2 Unix SMB/CIFS implementation.
5 Copyright (C) Andrew Tridgell 2003-2005
6 Copyright (C) Jelmer Vernooij 2004-2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "system/network.h"
25 #include "lib/tsocket/tsocket.h"
26 #include "lib/util/tevent_ntstatus.h"
27 #include "librpc/rpc/dcerpc.h"
28 #include "librpc/gen_ndr/ndr_dcerpc.h"
29 #include "rpc_common.h"
30 #include "lib/util/bitmap.h"
32 /* we need to be able to get/set the fragment length without doing a full
34 void dcerpc_set_frag_length(DATA_BLOB
*blob
, uint16_t v
)
36 if (CVAL(blob
->data
,DCERPC_DREP_OFFSET
) & DCERPC_DREP_LE
) {
37 SSVAL(blob
->data
, DCERPC_FRAG_LEN_OFFSET
, v
);
39 RSSVAL(blob
->data
, DCERPC_FRAG_LEN_OFFSET
, v
);
43 uint16_t dcerpc_get_frag_length(const DATA_BLOB
*blob
)
45 if (CVAL(blob
->data
,DCERPC_DREP_OFFSET
) & DCERPC_DREP_LE
) {
46 return SVAL(blob
->data
, DCERPC_FRAG_LEN_OFFSET
);
48 return RSVAL(blob
->data
, DCERPC_FRAG_LEN_OFFSET
);
52 void dcerpc_set_auth_length(DATA_BLOB
*blob
, uint16_t v
)
54 if (CVAL(blob
->data
,DCERPC_DREP_OFFSET
) & DCERPC_DREP_LE
) {
55 SSVAL(blob
->data
, DCERPC_AUTH_LEN_OFFSET
, v
);
57 RSSVAL(blob
->data
, DCERPC_AUTH_LEN_OFFSET
, v
);
61 uint8_t dcerpc_get_endian_flag(DATA_BLOB
*blob
)
63 return blob
->data
[DCERPC_DREP_OFFSET
];
68 * @brief Pull a dcerpc_auth structure, taking account of any auth
69 * padding in the blob. For request/response packets we pass
70 * the whole data blob, so auth_data_only must be set to false
71 * as the blob contains data+pad+auth and no just pad+auth.
73 * @param pkt - The ncacn_packet strcuture
74 * @param mem_ctx - The mem_ctx used to allocate dcerpc_auth elements
75 * @param pkt_trailer - The packet trailer data, usually the trailing
76 * auth_info blob, but in the request/response case
77 * this is the stub_and_verifier blob.
78 * @param auth - A preallocated dcerpc_auth *empty* structure
79 * @param auth_length - The length of the auth trail, sum of auth header
80 * lenght and pkt->auth_length
81 * @param auth_data_only - Whether the pkt_trailer includes only the auth_blob
82 * (+ padding) or also other data.
84 * @return - A NTSTATUS error code.
86 NTSTATUS
dcerpc_pull_auth_trailer(const struct ncacn_packet
*pkt
,
88 const DATA_BLOB
*pkt_trailer
,
89 struct dcerpc_auth
*auth
,
90 uint32_t *_auth_length
,
94 enum ndr_err_code ndr_err
;
95 uint16_t data_and_pad
;
100 if (_auth_length
!= NULL
) {
103 if (auth_data_only
) {
104 return NT_STATUS_INTERNAL_ERROR
;
107 if (!auth_data_only
) {
108 return NT_STATUS_INTERNAL_ERROR
;
112 /* Paranoia checks for auth_length. The caller should check this... */
113 if (pkt
->auth_length
== 0) {
114 return NT_STATUS_INTERNAL_ERROR
;
117 /* Paranoia checks for auth_length. The caller should check this... */
118 if (pkt
->auth_length
> pkt
->frag_length
) {
119 return NT_STATUS_INTERNAL_ERROR
;
121 tmp_length
= DCERPC_NCACN_PAYLOAD_OFFSET
;
122 tmp_length
+= DCERPC_AUTH_TRAILER_LENGTH
;
123 tmp_length
+= pkt
->auth_length
;
124 if (tmp_length
> pkt
->frag_length
) {
125 return NT_STATUS_INTERNAL_ERROR
;
127 if (pkt_trailer
->length
> UINT16_MAX
) {
128 return NT_STATUS_INTERNAL_ERROR
;
131 auth_length
= DCERPC_AUTH_TRAILER_LENGTH
+ pkt
->auth_length
;
132 if (pkt_trailer
->length
< auth_length
) {
133 return NT_STATUS_RPC_PROTOCOL_ERROR
;
136 data_and_pad
= pkt_trailer
->length
- auth_length
;
138 ndr
= ndr_pull_init_blob(pkt_trailer
, mem_ctx
);
140 return NT_STATUS_NO_MEMORY
;
143 if (!(pkt
->drep
[0] & DCERPC_DREP_LE
)) {
144 ndr
->flags
|= LIBNDR_FLAG_BIGENDIAN
;
147 ndr_err
= ndr_pull_advance(ndr
, data_and_pad
);
148 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
150 return ndr_map_error2ntstatus(ndr_err
);
153 ndr_err
= ndr_pull_dcerpc_auth(ndr
, NDR_SCALARS
|NDR_BUFFERS
, auth
);
154 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
157 return ndr_map_error2ntstatus(ndr_err
);
160 if (data_and_pad
< auth
->auth_pad_length
) {
161 DEBUG(1, (__location__
": ERROR: pad length mismatch. "
162 "Calculated %u got %u\n",
163 (unsigned)data_and_pad
,
164 (unsigned)auth
->auth_pad_length
));
167 return NT_STATUS_RPC_PROTOCOL_ERROR
;
170 if (auth_data_only
&& data_and_pad
!= auth
->auth_pad_length
) {
171 DEBUG(1, (__location__
": ERROR: pad length mismatch. "
172 "Calculated %u got %u\n",
173 (unsigned)data_and_pad
,
174 (unsigned)auth
->auth_pad_length
));
177 return NT_STATUS_RPC_PROTOCOL_ERROR
;
180 DEBUG(6,(__location__
": auth_pad_length %u\n",
181 (unsigned)auth
->auth_pad_length
));
183 talloc_steal(mem_ctx
, auth
->credentials
.data
);
186 if (_auth_length
!= NULL
) {
187 *_auth_length
= auth_length
;
194 * @brief Verify the fields in ncacn_packet header.
196 * @param pkt - The ncacn_packet strcuture
197 * @param ptype - The expected PDU type
198 * @param max_auth_info - The maximum size of a possible auth trailer
199 * @param required_flags - The required flags for the pdu.
200 * @param optional_flags - The possible optional flags for the pdu.
202 * @return - A NTSTATUS error code.
204 NTSTATUS
dcerpc_verify_ncacn_packet_header(const struct ncacn_packet
*pkt
,
205 enum dcerpc_pkt_type ptype
,
206 size_t max_auth_info
,
207 uint8_t required_flags
,
208 uint8_t optional_flags
)
210 if (pkt
->rpc_vers
!= 5) {
211 return NT_STATUS_RPC_PROTOCOL_ERROR
;
214 if (pkt
->rpc_vers_minor
!= 0) {
215 return NT_STATUS_RPC_PROTOCOL_ERROR
;
218 if (pkt
->auth_length
> pkt
->frag_length
) {
219 return NT_STATUS_RPC_PROTOCOL_ERROR
;
222 if (pkt
->ptype
!= ptype
) {
223 return NT_STATUS_RPC_PROTOCOL_ERROR
;
226 if (max_auth_info
> UINT16_MAX
) {
227 return NT_STATUS_INTERNAL_ERROR
;
230 if (pkt
->auth_length
> 0) {
231 size_t max_auth_length
;
233 if (max_auth_info
<= DCERPC_AUTH_TRAILER_LENGTH
) {
234 return NT_STATUS_RPC_PROTOCOL_ERROR
;
236 max_auth_length
= max_auth_info
- DCERPC_AUTH_TRAILER_LENGTH
;
238 if (pkt
->auth_length
> max_auth_length
) {
239 return NT_STATUS_RPC_PROTOCOL_ERROR
;
243 if ((pkt
->pfc_flags
& required_flags
) != required_flags
) {
244 return NT_STATUS_RPC_PROTOCOL_ERROR
;
246 if (pkt
->pfc_flags
& ~(optional_flags
|required_flags
)) {
247 return NT_STATUS_RPC_PROTOCOL_ERROR
;
250 if (pkt
->drep
[0] & ~DCERPC_DREP_LE
) {
251 return NT_STATUS_RPC_PROTOCOL_ERROR
;
253 if (pkt
->drep
[1] != 0) {
254 return NT_STATUS_RPC_PROTOCOL_ERROR
;
256 if (pkt
->drep
[2] != 0) {
257 return NT_STATUS_RPC_PROTOCOL_ERROR
;
259 if (pkt
->drep
[3] != 0) {
260 return NT_STATUS_RPC_PROTOCOL_ERROR
;
266 struct dcerpc_read_ncacn_packet_state
{
272 struct ncacn_packet
*pkt
;
275 static int dcerpc_read_ncacn_packet_next_vector(struct tstream_context
*stream
,
278 struct iovec
**_vector
,
280 static void dcerpc_read_ncacn_packet_done(struct tevent_req
*subreq
);
282 struct tevent_req
*dcerpc_read_ncacn_packet_send(TALLOC_CTX
*mem_ctx
,
283 struct tevent_context
*ev
,
284 struct tstream_context
*stream
)
286 struct tevent_req
*req
;
287 struct dcerpc_read_ncacn_packet_state
*state
;
288 struct tevent_req
*subreq
;
290 req
= tevent_req_create(mem_ctx
, &state
,
291 struct dcerpc_read_ncacn_packet_state
);
296 state
->buffer
= data_blob_const(NULL
, 0);
297 state
->pkt
= talloc(state
, struct ncacn_packet
);
298 if (tevent_req_nomem(state
->pkt
, req
)) {
302 subreq
= tstream_readv_pdu_send(state
, ev
,
304 dcerpc_read_ncacn_packet_next_vector
,
306 if (tevent_req_nomem(subreq
, req
)) {
309 tevent_req_set_callback(subreq
, dcerpc_read_ncacn_packet_done
, req
);
313 tevent_req_post(req
, ev
);
317 static int dcerpc_read_ncacn_packet_next_vector(struct tstream_context
*stream
,
320 struct iovec
**_vector
,
323 struct dcerpc_read_ncacn_packet_state
*state
=
324 talloc_get_type_abort(private_data
,
325 struct dcerpc_read_ncacn_packet_state
);
326 struct iovec
*vector
;
329 if (state
->buffer
.length
== 0) {
331 * first get enough to read the fragment length
333 * We read the full fixed ncacn_packet header
334 * in order to make wireshark happy with
335 * pcap files from socket_wrapper.
338 state
->buffer
.length
= DCERPC_NCACN_PAYLOAD_OFFSET
;
339 state
->buffer
.data
= talloc_array(state
, uint8_t,
340 state
->buffer
.length
);
341 if (!state
->buffer
.data
) {
344 } else if (state
->buffer
.length
== DCERPC_NCACN_PAYLOAD_OFFSET
) {
345 /* now read the fragment length and allocate the full buffer */
346 size_t frag_len
= dcerpc_get_frag_length(&state
->buffer
);
348 ofs
= state
->buffer
.length
;
350 if (frag_len
< ofs
) {
352 * something is wrong, let the caller deal with it
359 state
->buffer
.data
= talloc_realloc(state
,
362 if (!state
->buffer
.data
) {
365 state
->buffer
.length
= frag_len
;
367 /* if we reach this we have a full fragment */
373 /* now create the vector that we want to be filled */
374 vector
= talloc_array(mem_ctx
, struct iovec
, 1);
379 vector
[0].iov_base
= (void *) (state
->buffer
.data
+ ofs
);
380 vector
[0].iov_len
= state
->buffer
.length
- ofs
;
387 static void dcerpc_read_ncacn_packet_done(struct tevent_req
*subreq
)
389 struct tevent_req
*req
= tevent_req_callback_data(subreq
,
391 struct dcerpc_read_ncacn_packet_state
*state
= tevent_req_data(req
,
392 struct dcerpc_read_ncacn_packet_state
);
395 struct ndr_pull
*ndr
;
396 enum ndr_err_code ndr_err
;
399 ret
= tstream_readv_pdu_recv(subreq
, &sys_errno
);
402 status
= map_nt_error_from_unix_common(sys_errno
);
403 tevent_req_nterror(req
, status
);
407 ndr
= ndr_pull_init_blob(&state
->buffer
, state
->pkt
);
408 if (tevent_req_nomem(ndr
, req
)) {
412 if (!(CVAL(ndr
->data
, DCERPC_DREP_OFFSET
) & DCERPC_DREP_LE
)) {
413 ndr
->flags
|= LIBNDR_FLAG_BIGENDIAN
;
416 if (CVAL(ndr
->data
, DCERPC_PFC_OFFSET
) & DCERPC_PFC_FLAG_OBJECT_UUID
) {
417 ndr
->flags
|= LIBNDR_FLAG_OBJECT_PRESENT
;
420 ndr_err
= ndr_pull_ncacn_packet(ndr
, NDR_SCALARS
|NDR_BUFFERS
, state
->pkt
);
422 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
423 status
= ndr_map_error2ntstatus(ndr_err
);
424 tevent_req_nterror(req
, status
);
428 if (state
->pkt
->frag_length
!= state
->buffer
.length
) {
429 tevent_req_nterror(req
, NT_STATUS_RPC_PROTOCOL_ERROR
);
433 tevent_req_done(req
);
436 NTSTATUS
dcerpc_read_ncacn_packet_recv(struct tevent_req
*req
,
438 struct ncacn_packet
**pkt
,
441 struct dcerpc_read_ncacn_packet_state
*state
= tevent_req_data(req
,
442 struct dcerpc_read_ncacn_packet_state
);
445 if (tevent_req_is_nterror(req
, &status
)) {
446 tevent_req_received(req
);
450 *pkt
= talloc_move(mem_ctx
, &state
->pkt
);
452 buffer
->data
= talloc_move(mem_ctx
, &state
->buffer
.data
);
453 buffer
->length
= state
->buffer
.length
;
456 tevent_req_received(req
);
460 const char *dcerpc_default_transport_endpoint(TALLOC_CTX
*mem_ctx
,
461 enum dcerpc_transport_t transport
,
462 const struct ndr_interface_table
*table
)
465 const char *p
= NULL
;
466 const char *endpoint
= NULL
;
468 struct dcerpc_binding
*default_binding
= NULL
;
469 TALLOC_CTX
*frame
= talloc_stackframe();
471 /* Find one of the default pipes for this interface */
473 for (i
= 0; i
< table
->endpoints
->count
; i
++) {
474 enum dcerpc_transport_t dtransport
;
475 const char *dendpoint
;
477 status
= dcerpc_parse_binding(frame
, table
->endpoints
->names
[i
],
479 if (!NT_STATUS_IS_OK(status
)) {
483 dtransport
= dcerpc_binding_get_transport(default_binding
);
484 dendpoint
= dcerpc_binding_get_string_option(default_binding
,
486 if (dendpoint
== NULL
) {
487 TALLOC_FREE(default_binding
);
491 if (transport
== NCA_UNKNOWN
) {
492 transport
= dtransport
;
495 if (transport
!= dtransport
) {
496 TALLOC_FREE(default_binding
);
509 * extract the pipe name without \\pipe from for example
510 * ncacn_np:[\\pipe\\epmapper]
512 if (transport
== NCACN_NP
) {
513 if (strncasecmp(p
, "\\pipe\\", 6) == 0) {
516 if (strncmp(p
, "\\", 1) == 0) {
521 endpoint
= talloc_strdup(mem_ctx
, p
);
528 struct dcerpc_sec_vt_header2
dcerpc_sec_vt_header2_from_ncacn_packet(const struct ncacn_packet
*pkt
)
530 struct dcerpc_sec_vt_header2 ret
;
533 ret
.ptype
= pkt
->ptype
;
534 memcpy(&ret
.drep
, pkt
->drep
, sizeof(ret
.drep
));
535 ret
.call_id
= pkt
->call_id
;
537 switch (pkt
->ptype
) {
538 case DCERPC_PKT_REQUEST
:
539 ret
.context_id
= pkt
->u
.request
.context_id
;
540 ret
.opnum
= pkt
->u
.request
.opnum
;
543 case DCERPC_PKT_RESPONSE
:
544 ret
.context_id
= pkt
->u
.response
.context_id
;
547 case DCERPC_PKT_FAULT
:
548 ret
.context_id
= pkt
->u
.fault
.context_id
;
558 bool dcerpc_sec_vt_header2_equal(const struct dcerpc_sec_vt_header2
*v1
,
559 const struct dcerpc_sec_vt_header2
*v2
)
561 if (v1
->ptype
!= v2
->ptype
) {
565 if (memcmp(v1
->drep
, v2
->drep
, sizeof(v1
->drep
)) != 0) {
569 if (v1
->call_id
!= v2
->call_id
) {
573 if (v1
->context_id
!= v2
->context_id
) {
577 if (v1
->opnum
!= v2
->opnum
) {
584 static bool dcerpc_sec_vt_is_valid(const struct dcerpc_sec_verification_trailer
*r
)
587 TALLOC_CTX
*frame
= talloc_stackframe();
588 struct bitmap
*commands_seen
;
591 if (r
->count
.count
== 0) {
596 if (memcmp(r
->magic
, DCERPC_SEC_VT_MAGIC
, sizeof(r
->magic
)) != 0) {
600 commands_seen
= bitmap_talloc(frame
, DCERPC_SEC_VT_COMMAND_ENUM
+ 1);
601 if (commands_seen
== NULL
) {
605 for (i
=0; i
< r
->count
.count
; i
++) {
606 enum dcerpc_sec_vt_command_enum cmd
=
607 r
->commands
[i
].command
& DCERPC_SEC_VT_COMMAND_ENUM
;
609 if (bitmap_query(commands_seen
, cmd
)) {
610 /* Each command must appear at most once. */
613 bitmap_set(commands_seen
, cmd
);
616 case DCERPC_SEC_VT_COMMAND_BITMASK1
:
617 case DCERPC_SEC_VT_COMMAND_PCONTEXT
:
618 case DCERPC_SEC_VT_COMMAND_HEADER2
:
621 if ((r
->commands
[i
].u
._unknown
.length
% 4) != 0) {
633 static bool dcerpc_sec_vt_bitmask_check(const uint32_t *bitmask1
,
634 struct dcerpc_sec_vt
*c
)
636 if (bitmask1
== NULL
) {
637 if (c
->command
& DCERPC_SEC_VT_MUST_PROCESS
) {
638 DEBUG(10, ("SEC_VT check Bitmask1 must_process_command "
646 if ((c
->u
.bitmask1
& DCERPC_SEC_VT_CLIENT_SUPPORTS_HEADER_SIGNING
)
647 && (!(*bitmask1
& DCERPC_SEC_VT_CLIENT_SUPPORTS_HEADER_SIGNING
))) {
648 DEBUG(10, ("SEC_VT check Bitmask1 client_header_signing "
655 static bool dcerpc_sec_vt_pctx_check(const struct dcerpc_sec_vt_pcontext
*pcontext
,
656 struct dcerpc_sec_vt
*c
)
661 if (pcontext
== NULL
) {
662 if (c
->command
& DCERPC_SEC_VT_MUST_PROCESS
) {
663 DEBUG(10, ("SEC_VT check Pcontext must_process_command "
671 mem_ctx
= talloc_stackframe();
672 ok
= ndr_syntax_id_equal(&pcontext
->abstract_syntax
,
673 &c
->u
.pcontext
.abstract_syntax
);
675 DEBUG(10, ("SEC_VT check pcontext abstract_syntax failed: "
677 ndr_syntax_id_to_string(mem_ctx
,
678 &pcontext
->abstract_syntax
),
679 ndr_syntax_id_to_string(mem_ctx
,
680 &c
->u
.pcontext
.abstract_syntax
)));
683 ok
= ndr_syntax_id_equal(&pcontext
->transfer_syntax
,
684 &c
->u
.pcontext
.transfer_syntax
);
686 DEBUG(10, ("SEC_VT check pcontext transfer_syntax failed: "
688 ndr_syntax_id_to_string(mem_ctx
,
689 &pcontext
->transfer_syntax
),
690 ndr_syntax_id_to_string(mem_ctx
,
691 &c
->u
.pcontext
.transfer_syntax
)));
697 talloc_free(mem_ctx
);
701 static bool dcerpc_sec_vt_hdr2_check(const struct dcerpc_sec_vt_header2
*header2
,
702 struct dcerpc_sec_vt
*c
)
704 if (header2
== NULL
) {
705 if (c
->command
& DCERPC_SEC_VT_MUST_PROCESS
) {
706 DEBUG(10, ("SEC_VT check Header2 must_process_command failed\n"));
713 if (!dcerpc_sec_vt_header2_equal(header2
, &c
->u
.header2
)) {
714 DEBUG(10, ("SEC_VT check Header2 failed\n"));
721 bool dcerpc_sec_verification_trailer_check(
722 const struct dcerpc_sec_verification_trailer
*vt
,
723 const uint32_t *bitmask1
,
724 const struct dcerpc_sec_vt_pcontext
*pcontext
,
725 const struct dcerpc_sec_vt_header2
*header2
)
729 if (!dcerpc_sec_vt_is_valid(vt
)) {
733 for (i
=0; i
< vt
->count
.count
; i
++) {
735 struct dcerpc_sec_vt
*c
= &vt
->commands
[i
];
737 switch (c
->command
& DCERPC_SEC_VT_COMMAND_ENUM
) {
738 case DCERPC_SEC_VT_COMMAND_BITMASK1
:
739 ok
= dcerpc_sec_vt_bitmask_check(bitmask1
, c
);
745 case DCERPC_SEC_VT_COMMAND_PCONTEXT
:
746 ok
= dcerpc_sec_vt_pctx_check(pcontext
, c
);
752 case DCERPC_SEC_VT_COMMAND_HEADER2
: {
753 ok
= dcerpc_sec_vt_hdr2_check(header2
, c
);
761 if (c
->command
& DCERPC_SEC_VT_MUST_PROCESS
) {
762 DEBUG(10, ("SEC_VT check Unknown must_process_command failed\n"));
773 static const struct ndr_syntax_id dcerpc_bind_time_features_prefix
= {
775 .time_low
= 0x6cb71c2c,
777 .time_hi_and_version
= 0x4540,
778 .clock_seq
= {0x00, 0x00},
779 .node
= {0x00,0x00,0x00,0x00,0x00,0x00}
784 bool dcerpc_extract_bind_time_features(struct ndr_syntax_id s
, uint64_t *_features
)
787 uint64_t features
= 0;
789 values
[0] = s
.uuid
.clock_seq
[0];
790 values
[1] = s
.uuid
.clock_seq
[1];
791 values
[2] = s
.uuid
.node
[0];
792 values
[3] = s
.uuid
.node
[1];
793 values
[4] = s
.uuid
.node
[2];
794 values
[5] = s
.uuid
.node
[3];
795 values
[6] = s
.uuid
.node
[4];
796 values
[7] = s
.uuid
.node
[5];
798 ZERO_STRUCT(s
.uuid
.clock_seq
);
799 ZERO_STRUCT(s
.uuid
.node
);
801 if (!ndr_syntax_id_equal(&s
, &dcerpc_bind_time_features_prefix
)) {
802 if (_features
!= NULL
) {
808 features
= BVAL(values
, 0);
810 if (_features
!= NULL
) {
811 *_features
= features
;
817 struct ndr_syntax_id
dcerpc_construct_bind_time_features(uint64_t features
)
819 struct ndr_syntax_id s
= dcerpc_bind_time_features_prefix
;
822 SBVAL(values
, 0, features
);
824 s
.uuid
.clock_seq
[0] = values
[0];
825 s
.uuid
.clock_seq
[1] = values
[1];
826 s
.uuid
.node
[0] = values
[2];
827 s
.uuid
.node
[1] = values
[3];
828 s
.uuid
.node
[2] = values
[4];
829 s
.uuid
.node
[3] = values
[5];
830 s
.uuid
.node
[4] = values
[6];
831 s
.uuid
.node
[5] = values
[7];