search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
This commit was manufactured by cvs2svn to create tag
[Samba/gbeck.git] / source / rpc_server / srv_pipe.c
blob1ad4cb6b9e649e94f69cd02280171dd008d54043
1
2 /*
3 * Unix SMB/Netbios implementation.
4 * Version 1.9.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1998
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
8 * Copyright (C) Paul Ashton 1997-1998.
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 */
24
25 /* this module apparently provides an implementation of DCE/RPC over a
26 * named pipe (IPC$ connection using SMBtrans). details of DCE/RPC
27 * documentation are available (in on-line form) from the X-Open group.
28 *
29 * this module should provide a level of abstraction between SMB
30 * and DCE/RPC, while minimising the amount of mallocs, unnecessary
31 * data copies, and network traffic.
32 *
33 * in this version, which takes a "let's learn what's going on and
34 * get something running" approach, there is additional network
35 * traffic generated, but the code should be easier to understand...
36 *
37 * ... if you read the docs. or stare at packets for weeks on end.
38 *
39 */
40
41 #include "includes.h"
42 #include "nterr.h"
43
44 extern int DEBUGLEVEL;
45
46 static void NTLMSSPcalc_p( pipes_struct *p, unsigned char *data, int len)
47 {
48 unsigned char *hash = p->ntlmssp_hash;
49 unsigned char index_i = hash[256];
50 unsigned char index_j = hash[257];
51 int ind;
52
53 for( ind = 0; ind < len; ind++)
54 {
55 unsigned char tc;
56 unsigned char t;
57
58 index_i++;
59 index_j += hash[index_i];
60
61 tc = hash[index_i];
62 hash[index_i] = hash[index_j];
63 hash[index_j] = tc;
64
65 t = hash[index_i] + hash[index_j];
66 data[ind] = data[ind] ^ hash[t];
67 }
68
69 hash[256] = index_i;
70 hash[257] = index_j;
71 }
72
73 /*******************************************************************
74 turns a DCE/RPC request into a DCE/RPC reply
75
76 this is where the data really should be split up into an array of
77 headers and data sections.
78
79 ********************************************************************/
80 BOOL create_rpc_reply(pipes_struct *p,
81 uint32 data_start, uint32 data_end)
82 {
83 char *data;
84 BOOL auth_verify = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SIGN);
85 BOOL auth_seal = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SEAL);
86 uint32 data_len;
87 uint32 auth_len;
88
89 DEBUG(5,("create_rpc_reply: data_start: %d data_end: %d max_tsize: %d\n",
90 data_start, data_end, p->hdr_ba.bba.max_tsize));
91
92 auth_len = p->hdr.auth_len;
93
94 if (p->ntlmssp_auth)
95 {
96 DEBUG(10,("create_rpc_reply: auth\n"));
97 if (auth_len != 16)
98 {
99 return False;
100 }
101 }
102
103 prs_init(&p->rhdr , 0x18, 4, 0, False);
104 prs_init(&p->rauth, 1024, 4, 0, False);
105 prs_init(&p->rverf, 0x08, 4, 0, False);
106
107 p->hdr.pkt_type = RPC_RESPONSE; /* mark header as an rpc response */
108
109 /* set up rpc header (fragmentation issues) */
110 if (data_start == 0)
111 {
112 p->hdr.flags = RPC_FLG_FIRST;
113 }
114 else
115 {
116 p->hdr.flags = 0;
117 }
118
119 p->hdr_resp.alloc_hint = data_end - data_start; /* calculate remaining data to be sent */
120
121 if (p->hdr_resp.alloc_hint + 0x18 <= p->hdr_ba.bba.max_tsize)
122 {
123 p->hdr.flags |= RPC_FLG_LAST;
124 p->hdr.frag_len = p->hdr_resp.alloc_hint + 0x18;
125 }
126 else
127 {
128 p->hdr.frag_len = p->hdr_ba.bba.max_tsize;
129 }
130
131 if (p->ntlmssp_auth)
132 {
133 p->hdr_resp.alloc_hint -= auth_len + 8;
134 }
135
136 if (p->ntlmssp_auth)
137 {
138 data_len = p->hdr.frag_len - auth_len - (auth_verify ? 8 : 0) - 0x18;
139 }
140 else
141 {
142 data_len = p->hdr.frag_len - 0x18;
143 }
144
145 p->rhdr.data->offset.start = 0;
146 p->rhdr.data->offset.end = 0x18;
147
148 /* store the header in the data stream */
149 smb_io_rpc_hdr ("hdr" , &(p->hdr ), &(p->rhdr), 0);
150 smb_io_rpc_hdr_resp("resp", &(p->hdr_resp), &(p->rhdr), 0);
151
152 /* don't use rdata: use rdata_i instead, which moves... */
153 /* make a pointer to the rdata data, NOT A COPY */
154
155 p->rdata_i.data = NULL;
156 prs_init(&p->rdata_i, 0, p->rdata.align, p->rdata.data->margin, p->rdata.io);
157 data = mem_data(&(p->rdata.data), data_start);
158 mem_create(p->rdata_i.data, data, 0, data_len, 0, False);
159 p->rdata_i.offset = data_len;
160
161 if (auth_len > 0)
162 {
163 uint32 crc32 = 0;
164
165 DEBUG(5,("create_rpc_reply: sign: %s seal: %s data %d auth %d\n",
166 BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len, auth_len));
167
168 if (auth_seal)
169 {
170 crc32 = crc32_calc_buffer(data_len, data);
171 NTLMSSPcalc_p(p, (uchar*)data, data_len);
172 }
173
174 if (auth_seal || auth_verify)
175 {
176 make_rpc_hdr_auth(&p->auth_info, 0x0a, 0x06, 0x08, (auth_verify ? 1 : 0));
177 smb_io_rpc_hdr_auth("hdr_auth", &p->auth_info, &p->rauth, 0);
178 }
179
180 if (auth_verify)
181 {
182 char *auth_data;
183 p->ntlmssp_seq_num++;
184 make_rpc_auth_ntlmssp_chk(&p->ntlmssp_chk, NTLMSSP_SIGN_VERSION, crc32, p->ntlmssp_seq_num++);
185 smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), &p->rverf, 0);
186 auth_data = mem_data(&p->rverf.data, 4);
187 NTLMSSPcalc_p(p, (uchar*)auth_data, 12);
188 }
189 }
190
191 /* set up the data chain */
192 if (p->ntlmssp_auth)
193 {
194 prs_link(NULL , &p->rhdr , &p->rdata_i);
195 prs_link(&p->rhdr , &p->rdata_i, &p->rauth );
196 prs_link(&p->rdata_i, &p->rauth , &p->rverf );
197 prs_link(&p->rauth , &p->rverf , NULL );
198 }
199 else
200 {
201 prs_link(NULL , &p->rhdr , &p->rdata_i);
202 prs_link(&p->rhdr, &p->rdata_i, NULL );
203 }
204
205 /* indicate to subsequent data reads where we are up to */
206 p->frag_len_left = p->hdr.frag_len - p->file_offset;
207 p->next_frag_start = p->hdr.frag_len;
208
209 return p->rhdr.data != NULL && p->rhdr.offset == 0x18;
210 }
211
212 static BOOL api_pipe_ntlmssp_verify(pipes_struct *p)
213 {
214 uchar lm_owf[24];
215 uchar nt_owf[24];
216 struct smb_passwd *smb_pass = NULL;
217
218 DEBUG(5,("api_pipe_ntlmssp_verify: checking user details\n"));
219
220 if (p->ntlmssp_resp.hdr_lm_resp.str_str_len == 0) return False;
221 if (p->ntlmssp_resp.hdr_nt_resp.str_str_len == 0) return False;
222 if (p->ntlmssp_resp.hdr_usr .str_str_len == 0) return False;
223 if (p->ntlmssp_resp.hdr_domain .str_str_len == 0) return False;
224 if (p->ntlmssp_resp.hdr_wks .str_str_len == 0) return False;
225
226 memset(p->user_name, 0, sizeof(p->user_name));
227 memset(p->domain , 0, sizeof(p->domain ));
228 memset(p->wks , 0, sizeof(p->wks ));
229
230 if (IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_UNICODE))
231 {
232 fstrcpy(p->user_name, unistrn2((uint16*)p->ntlmssp_resp.user , p->ntlmssp_resp.hdr_usr .str_str_len/2));
233 fstrcpy(p->domain , unistrn2((uint16*)p->ntlmssp_resp.domain, p->ntlmssp_resp.hdr_domain.str_str_len/2));
234 fstrcpy(p->wks , unistrn2((uint16*)p->ntlmssp_resp.wks , p->ntlmssp_resp.hdr_wks .str_str_len/2));
235 }
236 else
237 {
238 fstrcpy(p->user_name, p->ntlmssp_resp.user );
239 fstrcpy(p->domain , p->ntlmssp_resp.domain);
240 fstrcpy(p->wks , p->ntlmssp_resp.wks );
241 }
242
243 DEBUG(5,("user: %s domain: %s wks: %s\n", p->user_name, p->domain, p->wks));
244
245 memcpy(lm_owf, p->ntlmssp_resp.lm_resp, sizeof(lm_owf));
246 memcpy(nt_owf, p->ntlmssp_resp.nt_resp, sizeof(nt_owf));
247
248 #ifdef DEBUG_PASSWORD
249 DEBUG(100,("lm, nt owfs, chal\n"));
250 dump_data(100, lm_owf, sizeof(lm_owf));
251 dump_data(100, nt_owf, sizeof(nt_owf));
252 dump_data(100, p->ntlmssp_chal.challenge, 8);
253 #endif
254 become_root(True);
255 p->ntlmssp_validated = pass_check_smb(p->user_name, p->domain,
256 (uchar*)p->ntlmssp_chal.challenge,
257 lm_owf, nt_owf, NULL);
258 smb_pass = getsmbpwnam(p->user_name);
259 unbecome_root(True);
260
261 if (p->ntlmssp_validated && smb_pass != NULL && smb_pass->smb_passwd)
262 {
263 uchar p24[24];
264 NTLMSSPOWFencrypt(smb_pass->smb_passwd, lm_owf, p24);
265 {
266 unsigned char j = 0;
267 int ind;
268
269 unsigned char k2[8];
270
271 memcpy(k2, p24, 5);
272 k2[5] = 0xe5;
273 k2[6] = 0x38;
274 k2[7] = 0xb0;
275
276 for (ind = 0; ind < 256; ind++)
277 {
278 p->ntlmssp_hash[ind] = (unsigned char)ind;
279 }
280
281 for( ind = 0; ind < 256; ind++)
282 {
283 unsigned char tc;
284
285 j += (p->ntlmssp_hash[ind] + k2[ind%8]);
286
287 tc = p->ntlmssp_hash[ind];
288 p->ntlmssp_hash[ind] = p->ntlmssp_hash[j];
289 p->ntlmssp_hash[j] = tc;
290 }
291
292 p->ntlmssp_hash[256] = 0;
293 p->ntlmssp_hash[257] = 0;
294 }
295 /* NTLMSSPhash(p->ntlmssp_hash, p24); */
296 p->ntlmssp_seq_num = 0;
297 }
298 else
299 {
300 p->ntlmssp_validated = False;
301 }
302
303 return p->ntlmssp_validated;
304 }
305
306 static BOOL api_pipe_ntlmssp(pipes_struct *p, prs_struct *pd)
307 {
308 /* receive a negotiate; send a challenge; receive a response */
309 switch (p->auth_verifier.msg_type)
310 {
311 case NTLMSSP_NEGOTIATE:
312 {
313 smb_io_rpc_auth_ntlmssp_neg("", &p->ntlmssp_neg, pd, 0);
314 break;
315 }
316 case NTLMSSP_AUTH:
317 {
318 smb_io_rpc_auth_ntlmssp_resp("", &p->ntlmssp_resp, pd, 0);
319 if (!api_pipe_ntlmssp_verify(p))
320 {
321 pd->offset = 0;
322 }
323 break;
324 }
325 default:
326 {
327 /* NTLMSSP expected: unexpected message type */
328 DEBUG(3,("unexpected message type in NTLMSSP %d\n",
329 p->auth_verifier.msg_type));
330 return False;
331 }
332 }
333
334 return (pd->offset != 0);
335 }
336
337 struct api_cmd
338 {
339 char * pipe_clnt_name;
340 char * pipe_srv_name;
341 BOOL (*fn) (pipes_struct *, prs_struct *);
342 };
343
344 static struct api_cmd api_fd_commands[] =
345 {
346 { "lsarpc", "lsass", api_ntlsa_rpc },
347 { "samr", "lsass", api_samr_rpc },
348 { "srvsvc", "ntsvcs", api_srvsvc_rpc },
349 { "wkssvc", "ntsvcs", api_wkssvc_rpc },
350 { "NETLOGON", "lsass", api_netlog_rpc },
351 { "winreg", "winreg", api_reg_rpc },
352 { NULL, NULL, NULL }
353 };
354
355 static BOOL api_pipe_bind_auth_resp(pipes_struct *p, prs_struct *pd)
356 {
357 DEBUG(5,("api_pipe_bind_auth_resp: decode request. %d\n", __LINE__));
358
359 if (p->hdr.auth_len == 0) return False;
360
361 /* decode the authentication verifier response */
362 smb_io_rpc_hdr_autha("", &p->autha_info, pd, 0);
363 if (pd->offset == 0) return False;
364
365 if (!rpc_hdr_auth_chk(&(p->auth_info))) return False;
366
367 smb_io_rpc_auth_verifier("", &p->auth_verifier, pd, 0);
368 if (pd->offset == 0) return False;
369
370 if (!rpc_auth_verifier_chk(&(p->auth_verifier), "NTLMSSP", NTLMSSP_AUTH)) return False;
371
372 return api_pipe_ntlmssp(p, pd);
373 }
374
375 static BOOL api_pipe_bind_req(pipes_struct *p, prs_struct *pd)
376 {
377 uint16 assoc_gid;
378 fstring ack_pipe_name;
379 int i = 0;
380
381 p->ntlmssp_auth = False;
382
383 DEBUG(5,("api_pipe_bind_req: decode request. %d\n", __LINE__));
384
385 for (i = 0; api_fd_commands[i].pipe_clnt_name; i++)
386 {
387 if (strequal(api_fd_commands[i].pipe_clnt_name, p->name) &&
388 api_fd_commands[i].fn != NULL)
389 {
390 DEBUG(3,("api_pipe_bind_req: \\PIPE\\%s -> \\PIPE\\%s\n",
391 api_fd_commands[i].pipe_clnt_name,
392 api_fd_commands[i].pipe_srv_name));
393 fstrcpy(p->pipe_srv_name, api_fd_commands[i].pipe_srv_name);
394 break;
395 }
396 }
397
398 if (api_fd_commands[i].fn == NULL) return False;
399
400 /* decode the bind request */
401 smb_io_rpc_hdr_rb("", &p->hdr_rb, pd, 0);
402
403 if (pd->offset == 0) return False;
404
405 if (p->hdr.auth_len != 0)
406 {
407 /* decode the authentication verifier */
408 smb_io_rpc_hdr_auth ("", &p->auth_info , pd, 0);
409 if (pd->offset == 0) return False;
410
411 p->ntlmssp_auth = p->auth_info.auth_type = 0x0a;
412
413 if (p->ntlmssp_auth)
414 {
415 smb_io_rpc_auth_verifier("", &p->auth_verifier, pd, 0);
416 if (pd->offset == 0) return False;
417
418 p->ntlmssp_auth = strequal(p->auth_verifier.signature, "NTLMSSP");
419 }
420
421 if (p->ntlmssp_auth)
422 {
423 if (!api_pipe_ntlmssp(p, pd)) return False;
424 }
425 }
426
427 /* name has to be \PIPE\xxxxx */
428 fstrcpy(ack_pipe_name, "\\PIPE\\");
429 fstrcat(ack_pipe_name, p->pipe_srv_name);
430
431 DEBUG(5,("api_pipe_bind_req: make response. %d\n", __LINE__));
432
433 prs_init(&(p->rdata), 1024, 4, 0, False);
434 prs_init(&(p->rhdr ), 0x18, 4, 0, False);
435 prs_init(&(p->rauth), 1024, 4, 0, False);
436 prs_init(&(p->rverf), 0x08, 4, 0, False);
437 prs_init(&(p->rntlm), 1024, 4, 0, False);
438
439 /***/
440 /*** do the bind ack first ***/
441 /***/
442
443 if (p->ntlmssp_auth)
444 {
445 assoc_gid = 0x7a77;
446 }
447 else
448 {
449 assoc_gid = p->hdr_rb.bba.assoc_gid;
450 }
451
452 make_rpc_hdr_ba(&p->hdr_ba,
453 p->hdr_rb.bba.max_tsize,
454 p->hdr_rb.bba.max_rsize,
455 assoc_gid,
456 ack_pipe_name,
457 0x1, 0x0, 0x0,
458 &(p->hdr_rb.transfer));
459
460 smb_io_rpc_hdr_ba("", &p->hdr_ba, &p->rdata, 0);
461 mem_realloc_data(p->rdata.data, p->rdata.offset);
462
463 /***/
464 /*** now the authentication ***/
465 /***/
466
467 if (p->ntlmssp_auth)
468 {
469 uint8 challenge[8];
470 generate_random_buffer(challenge, 8, False);
471
472 /*** authentication info ***/
473
474 make_rpc_hdr_auth(&p->auth_info, 0x0a, 0x06, 0, 1);
475 smb_io_rpc_hdr_auth("", &p->auth_info, &p->rverf, 0);
476 mem_realloc_data(p->rverf.data, p->rverf.offset);
477
478 /*** NTLMSSP verifier ***/
479
480 make_rpc_auth_verifier(&p->auth_verifier,
481 "NTLMSSP", NTLMSSP_CHALLENGE);
482 smb_io_rpc_auth_verifier("", &p->auth_verifier, &p->rauth, 0);
483 mem_realloc_data(p->rauth.data, p->rauth.offset);
484
485 /* NTLMSSP challenge ***/
486
487 make_rpc_auth_ntlmssp_chal(&p->ntlmssp_chal,
488 0x000082b1, challenge);
489 smb_io_rpc_auth_ntlmssp_chal("", &p->ntlmssp_chal, &p->rntlm, 0);
490 mem_realloc_data(p->rntlm.data, p->rntlm.offset);
491 }
492
493 /***/
494 /*** then do the header, now we know the length ***/
495 /***/
496
497 make_rpc_hdr(&p->hdr, RPC_BINDACK, RPC_FLG_FIRST | RPC_FLG_LAST,
498 p->hdr.call_id,
499 p->rdata.offset + p->rverf.offset + p->rauth.offset + p->rntlm.offset + 0x10,
500 p->rauth.offset + p->rntlm.offset);
501
502 smb_io_rpc_hdr("", &p->hdr, &p->rhdr, 0);
503 mem_realloc_data(p->rhdr.data, p->rdata.offset);
504
505 /***/
506 /*** link rpc header, bind acknowledgment and authentication responses ***/
507 /***/
508
509 if (p->ntlmssp_auth)
510 {
511 prs_link(NULL , &p->rhdr , &p->rdata);
512 prs_link(&p->rhdr , &p->rdata, &p->rverf);
513 prs_link(&p->rdata, &p->rverf, &p->rauth);
514 prs_link(&p->rverf, &p->rauth, &p->rntlm);
515 prs_link(&p->rauth, &p->rntlm, NULL );
516 }
517 else
518 {
519 prs_link(NULL , &p->rhdr , &p->rdata);
520 prs_link(&p->rhdr, &p->rdata, NULL );
521 }
522
523 return True;
524 }
525
526
527 static BOOL api_pipe_auth_process(pipes_struct *p, prs_struct *pd)
528 {
529 BOOL auth_verify = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SIGN);
530 BOOL auth_seal = IS_BITS_SET_ALL(p->ntlmssp_chal.neg_flags, NTLMSSP_NEGOTIATE_SEAL);
531 int data_len;
532 int auth_len;
533 uint32 old_offset;
534 uint32 crc32 = 0;
535
536 auth_len = p->hdr.auth_len;
537
538 if (auth_len != 16 && auth_verify)
539 {
540 return False;
541 }
542
543 data_len = p->hdr.frag_len - auth_len - (auth_verify ? 8 : 0) - 0x18;
544
545 DEBUG(5,("api_pipe_auth_process: sign: %s seal: %s data %d auth %d\n",
546 BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len, auth_len));
547
548 if (auth_seal)
549 {
550 char *data = mem_data(&pd->data, pd->offset);
551 DEBUG(5,("api_pipe_auth_process: data %d\n", pd->offset));
552 NTLMSSPcalc_p(p, (uchar*)data, data_len);
553 crc32 = crc32_calc_buffer(data_len, data);
554 }
555
556 /*** skip the data, record the offset so we can restore it again */
557 old_offset = pd->offset;
558
559 if (auth_seal || auth_verify)
560 {
561 pd->offset += data_len;
562 smb_io_rpc_hdr_auth("hdr_auth", &p->auth_info, pd, 0);
563 }
564
565 if (auth_verify)
566 {
567 char *req_data = mem_data(&pd->data, pd->offset + 4);
568 DEBUG(5,("api_pipe_auth_process: auth %d\n", pd->offset + 4));
569 NTLMSSPcalc_p(p, (uchar*)req_data, 12);
570 smb_io_rpc_auth_ntlmssp_chk("auth_sign", &(p->ntlmssp_chk), pd, 0);
571
572 if (!rpc_auth_ntlmssp_chk(&(p->ntlmssp_chk), crc32,
573 p->ntlmssp_seq_num))
574 {
575 return False;
576 }
577 }
578
579 pd->offset = old_offset;
580
581 return True;
582 }
583
584 static BOOL api_pipe_request(pipes_struct *p, prs_struct *pd)
585 {
586 int i = 0;
587
588 if (p->ntlmssp_auth && p->ntlmssp_validated)
589 {
590 if (!api_pipe_auth_process(p, pd)) return False;
591
592 DEBUG(0,("api_pipe_request: **** MUST CALL become_user() HERE **** \n"));
593 #if 0
594 become_user();
595 #endif
596 }
597
598 for (i = 0; api_fd_commands[i].pipe_clnt_name; i++)
599 {
600 if (strequal(api_fd_commands[i].pipe_clnt_name, p->name) &&
601 api_fd_commands[i].fn != NULL)
602 {
603 DEBUG(3,("Doing \\PIPE\\%s\n", api_fd_commands[i].pipe_clnt_name));
604 return api_fd_commands[i].fn(p, pd);
605 }
606 }
607 return False;
608 }
609
610 BOOL rpc_command(pipes_struct *p, prs_struct *pd)
611 {
612 BOOL reply = False;
613 if (pd->data == NULL) return False;
614
615 /* process the rpc header */
616 smb_io_rpc_hdr("", &p->hdr, pd, 0);
617
618 if (pd->offset == 0) return False;
619
620 switch (p->hdr.pkt_type)
621 {
622 case RPC_BIND :
623 {
624 reply = api_pipe_bind_req(p, pd);
625 break;
626 }
627 case RPC_REQUEST:
628 {
629 if (p->ntlmssp_auth && !p->ntlmssp_validated)
630 {
631 /* authentication _was_ requested
632 and it failed. sorry, no deal!
633 */
634 reply = False;
635 }
636 else
637 {
638 /* read the rpc header */
639 smb_io_rpc_hdr_req("req", &(p->hdr_req), pd, 0);
640 reply = api_pipe_request(p, pd);
641 }
642 break;
643 }
644 case RPC_BINDRESP: /* not the real name! */
645 {
646 reply = api_pipe_bind_auth_resp(p, pd);
647 p->ntlmssp_auth = reply;
648 break;
649 }
650 }
651
652 if (!reply)
653 {
654 DEBUG(3,("rpc_command: DCE/RPC fault should be sent here\n"));
655 }
656
657 return reply;
658 }
659
660
661 /*******************************************************************
662 receives a netlogon pipe and responds.
663 ********************************************************************/
664 static BOOL api_rpc_command(pipes_struct *p,
665 char *rpc_name, struct api_struct *api_rpc_cmds,
666 prs_struct *data)
667 {
668 int fn_num;
669 DEBUG(4,("api_rpc_command: %s op 0x%x - ", rpc_name, p->hdr_req.opnum));
670
671 for (fn_num = 0; api_rpc_cmds[fn_num].name; fn_num++)
672 {
673 if (api_rpc_cmds[fn_num].opnum == p->hdr_req.opnum && api_rpc_cmds[fn_num].fn != NULL)
674 {
675 DEBUG(3,("api_rpc_command: %s\n", api_rpc_cmds[fn_num].name));
676 break;
677 }
678 }
679
680 if (api_rpc_cmds[fn_num].name == NULL)
681 {
682 DEBUG(4, ("unknown\n"));
683 return False;
684 }
685
686 /* start off with 1024 bytes, and a large safety margin too */
687 prs_init(&p->rdata, 1024, 4, SAFETY_MARGIN, False);
688
689 /* do the actual command */
690 api_rpc_cmds[fn_num].fn(p->vuid, data, &(p->rdata));
691
692 if (p->rdata.data == NULL || p->rdata.offset == 0)
693 {
694 mem_free_data(p->rdata.data);
695 return False;
696 }
697
698 mem_realloc_data(p->rdata.data, p->rdata.offset);
699
700 DEBUG(10,("called %s\n", rpc_name));
701
702 return True;
703 }
704
705
706 /*******************************************************************
707 receives a netlogon pipe and responds.
708 ********************************************************************/
709 BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, struct api_struct *api_rpc_cmds,
710 prs_struct *data)
711 {
712 if (data == NULL || data->data == NULL)
713 {
714 DEBUG(2,("%s: NULL data received\n", rpc_name));
715 return False;
716 }
717
718 /* interpret the command */
719 if (!api_rpc_command(p, rpc_name, api_rpc_cmds, data))
720 {
721 return False;
722 }
723
724 /* create the rpc header */
725 if (!create_rpc_reply(p, 0, p->rdata.offset + (p->ntlmssp_auth ? (16 + 8) : 0)))
726 {
727 return False;
728 }
729
730 return True;
731 }
WIP