[jcifs] Jarapac

eglass1 at comcast.net eglass1 at comcast.net
Wed Nov 12 20:57:22 EST 2003


> 
>     java Example 'ncacn_np:miallen2[\PIPE\lsarpc]' example.properties
> 

The example uses the endpoint mapper only.  Basically, the IDL specifies a
presentation syntax; in ExampleInterface.idl, this is:

    [
    uuid(e1af8308-5d1f-11c9-91a4-08002b14a0fa),
    version(3.0)
    ]

which is the endpoint mapper's syntax.  This uniquely identifies a particular
version of a particular interface (corresponding to a specific set of
operations).

When you compile the IDL into a stub (or in this case, write a stub by hand)
the stub contains the presentation syntax corresponding to the operations it
supports.

>     [miallen at miallen3 examples]$ ./run.sh
>     Exception in thread "main" java.rmi.RemoteException: RPC error.;
> nested exception is:
>             rpc.PresentationException: Context rejected.
> (PROVIDER_REJECTION; ABSTRACT_SYNTAX_NOT_SUPPORTED)
>     rpc.PresentationException: Context rejected. (PROVIDER_REJECTION;
> ABSTRACT_SYNTAX_NOT_SUPPORTED)
>             at rpc.security.ntlm.NtlmConnectionContext.accept(Unknown Source)
>             at rpc.ConnectionOrientedEndpoint.connect(Unknown Source)
>             at rpc.ConnectionOrientedEndpoint.bind(Unknown Source)
>             at rpc.ConnectionOrientedEndpoint.call(Unknown Source)
>             at rpc.Stub.call(Unknown Source)
>             at
> ExampleInterface_Stub.testOperation(ExampleInterface_Stub.java:28)
>             at Example.main(Example.java:48)
> 

You could get a bit farther by changing the syntax string in
ExampleInterface_Stub.java to lsarpc's, which should be:

    12345778-1234-abcd-ef00-0123456789ab:0.0

That would probably complete the binding, but you'd still get an
"operation out of range" error (since the example just calls a completely
bogus operation currently).

Also, I forgot to mention that if NTLM signing/sealing is used, you'll also
need a JCE provider with ARC4 support.  I recommend BouncyCastle:

    http://www.bouncycastle.org

I did a clean-room implementation of ARC4, but it would be subject to export
restrictions as strong encryption, which would make it ineligible for hosting
on SourceForge (as they have mirrors all over the world, each with their own
restrictions on what can be exported).

> and capture Example.pcap. Is it working? How far are you from doing
> something like enumerating shares?
> 

Not too far (but difficult to put a timeframe on); I'm currently working on
the endpoint mapper (as that one is vital for TCP, and is a standard interface
with an OpenGroup published specification).  Once that is done, and I have a
good feel for exactly how parameter mapping should best work, the effort is
all based on availability of IDL and manual labor.  Assuming the IDL can be
obtained from the good folks at Samba, it would literally be a purely
mechanical effort.  And, of course, head-scratching as bugs uncover
themselves -- the NDR marshalling is fairly complex, and I'd be *very*
surprised if I got it correct right out of the gate.


Eric



More information about the jcifs mailing list