r6014: rather large change set....
[Samba/gbeck.git] / source / rpc_parse / parse_prs.c
blob1b9ac51c61364e0655e0a0dc67f34247300139ae
1 /*
2 Unix SMB/CIFS implementation.
3 Samba memory buffer functions
4 Copyright (C) Andrew Tridgell 1992-1997
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
6 Copyright (C) Jeremy Allison 1999
7 Copyright (C) Andrew Bartlett 2003.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "includes.h"
26 #undef DBGC_CLASS
27 #define DBGC_CLASS DBGC_RPC_PARSE
29 /**
30 * Dump a prs to a file: from the current location through to the end.
31 **/
32 void prs_dump(char *name, int v, prs_struct *ps)
34 prs_dump_region(name, v, ps, ps->data_offset, ps->buffer_size);
38 /**
39 * Dump from the start of the prs to the current location.
40 **/
41 void prs_dump_before(char *name, int v, prs_struct *ps)
43 prs_dump_region(name, v, ps, 0, ps->data_offset);
47 /**
48 * Dump everything from the start of the prs up to the current location.
49 **/
50 void prs_dump_region(char *name, int v, prs_struct *ps,
51 int from_off, int to_off)
53 int fd, i;
54 pstring fname;
55 if (DEBUGLEVEL < 50) return;
56 for (i=1;i<100;i++) {
57 if (v != -1) {
58 slprintf(fname,sizeof(fname)-1, "/tmp/%s_%d.%d.prs", name, v, i);
59 } else {
60 slprintf(fname,sizeof(fname)-1, "/tmp/%s.%d.prs", name, i);
62 fd = open(fname, O_WRONLY|O_CREAT|O_EXCL, 0644);
63 if (fd != -1 || errno != EEXIST) break;
65 if (fd != -1) {
66 write(fd, ps->data_p + from_off, to_off - from_off);
67 close(fd);
68 DEBUG(0,("created %s\n", fname));
74 /*******************************************************************
75 debug output for parsing info.
77 XXXX side-effect of this function is to increase the debug depth XXXX
79 ********************************************************************/
80 void prs_debug(prs_struct *ps, int depth, const char *desc, const char *fn_name)
82 DEBUG(5+depth, ("%s%06x %s %s\n", tab_depth(depth), ps->data_offset, fn_name, desc));
86 /**
87 * Initialise an expandable parse structure.
89 * @param size Initial buffer size. If >0, a new buffer will be
90 * created with malloc().
92 * @return False if allocation fails, otherwise True.
93 **/
94 BOOL prs_init(prs_struct *ps, uint32 size, TALLOC_CTX *ctx, BOOL io)
96 ZERO_STRUCTP(ps);
97 ps->io = io;
98 ps->bigendian_data = RPC_LITTLE_ENDIAN;
99 ps->align = RPC_PARSE_ALIGN;
100 ps->is_dynamic = False;
101 ps->data_offset = 0;
102 ps->buffer_size = 0;
103 ps->data_p = NULL;
104 ps->mem_ctx = ctx;
106 if (size != 0) {
107 ps->buffer_size = size;
108 if((ps->data_p = (char *)SMB_MALLOC((size_t)size)) == NULL) {
109 DEBUG(0,("prs_init: malloc fail for %u bytes.\n", (unsigned int)size));
110 return False;
112 memset(ps->data_p, '\0', (size_t)size);
113 ps->is_dynamic = True; /* We own this memory. */
116 return True;
119 /*******************************************************************
120 Delete the memory in a parse structure - if we own it.
121 ********************************************************************/
123 void prs_mem_free(prs_struct *ps)
125 if(ps->is_dynamic)
126 SAFE_FREE(ps->data_p);
127 ps->is_dynamic = False;
128 ps->buffer_size = 0;
129 ps->data_offset = 0;
132 /*******************************************************************
133 Clear the memory in a parse structure.
134 ********************************************************************/
136 void prs_mem_clear(prs_struct *ps)
138 if (ps->buffer_size)
139 memset(ps->data_p, '\0', (size_t)ps->buffer_size);
142 /*******************************************************************
143 Allocate memory when unmarshalling... Always zero clears.
144 ********************************************************************/
146 #if defined(PARANOID_MALLOC_CHECKER)
147 char *prs_alloc_mem_(prs_struct *ps, size_t size, unsigned int count)
148 #else
149 char *prs_alloc_mem(prs_struct *ps, size_t size, unsigned int count)
150 #endif
152 char *ret = NULL;
154 if (size) {
155 /* We can't call the type-safe version here. */
156 #if defined(PARANOID_MALLOC_CHECKER)
157 ret = talloc_zero_array_(ps->mem_ctx, size, count);
158 #else
159 ret = talloc_zero_array(ps->mem_ctx, size, count);
160 #endif
162 return ret;
165 /*******************************************************************
166 Return the current talloc context we're using.
167 ********************************************************************/
169 TALLOC_CTX *prs_get_mem_context(prs_struct *ps)
171 return ps->mem_ctx;
174 /*******************************************************************
175 Hand some already allocated memory to a prs_struct.
176 ********************************************************************/
178 void prs_give_memory(prs_struct *ps, char *buf, uint32 size, BOOL is_dynamic)
180 ps->is_dynamic = is_dynamic;
181 ps->data_p = buf;
182 ps->buffer_size = size;
185 /*******************************************************************
186 Take some memory back from a prs_struct.
187 ********************************************************************/
189 char *prs_take_memory(prs_struct *ps, uint32 *psize)
191 char *ret = ps->data_p;
192 if(psize)
193 *psize = ps->buffer_size;
194 ps->is_dynamic = False;
195 prs_mem_free(ps);
196 return ret;
199 /*******************************************************************
200 Set a prs_struct to exactly a given size. Will grow or tuncate if neccessary.
201 ********************************************************************/
203 BOOL prs_set_buffer_size(prs_struct *ps, uint32 newsize)
205 if (newsize > ps->buffer_size)
206 return prs_force_grow(ps, newsize - ps->buffer_size);
208 if (newsize < ps->buffer_size) {
209 char *new_data_p = SMB_REALLOC(ps->data_p, newsize);
210 /* if newsize is zero, Realloc acts like free() & returns NULL*/
211 if (new_data_p == NULL && newsize != 0) {
212 DEBUG(0,("prs_set_buffer_size: Realloc failure for size %u.\n",
213 (unsigned int)newsize));
214 DEBUG(0,("prs_set_buffer_size: Reason %s\n",strerror(errno)));
215 return False;
217 ps->data_p = new_data_p;
218 ps->buffer_size = newsize;
221 return True;
224 /*******************************************************************
225 Attempt, if needed, to grow a data buffer.
226 Also depends on the data stream mode (io).
227 ********************************************************************/
229 BOOL prs_grow(prs_struct *ps, uint32 extra_space)
231 uint32 new_size;
232 char *new_data;
234 ps->grow_size = MAX(ps->grow_size, ps->data_offset + extra_space);
236 if(ps->data_offset + extra_space <= ps->buffer_size)
237 return True;
240 * We cannot grow the buffer if we're not reading
241 * into the prs_struct, or if we don't own the memory.
244 if(UNMARSHALLING(ps) || !ps->is_dynamic) {
245 DEBUG(0,("prs_grow: Buffer overflow - unable to expand buffer by %u bytes.\n",
246 (unsigned int)extra_space));
247 return False;
251 * Decide how much extra space we really need.
254 extra_space -= (ps->buffer_size - ps->data_offset);
255 if(ps->buffer_size == 0) {
257 * Ensure we have at least a PDU's length, or extra_space, whichever
258 * is greater.
261 new_size = MAX(MAX_PDU_FRAG_LEN,extra_space);
263 if((new_data = SMB_MALLOC(new_size)) == NULL) {
264 DEBUG(0,("prs_grow: Malloc failure for size %u.\n", (unsigned int)new_size));
265 return False;
267 memset(new_data, '\0', (size_t)new_size );
268 } else {
270 * If the current buffer size is bigger than the space needed, just
271 * double it, else add extra_space.
273 new_size = MAX(ps->buffer_size*2, ps->buffer_size + extra_space);
275 if ((new_data = SMB_REALLOC(ps->data_p, new_size)) == NULL) {
276 DEBUG(0,("prs_grow: Realloc failure for size %u.\n",
277 (unsigned int)new_size));
278 return False;
281 memset(&new_data[ps->buffer_size], '\0', (size_t)(new_size - ps->buffer_size));
283 ps->buffer_size = new_size;
284 ps->data_p = new_data;
286 return True;
289 /*******************************************************************
290 Attempt to force a data buffer to grow by len bytes.
291 This is only used when appending more data onto a prs_struct
292 when reading an rpc reply, before unmarshalling it.
293 ********************************************************************/
295 BOOL prs_force_grow(prs_struct *ps, uint32 extra_space)
297 uint32 new_size = ps->buffer_size + extra_space;
298 char *new_data;
300 if(!UNMARSHALLING(ps) || !ps->is_dynamic) {
301 DEBUG(0,("prs_force_grow: Buffer overflow - unable to expand buffer by %u bytes.\n",
302 (unsigned int)extra_space));
303 return False;
306 if((new_data = SMB_REALLOC(ps->data_p, new_size)) == NULL) {
307 DEBUG(0,("prs_force_grow: Realloc failure for size %u.\n",
308 (unsigned int)new_size));
309 return False;
312 memset(&new_data[ps->buffer_size], '\0', (size_t)(new_size - ps->buffer_size));
314 ps->buffer_size = new_size;
315 ps->data_p = new_data;
317 return True;
320 /*******************************************************************
321 Get the data pointer (external interface).
322 ********************************************************************/
324 char *prs_data_p(prs_struct *ps)
326 return ps->data_p;
329 /*******************************************************************
330 Get the current data size (external interface).
331 ********************************************************************/
333 uint32 prs_data_size(prs_struct *ps)
335 return ps->buffer_size;
338 /*******************************************************************
339 Fetch the current offset (external interface).
340 ********************************************************************/
342 uint32 prs_offset(prs_struct *ps)
344 return ps->data_offset;
347 /*******************************************************************
348 Set the current offset (external interface).
349 ********************************************************************/
351 BOOL prs_set_offset(prs_struct *ps, uint32 offset)
353 if(offset <= ps->data_offset) {
354 ps->data_offset = offset;
355 return True;
358 if(!prs_grow(ps, offset - ps->data_offset))
359 return False;
361 ps->data_offset = offset;
362 return True;
365 /*******************************************************************
366 Append the data from one parse_struct into another.
367 ********************************************************************/
369 BOOL prs_append_prs_data(prs_struct *dst, prs_struct *src)
371 if (prs_offset(src) == 0)
372 return True;
374 if(!prs_grow(dst, prs_offset(src)))
375 return False;
377 memcpy(&dst->data_p[dst->data_offset], src->data_p, (size_t)prs_offset(src));
378 dst->data_offset += prs_offset(src);
380 return True;
383 /*******************************************************************
384 Append some data from one parse_struct into another.
385 ********************************************************************/
387 BOOL prs_append_some_prs_data(prs_struct *dst, prs_struct *src, int32 start, uint32 len)
389 if (len == 0)
390 return True;
392 if(!prs_grow(dst, len))
393 return False;
395 memcpy(&dst->data_p[dst->data_offset], src->data_p + start, (size_t)len);
396 dst->data_offset += len;
398 return True;
401 /*******************************************************************
402 Append the data from a buffer into a parse_struct.
403 ********************************************************************/
405 BOOL prs_copy_data_in(prs_struct *dst, char *src, uint32 len)
407 if (len == 0)
408 return True;
410 if(!prs_grow(dst, len))
411 return False;
413 memcpy(&dst->data_p[dst->data_offset], src, (size_t)len);
414 dst->data_offset += len;
416 return True;
419 /*******************************************************************
420 Copy some data from a parse_struct into a buffer.
421 ********************************************************************/
423 BOOL prs_copy_data_out(char *dst, prs_struct *src, uint32 len)
425 if (len == 0)
426 return True;
428 if(!prs_mem_get(src, len))
429 return False;
431 memcpy(dst, &src->data_p[src->data_offset], (size_t)len);
432 src->data_offset += len;
434 return True;
437 /*******************************************************************
438 Copy all the data from a parse_struct into a buffer.
439 ********************************************************************/
441 BOOL prs_copy_all_data_out(char *dst, prs_struct *src)
443 uint32 len = prs_offset(src);
445 if (!len)
446 return True;
448 prs_set_offset(src, 0);
449 return prs_copy_data_out(dst, src, len);
452 /*******************************************************************
453 Set the data as X-endian (external interface).
454 ********************************************************************/
456 void prs_set_endian_data(prs_struct *ps, BOOL endian)
458 ps->bigendian_data = endian;
461 /*******************************************************************
462 Align a the data_len to a multiple of align bytes - filling with
463 zeros.
464 ********************************************************************/
466 BOOL prs_align(prs_struct *ps)
468 uint32 mod = ps->data_offset & (ps->align-1);
470 if (ps->align != 0 && mod != 0) {
471 uint32 extra_space = (ps->align - mod);
472 if(!prs_grow(ps, extra_space))
473 return False;
474 memset(&ps->data_p[ps->data_offset], '\0', (size_t)extra_space);
475 ps->data_offset += extra_space;
478 return True;
481 /******************************************************************
482 Align on a 2 byte boundary
483 *****************************************************************/
485 BOOL prs_align_uint16(prs_struct *ps)
487 BOOL ret;
488 uint8 old_align = ps->align;
490 ps->align = 2;
491 ret = prs_align(ps);
492 ps->align = old_align;
494 return ret;
497 /******************************************************************
498 Align on a 8 byte boundary
499 *****************************************************************/
501 BOOL prs_align_uint64(prs_struct *ps)
503 BOOL ret;
504 uint8 old_align = ps->align;
506 ps->align = 8;
507 ret = prs_align(ps);
508 ps->align = old_align;
510 return ret;
513 /*******************************************************************
514 Align only if required (for the unistr2 string mainly)
515 ********************************************************************/
517 BOOL prs_align_needed(prs_struct *ps, uint32 needed)
519 if (needed==0)
520 return True;
521 else
522 return prs_align(ps);
525 /*******************************************************************
526 Ensure we can read/write to a given offset.
527 ********************************************************************/
529 char *prs_mem_get(prs_struct *ps, uint32 extra_size)
531 if(UNMARSHALLING(ps)) {
533 * If reading, ensure that we can read the requested size item.
535 if (ps->data_offset + extra_size > ps->buffer_size) {
536 DEBUG(0,("prs_mem_get: reading data of size %u would overrun buffer.\n",
537 (unsigned int)extra_size ));
538 return NULL;
540 } else {
542 * Writing - grow the buffer if needed.
544 if(!prs_grow(ps, extra_size))
545 return NULL;
547 return &ps->data_p[ps->data_offset];
550 /*******************************************************************
551 Change the struct type.
552 ********************************************************************/
554 void prs_switch_type(prs_struct *ps, BOOL io)
556 if ((ps->io ^ io) == True)
557 ps->io=io;
560 /*******************************************************************
561 Force a prs_struct to be dynamic even when it's size is 0.
562 ********************************************************************/
564 void prs_force_dynamic(prs_struct *ps)
566 ps->is_dynamic=True;
569 /*******************************************************************
570 Stream a uint8.
571 ********************************************************************/
573 BOOL prs_uint8(const char *name, prs_struct *ps, int depth, uint8 *data8)
575 char *q = prs_mem_get(ps, 1);
576 if (q == NULL)
577 return False;
579 if (UNMARSHALLING(ps))
580 *data8 = CVAL(q,0);
581 else
582 SCVAL(q,0,*data8);
584 DEBUG(5,("%s%04x %s: %02x\n", tab_depth(depth), ps->data_offset, name, *data8));
586 ps->data_offset += 1;
588 return True;
591 /*******************************************************************
592 Stream a uint16* (allocate memory if unmarshalling)
593 ********************************************************************/
595 BOOL prs_pointer( const char *name, prs_struct *ps, int depth,
596 void **data, size_t data_size,
597 BOOL(*prs_fn)(const char*, prs_struct*, int, void*) )
599 uint32 data_p;
601 /* caputure the pointer value to stream */
603 data_p = (uint32) *data;
605 if ( !prs_uint32("ptr", ps, depth, &data_p ))
606 return False;
608 /* we're done if there is no data */
610 if ( !data_p )
611 return True;
613 if (UNMARSHALLING(ps)) {
614 if ( !(*data = PRS_ALLOC_MEM_VOID(ps, data_size)) )
615 return False;
618 return prs_fn(name, ps, depth, *data);
622 /*******************************************************************
623 Stream a uint16.
624 ********************************************************************/
626 BOOL prs_uint16(const char *name, prs_struct *ps, int depth, uint16 *data16)
628 char *q = prs_mem_get(ps, sizeof(uint16));
629 if (q == NULL)
630 return False;
632 if (UNMARSHALLING(ps)) {
633 if (ps->bigendian_data)
634 *data16 = RSVAL(q,0);
635 else
636 *data16 = SVAL(q,0);
637 } else {
638 if (ps->bigendian_data)
639 RSSVAL(q,0,*data16);
640 else
641 SSVAL(q,0,*data16);
644 DEBUG(5,("%s%04x %s: %04x\n", tab_depth(depth), ps->data_offset, name, *data16));
646 ps->data_offset += sizeof(uint16);
648 return True;
651 /*******************************************************************
652 Stream a uint32.
653 ********************************************************************/
655 BOOL prs_uint32(const char *name, prs_struct *ps, int depth, uint32 *data32)
657 char *q = prs_mem_get(ps, sizeof(uint32));
658 if (q == NULL)
659 return False;
661 if (UNMARSHALLING(ps)) {
662 if (ps->bigendian_data)
663 *data32 = RIVAL(q,0);
664 else
665 *data32 = IVAL(q,0);
666 } else {
667 if (ps->bigendian_data)
668 RSIVAL(q,0,*data32);
669 else
670 SIVAL(q,0,*data32);
673 DEBUG(5,("%s%04x %s: %08x\n", tab_depth(depth), ps->data_offset, name, *data32));
675 ps->data_offset += sizeof(uint32);
677 return True;
680 /*******************************************************************
681 Stream a NTSTATUS
682 ********************************************************************/
684 BOOL prs_ntstatus(const char *name, prs_struct *ps, int depth, NTSTATUS *status)
686 char *q = prs_mem_get(ps, sizeof(uint32));
687 if (q == NULL)
688 return False;
690 if (UNMARSHALLING(ps)) {
691 if (ps->bigendian_data)
692 *status = NT_STATUS(RIVAL(q,0));
693 else
694 *status = NT_STATUS(IVAL(q,0));
695 } else {
696 if (ps->bigendian_data)
697 RSIVAL(q,0,NT_STATUS_V(*status));
698 else
699 SIVAL(q,0,NT_STATUS_V(*status));
702 DEBUG(5,("%s%04x %s: %s\n", tab_depth(depth), ps->data_offset, name,
703 nt_errstr(*status)));
705 ps->data_offset += sizeof(uint32);
707 return True;
710 /*******************************************************************
711 Stream a WERROR
712 ********************************************************************/
714 BOOL prs_werror(const char *name, prs_struct *ps, int depth, WERROR *status)
716 char *q = prs_mem_get(ps, sizeof(uint32));
717 if (q == NULL)
718 return False;
720 if (UNMARSHALLING(ps)) {
721 if (ps->bigendian_data)
722 *status = W_ERROR(RIVAL(q,0));
723 else
724 *status = W_ERROR(IVAL(q,0));
725 } else {
726 if (ps->bigendian_data)
727 RSIVAL(q,0,W_ERROR_V(*status));
728 else
729 SIVAL(q,0,W_ERROR_V(*status));
732 DEBUG(5,("%s%04x %s: %s\n", tab_depth(depth), ps->data_offset, name,
733 dos_errstr(*status)));
735 ps->data_offset += sizeof(uint32);
737 return True;
741 /******************************************************************
742 Stream an array of uint8s. Length is number of uint8s.
743 ********************************************************************/
745 BOOL prs_uint8s(BOOL charmode, const char *name, prs_struct *ps, int depth, uint8 *data8s, int len)
747 int i;
748 char *q = prs_mem_get(ps, len);
749 if (q == NULL)
750 return False;
752 if (UNMARSHALLING(ps)) {
753 for (i = 0; i < len; i++)
754 data8s[i] = CVAL(q,i);
755 } else {
756 for (i = 0; i < len; i++)
757 SCVAL(q, i, data8s[i]);
760 DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset ,name));
761 if (charmode)
762 print_asc(5, (unsigned char*)data8s, len);
763 else {
764 for (i = 0; i < len; i++)
765 DEBUG(5,("%02x ", data8s[i]));
767 DEBUG(5,("\n"));
769 ps->data_offset += len;
771 return True;
774 /******************************************************************
775 Stream an array of uint16s. Length is number of uint16s.
776 ********************************************************************/
778 BOOL prs_uint16s(BOOL charmode, const char *name, prs_struct *ps, int depth, uint16 *data16s, int len)
780 int i;
781 char *q = prs_mem_get(ps, len * sizeof(uint16));
782 if (q == NULL)
783 return False;
785 if (UNMARSHALLING(ps)) {
786 if (ps->bigendian_data) {
787 for (i = 0; i < len; i++)
788 data16s[i] = RSVAL(q, 2*i);
789 } else {
790 for (i = 0; i < len; i++)
791 data16s[i] = SVAL(q, 2*i);
793 } else {
794 if (ps->bigendian_data) {
795 for (i = 0; i < len; i++)
796 RSSVAL(q, 2*i, data16s[i]);
797 } else {
798 for (i = 0; i < len; i++)
799 SSVAL(q, 2*i, data16s[i]);
803 DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name));
804 if (charmode)
805 print_asc(5, (unsigned char*)data16s, 2*len);
806 else {
807 for (i = 0; i < len; i++)
808 DEBUG(5,("%04x ", data16s[i]));
810 DEBUG(5,("\n"));
812 ps->data_offset += (len * sizeof(uint16));
814 return True;
817 /******************************************************************
818 Start using a function for streaming unicode chars. If unmarshalling,
819 output must be little-endian, if marshalling, input must be little-endian.
820 ********************************************************************/
822 static void dbg_rw_punival(BOOL charmode, const char *name, int depth, prs_struct *ps,
823 char *in_buf, char *out_buf, int len)
825 int i;
827 if (UNMARSHALLING(ps)) {
828 if (ps->bigendian_data) {
829 for (i = 0; i < len; i++)
830 SSVAL(out_buf,2*i,RSVAL(in_buf, 2*i));
831 } else {
832 for (i = 0; i < len; i++)
833 SSVAL(out_buf, 2*i, SVAL(in_buf, 2*i));
835 } else {
836 if (ps->bigendian_data) {
837 for (i = 0; i < len; i++)
838 RSSVAL(in_buf, 2*i, SVAL(out_buf,2*i));
839 } else {
840 for (i = 0; i < len; i++)
841 SSVAL(in_buf, 2*i, SVAL(out_buf,2*i));
845 DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name));
846 if (charmode)
847 print_asc(5, (unsigned char*)out_buf, 2*len);
848 else {
849 for (i = 0; i < len; i++)
850 DEBUG(5,("%04x ", out_buf[i]));
852 DEBUG(5,("\n"));
855 /******************************************************************
856 Stream a unistr. Always little endian.
857 ********************************************************************/
859 BOOL prs_uint16uni(BOOL charmode, const char *name, prs_struct *ps, int depth, uint16 *data16s, int len)
861 char *q = prs_mem_get(ps, len * sizeof(uint16));
862 if (q == NULL)
863 return False;
865 dbg_rw_punival(charmode, name, depth, ps, q, (char *)data16s, len);
866 ps->data_offset += (len * sizeof(uint16));
868 return True;
871 /******************************************************************
872 Stream an array of uint32s. Length is number of uint32s.
873 ********************************************************************/
875 BOOL prs_uint32s(BOOL charmode, const char *name, prs_struct *ps, int depth, uint32 *data32s, int len)
877 int i;
878 char *q = prs_mem_get(ps, len * sizeof(uint32));
879 if (q == NULL)
880 return False;
882 if (UNMARSHALLING(ps)) {
883 if (ps->bigendian_data) {
884 for (i = 0; i < len; i++)
885 data32s[i] = RIVAL(q, 4*i);
886 } else {
887 for (i = 0; i < len; i++)
888 data32s[i] = IVAL(q, 4*i);
890 } else {
891 if (ps->bigendian_data) {
892 for (i = 0; i < len; i++)
893 RSIVAL(q, 4*i, data32s[i]);
894 } else {
895 for (i = 0; i < len; i++)
896 SIVAL(q, 4*i, data32s[i]);
900 DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name));
901 if (charmode)
902 print_asc(5, (unsigned char*)data32s, 4*len);
903 else {
904 for (i = 0; i < len; i++)
905 DEBUG(5,("%08x ", data32s[i]));
907 DEBUG(5,("\n"));
909 ps->data_offset += (len * sizeof(uint32));
911 return True;
914 /******************************************************************
915 Stream an array of unicode string, length/buffer specified separately,
916 in uint16 chars. The unicode string is already in little-endian format.
917 ********************************************************************/
919 BOOL prs_buffer5(BOOL charmode, const char *name, prs_struct *ps, int depth, BUFFER5 *str)
921 char *p;
922 char *q = prs_mem_get(ps, str->buf_len * sizeof(uint16));
923 if (q == NULL)
924 return False;
926 if (UNMARSHALLING(ps)) {
927 str->buffer = PRS_ALLOC_MEM(ps,uint16,str->buf_len);
928 if (str->buffer == NULL)
929 return False;
932 /* If the string is empty, we don't have anything to stream */
933 if (str->buf_len==0)
934 return True;
936 p = (char *)str->buffer;
938 dbg_rw_punival(charmode, name, depth, ps, q, p, str->buf_len);
940 ps->data_offset += (str->buf_len * sizeof(uint16));
942 return True;
945 /******************************************************************
946 Stream a "not" unicode string, length/buffer specified separately,
947 in byte chars. String is in little-endian format.
948 ********************************************************************/
950 BOOL prs_regval_buffer(BOOL charmode, const char *name, prs_struct *ps, int depth, REGVAL_BUFFER *buf)
952 char *p;
953 char *q = prs_mem_get(ps, buf->buf_len);
954 if (q == NULL)
955 return False;
957 if (UNMARSHALLING(ps)) {
958 if (buf->buf_len > buf->buf_max_len) {
959 return False;
961 if ( buf->buf_max_len ) {
962 buf->buffer = PRS_ALLOC_MEM(ps, uint16, buf->buf_max_len);
963 if ( buf->buffer == NULL )
964 return False;
968 p = (char *)buf->buffer;
970 dbg_rw_punival(charmode, name, depth, ps, q, p, buf->buf_len/2);
971 ps->data_offset += buf->buf_len;
973 return True;
976 /******************************************************************
977 Stream a string, length/buffer specified separately,
978 in uint8 chars.
979 ********************************************************************/
981 BOOL prs_string2(BOOL charmode, const char *name, prs_struct *ps, int depth, STRING2 *str)
983 unsigned int i;
984 char *q = prs_mem_get(ps, str->str_str_len);
985 if (q == NULL)
986 return False;
988 if (UNMARSHALLING(ps)) {
989 if (str->str_str_len > str->str_max_len) {
990 return False;
992 str->buffer = PRS_ALLOC_MEM(ps,unsigned char, str->str_max_len);
993 if (str->buffer == NULL)
994 return False;
997 if (UNMARSHALLING(ps)) {
998 for (i = 0; i < str->str_str_len; i++)
999 str->buffer[i] = CVAL(q,i);
1000 } else {
1001 for (i = 0; i < str->str_str_len; i++)
1002 SCVAL(q, i, str->buffer[i]);
1005 DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name));
1006 if (charmode)
1007 print_asc(5, (unsigned char*)str->buffer, str->str_str_len);
1008 else {
1009 for (i = 0; i < str->str_str_len; i++)
1010 DEBUG(5,("%02x ", str->buffer[i]));
1012 DEBUG(5,("\n"));
1014 ps->data_offset += str->str_str_len;
1016 return True;
1019 /******************************************************************
1020 Stream a unicode string, length/buffer specified separately,
1021 in uint16 chars. The unicode string is already in little-endian format.
1022 ********************************************************************/
1024 BOOL prs_unistr2(BOOL charmode, const char *name, prs_struct *ps, int depth, UNISTR2 *str)
1026 char *p;
1027 char *q = prs_mem_get(ps, str->uni_str_len * sizeof(uint16));
1028 if (q == NULL)
1029 return False;
1031 /* If the string is empty, we don't have anything to stream */
1032 if (str->uni_str_len==0)
1033 return True;
1035 if (UNMARSHALLING(ps)) {
1036 if (str->uni_str_len > str->uni_max_len) {
1037 return False;
1039 str->buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_max_len);
1040 if (str->buffer == NULL)
1041 return False;
1044 p = (char *)str->buffer;
1046 dbg_rw_punival(charmode, name, depth, ps, q, p, str->uni_str_len);
1048 ps->data_offset += (str->uni_str_len * sizeof(uint16));
1050 return True;
1053 /******************************************************************
1054 Stream a unicode string, length/buffer specified separately,
1055 in uint16 chars. The unicode string is already in little-endian format.
1056 ********************************************************************/
1058 BOOL prs_unistr3(BOOL charmode, const char *name, UNISTR3 *str, prs_struct *ps, int depth)
1060 char *p;
1061 char *q = prs_mem_get(ps, str->uni_str_len * sizeof(uint16));
1062 if (q == NULL)
1063 return False;
1065 if (UNMARSHALLING(ps)) {
1066 str->str.buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_str_len);
1067 if (str->str.buffer == NULL)
1068 return False;
1071 p = (char *)str->str.buffer;
1073 dbg_rw_punival(charmode, name, depth, ps, q, p, str->uni_str_len);
1074 ps->data_offset += (str->uni_str_len * sizeof(uint16));
1076 return True;
1079 /*******************************************************************
1080 Stream a unicode null-terminated string. As the string is already
1081 in little-endian format then do it as a stream of bytes.
1082 ********************************************************************/
1084 BOOL prs_unistr(const char *name, prs_struct *ps, int depth, UNISTR *str)
1086 unsigned int len = 0;
1087 unsigned char *p = (unsigned char *)str->buffer;
1088 uint8 *start;
1089 char *q;
1090 uint32 max_len;
1091 uint16* ptr;
1093 if (MARSHALLING(ps)) {
1095 for(len = 0; str->buffer[len] != 0; len++)
1098 q = prs_mem_get(ps, (len+1)*2);
1099 if (q == NULL)
1100 return False;
1102 start = (uint8*)q;
1104 for(len = 0; str->buffer[len] != 0; len++) {
1105 if(ps->bigendian_data) {
1106 /* swap bytes - p is little endian, q is big endian. */
1107 q[0] = (char)p[1];
1108 q[1] = (char)p[0];
1109 p += 2;
1110 q += 2;
1112 else
1114 q[0] = (char)p[0];
1115 q[1] = (char)p[1];
1116 p += 2;
1117 q += 2;
1122 * even if the string is 'empty' (only an \0 char)
1123 * at this point the leading \0 hasn't been parsed.
1124 * so parse it now
1127 q[0] = 0;
1128 q[1] = 0;
1129 q += 2;
1131 len++;
1133 DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name));
1134 print_asc(5, (unsigned char*)start, 2*len);
1135 DEBUG(5, ("\n"));
1137 else { /* unmarshalling */
1139 uint32 alloc_len = 0;
1140 q = ps->data_p + prs_offset(ps);
1143 * Work out how much space we need and talloc it.
1145 max_len = (ps->buffer_size - ps->data_offset)/sizeof(uint16);
1147 /* the test of the value of *ptr helps to catch the circumstance
1148 where we have an emtpty (non-existent) string in the buffer */
1149 for ( ptr = (uint16 *)q; *ptr++ && (alloc_len <= max_len); alloc_len++)
1150 /* do nothing */
1153 if (alloc_len < max_len)
1154 alloc_len += 1;
1156 /* should we allocate anything at all? */
1157 str->buffer = PRS_ALLOC_MEM(ps,uint16,alloc_len);
1158 if ((str->buffer == NULL) && (alloc_len > 0))
1159 return False;
1161 p = (unsigned char *)str->buffer;
1163 len = 0;
1164 /* the (len < alloc_len) test is to prevent us from overwriting
1165 memory that is not ours...if we get that far, we have a non-null
1166 terminated string in the buffer and have messed up somewhere */
1167 while ((len < alloc_len) && (*(uint16 *)q != 0)) {
1168 if(ps->bigendian_data)
1170 /* swap bytes - q is big endian, p is little endian. */
1171 p[0] = (unsigned char)q[1];
1172 p[1] = (unsigned char)q[0];
1173 p += 2;
1174 q += 2;
1175 } else {
1177 p[0] = (unsigned char)q[0];
1178 p[1] = (unsigned char)q[1];
1179 p += 2;
1180 q += 2;
1183 len++;
1185 if (len < alloc_len) {
1186 /* NULL terminate the UNISTR */
1187 str->buffer[len++] = '\0';
1190 DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name));
1191 print_asc(5, (unsigned char*)str->buffer, 2*len);
1192 DEBUG(5, ("\n"));
1195 /* set the offset in the prs_struct; 'len' points to the
1196 terminiating NULL in the UNISTR so we need to go one more
1197 uint16 */
1198 ps->data_offset += (len)*2;
1200 return True;
1204 /*******************************************************************
1205 Stream a null-terminated string. len is strlen, and therefore does
1206 not include the null-termination character.
1207 ********************************************************************/
1209 BOOL prs_string(const char *name, prs_struct *ps, int depth, char *str, int max_buf_size)
1211 char *q;
1212 int i;
1213 int len;
1215 if (UNMARSHALLING(ps))
1216 len = strlen(&ps->data_p[ps->data_offset]);
1217 else
1218 len = strlen(str);
1220 len = MIN(len, (max_buf_size-1));
1222 q = prs_mem_get(ps, len+1);
1223 if (q == NULL)
1224 return False;
1226 for(i = 0; i < len; i++) {
1227 if (UNMARSHALLING(ps))
1228 str[i] = q[i];
1229 else
1230 q[i] = str[i];
1233 /* The terminating null. */
1234 str[i] = '\0';
1236 if (MARSHALLING(ps)) {
1237 q[i] = '\0';
1240 ps->data_offset += len+1;
1242 dump_data(5+depth, q, len);
1244 return True;
1247 /*******************************************************************
1248 prs_uint16 wrapper. Call this and it sets up a pointer to where the
1249 uint16 should be stored, or gets the size if reading.
1250 ********************************************************************/
1252 BOOL prs_uint16_pre(const char *name, prs_struct *ps, int depth, uint16 *data16, uint32 *offset)
1254 *offset = ps->data_offset;
1255 if (UNMARSHALLING(ps)) {
1256 /* reading. */
1257 return prs_uint16(name, ps, depth, data16);
1258 } else {
1259 char *q = prs_mem_get(ps, sizeof(uint16));
1260 if(q ==NULL)
1261 return False;
1262 ps->data_offset += sizeof(uint16);
1264 return True;
1267 /*******************************************************************
1268 prs_uint16 wrapper. call this and it retrospectively stores the size.
1269 does nothing on reading, as that is already handled by ...._pre()
1270 ********************************************************************/
1272 BOOL prs_uint16_post(const char *name, prs_struct *ps, int depth, uint16 *data16,
1273 uint32 ptr_uint16, uint32 start_offset)
1275 if (MARSHALLING(ps)) {
1277 * Writing - temporarily move the offset pointer.
1279 uint16 data_size = ps->data_offset - start_offset;
1280 uint32 old_offset = ps->data_offset;
1282 ps->data_offset = ptr_uint16;
1283 if(!prs_uint16(name, ps, depth, &data_size)) {
1284 ps->data_offset = old_offset;
1285 return False;
1287 ps->data_offset = old_offset;
1288 } else {
1289 ps->data_offset = start_offset + (uint32)(*data16);
1291 return True;
1294 /*******************************************************************
1295 prs_uint32 wrapper. Call this and it sets up a pointer to where the
1296 uint32 should be stored, or gets the size if reading.
1297 ********************************************************************/
1299 BOOL prs_uint32_pre(const char *name, prs_struct *ps, int depth, uint32 *data32, uint32 *offset)
1301 *offset = ps->data_offset;
1302 if (UNMARSHALLING(ps) && (data32 != NULL)) {
1303 /* reading. */
1304 return prs_uint32(name, ps, depth, data32);
1305 } else {
1306 ps->data_offset += sizeof(uint32);
1308 return True;
1311 /*******************************************************************
1312 prs_uint32 wrapper. call this and it retrospectively stores the size.
1313 does nothing on reading, as that is already handled by ...._pre()
1314 ********************************************************************/
1316 BOOL prs_uint32_post(const char *name, prs_struct *ps, int depth, uint32 *data32,
1317 uint32 ptr_uint32, uint32 data_size)
1319 if (MARSHALLING(ps)) {
1321 * Writing - temporarily move the offset pointer.
1323 uint32 old_offset = ps->data_offset;
1324 ps->data_offset = ptr_uint32;
1325 if(!prs_uint32(name, ps, depth, &data_size)) {
1326 ps->data_offset = old_offset;
1327 return False;
1329 ps->data_offset = old_offset;
1331 return True;
1334 /* useful function to store a structure in rpc wire format */
1335 int tdb_prs_store(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps)
1337 TDB_DATA kbuf, dbuf;
1338 kbuf.dptr = keystr;
1339 kbuf.dsize = strlen(keystr)+1;
1340 dbuf.dptr = ps->data_p;
1341 dbuf.dsize = prs_offset(ps);
1342 return tdb_store(tdb, kbuf, dbuf, TDB_REPLACE);
1345 /* useful function to fetch a structure into rpc wire format */
1346 int tdb_prs_fetch(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps, TALLOC_CTX *mem_ctx)
1348 TDB_DATA kbuf, dbuf;
1349 kbuf.dptr = keystr;
1350 kbuf.dsize = strlen(keystr)+1;
1352 dbuf = tdb_fetch(tdb, kbuf);
1353 if (!dbuf.dptr)
1354 return -1;
1356 prs_init(ps, 0, mem_ctx, UNMARSHALL);
1357 prs_give_memory(ps, dbuf.dptr, dbuf.dsize, True);
1359 return 0;
1362 /*******************************************************************
1363 hash a stream.
1364 ********************************************************************/
1366 BOOL prs_hash1(prs_struct *ps, uint32 offset, uint8 sess_key[16], int len)
1368 char *q;
1370 q = ps->data_p;
1371 q = &q[offset];
1373 #ifdef DEBUG_PASSWORD
1374 DEBUG(100, ("prs_hash1\n"));
1375 dump_data(100, sess_key, 16);
1376 dump_data(100, q, len);
1377 #endif
1378 SamOEMhash((uchar *) q, sess_key, len);
1380 #ifdef DEBUG_PASSWORD
1381 dump_data(100, q, len);
1382 #endif
1384 return True;
1387 /*******************************************************************
1388 Create a digest over the entire packet (including the data), and
1389 MD5 it with the session key.
1390 ********************************************************************/
1392 static void netsec_digest(struct netsec_auth_struct *a,
1393 int auth_flags,
1394 RPC_AUTH_NETSEC_CHK * verf,
1395 char *data, size_t data_len,
1396 uchar digest_final[16])
1398 uchar whole_packet_digest[16];
1399 static uchar zeros[4];
1400 struct MD5Context ctx3;
1402 /* verfiy the signature on the packet by MD5 over various bits */
1403 MD5Init(&ctx3);
1404 /* use our sequence number, which ensures the packet is not
1405 out of order */
1406 MD5Update(&ctx3, zeros, sizeof(zeros));
1407 MD5Update(&ctx3, verf->sig, sizeof(verf->sig));
1408 if (auth_flags & AUTH_PIPE_SEAL) {
1409 MD5Update(&ctx3, verf->confounder, sizeof(verf->confounder));
1411 MD5Update(&ctx3, (const unsigned char *)data, data_len);
1412 MD5Final(whole_packet_digest, &ctx3);
1413 dump_data_pw("whole_packet_digest:\n", whole_packet_digest, sizeof(whole_packet_digest));
1415 /* MD5 this result and the session key, to prove that
1416 only a valid client could had produced this */
1417 hmac_md5(a->sess_key, whole_packet_digest, sizeof(whole_packet_digest), digest_final);
1420 /*******************************************************************
1421 Calculate the key with which to encode the data payload
1422 ********************************************************************/
1424 static void netsec_get_sealing_key(struct netsec_auth_struct *a,
1425 RPC_AUTH_NETSEC_CHK *verf,
1426 uchar sealing_key[16])
1428 static uchar zeros[4];
1429 uchar digest2[16];
1430 uchar sess_kf0[16];
1431 int i;
1433 for (i = 0; i < sizeof(sess_kf0); i++) {
1434 sess_kf0[i] = a->sess_key[i] ^ 0xf0;
1437 dump_data_pw("sess_kf0:\n", sess_kf0, sizeof(sess_kf0));
1439 /* MD5 of sess_kf0 and 4 zero bytes */
1440 hmac_md5(sess_kf0, zeros, 0x4, digest2);
1441 dump_data_pw("digest2:\n", digest2, sizeof(digest2));
1443 /* MD5 of the above result, plus 8 bytes of sequence number */
1444 hmac_md5(digest2, verf->seq_num, sizeof(verf->seq_num), sealing_key);
1445 dump_data_pw("sealing_key:\n", sealing_key, 16);
1448 /*******************************************************************
1449 Encode or Decode the sequence number (which is symmetric)
1450 ********************************************************************/
1452 static void netsec_deal_with_seq_num(struct netsec_auth_struct *a,
1453 RPC_AUTH_NETSEC_CHK *verf)
1455 static uchar zeros[4];
1456 uchar sequence_key[16];
1457 uchar digest1[16];
1459 hmac_md5(a->sess_key, zeros, sizeof(zeros), digest1);
1460 dump_data_pw("(sequence key) digest1:\n", digest1, sizeof(digest1));
1462 hmac_md5(digest1, verf->packet_digest, 8, sequence_key);
1464 dump_data_pw("sequence_key:\n", sequence_key, sizeof(sequence_key));
1466 dump_data_pw("seq_num (before):\n", verf->seq_num, sizeof(verf->seq_num));
1467 SamOEMhash(verf->seq_num, sequence_key, 8);
1468 dump_data_pw("seq_num (after):\n", verf->seq_num, sizeof(verf->seq_num));
1471 /*******************************************************************
1472 creates an RPC_AUTH_NETSEC_CHK structure.
1473 ********************************************************************/
1475 static BOOL init_rpc_auth_netsec_chk(RPC_AUTH_NETSEC_CHK * chk,
1476 const uchar sig[8],
1477 const uchar packet_digest[8],
1478 const uchar seq_num[8], const uchar confounder[8])
1480 if (chk == NULL)
1481 return False;
1483 memcpy(chk->sig, sig, sizeof(chk->sig));
1484 memcpy(chk->packet_digest, packet_digest, sizeof(chk->packet_digest));
1485 memcpy(chk->seq_num, seq_num, sizeof(chk->seq_num));
1486 memcpy(chk->confounder, confounder, sizeof(chk->confounder));
1488 return True;
1491 /*******************************************************************
1492 Encode a blob of data using the netsec (schannel) alogrithm, also produceing
1493 a checksum over the original data. We currently only support
1494 signing and sealing togeather - the signing-only code is close, but not
1495 quite compatible with what MS does.
1496 ********************************************************************/
1498 void netsec_encode(struct netsec_auth_struct *a, int auth_flags,
1499 enum netsec_direction direction,
1500 RPC_AUTH_NETSEC_CHK * verf,
1501 char *data, size_t data_len)
1503 uchar digest_final[16];
1504 uchar confounder[8];
1505 uchar seq_num[8];
1506 static const uchar nullbytes[8];
1508 static const uchar netsec_seal_sig[8] = NETSEC_SEAL_SIGNATURE;
1509 static const uchar netsec_sign_sig[8] = NETSEC_SIGN_SIGNATURE;
1510 const uchar *netsec_sig = NULL;
1512 DEBUG(10,("SCHANNEL: netsec_encode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len));
1514 if (auth_flags & AUTH_PIPE_SEAL) {
1515 netsec_sig = netsec_seal_sig;
1516 } else if (auth_flags & AUTH_PIPE_SIGN) {
1517 netsec_sig = netsec_sign_sig;
1520 /* fill the 'confounder' with random data */
1521 generate_random_buffer(confounder, sizeof(confounder));
1523 dump_data_pw("a->sess_key:\n", a->sess_key, sizeof(a->sess_key));
1525 RSIVAL(seq_num, 0, a->seq_num);
1527 switch (direction) {
1528 case SENDER_IS_INITIATOR:
1529 SIVAL(seq_num, 4, 0x80);
1530 break;
1531 case SENDER_IS_ACCEPTOR:
1532 SIVAL(seq_num, 4, 0x0);
1533 break;
1536 dump_data_pw("verf->seq_num:\n", seq_num, sizeof(verf->seq_num));
1538 init_rpc_auth_netsec_chk(verf, netsec_sig, nullbytes,
1539 seq_num, confounder);
1541 /* produce a digest of the packet to prove it's legit (before we seal it) */
1542 netsec_digest(a, auth_flags, verf, data, data_len, digest_final);
1543 memcpy(verf->packet_digest, digest_final, sizeof(verf->packet_digest));
1545 if (auth_flags & AUTH_PIPE_SEAL) {
1546 uchar sealing_key[16];
1548 /* get the key to encode the data with */
1549 netsec_get_sealing_key(a, verf, sealing_key);
1551 /* encode the verification data */
1552 dump_data_pw("verf->confounder:\n", verf->confounder, sizeof(verf->confounder));
1553 SamOEMhash(verf->confounder, sealing_key, 8);
1555 dump_data_pw("verf->confounder_enc:\n", verf->confounder, sizeof(verf->confounder));
1557 /* encode the packet payload */
1558 dump_data_pw("data:\n", (const unsigned char *)data, data_len);
1559 SamOEMhash((unsigned char *)data, sealing_key, data_len);
1560 dump_data_pw("data_enc:\n", (const unsigned char *)data, data_len);
1563 /* encode the sequence number (key based on packet digest) */
1564 /* needs to be done after the sealing, as the original version
1565 is used in the sealing stuff... */
1566 netsec_deal_with_seq_num(a, verf);
1568 return;
1571 /*******************************************************************
1572 Decode a blob of data using the netsec (schannel) alogrithm, also verifiying
1573 a checksum over the original data. We currently can verify signed messages,
1574 as well as decode sealed messages
1575 ********************************************************************/
1577 BOOL netsec_decode(struct netsec_auth_struct *a, int auth_flags,
1578 enum netsec_direction direction,
1579 RPC_AUTH_NETSEC_CHK * verf, char *data, size_t data_len)
1581 uchar digest_final[16];
1583 static const uchar netsec_seal_sig[8] = NETSEC_SEAL_SIGNATURE;
1584 static const uchar netsec_sign_sig[8] = NETSEC_SIGN_SIGNATURE;
1585 const uchar *netsec_sig = NULL;
1587 uchar seq_num[8];
1589 DEBUG(10,("SCHANNEL: netsec_encode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len));
1591 if (auth_flags & AUTH_PIPE_SEAL) {
1592 netsec_sig = netsec_seal_sig;
1593 } else if (auth_flags & AUTH_PIPE_SIGN) {
1594 netsec_sig = netsec_sign_sig;
1597 /* Create the expected sequence number for comparison */
1598 RSIVAL(seq_num, 0, a->seq_num);
1600 switch (direction) {
1601 case SENDER_IS_INITIATOR:
1602 SIVAL(seq_num, 4, 0x80);
1603 break;
1604 case SENDER_IS_ACCEPTOR:
1605 SIVAL(seq_num, 4, 0x0);
1606 break;
1609 DEBUG(10,("SCHANNEL: netsec_decode seq_num=%d data_len=%lu\n", a->seq_num, (unsigned long)data_len));
1610 dump_data_pw("a->sess_key:\n", a->sess_key, sizeof(a->sess_key));
1612 dump_data_pw("seq_num:\n", seq_num, sizeof(seq_num));
1614 /* extract the sequence number (key based on supplied packet digest) */
1615 /* needs to be done before the sealing, as the original version
1616 is used in the sealing stuff... */
1617 netsec_deal_with_seq_num(a, verf);
1619 if (memcmp(verf->seq_num, seq_num, sizeof(seq_num))) {
1620 /* don't even bother with the below if the sequence number is out */
1621 /* The sequence number is MD5'ed with a key based on the whole-packet
1622 digest, as supplied by the client. We check that it's a valid
1623 checksum after the decode, below
1625 DEBUG(2, ("netsec_decode: FAILED: packet sequence number:\n"));
1626 dump_data(2, (const char*)verf->seq_num, sizeof(verf->seq_num));
1627 DEBUG(2, ("should be:\n"));
1628 dump_data(2, (const char*)seq_num, sizeof(seq_num));
1630 return False;
1633 if (memcmp(verf->sig, netsec_sig, sizeof(verf->sig))) {
1634 /* Validate that the other end sent the expected header */
1635 DEBUG(2, ("netsec_decode: FAILED: packet header:\n"));
1636 dump_data(2, (const char*)verf->sig, sizeof(verf->sig));
1637 DEBUG(2, ("should be:\n"));
1638 dump_data(2, (const char*)netsec_sig, sizeof(netsec_sig));
1639 return False;
1642 if (auth_flags & AUTH_PIPE_SEAL) {
1643 uchar sealing_key[16];
1645 /* get the key to extract the data with */
1646 netsec_get_sealing_key(a, verf, sealing_key);
1648 /* extract the verification data */
1649 dump_data_pw("verf->confounder:\n", verf->confounder,
1650 sizeof(verf->confounder));
1651 SamOEMhash(verf->confounder, sealing_key, 8);
1653 dump_data_pw("verf->confounder_dec:\n", verf->confounder,
1654 sizeof(verf->confounder));
1656 /* extract the packet payload */
1657 dump_data_pw("data :\n", (const unsigned char *)data, data_len);
1658 SamOEMhash((unsigned char *)data, sealing_key, data_len);
1659 dump_data_pw("datadec:\n", (const unsigned char *)data, data_len);
1662 /* digest includes 'data' after unsealing */
1663 netsec_digest(a, auth_flags, verf, data, data_len, digest_final);
1665 dump_data_pw("Calculated digest:\n", digest_final,
1666 sizeof(digest_final));
1667 dump_data_pw("verf->packet_digest:\n", verf->packet_digest,
1668 sizeof(verf->packet_digest));
1670 /* compare - if the client got the same result as us, then
1671 it must know the session key */
1672 return (memcmp(digest_final, verf->packet_digest,
1673 sizeof(verf->packet_digest)) == 0);