#include "system/filesys.h"
#include "srv_pipe_internal.h"
#include "../librpc/gen_ndr/ndr_schannel.h"
+#include "../librpc/gen_ndr/dcerpc.h"
+#include "../librpc/rpc/rpc_common.h"
#include "../libcli/auth/schannel.h"
#include "../libcli/auth/spnego.h"
#include "dcesrv_auth_generic.h"
-#include "dcesrv_gssapi.h"
-#include "dcesrv_spnego.h"
#include "rpc_server.h"
#include "rpc_dce.h"
#include "smbd/smbd.h"
* the pipe gets closed. JRA.
*/
if (p->fault_state) {
- setup_fault_pdu(p, NT_STATUS(DCERPC_FAULT_OP_RNG_ERROR));
+ setup_fault_pdu(p, NT_STATUS(p->fault_state));
return true;
}
/* we have to check all now since win2k introduced a new UUID on the lsaprpc pipe */
if (rpc_srv_pipe_exists_by_id(abstract) &&
- ndr_syntax_id_equal(transfer, &ndr_transfer_syntax)) {
+ ndr_syntax_id_equal(transfer, &ndr_transfer_syntax_ndr)) {
DEBUG(3, ("check_bind_req: %s -> %s rpc service\n",
rpc_srv_get_pipe_cli_name(abstract),
rpc_srv_get_pipe_srv_name(abstract)));
/**
* Is a named pipe known?
- * @param[in] cli_filename The pipe name requested by the client
+ * @param[in] pipename Just the filename
* @result Do we want to serve this?
*/
-bool is_known_pipename(const char *cli_filename, struct ndr_syntax_id *syntax)
+bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax)
{
- const char *pipename = cli_filename;
NTSTATUS status;
- if (strnequal(pipename, "\\PIPE\\", 6)) {
- pipename += 5;
- }
-
- if (*pipename == '\\') {
- pipename += 1;
- }
-
if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
DEBUG(10, ("refusing spoolss access\n"));
return false;
status = smb_probe_module("rpc", pipename);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10, ("is_known_pipename: %s unknown\n", cli_filename));
+ DEBUG(10, ("is_known_pipename: %s unknown\n", pipename));
return false;
}
DEBUG(10, ("is_known_pipename: %s loaded dynamically\n", pipename));
return false;
}
-/*******************************************************************
- Handle the first part of a SPNEGO bind auth.
-*******************************************************************/
-
-static bool pipe_spnego_auth_bind(struct pipes_struct *p,
- TALLOC_CTX *mem_ctx,
- struct dcerpc_auth *auth_info,
- DATA_BLOB *response)
-{
- struct spnego_context *spnego_ctx;
- NTSTATUS status;
-
- status = spnego_server_auth_start(p,
- (auth_info->auth_level ==
- DCERPC_AUTH_LEVEL_INTEGRITY),
- (auth_info->auth_level ==
- DCERPC_AUTH_LEVEL_PRIVACY),
- true,
- &auth_info->credentials,
- response,
- p->remote_address,
- &spnego_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("Failed SPNEGO negotiate (%s)\n",
- nt_errstr(status)));
- return false;
- }
-
- /* Make sure data is bound to the memctx, to be freed the caller */
- talloc_steal(mem_ctx, response->data);
-
- p->auth.auth_ctx = spnego_ctx;
- p->auth.auth_type = DCERPC_AUTH_TYPE_SPNEGO;
-
- DEBUG(10, ("SPNEGO auth started\n"));
-
- return true;
-}
-
/*******************************************************************
Handle an schannel bind auth.
*******************************************************************/
return false;
}
- lp_ctx = loadparm_init_s3(p, loadparm_s3_context());
+ lp_ctx = loadparm_init_s3(p, loadparm_s3_helpers());
if (!lp_ctx) {
DEBUG(0,("pipe_schannel_auth_bind: loadparm_init_s3() failed!\n"));
return false;
return False;
}
- schannel_auth = talloc(p, struct schannel_state);
+ schannel_auth = talloc_zero(p, struct schannel_state);
if (!schannel_auth) {
TALLOC_FREE(creds);
return False;
}
schannel_auth->state = SCHANNEL_STATE_START;
- schannel_auth->seq_num = 0;
schannel_auth->initiator = false;
schannel_auth->creds = creds;
static NTSTATUS pipe_auth_verify_final(struct pipes_struct *p)
{
struct gensec_security *gensec_security;
- struct spnego_context *spnego_ctx;
- NTSTATUS status;
switch (p->auth.auth_type) {
case DCERPC_AUTH_TYPE_NTLMSSP:
case DCERPC_AUTH_TYPE_KRB5:
+ case DCERPC_AUTH_TYPE_SPNEGO:
gensec_security = talloc_get_type_abort(p->auth.auth_ctx,
struct gensec_security);
if (!pipe_auth_generic_verify_final(p, gensec_security,
return NT_STATUS_ACCESS_DENIED;
}
break;
- case DCERPC_AUTH_TYPE_SPNEGO:
- spnego_ctx = talloc_get_type_abort(p->auth.auth_ctx,
- struct spnego_context);
- status = spnego_get_negotiated_mech(spnego_ctx, &gensec_security);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("Bad SPNEGO state (%s)\n",
- nt_errstr(status)));
- return status;
- }
- if (!pipe_auth_generic_verify_final(p, gensec_security,
- p->auth.auth_level,
- &p->session_info)) {
- return NT_STATUS_ACCESS_DENIED;
- }
- break;
default:
DEBUG(0, (__location__ ": incorrect auth type (%u).\n",
(unsigned int)p->auth.auth_type));
/* Rejection reason: abstract syntax not supported */
bind_ack_ctx.result = DCERPC_BIND_PROVIDER_REJECT;
bind_ack_ctx.reason = DCERPC_BIND_REASON_ASYNTAX;
- bind_ack_ctx.syntax = null_ndr_syntax_id;
+ bind_ack_ctx.syntax = ndr_syntax_id_null;
}
/*
break;
case DCERPC_AUTH_TYPE_SPNEGO:
- if (!pipe_spnego_auth_bind(p, pkt,
- &auth_info, &auth_resp)) {
- goto err_exit;
- }
- break;
-
case DCERPC_AUTH_TYPE_KRB5:
if (!pipe_auth_generic_bind(p, pkt,
&auth_info, &auth_resp)) {
struct dcerpc_auth auth_info;
DATA_BLOB response = data_blob_null;
struct gensec_security *gensec_security;
- struct spnego_context *spnego_ctx;
NTSTATUS status;
DEBUG(5, ("api_pipe_bind_auth3: decode request. %d\n", __LINE__));
if (pkt->auth_length == 0) {
- DEBUG(0, ("No auth field sent for bind request!\n"));
+ DEBUG(1, ("No auth field sent for bind request!\n"));
goto err;
}
if (pkt->frag_length < RPC_HEADER_LEN
+ DCERPC_AUTH_TRAILER_LENGTH
+ pkt->auth_length) {
- DEBUG(0,("api_pipe_ntlmssp_auth_process: auth_len "
+ DEBUG(1,("api_pipe_ntlmssp_auth_process: auth_len "
"%u is too large.\n",
(unsigned int)pkt->auth_length));
goto err;
&pkt->u.auth3.auth_info,
&auth_info, p->endian);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("Failed to unmarshall dcerpc_auth.\n"));
+ DEBUG(1, ("Failed to unmarshall dcerpc_auth.\n"));
goto err;
}
*/
if (auth_info.auth_type != p->auth.auth_type) {
- DEBUG(0, ("Auth type mismatch! Client sent %d, "
+ DEBUG(1, ("Auth type mismatch! Client sent %d, "
"but auth was started as type %d!\n",
auth_info.auth_type, p->auth.auth_type));
goto err;
switch (auth_info.auth_type) {
case DCERPC_AUTH_TYPE_NTLMSSP:
case DCERPC_AUTH_TYPE_KRB5:
+ case DCERPC_AUTH_TYPE_SPNEGO:
gensec_security = talloc_get_type_abort(p->auth.auth_ctx,
struct gensec_security);
status = auth_generic_server_step(gensec_security,
pkt, &auth_info.credentials,
&response);
break;
- case DCERPC_AUTH_TYPE_SPNEGO:
- spnego_ctx = talloc_get_type_abort(p->auth.auth_ctx,
- struct spnego_context);
- status = spnego_server_step(spnego_ctx,
- pkt, &auth_info.credentials,
- &response);
- break;
default:
- DEBUG(0, (__location__ ": incorrect auth type (%u).\n",
+ DEBUG(1, (__location__ ": incorrect auth type (%u).\n",
(unsigned int)auth_info.auth_type));
return false;
}
if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED) ||
response.length) {
- DEBUG(0, (__location__ ": This was supposed to be the final "
+ DEBUG(1, (__location__ ": This was supposed to be the final "
"leg, but crypto machinery claims a response is "
"needed, aborting auth!\n"));
data_blob_free(&response);
goto err;
}
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("Auth failed (%s)\n", nt_errstr(status)));
+ DEBUG(2, ("Auth failed (%s)\n", nt_errstr(status)));
goto err;
}
/* Now verify auth was indeed successful and extract server info */
status = pipe_auth_verify_final(p);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("Auth Verify failed (%s)\n", nt_errstr(status)));
+ DEBUG(2, ("Auth Verify failed (%s)\n", nt_errstr(status)));
goto err;
}
DATA_BLOB auth_blob = data_blob_null;
int pad_len = 0;
struct gensec_security *gensec_security;
- struct spnego_context *spnego_ctx;
DEBUG(5,("api_pipe_alter_context: make response. %d\n", __LINE__));
/* Rejection reason: abstract syntax not supported */
bind_ack_ctx.result = DCERPC_BIND_PROVIDER_REJECT;
bind_ack_ctx.reason = DCERPC_BIND_REASON_ASYNTAX;
- bind_ack_ctx.syntax = null_ndr_syntax_id;
+ bind_ack_ctx.syntax = ndr_syntax_id_null;
}
/*
switch (auth_info.auth_type) {
case DCERPC_AUTH_TYPE_SPNEGO:
- spnego_ctx = talloc_get_type_abort(p->auth.auth_ctx,
- struct spnego_context);
- status = spnego_server_step(spnego_ctx,
- pkt,
- &auth_info.credentials,
- &auth_resp);
- break;
-
case DCERPC_AUTH_TYPE_KRB5:
case DCERPC_AUTH_TYPE_NTLMSSP:
gensec_security = talloc_get_type_abort(p->auth.auth_ctx,
return False;
}
- if (p->bad_handle_fault_state) {
- DEBUG(4,("api_rpcTNP: bad handle fault return.\n"));
- p->bad_handle_fault_state = False;
- setup_fault_pdu(p, NT_STATUS(DCERPC_FAULT_CONTEXT_MISMATCH));
- return True;
- }
-
- if (p->rng_fault_state) {
- DEBUG(4, ("api_rpcTNP: rng fault return\n"));
- p->rng_fault_state = False;
- setup_fault_pdu(p, NT_STATUS(DCERPC_FAULT_OP_RNG_ERROR));
- return True;
+ if (p->fault_state) {
+ DEBUG(4,("api_rpcTNP: fault(%d) return.\n", p->fault_state));
+ setup_fault_pdu(p, NT_STATUS(p->fault_state));
+ p->fault_state = 0;
+ return true;
}
if (DEBUGLEVEL >= 50) {
data_blob_free(&p->in_data.data);
p->in_data.pdu_needed_len = 0;
p->in_data.pdu.length = 0;
- p->fault_state = True;
+ p->fault_state = DCERPC_FAULT_CANT_PERFORM;
DEBUG(10, ("Setting fault state\n"));
}