2 Unix SMB/CIFS implementation.
4 dcerpc utility functions
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Jelmer Vernooij 2004
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
9 Copyright (C) Rafal Szczesniak 2006
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #include "lib/events/events.h"
27 #include "libcli/composite/composite.h"
28 #include "librpc/gen_ndr/ndr_epmapper_c.h"
29 #include "librpc/gen_ndr/ndr_dcerpc.h"
30 #include "librpc/gen_ndr/ndr_misc.h"
31 #include "librpc/rpc/dcerpc_proto.h"
32 #include "auth/credentials/credentials.h"
33 #include "param/param.h"
36 find a dcerpc call on an interface by name
38 const struct ndr_interface_call
*dcerpc_iface_find_call(const struct ndr_interface_table
*iface
,
42 for (i
=0;i
<iface
->num_calls
;i
++) {
43 if (strcmp(iface
->calls
[i
].name
, name
) == 0) {
44 return &iface
->calls
[i
];
51 push a ncacn_packet into a blob, potentially with auth info
53 NTSTATUS
ncacn_push_auth(DATA_BLOB
*blob
, TALLOC_CTX
*mem_ctx
,
54 struct smb_iconv_convenience
*iconv_convenience
,
55 struct ncacn_packet
*pkt
,
56 struct dcerpc_auth
*auth_info
)
59 enum ndr_err_code ndr_err
;
61 ndr
= ndr_push_init_ctx(mem_ctx
, iconv_convenience
);
63 return NT_STATUS_NO_MEMORY
;
66 if (!(pkt
->drep
[0] & DCERPC_DREP_LE
)) {
67 ndr
->flags
|= LIBNDR_FLAG_BIGENDIAN
;
70 if (pkt
->pfc_flags
& DCERPC_PFC_FLAG_OBJECT_UUID
) {
71 ndr
->flags
|= LIBNDR_FLAG_OBJECT_PRESENT
;
75 pkt
->auth_length
= auth_info
->credentials
.length
;
80 ndr_err
= ndr_push_ncacn_packet(ndr
, NDR_SCALARS
|NDR_BUFFERS
, pkt
);
81 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
82 return ndr_map_error2ntstatus(ndr_err
);
87 /* the s3 rpc server doesn't handle auth padding in
88 bind requests. Use zero auth padding to keep us
89 working with old servers */
90 uint32_t offset
= ndr
->offset
;
91 ndr_err
= ndr_push_align(ndr
, 16);
92 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
93 return ndr_map_error2ntstatus(ndr_err
);
95 auth_info
->auth_pad_length
= ndr
->offset
- offset
;
97 auth_info
->auth_pad_length
= 0;
99 ndr_err
= ndr_push_dcerpc_auth(ndr
, NDR_SCALARS
|NDR_BUFFERS
, auth_info
);
100 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
101 return ndr_map_error2ntstatus(ndr_err
);
105 *blob
= ndr_push_blob(ndr
);
107 /* fill in the frag length */
108 dcerpc_set_frag_length(blob
, blob
->length
);
114 struct epm_map_binding_state
{
115 struct dcerpc_binding
*binding
;
116 const struct ndr_interface_table
*table
;
117 struct dcerpc_pipe
*pipe
;
118 struct policy_handle handle
;
120 struct epm_twr_t twr
;
121 struct epm_twr_t
*twr_r
;
126 static void continue_epm_recv_binding(struct composite_context
*ctx
);
127 static void continue_epm_map(struct tevent_req
*subreq
);
131 Stage 2 of epm_map_binding: Receive connected rpc pipe and send endpoint
134 static void continue_epm_recv_binding(struct composite_context
*ctx
)
136 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
137 struct composite_context
);
138 struct epm_map_binding_state
*s
= talloc_get_type(c
->private_data
,
139 struct epm_map_binding_state
);
140 struct tevent_req
*subreq
;
142 /* receive result of rpc pipe connect request */
143 c
->status
= dcerpc_pipe_connect_b_recv(ctx
, c
, &s
->pipe
);
144 if (!composite_is_ok(c
)) return;
146 s
->pipe
->conn
->flags
|= DCERPC_NDR_REF_ALLOC
;
148 /* prepare requested binding parameters */
149 s
->binding
->object
= s
->table
->syntax_id
;
151 c
->status
= dcerpc_binding_build_tower(s
->pipe
, s
->binding
, &s
->twr
.tower
);
152 if (!composite_is_ok(c
)) return;
154 /* with some nice pretty paper around it of course */
155 s
->r
.in
.object
= &s
->guid
;
156 s
->r
.in
.map_tower
= &s
->twr
;
157 s
->r
.in
.entry_handle
= &s
->handle
;
158 s
->r
.in
.max_towers
= 1;
159 s
->r
.out
.entry_handle
= &s
->handle
;
161 /* send request for an endpoint mapping - a rpc request on connected pipe */
162 subreq
= dcerpc_epm_Map_r_send(s
, c
->event_ctx
,
163 s
->pipe
->binding_handle
,
165 if (composite_nomem(subreq
, c
)) return;
167 tevent_req_set_callback(subreq
, continue_epm_map
, c
);
172 Stage 3 of epm_map_binding: Receive endpoint mapping and provide binding details
174 static void continue_epm_map(struct tevent_req
*subreq
)
176 struct composite_context
*c
= tevent_req_callback_data(subreq
,
177 struct composite_context
);
178 struct epm_map_binding_state
*s
= talloc_get_type(c
->private_data
,
179 struct epm_map_binding_state
);
181 /* receive result of a rpc request */
182 c
->status
= dcerpc_epm_Map_r_recv(subreq
, s
);
184 if (!composite_is_ok(c
)) return;
186 /* check the details */
187 if (s
->r
.out
.result
!= 0 || *s
->r
.out
.num_towers
!= 1) {
188 composite_error(c
, NT_STATUS_PORT_UNREACHABLE
);
192 s
->twr_r
= s
->r
.out
.towers
[0].twr
;
193 if (s
->twr_r
== NULL
) {
194 composite_error(c
, NT_STATUS_PORT_UNREACHABLE
);
198 if (s
->twr_r
->tower
.num_floors
!= s
->twr
.tower
.num_floors
||
199 s
->twr_r
->tower
.floors
[3].lhs
.protocol
!= s
->twr
.tower
.floors
[3].lhs
.protocol
) {
200 composite_error(c
, NT_STATUS_PORT_UNREACHABLE
);
204 /* get received endpoint */
205 s
->binding
->endpoint
= talloc_reference(s
->binding
,
206 dcerpc_floor_get_rhs_data(c
, &s
->twr_r
->tower
.floors
[3]));
207 if (composite_nomem(s
->binding
->endpoint
, c
)) return;
214 Request for endpoint mapping of dcerpc binding - try to request for endpoint
215 unless there is default one.
217 struct composite_context
*dcerpc_epm_map_binding_send(TALLOC_CTX
*mem_ctx
,
218 struct dcerpc_binding
*binding
,
219 const struct ndr_interface_table
*table
,
220 struct tevent_context
*ev
,
221 struct loadparm_context
*lp_ctx
)
223 struct composite_context
*c
;
224 struct epm_map_binding_state
*s
;
225 struct composite_context
*pipe_connect_req
;
226 struct cli_credentials
*anon_creds
;
229 struct dcerpc_binding
*epmapper_binding
;
236 /* composite context allocation and setup */
237 c
= composite_create(mem_ctx
, ev
);
242 s
= talloc_zero(c
, struct epm_map_binding_state
);
243 if (composite_nomem(s
, c
)) return c
;
246 s
->binding
= binding
;
249 /* anonymous credentials for rpc connection used to get endpoint mapping */
250 anon_creds
= cli_credentials_init(mem_ctx
);
251 cli_credentials_set_anonymous(anon_creds
);
254 First, check if there is a default endpoint specified in the IDL
257 struct dcerpc_binding
*default_binding
;
259 /* Find one of the default pipes for this interface */
260 for (i
= 0; i
< table
->endpoints
->count
; i
++) {
261 status
= dcerpc_parse_binding(mem_ctx
, table
->endpoints
->names
[i
], &default_binding
);
263 if (NT_STATUS_IS_OK(status
)) {
264 if (binding
->transport
== NCA_UNKNOWN
)
265 binding
->transport
= default_binding
->transport
;
266 if (default_binding
->transport
== binding
->transport
&&
267 default_binding
->endpoint
) {
268 binding
->endpoint
= talloc_reference(binding
, default_binding
->endpoint
);
269 talloc_free(default_binding
);
275 talloc_free(default_binding
);
281 epmapper_binding
= talloc_zero(c
, struct dcerpc_binding
);
282 if (composite_nomem(epmapper_binding
, c
)) return c
;
284 /* basic endpoint mapping data */
285 epmapper_binding
->transport
= binding
->transport
;
286 epmapper_binding
->host
= talloc_reference(epmapper_binding
, binding
->host
);
287 epmapper_binding
->target_hostname
= epmapper_binding
->host
;
288 epmapper_binding
->options
= NULL
;
289 epmapper_binding
->flags
= 0;
290 epmapper_binding
->assoc_group_id
= 0;
291 epmapper_binding
->endpoint
= NULL
;
293 /* initiate rpc pipe connection */
294 pipe_connect_req
= dcerpc_pipe_connect_b_send(c
, epmapper_binding
,
296 anon_creds
, c
->event_ctx
,
298 if (composite_nomem(pipe_connect_req
, c
)) return c
;
300 composite_continue(c
, pipe_connect_req
, continue_epm_recv_binding
, c
);
306 Receive result of endpoint mapping request
308 NTSTATUS
dcerpc_epm_map_binding_recv(struct composite_context
*c
)
310 NTSTATUS status
= composite_wait(c
);
318 Get endpoint mapping for rpc connection
320 _PUBLIC_ NTSTATUS
dcerpc_epm_map_binding(TALLOC_CTX
*mem_ctx
, struct dcerpc_binding
*binding
,
321 const struct ndr_interface_table
*table
, struct tevent_context
*ev
,
322 struct loadparm_context
*lp_ctx
)
324 struct composite_context
*c
;
326 c
= dcerpc_epm_map_binding_send(mem_ctx
, binding
, table
, ev
, lp_ctx
);
327 return dcerpc_epm_map_binding_recv(c
);
331 struct pipe_auth_state
{
332 struct dcerpc_pipe
*pipe
;
333 struct dcerpc_binding
*binding
;
334 const struct ndr_interface_table
*table
;
335 struct loadparm_context
*lp_ctx
;
336 struct cli_credentials
*credentials
;
340 static void continue_auth_schannel(struct composite_context
*ctx
);
341 static void continue_auth(struct composite_context
*ctx
);
342 static void continue_auth_none(struct composite_context
*ctx
);
343 static void continue_ntlmssp_connection(struct composite_context
*ctx
);
344 static void continue_spnego_after_wrong_pass(struct composite_context
*ctx
);
348 Stage 2 of pipe_auth: Receive result of schannel bind request
350 static void continue_auth_schannel(struct composite_context
*ctx
)
352 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
353 struct composite_context
);
355 c
->status
= dcerpc_bind_auth_schannel_recv(ctx
);
356 if (!composite_is_ok(c
)) return;
363 Stage 2 of pipe_auth: Receive result of authenticated bind request
365 static void continue_auth(struct composite_context
*ctx
)
367 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
368 struct composite_context
);
370 c
->status
= dcerpc_bind_auth_recv(ctx
);
371 if (!composite_is_ok(c
)) return;
376 Stage 2 of pipe_auth: Receive result of authenticated bind request, but handle fallbacks:
379 static void continue_auth_auto(struct composite_context
*ctx
)
381 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
382 struct composite_context
);
383 struct pipe_auth_state
*s
= talloc_get_type(c
->private_data
, struct pipe_auth_state
);
384 struct composite_context
*sec_conn_req
;
386 c
->status
= dcerpc_bind_auth_recv(ctx
);
387 if (NT_STATUS_EQUAL(c
->status
, NT_STATUS_INVALID_PARAMETER
)) {
389 * Retry with NTLMSSP auth as fallback
390 * send a request for secondary rpc connection
392 sec_conn_req
= dcerpc_secondary_connection_send(s
->pipe
,
394 composite_continue(c
, sec_conn_req
, continue_ntlmssp_connection
, c
);
396 } else if (NT_STATUS_EQUAL(c
->status
, NT_STATUS_LOGON_FAILURE
)) {
397 if (cli_credentials_wrong_password(s
->credentials
)) {
399 * Retry SPNEGO with a better password
400 * send a request for secondary rpc connection
402 sec_conn_req
= dcerpc_secondary_connection_send(s
->pipe
,
404 composite_continue(c
, sec_conn_req
, continue_spnego_after_wrong_pass
, c
);
409 if (!composite_is_ok(c
)) return;
415 Stage 3 of pipe_auth (fallback to NTLMSSP case): Receive secondary
416 rpc connection (the first one can't be used any more, due to the
417 bind nak) and perform authenticated bind request
419 static void continue_ntlmssp_connection(struct composite_context
*ctx
)
421 struct composite_context
*c
;
422 struct pipe_auth_state
*s
;
423 struct composite_context
*auth_req
;
424 struct dcerpc_pipe
*p2
;
426 c
= talloc_get_type(ctx
->async
.private_data
, struct composite_context
);
427 s
= talloc_get_type(c
->private_data
, struct pipe_auth_state
);
429 /* receive secondary rpc connection */
430 c
->status
= dcerpc_secondary_connection_recv(ctx
, &p2
);
431 if (!composite_is_ok(c
)) return;
434 talloc_steal(p2
, s
->pipe
);
437 /* initiate a authenticated bind */
438 auth_req
= dcerpc_bind_auth_send(c
, s
->pipe
, s
->table
,
440 lp_gensec_settings(c
, s
->lp_ctx
),
441 DCERPC_AUTH_TYPE_NTLMSSP
,
442 dcerpc_auth_level(s
->pipe
->conn
),
443 s
->table
->authservices
->names
[0]);
444 composite_continue(c
, auth_req
, continue_auth
, c
);
448 Stage 3 of pipe_auth (retry on wrong password): Receive secondary
449 rpc connection (the first one can't be used any more, due to the
450 bind nak) and perform authenticated bind request
452 static void continue_spnego_after_wrong_pass(struct composite_context
*ctx
)
454 struct composite_context
*c
;
455 struct pipe_auth_state
*s
;
456 struct composite_context
*auth_req
;
457 struct dcerpc_pipe
*p2
;
459 c
= talloc_get_type(ctx
->async
.private_data
, struct composite_context
);
460 s
= talloc_get_type(c
->private_data
, struct pipe_auth_state
);
462 /* receive secondary rpc connection */
463 c
->status
= dcerpc_secondary_connection_recv(ctx
, &p2
);
464 if (!composite_is_ok(c
)) return;
467 talloc_steal(p2
, s
->pipe
);
470 /* initiate a authenticated bind */
471 auth_req
= dcerpc_bind_auth_send(c
, s
->pipe
, s
->table
,
473 lp_gensec_settings(c
, s
->lp_ctx
),
474 DCERPC_AUTH_TYPE_SPNEGO
,
475 dcerpc_auth_level(s
->pipe
->conn
),
476 s
->table
->authservices
->names
[0]);
477 composite_continue(c
, auth_req
, continue_auth
, c
);
482 Stage 2 of pipe_auth: Receive result of non-authenticated bind request
484 static void continue_auth_none(struct composite_context
*ctx
)
486 struct composite_context
*c
= talloc_get_type(ctx
->async
.private_data
,
487 struct composite_context
);
489 c
->status
= dcerpc_bind_auth_none_recv(ctx
);
490 if (!composite_is_ok(c
)) return;
497 Request to perform an authenticated bind if required. Authentication
498 is determined using credentials passed and binding flags.
500 struct composite_context
*dcerpc_pipe_auth_send(struct dcerpc_pipe
*p
,
501 struct dcerpc_binding
*binding
,
502 const struct ndr_interface_table
*table
,
503 struct cli_credentials
*credentials
,
504 struct loadparm_context
*lp_ctx
)
506 struct composite_context
*c
;
507 struct pipe_auth_state
*s
;
508 struct composite_context
*auth_schannel_req
;
509 struct composite_context
*auth_req
;
510 struct composite_context
*auth_none_req
;
511 struct dcerpc_connection
*conn
;
514 /* composite context allocation and setup */
515 c
= composite_create(p
, p
->conn
->event_ctx
);
516 if (c
== NULL
) return NULL
;
518 s
= talloc_zero(c
, struct pipe_auth_state
);
519 if (composite_nomem(s
, c
)) return c
;
522 /* store parameters in state structure */
523 s
->binding
= binding
;
525 s
->credentials
= credentials
;
529 conn
= s
->pipe
->conn
;
530 conn
->flags
= binding
->flags
;
533 conn
->flags
|= DCERPC_DEBUG_PRINT_BOTH
;
536 /* remember the binding string for possible secondary connections */
537 conn
->binding_string
= dcerpc_binding_string(p
, binding
);
539 if (cli_credentials_is_anonymous(s
->credentials
)) {
540 auth_none_req
= dcerpc_bind_auth_none_send(c
, s
->pipe
, s
->table
);
541 composite_continue(c
, auth_none_req
, continue_auth_none
, c
);
545 if ((binding
->flags
& DCERPC_SCHANNEL
) &&
546 !cli_credentials_get_netlogon_creds(s
->credentials
)) {
547 /* If we don't already have netlogon credentials for
548 * the schannel bind, then we have to get these
550 auth_schannel_req
= dcerpc_bind_auth_schannel_send(c
, s
->pipe
, s
->table
,
551 s
->credentials
, s
->lp_ctx
,
552 dcerpc_auth_level(conn
));
553 composite_continue(c
, auth_schannel_req
, continue_auth_schannel
, c
);
558 * we rely on the already authenticated CIFS connection
559 * if not doing sign or seal
561 if (conn
->transport
.transport
== NCACN_NP
&&
562 !(s
->binding
->flags
& (DCERPC_SIGN
|DCERPC_SEAL
))) {
563 auth_none_req
= dcerpc_bind_auth_none_send(c
, s
->pipe
, s
->table
);
564 composite_continue(c
, auth_none_req
, continue_auth_none
, c
);
569 /* Perform an authenticated DCE-RPC bind
571 if (!(conn
->flags
& (DCERPC_SIGN
|DCERPC_SEAL
))) {
573 we are doing an authenticated connection,
574 but not using sign or seal. We must force
575 the CONNECT dcerpc auth type as a NONE auth
576 type doesn't allow authentication
577 information to be passed.
579 conn
->flags
|= DCERPC_CONNECT
;
582 if (s
->binding
->flags
& DCERPC_AUTH_SPNEGO
) {
583 auth_type
= DCERPC_AUTH_TYPE_SPNEGO
;
585 } else if (s
->binding
->flags
& DCERPC_AUTH_KRB5
) {
586 auth_type
= DCERPC_AUTH_TYPE_KRB5
;
588 } else if (s
->binding
->flags
& DCERPC_SCHANNEL
) {
589 auth_type
= DCERPC_AUTH_TYPE_SCHANNEL
;
591 } else if (s
->binding
->flags
& DCERPC_AUTH_NTLM
) {
592 auth_type
= DCERPC_AUTH_TYPE_NTLMSSP
;
595 /* try SPNEGO with fallback to NTLMSSP */
596 auth_req
= dcerpc_bind_auth_send(c
, s
->pipe
, s
->table
,
598 lp_gensec_settings(c
, s
->lp_ctx
),
599 DCERPC_AUTH_TYPE_SPNEGO
,
600 dcerpc_auth_level(conn
),
601 s
->table
->authservices
->names
[0]);
602 composite_continue(c
, auth_req
, continue_auth_auto
, c
);
606 auth_req
= dcerpc_bind_auth_send(c
, s
->pipe
, s
->table
,
608 lp_gensec_settings(c
, s
->lp_ctx
),
610 dcerpc_auth_level(conn
),
611 s
->table
->authservices
->names
[0]);
612 composite_continue(c
, auth_req
, continue_auth
, c
);
618 Receive result of authenticated bind request on dcerpc pipe
620 This returns *p, which may be different to the one originally
621 supllied, as it rebinds to a new pipe due to authentication fallback
624 NTSTATUS
dcerpc_pipe_auth_recv(struct composite_context
*c
, TALLOC_CTX
*mem_ctx
,
625 struct dcerpc_pipe
**p
)
629 struct pipe_auth_state
*s
= talloc_get_type(c
->private_data
,
630 struct pipe_auth_state
);
631 status
= composite_wait(c
);
632 if (!NT_STATUS_IS_OK(status
)) {
633 char *uuid_str
= GUID_string(s
->pipe
, &s
->table
->syntax_id
.uuid
);
634 DEBUG(0, ("Failed to bind to uuid %s - %s\n", uuid_str
, nt_errstr(status
)));
635 talloc_free(uuid_str
);
637 talloc_steal(mem_ctx
, s
->pipe
);
647 Perform an authenticated bind if needed - sync version
649 This may change *p, as it rebinds to a new pipe due to authentication fallback
651 _PUBLIC_ NTSTATUS
dcerpc_pipe_auth(TALLOC_CTX
*mem_ctx
,
652 struct dcerpc_pipe
**p
,
653 struct dcerpc_binding
*binding
,
654 const struct ndr_interface_table
*table
,
655 struct cli_credentials
*credentials
,
656 struct loadparm_context
*lp_ctx
)
658 struct composite_context
*c
;
660 c
= dcerpc_pipe_auth_send(*p
, binding
, table
, credentials
, lp_ctx
);
661 return dcerpc_pipe_auth_recv(c
, mem_ctx
, p
);
665 NTSTATUS
dcerpc_generic_session_key(struct dcerpc_connection
*c
,
666 DATA_BLOB
*session_key
)
668 /* this took quite a few CPU cycles to find ... */
669 session_key
->data
= discard_const_p(unsigned char, "SystemLibraryDTC");
670 session_key
->length
= 16;
675 fetch the user session key - may be default (above) or the SMB session key
677 The key is always truncated to 16 bytes
679 _PUBLIC_ NTSTATUS
dcerpc_fetch_session_key(struct dcerpc_pipe
*p
,
680 DATA_BLOB
*session_key
)
683 status
= p
->conn
->security_state
.session_key(p
->conn
, session_key
);
684 if (!NT_STATUS_IS_OK(status
)) {
688 session_key
->length
= MIN(session_key
->length
, 16);
695 log a rpc packet in a format suitable for ndrdump. This is especially useful
696 for sealed packets, where ethereal cannot easily see the contents
698 this triggers on a debug level of >= 10
700 _PUBLIC_
void dcerpc_log_packet(const char *lockdir
,
701 const struct ndr_interface_table
*ndr
,
702 uint32_t opnum
, uint32_t flags
,
705 const int num_examples
= 20;
708 if (lockdir
== NULL
) return;
710 for (i
=0;i
<num_examples
;i
++) {
712 asprintf(&name
, "%s/rpclog/%s-%u.%d.%s",
713 lockdir
, ndr
->name
, opnum
, i
,
714 (flags
&NDR_IN
)?"in":"out");
718 if (!file_exist(name
)) {
719 if (file_save(name
, pkt
->data
, pkt
->length
)) {
720 DEBUG(10,("Logged rpc packet to %s\n", name
));
732 create a secondary context from a primary connection
734 this uses dcerpc_alter_context() to create a new dcerpc context_id
736 _PUBLIC_ NTSTATUS
dcerpc_secondary_context(struct dcerpc_pipe
*p
,
737 struct dcerpc_pipe
**pp2
,
738 const struct ndr_interface_table
*table
)
741 struct dcerpc_pipe
*p2
;
743 p2
= talloc_zero(p
, struct dcerpc_pipe
);
745 return NT_STATUS_NO_MEMORY
;
747 p2
->conn
= talloc_reference(p2
, p
->conn
);
748 p2
->request_timeout
= p
->request_timeout
;
750 p2
->context_id
= ++p
->conn
->next_context_id
;
752 p2
->syntax
= table
->syntax_id
;
754 p2
->transfer_syntax
= p
->transfer_syntax
;
756 p2
->binding
= talloc_reference(p2
, p
->binding
);
758 status
= dcerpc_alter_context(p2
, p2
, &p2
->syntax
, &p2
->transfer_syntax
);
759 if (!NT_STATUS_IS_OK(status
)) {
771 pull an dcerpc_auth structure, taking account of any auth padding in
772 the blob at the end of the structure
774 NTSTATUS
dcerpc_pull_auth_trailer(struct ncacn_packet
*pkt
,
776 DATA_BLOB
*pkt_auth_blob
,
777 struct dcerpc_auth
*auth
,
778 uint32_t *auth_length
,
781 struct ndr_pull
*ndr
;
782 enum ndr_err_code ndr_err
;
785 pad
= pkt_auth_blob
->length
- (DCERPC_AUTH_TRAILER_LENGTH
+ pkt
->auth_length
);
787 /* paranoia check for pad size. This would be caught anyway by
788 the ndr_pull_advance() a few lines down, but it scared
789 Jeremy enough for him to call me, so we might as well check
790 it now, just to prevent someone posting a bogus YouTube
793 if (pad
> pkt_auth_blob
->length
) {
794 return NT_STATUS_INFO_LENGTH_MISMATCH
;
797 *auth_length
= pkt_auth_blob
->length
- pad
;
799 ndr
= ndr_pull_init_blob(pkt_auth_blob
, mem_ctx
, NULL
);
801 return NT_STATUS_NO_MEMORY
;
804 if (!(pkt
->drep
[0] & DCERPC_DREP_LE
)) {
805 ndr
->flags
|= LIBNDR_FLAG_BIGENDIAN
;
808 ndr_err
= ndr_pull_advance(ndr
, pad
);
809 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
811 return ndr_map_error2ntstatus(ndr_err
);
814 ndr_err
= ndr_pull_dcerpc_auth(ndr
, NDR_SCALARS
|NDR_BUFFERS
, auth
);
815 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err
)) {
817 return ndr_map_error2ntstatus(ndr_err
);
820 if (check_pad
&& pad
!= auth
->auth_pad_length
) {
821 DEBUG(1,(__location__
": WARNING: pad length mismatch. Calculated %u got %u\n",
822 (unsigned)pad
, (unsigned)auth
->auth_pad_length
));
825 DEBUG(6,(__location__
": auth_pad_length %u\n",
826 (unsigned)auth
->auth_pad_length
));
828 talloc_steal(mem_ctx
, auth
->credentials
.data
);