALL become_user() HERE **** \n"));
810 for (i = 0; i < num_cmds; i++)
812 if (strequal(api_fd_commands[i]->pipe_clnt_name, p->name) &&
813 api_fd_commands[i]->fn != NULL)
815 DEBUG(3,("Doing \\PIPE\\%s\n", api_fd_commands[i]->pipe_clnt_name));
816 return api_fd_commands[i]->fn(p, pd);
822 BOOL rpc_command(pipes_struct *p, prs_struct *pd)
825 DEBUG(10,("rpc_command\n"));
829 DEBUG(10,("msrpc redirect\n"));
830 if (!msrpc_send_prs(p->m, pd))
832 DEBUG(2,("msrpc redirect send failed\n"));
835 if (!msrpc_receive_prs(p->m, &p->rhdr))
837 DEBUG(2,("msrpc redirect receive failed\n"));
840 prs_link(NULL, &p->rhdr, NULL);
841 prs_debug_out(&p->rhdr, 10);
845 if (pd->data == NULL) return False;
847 /* process the rpc header */
848 smb_io_rpc_hdr("", &p->hdr, pd, 0);
850 if (pd->offset == 0) return False;
852 switch (p->hdr.pkt_type)
856 reply = api_pipe_bind_req(p, pd);
861 reply = api_pipe_alt_req(p, pd);
866 if (p->ntlmssp_auth && !p->ntlmssp_validated)
868 /* authentication _was_ requested
869 and it failed. sorry, no deal!
875 /* read the rpc header */
876 smb_io_rpc_hdr_req("req", &(p->hdr_req), pd, 0);
877 reply = api_pipe_request(p, pd);
881 case RPC_BINDRESP: /* not the real name! */
883 reply = api_pipe_bind_auth_resp(p, pd);
884 p->ntlmssp_auth = reply;
891 reply = api_pipe_fault_resp(p, pd, 0x1c010002);
898 /*******************************************************************
899 receives a netlogon pipe and responds.
900 ********************************************************************/
901 static BOOL api_rpc_command(pipes_struct *p,
902 char *rpc_name, struct api_struct *api_rpc_cmds,
906 DEBUG(4,("api_rpc_command: %s op 0x%x - ", rpc_name, p->hdr_req.opnum));
908 for (fn_num = 0; api_rpc_cmds[fn_num].name; fn_num++)
910 if (api_rpc_cmds[fn_num].opnum == p->hdr_req.opnum && api_rpc_cmds[fn_num].fn != NULL)
912 DEBUG(3,("api_rpc_command: %s\n", api_rpc_cmds[fn_num].name));
917 if (api_rpc_cmds[fn_num].name == NULL)
919 DEBUG(4, ("unknown\n"));
923 /* start off with 1024 bytes, and a large safety margin too */
924 prs_init(&p->rdata, 1024, 4, SAFETY_MARGIN, False);
926 /* do the actual command */
927 api_rpc_cmds[fn_num].fn(p, data, &(p->rdata));
929 if (p->rdata.data == NULL || p->rdata.offset == 0)
931 mem_free_data(p->rdata.data);
935 mem_realloc_data(p->rdata.data, p->rdata.offset);
937 DEBUG(10,("called %s\n", rpc_name));
943 /*******************************************************************
944 receives a netlogon pipe and responds.
945 ********************************************************************/
946 BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, struct api_struct *api_rpc_cmds,
949 if (data == NULL || data->data == NULL)
951 DEBUG(2,("%s: NULL data received\n", rpc_name));
955 /* interpret the command */
956 if (!api_rpc_command(p, rpc_name, api_rpc_cmds, data))
961 /* create the rpc header */
962 if (!create_rpc_reply(p, 0, p->rdata.offset + (p->ntlmssp_auth ? (16 + 8) : 0)))