search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix from Brad Langhorst to correctly check if the primaryGroupID has been set
[Samba.git] / source / rpc_parse / parse_rpc.c
blob34ba62caa92d8241fbf46d42749bde4f76327048
1 /*
2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 * Copyright (C) Andrew Tridgell 1992-1997,
5 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
6 * Copyright (C) Paul Ashton 1997.
7 * Copyright (C) Jeremy Allison 1999.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24 #include "includes.h"
25
26 #undef DBGC_CLASS
27 #define DBGC_CLASS DBGC_RPC_PARSE
28
29 /*******************************************************************
30 interface/version dce/rpc pipe identification
31 ********************************************************************/
32
33 #define TRANS_SYNT_V2 \
34 { \
35 { \
36 0x8a885d04, 0x1ceb, 0x11c9, \
37 { 0x9f, 0xe8, 0x08, 0x00, \
38 0x2b, 0x10, 0x48, 0x60 } \
39 }, 0x02 \
40 }
41
42 #define SYNT_NETLOGON_V2 \
43 { \
44 { \
45 0x8a885d04, 0x1ceb, 0x11c9, \
46 { 0x9f, 0xe8, 0x08, 0x00, \
47 0x2b, 0x10, 0x48, 0x60 } \
48 }, 0x02 \
49 }
50
51 #define SYNT_WKSSVC_V1 \
52 { \
53 { \
54 0x6bffd098, 0xa112, 0x3610, \
55 { 0x98, 0x33, 0x46, 0xc3, \
56 0xf8, 0x7e, 0x34, 0x5a } \
57 }, 0x01 \
58 }
59
60 #define SYNT_SRVSVC_V3 \
61 { \
62 { \
63 0x4b324fc8, 0x1670, 0x01d3, \
64 { 0x12, 0x78, 0x5a, 0x47, \
65 0xbf, 0x6e, 0xe1, 0x88 } \
66 }, 0x03 \
67 }
68
69 #define SYNT_LSARPC_V0 \
70 { \
71 { \
72 0x12345778, 0x1234, 0xabcd, \
73 { 0xef, 0x00, 0x01, 0x23, \
74 0x45, 0x67, 0x89, 0xab } \
75 }, 0x00 \
76 }
77
78 #define SYNT_LSARPC_V0_DS \
79 { \
80 { \
81 0x3919286a, 0xb10c, 0x11d0, \
82 { 0x9b, 0xa8, 0x00, 0xc0, \
83 0x4f, 0xd9, 0x2e, 0xf5 } \
84 }, 0x00 \
85 }
86
87 #define SYNT_SAMR_V1 \
88 { \
89 { \
90 0x12345778, 0x1234, 0xabcd, \
91 { 0xef, 0x00, 0x01, 0x23, \
92 0x45, 0x67, 0x89, 0xac } \
93 }, 0x01 \
94 }
95
96 #define SYNT_NETLOGON_V1 \
97 { \
98 { \
99 0x12345678, 0x1234, 0xabcd, \
100 { 0xef, 0x00, 0x01, 0x23, \
101 0x45, 0x67, 0xcf, 0xfb } \
102 }, 0x01 \
103 }
104
105 #define SYNT_WINREG_V1 \
106 { \
107 { \
108 0x338cd001, 0x2244, 0x31f1, \
109 { 0xaa, 0xaa, 0x90, 0x00, \
110 0x38, 0x00, 0x10, 0x03 } \
111 }, 0x01 \
112 }
113
114 #define SYNT_SPOOLSS_V1 \
115 { \
116 { \
117 0x12345678, 0x1234, 0xabcd, \
118 { 0xef, 0x00, 0x01, 0x23, \
119 0x45, 0x67, 0x89, 0xab } \
120 }, 0x01 \
121 }
122
123 #define SYNT_NONE_V0 \
124 { \
125 { \
126 0x0, 0x0, 0x0, \
127 { 0x00, 0x00, 0x00, 0x00, \
128 0x00, 0x00, 0x00, 0x00 } \
129 }, 0x00 \
130 }
131
132 #define SYNT_NETDFS_V3 \
133 { \
134 { \
135 0x4fc742e0, 0x4a10, 0x11cf, \
136 { 0x82, 0x73, 0x00, 0xaa, \
137 0x00, 0x4a, 0xe6, 0x73 } \
138 }, 0x03 \
139 }
140
141 #define SYNT_ECHO_V1 \
142 { \
143 { \
144 0x60a15ec5, 0x4de8, 0x11d7, \
145 { 0xa6, 0x37, 0x00, 0x50, \
146 0x56, 0xa2, 0x01, 0x82 } \
147 }, 0x01 \
148 }
149
150 /*
151 * IMPORTANT!! If you update this structure, make sure to
152 * update the index #defines in smb.h.
153 */
154
155 const struct pipe_id_info pipe_names [] =
156 {
157 /* client pipe , abstract syntax , server pipe , transfer syntax */
158 { PIPE_LSARPC , SYNT_LSARPC_V0 , PIPE_LSASS , TRANS_SYNT_V2 },
159 { PIPE_LSARPC , SYNT_LSARPC_V0_DS , PIPE_LSASS , TRANS_SYNT_V2 },
160 { PIPE_SAMR , SYNT_SAMR_V1 , PIPE_LSASS , TRANS_SYNT_V2 },
161 { PIPE_NETLOGON, SYNT_NETLOGON_V1 , PIPE_LSASS , TRANS_SYNT_V2 },
162 { PIPE_SRVSVC , SYNT_SRVSVC_V3 , PIPE_NTSVCS , TRANS_SYNT_V2 },
163 { PIPE_WKSSVC , SYNT_WKSSVC_V1 , PIPE_NTSVCS , TRANS_SYNT_V2 },
164 { PIPE_WINREG , SYNT_WINREG_V1 , PIPE_WINREG , TRANS_SYNT_V2 },
165 { PIPE_SPOOLSS , SYNT_SPOOLSS_V1 , PIPE_SPOOLSS , TRANS_SYNT_V2 },
166 { PIPE_NETDFS , SYNT_NETDFS_V3 , PIPE_NETDFS , TRANS_SYNT_V2 },
167 { PIPE_ECHO , SYNT_ECHO_V1 , PIPE_ECHO , TRANS_SYNT_V2 },
168 { NULL , SYNT_NONE_V0 , NULL , SYNT_NONE_V0 }
169 };
170
171 /*******************************************************************
172 Inits an RPC_HDR structure.
173 ********************************************************************/
174
175 void init_rpc_hdr(RPC_HDR *hdr, enum RPC_PKT_TYPE pkt_type, uint8 flags,
176 uint32 call_id, int data_len, int auth_len)
177 {
178 hdr->major = 5; /* RPC version 5 */
179 hdr->minor = 0; /* minor version 0 */
180 hdr->pkt_type = pkt_type; /* RPC packet type */
181 hdr->flags = flags; /* dce/rpc flags */
182 hdr->pack_type[0] = 0x10; /* little-endian data representation */
183 hdr->pack_type[1] = 0; /* packed data representation */
184 hdr->pack_type[2] = 0; /* packed data representation */
185 hdr->pack_type[3] = 0; /* packed data representation */
186 hdr->frag_len = data_len; /* fragment length, fill in later */
187 hdr->auth_len = auth_len; /* authentication length */
188 hdr->call_id = call_id; /* call identifier - match incoming RPC */
189 }
190
191 /*******************************************************************
192 Reads or writes an RPC_HDR structure.
193 ********************************************************************/
194
195 BOOL smb_io_rpc_hdr(const char *desc, RPC_HDR *rpc, prs_struct *ps, int depth)
196 {
197 if (rpc == NULL)
198 return False;
199
200 prs_debug(ps, depth, desc, "smb_io_rpc_hdr");
201 depth++;
202
203 if(!prs_uint8 ("major ", ps, depth, &rpc->major))
204 return False;
205
206 if(!prs_uint8 ("minor ", ps, depth, &rpc->minor))
207 return False;
208 if(!prs_uint8 ("pkt_type ", ps, depth, &rpc->pkt_type))
209 return False;
210 if(!prs_uint8 ("flags ", ps, depth, &rpc->flags))
211 return False;
212
213 /* We always marshall in little endian format. */
214 if (MARSHALLING(ps))
215 rpc->pack_type[0] = 0x10;
216
217 if(!prs_uint8("pack_type0", ps, depth, &rpc->pack_type[0]))
218 return False;
219 if(!prs_uint8("pack_type1", ps, depth, &rpc->pack_type[1]))
220 return False;
221 if(!prs_uint8("pack_type2", ps, depth, &rpc->pack_type[2]))
222 return False;
223 if(!prs_uint8("pack_type3", ps, depth, &rpc->pack_type[3]))
224 return False;
225
226 /*
227 * If reading and pack_type[0] == 0 then the data is in big-endian
228 * format. Set the flag in the prs_struct to specify reverse-endainness.
229 */
230
231 if (UNMARSHALLING(ps) && rpc->pack_type[0] == 0) {
232 DEBUG(10,("smb_io_rpc_hdr: PDU data format is big-endian. Setting flag.\n"));
233 prs_set_endian_data(ps, RPC_BIG_ENDIAN);
234 }
235
236 if(!prs_uint16("frag_len ", ps, depth, &rpc->frag_len))
237 return False;
238 if(!prs_uint16("auth_len ", ps, depth, &rpc->auth_len))
239 return False;
240 if(!prs_uint32("call_id ", ps, depth, &rpc->call_id))
241 return False;
242 return True;
243 }
244
245 /*******************************************************************
246 Reads or writes an RPC_IFACE structure.
247 ********************************************************************/
248
249 static BOOL smb_io_rpc_iface(const char *desc, RPC_IFACE *ifc, prs_struct *ps, int depth)
250 {
251 if (ifc == NULL)
252 return False;
253
254 prs_debug(ps, depth, desc, "smb_io_rpc_iface");
255 depth++;
256
257 if(!prs_align(ps))
258 return False;
259
260 if(!prs_uint32 ("data ", ps, depth, &ifc->uuid.time_low))
261 return False;
262 if(!prs_uint16 ("data ", ps, depth, &ifc->uuid.time_mid))
263 return False;
264 if(!prs_uint16 ("data ", ps, depth, &ifc->uuid.time_hi_and_version))
265 return False;
266
267 if(!prs_uint8s (False, "data ", ps, depth, ifc->uuid.remaining, sizeof(ifc->uuid.remaining)))
268 return False;
269 if(!prs_uint32 ( "version", ps, depth, &ifc->version))
270 return False;
271
272 return True;
273 }
274
275 /*******************************************************************
276 Inits an RPC_ADDR_STR structure.
277 ********************************************************************/
278
279 static void init_rpc_addr_str(RPC_ADDR_STR *str, const char *name)
280 {
281 str->len = strlen(name) + 1;
282 fstrcpy(str->str, name);
283 }
284
285 /*******************************************************************
286 Reads or writes an RPC_ADDR_STR structure.
287 ********************************************************************/
288
289 static BOOL smb_io_rpc_addr_str(const char *desc, RPC_ADDR_STR *str, prs_struct *ps, int depth)
290 {
291 if (str == NULL)
292 return False;
293
294 prs_debug(ps, depth, desc, "smb_io_rpc_addr_str");
295 depth++;
296 if(!prs_align(ps))
297 return False;
298
299 if(!prs_uint16 ( "len", ps, depth, &str->len))
300 return False;
301 if(!prs_uint8s (True, "str", ps, depth, (uchar*)str->str, MIN(str->len, sizeof(str->str)) ))
302 return False;
303 return True;
304 }
305
306 /*******************************************************************
307 Inits an RPC_HDR_BBA structure.
308 ********************************************************************/
309
310 static void init_rpc_hdr_bba(RPC_HDR_BBA *bba, uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid)
311 {
312 bba->max_tsize = max_tsize; /* maximum transmission fragment size (0x1630) */
313 bba->max_rsize = max_rsize; /* max receive fragment size (0x1630) */
314 bba->assoc_gid = assoc_gid; /* associated group id (0x0) */
315 }
316
317 /*******************************************************************
318 Reads or writes an RPC_HDR_BBA structure.
319 ********************************************************************/
320
321 static BOOL smb_io_rpc_hdr_bba(const char *desc, RPC_HDR_BBA *rpc, prs_struct *ps, int depth)
322 {
323 if (rpc == NULL)
324 return False;
325
326 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_bba");
327 depth++;
328
329 if(!prs_uint16("max_tsize", ps, depth, &rpc->max_tsize))
330 return False;
331 if(!prs_uint16("max_rsize", ps, depth, &rpc->max_rsize))
332 return False;
333 if(!prs_uint32("assoc_gid", ps, depth, &rpc->assoc_gid))
334 return False;
335 return True;
336 }
337
338 /*******************************************************************
339 Inits an RPC_HDR_RB structure.
340 ********************************************************************/
341
342 void init_rpc_hdr_rb(RPC_HDR_RB *rpc,
343 uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
344 uint32 num_elements, uint16 context_id, uint8 num_syntaxes,
345 RPC_IFACE *abstract, RPC_IFACE *transfer)
346 {
347 init_rpc_hdr_bba(&rpc->bba, max_tsize, max_rsize, assoc_gid);
348
349 rpc->num_elements = num_elements ; /* the number of elements (0x1) */
350 rpc->context_id = context_id ; /* presentation context identifier (0x0) */
351 rpc->num_syntaxes = num_syntaxes ; /* the number of syntaxes (has always been 1?)(0x1) */
352
353 /* num and vers. of interface client is using */
354 rpc->abstract = *abstract;
355
356 /* num and vers. of interface to use for replies */
357 rpc->transfer = *transfer;
358 }
359
360 /*******************************************************************
361 Reads or writes an RPC_HDR_RB structure.
362 ********************************************************************/
363
364 BOOL smb_io_rpc_hdr_rb(const char *desc, RPC_HDR_RB *rpc, prs_struct *ps, int depth)
365 {
366 if (rpc == NULL)
367 return False;
368
369 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_rb");
370 depth++;
371
372 if(!smb_io_rpc_hdr_bba("", &rpc->bba, ps, depth))
373 return False;
374
375 if(!prs_uint32("num_elements", ps, depth, &rpc->num_elements))
376 return False;
377 if(!prs_uint16("context_id ", ps, depth, &rpc->context_id ))
378 return False;
379 if(!prs_uint8 ("num_syntaxes", ps, depth, &rpc->num_syntaxes))
380 return False;
381
382 if(!smb_io_rpc_iface("", &rpc->abstract, ps, depth))
383 return False;
384 if(!smb_io_rpc_iface("", &rpc->transfer, ps, depth))
385 return False;
386
387 return True;
388 }
389
390 /*******************************************************************
391 Inits an RPC_RESULTS structure.
392
393 lkclXXXX only one reason at the moment!
394 ********************************************************************/
395
396 static void init_rpc_results(RPC_RESULTS *res,
397 uint8 num_results, uint16 result, uint16 reason)
398 {
399 res->num_results = num_results; /* the number of results (0x01) */
400 res->result = result ; /* result (0x00 = accept) */
401 res->reason = reason ; /* reason (0x00 = no reason specified) */
402 }
403
404 /*******************************************************************
405 Reads or writes an RPC_RESULTS structure.
406
407 lkclXXXX only one reason at the moment!
408 ********************************************************************/
409
410 static BOOL smb_io_rpc_results(const char *desc, RPC_RESULTS *res, prs_struct *ps, int depth)
411 {
412 if (res == NULL)
413 return False;
414
415 prs_debug(ps, depth, desc, "smb_io_rpc_results");
416 depth++;
417
418 if(!prs_align(ps))
419 return False;
420
421 if(!prs_uint8 ("num_results", ps, depth, &res->num_results))
422 return False;
423
424 if(!prs_align(ps))
425 return False;
426
427 if(!prs_uint16("result ", ps, depth, &res->result))
428 return False;
429 if(!prs_uint16("reason ", ps, depth, &res->reason))
430 return False;
431 return True;
432 }
433
434 /*******************************************************************
435 Init an RPC_HDR_BA structure.
436
437 lkclXXXX only one reason at the moment!
438
439 ********************************************************************/
440
441 void init_rpc_hdr_ba(RPC_HDR_BA *rpc,
442 uint16 max_tsize, uint16 max_rsize, uint32 assoc_gid,
443 const char *pipe_addr,
444 uint8 num_results, uint16 result, uint16 reason,
445 RPC_IFACE *transfer)
446 {
447 init_rpc_hdr_bba (&rpc->bba, max_tsize, max_rsize, assoc_gid);
448 init_rpc_addr_str(&rpc->addr, pipe_addr);
449 init_rpc_results (&rpc->res, num_results, result, reason);
450
451 /* the transfer syntax from the request */
452 memcpy(&rpc->transfer, transfer, sizeof(rpc->transfer));
453 }
454
455 /*******************************************************************
456 Reads or writes an RPC_HDR_BA structure.
457 ********************************************************************/
458
459 BOOL smb_io_rpc_hdr_ba(const char *desc, RPC_HDR_BA *rpc, prs_struct *ps, int depth)
460 {
461 if (rpc == NULL)
462 return False;
463
464 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_ba");
465 depth++;
466
467 if(!smb_io_rpc_hdr_bba("", &rpc->bba, ps, depth))
468 return False;
469 if(!smb_io_rpc_addr_str("", &rpc->addr, ps, depth))
470 return False;
471 if(!smb_io_rpc_results("", &rpc->res, ps, depth))
472 return False;
473 if(!smb_io_rpc_iface("", &rpc->transfer, ps, depth))
474 return False;
475 return True;
476 }
477
478 /*******************************************************************
479 Init an RPC_HDR_REQ structure.
480 ********************************************************************/
481
482 void init_rpc_hdr_req(RPC_HDR_REQ *hdr, uint32 alloc_hint, uint16 opnum)
483 {
484 hdr->alloc_hint = alloc_hint; /* allocation hint */
485 hdr->context_id = 0; /* presentation context identifier */
486 hdr->opnum = opnum; /* opnum */
487 }
488
489 /*******************************************************************
490 Reads or writes an RPC_HDR_REQ structure.
491 ********************************************************************/
492
493 BOOL smb_io_rpc_hdr_req(const char *desc, RPC_HDR_REQ *rpc, prs_struct *ps, int depth)
494 {
495 if (rpc == NULL)
496 return False;
497
498 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_req");
499 depth++;
500
501 if(!prs_uint32("alloc_hint", ps, depth, &rpc->alloc_hint))
502 return False;
503 if(!prs_uint16("context_id", ps, depth, &rpc->context_id))
504 return False;
505 if(!prs_uint16("opnum ", ps, depth, &rpc->opnum))
506 return False;
507 return True;
508 }
509
510 /*******************************************************************
511 Reads or writes an RPC_HDR_RESP structure.
512 ********************************************************************/
513
514 BOOL smb_io_rpc_hdr_resp(const char *desc, RPC_HDR_RESP *rpc, prs_struct *ps, int depth)
515 {
516 if (rpc == NULL)
517 return False;
518
519 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_resp");
520 depth++;
521
522 if(!prs_uint32("alloc_hint", ps, depth, &rpc->alloc_hint))
523 return False;
524 if(!prs_uint16("context_id", ps, depth, &rpc->context_id))
525 return False;
526 if(!prs_uint8 ("cancel_ct ", ps, depth, &rpc->cancel_count))
527 return False;
528 if(!prs_uint8 ("reserved ", ps, depth, &rpc->reserved))
529 return False;
530 return True;
531 }
532
533 /*******************************************************************
534 Reads or writes an RPC_HDR_FAULT structure.
535 ********************************************************************/
536
537 BOOL smb_io_rpc_hdr_fault(const char *desc, RPC_HDR_FAULT *rpc, prs_struct *ps, int depth)
538 {
539 if (rpc == NULL)
540 return False;
541
542 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_fault");
543 depth++;
544
545 if(!prs_ntstatus("status ", ps, depth, &rpc->status))
546 return False;
547 if(!prs_uint32("reserved", ps, depth, &rpc->reserved))
548 return False;
549
550 return True;
551 }
552
553 /*******************************************************************
554 Init an RPC_HDR_AUTHA structure.
555 ********************************************************************/
556
557 void init_rpc_hdr_autha(RPC_HDR_AUTHA *rai,
558 uint16 max_tsize, uint16 max_rsize,
559 uint8 auth_type, uint8 auth_level,
560 uint8 stub_type_len)
561 {
562 rai->max_tsize = max_tsize; /* maximum transmission fragment size (0x1630) */
563 rai->max_rsize = max_rsize; /* max receive fragment size (0x1630) */
564
565 rai->auth_type = auth_type; /* nt lm ssp 0x0a */
566 rai->auth_level = auth_level; /* 0x06 */
567 rai->stub_type_len = stub_type_len; /* 0x00 */
568 rai->padding = 0; /* padding 0x00 */
569
570 rai->unknown = 0x0014a0c0; /* non-zero pointer to something */
571 }
572
573 /*******************************************************************
574 Reads or writes an RPC_HDR_AUTHA structure.
575 ********************************************************************/
576
577 BOOL smb_io_rpc_hdr_autha(const char *desc, RPC_HDR_AUTHA *rai, prs_struct *ps, int depth)
578 {
579 if (rai == NULL)
580 return False;
581
582 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_autha");
583 depth++;
584
585 if(!prs_uint16("max_tsize ", ps, depth, &rai->max_tsize))
586 return False;
587 if(!prs_uint16("max_rsize ", ps, depth, &rai->max_rsize))
588 return False;
589
590 if(!prs_uint8 ("auth_type ", ps, depth, &rai->auth_type)) /* 0x0a nt lm ssp */
591 return False;
592 if(!prs_uint8 ("auth_level ", ps, depth, &rai->auth_level)) /* 0x06 */
593 return False;
594 if(!prs_uint8 ("stub_type_len", ps, depth, &rai->stub_type_len))
595 return False;
596 if(!prs_uint8 ("padding ", ps, depth, &rai->padding))
597 return False;
598
599 if(!prs_uint32("unknown ", ps, depth, &rai->unknown)) /* 0x0014a0c0 */
600 return False;
601
602 return True;
603 }
604
605 /*******************************************************************
606 Inits an RPC_HDR_AUTH structure.
607 ********************************************************************/
608
609 void init_rpc_hdr_auth(RPC_HDR_AUTH *rai,
610 uint8 auth_type, uint8 auth_level,
611 uint8 padding,
612 uint32 ptr)
613 {
614 rai->auth_type = auth_type; /* nt lm ssp 0x0a */
615 rai->auth_level = auth_level; /* 0x06 */
616 rai->padding = padding;
617 rai->reserved = 0;
618
619 rai->auth_context = ptr; /* non-zero pointer to something */
620 }
621
622 /*******************************************************************
623 Reads or writes an RPC_HDR_AUTH structure.
624 ********************************************************************/
625
626 BOOL smb_io_rpc_hdr_auth(const char *desc, RPC_HDR_AUTH *rai, prs_struct *ps, int depth)
627 {
628 if (rai == NULL)
629 return False;
630
631 prs_debug(ps, depth, desc, "smb_io_rpc_hdr_auth");
632 depth++;
633
634 if(!prs_align(ps))
635 return False;
636
637 if(!prs_uint8 ("auth_type ", ps, depth, &rai->auth_type)) /* 0x0a nt lm ssp */
638 return False;
639 if(!prs_uint8 ("auth_level ", ps, depth, &rai->auth_level)) /* 0x06 */
640 return False;
641 if(!prs_uint8 ("padding ", ps, depth, &rai->padding))
642 return False;
643 if(!prs_uint8 ("reserved ", ps, depth, &rai->reserved))
644 return False;
645 if(!prs_uint32("auth_context ", ps, depth, &rai->auth_context))
646 return False;
647
648 return True;
649 }
650
651 /*******************************************************************
652 Checks an RPC_AUTH_VERIFIER structure.
653 ********************************************************************/
654
655 BOOL rpc_auth_verifier_chk(RPC_AUTH_VERIFIER *rav,
656 const char *signature, uint32 msg_type)
657 {
658 return (strequal(rav->signature, signature) && rav->msg_type == msg_type);
659 }
660
661 /*******************************************************************
662 Inits an RPC_AUTH_VERIFIER structure.
663 ********************************************************************/
664
665 void init_rpc_auth_verifier(RPC_AUTH_VERIFIER *rav,
666 const char *signature, uint32 msg_type)
667 {
668 fstrcpy(rav->signature, signature); /* "NTLMSSP" */
669 rav->msg_type = msg_type; /* NTLMSSP_MESSAGE_TYPE */
670 }
671
672 /*******************************************************************
673 Reads or writes an RPC_AUTH_VERIFIER structure.
674 ********************************************************************/
675
676 BOOL smb_io_rpc_auth_verifier(const char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps, int depth)
677 {
678 if (rav == NULL)
679 return False;
680
681 prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier");
682 depth++;
683
684 /* "NTLMSSP" */
685 if(!prs_string("signature", ps, depth, rav->signature,
686 sizeof(rav->signature)))
687 return False;
688 if(!prs_uint32("msg_type ", ps, depth, &rav->msg_type)) /* NTLMSSP_MESSAGE_TYPE */
689 return False;
690
691 return True;
692 }
693
694 /*******************************************************************
695 This parses an RPC_AUTH_VERIFIER for NETLOGON schannel. I think
696 assuming "NTLMSSP" in sm_io_rpc_auth_verifier is somewhat wrong.
697 I have to look at that later...
698 ********************************************************************/
699
700 BOOL smb_io_rpc_netsec_verifier(const char *desc, RPC_AUTH_VERIFIER *rav, prs_struct *ps, int depth)
701 {
702 if (rav == NULL)
703 return False;
704
705 prs_debug(ps, depth, desc, "smb_io_rpc_auth_verifier");
706 depth++;
707
708 if(!prs_string("signature", ps, depth, rav->signature, sizeof(rav->signature)))
709 return False;
710 if(!prs_uint32("msg_type ", ps, depth, &rav->msg_type))
711 return False;
712
713 return True;
714 }
715
716 /*******************************************************************
717 Inits an RPC_AUTH_NTLMSSP_NEG structure.
718 ********************************************************************/
719
720 void init_rpc_auth_ntlmssp_neg(RPC_AUTH_NTLMSSP_NEG *neg,
721 uint32 neg_flgs,
722 const char *myname, const char *domain)
723 {
724 int len_myname = strlen(myname);
725 int len_domain = strlen(domain);
726
727 neg->neg_flgs = neg_flgs ; /* 0x00b2b3 */
728
729 init_str_hdr(&neg->hdr_domain, len_domain, len_domain, 0x20 + len_myname);
730 init_str_hdr(&neg->hdr_myname, len_myname, len_myname, 0x20);
731
732 fstrcpy(neg->myname, myname);
733 fstrcpy(neg->domain, domain);
734 }
735
736 /*******************************************************************
737 Reads or writes an RPC_AUTH_NTLMSSP_NEG structure.
738
739 *** lkclXXXX HACK ALERT! ***
740 ********************************************************************/
741
742 BOOL smb_io_rpc_auth_ntlmssp_neg(const char *desc, RPC_AUTH_NTLMSSP_NEG *neg, prs_struct *ps, int depth)
743 {
744 uint32 start_offset = prs_offset(ps);
745 if (neg == NULL)
746 return False;
747
748 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_neg");
749 depth++;
750
751 if(!prs_uint32("neg_flgs ", ps, depth, &neg->neg_flgs))
752 return False;
753
754 if (ps->io) {
755 uint32 old_offset;
756 uint32 old_neg_flags = neg->neg_flgs;
757
758 /* reading */
759
760 ZERO_STRUCTP(neg);
761
762 neg->neg_flgs = old_neg_flags;
763
764 if(!smb_io_strhdr("hdr_domain", &neg->hdr_domain, ps, depth))
765 return False;
766 if(!smb_io_strhdr("hdr_myname", &neg->hdr_myname, ps, depth))
767 return False;
768
769 old_offset = prs_offset(ps);
770
771 if(!prs_set_offset(ps, neg->hdr_myname.buffer + start_offset - 12))
772 return False;
773
774 if(!prs_uint8s(True, "myname", ps, depth, (uint8*)neg->myname,
775 MIN(neg->hdr_myname.str_str_len, sizeof(neg->myname))))
776 return False;
777
778 old_offset += neg->hdr_myname.str_str_len;
779
780 if(!prs_set_offset(ps, neg->hdr_domain.buffer + start_offset - 12))
781 return False;
782
783 if(!prs_uint8s(True, "domain", ps, depth, (uint8*)neg->domain,
784 MIN(neg->hdr_domain.str_str_len, sizeof(neg->domain ))))
785 return False;
786
787 old_offset += neg->hdr_domain .str_str_len;
788
789 if(!prs_set_offset(ps, old_offset))
790 return False;
791 } else {
792 /* writing */
793 if(!smb_io_strhdr("hdr_domain", &neg->hdr_domain, ps, depth))
794 return False;
795 if(!smb_io_strhdr("hdr_myname", &neg->hdr_myname, ps, depth))
796 return False;
797
798 if(!prs_uint8s(True, "myname", ps, depth, (uint8*)neg->myname,
799 MIN(neg->hdr_myname.str_str_len, sizeof(neg->myname))))
800 return False;
801 if(!prs_uint8s(True, "domain", ps, depth, (uint8*)neg->domain,
802 MIN(neg->hdr_domain.str_str_len, sizeof(neg->domain ))))
803 return False;
804 }
805
806 return True;
807 }
808
809 /*******************************************************************
810 creates an RPC_AUTH_NTLMSSP_CHAL structure.
811 ********************************************************************/
812
813 void init_rpc_auth_ntlmssp_chal(RPC_AUTH_NTLMSSP_CHAL *chl,
814 uint32 neg_flags,
815 uint8 challenge[8])
816 {
817 chl->unknown_1 = 0x0;
818 chl->unknown_2 = 0x00000028;
819 chl->neg_flags = neg_flags; /* 0x0082b1 */
820
821 memcpy(chl->challenge, challenge, sizeof(chl->challenge));
822 memset((char *)chl->reserved , '\0', sizeof(chl->reserved));
823 }
824
825 /*******************************************************************
826 Reads or writes an RPC_AUTH_NTLMSSP_CHAL structure.
827 ********************************************************************/
828
829 BOOL smb_io_rpc_auth_ntlmssp_chal(const char *desc, RPC_AUTH_NTLMSSP_CHAL *chl, prs_struct *ps, int depth)
830 {
831 if (chl == NULL)
832 return False;
833
834 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chal");
835 depth++;
836
837 if(!prs_uint32("unknown_1", ps, depth, &chl->unknown_1)) /* 0x0000 0000 */
838 return False;
839 if(!prs_uint32("unknown_2", ps, depth, &chl->unknown_2)) /* 0x0000 b2b3 */
840 return False;
841 if(!prs_uint32("neg_flags", ps, depth, &chl->neg_flags)) /* 0x0000 82b1 */
842 return False;
843
844 if(!prs_uint8s (False, "challenge", ps, depth, chl->challenge, sizeof(chl->challenge)))
845 return False;
846 if(!prs_uint8s (False, "reserved ", ps, depth, chl->reserved , sizeof(chl->reserved )))
847 return False;
848
849 return True;
850 }
851
852 /*******************************************************************
853 Inits an RPC_AUTH_NTLMSSP_RESP structure.
854
855 *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
856 *** lkclXXXX the actual offset is at the start of the auth verifier ***
857 ********************************************************************/
858
859 void init_rpc_auth_ntlmssp_resp(RPC_AUTH_NTLMSSP_RESP *rsp,
860 uchar lm_resp[24], uchar nt_resp[24],
861 const char *domain, const char *user, const char *wks,
862 uint32 neg_flags)
863 {
864 uint32 offset;
865 int dom_len = strlen(domain);
866 int wks_len = strlen(wks);
867 int usr_len = strlen(user);
868 int lm_len = (lm_resp != NULL) ? 24 : 0;
869 int nt_len = (nt_resp != NULL) ? 24 : 0;
870
871 DEBUG(5,("make_rpc_auth_ntlmssp_resp\n"));
872
873 #ifdef DEBUG_PASSWORD
874 DEBUG(100,("lm_resp\n"));
875 dump_data(100, (char *)lm_resp, 24);
876 DEBUG(100,("nt_resp\n"));
877 dump_data(100, (char *)nt_resp, 24);
878 #endif
879
880 DEBUG(6,("dom: %s user: %s wks: %s neg_flgs: 0x%x\n",
881 domain, user, wks, neg_flags));
882
883 offset = 0x40;
884
885 if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) {
886 dom_len *= 2;
887 wks_len *= 2;
888 usr_len *= 2;
889 }
890
891 init_str_hdr(&rsp->hdr_domain, dom_len, dom_len, offset);
892 offset += dom_len;
893
894 init_str_hdr(&rsp->hdr_usr, usr_len, usr_len, offset);
895 offset += usr_len;
896
897 init_str_hdr(&rsp->hdr_wks, wks_len, wks_len, offset);
898 offset += wks_len;
899
900 init_str_hdr(&rsp->hdr_lm_resp, lm_len, lm_len, offset);
901 offset += lm_len;
902
903 init_str_hdr(&rsp->hdr_nt_resp, nt_len, nt_len, offset);
904 offset += nt_len;
905
906 init_str_hdr(&rsp->hdr_sess_key, 0, 0, offset);
907
908 rsp->neg_flags = neg_flags;
909
910 memcpy(rsp->lm_resp, lm_resp, 24);
911 memcpy(rsp->nt_resp, nt_resp, 24);
912
913 if (neg_flags & NTLMSSP_NEGOTIATE_UNICODE) {
914 rpcstr_push(rsp->domain, domain, sizeof(rsp->domain), 0);
915 rpcstr_push(rsp->user, user, sizeof(rsp->user), 0);
916 rpcstr_push(rsp->wks, wks, sizeof(rsp->wks), 0);
917 } else {
918 fstrcpy(rsp->domain, domain);
919 fstrcpy(rsp->user, user);
920 fstrcpy(rsp->wks, wks);
921 }
922
923 rsp->sess_key[0] = 0;
924 }
925
926 /*******************************************************************
927 Reads or writes an RPC_AUTH_NTLMSSP_RESP structure.
928
929 *** lkclXXXX FUDGE! HAVE TO MANUALLY SPECIFY OFFSET HERE (0x1c bytes) ***
930 *** lkclXXXX the actual offset is at the start of the auth verifier ***
931 ********************************************************************/
932
933 BOOL smb_io_rpc_auth_ntlmssp_resp(const char *desc, RPC_AUTH_NTLMSSP_RESP *rsp, prs_struct *ps, int depth)
934 {
935 if (rsp == NULL)
936 return False;
937
938 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_resp");
939 depth++;
940
941 if (ps->io) {
942 uint32 old_offset;
943
944 /* reading */
945
946 ZERO_STRUCTP(rsp);
947
948 if(!smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp, ps, depth))
949 return False;
950 if(!smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp, ps, depth))
951 return False;
952 if(!smb_io_strhdr("hdr_domain ", &rsp->hdr_domain, ps, depth))
953 return False;
954 if(!smb_io_strhdr("hdr_user ", &rsp->hdr_usr, ps, depth))
955 return False;
956 if(!smb_io_strhdr("hdr_wks ", &rsp->hdr_wks, ps, depth))
957 return False;
958 if(!smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth))
959 return False;
960
961 if(!prs_uint32("neg_flags", ps, depth, &rsp->neg_flags)) /* 0x0000 82b1 */
962 return False;
963
964 old_offset = prs_offset(ps);
965
966 if(!prs_set_offset(ps, rsp->hdr_domain.buffer + 0xc))
967 return False;
968
969 if(!prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain,
970 MIN(rsp->hdr_domain.str_str_len, sizeof(rsp->domain))))
971 return False;
972
973 old_offset += rsp->hdr_domain.str_str_len;
974
975 if(!prs_set_offset(ps, rsp->hdr_usr.buffer + 0xc))
976 return False;
977
978 if(!prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user,
979 MIN(rsp->hdr_usr.str_str_len, sizeof(rsp->user))))
980 return False;
981
982 old_offset += rsp->hdr_usr.str_str_len;
983
984 if(!prs_set_offset(ps, rsp->hdr_wks.buffer + 0xc))
985 return False;
986
987 if(!prs_uint8s(True, "wks ", ps, depth, (uint8*)rsp->wks,
988 MIN(rsp->hdr_wks.str_str_len, sizeof(rsp->wks))))
989 return False;
990
991 old_offset += rsp->hdr_wks.str_str_len;
992
993 if(!prs_set_offset(ps, rsp->hdr_lm_resp.buffer + 0xc))
994 return False;
995
996 if(!prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp,
997 MIN(rsp->hdr_lm_resp.str_str_len, sizeof(rsp->lm_resp ))))
998 return False;
999
1000 old_offset += rsp->hdr_lm_resp.str_str_len;
1001
1002 if(!prs_set_offset(ps, rsp->hdr_nt_resp.buffer + 0xc))
1003 return False;
1004
1005 if(!prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp,
1006 MIN(rsp->hdr_nt_resp.str_str_len, sizeof(rsp->nt_resp ))))
1007 return False;
1008
1009 old_offset += rsp->hdr_nt_resp.str_str_len;
1010
1011 if (rsp->hdr_sess_key.str_str_len != 0) {
1012
1013 if(!prs_set_offset(ps, rsp->hdr_sess_key.buffer + 0x10))
1014 return False;
1015
1016 old_offset += rsp->hdr_sess_key.str_str_len;
1017
1018 if(!prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key,
1019 MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key))))
1020 return False;
1021 }
1022
1023 if(!prs_set_offset(ps, old_offset))
1024 return False;
1025 } else {
1026 /* writing */
1027 if(!smb_io_strhdr("hdr_lm_resp ", &rsp->hdr_lm_resp, ps, depth))
1028 return False;
1029 if(!smb_io_strhdr("hdr_nt_resp ", &rsp->hdr_nt_resp, ps, depth))
1030 return False;
1031 if(!smb_io_strhdr("hdr_domain ", &rsp->hdr_domain, ps, depth))
1032 return False;
1033 if(!smb_io_strhdr("hdr_user ", &rsp->hdr_usr, ps, depth))
1034 return False;
1035 if(!smb_io_strhdr("hdr_wks ", &rsp->hdr_wks, ps, depth))
1036 return False;
1037 if(!smb_io_strhdr("hdr_sess_key", &rsp->hdr_sess_key, ps, depth))
1038 return False;
1039
1040 if(!prs_uint32("neg_flags", ps, depth, &rsp->neg_flags)) /* 0x0000 82b1 */
1041 return False;
1042
1043 if(!prs_uint8s(True , "domain ", ps, depth, (uint8*)rsp->domain,
1044 MIN(rsp->hdr_domain.str_str_len, sizeof(rsp->domain))))
1045 return False;
1046
1047 if(!prs_uint8s(True , "user ", ps, depth, (uint8*)rsp->user,
1048 MIN(rsp->hdr_usr.str_str_len, sizeof(rsp->user))))
1049 return False;
1050
1051 if(!prs_uint8s(True , "wks ", ps, depth, (uint8*)rsp->wks,
1052 MIN(rsp->hdr_wks.str_str_len, sizeof(rsp->wks))))
1053 return False;
1054 if(!prs_uint8s(False, "lm_resp ", ps, depth, (uint8*)rsp->lm_resp,
1055 MIN(rsp->hdr_lm_resp .str_str_len, sizeof(rsp->lm_resp))))
1056 return False;
1057 if(!prs_uint8s(False, "nt_resp ", ps, depth, (uint8*)rsp->nt_resp,
1058 MIN(rsp->hdr_nt_resp .str_str_len, sizeof(rsp->nt_resp ))))
1059 return False;
1060 if(!prs_uint8s(False, "sess_key", ps, depth, (uint8*)rsp->sess_key,
1061 MIN(rsp->hdr_sess_key.str_str_len, sizeof(rsp->sess_key))))
1062 return False;
1063 }
1064
1065 return True;
1066 }
1067
1068 /*******************************************************************
1069 Checks an RPC_AUTH_NTLMSSP_CHK structure.
1070 ********************************************************************/
1071
1072 BOOL rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk, uint32 crc32, uint32 seq_num)
1073 {
1074 if (chk == NULL)
1075 return False;
1076
1077 if (chk->crc32 != crc32 ||
1078 chk->ver != NTLMSSP_SIGN_VERSION ||
1079 chk->seq_num != seq_num)
1080 {
1081 DEBUG(5,("verify failed - crc %x ver %x seq %d\n",
1082 chk->crc32, chk->ver, chk->seq_num));
1083
1084 DEBUG(5,("verify expect - crc %x ver %x seq %d\n",
1085 crc32, NTLMSSP_SIGN_VERSION, seq_num));
1086 return False;
1087 }
1088 return True;
1089 }
1090
1091 /*******************************************************************
1092 Inits an RPC_AUTH_NTLMSSP_CHK structure.
1093 ********************************************************************/
1094
1095 void init_rpc_auth_ntlmssp_chk(RPC_AUTH_NTLMSSP_CHK *chk,
1096 uint32 ver, uint32 crc32, uint32 seq_num)
1097 {
1098 chk->ver = ver;
1099 chk->reserved = 0x0;
1100 chk->crc32 = crc32;
1101 chk->seq_num = seq_num;
1102 }
1103
1104 /*******************************************************************
1105 Reads or writes an RPC_AUTH_NTLMSSP_CHK structure.
1106 ********************************************************************/
1107
1108 BOOL smb_io_rpc_auth_ntlmssp_chk(const char *desc, RPC_AUTH_NTLMSSP_CHK *chk, prs_struct *ps, int depth)
1109 {
1110 if (chk == NULL)
1111 return False;
1112
1113 prs_debug(ps, depth, desc, "smb_io_rpc_auth_ntlmssp_chk");
1114 depth++;
1115
1116 if(!prs_align(ps))
1117 return False;
1118
1119 if(!prs_uint32("ver ", ps, depth, &chk->ver))
1120 return False;
1121 if(!prs_uint32("reserved", ps, depth, &chk->reserved))
1122 return False;
1123 if(!prs_uint32("crc32 ", ps, depth, &chk->crc32))
1124 return False;
1125 if(!prs_uint32("seq_num ", ps, depth, &chk->seq_num))
1126 return False;
1127
1128 return True;
1129 }
1130
1131 /*******************************************************************
1132 creates an RPC_AUTH_NETSEC_NEG structure.
1133 ********************************************************************/
1134 void init_rpc_auth_netsec_neg(RPC_AUTH_NETSEC_NEG *neg,
1135 const char *domain, const char *myname)
1136 {
1137 neg->type1 = 0;
1138 neg->type2 = 0x3;
1139 fstrcpy(neg->domain, domain);
1140 fstrcpy(neg->myname, myname);
1141 }
1142
1143 /*******************************************************************
1144 Reads or writes an RPC_AUTH_NETSEC_NEG structure.
1145 ********************************************************************/
1146
1147 BOOL smb_io_rpc_auth_netsec_neg(const char *desc, RPC_AUTH_NETSEC_NEG *neg,
1148 prs_struct *ps, int depth)
1149 {
1150 if (neg == NULL)
1151 return False;
1152
1153 prs_debug(ps, depth, desc, "smb_io_rpc_auth_netsec_neg");
1154 depth++;
1155
1156 if(!prs_align(ps))
1157 return False;
1158
1159 if(!prs_uint32("type1", ps, depth, &neg->type1))
1160 return False;
1161 if(!prs_uint32("type2", ps, depth, &neg->type2))
1162 return False;
1163 if(!prs_string("domain ", ps, depth, neg->domain, sizeof(neg->domain)))
1164 return False;
1165 if(!prs_string("myname ", ps, depth, neg->myname, sizeof(neg->myname)))
1166 return False;
1167
1168 return True;
1169 }
1170
1171
1172 /*******************************************************************
1173 creates an RPC_AUTH_NETSEC_CHK structure.
1174 ********************************************************************/
1175 BOOL init_rpc_auth_netsec_chk(RPC_AUTH_NETSEC_CHK * chk,
1176 const uchar sig[8],
1177 const uchar packet_digest[8],
1178 const uchar seq_num[8], const uchar data8[8])
1179 {
1180 if (chk == NULL)
1181 return False;
1182
1183 memcpy(chk->sig, sig, sizeof(chk->sig));
1184 memcpy(chk->packet_digest, packet_digest, sizeof(chk->packet_digest));
1185 memcpy(chk->seq_num, seq_num, sizeof(chk->seq_num));
1186 memcpy(chk->data8, data8, sizeof(chk->data8));
1187
1188 return True;
1189 }
1190
1191 /*******************************************************************
1192 reads or writes an RPC_AUTH_NETSEC_CHK structure.
1193 ********************************************************************/
1194 BOOL smb_io_rpc_auth_netsec_chk(const char *desc, RPC_AUTH_NETSEC_CHK * chk,
1195 prs_struct *ps, int depth)
1196 {
1197 if (chk == NULL)
1198 return False;
1199
1200 prs_debug(ps, depth, desc, "smb_io_rpc_auth_netsec_chk");
1201 depth++;
1202
1203 prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig));
1204 prs_uint8s(False, "seq_num", ps, depth, chk->seq_num, sizeof(chk->seq_num));
1205 prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest, sizeof(chk->packet_digest));
1206 prs_uint8s(False, "data8", ps, depth, chk->data8, sizeof(chk->data8));
1207
1208 return True;
1209 }
1210
Samba GIT mirror