rpc_message.h File Reference

#include "rpc_defs.h"

Include dependency graph for rpc_message.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Typedefs
typedef unsigned int	NCA_STATUS

Functions
RpcPktHdr *	RPCRT4_BuildFaultHeader (ULONG DataRepresentation, RPC_STATUS Status)
RpcPktHdr *	RPCRT4_BuildResponseHeader (ULONG DataRepresentation, ULONG BufferLength)
RpcPktHdr *	RPCRT4_BuildBindHeader (ULONG DataRepresentation, unsigned short MaxTransmissionSize, unsigned short MaxReceiveSize, ULONG AssocGroupId, const RPC_SYNTAX_IDENTIFIER *AbstractId, const RPC_SYNTAX_IDENTIFIER *TransferId)
RpcPktHdr *	RPCRT4_BuildBindNackHeader (ULONG DataRepresentation, unsigned char RpcVersion, unsigned char RpcVersionMinor, unsigned short RejectReason)
RpcPktHdr *	RPCRT4_BuildBindAckHeader (ULONG DataRepresentation, unsigned short MaxTransmissionSize, unsigned short MaxReceiveSize, ULONG AssocGroupId, LPCSTR ServerAddress, unsigned char ResultCount, const RpcResult *Results)
RpcPktHdr *	RPCRT4_BuildHttpHeader (ULONG DataRepresentation, unsigned short flags, unsigned short num_data_items, unsigned int payload_size)
RpcPktHdr *	RPCRT4_BuildHttpConnectHeader (int out_pipe, const UUID *connection_uuid, const UUID *pipe_uuid, const UUID *association_uuid)
RpcPktHdr *	RPCRT4_BuildHttpFlowControlHeader (BOOL server, ULONG bytes_transmitted, ULONG flow_control_increment, const UUID *pipe_uuid)
RPC_STATUS	RPCRT4_Send (RpcConnection *Connection, RpcPktHdr *Header, void *Buffer, unsigned int BufferLength)
RPC_STATUS	RPCRT4_SendWithAuth (RpcConnection *Connection, RpcPktHdr *Header, void *Buffer, unsigned int BufferLength, const void *Auth, unsigned int AuthLength)
RPC_STATUS	RPCRT4_ReceiveWithAuth (RpcConnection *Connection, RpcPktHdr **Header, PRPC_MESSAGE pMsg, unsigned char **auth_data_out, ULONG *auth_length_out)
DWORD	RPCRT4_GetHeaderSize (const RpcPktHdr *Header)
RPC_STATUS	RPCRT4_ValidateCommonHeader (const RpcPktCommonHdr *hdr)
BOOL	RPCRT4_IsValidHttpPacket (RpcPktHdr *hdr, unsigned char *data, unsigned short data_len)
RPC_STATUS	RPCRT4_ParseHttpPrepareHeader1 (RpcPktHdr *header, unsigned char *data, ULONG *field1)
RPC_STATUS	RPCRT4_ParseHttpPrepareHeader2 (RpcPktHdr *header, unsigned char *data, ULONG *field1, ULONG *bytes_until_next_packet, ULONG *field3)
RPC_STATUS	RPCRT4_ParseHttpFlowControlHeader (RpcPktHdr *header, unsigned char *data, BOOL server, ULONG *bytes_transmitted, ULONG *flow_control_increment, UUID *pipe_uuid)
NCA_STATUS	RPC2NCA_STATUS (RPC_STATUS status)
RPC_STATUS	RPCRT4_ClientConnectionAuth (RpcConnection *conn, BYTE *challenge, ULONG count)
RPC_STATUS	RPCRT4_ServerConnectionAuth (RpcConnection *conn, BOOL start, RpcAuthVerifier *auth_data_in, ULONG auth_length_in, unsigned char **auth_data_out, ULONG *auth_length_out)
RPC_STATUS	RPCRT4_AuthorizeConnection (RpcConnection *conn, BYTE *challenge, ULONG count)
RPC_STATUS	RPCRT4_ServerGetRegisteredAuthInfo (USHORT auth_type, CredHandle *cred, TimeStamp *exp, ULONG *max_token)
RPC_STATUS	RPCRT4_default_authorize (RpcConnection *conn, BOOL first_time, unsigned char *in_buffer, unsigned int in_size, unsigned char *out_buffer, unsigned int *out_size)
BOOL	RPCRT4_default_is_authorized (RpcConnection *Connection)
RPC_STATUS	RPCRT4_default_secure_packet (RpcConnection *Connection, enum secure_packet_direction dir, RpcPktHdr *hdr, unsigned int hdr_size, unsigned char *stub_data, unsigned int stub_data_size, RpcAuthVerifier *auth_hdr, unsigned char *auth_value, unsigned int auth_value_size)
RPC_STATUS	RPCRT4_default_impersonate_client (RpcConnection *conn)
RPC_STATUS	RPCRT4_default_revert_to_self (RpcConnection *conn)
RPC_STATUS	RPCRT4_default_inquire_auth_client (RpcConnection *conn, RPC_AUTHZ_HANDLE *privs, RPC_WSTR *server_princ_name, ULONG *authn_level, ULONG *authn_svc, ULONG *authz_svc, ULONG flags)

Typedef Documentation

NCA_STATUS

typedef unsigned int NCA_STATUS

Definition at line 26 of file rpc_message.h.

Function Documentation

RPC2NCA_STATUS()

NCA_STATUS RPC2NCA_STATUS

(

RPC_STATUS

status

)

Definition at line 404 of file rpc_message.c.

{
    switch (status)
    {
    case ERROR_INVALID_HANDLE:              return NCA_S_FAULT_CONTEXT_MISMATCH;
    case ERROR_OUTOFMEMORY:                 return NCA_S_FAULT_REMOTE_NO_MEMORY;
    case RPC_S_NOT_LISTENING:               return NCA_S_SERVER_TOO_BUSY;
    case RPC_S_UNKNOWN_IF:                  return NCA_S_UNK_IF;
    case RPC_S_SERVER_TOO_BUSY:             return NCA_S_SERVER_TOO_BUSY;
    case RPC_S_CALL_FAILED:                 return NCA_S_FAULT_UNSPEC;
    case RPC_S_CALL_FAILED_DNE:             return NCA_S_MANAGER_NOT_ENTERED;
    case RPC_S_PROTOCOL_ERROR:              return NCA_S_PROTO_ERROR;
    case RPC_S_UNSUPPORTED_TYPE:            return NCA_S_UNSUPPORTED_TYPE;
    case RPC_S_INVALID_TAG:                 return NCA_S_FAULT_INVALID_TAG;
    case RPC_S_INVALID_BOUND:               return NCA_S_FAULT_INVALID_BOUND;
    case RPC_S_PROCNUM_OUT_OF_RANGE:        return NCA_S_OP_RNG_ERROR;
    case RPC_X_SS_HANDLES_MISMATCH:         return NCA_S_FAULT_CONTEXT_MISMATCH;
    case RPC_S_CALL_CANCELLED:              return NCA_S_FAULT_CANCEL;
    case RPC_S_COMM_FAILURE:                return NCA_S_COMM_FAILURE;
    case RPC_X_WRONG_PIPE_ORDER:            return NCA_S_FAULT_PIPE_ORDER;
    case RPC_X_PIPE_CLOSED:                 return NCA_S_FAULT_PIPE_CLOSED;
    case RPC_X_PIPE_DISCIPLINE_ERROR:       return NCA_S_FAULT_PIPE_DISCIPLINE;
    case RPC_X_PIPE_EMPTY:                  return NCA_S_FAULT_PIPE_EMPTY;
    case STATUS_FLOAT_DIVIDE_BY_ZERO:       return NCA_S_FAULT_FP_DIV_ZERO;
    case STATUS_FLOAT_INVALID_OPERATION:    return NCA_S_FAULT_FP_ERROR;
    case STATUS_FLOAT_OVERFLOW:             return NCA_S_FAULT_FP_OVERFLOW;
    case STATUS_FLOAT_UNDERFLOW:            return NCA_S_FAULT_FP_UNDERFLOW;
    case STATUS_INTEGER_DIVIDE_BY_ZERO:     return NCA_S_FAULT_INT_DIV_BY_ZERO;
    case STATUS_INTEGER_OVERFLOW:           return NCA_S_FAULT_INT_OVERFLOW;
    default:                                return status;
    }
}

Referenced by process_request_packet().

RPCRT4_AuthorizeConnection()

RPC_STATUS RPCRT4_AuthorizeConnection	(	RpcConnection *	conn,
		BYTE *	challenge,
		ULONG	count
	)

RPCRT4_BuildBindAckHeader()

RpcPktHdr * RPCRT4_BuildBindAckHeader	(	ULONG	DataRepresentation,
		unsigned short	MaxTransmissionSize,
		unsigned short	MaxReceiveSize,
		ULONG	AssocGroupId,
		LPCSTR	ServerAddress,
		unsigned char	ResultCount,
		const RpcResult *	Results
	)

Definition at line 254 of file rpc_message.c.

{
  RpcPktHdr *header;
  ULONG header_size;
  RpcAddressString *server_address;
  RpcResultList *results;
 
  header_size = sizeof(header->bind_ack) +
                ROUND_UP(FIELD_OFFSET(RpcAddressString, string[strlen(ServerAddress) + 1]), 4) +
                FIELD_OFFSET(RpcResultList, results[ResultCount]);
 
  header = calloc(1, header_size);
  if (header == NULL) {
    return NULL;
  }
 
  RPCRT4_BuildCommonHeader(&header->common, PKT_BIND_ACK, DataRepresentation);
  header->common.frag_len = header_size;
  header->bind_ack.max_tsize = MaxTransmissionSize;
  header->bind_ack.max_rsize = MaxReceiveSize;
  header->bind_ack.assoc_gid = AssocGroupId;
  server_address = (RpcAddressString*)(&header->bind_ack + 1);
  server_address->length = strlen(ServerAddress) + 1;
  strcpy(server_address->string, ServerAddress);
  /* results is 4-byte aligned */
  results = (RpcResultList*)((ULONG_PTR)server_address + ROUND_UP(FIELD_OFFSET(RpcAddressString, string[server_address->length]), 4));
  results->num_results = ResultCount;
  memcpy(&results->results[0], Results, ResultCount * sizeof(*Results));
 
  return header;
}

Referenced by process_bind_packet_no_send().

RPCRT4_BuildBindHeader()

RpcPktHdr * RPCRT4_BuildBindHeader	(	ULONG	DataRepresentation,
		unsigned short	MaxTransmissionSize,
		unsigned short	MaxReceiveSize,
		ULONG	AssocGroupId,
		const RPC_SYNTAX_IDENTIFIER *	AbstractId,
		const RPC_SYNTAX_IDENTIFIER *	TransferId
	)

Definition at line 186 of file rpc_message.c.

{
  RpcPktHdr *header;
  RpcContextElement *ctxt_elem;
 
  header = calloc(1, sizeof(header->bind) + FIELD_OFFSET(RpcContextElement, transfer_syntaxes[1]));
  if (header == NULL) {
    return NULL;
  }
  ctxt_elem = (RpcContextElement *)(&header->bind + 1);
 
  RPCRT4_BuildCommonHeader(&header->common, PKT_BIND, DataRepresentation);
  header->common.frag_len = sizeof(header->bind) + FIELD_OFFSET(RpcContextElement, transfer_syntaxes[1]);
  header->bind.max_tsize = MaxTransmissionSize;
  header->bind.max_rsize = MaxReceiveSize;
  header->bind.assoc_gid = AssocGroupId;
  header->bind.num_elements = 1;
  ctxt_elem->num_syntaxes = 1;
  ctxt_elem->abstract_syntax = *AbstractId;
  ctxt_elem->transfer_syntaxes[0] = *TransferId;
 
  return header;
}

Referenced by RpcAssoc_BindConnection().

RPCRT4_BuildBindNackHeader()

RpcPktHdr * RPCRT4_BuildBindNackHeader	(	ULONG	DataRepresentation,
		unsigned char	RpcVersion,
		unsigned char	RpcVersionMinor,
		unsigned short	RejectReason
	)

Definition at line 229 of file rpc_message.c.

{
  RpcPktBindNAckHdr *header;
#ifndef _MSC_VER
  C_ASSERT(sizeof(*header) >= FIELD_OFFSET(RpcPktBindNAckHdr, protocols[1]));
#endif
 
  header = calloc(1, sizeof(*header));
  if (header == NULL) {
    return NULL;
  }
 
  RPCRT4_BuildCommonHeader(&header->common, PKT_BIND_NACK, DataRepresentation);
  header->common.frag_len = FIELD_OFFSET(RpcPktBindNAckHdr, protocols[1]);
  header->reject_reason = RejectReason;
  header->protocols_count = 1;
  header->protocols[0].rpc_ver = RpcVersion;
  header->protocols[0].rpc_ver_minor = RpcVersionMinor;
 
  return (RpcPktHdr *)header;
}

Referenced by handle_bind_error().

RPCRT4_BuildFaultHeader()

RpcPktHdr * RPCRT4_BuildFaultHeader	(	ULONG	DataRepresentation,
		RPC_STATUS	Status
	)

Definition at line 170 of file rpc_message.c.

{
  RpcPktFaultHdr *header;
 
  header = calloc(1, sizeof(*header));
  if (header == NULL) {
    return NULL;
  }
 
  RPCRT4_BuildCommonHeader(&header->common, PKT_FAULT, DataRepresentation);
  header->common.frag_len = sizeof(*header);
  header->status = Status;
 
  return (RpcPktHdr *)header;
}

Referenced by process_request_packet().

RPCRT4_BuildHttpConnectHeader()

RpcPktHdr * RPCRT4_BuildHttpConnectHeader	(	int	out_pipe,
		const UUID *	connection_uuid,
		const UUID *	pipe_uuid,
		const UUID *	association_uuid
	)

Definition at line 345 of file rpc_message.c.

{
  RpcPktHdr *header;
  unsigned int size;
  char *payload;
 
  size = 8 + 4 + sizeof(UUID) + 4 + sizeof(UUID) + 8;
  if (!out_pipe)
    size += 8 + 4 + sizeof(UUID);
 
  header = RPCRT4_BuildHttpHeader(NDR_LOCAL_DATA_REPRESENTATION, 0,
                                  out_pipe ? 4 : 6, size);
  if (!header) return NULL;
  payload = (char *)(&header->http+1);
 
  /* FIXME: what does this part of the payload do? */
  WRITE_HTTP_PAYLOAD_FIELD_UINT32(payload, 0x00000006, 0x00000001);
 
  WRITE_HTTP_PAYLOAD_FIELD_UUID(payload, 0x00000003, *connection_uuid);
  WRITE_HTTP_PAYLOAD_FIELD_UUID(payload, 0x00000003, *pipe_uuid);
 
  if (out_pipe)
    /* FIXME: what does this part of the payload do? */
    WRITE_HTTP_PAYLOAD_FIELD_UINT32(payload, 0x00000000, 0x00010000);
  else
  {
    /* FIXME: what does this part of the payload do? */
    WRITE_HTTP_PAYLOAD_FIELD_UINT32(payload, 0x00000004, 0x40000000);
    /* FIXME: what does this part of the payload do? */
    WRITE_HTTP_PAYLOAD_FIELD_UINT32(payload, 0x00000005, 0x000493e0);
 
    WRITE_HTTP_PAYLOAD_FIELD_UUID(payload, 0x0000000c, *association_uuid);
  }
 
  return header;
}

Referenced by rpcrt4_http_prepare_in_pipe(), and rpcrt4_http_prepare_out_pipe().

RPCRT4_BuildHttpFlowControlHeader()

RpcPktHdr * RPCRT4_BuildHttpFlowControlHeader	(	BOOL	server,
		ULONG	bytes_transmitted,
		ULONG	flow_control_increment,
		const UUID *	pipe_uuid
	)

Definition at line 385 of file rpc_message.c.

{
  RpcPktHdr *header;
  char *payload;
 
  header = RPCRT4_BuildHttpHeader(NDR_LOCAL_DATA_REPRESENTATION, 0x2, 2,
                                  5 * sizeof(ULONG) + sizeof(UUID));
  if (!header) return NULL;
  payload = (char *)(&header->http+1);
 
  WRITE_HTTP_PAYLOAD_FIELD_UINT32(payload, 0x0000000d, (server ? 0x0 : 0x3));
 
  WRITE_HTTP_PAYLOAD_FIELD_FLOW_CONTROL(payload, bytes_transmitted,
                                        flow_control_increment, *pipe_uuid);
  return header;
}

Referenced by rpcrt4_ncacn_http_receive_fragment().

RPCRT4_BuildHttpHeader()

RpcPktHdr * RPCRT4_BuildHttpHeader	(	ULONG	DataRepresentation,
		unsigned short	flags,
		unsigned short	num_data_items,
		unsigned int	payload_size
	)

Definition at line 292 of file rpc_message.c.

{
  RpcPktHdr *header;
 
  header = calloc(1, sizeof(header->http) + payload_size);
  if (header == NULL) {
      ERR("failed to allocate memory\n");
    return NULL;
  }
 
  RPCRT4_BuildCommonHeader(&header->common, PKT_HTTP, DataRepresentation);
  /* since the packet isn't current sent using RPCRT4_Send, set the flags
   * manually here */
  header->common.flags = RPC_FLG_FIRST|RPC_FLG_LAST;
  header->common.call_id = 0;
  header->common.frag_len = sizeof(header->http) + payload_size;
  header->http.flags = flags;
  header->http.num_data_items = num_data_items;
 
  return header;
}

Referenced by RPCRT4_BuildHttpConnectHeader(), RPCRT4_BuildHttpFlowControlHeader(), and rpcrt4_http_keep_connection_active_timer_proc().

RPCRT4_BuildResponseHeader()

RpcPktHdr * RPCRT4_BuildResponseHeader	(	ULONG	DataRepresentation,
		ULONG	BufferLength
	)

Definition at line 154 of file rpc_message.c.

{
  RpcPktResponseHdr *header;
 
  header = calloc(1, sizeof(*header));
  if (header == NULL) {
    return NULL;
  }
 
  RPCRT4_BuildCommonHeader(&header->common, PKT_RESPONSE, DataRepresentation);
  header->common.frag_len = sizeof(*header);
  header->alloc_hint = BufferLength;
 
  return (RpcPktHdr *)header;
}

Referenced by process_request_packet().

RPCRT4_ClientConnectionAuth()

RPC_STATUS RPCRT4_ClientConnectionAuth	(	RpcConnection *	conn,
		BYTE *	challenge,
		ULONG	count
	)

Definition at line 988 of file rpc_message.c.

{
  RpcPktHdr *resp_hdr;
  RPC_STATUS status;
  unsigned char *out_buffer;
  unsigned int out_len = 0;
 
  TRACE("challenge %s, %ld bytes\n", challenge, count);
 
  status = rpcrt4_conn_authorize(conn, FALSE, challenge, count, NULL, &out_len);
  if (status) return status;
  out_buffer = malloc(out_len);
  if (!out_buffer) return RPC_S_OUT_OF_RESOURCES;
  status = rpcrt4_conn_authorize(conn, FALSE, challenge, count, out_buffer, &out_len);
  if (status) return status;
 
  resp_hdr = RPCRT4_BuildAuthHeader(NDR_LOCAL_DATA_REPRESENTATION);
 
  if (resp_hdr)
    status = RPCRT4_SendWithAuth(conn, resp_hdr, NULL, 0, out_buffer, out_len);
  else
    status = RPC_S_OUT_OF_RESOURCES;
 
  free(out_buffer);
  free(resp_hdr);
 
  return status;
}

Referenced by RpcAssoc_BindConnection().

RPCRT4_default_authorize()

RPC_STATUS RPCRT4_default_authorize	(	RpcConnection *	conn,
		BOOL	first_time,
		unsigned char *	in_buffer,
		unsigned int	in_size,
		unsigned char *	out_buffer,
		unsigned int *	out_size
	)

Definition at line 868 of file rpc_message.c.

{
  SECURITY_STATUS r;
  SecBufferDesc out_desc;
  SecBufferDesc inp_desc;
  SecPkgContext_Sizes secctx_sizes;
  BOOL continue_needed;
  ULONG context_req;
  SecBuffer in, out;
 
  if (!out_buffer)
  {
    *out_size = conn->AuthInfo->cbMaxToken;
    return RPC_S_OK;
  }
 
  in.BufferType = SECBUFFER_TOKEN;
  in.pvBuffer = in_buffer;
  in.cbBuffer = in_size;
 
  out.BufferType = SECBUFFER_TOKEN;
  out.pvBuffer = out_buffer;
  out.cbBuffer = *out_size;
 
  out_desc.ulVersion = 0;
  out_desc.cBuffers = 1;
  out_desc.pBuffers = &out;
 
  inp_desc.ulVersion = 0;
  inp_desc.cBuffers = 1;
  inp_desc.pBuffers = ∈
 
  if (conn->server)
  {
      context_req = ASC_REQ_CONNECTION | ASC_REQ_USE_DCE_STYLE |
                    ASC_REQ_DELEGATE;
 
      if (conn->AuthInfo->AuthnLevel == RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
          context_req |= ASC_REQ_INTEGRITY;
      else if (conn->AuthInfo->AuthnLevel == RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
          context_req |= ASC_REQ_CONFIDENTIALITY | ASC_REQ_INTEGRITY;
 
      r = AcceptSecurityContext(&conn->AuthInfo->cred,
                                first_time ? NULL : &conn->ctx,
                                &inp_desc, context_req, SECURITY_NETWORK_DREP,
                                &conn->ctx,
                                &out_desc, &conn->attr, &conn->exp);
      if (r == SEC_E_OK || r == SEC_I_COMPLETE_NEEDED)
      {
          /* authorisation done, so nothing more to send */
          out.cbBuffer = 0;
      }
  }
  else
  {
      context_req = ISC_REQ_CONNECTION | ISC_REQ_USE_DCE_STYLE |
                    ISC_REQ_MUTUAL_AUTH | ISC_REQ_DELEGATE;
 
      if (conn->AuthInfo->AuthnLevel == RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
          context_req |= ISC_REQ_INTEGRITY;
      else if (conn->AuthInfo->AuthnLevel == RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
          context_req |= ISC_REQ_CONFIDENTIALITY | ISC_REQ_INTEGRITY;
 
      r = InitializeSecurityContextW(&conn->AuthInfo->cred,
                                     first_time ? NULL: &conn->ctx,
                                     first_time ? conn->AuthInfo->server_principal_name : NULL,
                                     context_req, 0, SECURITY_NETWORK_DREP,
                                     first_time ? NULL : &inp_desc, 0, &conn->ctx,
                                     &out_desc, &conn->attr, &conn->exp);
  }
  if (FAILED(r))
  {
      WARN("InitializeSecurityContext failed with error 0x%08lx\n", r);
      goto failed;
  }
 
  TRACE("r = 0x%08lx, attr = 0x%08lx\n", r, conn->attr);
  continue_needed = ((r == SEC_I_CONTINUE_NEEDED) ||
                     (r == SEC_I_COMPLETE_AND_CONTINUE));
 
  if ((r == SEC_I_COMPLETE_NEEDED) || (r == SEC_I_COMPLETE_AND_CONTINUE))
  {
      TRACE("complete needed\n");
      r = CompleteAuthToken(&conn->ctx, &out_desc);
      if (FAILED(r))
      {
          WARN("CompleteAuthToken failed with error 0x%08lx\n", r);
          goto failed;
      }
  }
 
  TRACE("cbBuffer = %ld\n", out.cbBuffer);
 
  if (!continue_needed)
  {
      r = QueryContextAttributesA(&conn->ctx, SECPKG_ATTR_SIZES, &secctx_sizes);
      if (FAILED(r))
      {
          WARN("QueryContextAttributes failed with error 0x%08lx\n", r);
          goto failed;
      }
      conn->signature_auth_len = secctx_sizes.cbMaxSignature;
      conn->encryption_auth_len = secctx_sizes.cbSecurityTrailer;
  }
 
  *out_size = out.cbBuffer;
  return RPC_S_OK;
 
failed:
  *out_size = 0;
  return ERROR_ACCESS_DENIED; /* FIXME: is this correct? */
}

RPCRT4_default_impersonate_client()

RPC_STATUS RPCRT4_default_impersonate_client

(

RpcConnection *

conn

)

Definition at line 1127 of file rpc_message.c.

{
    SECURITY_STATUS sec_status;
 
    TRACE("(%p)\n", conn);
 
    if (!conn->AuthInfo || !SecIsValidHandle(&conn->ctx))
        return RPC_S_NO_CONTEXT_AVAILABLE;
    sec_status = ImpersonateSecurityContext(&conn->ctx);
    if (sec_status != SEC_E_OK)
        WARN("ImpersonateSecurityContext returned 0x%08lx\n", sec_status);
    switch (sec_status)
    {
    case SEC_E_UNSUPPORTED_FUNCTION:
        return RPC_S_CANNOT_SUPPORT;
    case SEC_E_NO_IMPERSONATION:
        return RPC_S_NO_CONTEXT_AVAILABLE;
    case SEC_E_OK:
        return RPC_S_OK;
    default:
        return RPC_S_SEC_PKG_ERROR;
    }
}

Referenced by rpcrt4_conn_np_impersonate_client().

RPCRT4_default_inquire_auth_client()

RPC_STATUS RPCRT4_default_inquire_auth_client	(	RpcConnection *	conn,
		RPC_AUTHZ_HANDLE *	privs,
		RPC_WSTR *	server_princ_name,
		ULONG *	authn_level,
		ULONG *	authn_svc,
		ULONG *	authz_svc,
		ULONG	flags
	)

Definition at line 1185 of file rpc_message.c.

{
    if (!conn->AuthInfo) return RPC_S_BINDING_HAS_NO_AUTH;
 
    if (privs)
    {
        FIXME("privs not implemented\n");
        *privs = NULL;
    }
    if (server_princ_name)
    {
        *server_princ_name = wcsdup(conn->AuthInfo->server_principal_name);
        if (!*server_princ_name) return ERROR_OUTOFMEMORY;
    }
    if (authn_level) *authn_level = conn->AuthInfo->AuthnLevel;
    if (authn_svc) *authn_svc = conn->AuthInfo->AuthnSvc;
    if (authz_svc)
    {
        FIXME("authorization service not implemented\n");
        *authz_svc = RPC_C_AUTHZ_NONE;
    }
    if (flags)
        FIXME("flags 0x%lx not implemented\n", flags);
 
    return RPC_S_OK;
}

RPCRT4_default_is_authorized()

BOOL RPCRT4_default_is_authorized

(

RpcConnection *

Connection

)

Definition at line 1118 of file rpc_message.c.

{
    return Connection->AuthInfo && SecIsValidHandle(&Connection->ctx);
}

RPCRT4_default_revert_to_self()

RPC_STATUS RPCRT4_default_revert_to_self

(

RpcConnection *

conn

)

Definition at line 1155 of file rpc_message.c.

{
    SECURITY_STATUS sec_status;
 
    TRACE("(%p)\n", conn);
 
    if (!conn->AuthInfo || !SecIsValidHandle(&conn->ctx))
        return RPC_S_NO_CONTEXT_AVAILABLE;
    sec_status = RevertSecurityContext(&conn->ctx);
    if (sec_status != SEC_E_OK)
        WARN("RevertSecurityContext returned 0x%08lx\n", sec_status);
    switch (sec_status)
    {
    case SEC_E_UNSUPPORTED_FUNCTION:
        return RPC_S_CANNOT_SUPPORT;
    case SEC_E_NO_IMPERSONATION:
        return RPC_S_NO_CONTEXT_AVAILABLE;
    case SEC_E_OK:
        return RPC_S_OK;
    default:
        return RPC_S_SEC_PKG_ERROR;
    }
}

Referenced by rpcrt4_conn_np_revert_to_self().

RPCRT4_default_secure_packet()

RPC_STATUS RPCRT4_default_secure_packet	(	RpcConnection *	Connection,
		enum secure_packet_direction	dir,
		RpcPktHdr *	hdr,
		unsigned int	hdr_size,
		unsigned char *	stub_data,
		unsigned int	stub_data_size,
		RpcAuthVerifier *	auth_hdr,
		unsigned char *	auth_value,
		unsigned int	auth_value_size
	)

Definition at line 678 of file rpc_message.c.

{
    SecBufferDesc message;
    SecBuffer buffers[4];
    SECURITY_STATUS sec_status;
 
    message.ulVersion = SECBUFFER_VERSION;
    message.cBuffers = ARRAY_SIZE(buffers);
    message.pBuffers = buffers;
 
    buffers[0].cbBuffer = hdr_size;
    buffers[0].BufferType = SECBUFFER_DATA|SECBUFFER_READONLY_WITH_CHECKSUM;
    buffers[0].pvBuffer = hdr;
    buffers[1].cbBuffer = stub_data_size;
    buffers[1].BufferType = SECBUFFER_DATA;
    buffers[1].pvBuffer = stub_data;
    buffers[2].cbBuffer = sizeof(*auth_hdr);
    buffers[2].BufferType = SECBUFFER_DATA|SECBUFFER_READONLY_WITH_CHECKSUM;
    buffers[2].pvBuffer = auth_hdr;
    buffers[3].cbBuffer = auth_value_size;
    buffers[3].BufferType = SECBUFFER_TOKEN;
    buffers[3].pvBuffer = auth_value;
 
    if (dir == SECURE_PACKET_SEND)
    {
        if ((auth_hdr->auth_level == RPC_C_AUTHN_LEVEL_PKT_PRIVACY) && packet_has_body(hdr))
        {
            sec_status = EncryptMessage(&Connection->ctx, 0, &message, 0 /* FIXME */);
            if (sec_status != SEC_E_OK)
            {
                ERR("EncryptMessage failed with 0x%08lx\n", sec_status);
                return RPC_S_SEC_PKG_ERROR;
            }
        }
        else if (auth_hdr->auth_level != RPC_C_AUTHN_LEVEL_NONE)
        {
            sec_status = MakeSignature(&Connection->ctx, 0, &message, 0 /* FIXME */);
            if (sec_status != SEC_E_OK)
            {
                ERR("MakeSignature failed with 0x%08lx\n", sec_status);
                return RPC_S_SEC_PKG_ERROR;
            }
        }
    }
    else if (dir == SECURE_PACKET_RECEIVE)
    {
        if ((auth_hdr->auth_level == RPC_C_AUTHN_LEVEL_PKT_PRIVACY) && packet_has_body(hdr))
        {
            sec_status = DecryptMessage(&Connection->ctx, &message, 0 /* FIXME */, 0);
            if (sec_status != SEC_E_OK)
            {
                ERR("DecryptMessage failed with 0x%08lx\n", sec_status);
                return RPC_S_SEC_PKG_ERROR;
            }
        }
        else if (auth_hdr->auth_level != RPC_C_AUTHN_LEVEL_NONE)
        {
            sec_status = VerifySignature(&Connection->ctx, &message, 0 /* FIXME */, NULL);
            if (sec_status != SEC_E_OK)
            {
                ERR("VerifySignature failed with 0x%08lx\n", sec_status);
                return RPC_S_SEC_PKG_ERROR;
            }
        }
    }
 
    return RPC_S_OK;
}

RPCRT4_GetHeaderSize()

DWORD RPCRT4_GetHeaderSize

(

const RpcPktHdr *

Header

)

Definition at line 58 of file rpc_message.c.

{
  static const DWORD header_sizes[] = {
    sizeof(Header->request), 0, sizeof(Header->response),
    sizeof(Header->fault), 0, 0, 0, 0, 0, 0, 0, sizeof(Header->bind),
    sizeof(Header->bind_ack), sizeof(Header->bind_nack),
    0, 0, sizeof(Header->auth3), 0, 0, 0, sizeof(Header->http)
  };
  ULONG ret = 0;
 
  if (Header->common.ptype < ARRAY_SIZE(header_sizes)) {
    ret = header_sizes[Header->common.ptype];
    if (ret == 0)
      FIXME("unhandled packet type %u\n", Header->common.ptype);
    if (Header->common.flags & RPC_FLG_OBJECT_UUID)
      ret += sizeof(UUID);
  } else {
    WARN("invalid packet type %u\n", Header->common.ptype);
  }
 
  return ret;
}

Referenced by RPCRT4_default_receive_fragment(), rpcrt4_ncacn_http_receive_fragment(), RPCRT4_ReceiveWithAuth(), and RPCRT4_ValidateCommonHeader().

RPCRT4_IsValidHttpPacket()

BOOL RPCRT4_IsValidHttpPacket	(	RpcPktHdr *	hdr,
		unsigned char *	data,
		unsigned short	data_len
	)

Definition at line 479 of file rpc_message.c.

{
  unsigned short i;
  BYTE *p = data;
 
  for (i = 0; i < hdr->http.num_data_items; i++)
  {
    ULONG type;
 
    if (data_len < sizeof(ULONG))
      return FALSE;
 
    type = *(ULONG *)p;
    p += sizeof(ULONG);
    data_len -= sizeof(ULONG);
 
    switch (type)
    {
      case 0x3:
      case 0xc:
        if (data_len < sizeof(GUID))
          return FALSE;
        p += sizeof(GUID);
        data_len -= sizeof(GUID);
        break;
      case 0x0:
      case 0x2:
      case 0x4:
      case 0x5:
      case 0x6:
      case 0xd:
        if (data_len < sizeof(ULONG))
          return FALSE;
        p += sizeof(ULONG);
        data_len -= sizeof(ULONG);
        break;
      case 0x1:
        if (data_len < 24)
          return FALSE;
        p += 24;
        data_len -= 24;
        break;
      default:
        FIXME("unimplemented type 0x%lx\n", type);
        break;
    }
  }
  return TRUE;
}

Referenced by rpcrt4_http_read_http_packet(), and rpcrt4_ncacn_http_receive_fragment().

RPCRT4_ParseHttpFlowControlHeader()

RPC_STATUS RPCRT4_ParseHttpFlowControlHeader	(	RpcPktHdr *	header,
		unsigned char *	data,
		BOOL	server,
		ULONG *	bytes_transmitted,
		ULONG *	flow_control_increment,
		UUID *	pipe_uuid
	)

Definition at line 633 of file rpc_message.c.

{
  ULONG type;
  if (header->http.flags != 0x2)
  {
    ERR("invalid flags 0x%x\n", header->http.flags);
    return RPC_S_PROTOCOL_ERROR;
  }
  if (header->http.num_data_items != 2)
  {
    ERR("invalid number of data items %d\n", header->http.num_data_items);
    return RPC_S_PROTOCOL_ERROR;
  }
 
  type = READ_HTTP_PAYLOAD_FIELD_TYPE(data);
  if (type != 0x0000000d)
  {
    ERR("invalid type for field 1: 0x%08lx\n", type);
    return RPC_S_PROTOCOL_ERROR;
  }
  if (*(ULONG *)GET_HTTP_PAYLOAD_FIELD_DATA(data) != (server ? 0x3 : 0x0))
  {
    ERR("invalid type for 0xd field data: 0x%08lx\n", *(ULONG *)GET_HTTP_PAYLOAD_FIELD_DATA(data));
    return RPC_S_PROTOCOL_ERROR;
  }
  data = RPCRT4_NextHttpHeaderField(data);
 
  type = READ_HTTP_PAYLOAD_FIELD_TYPE(data);
  if (type != 0x00000001)
  {
    ERR("invalid type for field 2: 0x%08lx\n", type);
    return RPC_S_PROTOCOL_ERROR;
  }
  *bytes_transmitted = *(ULONG *)GET_HTTP_PAYLOAD_FIELD_DATA(data);
  *flow_control_increment = *(ULONG *)(GET_HTTP_PAYLOAD_FIELD_DATA(data) + 4);
  *pipe_uuid = *(UUID *)(GET_HTTP_PAYLOAD_FIELD_DATA(data) + 8);
 
  return RPC_S_OK;
}

Referenced by rpcrt4_ncacn_http_receive_fragment().

RPCRT4_ParseHttpPrepareHeader1()

RPC_STATUS RPCRT4_ParseHttpPrepareHeader1	(	RpcPktHdr *	header,
		unsigned char *	data,
		ULONG *	field1
	)

Definition at line 562 of file rpc_message.c.

{
  ULONG type;
  if (header->http.flags != 0x0)
  {
    ERR("invalid flags 0x%x\n", header->http.flags);
    return RPC_S_PROTOCOL_ERROR;
  }
  if (header->http.num_data_items != 1)
  {
    ERR("invalid number of data items %d\n", header->http.num_data_items);
    return RPC_S_PROTOCOL_ERROR;
  }
  type = READ_HTTP_PAYLOAD_FIELD_TYPE(data);
  if (type != 0x00000002)
  {
    ERR("invalid type 0x%08lx\n", type);
    return RPC_S_PROTOCOL_ERROR;
  }
  *field1 = *(ULONG *)GET_HTTP_PAYLOAD_FIELD_DATA(data);
  return RPC_S_OK;
}

Referenced by rpcrt4_http_prepare_out_pipe().

RPCRT4_ParseHttpPrepareHeader2()

RPC_STATUS RPCRT4_ParseHttpPrepareHeader2	(	RpcPktHdr *	header,
		unsigned char *	data,
		ULONG *	field1,
		ULONG *	bytes_until_next_packet,
		ULONG *	field3
	)

Definition at line 587 of file rpc_message.c.

{
  ULONG type;
  if (header->http.flags != 0x0)
  {
    ERR("invalid flags 0x%x\n", header->http.flags);
    return RPC_S_PROTOCOL_ERROR;
  }
  if (header->http.num_data_items != 3)
  {
    ERR("invalid number of data items %d\n", header->http.num_data_items);
    return RPC_S_PROTOCOL_ERROR;
  }
 
  type = READ_HTTP_PAYLOAD_FIELD_TYPE(data);
  if (type != 0x00000006)
  {
    ERR("invalid type for field 1: 0x%08lx\n", type);
    return RPC_S_PROTOCOL_ERROR;
  }
  *field1 = *(ULONG *)GET_HTTP_PAYLOAD_FIELD_DATA(data);
  data = RPCRT4_NextHttpHeaderField(data);
 
  type = READ_HTTP_PAYLOAD_FIELD_TYPE(data);
  if (type != 0x00000000)
  {
    ERR("invalid type for field 2: 0x%08lx\n", type);
    return RPC_S_PROTOCOL_ERROR;
  }
  *bytes_until_next_packet = *(ULONG *)GET_HTTP_PAYLOAD_FIELD_DATA(data);
  data = RPCRT4_NextHttpHeaderField(data);
 
  type = READ_HTTP_PAYLOAD_FIELD_TYPE(data);
  if (type != 0x00000002)
  {
    ERR("invalid type for field 3: 0x%08lx\n", type);
    return RPC_S_PROTOCOL_ERROR;
  }
  *field3 = *(ULONG *)GET_HTTP_PAYLOAD_FIELD_DATA(data);
 
  return RPC_S_OK;
}

Referenced by rpcrt4_http_prepare_out_pipe().

RPCRT4_ReceiveWithAuth()

RPC_STATUS RPCRT4_ReceiveWithAuth	(	RpcConnection *	Connection,
		RpcPktHdr **	Header,
		PRPC_MESSAGE	pMsg,
		unsigned char **	auth_data_out,
		ULONG *	auth_length_out
	)

Definition at line 1372 of file rpc_message.c.

{
  RPC_STATUS status;
  DWORD hdr_length;
  unsigned short first_flag;
  ULONG data_length;
  ULONG buffer_length;
  ULONG auth_length = 0;
  unsigned char *auth_data = NULL;
  RpcPktHdr *CurrentHeader = NULL;
  void *payload = NULL;
 
  *Header = NULL;
  pMsg->Buffer = NULL;
  if (auth_data_out) *auth_data_out = NULL;
  if (auth_length_out) *auth_length_out = 0;
 
  TRACE("(%p, %p, %p, %p)\n", Connection, Header, pMsg, auth_data_out);
 
  RPCRT4_SetThreadCurrentConnection(Connection);
 
  status = RPCRT4_receive_fragment(Connection, Header, &payload);
  if (status != RPC_S_OK) goto fail;
 
  hdr_length = RPCRT4_GetHeaderSize(*Header);
 
  /* read packet body */
  switch ((*Header)->common.ptype) {
  case PKT_RESPONSE:
    pMsg->BufferLength = (*Header)->response.alloc_hint;
    break;
  case PKT_REQUEST:
    pMsg->BufferLength = (*Header)->request.alloc_hint;
    break;
  default:
    pMsg->BufferLength = (*Header)->common.frag_len - hdr_length - RPC_AUTH_VERIFIER_LEN(&(*Header)->common);
  }
 
  TRACE("buffer length = %u\n", pMsg->BufferLength);
 
  pMsg->Buffer = I_RpcAllocate(pMsg->BufferLength);
  if (!pMsg->Buffer)
  {
    status = ERROR_OUTOFMEMORY;
    goto fail;
  }
 
  first_flag = RPC_FLG_FIRST;
  auth_length = (*Header)->common.auth_len;
  if (auth_length) {
    auth_data = malloc(RPC_AUTH_VERIFIER_LEN(&(*Header)->common));
    if (!auth_data) {
      status = RPC_S_OUT_OF_RESOURCES;
      goto fail;
    }
  }
  CurrentHeader = *Header;
  buffer_length = 0;
  while (TRUE)
  {
    unsigned int header_auth_len = RPC_AUTH_VERIFIER_LEN(&CurrentHeader->common);
 
    /* verify header fields */
 
    if ((CurrentHeader->common.frag_len < hdr_length) ||
        (CurrentHeader->common.frag_len - hdr_length < header_auth_len)) {
      WARN("frag_len %d too small for hdr_length %ld and auth_len %d\n",
        CurrentHeader->common.frag_len, hdr_length, CurrentHeader->common.auth_len);
      status = RPC_S_PROTOCOL_ERROR;
      goto fail;
    }
 
    if (CurrentHeader->common.auth_len != auth_length) {
      WARN("auth_len header field changed from %ld to %d\n",
        auth_length, CurrentHeader->common.auth_len);
      status = RPC_S_PROTOCOL_ERROR;
      goto fail;
    }
 
    if ((CurrentHeader->common.flags & RPC_FLG_FIRST) != first_flag) {
      TRACE("invalid packet flags\n");
      status = RPC_S_PROTOCOL_ERROR;
      goto fail;
    }
 
    data_length = CurrentHeader->common.frag_len - hdr_length - header_auth_len;
    if (data_length + buffer_length > pMsg->BufferLength) {
      TRACE("allocation hint exceeded, new buffer length = %ld\n",
        data_length + buffer_length);
      pMsg->BufferLength = data_length + buffer_length;
      status = I_RpcReAllocateBuffer(pMsg);
      if (status != RPC_S_OK) goto fail;
    }
 
    memcpy((unsigned char *)pMsg->Buffer + buffer_length, payload, data_length);
 
    if (header_auth_len) {
      if (header_auth_len < sizeof(RpcAuthVerifier) ||
          header_auth_len > RPC_AUTH_VERIFIER_LEN(&(*Header)->common)) {
        WARN("bad auth verifier length %d\n", header_auth_len);
        status = RPC_S_PROTOCOL_ERROR;
        goto fail;
      }
 
      /* FIXME: we should accumulate authentication data for the bind,
       * bind_ack, alter_context and alter_context_response if necessary.
       * however, the details of how this is done is very sketchy in the
       * DCE/RPC spec. for all other packet types that have authentication
       * verifier data then it is just duplicated in all the fragments */
      memcpy(auth_data, (unsigned char *)payload + data_length, header_auth_len);
 
      /* these packets are handled specially, not by the generic SecurePacket
       * function */
      if (!packet_does_auth_negotiation(*Header) && rpcrt4_conn_is_authorized(Connection))
      {
        status = rpcrt4_conn_secure_packet(Connection, SECURE_PACKET_RECEIVE,
            CurrentHeader, hdr_length,
            (unsigned char *)pMsg->Buffer + buffer_length, data_length,
            (RpcAuthVerifier *)auth_data,
            auth_data + sizeof(RpcAuthVerifier),
            header_auth_len - sizeof(RpcAuthVerifier));
        if (status != RPC_S_OK) goto fail;
      }
    }
 
    buffer_length += data_length;
    if (!(CurrentHeader->common.flags & RPC_FLG_LAST)) {
      TRACE("next header\n");
 
      if (*Header != CurrentHeader)
      {
          free(CurrentHeader);
          CurrentHeader = NULL;
      }
      free(payload);
      payload = NULL;
 
      status = RPCRT4_receive_fragment(Connection, &CurrentHeader, &payload);
      if (status != RPC_S_OK) goto fail;
 
      first_flag = 0;
    } else {
      break;
    }
  }
  pMsg->BufferLength = buffer_length;
 
  /* success */
  status = RPC_S_OK;
 
fail:
  RPCRT4_SetThreadCurrentConnection(NULL);
  if (CurrentHeader != *Header)
    free(CurrentHeader);
  if (status != RPC_S_OK) {
    I_RpcFree(pMsg->Buffer);
    pMsg->Buffer = NULL;
    free(*Header);
    *Header = NULL;
  }
  if (auth_data_out && status == RPC_S_OK) {
    *auth_length_out = auth_length;
    *auth_data_out = auth_data;
  }
  else
    free(auth_data);
  free(payload);
  return status;
}

Referenced by RpcAssoc_BindConnection(), RPCRT4_io_thread(), and RPCRT4_Receive().

RPCRT4_Send()

RPC_STATUS RPCRT4_Send	(	RpcConnection *	Connection,
		RpcPktHdr *	Header,
		void *	Buffer,
		unsigned int	BufferLength
	)

Definition at line 1219 of file rpc_message.c.

{
  RPC_STATUS r;
 
  if (packet_does_auth_negotiation(Header) &&
      Connection->AuthInfo &&
      !rpcrt4_conn_is_authorized(Connection))
  {
      unsigned int out_size = 0;
      unsigned char *out_buffer;
 
      r = rpcrt4_conn_authorize(Connection, TRUE, NULL, 0, NULL, &out_size);
      if (r != RPC_S_OK) return r;
 
      out_buffer = malloc(out_size);
      if (!out_buffer) return RPC_S_OUT_OF_RESOURCES;
 
      /* tack on a negotiate packet */
      r = rpcrt4_conn_authorize(Connection, TRUE, NULL, 0, out_buffer, &out_size);
      if (r == RPC_S_OK)
          r = RPCRT4_SendWithAuth(Connection, Header, Buffer, BufferLength, out_buffer, out_size);
 
      free(out_buffer);
  }
  else
    r = RPCRT4_SendWithAuth(Connection, Header, Buffer, BufferLength, NULL, 0);
 
  return r;
}

Referenced by I_RpcSend(), process_request_packet(), and RpcAssoc_BindConnection().

RPCRT4_SendWithAuth()

RPC_STATUS RPCRT4_SendWithAuth	(	RpcConnection *	Connection,
		RpcPktHdr *	Header,
		void *	Buffer,
		unsigned int	BufferLength,
		const void *	Auth,
		unsigned int	AuthLength
	)

Definition at line 757 of file rpc_message.c.

{
  PUCHAR buffer_pos;
  DWORD hdr_size;
  LONG count;
  unsigned char *pkt;
  LONG alen;
  RPC_STATUS status;
 
  RPCRT4_SetThreadCurrentConnection(Connection);
 
  buffer_pos = Buffer;
  /* The packet building functions save the packet header size, so we can use it. */
  hdr_size = Header->common.frag_len;
  if (AuthLength)
    Header->common.auth_len = AuthLength;
  else if (Connection->AuthInfo && packet_has_auth_verifier(Header))
  {
    if ((Connection->AuthInfo->AuthnLevel == RPC_C_AUTHN_LEVEL_PKT_PRIVACY) && packet_has_body(Header))
      Header->common.auth_len = Connection->encryption_auth_len;
    else
      Header->common.auth_len = Connection->signature_auth_len;
  }
  else
    Header->common.auth_len = 0;
  Header->common.flags |= RPC_FLG_FIRST;
  Header->common.flags &= ~RPC_FLG_LAST;
 
  alen = RPC_AUTH_VERIFIER_LEN(&Header->common);
 
  while (!(Header->common.flags & RPC_FLG_LAST)) {
    unsigned char auth_pad_len = Header->common.auth_len ? ROUND_UP_AMOUNT(BufferLength, AUTH_ALIGNMENT) : 0;
    unsigned int pkt_size = BufferLength + hdr_size + alen + auth_pad_len;
 
    /* decide if we need to split the packet into fragments */
   if (pkt_size <= Connection->MaxTransmissionSize) {
     Header->common.flags |= RPC_FLG_LAST;
     Header->common.frag_len = pkt_size;
    } else {
      auth_pad_len = 0;
      /* make sure packet payload will be a multiple of 16 */
      Header->common.frag_len =
        ((Connection->MaxTransmissionSize - hdr_size - alen) & ~(AUTH_ALIGNMENT-1)) +
        hdr_size + alen;
    }
 
    pkt = calloc(1, Header->common.frag_len);
 
    memcpy(pkt, Header, hdr_size);
 
    /* fragment consisted of header only and is the last one */
    if (hdr_size == Header->common.frag_len)
      goto write;
 
    memcpy(pkt + hdr_size, buffer_pos, Header->common.frag_len - hdr_size - auth_pad_len - alen);
 
    /* add the authorization info */
    if (Header->common.auth_len)
    {
      RpcAuthVerifier *auth_hdr = (RpcAuthVerifier *)&pkt[Header->common.frag_len - alen];
 
      auth_hdr->auth_type = Connection->AuthInfo->AuthnSvc;
      auth_hdr->auth_level = Connection->AuthInfo->AuthnLevel;
      auth_hdr->auth_pad_length = auth_pad_len;
      auth_hdr->auth_reserved = 0;
      /* a unique number... */
      auth_hdr->auth_context_id = Connection->auth_context_id;
 
      if (AuthLength)
        memcpy(auth_hdr + 1, Auth, AuthLength);
      else
      {
        status = rpcrt4_conn_secure_packet(Connection, SECURE_PACKET_SEND,
            (RpcPktHdr *)pkt, hdr_size,
            pkt + hdr_size, Header->common.frag_len - hdr_size - alen,
            auth_hdr,
            (unsigned char *)(auth_hdr + 1), Header->common.auth_len);
        if (status != RPC_S_OK)
        {
          free(pkt);
          RPCRT4_SetThreadCurrentConnection(NULL);
          return status;
        }
      }
    }
 
write:
    count = rpcrt4_conn_write(Connection, pkt, Header->common.frag_len);
    free(pkt);
    if (count<0) {
      WARN("rpcrt4_conn_write failed (auth)\n");
      RPCRT4_SetThreadCurrentConnection(NULL);
      return RPC_S_CALL_FAILED;
    }
 
    buffer_pos += Header->common.frag_len - hdr_size - alen - auth_pad_len;
    BufferLength -= Header->common.frag_len - hdr_size - alen - auth_pad_len;
    Header->common.flags &= ~RPC_FLG_FIRST;
  }
 
  RPCRT4_SetThreadCurrentConnection(NULL);
  return RPC_S_OK;
}

Referenced by process_bind_packet(), RPCRT4_ClientConnectionAuth(), and RPCRT4_Send().

RPCRT4_ServerConnectionAuth()

RPC_STATUS RPCRT4_ServerConnectionAuth	(	RpcConnection *	conn,
		BOOL	start,
		RpcAuthVerifier *	auth_data_in,
		ULONG	auth_length_in,
		unsigned char **	auth_data_out,
		ULONG *	auth_length_out
	)

Definition at line 1021 of file rpc_message.c.

{
    unsigned char *out_buffer;
    unsigned int out_size;
    RPC_STATUS status;
 
    if (start)
    {
        /* remove any existing authentication information */
        if (conn->AuthInfo)
        {
            RpcAuthInfo_Release(conn->AuthInfo);
            conn->AuthInfo = NULL;
        }
        if (SecIsValidHandle(&conn->ctx))
        {
            DeleteSecurityContext(&conn->ctx);
            SecInvalidateHandle(&conn->ctx);
        }
        if (auth_length_in >= sizeof(RpcAuthVerifier))
        {
            CredHandle cred;
            TimeStamp exp;
            ULONG max_token;
 
            status = RPCRT4_ServerGetRegisteredAuthInfo(
                auth_data_in->auth_type, &cred, &exp, &max_token);
            if (status != RPC_S_OK)
            {
                ERR("unknown authentication service %u\n", auth_data_in->auth_type);
                return status;
            }
 
            status = RpcAuthInfo_Create(auth_data_in->auth_level,
                                        auth_data_in->auth_type, cred, exp,
                                        max_token, NULL, &conn->AuthInfo);
            if (status != RPC_S_OK)
            {
                FreeCredentialsHandle(&cred);
                return status;
            }
 
            /* FIXME: should auth_data_in->auth_context_id be checked in the !start case? */
            conn->auth_context_id = auth_data_in->auth_context_id;
        }
    }
 
    if (auth_length_in < sizeof(RpcAuthVerifier))
        return RPC_S_OK;
 
    if (!conn->AuthInfo)
        /* should have filled in authentication info by now */
        return RPC_S_PROTOCOL_ERROR;
 
    status = rpcrt4_conn_authorize(
        conn, start, (unsigned char *)(auth_data_in + 1),
        auth_length_in - sizeof(RpcAuthVerifier), NULL, &out_size);
    if (status) return status;
 
    out_buffer = malloc(out_size);
    if (!out_buffer) return RPC_S_OUT_OF_RESOURCES;
 
    status = rpcrt4_conn_authorize(
        conn, start, (unsigned char *)(auth_data_in + 1),
        auth_length_in - sizeof(RpcAuthVerifier), out_buffer, &out_size);
    if (status != RPC_S_OK)
    {
        free(out_buffer);
        return status;
    }
 
    if (out_size && !auth_length_out)
    {
        ERR("expected authentication to be complete but SSP returned data of "
            "%u bytes to be sent back to client\n", out_size);
        free(out_buffer);
        return RPC_S_SEC_PKG_ERROR;
    }
    else
    {
        *auth_data_out = out_buffer;
        *auth_length_out = out_size;
    }
 
    return status;
}

Referenced by process_auth3_packet(), and process_bind_packet_no_send().

RPCRT4_ServerGetRegisteredAuthInfo()

RPC_STATUS RPCRT4_ServerGetRegisteredAuthInfo	(	USHORT	auth_type,
		CredHandle *	cred,
		TimeStamp *	exp,
		ULONG *	max_token
	)

Definition at line 1365 of file rpc_server.c.

{
    RPC_STATUS status = RPC_S_UNKNOWN_AUTHN_SERVICE;
    struct rpc_server_registered_auth_info *auth_info;
    SECURITY_STATUS sec_status;
 
    EnterCriticalSection(&server_auth_info_cs);
    LIST_FOR_EACH_ENTRY(auth_info, &server_registered_auth_info, struct rpc_server_registered_auth_info, entry)
    {
        if (auth_info->auth_type == auth_type)
        {
            sec_status = AcquireCredentialsHandleW((SEC_WCHAR *)auth_info->principal, auth_info->package_name,
                                                   SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL,
                                                   cred, exp);
            if (sec_status != SEC_E_OK)
            {
                status = RPC_S_SEC_PKG_ERROR;
                break;
            }
 
            *max_token = auth_info->max_token;
            status = RPC_S_OK;
            break;
        }
    }
    LeaveCriticalSection(&server_auth_info_cs);
 
    return status;
}

Referenced by RPCRT4_ServerConnectionAuth().

RPCRT4_ValidateCommonHeader()

RPC_STATUS RPCRT4_ValidateCommonHeader

(

const RpcPktCommonHdr *

hdr

)

Definition at line 1251 of file rpc_message.c.

{
  DWORD hdr_length;
 
  /* verify if the header really makes sense */
  if (hdr->rpc_ver != RPC_VER_MAJOR ||
      hdr->rpc_ver_minor != RPC_VER_MINOR)
  {
    WARN("unhandled packet version\n");
    return RPC_S_PROTOCOL_ERROR;
  }
 
  hdr_length = RPCRT4_GetHeaderSize((const RpcPktHdr*)hdr);
  if (hdr_length == 0)
  {
    WARN("header length == 0\n");
    return RPC_S_PROTOCOL_ERROR;
  }
 
  if (hdr->frag_len < hdr_length)
  {
    WARN("bad frag length %d\n", hdr->frag_len);
    return RPC_S_PROTOCOL_ERROR;
  }
 
  return RPC_S_OK;
}

Referenced by RPCRT4_default_receive_fragment(), and rpcrt4_ncacn_http_receive_fragment().