2 Unix SMB/CIFS implementation.
4 manipulate nbt name structures
6 Copyright (C) Andrew Tridgell 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 see rfc1002 for the detailed format of compressed names
28 #include "system/iconv.h"
29 #include "librpc/gen_ndr/ndr_nbt.h"
30 #include "librpc/gen_ndr/ndr_misc.h"
32 /* don't allow an unlimited number of name components */
33 #define MAX_COMPONENTS 10
38 _PUBLIC_ void ndr_print_nbt_string(struct ndr_print *ndr, const char *name, const char *s)
40 ndr_print_string(ndr, name, s);
44 pull one component of a nbt_string
46 static NTSTATUS ndr_pull_component(struct ndr_pull *ndr, uint8_t **component,
47 uint32_t *offset, uint32_t *max_offset)
52 if (*offset >= ndr->data_size) {
53 return NT_STATUS_BAD_NETWORK_NAME;
55 len = ndr->data[*offset];
58 *max_offset = MAX(*max_offset, *offset);
62 if ((len & 0xC0) == 0xC0) {
63 /* its a label pointer */
64 if (1 + *offset >= ndr->data_size) {
65 return NT_STATUS_BAD_NETWORK_NAME;
67 *max_offset = MAX(*max_offset, *offset + 2);
68 *offset = ((len&0x3F)<<8) | ndr->data[1 + *offset];
69 *max_offset = MAX(*max_offset, *offset);
73 if ((len & 0xC0) != 0) {
74 /* its a reserved length field */
75 return NT_STATUS_BAD_NETWORK_NAME;
77 if (*offset + len + 2 > ndr->data_size) {
78 return NT_STATUS_BAD_NETWORK_NAME;
80 *component = (uint8_t*)talloc_strndup(ndr, (const char *)&ndr->data[1 + *offset], len);
81 NT_STATUS_HAVE_NO_MEMORY(*component);
83 *max_offset = MAX(*max_offset, *offset);
87 /* too many pointers */
88 return NT_STATUS_BAD_NETWORK_NAME;
92 pull a nbt_string from the wire
94 _PUBLIC_ NTSTATUS ndr_pull_nbt_string(struct ndr_pull *ndr, int ndr_flags, const char **s)
97 uint32_t offset = ndr->offset;
98 uint32_t max_offset = offset;
99 unsigned num_components;
102 if (!(ndr_flags & NDR_SCALARS)) {
108 /* break up name into a list of components */
109 for (num_components=0;num_components<MAX_COMPONENTS;num_components++) {
111 status = ndr_pull_component(ndr, &component, &offset, &max_offset);
112 NT_STATUS_NOT_OK_RETURN(status);
113 if (component == NULL) break;
115 name = talloc_asprintf_append(name, ".%s", component);
116 NT_STATUS_HAVE_NO_MEMORY(name);
118 name = (char *)component;
121 if (num_components == MAX_COMPONENTS) {
122 return NT_STATUS_BAD_NETWORK_NAME;
124 if (num_components == 0) {
125 name = talloc_strdup(ndr, "");
126 NT_STATUS_HAVE_NO_MEMORY(name);
130 ndr->offset = max_offset;
136 push a nbt string to the wire
138 _PUBLIC_ NTSTATUS ndr_push_nbt_string(struct ndr_push *ndr, int ndr_flags, const char *s)
140 if (!(ndr_flags & NDR_SCALARS)) {
150 /* see if we have pushed the remaing string allready,
151 * if so we use a label pointer to this string
153 status = ndr_token_retrieve_cmp_fn(&ndr->nbt_string_list, s, &offset, (comparison_fn_t)strcmp, False);
154 if (NT_STATUS_IS_OK(status)) {
157 if (offset > 0x3FFF) {
158 return ndr_push_error(ndr, NDR_ERR_STRING,
159 "offset for nbt string label pointer %u[%08X] > 0x00003FFF",
163 b[0] = 0xC0 | (offset>>8);
164 b[1] = (offset & 0xFF);
166 return ndr_push_bytes(ndr, b, 2);
169 complen = strcspn(s, ".");
171 /* we need to make sure the length fits into 6 bytes */
172 if (complen >= 0x3F) {
173 return ndr_push_error(ndr, NDR_ERR_STRING,
174 "component length %u[%08X] > 0x00003F",
175 (unsigned)complen, (unsigned)complen);
178 compname = talloc_asprintf(ndr, "%c%*.*s",
179 (unsigned char)complen,
180 (unsigned char)complen,
181 (unsigned char)complen, s);
182 NT_STATUS_HAVE_NO_MEMORY(compname);
184 /* remember the current componemt + the rest of the string
185 * so it can be reused later
187 NDR_CHECK(ndr_token_store(ndr, &ndr->nbt_string_list, s, ndr->offset));
189 /* push just this component into the blob */
190 NDR_CHECK(ndr_push_bytes(ndr, (const uint8_t *)compname, complen+1));
191 talloc_free(compname);
197 /* if we reach the end of the string and have pushed the last component
198 * without using a label pointer, we need to terminate the string
200 return ndr_push_bytes(ndr, (const uint8_t *)"", 1);
205 decompress a 'compressed' name component
207 static NTSTATUS decompress_name(char *name, enum nbt_name_type *type)
210 for (i=0;name[2*i];i++) {
211 uint8_t c1 = name[2*i];
212 uint8_t c2 = name[1+(2*i)];
213 if (c1 < 'A' || c1 > 'P' ||
214 c2 < 'A' || c2 > 'P') {
215 return NT_STATUS_BAD_NETWORK_NAME;
217 name[i] = ((c1-'A')<<4) | (c2-'A');
221 *type = (enum nbt_name_type)(name[15]);
225 *type = NBT_NAME_CLIENT;
228 /* trim trailing spaces */
229 for (;i>0 && name[i-1]==' ';i--) {
238 compress a name component
240 static uint8_t *compress_name(TALLOC_CTX *mem_ctx,
241 const uint8_t *name, enum nbt_name_type type)
247 if (strlen((const char *)name) > 15) {
251 cname = talloc_array(mem_ctx, uint8_t, 33);
252 if (cname == NULL) return NULL;
254 for (i=0;name[i];i++) {
255 cname[2*i] = 'A' + (name[i]>>4);
256 cname[1+2*i] = 'A' + (name[i]&0xF);
258 if (strcmp((const char *)name, "*") == 0) {
264 cname[2*i] = 'A' + (pad_char>>4);
265 cname[1+2*i] = 'A' + (pad_char&0xF);
269 cname[2*i] = 'A' + (pad_char>>4);
270 cname[1+2*i] = 'A' + (pad_char&0xF);
278 pull a nbt name from the wire
280 _PUBLIC_ NTSTATUS ndr_pull_nbt_name(struct ndr_pull *ndr, int ndr_flags, struct nbt_name *r)
287 if (!(ndr_flags & NDR_SCALARS)) {
291 status = ndr_pull_nbt_string(ndr, ndr_flags, &s);
292 NT_STATUS_NOT_OK_RETURN(status);
294 scope = (uint8_t *)strchr(s, '.');
297 r->scope = talloc_strdup(ndr->current_mem_ctx, (const char *)&scope[1]);
298 NT_STATUS_HAVE_NO_MEMORY(r->scope);
303 cname = discard_const_p(char, s);
305 /* the first component is limited to 16 bytes in the DOS charset,
306 which is 32 in the 'compressed' form */
307 if (strlen(cname) > 32) {
308 return NT_STATUS_BAD_NETWORK_NAME;
311 /* decompress the first component */
312 status = decompress_name(cname, &r->type);
313 NT_STATUS_NOT_OK_RETURN(status);
315 r->name = talloc_strdup(ndr->current_mem_ctx, cname);
316 NT_STATUS_HAVE_NO_MEMORY(r->name);
324 push a nbt name to the wire
326 _PUBLIC_ NTSTATUS ndr_push_nbt_name(struct ndr_push *ndr, int ndr_flags, const struct nbt_name *r)
328 uint8_t *cname, *fullname;
331 if (!(ndr_flags & NDR_SCALARS)) {
335 cname = compress_name(ndr, (const uint8_t *)r->name, r->type);
336 NT_STATUS_HAVE_NO_MEMORY(cname);
339 fullname = (uint8_t *)talloc_asprintf(ndr, "%s.%s", cname, r->scope);
340 NT_STATUS_HAVE_NO_MEMORY(fullname);
346 status = ndr_push_nbt_string(ndr, ndr_flags, (const char *)fullname);
353 copy a nbt name structure
355 _PUBLIC_ NTSTATUS nbt_name_dup(TALLOC_CTX *mem_ctx, struct nbt_name *name, struct nbt_name *newname)
358 newname->name = talloc_strdup(mem_ctx, newname->name);
359 NT_STATUS_HAVE_NO_MEMORY(newname->name);
360 newname->scope = talloc_strdup(mem_ctx, newname->scope);
362 NT_STATUS_HAVE_NO_MEMORY(newname->scope);
368 push a nbt name into a blob
370 _PUBLIC_ NTSTATUS nbt_name_to_blob(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct nbt_name *name)
372 return ndr_push_struct_blob(blob, mem_ctx, name,
373 (ndr_push_flags_fn_t)ndr_push_nbt_name);
378 pull a nbt name from a blob
380 _PUBLIC_ NTSTATUS nbt_name_from_blob(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, struct nbt_name *name)
382 return ndr_pull_struct_blob(blob, mem_ctx, name,
383 (ndr_pull_flags_fn_t)ndr_pull_nbt_name);
388 choose a name to use when calling a server in a NBT session request.
389 we use heuristics to see if the name we have been given is a IP
390 address, or a too-long name. If it is then use *SMBSERVER, or a
393 _PUBLIC_ void nbt_choose_called_name(TALLOC_CTX *mem_ctx,
394 struct nbt_name *n, const char *name, int type)
399 if (is_ipaddress(name)) {
400 n->name = "*SMBSERVER";
403 if (strlen(name) > 15) {
404 const char *p = strchr(name, '.');
407 n->name = "*SMBSERVER";
410 s = talloc_strndup(mem_ctx, name, PTR_DIFF(p, name));
411 n->name = strupper_talloc(mem_ctx, s);
415 n->name = strupper_talloc(mem_ctx, name);
420 escape a string into a form containing only a small set of characters,
421 the rest is hex encoded. This is similar to URL encoding
423 static const char *nbt_hex_encode(TALLOC_CTX *mem_ctx, const char *s)
427 const char *valid_chars = "_-.$@ ";
428 #define NBT_CHAR_ALLOW(c) (isalnum((unsigned char)c) || strchr(valid_chars, c))
430 for (len=i=0;s[i];i++,len++) {
431 if (!NBT_CHAR_ALLOW(s[i])) {
436 ret = talloc_array(mem_ctx, char, len+1);
437 if (ret == NULL) return NULL;
439 for (len=i=0;s[i];i++) {
440 if (NBT_CHAR_ALLOW(s[i])) {
443 snprintf(&ret[len], 4, "%%%02x", (unsigned char)s[i]);
454 form a string for a NBT name
456 _PUBLIC_ char *nbt_name_string(TALLOC_CTX *mem_ctx, const struct nbt_name *name)
458 TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
461 ret = talloc_asprintf(mem_ctx, "%s<%02x>-%s",
462 nbt_hex_encode(tmp_ctx, name->name),
464 nbt_hex_encode(tmp_ctx, name->scope));
466 ret = talloc_asprintf(mem_ctx, "%s<%02x>",
467 nbt_hex_encode(tmp_ctx, name->name),
470 talloc_free(tmp_ctx);
475 pull a nbt name, WINS Replication uses another on wire format for nbt name
477 _PUBLIC_ NTSTATUS ndr_pull_wrepl_nbt_name(struct ndr_pull *ndr, int ndr_flags, struct nbt_name **_r)
481 uint32_t namebuf_len;
483 if (!(ndr_flags & NDR_SCALARS)) {
487 NDR_CHECK(ndr_pull_align(ndr, 4));
488 NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &namebuf_len));
489 if (namebuf_len < 1 || namebuf_len > 255) {
490 return ndr_pull_error(ndr, NDR_ERR_ALLOC, "value out of range");
492 NDR_PULL_ALLOC_N(ndr, namebuf, namebuf_len);
493 NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, namebuf, namebuf_len));
495 NDR_PULL_ALLOC(ndr, r);
497 /* oh wow, what a nasty bug in windows ... */
498 if (namebuf[0] == 0x1b && namebuf_len >= 16) {
499 namebuf[0] = namebuf[15];
503 if (namebuf_len < 17) {
506 r->name = talloc_strndup(r, (char *)namebuf, namebuf_len);
507 if (!r->name) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "out of memory");
511 talloc_free(namebuf);
516 r->type = namebuf[15];
519 trim_string((char *)namebuf, NULL, " ");
520 r->name = talloc_strdup(r, (char *)namebuf);
521 if (!r->name) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "out of memory");
523 if (namebuf_len > 18) {
524 r->scope = talloc_strndup(r, (char *)(namebuf+17), namebuf_len-17);
525 if (!r->scope) return ndr_pull_error(ndr, NDR_ERR_ALLOC, "out of memory");
530 talloc_free(namebuf);
536 push a nbt name, WINS Replication uses another on wire format for nbt name
538 _PUBLIC_ NTSTATUS ndr_push_wrepl_nbt_name(struct ndr_push *ndr, int ndr_flags, const struct nbt_name *r)
541 uint32_t namebuf_len;
543 uint32_t scope_len = 0;
545 if (r == NULL) return NT_STATUS_INVALID_PARAMETER_MIX;
547 if (!(ndr_flags & NDR_SCALARS)) {
551 name_len = strlen(r->name);
553 return NT_STATUS_INVALID_PARAMETER_MIX;
557 scope_len = strlen(r->scope);
559 if (scope_len > 238) {
560 return NT_STATUS_INVALID_PARAMETER_MIX;
563 namebuf = (uint8_t *)talloc_asprintf(ndr, "%-15s%c%s",
565 (r->scope?r->scope:""));
566 if (!namebuf) return ndr_push_error(ndr, NDR_ERR_ALLOC, "out of memory");
568 namebuf_len = strlen((char *)namebuf) + 1;
571 * we need to set the type here, and use a place-holder in the talloc_asprintf()
572 * as the type can be 0x00, and then the namebuf_len = strlen(namebuf); would give wrong results
574 namebuf[15] = r->type;
576 /* oh wow, what a nasty bug in windows ... */
577 if (r->type == 0x1b) {
578 namebuf[15] = namebuf[0];
582 NDR_CHECK(ndr_push_align(ndr, 4));
583 NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, namebuf_len));
584 NDR_CHECK(ndr_push_array_uint8(ndr, NDR_SCALARS, namebuf, namebuf_len));
586 talloc_free(namebuf);
590 _PUBLIC_ void ndr_print_wrepl_nbt_name(struct ndr_print *ndr, const char *name, const struct nbt_name *r)
592 char *s = nbt_name_string(ndr, r);
593 ndr_print_string(ndr, name, s);