[SCM] Samba Shared Repository - branch master updated

Tue, 20 Jul 2010 05:29:33 -0700 

The branch, master has been updated
       via  b20e5eb... dcerpc: Clarify what the arguments of 
dcerpc_pull_auth_trailer() actually represent.
      from  2a8399f... s3: check for explicit external lib bug in ld's 
as-needed code

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit b20e5eb3aab2d0c3b028e769dd126387699a8f7d
Author: Simo Sorce <i...@samba.org>
Date:   Mon Jul 19 18:57:12 2010 -0400

    dcerpc: Clarify what the arguments of dcerpc_pull_auth_trailer() actually 
represent.

-----------------------------------------------------------------------

Summary of changes:
 librpc/rpc/dcerpc_util.c |   49 +++++++++++++++++++++++++++++++--------------
 source3/include/proto.h  |    4 +-
 2 files changed, 36 insertions(+), 17 deletions(-)


Changeset truncated at 500 lines:

diff --git a/librpc/rpc/dcerpc_util.c b/librpc/rpc/dcerpc_util.c
index c79cfd5..492d8ac 100644
--- a/librpc/rpc/dcerpc_util.c
+++ b/librpc/rpc/dcerpc_util.c
@@ -57,22 +57,39 @@ uint8_t dcerpc_get_endian_flag(DATA_BLOB *blob)
        return blob->data[DCERPC_DREP_OFFSET];
 }
 
-/*
-  pull an dcerpc_auth structure, taking account of any auth padding in
-  the blob at the end of the structure
- */
+
+/**
+* @brief       Pull a dcerpc_auth structure, taking account of any auth
+*              padding in the blob. For request/response packets we pass
+*              the whole data blob, so auth_data_only must be set to false
+*              as the blob contains data+pad+auth and no just pad+auth.
+*
+* @param pkt           - The ncacn_packet strcuture
+* @param mem_ctx       - The mem_ctx used to allocate dcerpc_auth elements
+* @param pkt_trailer   - The packet trailer data, usually the trailing
+*                        auth_info blob, but in the request/response case
+*                        this is the stub_and_verifier blob.
+* @param auth          - A preallocated dcerpc_auth *empty* structure
+* @param auth_length   - The length of the auth trail, sum of auth header
+*                        lenght and pkt->auth_length
+* @param auth_data_only        - Whether the pkt_trailer includes only the 
auth_blob
+*                        (+ padding) or also other data.
+*
+* @return              - A NTSTATUS error code.
+*/
 NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
                                  TALLOC_CTX *mem_ctx,
-                                 DATA_BLOB *pkt_auth_blob,
+                                 DATA_BLOB *pkt_trailer,
                                  struct dcerpc_auth *auth,
                                  uint32_t *auth_length,
-                                 bool check_pad)
+                                 bool auth_data_only)
 {
        struct ndr_pull *ndr;
        enum ndr_err_code ndr_err;
-       uint32_t pad;
+       uint32_t data_and_pad;
 
-       pad = pkt_auth_blob->length - (DCERPC_AUTH_TRAILER_LENGTH + 
pkt->auth_length);
+       data_and_pad = pkt_trailer->length
+                       - (DCERPC_AUTH_TRAILER_LENGTH + pkt->auth_length);
 
        /* paranoia check for pad size. This would be caught anyway by
           the ndr_pull_advance() a few lines down, but it scared
@@ -80,13 +97,13 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
           it now, just to prevent someone posting a bogus YouTube
           video in the future.
        */
-       if (pad > pkt_auth_blob->length) {
+       if (data_and_pad > pkt_trailer->length) {
                return NT_STATUS_INFO_LENGTH_MISMATCH;
        }
 
-       *auth_length = pkt_auth_blob->length - pad;
+       *auth_length = pkt_trailer->length - data_and_pad;
 
-       ndr = ndr_pull_init_blob(pkt_auth_blob, mem_ctx);
+       ndr = ndr_pull_init_blob(pkt_trailer, mem_ctx);
        if (!ndr) {
                return NT_STATUS_NO_MEMORY;
        }
@@ -95,7 +112,7 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
                ndr->flags |= LIBNDR_FLAG_BIGENDIAN;
        }
 
-       ndr_err = ndr_pull_advance(ndr, pad);
+       ndr_err = ndr_pull_advance(ndr, data_and_pad);
        if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
                talloc_free(ndr);
                return ndr_map_error2ntstatus(ndr_err);
@@ -107,9 +124,11 @@ NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
                return ndr_map_error2ntstatus(ndr_err);
        }
 
-       if (check_pad && pad != auth->auth_pad_length) {
-               DEBUG(1,(__location__ ": WARNING: pad length mismatch. 
Calculated %u  got %u\n",
-                        (unsigned)pad, (unsigned)auth->auth_pad_length));
+       if (auth_data_only && data_and_pad != auth->auth_pad_length) {
+               DEBUG(1, (__location__ ": WARNING: pad length mismatch. "
+                         "Calculated %u  got %u\n",
+                         (unsigned)data_and_pad,
+                         (unsigned)auth->auth_pad_length));
        }
 
        DEBUG(6,(__location__ ": auth_pad_length %u\n",
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 0865340..4d877fb 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -2913,10 +2913,10 @@ void dcerpc_set_auth_length(DATA_BLOB *blob, uint16_t 
v);
 uint8_t dcerpc_get_endian_flag(DATA_BLOB *blob);
 NTSTATUS dcerpc_pull_auth_trailer(struct ncacn_packet *pkt,
                                  TALLOC_CTX *mem_ctx,
-                                 DATA_BLOB *pkt_auth_blob,
+                                 DATA_BLOB *pkt_trailer,
                                  struct dcerpc_auth *auth,
                                  uint32_t *auth_length,
-                                 bool check_pad);
+                                 bool auth_data_only);
 
 /* The following definitions come from libsmb/dsgetdcname.c  */
 


-- 
Samba Shared Repository

Reply via email to