static void CheckRpcBindRequest(const RPC_BIND_REQUEST *const Request, const unsigned int len)
{
uint_fast8_t i, HasTransferSyntaxNDR32 = FALSE;
char guidBuffer1[GUID_STRING_LENGTH + 1], guidBuffer2[GUID_STRING_LENGTH + 1];
uint32_t CapCtxItems = (len - sizeof(*Request) + sizeof(Request->CtxItems)) / sizeof(Request->CtxItems);
DWORD NumCtxItems = LE32(Request->NumCtxItems);
if (NumCtxItems < CapCtxItems) // Can't be too small because already handled by RpcBindSize
logger("Warning: Excess bytes in RPC bind request.\n");
for (i = 0; i < NumCtxItems; i++)
{
struct CtxItem const* ctxItem = Request->CtxItems + i;
if (!IsEqualGUID(&ctxItem->InterfaceUUID, InterfaceUuid))
{
uuid2StringLE(&ctxItem->InterfaceUUID, guidBuffer1);
uuid2StringLE((GUID*)InterfaceUuid, guidBuffer2);
logger("Fatal: Interface UUID is %s but should be %s in Ctx item %u.\n", guidBuffer1, guidBuffer2, (unsigned int)i);
}
if (ctxItem->NumTransItems != LE16(1))
logger("Fatal: %u NDR32 transfer items detected in Ctx item %u, but only one is supported.\n",
(unsigned int)LE16(ctxItem->NumTransItems), (unsigned int)i
);
if (ctxItem->InterfaceVerMajor != LE16(1) || ctxItem->InterfaceVerMinor != 0)
logger("Warning: Interface version is %u.%u but should be 1.0.\n",
(unsigned int)LE16(ctxItem->InterfaceVerMajor),
(unsigned int)LE16(ctxItem->InterfaceVerMinor)
);
if (ctxItem->ContextId != LE16((WORD)i))
logger("Warning: context id of Ctx item %u is %u.\n", (unsigned int)i, (unsigned int)ctxItem->ContextId);
if (IsEqualGUID((GUID*)TransferSyntaxNDR32, &ctxItem->TransferSyntax))
{
HasTransferSyntaxNDR32 = TRUE;
if (ctxItem->SyntaxVersion != LE32(2))
logger("NDR32 transfer syntax version is %u but should be 2.\n", LE32(ctxItem->SyntaxVersion));
}
else if (IsEqualGUID((GUID*)TransferSyntaxNDR64, &ctxItem->TransferSyntax))
{
if (ctxItem->SyntaxVersion != LE32(1))
logger("NDR64 transfer syntax version is %u but should be 1.\n", LE32(ctxItem->SyntaxVersion));
}
else if (!memcmp(BindTimeFeatureNegotiation, (BYTE*)(&ctxItem->TransferSyntax), 8))
{
if (ctxItem->SyntaxVersion != LE32(1))
logger("BTFN syntax version is %u but should be 1.\n", LE32(ctxItem->SyntaxVersion));
}
}
if (!HasTransferSyntaxNDR32)
logger("Warning: RPC bind request has no NDR32 CtxItem.\n");
}
void logRequestVerbose(const REQUEST *const Request, const PRINTFUNC p)
{
char guidBuffer[GUID_STRING_LENGTH + 1];
char WorkstationBuffer[3 * WORKSTATION_NAME_BUFFER];
const char *productName;
ProdListIndex_t index;
p("Protocol version : %u.%u\n", LE16(Request->MajorVer), LE16(Request->MinorVer));
p("Client is a virtual machine : %s\n", LE32(Request->VMInfo) ? "Yes" : "No");
p("Licensing status : %u (%s)\n", (uint32_t)LE32(Request->LicenseStatus), LE32(Request->LicenseStatus) < _countof(LicenseStatusText) ? LicenseStatusText[LE32(Request->LicenseStatus)] : "Unknown");
p("Remaining time (0 = forever) : %i minutes\n", (uint32_t)LE32(Request->BindingExpiration));
uuid2StringLE(&Request->AppID, guidBuffer);
productName = getProductNameLE(&Request->AppID, AppList, getAppListSize(), &index);
p("Application ID : %s (%s)\n", guidBuffer, productName);
uuid2StringLE(&Request->ActID, guidBuffer);
# ifndef NO_EXTENDED_PRODUCT_LIST
productName = getProductNameLE(&Request->ActID, ExtendedProductList, getExtendedProductListSize(), &index);
# else
productName = "Unknown";
# endif
p("SKU ID (aka Activation ID) : %s (%s)\n", guidBuffer, productName);
uuid2StringLE(&Request->KMSID, guidBuffer);
productName = getProductNameLE(&Request->KMSID, ProductList, getProductListSize(), &index);
p("KMS ID (aka KMS counted ID) : %s (%s)\n", guidBuffer, productName);
uuid2StringLE(&Request->CMID, guidBuffer);
p("Client machine ID : %s\n", guidBuffer);
uuid2StringLE(&Request->CMID_prev, guidBuffer);
p("Previous client machine ID : %s\n", guidBuffer);
char mbstr[64];
time_t st;
st = fileTimeToUnixTime(&Request->ClientTime);
strftime(mbstr, sizeof(mbstr), "%Y-%m-%d %X", gmtime(&st));
p("Client request timestamp (UTC) : %s\n", mbstr);
ucs2_to_utf8(Request->WorkstationName, WorkstationBuffer, WORKSTATION_NAME_BUFFER, sizeof(WorkstationBuffer));
p("Workstation name : %s\n", WorkstationBuffer);
p("N count policy (minimum clients): %u\n", (uint32_t)LE32(Request->N_Policy));
}
void logResponseVerbose(const char *const ePID, const BYTE *const hwid, const RESPONSE *const response, const PRINTFUNC p)
{
char guidBuffer[GUID_STRING_LENGTH + 1];
//SYSTEMTIME st;
p("Protocol version : %u.%u\n", (uint32_t)LE16(response->MajorVer), (uint32_t)LE16(response->MinorVer));
p("KMS host extended PID : %s\n", ePID);
if (LE16(response->MajorVer) > 5)
# ifndef _WIN32
p("KMS host Hardware ID : %016llX\n", (unsigned long long)BE64(*(uint64_t*)hwid));
# else // _WIN32
p("KMS host Hardware ID : %016I64X\n", (unsigned long long)BE64(*(uint64_t*)hwid));
# endif // WIN32
uuid2StringLE(&response->CMID, guidBuffer);
p("Client machine ID : %s\n", guidBuffer);
char mbstr[64];
time_t st;
st = fileTimeToUnixTime(&response->ClientTime);
strftime(mbstr, sizeof(mbstr), "%Y-%m-%d %X", gmtime(&st));
p("Client request timestamp (UTC) : %s\n", mbstr);
p("KMS host current active clients : %u\n", (uint32_t)LE32(response->Count));
p("Renewal interval policy : %u\n", (uint32_t)LE32(response->VLRenewalInterval));
p("Activation interval policy : %u\n", (uint32_t)LE32(response->VLActivationInterval));
}
