search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
* fix to display correct form information in REG_BINARY information
[Samba.git] / source / rpc_parse / parse_rpc.c
blob41e0b4cb5f41c309561d25ccc221f212e49e3923
1 /*
2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 * Copyright (C) Andrew Tridgell 1992-1997,
5 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
6 * Copyright (C) Paul Ashton 1997.
7 * Copyright (C) Jeremy Allison 1999.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24 #include "includes.h"
25
26 #undef DBGC_CLASS
27 #define DBGC_CLASS DBGC_RPC_PARSE
28
29 /*******************************************************************
30 interface/version dce/rpc pipe identification
31 ********************************************************************/
32
33 #define TRANS_SYNT_V2 \
34 { \
35 { \
36 0x8a885d04, 0x1ceb, 0x11c9, \
37 { 0x9f, 0xe8, 0x08, 0x00, \
38 0x2b, 0x10, 0x48, 0x60 } \
39 }, 0x02 \
40 }
41
42 #define SYNT_NETLOGON_V2 \
43 { \
44 { \
45 0x8a885d04, 0x1ceb, 0x11c9, \
46 { 0x9f, 0xe8, 0x08, 0x00, \
47 0x2b, 0x10, 0x48, 0x60 } \
48 }, 0x02 \
49 }
50
51 #define SYNT_WKSSVC_V1 \
52 { \
53 { \
54 0x6bffd098, 0xa112, 0x3610, \
55 { 0x98, 0x33, 0x46, 0xc3, \
56 0xf8, 0x7e, 0x34, 0x5a } \
57 }, 0x01 \
58 }
59
60 #define SYNT_SRVSVC_V3 \
61 { \
62 { \
63 0x4b324fc8, 0x1670, 0x01d3, \
64 { 0x12, 0x78, 0x5a, 0x47, \
65 0xbf, 0x6e, 0xe1, 0x88 } \
66 }, 0x03 \
67 }
68
69 #define SYNT_LSARPC_V0 \
70 { \
71 { \
72 0x12345778, 0x1234, 0xabcd, \
73 { 0xef, 0x00, 0x01, 0x23, \
74 0x45, 0x67, 0x89, 0xab } \
75 }, 0x00 \
76 }
77
78 #define SYNT_SAMR_V1 \
79 { \
80 { \
81 0x12345778, 0x1234, 0xabcd, \
82 { 0xef, 0x00, 0x01, 0x23, \
83 0x45, 0x67, 0x89, 0xac } \
84 }, 0x01 \
85 }
86
87 #define SYNT_NETLOGON_V1 \
88 { \
89 { \
90 0x12345678, 0x1234, 0xabcd, \
91 { 0xef, 0x00, 0x01, 0x23, \
92 0x45, 0x67, 0xcf, 0xfb } \
93 }, 0x01 \
94 }
95
96 #define SYNT_WINREG_V1 \
97 { \
98 { \
99 0x338cd001, 0x2244, 0x31f1, \
100 { 0xaa, 0xaa, 0x90, 0x00, \
101 0x38, 0x00, 0x10, 0x03 } \
102 }, 0x01 \
103 }
104
105 #define SYNT_SPOOLSS_V1 \
106 { \
107 { \
108 0x12345678, 0x1234, 0xabcd, \
109 { 0xef, 0x00, 0x01, 0x23, \
110 0x45, 0x67, 0x89, 0xab } \
111 }, 0x01 \
112 }
113
114 #define SYNT_NONE_V0 \
115 { \
116 { \
117 0x0, 0x0, 0x0, \
118 { 0x00, 0x00, 0x00, 0x00, \
119 0x00, 0x00, 0x00, 0x00 } \
120 }, 0x00 \
121 }
122
123 #define SYNT_NETDFS_V3 \
124 { \
125 { \
126 0x4fc742e0, 0x4a10, 0x11cf, \
127 { 0x82, 0x73, 0x00, 0xaa, \
128 0x00, 0x4a, 0xe6, 0x73 } \
129 }, 0x03 \
130 }
131
132 struct pipe_id_info pipe_names [] =
133 {
134 /* client pipe , abstract syntax , server pipe , transfer syntax */
135 { PIPE_LSARPC , SYNT_LSARPC_V0 , PIPE_LSASS , TRANS_SYNT_V2 },
136 { PIPE_SAMR , SYNT_SAMR_V1 , PIPE_LSASS , TRANS_SYNT_V2 },
137 { PIPE_NETLOGON, SYNT_NETLOGON_V1, PIPE_LSASS , TRANS_SYNT_V2 },
138 { PIPE_SRVSVC , SYNT_SRVSVC_V3 , PIPE_NTSVCS , TRANS_SYNT_V2 },
139 { PIPE_WKSSVC , SYNT_WKSSVC_V1 , PIPE_NTSVCS , TRANS_SYNT_V2 },
140 { PIPE_WINREG , SYNT_WINREG_V1 , PIPE_WINREG , TRANS_SYNT_V2 },
141 { PIPE_SPOOLSS , SYNT_SPOOLSS_V1 , PIPE_SPOOLSS , TRANS_SYNT_V2 },
142 { PIPE_NETDFS , SYNT_NETDFS_V3 , PIPE_NETDFS , TRANS_SYNT_V2 },
143 { NULL , SYNT_NONE_V0 , NULL , SYNT_NONE_V0 }
144 };
145
146 /*******************************************************************
147 Inits an RPC_HDR structure.
148 ********************************************************************/
149
150 void init_rpc_hdr(RPC_HDR *hdr, enum RPC_PKT_TYPE pkt_type, uint8 flags,
151 uint32 call_id, int data_len, int auth_len)
152 {
153 hdr->major = 5; /* RPC version 5 */
154 hdr->minor = 0; /* minor version 0 */
155 hdr->pkt_type = pkt_type; /* RPC packet type */
156 hdr->flags = flags; /* dce/rpc flags */
157 hdr->pack_type[0] = 0x10; /* little-endian data representation */
158 hdr->pack_type[1] = 0; /* packed data representation */
159 hdr->pack_type[2] = 0; /* packed data representation */
160 hdr->pack_type[3] = 0; /* packed data representation */
161 hdr->frag_len = data_len; /* fragment length, fill in later */
162 hdr->auth_len = auth_len; /* authentication length */
163 hdr->call_id = call_id; /* call identifier - match incoming RPC */
164 }
165
166 /*******************************************************************
167 Reads or writes an RPC_HDR structure.
168 ********************************************************************/
169
170 BOOL smb_io_rpc_hdr(char *desc, RPC_HDR *rpc, prs_struct *ps, int depth)
171 {
172 if (rpc == NULL)
173 return False;
174
175 prs_debug(ps, depth, desc, "smb_io_rpc_hdr");
176 depth++;
177
178 if(!prs_uint8 ("major ", ps, depth, &rpc->major))
179 return False;
180
181 if(!prs_uint8 ("minor ", ps, depth, &rpc->minor))
182 return False;
183 if(!prs_uint8 ("pkt_type ", ps, depth, &rpc->pkt_type))
184 return False;
185 if(!prs_uint8 ("flags ", ps, depth, &rpc->flags))
186 return False;
187
188 /* We always marshall in little endian format. */
189 if (MARSHALLING(ps))
190 rpc->pack_type[0] = 0x10;
191
192 if(!prs_uint8("pack_type0", ps, depth, &rpc->pack_type[0]))
193 return False;
194 if(!prs_uint8("pack_type1", ps, depth, &rpc->pack_type[1]))
195 return False;
196 if(!prs_uint8("pack_type2", ps, depth, &rpc->pack_type[2]))
197 return False;
198 if(!prs_uint8("pack_type3", ps, depth, &rpc->pack_type[3]))
199 return False;
200
201 /*
202 * If reading and pack_type[0] == 0 then the data is in big-endian
203 * format. Set the flag in the prs_struct to specify reverse-endainness.
204 */
205
206 if (UNMARSHALLING(ps) && rpc->pack_type[0] == 0) {
207 DEBUG(10,("smb_io_rpc_hdr: PDU data format is big-endian. Setting flag.\n"));
208 prs_set_endian_data(ps, RPC_BIG_ENDIAN);
209 }
210
211 if(!prs_uint16("frag_len ", ps, depth, &rpc->frag_len))
212 return False;
213 if(!prs_uint16("auth_len ", ps, depth, &rpc->auth_len))
214 return False;
215 if(!prs_uint32("call_id ", ps, depth, &rpc->call_id))
216 return False;
217 return True;
218 }
219
220 /*******************************************************************
221 Reads or writes an RPC_IFACE structure.
222 ********************************************************************/
223
224 static BOOL smb_io_rpc_iface(char *desc, RPC_IFACE *ifc, prs_struct *ps, int depth)
225 {
226 if (ifc == NULL)
227 return False;
228
229 prs_debug(ps, depth, desc, "smb_io_rpc_iface");
230 depth++;
231
232 if(!prs_align(ps))
233 return False;
234
235 if(!prs_uint32 ("data ", ps, depth, &ifc->uuid.time_low))
236 return False;
237 if(!prs_uint16 ("data ", ps, depth, &ifc->uuid.time_mid))
238 return False;
239 if(!prs_uint16 ("data ", ps, depth, &ifc->uuid.time_hi_and_version))
240 return False;
241
242 if(!prs_uint8s (False, "data ", ps, depth, ifc->uuid.remaining, sizeof(ifc->uuid.remaining)))
243 return False;
244 if(!prs_uint32 ( "version", ps, depth, &ifc->version))
245 return False;
246
247 return True;
248 }
249
250 /*******************************************************************
251 Inits an RPC_ADDR_STR structure.
252 ********************************************************************/
253
254 static void init_rpc_addr_str(RPC_ADDR_STR *str, char *name)
255 {
256 str->len = strlen(name) + 1;
257 fstrcpy(str->str, name);
258 }
259
260 /*******************************************************************
261 Reads or writes an RPC_ADDR_STR structure.
262 ********************************************************************/
263
264 static BOOL smb_io_rpc_addr_str(char *desc, RPC_ADDR_STR *str, prs_struct *ps, int depth)
265 {
266 if (str == NULL)
267 return False;
268
269 prs_debug(ps, depth, desc, "smb_io_rpc_addr_str");
270 depth++;
271 if(!prs_align(ps))
272 return False;
273
274 if(!prs_uint16 ( "len", ps, depth, &str->len))
275 return False;
276 if(!prs_uint8s (True, "str", ps, depth, (uchar*)str->str, MIN(str->len, sizeof(str->str)) ))
277 return False;
278 return True;
279 }
280
281 /*******************************************************************
282 Inits an RPC_HDR_BBA structure.
283 ********************************************************************/
284
285 static void init_rpc_hdr_bba(RPC_HDR_BBA *bba, uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid)
286 {
287 bba->max_tsize = max_tsize; /* maximum transmission fragment size (0x1630) */
288 bba->max_rsize = max_rsize; /* max receive fragment size (0x1630) */
289 bba->assoc_gid = assoc_gid; /* associated group id (0x0) */
290 }
291
292 /*******************************************************************
293 Reads or writes an RPC_HDR_BBA structure.
294 ********************************************************************/
295
296 static BOOL smb_io_rpc_hdr_bba(char *desc, RPC_HDR_BBA *rpc, prs_struct *ps, int depth)
297 {
298 if (rpc == NULL)
299 return False;
300
301 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_bba");
302 depth++;
303
304 if(!prs_uint16("max_tsize", ps, depth, &rpc->max_tsize))
305 return False;
306 if(!prs_uint16("max_rsize", ps, depth, &rpc->max_rsize))
307 return False;
308 if(!prs_uint32("assoc_gid", ps, depth, &rpc->assoc_gid))
309 return False;
310 return True;
311 }
312
313 /*******************************************************************
314 Inits an RPC_HDR_RB structure.
315 ********************************************************************/
316
317 void init_rpc_hdr_rb(RPC_HDR_RB *rpc,
318 uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
319 uint32 num_elements, uint16 context_id, uint8 num_syntaxes,
320 RPC_IFACE *abstract, RPC_IFACE *transfer)
321 {
322 init_rpc_hdr_bba(&rpc->bba, max_tsize, max_rsize, assoc_gid);
323
324 rpc->num_elements = num_elements ; /* the number of elements (0x1) */
325 rpc->context_id = context_id ; /* presentation context identifier (0x0) */
326 rpc->num_syntaxes = num_syntaxes ; /* the number of syntaxes (has always been 1?)(0x1) */
327
328 /* num and vers. of interface client is using */
329 rpc->abstract = *abstract;
330
331 /* num and vers. of interface to use for replies */
332 rpc->transfer = *transfer;
333 }
334
335 /*******************************************************************
336 Reads or writes an RPC_HDR_RB structure.
337 ********************************************************************/
338
339 BOOL smb_io_rpc_hdr_rb(char *desc, RPC_HDR_RB *rpc, prs_struct *ps, int depth)
340 {
341 if (rpc == NULL)
342 return False;
343
344 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_rb");
345 depth++;
346
347 if(!smb_io_rpc_hdr_bba("", &rpc->bba, ps, depth))
348 return False;
349
350 if(!prs_uint32("num_elements", ps, depth, &rpc->num_elements))
351 return False;
352 if(!prs_uint16("context_id ", ps, depth, &rpc->context_id ))
353 return False;
354 if(!prs_uint8 ("num_syntaxes", ps, depth, &rpc->num_syntaxes))
355 return False;
356
357 if(!smb_io_rpc_iface("", &rpc->abstract, ps, depth))
358 return False;
359 if(!smb_io_rpc_iface("", &rpc->transfer, ps, depth))
360 return False;
361
362 return True;
363 }
364
365 /*******************************************************************
366 Inits an RPC_RESULTS structure.
367
368 lkclXXXX only one reason at the moment!
369 ********************************************************************/
370
371 static void init_rpc_results(RPC_RESULTS *res,
372 uint8 num_results, uint16 result, uint16 reason)
373 {
374 res->num_results = num_results; /* the number of results (0x01) */
375 res->result = result ; /* result (0x00 = accept) */
376 res->reason = reason ; /* reason (0x00 = no reason specified) */
377 }
378
379 /*******************************************************************
380 Reads or writes an RPC_RESULTS structure.
381
382 lkclXXXX only one reason at the moment!
383 ********************************************************************/
384
385 static BOOL smb_io_rpc_results(char *desc, RPC_RESULTS *res, prs_struct *ps, int depth)
386 {
387 if (res == NULL)
388 return False;
389
390 prs_debug(ps, depth, desc, "smb_io_rpc_results");
391 depth++;
392
393 if(!prs_align(ps))
394 return False;
395
396 if(!prs_uint8 ("num_results", ps, depth, &res->num_results))
397 return False;
398
399 if(!prs_align(ps))
400 return False;
401
402 if(!prs_uint16("result ", ps, depth, &res->result))
403 return False;
404 if(!prs_uint16("reason ", ps, depth, &res->reason))
405 return False;
406 return True;
407 }
408
409 /*******************************************************************
410 Init an RPC_HDR_BA structure.
411
412 lkclXXXX only one reason at the moment!
413
414 ********************************************************************/
415
416 void init_rpc_hdr_ba(RPC_HDR_BA *rpc,
417 uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
418 char *pipe_addr,
419 uint8 num_results, uint16 result, uint16 reason,
420 RPC_IFACE *transfer)
421 {
422 init_rpc_hdr_bba (&rpc->bba, max_tsize, max_rsize, assoc_gid);
423 init_rpc_addr_str(&rpc->addr, pipe_addr);
424 init_rpc_results (&rpc->res, num_results, result, reason);
425
426 /* the transfer syntax from the request */
427 memcpy(&rpc->transfer, transfer, sizeof(rpc->transfer));
428 }
429
430 /*******************************************************************
431 Reads or writes an RPC_HDR_BA structure.
432 ********************************************************************/
433
434 BOOL smb_io_rpc_hdr_ba(char *desc, RPC_HDR_BA *rpc, prs_struct *ps, int depth)
435 {
436 if (rpc == NULL)
437 return False;
438
439 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_ba");
440 depth++;
441
442 if(!smb_io_rpc_hdr_bba("", &rpc->bba, ps, depth))
443 return False;
444 if(!smb_io_rpc_addr_str("", &rpc->addr, ps, depth))
445 return False;
446 if(!smb_io_rpc_results("", &rpc->res, ps, depth))
447 return False;
448 if(!smb_io_rpc_iface("", &rpc->transfer, ps, depth))
449 return False;
450 return True;
451 }
452
453 /*******************************************************************
454 Init an RPC_HDR_REQ structure.
455 ********************************************************************/
456
457 void init_rpc_hdr_req(RPC_HDR_REQ *hdr, uint32 alloc_hint, uint16 opnum)
458 {
459 hdr->alloc_hint = alloc_hint; /* allocation hint */
460 hdr->context_id = 0; /* presentation context identifier */
461 hdr->opnum = opnum; /* opnum */
462 }
463
464 /*******************************************************************
465 Reads or writes an RPC_HDR_REQ structure.
466 ********************************************************************/
467
468 BOOL smb_io_rpc_hdr_req(char *desc, RPC_HDR_REQ *rpc, prs_struct *ps, int depth)
469 {
470 if (rpc == NULL)
471 return False;
472
473 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_req");
474 depth++;
475
476 if(!prs_uint32("alloc_hint", ps, depth, &rpc->alloc_hint))
477 return False;
478 if(!prs_uint16("context_id", ps, depth, &rpc->context_id))
479 return False;
480 if(!prs_uint16("opnum ", ps, depth, &rpc->opnum))
481 return False;
482 return True;
483 }
484
485 /*******************************************************************
486 Reads or writes an RPC_HDR_RESP structure.
487 ********************************************************************/
488
489 BOOL smb_io_rpc_hdr_resp(char *desc, RPC_HDR_RESP *rpc, prs_struct *ps, int depth)
490 {
491 if (rpc == NULL)
492 return False;
493
494 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_resp");
495 depth++;
496
497 if(!prs_uint32("alloc_hint", ps, depth, &rpc->alloc_hint))
498 return False;
499 if(!prs_uint16("context_id", ps, depth, &rpc->context_id))
500 return False;
501 if(!prs_uint8 ("cancel_ct ", ps, depth, &rpc->cancel_count))
502 return False;
503 if(!prs_uint8 ("reserved ", ps, depth, &rpc->reserved))
504 return False;
505 return True;
506 }
507
508 /*******************************************************************
509 Reads or writes an RPC_HDR_FAULT structure.
510 ********************************************************************/
511
512 BOOL smb_io_rpc_hdr_fault(char *desc, RPC_HDR_FAULT *rpc, prs_struct *ps, int depth)
513 {
514 if (rpc == NULL)
515 return False;
516
517 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_fault");
518 depth++;
519
520 if(!prs_ntstatus("status ", ps, depth, &rpc->status))
521 return False;
522 if(!prs_uint32("reserved", ps, depth, &rpc->reserved))
523 return False;
524
525 return True;
526 }
527
528 /*******************************************************************
529 Init an RPC_HDR_AUTHA structure.
530 ********************************************************************/
531
532 void init_rpc_hdr_autha(RPC_HDR_AUTHA *rai,
533 uint16 max_tsize, uint16 max_rsize,
534 uint8 auth_type, uint8 auth_level,
535 uint8 stub_type_len)
536 {
537 rai->max_tsize = max_tsize; /* maximum transmission fragment size (0x1630) */
538 rai->max_rsize = max_rsize; /* max receive fragment size (0x1630) */
539
540 rai->auth_type = auth_type; /* nt lm ssp 0x0a */
541 rai->auth_level = auth_level; /* 0x06 */
542 rai->stub_type_len = stub_type_len; /* 0x00 */
543 rai->padding = 0; /* padding 0x00 */
544
545 rai->unknown = 0x0014a0c0; /* non-zero pointer to something */
546 }
547
548 /*******************************************************************
549 Reads or writes an RPC_HDR_AUTHA structure.
550 ********************************************************************/
551
552 BOOL smb_io_rpc_hdr_autha(char *desc, RPC_HDR_AUTHA *rai, prs_struct *ps, int depth)
553 {
554 if (rai == NULL)
555 return False;
556
557 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_autha");
558 depth++;
559
560 if(!prs_uint16("max_tsize ", ps, depth, &rai->max_tsize))
561 return False;
562 if(!prs_uint16("max_rsize ", ps, depth, &rai->max_rsize))
563 return False;
564
565 if(!prs_uint8 ("auth_type ", ps, depth, &rai->auth_type)) /* 0x0a nt lm ssp */
566 return False;
567 if(!prs_uint8 ("auth_level ", ps, depth, &rai->auth_level)) /* 0x06 */
568 return False;
569 if(!prs_uint8 ("stub_type_len", ps, depth, &rai->stub_type_len))
570 return False;
571 if(!prs_uint8 ("padding ", ps, depth, &rai->padding))
572 return False;
573
574 if(!prs_uint32("unknown ", ps, depth, &rai->unknown)) /* 0x0014a0c0 */
575 return False;
576
577 return True;
578 }
579
580 /*******************************************************************
581 Checks an RPC_HDR_AUTH structure.
582 ********************************************************************/
583
584 BOOL rpc_hdr_auth_chk(RPC_HDR_AUTH *rai)
585 {
586 return (rai->auth_type == NTLMSSP_AUTH_TYPE && rai->auth_level == NTLMSSP_AUTH_LEVEL);
587 }
588
589 /*******************************************************************
590 Inits an RPC_HDR_AUTH structure.
591 ********************************************************************/
592
593 void init_rpc_hdr_auth(RPC_HDR_AUTH *rai,
594 uint8 auth_type, uint8 auth_level,
595 uint8 stub_type_len,
596 uint32 ptr)
597 {
598 rai->auth_type = auth_type; /* nt lm ssp 0x0a */
599 rai->auth_level = auth_level; /* 0x06 */
600 rai->stub_type_len = stub_type_len; /* 0x00 */
601 rai->padding = 0; /* padding 0x00 */
602
603 rai->unknown = ptr; /* non-zero pointer to something */
604 }
605
606 /*******************************************************************
607 Reads or writes an RPC_HDR_AUTH structure.
608 ********************************************************************/
609
610 BOOL smb_io_rpc_hdr_auth(char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int depth)
611 {
612 if (rai == NULL)
613 return False;
614
615 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_auth");
616 depth++;
617
618 if(!prs_align(ps))
619 return False;
620
621 if(!prs_uint8 ("auth_type ", ps, depth, &rai->auth_type)) /* 0x0a nt lm ssp */
622 return False;
623 if(!prs_uint8 ("auth_level ", ps, depth, &rai->auth_level)) /* 0x06 */
624 return False;
625 if(!prs_uint8 ("stub_type_len", ps, depth, &rai->stub_type_len))
626 return False;
627 if(!prs_uint8 ("padding ", ps, depth, &rai->padding))
628 return False;
629
630 if(!prs_uint32("unknown ", ps, depth, &rai->unknown)) /* 0x0014a0c0 */
631 return False;
632
633 return True;
634 }
635
636 /*******************************************************************
637 Checks an RPC_AUTH_VERIFIER structure.
638 ********************************************************************/
639
640 BOOL rpc_auth_verifier_chk(RPC_AUTH_VERIFIER *rav,
641 char *signature, uint32 msg_type)
642 {
643 return (strequal(rav->signature, signature) && rav->msg_type == msg_type);
644 }
645
646 /*******************************************************************
647 Inits an RPC_AUTH_VERIFIER structure.
648 ********************************************************************/
649
650 void init_rpc_auth_verifier(RPC_AUTH_VERIFIER *rav,
651 char *signature, uint32 msg_type)
652 {
653 fstrcpy(rav->signature, signature); /* "NTLMSSP" */
654 rav->msg_type = msg_type; /* NTLMSSP_MESSAGE_TYPE */
655 }
656
657 /*******************************************************************
658 Reads or writes an RPC_AUTH_VERIFIER structure.
659 ********************************************************************/
660
661 BOOL smb_io_rpc_auth_verifier(char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps, int depth)
662 {
663 if (rav == NULL)
664 return False;
665
666 prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier");
667 depth++;
668
669 /* "NTLMSSP" */
670 if(!prs_string("signature", ps, depth, rav->signature, strlen("NTLMSSP"),
671 sizeof(rav->signature)))
672 return False;
673 if(!prs_uint32("msg_type ", ps, depth, &rav->msg_type)) /* NTLMSSP_MESSAGE_TYPE */
674 return False;
675
676 return True;
677 }
678
679 /*******************************************************************
680 Inits an RPC_AUTH_NTLMSSP_NEG structure.
681 ********************************************************************/
682
683 void init_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
684 uint32 neg_flgs,
685 fstring myname, fstring domain)
686 {
687 int len_myname = strlen(myname);
688 int len_domain = strlen(domain);
689
690 neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */
691
692 init_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname);
693 init_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20);
694
695 fstrcpy(neg->myname, myname);
696 fstrcpy(neg->domain, domain);
697 }
698
699 /*******************************************************************
700 Reads or writes an RPC_AUTH_NTLMSSP_NEG structure.
701
702 *** lkclXXXX HACK ALERT! ***
703 ********************************************************************/
704
705 BOOL smb_io_rpc_auth_ntlmssp_neg(char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth)
706 {
707 uint32 start_offset = prs_offset(ps);
708 if (neg == NULL)
709 return False;
710
711 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg");
712 depth++;
713
714 if(!prs_uint32("neg_flgs ", ps, depth, &neg->neg_flgs))
715 return False;
716
717 if (ps->io) {
718 uint32 old_offset;
719 uint32 old_neg_flags = neg->neg_flgs;
720
721 /* reading */
722
723 ZERO_STRUCTP(neg);
724
725 neg->neg_flgs = old_neg_flags;
726
727 if(!smb_io_strhdr("hdr_domain", &neg->hdr_domain, ps, depth))
728 return False;
729 if(!smb_io_strhdr("hdr_myname", &neg->hdr_myname, ps, depth))
730 return False;
731
732 old_offset = prs_offset(ps);
733
734 if(!prs_set_offset(ps, neg->hdr_myname.buffer + start_offset - 12))
735 return False;
736
737 if(!prs_uint8s(True, "myname", ps, depth, (uint8*)neg->myname,
738 MIN(neg->hdr_myname.str_str_len, sizeof(neg->myname))))
739 return False;
740
741 old_offset += neg->hdr_myname.str_str_len;
742
743 if(!prs_set_offset(ps, neg->hdr_domain.buffer + start_offset - 12))
744 return False;
745
746 if(!prs_uint8s(True, "domain", ps, depth, (uint8*)neg->domain,
747 MIN(neg->hdr_domain.str_str_len, sizeof(neg->domain ))))
748 return False;
749
750 old_offset += neg->hdr_domain .str_str_len;
751
752 if(!prs_set_offset(ps, old_offset))
753 return False;
754 } else {
755 /* writing */
756 if(!smb_io_strhdr("hdr_domain", &neg->hdr_domain, ps, depth))
757 return False;
758 if(!smb_io_strhdr("hdr_myname", &neg->hdr_myname, ps, depth))
759 return False;
760
761 if(!prs_uint8s(True, "myname", ps, depth, (uint8*)neg->myname,
762 MIN(neg->hdr_myname.str_str_len, sizeof(neg->myname))))
763 return False;
764 if(!prs_uint8s(True, "domain", ps, depth, (uint8*)neg->domain,
765 MIN(neg->hdr_domain.str_str_len, sizeof(neg->domain ))))
766 return False;
767 }
768
769 return True;
770 }
771
772 /*******************************************************************
773 creates an RPC_AUTH_NTLMSSP_CHAL structure.
774 ********************************************************************/
775
776 void init_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl,
777 uint32 neg_flags,
778 uint8 challenge[8])
779 {
780 chl->unknown_1 = 0x0;
781 chl->unknown_2 = 0x00000028;
782 chl->neg_flags = neg_flags; /* 0x0082b1 */
783
784 memcpy(chl->challenge, challenge, sizeof(chl->challenge));
785 memset((char *)chl->reserved , '\0', sizeof(chl->reserved));
786 }
787
788 /*******************************************************************
789 Reads or writes an RPC_AUTH_NTLMSSP_CHAL structure.
790 ********************************************************************/
791
792 BOOL smb_io_rpc_auth_ntlmssp_chal(char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth)
793 {
794 if (chl == NULL)
795 return False;
796
797 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chal");
798 depth++;
799
800 if(!prs_uint32("unknown_1", ps, depth, &chl->unknown_1)) /* 0x0000 0000 */
801 return False;
802 if(!prs_uint32("unknown_2", ps, depth, &chl->unknown_2)) /* 0x0000 b2b3 */
803 return False;
804 if(!prs_uint32("neg_flags", ps, depth, &chl->neg_flags)) /* 0x0000 82b1 */
805 return False;
806
807 if(!prs_uint8s (False, "challenge", ps, depth, chl->challenge, sizeof(chl->challenge)))
808 return False;
809 if(!prs_uint8s (False, "reserved ", ps, depth, chl->reserved , sizeof(chl->reserved )))
810 return False;
811
812 return True;
813 }
814
815 /*******************************************************************
816 Inits an RPC_AUTH_NTLMSSP_RESP structure.
817
818 *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
819 *** lkclXXXX the actual offset is at the start of the auth verifier ***
820 ********************************************************************/
821
822 void init_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
823 uchar lm_resp[24], uchar nt_resp[24],
824 char *domain, char *user, char *wks,
825 uint32 neg_flags)
826 {
827 uint32 offset;
828 int dom_len = strlen(domain);
829 int wks_len = strlen(wks);
830 int usr_len = strlen(user);
831 int lm_len = (lm_resp != NULL) ? 24 : 0;
832 int nt_len = (nt_resp != NULL) ? 24 : 0;
833
834 DEBUG(5,("make_rpc_auth_ntlmssp_resp\n"));
835
836 #ifdef DEBUG_PASSWORD
837 DEBUG(100,("lm_resp\n"));
838 dump_data(100, (char *)lm_resp, 24);
839 DEBUG(100,("nt_resp\n"));
840 dump_data(100, (char *)nt_resp, 24);
841 #endif
842
843 DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n",
844 domain, user, wks, neg_flags));
845
846 offset = 0x40;
847
848 if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) {
849 dom_len *= 2;
850 wks_len *= 2;
851 usr_len *= 2;
852 }
853
854 init_str_hdr(&rsp->hdr_domain, dom_len, dom_len, offset);
855 offset += dom_len;
856
857 init_str_hdr(&rsp->hdr_usr, usr_len, usr_len, offset);
858 offset += usr_len;
859
860 init_str_hdr(&rsp->hdr_wks, wks_len, wks_len, offset);
861 offset += wks_len;
862
863 init_str_hdr(&rsp->hdr_lm_resp, lm_len, lm_len, offset);
864 offset += lm_len;
865
866 init_str_hdr(&rsp->hdr_nt_resp, nt_len, nt_len, offset);
867 offset += nt_len;
868
869 init_str_hdr(&rsp->hdr_sess_key, 0, 0, offset);
870
871 rsp->neg_flags = neg_flags;
872
873 memcpy(rsp->lm_resp, lm_resp, 24);
874 memcpy(rsp->nt_resp, nt_resp, 24);
875
876 if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) {
877 rpcstr_push(rsp->domain, domain, sizeof(rsp->domain), 0);
878 rpcstr_push(rsp->user, user, sizeof(rsp->user), 0);
879 rpcstr_push(rsp->wks, wks, sizeof(rsp->wks), 0);
880 } else {
881 fstrcpy(rsp->domain, domain);
882 fstrcpy(rsp->user, user);
883 fstrcpy(rsp->wks, wks);
884 }
885
886 rsp->sess_key[0] = 0;
887 }
888
889 /*******************************************************************
890 Reads or writes an RPC_AUTH_NTLMSSP_RESP structure.
891
892 *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
893 *** lkclXXXX the actual offset is at the start of the auth verifier ***
894 ********************************************************************/
895
896 BOOL smb_io_rpc_auth_ntlmssp_resp(char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth)
897 {
898 if (rsp == NULL)
899 return False;
900
901 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp");
902 depth++;
903
904 if (ps->io) {
905 uint32 old_offset;
906
907 /* reading */
908
909 ZERO_STRUCTP(rsp);
910
911 if(!smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp, ps, depth))
912 return False;
913 if(!smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp, ps, depth))
914 return False;
915 if(!smb_io_strhdr("hdr_domain ", &rsp->hdr_domain, ps, depth))
916 return False;
917 if(!smb_io_strhdr("hdr_user ", &rsp->hdr_usr, ps, depth))
918 return False;
919 if(!smb_io_strhdr("hdr_wks ", &rsp->hdr_wks, ps, depth))
920 return False;
921 if(!smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth))
922 return False;
923
924 if(!prs_uint32("neg_flags", ps, depth, &rsp->neg_flags)) /* 0x0000 82b1 */
925 return False;
926
927 old_offset = prs_offset(ps);
928
929 if(!prs_set_offset(ps, rsp->hdr_domain.buffer + 0xc))
930 return False;
931
932 if(!prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain,
933 MIN(rsp->hdr_domain.str_str_len, sizeof(rsp->domain))))
934 return False;
935
936 old_offset += rsp->hdr_domain.str_str_len;
937
938 if(!prs_set_offset(ps, rsp->hdr_usr.buffer + 0xc))
939 return False;
940
941 if(!prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user,
942 MIN(rsp->hdr_usr.str_str_len, sizeof(rsp->user))))
943 return False;
944
945 old_offset += rsp->hdr_usr.str_str_len;
946
947 if(!prs_set_offset(ps, rsp->hdr_wks.buffer + 0xc))
948 return False;
949
950 if(!prs_uint8s(True, "wks ", ps, depth, (uint8*)rsp->wks,
951 MIN(rsp->hdr_wks.str_str_len, sizeof(rsp->wks))))
952 return False;
953
954 old_offset += rsp->hdr_wks.str_str_len;
955
956 if(!prs_set_offset(ps, rsp->hdr_lm_resp.buffer + 0xc))
957 return False;
958
959 if(!prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp,
960 MIN(rsp->hdr_lm_resp.str_str_len, sizeof(rsp->lm_resp ))))
961 return False;
962
963 old_offset += rsp->hdr_lm_resp.str_str_len;
964
965 if(!prs_set_offset(ps, rsp->hdr_nt_resp.buffer + 0xc))
966 return False;
967
968 if(!prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp,
969 MIN(rsp->hdr_nt_resp.str_str_len, sizeof(rsp->nt_resp ))))
970 return False;
971
972 old_offset += rsp->hdr_nt_resp.str_str_len;
973
974 if (rsp->hdr_sess_key.str_str_len != 0) {
975
976 if(!prs_set_offset(ps, rsp->hdr_sess_key.buffer + 0x10))
977 return False;
978
979 old_offset += rsp->hdr_sess_key.str_str_len;
980
981 if(!prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key,
982 MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key))))
983 return False;
984 }
985
986 if(!prs_set_offset(ps, old_offset))
987 return False;
988 } else {
989 /* writing */
990 if(!smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp, ps, depth))
991 return False;
992 if(!smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp, ps, depth))
993 return False;
994 if(!smb_io_strhdr("hdr_domain ", &rsp->hdr_domain, ps, depth))
995 return False;
996 if(!smb_io_strhdr("hdr_user ", &rsp->hdr_usr, ps, depth))
997 return False;
998 if(!smb_io_strhdr("hdr_wks ", &rsp->hdr_wks, ps, depth))
999 return False;
1000 if(!smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth))
1001 return False;
1002
1003 if(!prs_uint32("neg_flags", ps, depth, &rsp->neg_flags)) /* 0x0000 82b1 */
1004 return False;
1005
1006 if(!prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain,
1007 MIN(rsp->hdr_domain.str_str_len, sizeof(rsp->domain))))
1008 return False;
1009
1010 if(!prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user,
1011 MIN(rsp->hdr_usr.str_str_len, sizeof(rsp->user))))
1012 return False;
1013
1014 if(!prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks,
1015 MIN(rsp->hdr_wks.str_str_len, sizeof(rsp->wks))))
1016 return False;
1017 if(!prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp,
1018 MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp))))
1019 return False;
1020 if(!prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp,
1021 MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp ))))
1022 return False;
1023 if(!prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key,
1024 MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key))))
1025 return False;
1026 }
1027
1028 return True;
1029 }
1030
1031 /*******************************************************************
1032 Checks an RPC_AUTH_NTLMSSP_CHK structure.
1033 ********************************************************************/
1034
1035 BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num)
1036 {
1037 if (chk == NULL)
1038 return False;
1039
1040 if (chk->crc32 != crc32 ||
1041 chk->ver != NTLMSSP_SIGN_VERSION ||
1042 chk->seq_num != seq_num)
1043 {
1044 DEBUG(5,("verify failed - crc %x ver %x seq %d\n",
1045 crc32, NTLMSSP_SIGN_VERSION, seq_num));
1046 DEBUG(5,("verify expect - crc %x ver %x seq %d\n",
1047 chk->crc32, chk->ver, chk->seq_num));
1048 return False;
1049 }
1050 return True;
1051 }
1052
1053 /*******************************************************************
1054 Inits an RPC_AUTH_NTLMSSP_CHK structure.
1055 ********************************************************************/
1056
1057 void init_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk,
1058 uint32 ver, uint32 crc32, uint32 seq_num)
1059 {
1060 chk->ver = ver;
1061 chk->reserved = 0x0;
1062 chk->crc32 = crc32;
1063 chk->seq_num = seq_num;
1064 }
1065
1066 /*******************************************************************
1067 Reads or writes an RPC_AUTH_NTLMSSP_CHK structure.
1068 ********************************************************************/
1069
1070 BOOL smb_io_rpc_auth_ntlmssp_chk(char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth)
1071 {
1072 if (chk == NULL)
1073 return False;
1074
1075 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk");
1076 depth++;
1077
1078 if(!prs_align(ps))
1079 return False;
1080
1081 if(!prs_uint32("ver ", ps, depth, &chk->ver))
1082 return False;
1083 if(!prs_uint32("reserved", ps, depth, &chk->reserved))
1084 return False;
1085 if(!prs_uint32("crc32 ", ps, depth, &chk->crc32))
1086 return False;
1087 if(!prs_uint32("seq_num ", ps, depth, &chk->seq_num))
1088 return False;
1089
1090 return True;
1091 }
Samba GIT mirror