[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha5-247-g54b873e
Stefan Metzmacher
metze at samba.org
Mon Aug 11 16:24:30 GMT 2008
The branch, v4-0-test has been updated
via 54b873e49ff363609632fa2862208bf6b4c1b6ed (commit)
via 20fc0d7bfdaa60d6a8ac939dc64733a91652587e (commit)
via 50eb0e726405580dc5ca3a8a3b15f3bd674f722a (commit)
via ce36448d74b0c6cdf8928e10c088bf0248a95cf7 (commit)
from fcabe24f96c9677146ca754a502f336c23050339 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 54b873e49ff363609632fa2862208bf6b4c1b6ed
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Aug 11 18:14:51 2008 +0200
dcerpc.idl: remove used DCERPC_MAX_SIGN_SIZE
metze
commit 20fc0d7bfdaa60d6a8ac939dc64733a91652587e
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Aug 11 18:12:54 2008 +0200
rpc_server: correct the chunk_size depending on the signature size
metze
commit 50eb0e726405580dc5ca3a8a3b15f3bd674f722a
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Aug 11 18:00:11 2008 +0200
librpc/rpc: correct the chunk_size depending on the signature size
metze
commit ce36448d74b0c6cdf8928e10c088bf0248a95cf7
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Aug 11 17:59:38 2008 +0200
dcerpc.idl: add DCERPC_AUTH_TRAILER_LENGTH
metze
-----------------------------------------------------------------------
Summary of changes:
source/librpc/idl/dcerpc.idl | 3 ++-
source/librpc/rpc/dcerpc.c | 17 +++++++++++++----
source/rpc_server/dcerpc_server.c | 13 +++++++++++--
source/rpc_server/dcesrv_auth.c | 7 +++----
4 files changed, 29 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/librpc/idl/dcerpc.idl b/source/librpc/idl/dcerpc.idl
index e54bc2c..1c6574b 100644
--- a/source/librpc/idl/dcerpc.idl
+++ b/source/librpc/idl/dcerpc.idl
@@ -30,7 +30,6 @@ interface dcerpc
} dcerpc_bind;
const uint8 DCERPC_REQUEST_LENGTH = 24;
- const uint8 DCERPC_MAX_SIGN_SIZE = 64;
typedef struct {
} dcerpc_empty;
@@ -154,6 +153,8 @@ interface dcerpc
[flag(NDR_REMAINING)] DATA_BLOB credentials;
} dcerpc_auth;
+ const uint8 DCERPC_AUTH_TRAILER_LENGTH = 8;
+
typedef [public] struct {
uint32 _pad;
[flag(NDR_REMAINING)] DATA_BLOB auth_info;
diff --git a/source/librpc/rpc/dcerpc.c b/source/librpc/rpc/dcerpc.c
index a6c7e00..28b5cd6 100644
--- a/source/librpc/rpc/dcerpc.c
+++ b/source/librpc/rpc/dcerpc.c
@@ -334,6 +334,7 @@ static NTSTATUS ncacn_pull_request_auth(struct dcerpc_connection *c, TALLOC_CTX
*/
static NTSTATUS ncacn_push_request_sign(struct dcerpc_connection *c,
DATA_BLOB *blob, TALLOC_CTX *mem_ctx,
+ size_t sig_size,
struct ncacn_packet *pkt)
{
NTSTATUS status;
@@ -384,8 +385,7 @@ static NTSTATUS ncacn_push_request_sign(struct dcerpc_connection *c,
* GENSEC mech does AEAD signing of the packet
* headers */
c->security_state.auth_info->credentials
- = data_blob_talloc(mem_ctx, NULL, gensec_sig_size(c->security_state.generic_state,
- payload_length));
+ = data_blob_talloc(mem_ctx, NULL, sig_size);
data_blob_clear(&c->security_state.auth_info->credentials);
break;
@@ -1042,6 +1042,7 @@ static void dcerpc_ship_next_request(struct dcerpc_connection *c)
DATA_BLOB blob;
uint32_t remaining, chunk_size;
bool first_packet = true;
+ size_t sig_size = 0;
req = c->request_queue;
if (req == NULL) {
@@ -1065,7 +1066,15 @@ static void dcerpc_ship_next_request(struct dcerpc_connection *c)
/* we can write a full max_recv_frag size, minus the dcerpc
request header size */
- chunk_size = p->conn->srv_max_recv_frag - (DCERPC_MAX_SIGN_SIZE+DCERPC_REQUEST_LENGTH);
+ chunk_size = p->conn->srv_max_recv_frag;
+ chunk_size -= DCERPC_REQUEST_LENGTH;
+ if (c->security_state.generic_state) {
+ chunk_size -= DCERPC_AUTH_TRAILER_LENGTH;
+ sig_size = gensec_sig_size(c->security_state.generic_state,
+ p->conn->srv_max_recv_frag);
+ chunk_size -= sig_size;
+ chunk_size -= (chunk_size % 16);
+ }
pkt.ptype = DCERPC_PKT_REQUEST;
pkt.call_id = req->call_id;
@@ -1101,7 +1110,7 @@ static void dcerpc_ship_next_request(struct dcerpc_connection *c)
(stub_data->length - remaining);
pkt.u.request.stub_and_verifier.length = chunk;
- req->status = ncacn_push_request_sign(p->conn, &blob, req, &pkt);
+ req->status = ncacn_push_request_sign(p->conn, &blob, req, sig_size, &pkt);
if (!NT_STATUS_IS_OK(req->status)) {
req->state = RPC_REQUEST_DONE;
DLIST_REMOVE(p->conn->pending, req);
diff --git a/source/rpc_server/dcerpc_server.c b/source/rpc_server/dcerpc_server.c
index a336ddb..fa7b8d2 100644
--- a/source/rpc_server/dcerpc_server.c
+++ b/source/rpc_server/dcerpc_server.c
@@ -917,6 +917,7 @@ _PUBLIC_ NTSTATUS dcesrv_reply(struct dcesrv_call_state *call)
DATA_BLOB stub;
uint32_t total_length, chunk_size;
struct dcesrv_connection_context *context = call->context;
+ size_t sig_size = 0;
/* call the reply function */
status = context->iface->reply(call, call, call->r);
@@ -948,7 +949,15 @@ _PUBLIC_ NTSTATUS dcesrv_reply(struct dcesrv_call_state *call)
/* we can write a full max_recv_frag size, minus the dcerpc
request header size */
- chunk_size = call->conn->cli_max_recv_frag - (DCERPC_MAX_SIGN_SIZE+DCERPC_REQUEST_LENGTH);
+ chunk_size = call->conn->cli_max_recv_frag;
+ chunk_size -= DCERPC_REQUEST_LENGTH;
+ if (call->conn->auth_state.gensec_security) {
+ chunk_size -= DCERPC_AUTH_TRAILER_LENGTH;
+ sig_size = gensec_sig_size(call->conn->auth_state.gensec_security,
+ call->conn->cli_max_recv_frag);
+ chunk_size -= sig_size;
+ chunk_size -= (chunk_size % 16);
+ }
do {
uint32_t length;
@@ -978,7 +987,7 @@ _PUBLIC_ NTSTATUS dcesrv_reply(struct dcesrv_call_state *call)
pkt.u.response.stub_and_verifier.data = stub.data;
pkt.u.response.stub_and_verifier.length = length;
- if (!dcesrv_auth_response(call, &rep->blob, &pkt)) {
+ if (!dcesrv_auth_response(call, &rep->blob, sig_size, &pkt)) {
return dcesrv_fault(call, DCERPC_FAULT_OTHER);
}
diff --git a/source/rpc_server/dcesrv_auth.c b/source/rpc_server/dcesrv_auth.c
index 64f42ee..0aad377 100644
--- a/source/rpc_server/dcesrv_auth.c
+++ b/source/rpc_server/dcesrv_auth.c
@@ -398,7 +398,8 @@ bool dcesrv_auth_request(struct dcesrv_call_state *call, DATA_BLOB *full_packet)
push a signed or sealed dcerpc request packet into a blob
*/
bool dcesrv_auth_response(struct dcesrv_call_state *call,
- DATA_BLOB *blob, struct ncacn_packet *pkt)
+ DATA_BLOB *blob, size_t sig_size,
+ struct ncacn_packet *pkt)
{
struct dcesrv_connection *dce_conn = call->conn;
NTSTATUS status;
@@ -445,9 +446,7 @@ bool dcesrv_auth_response(struct dcesrv_call_state *call,
* GENSEC mech does AEAD signing of the packet
* headers */
dce_conn->auth_state.auth_info->credentials
- = data_blob_talloc(call, NULL,
- gensec_sig_size(dce_conn->auth_state.gensec_security,
- payload_length));
+ = data_blob_talloc(call, NULL, sig_size);
data_blob_clear(&dce_conn->auth_state.auth_info->credentials);
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list