The branch, master has been updated
via 25d487b... s3-dcerpc: Fix ntlmssp sign/seal.
via 6555307... s3-dceprc: Fix auth_length in auth3 response
from 1b51ddd... s3-dcerpc: Fix miscalculation of buffer start address
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 25d487bebfdc771b1e0ab510ecbe4a8601f8fc98
Author: Simo Sorce <[email protected]>
Date: Mon Jul 12 18:57:32 2010 -0400
s3-dcerpc: Fix ntlmssp sign/seal.
Header calculation was misplaced.
Signed-off-by: Günther Deschner <[email protected]>
commit 6555307aa11741171258541da2c13ce25d9e3f55
Author: Simo Sorce <[email protected]>
Date: Mon Jul 12 16:27:22 2010 -0400
s3-dceprc: Fix auth_length in auth3 response
Signed-off-by: Günther Deschner <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source3/rpc_client/cli_pipe.c | 49 ++++++++++++++++++++++++++---------------
1 files changed, 31 insertions(+), 18 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index aea6b36..20f2246 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -2146,6 +2146,29 @@ static NTSTATUS add_ntlmssp_auth_footer(struct
rpc_pipe_client *cli,
return NT_STATUS_INVALID_PARAMETER;
}
+ /* marshall the dcerpc_auth with an actually empty auth_blob.
+ * this is needed because the ntmlssp signature includes the
+ * auth header */
+ status = dcerpc_push_dcerpc_auth(prs_get_mem_context(rpc_out),
+
map_pipe_auth_type_to_rpc_auth_type(cli->auth->auth_type),
+ cli->auth->auth_level,
+ ss_padding_len,
+ 1 /* context id. */,
+ &auth_blob,
+ &auth_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ /* append the header */
+ if (!prs_copy_data_in(rpc_out,
+ (char *)auth_info.data,
+ auth_info.length)) {
+ DEBUG(0, ("Failed to add %u bytes auth blob.\n",
+ (unsigned int)auth_info.length));
+ return NT_STATUS_NO_MEMORY;
+ }
+
switch (cli->auth->auth_level) {
case DCERPC_AUTH_LEVEL_PRIVACY:
/* Data portion is encrypted. */
@@ -2186,21 +2209,12 @@ static NTSTATUS add_ntlmssp_auth_footer(struct
rpc_pipe_client *cli,
return NT_STATUS_INVALID_PARAMETER;
}
- /* Finally marshall the blob. */
- status = dcerpc_push_dcerpc_auth(prs_get_mem_context(rpc_out),
-
map_pipe_auth_type_to_rpc_auth_type(cli->auth->auth_type),
- cli->auth->auth_level,
- ss_padding_len,
- 1 /* context id. */,
- &auth_blob,
- &auth_info);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- if (!prs_copy_data_in(rpc_out, (const char *)auth_info.data,
auth_info.length)) {
- DEBUG(0, ("add_ntlmssp_auth_footer: failed to add %u bytes auth
blob.\n",
- (unsigned int)auth_info.length));
+ /* Finally attach the blob. */
+ if (!prs_copy_data_in(rpc_out,
+ (char *)auth_blob.data,
+ auth_blob.length)) {
+ DEBUG(0, ("Failed to add %u bytes auth blob.\n",
+ (unsigned int)auth_info.length));
return NT_STATUS_NO_MEMORY;
}
@@ -2715,7 +2729,6 @@ static NTSTATUS create_rpc_bind_auth3(struct
rpc_pipe_client *cli,
DATA_BLOB *pauth_blob,
prs_struct *rpc_out)
{
- uint16_t auth_len = pauth_blob->length;
uint16_t frag_len = 0;
NTSTATUS status;
union dcerpc_payload u;
@@ -2735,14 +2748,14 @@ static NTSTATUS create_rpc_bind_auth3(struct
rpc_pipe_client *cli,
}
/* Start building the frag length. */
- frag_len = RPC_HEADER_LEN + 4 /* pad */ + RPC_HDR_AUTH_LEN + auth_len;
+ frag_len = RPC_HEADER_LEN + 4 /* pad */ + RPC_HDR_AUTH_LEN +
pauth_blob->length;
status = dcerpc_push_ncacn_packet(prs_get_mem_context(rpc_out),
DCERPC_PKT_AUTH3,
DCERPC_PFC_FLAG_FIRST |
DCERPC_PFC_FLAG_LAST,
frag_len,
- auth_len ? auth_len -
RPC_HDR_AUTH_LEN : 0,
+ pauth_blob->length,
rpc_call_id,
u,
&blob);
--
Samba Shared Repository
