*/
#include "includes.h"
-#include "lib/util/dlinklist.h"
+#include "../lib/util/dlinklist.h"
#include "lib/events/events.h"
#include "librpc/rpc/dcerpc.h"
#include "librpc/rpc/dcerpc_proto.h"
#include "auth/gensec/gensec.h"
#include "param/param.h"
-_PUBLIC_ NTSTATUS dcerpc_init(void)
+_PUBLIC_ NTSTATUS dcerpc_init(struct loadparm_context *lp_ctx)
{
- gensec_init(global_loadparm);
-
- return NT_STATUS_OK;
+ return gensec_init(lp_ctx);
}
static void dcerpc_connection_dead(struct dcerpc_connection *conn, NTSTATUS status);
the event context is optional
*/
static struct dcerpc_connection *dcerpc_connection_init(TALLOC_CTX *mem_ctx,
- struct event_context *ev,
+ struct tevent_context *ev,
struct smb_iconv_convenience *ic)
{
struct dcerpc_connection *c;
c->iconv_convenience = talloc_reference(c, ic);
- c->event_ctx = talloc_reference(c, ev);
+ c->event_ctx = ev;
if (c->event_ctx == NULL) {
talloc_free(c);
}
/* initialise a dcerpc pipe. */
-_PUBLIC_ struct dcerpc_pipe *dcerpc_pipe_init(TALLOC_CTX *mem_ctx, struct event_context *ev,
+_PUBLIC_ struct dcerpc_pipe *dcerpc_pipe_init(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
struct smb_iconv_convenience *ic)
{
struct dcerpc_pipe *p;
ZERO_STRUCT(p->syntax);
ZERO_STRUCT(p->transfer_syntax);
+ if (DEBUGLVL(100)) {
+ p->conn->flags |= DCERPC_DEBUG_PRINT_BOTH;
+ }
+
return p;
}
return NT_STATUS_OK;
}
-/*
- generate a CONNECT level verifier
-*/
-static NTSTATUS dcerpc_connect_verifier(TALLOC_CTX *mem_ctx, DATA_BLOB *blob)
-{
- *blob = data_blob_talloc(mem_ctx, NULL, 16);
- if (blob->data == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
- SIVAL(blob->data, 0, 1);
- memset(blob->data+4, 0, 12);
- return NT_STATUS_OK;
-}
-
-/*
- check a CONNECT level verifier
-*/
-static NTSTATUS dcerpc_check_connect_verifier(DATA_BLOB *blob)
-{
- if (blob->length != 16 ||
- IVAL(blob->data, 0) != 1) {
- return NT_STATUS_ACCESS_DENIED;
- }
- return NT_STATUS_OK;
-}
-
/*
parse the authentication information on a dcerpc response packet
*/
DATA_BLOB auth_blob;
enum ndr_err_code ndr_err;
- if (pkt->auth_length == 0 &&
- c->security_state.auth_info->auth_level == DCERPC_AUTH_LEVEL_CONNECT) {
+ if (!c->security_state.auth_info ||
+ !c->security_state.generic_state) {
+ return NT_STATUS_OK;
+ }
+
+ switch (c->security_state.auth_info->auth_level) {
+ case DCERPC_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
+ break;
+
+ case DCERPC_AUTH_LEVEL_CONNECT:
+ if (pkt->auth_length != 0) {
+ break;
+ }
return NT_STATUS_OK;
+ case DCERPC_AUTH_LEVEL_NONE:
+ if (pkt->auth_length != 0) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
+ return NT_STATUS_OK;
+
+ default:
+ return NT_STATUS_INVALID_LEVEL;
}
auth_blob.length = 8 + pkt->auth_length;
break;
case DCERPC_AUTH_LEVEL_CONNECT:
- status = dcerpc_check_connect_verifier(&auth.credentials);
- break;
-
- case DCERPC_AUTH_LEVEL_NONE:
+ /* for now we ignore possible signatures here */
+ status = NT_STATUS_OK;
break;
default:
DATA_BLOB creds2;
size_t payload_length;
enum ndr_err_code ndr_err;
+ size_t hdr_size = DCERPC_REQUEST_LENGTH;
/* non-signed packets are simpler */
- if (!c->security_state.auth_info ||
- !c->security_state.generic_state) {
- return ncacn_push_auth(blob, mem_ctx, c->iconv_convenience, pkt, c->security_state.auth_info);
+ if (sig_size == 0) {
+ return ncacn_push_auth(blob, mem_ctx, c->iconv_convenience, pkt, NULL);
+ }
+
+ switch (c->security_state.auth_info->auth_level) {
+ case DCERPC_AUTH_LEVEL_PRIVACY:
+ case DCERPC_AUTH_LEVEL_INTEGRITY:
+ break;
+
+ case DCERPC_AUTH_LEVEL_CONNECT:
+ /* TODO: let the gensec mech decide if it wants to generate a signature */
+ return ncacn_push_auth(blob, mem_ctx, c->iconv_convenience, pkt, NULL);
+
+ case DCERPC_AUTH_LEVEL_NONE:
+ return ncacn_push_auth(blob, mem_ctx, c->iconv_convenience, pkt, NULL);
+
+ default:
+ return NT_STATUS_INVALID_LEVEL;
}
ndr = ndr_push_init_ctx(mem_ctx, c->iconv_convenience);
if (pkt->pfc_flags & DCERPC_PFC_FLAG_OBJECT_UUID) {
ndr->flags |= LIBNDR_FLAG_OBJECT_PRESENT;
+ hdr_size += 16;
}
ndr_err = ndr_push_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, pkt);
packet. This matches what w2k3 does */
c->security_state.auth_info->auth_pad_length =
(16 - (pkt->u.request.stub_and_verifier.length & 15)) & 15;
- ndr_push_zero(ndr, c->security_state.auth_info->auth_pad_length);
+ ndr_err = ndr_push_zero(ndr, c->security_state.auth_info->auth_pad_length);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ return ndr_map_error2ntstatus(ndr_err);
+ }
+ status = NT_STATUS_OK;
payload_length = pkt->u.request.stub_and_verifier.length +
c->security_state.auth_info->auth_pad_length;
- /* sign or seal the packet */
- switch (c->security_state.auth_info->auth_level) {
- case DCERPC_AUTH_LEVEL_PRIVACY:
- case DCERPC_AUTH_LEVEL_INTEGRITY:
- /* We hope this length is accruate. If must be if the
- * GENSEC mech does AEAD signing of the packet
- * headers */
- c->security_state.auth_info->credentials
- = data_blob_talloc(mem_ctx, NULL, sig_size);
- data_blob_clear(&c->security_state.auth_info->credentials);
- break;
-
- case DCERPC_AUTH_LEVEL_CONNECT:
- status = dcerpc_connect_verifier(mem_ctx, &c->security_state.auth_info->credentials);
- break;
-
- case DCERPC_AUTH_LEVEL_NONE:
- c->security_state.auth_info->credentials = data_blob(NULL, 0);
- break;
-
- default:
- status = NT_STATUS_INVALID_LEVEL;
- break;
- }
-
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
+ /* we start without signature, it will appended later */
+ c->security_state.auth_info->credentials = data_blob(NULL,0);
/* add the auth verifier */
ndr_err = ndr_push_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, c->security_state.auth_info);
/* extract the whole packet as a blob */
*blob = ndr_push_blob(ndr);
- /* fill in the fragment length and auth_length, we can't fill
- in these earlier as we don't know the signature length (it
- could be variable length) */
- dcerpc_set_frag_length(blob, blob->length);
- /* We hope this value is accruate. If must be if the GENSEC
- * mech does AEAD signing of the packet headers */
- dcerpc_set_auth_length(blob, c->security_state.auth_info->credentials.length);
+ /*
+ * Setup the frag and auth length in the packet buffer.
+ * This is needed if the GENSEC mech does AEAD signing
+ * of the packet headers. The signature itself will be
+ * appended later.
+ */
+ dcerpc_set_frag_length(blob, blob->length + sig_size);
+ dcerpc_set_auth_length(blob, sig_size);
/* sign or seal the packet */
switch (c->security_state.auth_info->auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
status = gensec_seal_packet(c->security_state.generic_state,
mem_ctx,
- blob->data + DCERPC_REQUEST_LENGTH,
+ blob->data + hdr_size,
payload_length,
blob->data,
- blob->length -
- c->security_state.auth_info->credentials.length,
+ blob->length,
&creds2);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- blob->length -= c->security_state.auth_info->credentials.length;
- if (!data_blob_append(mem_ctx, blob,
- creds2.data, creds2.length)) {
- return NT_STATUS_NO_MEMORY;
- }
- dcerpc_set_auth_length(blob, creds2.length);
- if (c->security_state.auth_info->credentials.length == 0) {
- /* this is needed for krb5 only, to correct the total packet
- length */
- dcerpc_set_frag_length(blob,
- dcerpc_get_frag_length(blob)
- +creds2.length);
- }
break;
case DCERPC_AUTH_LEVEL_INTEGRITY:
status = gensec_sign_packet(c->security_state.generic_state,
mem_ctx,
- blob->data + DCERPC_REQUEST_LENGTH,
+ blob->data + hdr_size,
payload_length,
blob->data,
- blob->length -
- c->security_state.auth_info->credentials.length,
+ blob->length,
&creds2);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- blob->length -= c->security_state.auth_info->credentials.length;
- if (!data_blob_append(mem_ctx, blob,
- creds2.data, creds2.length)) {
- return NT_STATUS_NO_MEMORY;
- }
- dcerpc_set_auth_length(blob, creds2.length);
- if (c->security_state.auth_info->credentials.length == 0) {
- /* this is needed for krb5 only, to correct the total packet
- length */
- dcerpc_set_frag_length(blob,
- dcerpc_get_frag_length(blob)
- +creds2.length);
- }
- break;
-
- case DCERPC_AUTH_LEVEL_CONNECT:
- break;
-
- case DCERPC_AUTH_LEVEL_NONE:
- c->security_state.auth_info->credentials = data_blob(NULL, 0);
break;
default:
break;
}
- data_blob_free(&c->security_state.auth_info->credentials);
+ if (creds2.length != sig_size) {
+ DEBUG(0,("dcesrv_auth_response: creds2.length[%u] != sig_size[%u] pad[%u] stub[%u]\n",
+ creds2.length, (uint32_t)sig_size,
+ c->security_state.auth_info->auth_pad_length,
+ pkt->u.request.stub_and_verifier.length));
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
+ if (!data_blob_append(mem_ctx, blob, creds2.data, creds2.length)) {
+ return NT_STATUS_NO_MEMORY;
+ }
return NT_STATUS_OK;
}
/*
handle timeouts of individual dcerpc requests
*/
-static void dcerpc_timeout_handler(struct event_context *ev, struct timed_event *te,
- struct timeval t, void *private)
+static void dcerpc_timeout_handler(struct tevent_context *ev, struct tevent_timer *te,
+ struct timeval t, void *private_data)
{
- struct rpc_request *req = talloc_get_type(private, struct rpc_request);
+ struct rpc_request *req = talloc_get_type(private_data, struct rpc_request);
if (req->ignore_timeout) {
dcerpc_req_dequeue(req);
request header size */
chunk_size = p->conn->srv_max_recv_frag;
chunk_size -= DCERPC_REQUEST_LENGTH;
- if (c->security_state.generic_state) {
- chunk_size -= DCERPC_AUTH_TRAILER_LENGTH;
+ if (c->security_state.auth_info &&
+ c->security_state.generic_state) {
sig_size = gensec_sig_size(c->security_state.generic_state,
p->conn->srv_max_recv_frag);
- chunk_size -= sig_size;
- chunk_size -= (chunk_size % 16);
+ if (sig_size) {
+ chunk_size -= DCERPC_AUTH_TRAILER_LENGTH;
+ chunk_size -= sig_size;
+ }
}
+ chunk_size -= (chunk_size % 16);
pkt.ptype = DCERPC_PKT_REQUEST;
pkt.call_id = req->call_id;
if (req->object) {
pkt.u.request.object.object = *req->object;
pkt.pfc_flags |= DCERPC_PFC_FLAG_OBJECT_UUID;
- chunk_size -= ndr_size_GUID(req->object,0);
+ chunk_size -= ndr_size_GUID(req->object,NULL,0);
}
/* we send a series of pdus without waiting for a reply */
while (remaining > 0 || first_packet) {
uint32_t chunk = MIN(chunk_size, remaining);
bool last_frag = false;
+ bool do_trans = false;
first_packet = false;
pkt.pfc_flags &= ~(DCERPC_PFC_FLAG_FIRST |DCERPC_PFC_FLAG_LAST);
DLIST_REMOVE(p->conn->pending, req);
return;
}
-
- req->status = p->conn->transport.send_request(p->conn, &blob, last_frag);
+
+ if (last_frag && !req->async_call) {
+ do_trans = true;
+ }
+
+ req->status = p->conn->transport.send_request(p->conn, &blob, do_trans);
if (!NT_STATUS_IS_OK(req->status)) {
req->state = RPC_REQUEST_DONE;
DLIST_REMOVE(p->conn->pending, req);
return;
}
+ if (last_frag && !do_trans) {
+ req->status = p->conn->transport.send_read(p->conn);
+ if (!NT_STATUS_IS_OK(req->status)) {
+ req->state = RPC_REQUEST_DONE;
+ DLIST_REMOVE(p->conn->pending, req);
+ return;
+ }
+ }
+
remaining -= chunk;
}
}
return the event context for a dcerpc pipe
used by callers who wish to operate asynchronously
*/
-_PUBLIC_ struct event_context *dcerpc_event_context(struct dcerpc_pipe *p)
+_PUBLIC_ struct tevent_context *dcerpc_event_context(struct dcerpc_pipe *p)
{
return p->conn->event_ctx;
}
NTSTATUS status;
while (req->state != RPC_REQUEST_DONE) {
- struct event_context *ctx = dcerpc_event_context(req->p);
+ struct tevent_context *ctx = dcerpc_event_context(req->p);
if (event_loop_once(ctx) != 0) {
return NT_STATUS_CONNECTION_DISCONNECTED;
}
if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
req->p->last_fault_code = req->fault_code;
}
- talloc_free(req);
+ talloc_unlink(talloc_parent(req), req);
return status;
}
NTSTATUS dcerpc_request(struct dcerpc_pipe *p,
struct GUID *object,
uint16_t opnum,
- bool async,
TALLOC_CTX *mem_ctx,
DATA_BLOB *stub_data_in,
DATA_BLOB *stub_data_out)
{
struct rpc_request *req;
- req = dcerpc_request_send(p, object, opnum, async, stub_data_in);
+ req = dcerpc_request_send(p, object, opnum, false, stub_data_in);
if (req == NULL) {
return NT_STATUS_NO_MEMORY;
}
send a rpc request given a dcerpc_call structure
*/
struct rpc_request *dcerpc_ndr_request_send(struct dcerpc_pipe *p,
- const struct GUID *object,
- const struct ndr_interface_table *table,
- uint32_t opnum,
- TALLOC_CTX *mem_ctx,
- void *r)
+ const struct GUID *object,
+ const struct ndr_interface_table *table,
+ uint32_t opnum,
+ bool async,
+ TALLOC_CTX *mem_ctx,
+ void *r)
{
const struct ndr_interface_call *call;
struct ndr_push *push;
dump_data(10, request.data, request.length);
/* make the actual dcerpc request */
- req = dcerpc_request_send(p, object, opnum, table->calls[opnum].async,
- &request);
+ req = dcerpc_request_send(p, object, opnum, async, &request);
if (req != NULL) {
req->ndr.table = table;
ndr_err = call->ndr_pull(pull, NDR_OUT, r);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
status = ndr_map_error2ntstatus(ndr_err);
- dcerpc_log_packet(table, opnum, NDR_OUT,
- &response);
+ dcerpc_log_packet(p->conn->packet_log_dir,
+ table, opnum, NDR_OUT,
+ &response);
return status;
}
call->ndr_push, call->ndr_pull,
call->ndr_print);
if (!NT_STATUS_IS_OK(status)) {
- dcerpc_log_packet(table, opnum, NDR_OUT,
+ dcerpc_log_packet(p->conn->packet_log_dir,
+ table, opnum, NDR_OUT,
&response);
return status;
}
{
struct rpc_request *req;
- req = dcerpc_ndr_request_send(p, object, table, opnum, mem_ctx, r);
+ req = dcerpc_ndr_request_send(p, object, table, opnum, false, mem_ctx, r);
if (req == NULL) {
return NT_STATUS_NO_MEMORY;
}
git.samba.org / kai / samba-autobuild / .git / blobdiff