Beispiel #1
0
/*
  insert an entry into the prefix cache. The string might not be null
  terminated */
static void cache_insert(const char *prefix, int length, unsigned int hash)
{
	char *str = SMB_STRNDUP(prefix, length);

	if (str == NULL) {
		return;
	}

	memcache_add(smbd_memcache(), MANGLE_HASH2_CACHE,
		     data_blob_const(&hash, sizeof(hash)),
		     data_blob_const(str, length+1));
	SAFE_FREE(str);
}
Beispiel #2
0
static void dump_printer(TALLOC_CTX *mem_ctx,
			 const char *key_name,
			 unsigned char *data,
			 size_t length)
{
	enum ndr_err_code ndr_err;
	DATA_BLOB blob;
	char *s;
	struct ntprinting_printer r;

	printf("found printer: %s\n", key_name);

	blob = data_blob_const(data, length);

	ZERO_STRUCT(r);

	ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r,
		   (ndr_pull_flags_fn_t)ndr_pull_ntprinting_printer);
	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
		d_fprintf(stderr, _("printer pull failed: %s\n"),
			  ndr_errstr(ndr_err));
		return;
	}

	s = NDR_PRINT_STRUCT_STRING(mem_ctx, ntprinting_printer, &r);
	if (s) {
		printf("%s\n", s);
	}
}
Beispiel #3
0
NTSTATUS pull_netr_AcctLockStr(TALLOC_CTX *mem_ctx,
			       struct lsa_BinaryString *r,
			       struct netr_AcctLockStr **str_p)
{
	struct netr_AcctLockStr *str;
	enum ndr_err_code ndr_err;
	DATA_BLOB blob;

	if (!mem_ctx || !r || !str_p) {
		return NT_STATUS_INVALID_PARAMETER;
	}

	*str_p = NULL;

	str = TALLOC_ZERO_P(mem_ctx, struct netr_AcctLockStr);
	if (!str) {
		return NT_STATUS_NO_MEMORY;
	}

	blob = data_blob_const(r->array, r->length);

	ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, str,
		       (ndr_pull_flags_fn_t)ndr_pull_netr_AcctLockStr);

	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
		return ndr_map_error2ntstatus(ndr_err);
	}

	*str_p = str;

	return NT_STATUS_OK;
}
Beispiel #4
0
void copy_id20_to_sam_passwd(struct samu *to,
			     struct samr_UserInfo20 *from)
{
	const char *old_string;
	char *new_string;
	DATA_BLOB mung;

	if (from == NULL || to == NULL) {
		return;
	}

	if (from->parameters.array) {
		old_string = pdb_get_munged_dial(to);
		mung = data_blob_const(from->parameters.array,
				       from->parameters.length);
		new_string = (mung.length == 0) ?
			NULL : base64_encode_data_blob(talloc_tos(), mung);
		DEBUG(10,("INFO_20 PARAMETERS: %s -> %s\n",
			old_string, new_string));
		if (STRING_CHANGED_NC(old_string,new_string)) {
			pdb_set_munged_dial(to, new_string, PDB_CHANGED);
		}

		TALLOC_FREE(new_string);
	}
}
Beispiel #5
0
/*******************************************************************
 Parse a byte stream into a secdesc
********************************************************************/
NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len,
			     struct security_descriptor **psecdesc)
{
	DATA_BLOB blob;
	enum ndr_err_code ndr_err;
	struct security_descriptor *result;

	if ((data == NULL) || (len == 0)) {
		return NT_STATUS_INVALID_PARAMETER;
	}

	result = TALLOC_ZERO_P(mem_ctx, struct security_descriptor);
	if (result == NULL) {
		return NT_STATUS_NO_MEMORY;
	}

	blob = data_blob_const(data, len);

	ndr_err = ndr_pull_struct_blob(
		&blob, result, result,
		(ndr_pull_flags_fn_t)ndr_pull_security_descriptor);

	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
		DEBUG(0, ("ndr_pull_security_descriptor failed: %s\n",
			  ndr_errstr(ndr_err)));
		TALLOC_FREE(result);
		return ndr_map_error2ntstatus(ndr_err);;
	}

	*psecdesc = result;
	return NT_STATUS_OK;
}
Beispiel #6
0
static ADS_STATUS ads_sasl_gensec_wrap(ADS_STRUCT *ads, uint8_t *buf, uint32_t len)
{
	struct gensec_security *gensec_security =
		talloc_get_type_abort(ads->ldap.wrap_private_data,
		struct gensec_security);
	NTSTATUS nt_status;
	DATA_BLOB unwrapped, wrapped;
	TALLOC_CTX *frame = talloc_stackframe();

	unwrapped = data_blob_const(buf, len);

	nt_status = gensec_wrap(gensec_security, frame, &unwrapped, &wrapped);
	if (!NT_STATUS_IS_OK(nt_status)) {
		TALLOC_FREE(frame);
		return ADS_ERROR_NT(nt_status);
	}

	if ((ads->ldap.out.size - 4) < wrapped.length) {
		TALLOC_FREE(frame);
		return ADS_ERROR_NT(NT_STATUS_INTERNAL_ERROR);
	}

	/* copy the wrapped blob to the right location */
	memcpy(ads->ldap.out.buf + 4, wrapped.data, wrapped.length);

	/* set how many bytes must be written to the underlying socket */
	ads->ldap.out.left = 4 + wrapped.length;

	TALLOC_FREE(frame);

	return ADS_SUCCESS;
}
Beispiel #7
0
static ADS_STATUS ads_sasl_ntlmssp_unwrap(ADS_STRUCT *ads)
{
	struct ntlmssp_state *ntlmssp_state =
		(struct ntlmssp_state *)ads->ldap.wrap_private_data;
	ADS_STATUS status;
	NTSTATUS nt_status;
	DATA_BLOB sig;
	uint8 *dptr = ads->ldap.in.buf + (4 + NTLMSSP_SIG_SIZE);
	uint32 dlen = ads->ldap.in.ofs - (4 + NTLMSSP_SIG_SIZE);

	/* wrap the signature into a DATA_BLOB */
	sig = data_blob_const(ads->ldap.in.buf + 4, NTLMSSP_SIG_SIZE);

	/* verify the signature and maybe decrypt the data */
	if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL) {
		nt_status = ntlmssp_unseal_packet(ntlmssp_state,
						  dptr, dlen,
						  dptr, dlen,
						  &sig);
	} else {
		nt_status = ntlmssp_check_packet(ntlmssp_state,
						 dptr, dlen,
						 dptr, dlen,
						 &sig);
	}
	status = ADS_ERROR_NT(nt_status);
	if (!ADS_ERR_OK(status)) return status;

	/* set the amount of bytes for the upper layer and set the ofs to the data */
	ads->ldap.in.left	= dlen;
	ads->ldap.in.ofs	= 4 + NTLMSSP_SIG_SIZE;

	return ADS_SUCCESS;
}
Beispiel #8
0
/*
 * Check a server for being alive and well.
 * returns 0 if the server is in shape. Returns 1 on error
 *
 * Also useable outside libsmbclient to enable external cache
 * to do some checks too.
 */
int
SMBC_check_server(SMBCCTX * context,
                  SMBCSRV * server)
{
	time_t now;

	if (!cli_state_is_connected(server->cli)) {
		return 1;
	}

	now = time_mono(NULL);

	if (server->last_echo_time == (time_t)0 ||
			now > server->last_echo_time +
				(server->cli->timeout/1000)) {
		unsigned char data[16] = {0};
		NTSTATUS status = cli_echo(server->cli,
					1,
					data_blob_const(data, sizeof(data)));
		if (!NT_STATUS_IS_OK(status)) {
			return 1;
		}
		server->last_echo_time = now;
	}
	return 0;
}
Beispiel #9
0
/*
 * These functions are for use in the deprecated
 * gensec_socket code (public because SPNEGO must
 * use them for recursion)
 */
_PUBLIC_ NTSTATUS gensec_wrap_packets(struct gensec_security *gensec_security,
			     TALLOC_CTX *mem_ctx,
			     const DATA_BLOB *in,
			     DATA_BLOB *out,
			     size_t *len_processed)
{
	if (!gensec_security->ops->wrap_packets) {
		NTSTATUS nt_status;
		size_t max_input_size;
		DATA_BLOB unwrapped, wrapped;
		max_input_size = gensec_max_input_size(gensec_security);
		unwrapped = data_blob_const(in->data, MIN(max_input_size, (size_t)in->length));

		nt_status = gensec_wrap(gensec_security,
					mem_ctx,
					&unwrapped, &wrapped);
		if (!NT_STATUS_IS_OK(nt_status)) {
			return nt_status;
		}

		*out = data_blob_talloc(mem_ctx, NULL, 4);
		if (!out->data) {
			return NT_STATUS_NO_MEMORY;
		}
		RSIVAL(out->data, 0, wrapped.length);

		if (!data_blob_append(mem_ctx, out, wrapped.data, wrapped.length)) {
			return NT_STATUS_NO_MEMORY;
		}
		*len_processed = unwrapped.length;
		return NT_STATUS_OK;
	}
	return gensec_security->ops->wrap_packets(gensec_security, mem_ctx, in, out,
						  len_processed);
}
Beispiel #10
0
static ADS_STATUS ads_sasl_gensec_unwrap(struct ads_saslwrap *wrap)
{
	struct gensec_security *gensec_security =
		talloc_get_type_abort(wrap->wrap_private_data,
		struct gensec_security);
	NTSTATUS nt_status;
	DATA_BLOB unwrapped, wrapped;
	TALLOC_CTX *frame = talloc_stackframe();

	wrapped = data_blob_const(wrap->in.buf + 4, wrap->in.ofs - 4);

	nt_status = gensec_unwrap(gensec_security, frame, &wrapped, &unwrapped);
	if (!NT_STATUS_IS_OK(nt_status)) {
		TALLOC_FREE(frame);
		return ADS_ERROR_NT(nt_status);
	}

	if (wrapped.length < unwrapped.length) {
		TALLOC_FREE(frame);
		return ADS_ERROR_NT(NT_STATUS_INTERNAL_ERROR);
	}

	/* copy the wrapped blob to the right location */
	memcpy(wrap->in.buf + 4, unwrapped.data, unwrapped.length);

	/* set how many bytes must be written to the underlying socket */
	wrap->in.left	= unwrapped.length;
	wrap->in.ofs	= 4;

	TALLOC_FREE(frame);

	return ADS_SUCCESS;
}
Beispiel #11
0
static NTSTATUS add_spnego_auth_footer(struct spnego_context *spnego_ctx,
					enum dcerpc_AuthLevel auth_level,
					DATA_BLOB *rpc_out)
{
	DATA_BLOB auth_blob;
	DATA_BLOB rpc_data;
	NTSTATUS status;

	if (!spnego_ctx) {
		return NT_STATUS_INVALID_PARAMETER;
	}

	rpc_data = data_blob_const(rpc_out->data
					+ DCERPC_RESPONSE_LENGTH,
				   rpc_out->length
					- DCERPC_RESPONSE_LENGTH
					- DCERPC_AUTH_TRAILER_LENGTH);

	switch (auth_level) {
	case DCERPC_AUTH_LEVEL_PRIVACY:
		/* Data portion is encrypted. */
		status = spnego_seal(rpc_out->data, spnego_ctx,
				     &rpc_data, rpc_out, &auth_blob);
		break;

		if (!NT_STATUS_IS_OK(status)) {
			return status;
		}
		break;

	case DCERPC_AUTH_LEVEL_INTEGRITY:
		/* Data is signed. */
		status = spnego_sign(rpc_out->data, spnego_ctx,
				     &rpc_data, rpc_out, &auth_blob);
		break;

		if (!NT_STATUS_IS_OK(status)) {
			return status;
		}
		break;

	default:
		/* Can't happen. */
		smb_panic("bad auth level");
		/* Notreached. */
		return NT_STATUS_INVALID_PARAMETER;
	}

	/* Finally attach the blob. */
	if (!data_blob_append(NULL, rpc_out,
				auth_blob.data, auth_blob.length)) {
		DEBUG(0, ("Failed to add %u bytes auth blob.\n",
			  (unsigned int)auth_blob.length));
		return NT_STATUS_NO_MEMORY;
	}
	data_blob_free(&auth_blob);

	return NT_STATUS_OK;
}
Beispiel #12
0
static NTSTATUS cmd_lsa_retrieve_private_data(struct rpc_pipe_client *cli,
					      TALLOC_CTX *mem_ctx, int argc,
					      const char **argv)
{
	NTSTATUS status;
	struct policy_handle handle;
	struct lsa_String name;
	struct lsa_DATA_BUF *val;
	DATA_BLOB session_key;
	DATA_BLOB blob = data_blob_null;
	char *secret;

	if (argc < 2) {
		printf("Usage: %s name\n", argv[0]);
		return NT_STATUS_OK;
	}

	status = rpccli_lsa_open_policy2(cli, mem_ctx,
					 true,
					 SEC_FLAG_MAXIMUM_ALLOWED,
					 &handle);
	if (!NT_STATUS_IS_OK(status)) {
		return status;
	}

	init_lsa_String(&name, argv[1]);

	ZERO_STRUCT(val);

	status = rpccli_lsa_RetrievePrivateData(cli, mem_ctx,
						&handle,
						&name,
						&val);
	if (!NT_STATUS_IS_OK(status)) {
		goto done;
	}

	status = cli_get_session_key(mem_ctx, cli, &session_key);
	if (!NT_STATUS_IS_OK(status)) {
		goto done;
	}

	if (val) {
		blob = data_blob_const(val->data, val->length);
	}

	secret = sess_decrypt_string(mem_ctx, &blob, &session_key);
	if (secret) {
		d_printf("secret: %s\n", secret);
	}

 done:
	if (is_valid_policy_hnd(&handle)) {
		rpccli_lsa_Close(cli, mem_ctx, &handle);
	}

	return status;
}
Beispiel #13
0
struct tevent_req *smb2_ioctl_dfs(uint32_t ctl_code,
				  struct tevent_context *ev,
				  struct tevent_req *req,
				  struct smbd_smb2_ioctl_state *state)
{
	NTSTATUS status;

	switch (ctl_code) {
	case FSCTL_DFS_GET_REFERRALS:
		status = fsctl_dfs_get_refers(state, ev, state->smbreq->conn,
					      &state->in_input,
					      state->in_max_output,
					      &state->out_output);
		if (!tevent_req_nterror(req, status)) {
			tevent_req_done(req);
		}
		return tevent_req_post(req, ev);
		break;
	default: {
		uint8_t *out_data = NULL;
		uint32_t out_data_len = 0;

		if (state->fsp == NULL) {
			status = NT_STATUS_NOT_SUPPORTED;
		} else {
			status = SMB_VFS_FSCTL(state->fsp,
					       state,
					       ctl_code,
					       state->smbreq->flags2,
					       state->in_input.data,
					       state->in_input.length,
					       &out_data,
					       state->in_max_output,
					       &out_data_len);
			state->out_output = data_blob_const(out_data, out_data_len);
			if (NT_STATUS_IS_OK(status)) {
				tevent_req_done(req);
				return tevent_req_post(req, ev);
			}
		}

		if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
			if (IS_IPC(state->smbreq->conn)) {
				status = NT_STATUS_FS_DRIVER_REQUIRED;
			} else {
				status = NT_STATUS_INVALID_DEVICE_REQUEST;
			}
		}

		tevent_req_nterror(req, status);
		return tevent_req_post(req, ev);
		break;
	}
	}

	tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
	return tevent_req_post(req, ev);
}
Beispiel #14
0
/*
  set password via encrypted NT and LM hash buffers
*/
NTSTATUS samr_set_password_buffers(struct dcesrv_call_state *dce_call,
				   struct ldb_context *sam_ctx,
				   struct ldb_dn *account_dn,
				   struct ldb_dn *domain_dn,
				   TALLOC_CTX *mem_ctx,
				   const uint8_t *lm_pwd_hash,
				   const uint8_t *nt_pwd_hash)
{
	struct samr_Password *d_lm_pwd_hash = NULL, *d_nt_pwd_hash = NULL;
	DATA_BLOB session_key = data_blob(NULL, 0);
	DATA_BLOB in, out;
	NTSTATUS nt_status = NT_STATUS_OK;

	nt_status = dcesrv_fetch_session_key(dce_call->conn, &session_key);
	if (!NT_STATUS_IS_OK(nt_status)) {
		return nt_status;
	}

	if (lm_pwd_hash != NULL) {
		in = data_blob_const(lm_pwd_hash, 16);
		out = data_blob_talloc_zero(mem_ctx, 16);

		sess_crypt_blob(&out, &in, &session_key, false);

		d_lm_pwd_hash = (struct samr_Password *) out.data;
	}
	if (nt_pwd_hash != NULL) {
		in = data_blob_const(nt_pwd_hash, 16);
		out = data_blob_talloc_zero(mem_ctx, 16);

		sess_crypt_blob(&out, &in, &session_key, false);

		d_nt_pwd_hash = (struct samr_Password *) out.data;
	}

	if ((d_lm_pwd_hash != NULL) || (d_nt_pwd_hash != NULL)) {
		nt_status = samdb_set_password(sam_ctx, mem_ctx, account_dn,
					       domain_dn, NULL,
					       d_lm_pwd_hash, d_nt_pwd_hash,
					       NULL, NULL, /* this is a password set */
					       NULL, NULL);
	}

	return nt_status;
}
Beispiel #15
0
/*
  return a dcerpc fault
*/
NTSTATUS dcesrv_fault_with_flags(struct dcesrv_call_state *call,
                                 uint32_t fault_code,
                                 uint8_t extra_flags)
{
    struct ncacn_packet pkt;
    struct data_blob_list_item *rep;
    static const uint8_t zeros[4] = { 0, };
    NTSTATUS status;

    /* setup a fault */
    dcesrv_init_hdr(&pkt, lpcfg_rpc_big_endian(call->conn->dce_ctx->lp_ctx));
    pkt.auth_length = 0;
    pkt.call_id = call->pkt.call_id;
    pkt.ptype = DCERPC_PKT_FAULT;
    pkt.pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST | extra_flags;
    pkt.u.fault.alloc_hint = 24;
    switch (call->pkt.ptype) {
    case DCERPC_PKT_REQUEST:
        pkt.u.fault.context_id = call->pkt.u.request.context_id;
        break;
    default:
        pkt.u.fault.context_id = 0;
        break;
    }
    if (fault_code == DCERPC_NCA_S_PROTO_ERROR) {
        /*
         * context_id = 0 is forced on protocol errors.
         */
        pkt.u.fault.context_id = 0;
    }
    pkt.u.fault.cancel_count = 0;
    pkt.u.fault.status = fault_code;
    pkt.u.fault._pad = data_blob_const(zeros, sizeof(zeros));

    rep = talloc_zero(call, struct data_blob_list_item);
    if (!rep) {
        return NT_STATUS_NO_MEMORY;
    }

    status = ncacn_push_auth(&rep->blob, call, &pkt, NULL);
    if (!NT_STATUS_IS_OK(status)) {
        return status;
    }

    dcerpc_set_frag_length(&rep->blob, rep->blob.length);

    DLIST_ADD_END(call->replies, rep, struct data_blob_list_item *);
    dcesrv_call_set_list(call, DCESRV_LIST_CALL_LIST);

    if (call->conn->call_list && call->conn->call_list->replies) {
        if (call->conn->transport.report_output_data) {
            call->conn->transport.report_output_data(call->conn);
        }
    }

    return NT_STATUS_OK;
}
Beispiel #16
0
static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p,
				     uint8_t session_key[16])
{
	char *pwd, *pwd_old;

	DATA_BLOB data 	   = data_blob_const(p->password->data, p->password->length);
	DATA_BLOB data_old = data_blob_const(p->old_password->data, p->old_password->length);
	DATA_BLOB session_key_blob = data_blob_const(session_key, sizeof(session_key));

	pwd 	= sess_decrypt_string(talloc_tos(), &data, &session_key_blob);
	pwd_old = sess_decrypt_string(talloc_tos(), &data_old, &session_key_blob);

	d_printf("Password:\t%s\n", pwd);
	d_printf("Old Password:\t%s\n", pwd_old);

	talloc_free(pwd);
	talloc_free(pwd_old);
}
Beispiel #17
0
/* return a DATA_BLOB structure for the current ndr_push marshalled data */
_PUBLIC_ DATA_BLOB ndr_push_blob(struct ndr_push *ndr)
{
	DATA_BLOB blob;
	blob = data_blob_const(ndr->data, ndr->offset);
	if (ndr->alloc_size > ndr->offset) {
		ndr->data[ndr->offset] = 0;
	}
	return blob;
}
Beispiel #18
0
NTSTATUS printing_tdb_migrate_form(TALLOC_CTX *mem_ctx,
				   struct rpc_pipe_client *winreg_pipe,
				   const char *key_name,
				   unsigned char *data,
				   size_t length)
{
	struct dcerpc_binding_handle *b = winreg_pipe->binding_handle;
	enum ndr_err_code ndr_err;
	struct ntprinting_form r;
	struct spoolss_AddFormInfo1 f1;
	DATA_BLOB blob;
	WERROR result;

	blob = data_blob_const(data, length);

	ZERO_STRUCT(r);

	ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &r,
		   (ndr_pull_flags_fn_t)ndr_pull_ntprinting_form);
	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
		DEBUG(2, ("Form pull failed: %s\n",
			  ndr_errstr(ndr_err)));
		return NT_STATUS_NO_MEMORY;
	}

	/* Don't migrate builtin forms */
	if (r.flag == SPOOLSS_FORM_BUILTIN) {
		return NT_STATUS_OK;
	}

	DEBUG(2, ("Migrating Form: %s\n", key_name));

	f1.form_name = key_name;
	f1.flags = r.flag;

	f1.size.width = r.width;
	f1.size.height = r.length;

	f1.area.top = r.top;
	f1.area.right = r.right;
	f1.area.bottom = r.bottom;
	f1.area.left = r.left;

	result = winreg_printer_addform1(mem_ctx,
					 b,
					 &f1);
	if (W_ERROR_EQUAL(result, WERR_FILE_EXISTS)) {
		/* Don't migrate form if it already exists. */
		result = WERR_OK;
	}
	if (!W_ERROR_IS_OK(result)) {
		return werror_to_ntstatus(result);
	}

	return NT_STATUS_OK;
}
Beispiel #19
0
struct torture_suite *ndr_ntlmssp_suite(TALLOC_CTX *ctx)
{
	struct torture_suite *suite = torture_suite_create(ctx, "ntlmssp");

	torture_suite_add_ndr_pull_test(suite, NEGOTIATE_MESSAGE, ntlmssp_NEGOTIATE_MESSAGE_data, ntlmssp_NEGOTIATE_MESSAGE_check);
	torture_suite_add_ndr_pull_test(suite, CHALLENGE_MESSAGE, ntlmssp_CHALLENGE_MESSAGE_data, ntlmssp_CHALLENGE_MESSAGE_check);
	torture_suite_add_ndr_pull_test(suite, AUTHENTICATE_MESSAGE, ntlmssp_AUTHENTICATE_MESSAGE_data, ntlmssp_AUTHENTICATE_MESSAGE_check);

	torture_suite_add_ndr_pull_validate_test(suite,
					    NEGOTIATE_MESSAGE,
					    data_blob_const(ntlmssp_NEGOTIATE_MESSAGE_data, sizeof(ntlmssp_NEGOTIATE_MESSAGE_data)),
					    ntlmssp_NEGOTIATE_MESSAGE_check);

	torture_suite_add_ndr_pull_validate_test(suite,
					    CHALLENGE_MESSAGE,
					    data_blob_const(ntlmssp_CHALLENGE_MESSAGE_data, sizeof(ntlmssp_CHALLENGE_MESSAGE_data)),
					    ntlmssp_CHALLENGE_MESSAGE_check);

	return suite;
}
Beispiel #20
0
static void display_winreg_data(const char *v,
				enum winreg_Type type,
				uint8_t *data,
				uint32_t length)
{
	int i;
	union winreg_Data r;
	DATA_BLOB blob = data_blob_const(data, length);
	WERROR result;

	result = pull_winreg_Data(talloc_tos(), &blob, &r, type);
	if (!W_ERROR_IS_OK(result)) {
		return;
	}

	switch (type) {
	case REG_DWORD:
		printf("%s: REG_DWORD: 0x%08x\n", v, r.value);
		break;
	case REG_SZ:
		printf("%s: REG_SZ: %s\n", v, r.string);
		break;
	case REG_BINARY: {
		char *hex = hex_encode_talloc(NULL,
			r.binary.data, r.binary.length);
		size_t len;
		printf("%s: REG_BINARY:", v);
		len = strlen(hex);
		for (i=0; i<len; i++) {
			if (hex[i] == '\0') {
				break;
			}
			if (i%40 == 0) {
				putchar('\n');
			}
			putchar(hex[i]);
		}
		TALLOC_FREE(hex);
		putchar('\n');
		break;
	}
	case REG_MULTI_SZ:
		printf("%s: REG_MULTI_SZ: ", v);
		for (i=0; r.string_array[i] != NULL; i++) {
			printf("%s ", r.string_array[i]);
		}
		printf("\n");
		break;
	default:
		printf("%s: unknown type 0x%02x:\n", v, type);
		break;
	}
}
Beispiel #21
0
void scavenger_schedule_disconnected(struct files_struct *fsp)
{
	NTSTATUS status;
	struct server_id self = messaging_server_id(fsp->conn->sconn->msg_ctx);
	struct timeval disconnect_time, until;
	uint64_t timeout_usec;
	struct scavenger_message msg;
	DATA_BLOB msg_blob;
	struct server_id_buf tmp;

	if (fsp->op == NULL) {
		return;
	}
	nttime_to_timeval(&disconnect_time, fsp->op->global->disconnect_time);
	timeout_usec = 1000 * fsp->op->global->durable_timeout_msec;
	until = timeval_add(&disconnect_time,
			    timeout_usec / 1000000,
			    timeout_usec % 1000000);

	ZERO_STRUCT(msg);
	msg.file_id = fsp->file_id;
	msg.open_persistent_id = fsp->op->global->open_persistent_id;
	msg.until = timeval_to_nttime(&until);

	DEBUG(10, ("smbd: %s mark file %s as disconnected at %s with timeout "
		   "at %s in %fs\n",
		   server_id_str_buf(self, &tmp),
		   file_id_string_tos(&fsp->file_id),
		   timeval_string(talloc_tos(), &disconnect_time, true),
		   timeval_string(talloc_tos(), &until, true),
		   fsp->op->global->durable_timeout_msec/1000.0));

	SMB_ASSERT(server_id_is_disconnected(&fsp->op->global->server_id));
	SMB_ASSERT(!server_id_equal(&self, &smbd_scavenger_state->parent_id));
	SMB_ASSERT(!smbd_scavenger_state->am_scavenger);

	msg_blob = data_blob_const(&msg, sizeof(msg));
	DEBUG(10, ("send message to scavenger\n"));

	status = messaging_send(smbd_scavenger_state->msg,
				smbd_scavenger_state->parent_id,
				MSG_SMB_SCAVENGER,
				&msg_blob);
	if (!NT_STATUS_IS_OK(status)) {
		struct server_id_buf tmp1, tmp2;
		DEBUG(2, ("Failed to send message to parent smbd %s "
			  "from %s: %s\n",
			  server_id_str_buf(smbd_scavenger_state->parent_id,
					    &tmp1),
			  server_id_str_buf(self, &tmp2),
			  nt_errstr(status)));
	}
}
Beispiel #22
0
struct torture_suite *ndr_nbt_suite(TALLOC_CTX *ctx)
{
	struct torture_suite *suite = torture_suite_create(ctx, "nbt");

	torture_suite_add_ndr_pull_test(suite, nbt_netlogon_packet, netlogon_logon_request_req_data, netlogon_logon_request_req_check);

	torture_suite_add_ndr_pull_test(suite,
					nbt_netlogon_packet,
					nbt_netlogon_packet_logon_primary_query_data,
					nbt_netlogon_packet_logon_primary_query_check);

	torture_suite_add_ndr_pull_test(suite, nbt_netlogon_response2, netlogon_logon_request_resp_data, netlogon_logon_request_resp_check);

	torture_suite_add_ndr_pull_test(suite,
					netlogon_samlogon_response,
					netlogon_samlogon_response_data,
					netlogon_samlogon_response_check);

	torture_suite_add_ndr_pullpush_test(suite,
					    netlogon_samlogon_response,
					    data_blob_const(netlogon_samlogon_response_data, sizeof(netlogon_samlogon_response_data)),
					    netlogon_samlogon_response_check);

	torture_suite_add_ndr_pullpush_test(suite,
					    nbt_netlogon_packet,
					    data_blob_const(nbt_netlogon_packet_data, sizeof(nbt_netlogon_packet_data)),
					    nbt_netlogon_packet_check);

	torture_suite_add_ndr_pullpush_test(suite,
					    nbt_netlogon_packet,
					    data_blob_const(nbt_netlogon_packet_logon_primary_query_data, sizeof(nbt_netlogon_packet_logon_primary_query_data)),
					    nbt_netlogon_packet_logon_primary_query_check);

	torture_suite_add_ndr_pullpush_test(suite,
					    netlogon_samlogon_response,
					    data_blob_const(netlogon_samlogon_response_data2, sizeof(netlogon_samlogon_response_data2)),
					    netlogon_samlogon_response_check2);

	return suite;
}
Beispiel #23
0
static void smbd_smb2_request_write_done(struct tevent_req *subreq)
{
	struct smbd_smb2_request *req = tevent_req_callback_data(subreq,
					struct smbd_smb2_request);
	int i = req->current_idx;
	uint8_t *outhdr;
	DATA_BLOB outbody;
	DATA_BLOB outdyn;
	uint32_t out_count = 0;
	NTSTATUS status;
	NTSTATUS error; /* transport error */

	status = smbd_smb2_write_recv(subreq, &out_count);
	TALLOC_FREE(subreq);
	if (!NT_STATUS_IS_OK(status)) {
		error = smbd_smb2_request_error(req, status);
		if (!NT_STATUS_IS_OK(error)) {
			smbd_server_connection_terminate(req->sconn,
							 nt_errstr(error));
			return;
		}
		return;
	}

	outhdr = (uint8_t *)req->out.vector[i].iov_base;

	outbody = data_blob_talloc(req->out.vector, NULL, 0x10);
	if (outbody.data == NULL) {
		error = smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
		if (!NT_STATUS_IS_OK(error)) {
			smbd_server_connection_terminate(req->sconn,
							 nt_errstr(error));
			return;
		}
		return;
	}

	SSVAL(outbody.data, 0x00, 0x10 + 1);	/* struct size */
	SSVAL(outbody.data, 0x02, 0);		/* reserved */
	SIVAL(outbody.data, 0x04, out_count);	/* count */
	SIVAL(outbody.data, 0x08, 0);		/* remaining */
	SSVAL(outbody.data, 0x0C, 0);		/* write channel info offset */
	SSVAL(outbody.data, 0x0E, 0);		/* write channel info length */

	outdyn = data_blob_const(NULL, 0);

	error = smbd_smb2_request_done(req, outbody, &outdyn);
	if (!NT_STATUS_IS_OK(error)) {
		smbd_server_connection_terminate(req->sconn, nt_errstr(error));
		return;
	}
}
Beispiel #24
0
/*
  write to a file on SMB2
*/
NTSTATUS smb2_util_write(struct smb2_tree *tree,
			 struct smb2_handle handle, 
			 const void *buf, off_t offset, size_t size)
{
	struct smb2_write w;

	ZERO_STRUCT(w);
	w.in.file.handle = handle;
	w.in.offset      = offset;
	w.in.data        = data_blob_const(buf, size);

	return smb2_write(tree, &w);
}
Beispiel #25
0
struct eventlog_Record_tdb *evlog_pull_record_tdb(TALLOC_CTX *mem_ctx,
						  TDB_CONTEXT *tdb,
						  uint32_t record_number)
{
	struct eventlog_Record_tdb *r;
	TDB_DATA data, key;

	int32_t srecno;
	enum ndr_err_code ndr_err;
	DATA_BLOB blob;

	srecno = record_number;
	key.dptr = (unsigned char *)&srecno;
	key.dsize = sizeof(int32_t);

	data = tdb_fetch(tdb, key);
	if (data.dsize == 0) {
		DEBUG(8,("evlog_pull_record_tdb: "
			"Can't find a record for the key, record %d\n",
			record_number));
		return NULL;
	}

	r = talloc_zero(mem_ctx, struct eventlog_Record_tdb);
	if (!r) {
		goto done;
	}

	blob = data_blob_const(data.dptr, data.dsize);

	ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, NULL, r,
			   (ndr_pull_flags_fn_t)ndr_pull_eventlog_Record_tdb);

	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
		DEBUG(10,("evlog_pull_record_tdb: failed to decode record %d\n",
			record_number));
		TALLOC_FREE(r);
		goto done;
	}

	if (DEBUGLEVEL >= 10) {
		NDR_PRINT_DEBUG(eventlog_Record_tdb, r);
	}

	DEBUG(10,("evlog_pull_record_tdb: retrieved entry for record %d\n",
		record_number));
 done:
	SAFE_FREE(data.dptr);

	return r;
}
Beispiel #26
0
/*
  lookup an entry in the prefix cache. Return NULL if not found.
*/
static char *cache_lookup(TALLOC_CTX *mem_ctx, unsigned int hash)
{
	DATA_BLOB value;

	if (!memcache_lookup(smbd_memcache(), MANGLE_HASH2_CACHE,
			     data_blob_const(&hash, sizeof(hash)), &value)) {
		return NULL;
	}

	SMB_ASSERT((value.length > 0)
		   && (value.data[value.length-1] == '\0'));

	return talloc_strdup(mem_ctx, (char *)value.data);
}
Beispiel #27
0
void stat_cache_delete(const char *name)
{
	char *lname = talloc_strdup_upper(talloc_tos(), name);

	if (!lname) {
		return;
	}
	DEBUG(10,("stat_cache_delete: deleting name [%s] -> %s\n",
			lname, name ));

	memcache_delete(smbd_memcache(), STAT_CACHE,
			data_blob_const(lname, talloc_get_size(lname)-1));
	TALLOC_FREE(lname);
}
Beispiel #28
0
static bool delete_gid_cache(gid_t pgid)
{
	DATA_BLOB gid = data_blob_const(&pgid, sizeof(pgid));
	DATA_BLOB sid;
	if (!memcache_lookup(NULL, GID_SID_CACHE, gid, &sid)) {
		DEBUG(3, ("GID %d is not memcached!\n", (int)pgid));
		return false;
	}
	DEBUG(3, ("Delete mapping GID %d <-> %s from memcache\n", (int)pgid,
		  sid_string_dbg((struct dom_sid*)sid.data)));
	memcache_delete(NULL, SID_GID_CACHE, sid);
	memcache_delete(NULL, GID_SID_CACHE, gid);
	return true;
}
Beispiel #29
0
/*
 * Certs used for this protocol have a GUID in the issuer_uniq_id field.
 * This function fetch it.
 */
static struct GUID *get_cert_guid(struct torture_context *tctx,
				  TALLOC_CTX *mem_ctx,
				  uint8_t *cert_data,
				  uint32_t cert_len)
{
	hx509_context hctx;
	hx509_cert cert;
	heim_bit_string subjectuniqid;
	DATA_BLOB data;
	int hret;
	uint32_t size;
	struct GUID *guid = talloc_zero(mem_ctx, struct GUID);
	NTSTATUS status;

	hx509_context_init(&hctx);

	hret = hx509_cert_init_data(hctx, cert_data, cert_len, &cert);
	if (hret) {
		torture_comment(tctx, "error while loading the cert\n");
		hx509_context_free(&hctx);
		return NULL;
	}
	hret = hx509_cert_get_issuer_unique_id(hctx, cert, &subjectuniqid);
	if (hret) {
		torture_comment(tctx, "error while getting the issuer_uniq_id\n");
		hx509_cert_free(cert);
		hx509_context_free(&hctx);
		return NULL;
	}

	/* The subjectuniqid is a bit string,
	 * which means that the real size has to be divided by 8
	 * to have the number of bytes
	 */
	hx509_cert_free(cert);
	hx509_context_free(&hctx);
	size = subjectuniqid.length / 8;
	data = data_blob_const(subjectuniqid.data, size);

	status = GUID_from_data_blob(&data, guid);
	der_free_bit_string(&subjectuniqid);
	if (!NT_STATUS_IS_OK(status)) {
		return NULL;
	}

	return guid;
}
Beispiel #30
0
static bool ntprinting_printer_latin1_check(struct torture_context *tctx)
{
	enum ndr_err_code ndr_err;
	struct ntprinting_printer r;
	DATA_BLOB blob;
	bool ok;

	ok = lpcfg_do_global_parameter(tctx->lp_ctx, "dos charset", "CP1252");
	if (!ok) {
		torture_comment(tctx, "Could not set 'dos charset' option.\n");
		return false;
	}
	reload_charcnv(tctx->lp_ctx);

	ZERO_STRUCT(r);
	r.info.string_flags = LIBNDR_FLAG_STR_ASCII;

	blob = data_blob_const(ntprinting_printer_data_latin1,
			       sizeof(ntprinting_printer_data_latin1));

	ndr_err = ndr_pull_struct_blob(&blob, tctx, &r,
		   (ndr_pull_flags_fn_t)ndr_pull_ntprinting_printer);

	torture_assert_ndr_success(tctx,
				   ndr_err,
				   "ndr_pull_ntprinting_printer");
#if 0
	ndr_print_debug((ndr_print_fn_t) ndr_print_ntprinting_printer,
			"ntprinter",
			&r);
#endif
	torture_assert_str_equal(tctx,
				 r.info.printername,
				 "S0BC",
				 "printername");
	/* latin1 encoding check */
	torture_assert_str_equal(tctx,
				 r.info.comment,
				 "\" SALA DA RECEPÇÃO DA CONSTRUÇÃO - RAND0 LOCATIO",
				 "comment");
	torture_assert_str_equal(tctx,
				 r.info.location,
				 "UTGCA ",
				 "location");

	return true;
}