search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:libnet_rpc: check for NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE instead of NT_STATUS_NET_...
[Samba/gebeck_regimport.git] / source4 / librpc / rpc / dcerpc_util.c
blobb71e3060e1c6e5b7cf4f05f5bec04653ff22612b
1 /*
2 Unix SMB/CIFS implementation.
3
4 dcerpc utility functions
5
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Jelmer Vernooij 2004
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
9 Copyright (C) Rafal Szczesniak 2006
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "lib/events/events.h"
27 #include "libcli/composite/composite.h"
28 #include "librpc/gen_ndr/ndr_epmapper_c.h"
29 #include "librpc/gen_ndr/ndr_dcerpc.h"
30 #include "librpc/gen_ndr/ndr_misc.h"
31 #include "librpc/rpc/dcerpc_proto.h"
32 #include "auth/credentials/credentials.h"
33 #include "param/param.h"
34
35 /*
36 find a dcerpc call on an interface by name
37 */
38 const struct ndr_interface_call *dcerpc_iface_find_call(const struct ndr_interface_table *iface,
39 const char *name)
40 {
41 int i;
42 for (i=0;i<iface->num_calls;i++) {
43 if (strcmp(iface->calls[i].name, name) == 0) {
44 return &iface->calls[i];
45 }
46 }
47 return NULL;
48 }
49
50 /*
51 push a ncacn_packet into a blob, potentially with auth info
52 */
53 NTSTATUS ncacn_push_auth(DATA_BLOB *blob, TALLOC_CTX *mem_ctx,
54 struct smb_iconv_convenience *iconv_convenience,
55 struct ncacn_packet *pkt,
56 struct dcerpc_auth *auth_info)
57 {
58 struct ndr_push *ndr;
59 enum ndr_err_code ndr_err;
60
61 ndr = ndr_push_init_ctx(mem_ctx, iconv_convenience);
62 if (!ndr) {
63 return NT_STATUS_NO_MEMORY;
64 }
65
66 if (!(pkt->drep[0] & DCERPC_DREP_LE)) {
67 ndr->flags |= LIBNDR_FLAG_BIGENDIAN;
68 }
69
70 if (pkt->pfc_flags & DCERPC_PFC_FLAG_OBJECT_UUID) {
71 ndr->flags |= LIBNDR_FLAG_OBJECT_PRESENT;
72 }
73
74 if (auth_info) {
75 pkt->auth_length = auth_info->credentials.length;
76 } else {
77 pkt->auth_length = 0;
78 }
79
80 ndr_err = ndr_push_ncacn_packet(ndr, NDR_SCALARS|NDR_BUFFERS, pkt);
81 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
82 return ndr_map_error2ntstatus(ndr_err);
83 }
84
85 if (auth_info) {
86 #if 0
87 /* the s3 rpc server doesn't handle auth padding in
88 bind requests. Use zero auth padding to keep us
89 working with old servers */
90 uint32_t offset = ndr->offset;
91 ndr_err = ndr_push_align(ndr, 16);
92 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
93 return ndr_map_error2ntstatus(ndr_err);
94 }
95 auth_info->auth_pad_length = ndr->offset - offset;
96 #else
97 auth_info->auth_pad_length = 0;
98 #endif
99 ndr_err = ndr_push_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, auth_info);
100 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
101 return ndr_map_error2ntstatus(ndr_err);
102 }
103 }
104
105 *blob = ndr_push_blob(ndr);
106
107 /* fill in the frag length */
108 dcerpc_set_frag_length(blob, blob->length);
109
110 return NT_STATUS_OK;
111 }
112
113
114 struct epm_map_binding_state {
115 struct dcerpc_binding *binding;
116 const struct ndr_interface_table *table;
117 struct dcerpc_pipe *pipe;
118 struct policy_handle handle;
119 struct GUID guid;
120 struct epm_twr_t twr;
121 struct epm_twr_t *twr_r;
122 struct epm_Map r;
123 };
124
125
126 static void continue_epm_recv_binding(struct composite_context *ctx);
127 static void continue_epm_map(struct tevent_req *subreq);
128
129
130 /*
131 Stage 2 of epm_map_binding: Receive connected rpc pipe and send endpoint
132 mapping rpc request
133 */
134 static void continue_epm_recv_binding(struct composite_context *ctx)
135 {
136 struct composite_context *c = talloc_get_type(ctx->async.private_data,
137 struct composite_context);
138 struct epm_map_binding_state *s = talloc_get_type(c->private_data,
139 struct epm_map_binding_state);
140 struct tevent_req *subreq;
141
142 /* receive result of rpc pipe connect request */
143 c->status = dcerpc_pipe_connect_b_recv(ctx, c, &s->pipe);
144 if (!composite_is_ok(c)) return;
145
146 s->pipe->conn->flags |= DCERPC_NDR_REF_ALLOC;
147
148 /* prepare requested binding parameters */
149 s->binding->object = s->table->syntax_id;
150
151 c->status = dcerpc_binding_build_tower(s->pipe, s->binding, &s->twr.tower);
152 if (!composite_is_ok(c)) return;
153
154 /* with some nice pretty paper around it of course */
155 s->r.in.object = &s->guid;
156 s->r.in.map_tower = &s->twr;
157 s->r.in.entry_handle = &s->handle;
158 s->r.in.max_towers = 1;
159 s->r.out.entry_handle = &s->handle;
160
161 /* send request for an endpoint mapping - a rpc request on connected pipe */
162 subreq = dcerpc_epm_Map_r_send(s, c->event_ctx,
163 s->pipe->binding_handle,
164 &s->r);
165 if (composite_nomem(subreq, c)) return;
166
167 tevent_req_set_callback(subreq, continue_epm_map, c);
168 }
169
170
171 /*
172 Stage 3 of epm_map_binding: Receive endpoint mapping and provide binding details
173 */
174 static void continue_epm_map(struct tevent_req *subreq)
175 {
176 struct composite_context *c = tevent_req_callback_data(subreq,
177 struct composite_context);
178 struct epm_map_binding_state *s = talloc_get_type(c->private_data,
179 struct epm_map_binding_state);
180
181 /* receive result of a rpc request */
182 c->status = dcerpc_epm_Map_r_recv(subreq, s);
183 TALLOC_FREE(subreq);
184 if (!composite_is_ok(c)) return;
185
186 /* check the details */
187 if (s->r.out.result != 0 || *s->r.out.num_towers != 1) {
188 composite_error(c, NT_STATUS_PORT_UNREACHABLE);
189 return;
190 }
191
192 s->twr_r = s->r.out.towers[0].twr;
193 if (s->twr_r == NULL) {
194 composite_error(c, NT_STATUS_PORT_UNREACHABLE);
195 return;
196 }
197
198 if (s->twr_r->tower.num_floors != s->twr.tower.num_floors ||
199 s->twr_r->tower.floors[3].lhs.protocol != s->twr.tower.floors[3].lhs.protocol) {
200 composite_error(c, NT_STATUS_PORT_UNREACHABLE);
201 return;
202 }
203
204 /* get received endpoint */
205 s->binding->endpoint = talloc_reference(s->binding,
206 dcerpc_floor_get_rhs_data(c, &s->twr_r->tower.floors[3]));
207 if (composite_nomem(s->binding->endpoint, c)) return;
208
209 composite_done(c);
210 }
211
212
213 /*
214 Request for endpoint mapping of dcerpc binding - try to request for endpoint
215 unless there is default one.
216 */
217 struct composite_context *dcerpc_epm_map_binding_send(TALLOC_CTX *mem_ctx,
218 struct dcerpc_binding *binding,
219 const struct ndr_interface_table *table,
220 struct tevent_context *ev,
221 struct loadparm_context *lp_ctx)
222 {
223 struct composite_context *c;
224 struct epm_map_binding_state *s;
225 struct composite_context *pipe_connect_req;
226 struct cli_credentials *anon_creds;
227
228 NTSTATUS status;
229 struct dcerpc_binding *epmapper_binding;
230 int i;
231
232 if (ev == NULL) {
233 return NULL;
234 }
235
236 /* composite context allocation and setup */
237 c = composite_create(mem_ctx, ev);
238 if (c == NULL) {
239 return NULL;
240 }
241
242 s = talloc_zero(c, struct epm_map_binding_state);
243 if (composite_nomem(s, c)) return c;
244 c->private_data = s;
245
246 s->binding = binding;
247 s->table = table;
248
249 /* anonymous credentials for rpc connection used to get endpoint mapping */
250 anon_creds = cli_credentials_init(mem_ctx);
251 cli_credentials_set_anonymous(anon_creds);
252
253 /*
254 First, check if there is a default endpoint specified in the IDL
255 */
256 if (table != NULL) {
257 struct dcerpc_binding *default_binding;
258
259 /* Find one of the default pipes for this interface */
260 for (i = 0; i < table->endpoints->count; i++) {
261 status = dcerpc_parse_binding(mem_ctx, table->endpoints->names[i], &default_binding);
262
263 if (NT_STATUS_IS_OK(status)) {
264 if (binding->transport == NCA_UNKNOWN)
265 binding->transport = default_binding->transport;
266 if (default_binding->transport == binding->transport &&
267 default_binding->endpoint) {
268 binding->endpoint = talloc_reference(binding, default_binding->endpoint);
269 talloc_free(default_binding);
270
271 composite_done(c);
272 return c;
273
274 } else {
275 talloc_free(default_binding);
276 }
277 }
278 }
279 }
280
281 epmapper_binding = talloc_zero(c, struct dcerpc_binding);
282 if (composite_nomem(epmapper_binding, c)) return c;
283
284 /* basic endpoint mapping data */
285 epmapper_binding->transport = binding->transport;
286 epmapper_binding->host = talloc_reference(epmapper_binding, binding->host);
287 epmapper_binding->target_hostname = epmapper_binding->host;
288 epmapper_binding->options = NULL;
289 epmapper_binding->flags = 0;
290 epmapper_binding->assoc_group_id = 0;
291 epmapper_binding->endpoint = NULL;
292
293 /* initiate rpc pipe connection */
294 pipe_connect_req = dcerpc_pipe_connect_b_send(c, epmapper_binding,
295 &ndr_table_epmapper,
296 anon_creds, c->event_ctx,
297 lp_ctx);
298 if (composite_nomem(pipe_connect_req, c)) return c;
299
300 composite_continue(c, pipe_connect_req, continue_epm_recv_binding, c);
301 return c;
302 }
303
304
305 /*
306 Receive result of endpoint mapping request
307 */
308 NTSTATUS dcerpc_epm_map_binding_recv(struct composite_context *c)
309 {
310 NTSTATUS status = composite_wait(c);
311
312 talloc_free(c);
313 return status;
314 }
315
316
317 /*
318 Get endpoint mapping for rpc connection
319 */
320 _PUBLIC_ NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *binding,
321 const struct ndr_interface_table *table, struct tevent_context *ev,
322 struct loadparm_context *lp_ctx)
323 {
324 struct composite_context *c;
325
326 c = dcerpc_epm_map_binding_send(mem_ctx, binding, table, ev, lp_ctx);
327 return dcerpc_epm_map_binding_recv(c);
328 }
329
330
331 struct pipe_auth_state {
332 struct dcerpc_pipe *pipe;
333 struct dcerpc_binding *binding;
334 const struct ndr_interface_table *table;
335 struct loadparm_context *lp_ctx;
336 struct cli_credentials *credentials;
337 };
338
339
340 static void continue_auth_schannel(struct composite_context *ctx);
341 static void continue_auth(struct composite_context *ctx);
342 static void continue_auth_none(struct composite_context *ctx);
343 static void continue_ntlmssp_connection(struct composite_context *ctx);
344 static void continue_spnego_after_wrong_pass(struct composite_context *ctx);
345
346
347 /*
348 Stage 2 of pipe_auth: Receive result of schannel bind request
349 */
350 static void continue_auth_schannel(struct composite_context *ctx)
351 {
352 struct composite_context *c = talloc_get_type(ctx->async.private_data,
353 struct composite_context);
354
355 c->status = dcerpc_bind_auth_schannel_recv(ctx);
356 if (!composite_is_ok(c)) return;
357
358 composite_done(c);
359 }
360
361
362 /*
363 Stage 2 of pipe_auth: Receive result of authenticated bind request
364 */
365 static void continue_auth(struct composite_context *ctx)
366 {
367 struct composite_context *c = talloc_get_type(ctx->async.private_data,
368 struct composite_context);
369
370 c->status = dcerpc_bind_auth_recv(ctx);
371 if (!composite_is_ok(c)) return;
372
373 composite_done(c);
374 }
375 /*
376 Stage 2 of pipe_auth: Receive result of authenticated bind request, but handle fallbacks:
377 SPNEGO -> NTLMSSP
378 */
379 static void continue_auth_auto(struct composite_context *ctx)
380 {
381 struct composite_context *c = talloc_get_type(ctx->async.private_data,
382 struct composite_context);
383 struct pipe_auth_state *s = talloc_get_type(c->private_data, struct pipe_auth_state);
384 struct composite_context *sec_conn_req;
385
386 c->status = dcerpc_bind_auth_recv(ctx);
387 if (NT_STATUS_EQUAL(c->status, NT_STATUS_INVALID_PARAMETER)) {
388 /*
389 * Retry with NTLMSSP auth as fallback
390 * send a request for secondary rpc connection
391 */
392 sec_conn_req = dcerpc_secondary_connection_send(s->pipe,
393 s->binding);
394 composite_continue(c, sec_conn_req, continue_ntlmssp_connection, c);
395 return;
396 } else if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) {
397 if (cli_credentials_wrong_password(s->credentials)) {
398 /*
399 * Retry SPNEGO with a better password
400 * send a request for secondary rpc connection
401 */
402 sec_conn_req = dcerpc_secondary_connection_send(s->pipe,
403 s->binding);
404 composite_continue(c, sec_conn_req, continue_spnego_after_wrong_pass, c);
405 return;
406 }
407 }
408
409 if (!composite_is_ok(c)) return;
410
411 composite_done(c);
412 }
413
414 /*
415 Stage 3 of pipe_auth (fallback to NTLMSSP case): Receive secondary
416 rpc connection (the first one can't be used any more, due to the
417 bind nak) and perform authenticated bind request
418 */
419 static void continue_ntlmssp_connection(struct composite_context *ctx)
420 {
421 struct composite_context *c;
422 struct pipe_auth_state *s;
423 struct composite_context *auth_req;
424 struct dcerpc_pipe *p2;
425 void *pp;
426
427 c = talloc_get_type(ctx->async.private_data, struct composite_context);
428 s = talloc_get_type(c->private_data, struct pipe_auth_state);
429
430 /* receive secondary rpc connection */
431 c->status = dcerpc_secondary_connection_recv(ctx, &p2);
432 if (!composite_is_ok(c)) return;
433
434
435 /* this is a rather strange situation. When
436 we come into the routine, s is a child of s->pipe, and
437 when we created p2 above, it also became a child of
438 s->pipe.
439
440 Now we want p2 to be a parent of s->pipe, and we want s to
441 be a parent of both of them! If we don't do this very
442 carefully we end up creating a talloc loop
443 */
444
445 /* we need the new contexts to hang off the same context
446 that s->pipe is on, but the only way to get that is
447 via talloc_parent() */
448 pp = talloc_parent(s->pipe);
449
450 /* promote s to be at the top */
451 talloc_steal(pp, s);
452
453 /* and put p2 under s */
454 talloc_steal(s, p2);
455
456 /* now put s->pipe under p2 */
457 talloc_steal(p2, s->pipe);
458
459 s->pipe = p2;
460
461 /* initiate a authenticated bind */
462 auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
463 s->credentials,
464 lp_gensec_settings(c, s->lp_ctx),
465 DCERPC_AUTH_TYPE_NTLMSSP,
466 dcerpc_auth_level(s->pipe->conn),
467 s->table->authservices->names[0]);
468 composite_continue(c, auth_req, continue_auth, c);
469 }
470
471 /*
472 Stage 3 of pipe_auth (retry on wrong password): Receive secondary
473 rpc connection (the first one can't be used any more, due to the
474 bind nak) and perform authenticated bind request
475 */
476 static void continue_spnego_after_wrong_pass(struct composite_context *ctx)
477 {
478 struct composite_context *c;
479 struct pipe_auth_state *s;
480 struct composite_context *auth_req;
481 struct dcerpc_pipe *p2;
482
483 c = talloc_get_type(ctx->async.private_data, struct composite_context);
484 s = talloc_get_type(c->private_data, struct pipe_auth_state);
485
486 /* receive secondary rpc connection */
487 c->status = dcerpc_secondary_connection_recv(ctx, &p2);
488 if (!composite_is_ok(c)) return;
489
490 talloc_steal(s, p2);
491 talloc_steal(p2, s->pipe);
492 s->pipe = p2;
493
494 /* initiate a authenticated bind */
495 auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
496 s->credentials,
497 lp_gensec_settings(c, s->lp_ctx),
498 DCERPC_AUTH_TYPE_SPNEGO,
499 dcerpc_auth_level(s->pipe->conn),
500 s->table->authservices->names[0]);
501 composite_continue(c, auth_req, continue_auth, c);
502 }
503
504
505 /*
506 Stage 2 of pipe_auth: Receive result of non-authenticated bind request
507 */
508 static void continue_auth_none(struct composite_context *ctx)
509 {
510 struct composite_context *c = talloc_get_type(ctx->async.private_data,
511 struct composite_context);
512
513 c->status = dcerpc_bind_auth_none_recv(ctx);
514 if (!composite_is_ok(c)) return;
515
516 composite_done(c);
517 }
518
519
520 /*
521 Request to perform an authenticated bind if required. Authentication
522 is determined using credentials passed and binding flags.
523 */
524 struct composite_context *dcerpc_pipe_auth_send(struct dcerpc_pipe *p,
525 struct dcerpc_binding *binding,
526 const struct ndr_interface_table *table,
527 struct cli_credentials *credentials,
528 struct loadparm_context *lp_ctx)
529 {
530 struct composite_context *c;
531 struct pipe_auth_state *s;
532 struct composite_context *auth_schannel_req;
533 struct composite_context *auth_req;
534 struct composite_context *auth_none_req;
535 struct dcerpc_connection *conn;
536 uint8_t auth_type;
537
538 /* composite context allocation and setup */
539 c = composite_create(p, p->conn->event_ctx);
540 if (c == NULL) return NULL;
541
542 s = talloc_zero(c, struct pipe_auth_state);
543 if (composite_nomem(s, c)) return c;
544 c->private_data = s;
545
546 /* store parameters in state structure */
547 s->binding = binding;
548 s->table = table;
549 s->credentials = credentials;
550 s->pipe = p;
551 s->lp_ctx = lp_ctx;
552
553 conn = s->pipe->conn;
554 conn->flags = binding->flags;
555
556 if (DEBUGLVL(100)) {
557 conn->flags |= DCERPC_DEBUG_PRINT_BOTH;
558 }
559
560 /* remember the binding string for possible secondary connections */
561 conn->binding_string = dcerpc_binding_string(p, binding);
562
563 if (cli_credentials_is_anonymous(s->credentials)) {
564 auth_none_req = dcerpc_bind_auth_none_send(c, s->pipe, s->table);
565 composite_continue(c, auth_none_req, continue_auth_none, c);
566 return c;
567 }
568
569 if ((binding->flags & DCERPC_SCHANNEL) &&
570 !cli_credentials_get_netlogon_creds(s->credentials)) {
571 /* If we don't already have netlogon credentials for
572 * the schannel bind, then we have to get these
573 * first */
574 auth_schannel_req = dcerpc_bind_auth_schannel_send(c, s->pipe, s->table,
575 s->credentials, s->lp_ctx,
576 dcerpc_auth_level(conn));
577 composite_continue(c, auth_schannel_req, continue_auth_schannel, c);
578 return c;
579 }
580
581 /*
582 * we rely on the already authenticated CIFS connection
583 * if not doing sign or seal
584 */
585 if (conn->transport.transport == NCACN_NP &&
586 !(s->binding->flags & (DCERPC_SIGN|DCERPC_SEAL))) {
587 auth_none_req = dcerpc_bind_auth_none_send(c, s->pipe, s->table);
588 composite_continue(c, auth_none_req, continue_auth_none, c);
589 return c;
590 }
591
592
593 /* Perform an authenticated DCE-RPC bind
594 */
595 if (!(conn->flags & (DCERPC_SIGN|DCERPC_SEAL))) {
596 /*
597 we are doing an authenticated connection,
598 but not using sign or seal. We must force
599 the CONNECT dcerpc auth type as a NONE auth
600 type doesn't allow authentication
601 information to be passed.
602 */
603 conn->flags |= DCERPC_CONNECT;
604 }
605
606 if (s->binding->flags & DCERPC_AUTH_SPNEGO) {
607 auth_type = DCERPC_AUTH_TYPE_SPNEGO;
608
609 } else if (s->binding->flags & DCERPC_AUTH_KRB5) {
610 auth_type = DCERPC_AUTH_TYPE_KRB5;
611
612 } else if (s->binding->flags & DCERPC_SCHANNEL) {
613 auth_type = DCERPC_AUTH_TYPE_SCHANNEL;
614
615 } else if (s->binding->flags & DCERPC_AUTH_NTLM) {
616 auth_type = DCERPC_AUTH_TYPE_NTLMSSP;
617
618 } else {
619 /* try SPNEGO with fallback to NTLMSSP */
620 auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
621 s->credentials,
622 lp_gensec_settings(c, s->lp_ctx),
623 DCERPC_AUTH_TYPE_SPNEGO,
624 dcerpc_auth_level(conn),
625 s->table->authservices->names[0]);
626 composite_continue(c, auth_req, continue_auth_auto, c);
627 return c;
628 }
629
630 auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table,
631 s->credentials,
632 lp_gensec_settings(c, s->lp_ctx),
633 auth_type,
634 dcerpc_auth_level(conn),
635 s->table->authservices->names[0]);
636 composite_continue(c, auth_req, continue_auth, c);
637 return c;
638 }
639
640
641 /*
642 Receive result of authenticated bind request on dcerpc pipe
643
644 This returns *p, which may be different to the one originally
645 supllied, as it rebinds to a new pipe due to authentication fallback
646
647 */
648 NTSTATUS dcerpc_pipe_auth_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
649 struct dcerpc_pipe **p)
650 {
651 NTSTATUS status;
652
653 struct pipe_auth_state *s = talloc_get_type(c->private_data,
654 struct pipe_auth_state);
655 status = composite_wait(c);
656 if (!NT_STATUS_IS_OK(status)) {
657 char *uuid_str = GUID_string(s->pipe, &s->table->syntax_id.uuid);
658 DEBUG(0, ("Failed to bind to uuid %s - %s\n", uuid_str, nt_errstr(status)));
659 talloc_free(uuid_str);
660 } else {
661 talloc_steal(mem_ctx, s->pipe);
662 *p = s->pipe;
663 }
664
665 talloc_free(c);
666 return status;
667 }
668
669
670 /*
671 Perform an authenticated bind if needed - sync version
672
673 This may change *p, as it rebinds to a new pipe due to authentication fallback
674 */
675 _PUBLIC_ NTSTATUS dcerpc_pipe_auth(TALLOC_CTX *mem_ctx,
676 struct dcerpc_pipe **p,
677 struct dcerpc_binding *binding,
678 const struct ndr_interface_table *table,
679 struct cli_credentials *credentials,
680 struct loadparm_context *lp_ctx)
681 {
682 struct composite_context *c;
683
684 c = dcerpc_pipe_auth_send(*p, binding, table, credentials, lp_ctx);
685 return dcerpc_pipe_auth_recv(c, mem_ctx, p);
686 }
687
688
689 NTSTATUS dcerpc_generic_session_key(struct dcerpc_connection *c,
690 DATA_BLOB *session_key)
691 {
692 /* this took quite a few CPU cycles to find ... */
693 session_key->data = discard_const_p(unsigned char, "SystemLibraryDTC");
694 session_key->length = 16;
695 return NT_STATUS_OK;
696 }
697
698 /*
699 fetch the user session key - may be default (above) or the SMB session key
700
701 The key is always truncated to 16 bytes
702 */
703 _PUBLIC_ NTSTATUS dcerpc_fetch_session_key(struct dcerpc_pipe *p,
704 DATA_BLOB *session_key)
705 {
706 NTSTATUS status;
707 status = p->conn->security_state.session_key(p->conn, session_key);
708 if (!NT_STATUS_IS_OK(status)) {
709 return status;
710 }
711
712 session_key->length = MIN(session_key->length, 16);
713
714 return NT_STATUS_OK;
715 }
716
717
718 /*
719 log a rpc packet in a format suitable for ndrdump. This is especially useful
720 for sealed packets, where ethereal cannot easily see the contents
721
722 this triggers on a debug level of >= 10
723 */
724 _PUBLIC_ void dcerpc_log_packet(const char *lockdir,
725 const struct ndr_interface_table *ndr,
726 uint32_t opnum, uint32_t flags,
727 DATA_BLOB *pkt)
728 {
729 const int num_examples = 20;
730 int i;
731
732 if (lockdir == NULL) return;
733
734 for (i=0;i<num_examples;i++) {
735 char *name=NULL;
736 asprintf(&name, "%s/rpclog/%s-%u.%d.%s",
737 lockdir, ndr->name, opnum, i,
738 (flags&NDR_IN)?"in":"out");
739 if (name == NULL) {
740 return;
741 }
742 if (!file_exist(name)) {
743 if (file_save(name, pkt->data, pkt->length)) {
744 DEBUG(10,("Logged rpc packet to %s\n", name));
745 }
746 free(name);
747 break;
748 }
749 free(name);
750 }
751 }
752
753
754
755 /*
756 create a secondary context from a primary connection
757
758 this uses dcerpc_alter_context() to create a new dcerpc context_id
759 */
760 _PUBLIC_ NTSTATUS dcerpc_secondary_context(struct dcerpc_pipe *p,
761 struct dcerpc_pipe **pp2,
762 const struct ndr_interface_table *table)
763 {
764 NTSTATUS status;
765 struct dcerpc_pipe *p2;
766
767 p2 = talloc_zero(p, struct dcerpc_pipe);
768 if (p2 == NULL) {
769 return NT_STATUS_NO_MEMORY;
770 }
771 p2->conn = talloc_reference(p2, p->conn);
772 p2->request_timeout = p->request_timeout;
773
774 p2->context_id = ++p->conn->next_context_id;
775
776 p2->syntax = table->syntax_id;
777
778 p2->transfer_syntax = p->transfer_syntax;
779
780 p2->binding = talloc_reference(p2, p->binding);
781
782 p2->binding_handle = talloc(p2, struct dcerpc_binding_handle);
783 if (p2->binding_handle == NULL) {
784 talloc_free(p2);
785 return NT_STATUS_NO_MEMORY;
786 }
787 p2->binding_handle->private_data = p2;
788
789 status = dcerpc_alter_context(p2, p2, &p2->syntax, &p2->transfer_syntax);
790 if (!NT_STATUS_IS_OK(status)) {
791 talloc_free(p2);
792 return status;
793 }
794
795 *pp2 = p2;
796
797 return NT_STATUS_OK;
798 }
799
800
801 /*
802 pull an dcerpc_auth structure, taking account of any auth padding in
803 the blob at the end of the structure
804 */
805 NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
806 TALLOC_CTX *mem_ctx,
807 DATA_BLOB *pkt_auth_blob,
808 struct dcerpc_auth *auth,
809 uint32_t *auth_length,
810 bool check_pad)
811 {
812 struct ndr_pull *ndr;
813 enum ndr_err_code ndr_err;
814 uint32_t pad;
815
816 pad = pkt_auth_blob->length - (DCERPC_AUTH_TRAILER_LENGTH + pkt->auth_length);
817
818 /* paranoia check for pad size. This would be caught anyway by
819 the ndr_pull_advance() a few lines down, but it scared
820 Jeremy enough for him to call me, so we might as well check
821 it now, just to prevent someone posting a bogus YouTube
822 video in the future.
823 */
824 if (pad > pkt_auth_blob->length) {
825 return NT_STATUS_INFO_LENGTH_MISMATCH;
826 }
827
828 *auth_length = pkt_auth_blob->length - pad;
829
830 ndr = ndr_pull_init_blob(pkt_auth_blob, mem_ctx, NULL);
831 if (!ndr) {
832 return NT_STATUS_NO_MEMORY;
833 }
834
835 if (!(pkt->drep[0] & DCERPC_DREP_LE)) {
836 ndr->flags |= LIBNDR_FLAG_BIGENDIAN;
837 }
838
839 ndr_err = ndr_pull_advance(ndr, pad);
840 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
841 talloc_free(ndr);
842 return ndr_map_error2ntstatus(ndr_err);
843 }
844
845 ndr_err = ndr_pull_dcerpc_auth(ndr, NDR_SCALARS|NDR_BUFFERS, auth);
846 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
847 talloc_free(ndr);
848 return ndr_map_error2ntstatus(ndr_err);
849 }
850
851 if (check_pad && pad != auth->auth_pad_length) {
852 DEBUG(1,(__location__ ": WARNING: pad length mismatch. Calculated %u got %u\n",
853 (unsigned)pad, (unsigned)auth->auth_pad_length));
854 }
855
856 DEBUG(6,(__location__ ": auth_pad_length %u\n",
857 (unsigned)auth->auth_pad_length));
858
859 talloc_steal(mem_ctx, auth->credentials.data);
860 talloc_free(ndr);
861
862 return NT_STATUS_OK;
863 }
864
865
reg import