4 * Copyright 2001-2002 Ove Kåven, TransGaming Technologies
5 * Copyright 2004 Filip Navara
6 * Copyright 2006 CodeWeavers
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either
11 * version 2.1 of the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
35 #include "wine/debug.h"
37 #include "rpc_binding.h"
39 #include "rpc_message.h"
40 #include "ncastatus.h"
42 WINE_DEFAULT_DEBUG_CHANNEL(rpc
);
44 /* note: the DCE/RPC spec says the alignment amount should be 4, but
45 * MS/RPC servers seem to always use 16 */
46 #define AUTH_ALIGNMENT 16
48 /* gets the amount needed to round a value up to the specified alignment */
49 #define ROUND_UP_AMOUNT(value, alignment) \
50 (((alignment) - (((value) % (alignment)))) % (alignment))
51 #define ROUND_UP(value, alignment) (((value) + ((alignment) - 1)) & ~((alignment)-1))
53 enum secure_packet_direction
59 static RPC_STATUS
I_RpcReAllocateBuffer(PRPC_MESSAGE pMsg
);
61 static DWORD
RPCRT4_GetHeaderSize(const RpcPktHdr
*Header
)
63 static const DWORD header_sizes
[] = {
64 sizeof(Header
->request
), 0, sizeof(Header
->response
),
65 sizeof(Header
->fault
), 0, 0, 0, 0, 0, 0, 0, sizeof(Header
->bind
),
66 sizeof(Header
->bind_ack
), sizeof(Header
->bind_nack
),
71 if (Header
->common
.ptype
< sizeof(header_sizes
) / sizeof(header_sizes
[0])) {
72 ret
= header_sizes
[Header
->common
.ptype
];
74 FIXME("unhandled packet type\n");
75 if (Header
->common
.flags
& RPC_FLG_OBJECT_UUID
)
78 TRACE("invalid packet type\n");
84 static int packet_has_body(const RpcPktHdr
*Header
)
86 return (Header
->common
.ptype
== PKT_FAULT
) ||
87 (Header
->common
.ptype
== PKT_REQUEST
) ||
88 (Header
->common
.ptype
== PKT_RESPONSE
);
91 static int packet_has_auth_verifier(const RpcPktHdr
*Header
)
93 return !(Header
->common
.ptype
== PKT_BIND_NACK
) &&
94 !(Header
->common
.ptype
== PKT_SHUTDOWN
);
97 static VOID
RPCRT4_BuildCommonHeader(RpcPktHdr
*Header
, unsigned char PacketType
,
98 unsigned long DataRepresentation
)
100 Header
->common
.rpc_ver
= RPC_VER_MAJOR
;
101 Header
->common
.rpc_ver_minor
= RPC_VER_MINOR
;
102 Header
->common
.ptype
= PacketType
;
103 Header
->common
.drep
[0] = LOBYTE(LOWORD(DataRepresentation
));
104 Header
->common
.drep
[1] = HIBYTE(LOWORD(DataRepresentation
));
105 Header
->common
.drep
[2] = LOBYTE(HIWORD(DataRepresentation
));
106 Header
->common
.drep
[3] = HIBYTE(HIWORD(DataRepresentation
));
107 Header
->common
.auth_len
= 0;
108 Header
->common
.call_id
= 1;
109 Header
->common
.flags
= 0;
110 /* Flags and fragment length are computed in RPCRT4_Send. */
113 static RpcPktHdr
*RPCRT4_BuildRequestHeader(unsigned long DataRepresentation
,
114 unsigned long BufferLength
,
115 unsigned short ProcNum
,
122 has_object
= (ObjectUuid
!= NULL
&& !UuidIsNil(ObjectUuid
, &status
));
123 header
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
,
124 sizeof(header
->request
) + (has_object
? sizeof(UUID
) : 0));
125 if (header
== NULL
) {
129 RPCRT4_BuildCommonHeader(header
, PKT_REQUEST
, DataRepresentation
);
130 header
->common
.frag_len
= sizeof(header
->request
);
131 header
->request
.alloc_hint
= BufferLength
;
132 header
->request
.context_id
= 0;
133 header
->request
.opnum
= ProcNum
;
135 header
->common
.flags
|= RPC_FLG_OBJECT_UUID
;
136 header
->common
.frag_len
+= sizeof(UUID
);
137 memcpy(&header
->request
+ 1, ObjectUuid
, sizeof(UUID
));
143 RpcPktHdr
*RPCRT4_BuildResponseHeader(unsigned long DataRepresentation
,
144 unsigned long BufferLength
)
148 header
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(header
->response
));
149 if (header
== NULL
) {
153 RPCRT4_BuildCommonHeader(header
, PKT_RESPONSE
, DataRepresentation
);
154 header
->common
.frag_len
= sizeof(header
->response
);
155 header
->response
.alloc_hint
= BufferLength
;
160 RpcPktHdr
*RPCRT4_BuildFaultHeader(unsigned long DataRepresentation
,
165 header
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(header
->fault
));
166 if (header
== NULL
) {
170 RPCRT4_BuildCommonHeader(header
, PKT_FAULT
, DataRepresentation
);
171 header
->common
.frag_len
= sizeof(header
->fault
);
172 header
->fault
.status
= Status
;
177 RpcPktHdr
*RPCRT4_BuildBindHeader(unsigned long DataRepresentation
,
178 unsigned short MaxTransmissionSize
,
179 unsigned short MaxReceiveSize
,
180 unsigned long AssocGroupId
,
181 const RPC_SYNTAX_IDENTIFIER
*AbstractId
,
182 const RPC_SYNTAX_IDENTIFIER
*TransferId
)
186 header
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(header
->bind
));
187 if (header
== NULL
) {
191 RPCRT4_BuildCommonHeader(header
, PKT_BIND
, DataRepresentation
);
192 header
->common
.frag_len
= sizeof(header
->bind
);
193 header
->bind
.max_tsize
= MaxTransmissionSize
;
194 header
->bind
.max_rsize
= MaxReceiveSize
;
195 header
->bind
.assoc_gid
= AssocGroupId
;
196 header
->bind
.num_elements
= 1;
197 header
->bind
.num_syntaxes
= 1;
198 memcpy(&header
->bind
.abstract
, AbstractId
, sizeof(RPC_SYNTAX_IDENTIFIER
));
199 memcpy(&header
->bind
.transfer
, TransferId
, sizeof(RPC_SYNTAX_IDENTIFIER
));
204 static RpcPktHdr
*RPCRT4_BuildAuthHeader(unsigned long DataRepresentation
)
208 header
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
,
209 sizeof(header
->common
) + 12);
213 RPCRT4_BuildCommonHeader(header
, PKT_AUTH3
, DataRepresentation
);
214 header
->common
.frag_len
= 0x14;
215 header
->common
.auth_len
= 0;
220 RpcPktHdr
*RPCRT4_BuildBindNackHeader(unsigned long DataRepresentation
,
221 unsigned char RpcVersion
,
222 unsigned char RpcVersionMinor
)
226 header
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, sizeof(header
->bind_nack
));
227 if (header
== NULL
) {
231 RPCRT4_BuildCommonHeader(header
, PKT_BIND_NACK
, DataRepresentation
);
232 header
->common
.frag_len
= sizeof(header
->bind_nack
);
233 header
->bind_nack
.reject_reason
= REJECT_REASON_NOT_SPECIFIED
;
234 header
->bind_nack
.protocols_count
= 1;
235 header
->bind_nack
.protocols
[0].rpc_ver
= RpcVersion
;
236 header
->bind_nack
.protocols
[0].rpc_ver_minor
= RpcVersionMinor
;
241 RpcPktHdr
*RPCRT4_BuildBindAckHeader(unsigned long DataRepresentation
,
242 unsigned short MaxTransmissionSize
,
243 unsigned short MaxReceiveSize
,
244 LPCSTR ServerAddress
,
245 unsigned long Result
,
246 unsigned long Reason
,
247 const RPC_SYNTAX_IDENTIFIER
*TransferId
)
250 unsigned long header_size
;
251 RpcAddressString
*server_address
;
253 RPC_SYNTAX_IDENTIFIER
*transfer_id
;
255 header_size
= sizeof(header
->bind_ack
) +
256 ROUND_UP(FIELD_OFFSET(RpcAddressString
, string
[strlen(ServerAddress
) + 1]), 4) +
258 sizeof(RPC_SYNTAX_IDENTIFIER
);
260 header
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, header_size
);
261 if (header
== NULL
) {
265 RPCRT4_BuildCommonHeader(header
, PKT_BIND_ACK
, DataRepresentation
);
266 header
->common
.frag_len
= header_size
;
267 header
->bind_ack
.max_tsize
= MaxTransmissionSize
;
268 header
->bind_ack
.max_rsize
= MaxReceiveSize
;
269 server_address
= (RpcAddressString
*)(&header
->bind_ack
+ 1);
270 server_address
->length
= strlen(ServerAddress
) + 1;
271 strcpy(server_address
->string
, ServerAddress
);
272 /* results is 4-byte aligned */
273 results
= (RpcResults
*)((ULONG_PTR
)server_address
+ ROUND_UP(FIELD_OFFSET(RpcAddressString
, string
[server_address
->length
]), 4));
274 results
->num_results
= 1;
275 results
->results
[0].result
= Result
;
276 results
->results
[0].reason
= Reason
;
277 transfer_id
= (RPC_SYNTAX_IDENTIFIER
*)(results
+ 1);
278 memcpy(transfer_id
, TransferId
, sizeof(RPC_SYNTAX_IDENTIFIER
));
283 VOID
RPCRT4_FreeHeader(RpcPktHdr
*Header
)
285 HeapFree(GetProcessHeap(), 0, Header
);
288 NCA_STATUS
RPC2NCA_STATUS(RPC_STATUS status
)
292 case ERROR_INVALID_HANDLE
: return NCA_S_FAULT_CONTEXT_MISMATCH
;
293 case ERROR_OUTOFMEMORY
: return NCA_S_FAULT_REMOTE_NO_MEMORY
;
294 case RPC_S_NOT_LISTENING
: return NCA_S_SERVER_TOO_BUSY
;
295 case RPC_S_UNKNOWN_IF
: return NCA_S_UNK_IF
;
296 case RPC_S_SERVER_TOO_BUSY
: return NCA_S_SERVER_TOO_BUSY
;
297 case RPC_S_CALL_FAILED
: return NCA_S_FAULT_UNSPEC
;
298 case RPC_S_CALL_FAILED_DNE
: return NCA_S_MANAGER_NOT_ENTERED
;
299 case RPC_S_PROTOCOL_ERROR
: return NCA_S_PROTO_ERROR
;
300 case RPC_S_UNSUPPORTED_TYPE
: return NCA_S_UNSUPPORTED_TYPE
;
301 case RPC_S_INVALID_TAG
: return NCA_S_FAULT_INVALID_TAG
;
302 case RPC_S_INVALID_BOUND
: return NCA_S_FAULT_INVALID_BOUND
;
303 case RPC_S_PROCNUM_OUT_OF_RANGE
: return NCA_S_OP_RNG_ERROR
;
304 case RPC_X_SS_HANDLES_MISMATCH
: return NCA_S_FAULT_CONTEXT_MISMATCH
;
305 case RPC_S_CALL_CANCELLED
: return NCA_S_FAULT_CANCEL
;
306 case RPC_S_COMM_FAILURE
: return NCA_S_COMM_FAILURE
;
307 case RPC_X_WRONG_PIPE_ORDER
: return NCA_S_FAULT_PIPE_ORDER
;
308 case RPC_X_PIPE_CLOSED
: return NCA_S_FAULT_PIPE_CLOSED
;
309 case RPC_X_PIPE_DISCIPLINE_ERROR
: return NCA_S_FAULT_PIPE_DISCIPLINE
;
310 case RPC_X_PIPE_EMPTY
: return NCA_S_FAULT_PIPE_EMPTY
;
311 case STATUS_FLOAT_DIVIDE_BY_ZERO
: return NCA_S_FAULT_FP_DIV_ZERO
;
312 case STATUS_FLOAT_INVALID_OPERATION
: return NCA_S_FAULT_FP_ERROR
;
313 case STATUS_FLOAT_OVERFLOW
: return NCA_S_FAULT_FP_OVERFLOW
;
314 case STATUS_FLOAT_UNDERFLOW
: return NCA_S_FAULT_FP_UNDERFLOW
;
315 case STATUS_INTEGER_DIVIDE_BY_ZERO
: return NCA_S_FAULT_INT_DIV_BY_ZERO
;
316 case STATUS_INTEGER_OVERFLOW
: return NCA_S_FAULT_INT_OVERFLOW
;
317 default: return status
;
321 RPC_STATUS
NCA2RPC_STATUS(NCA_STATUS status
)
325 case NCA_S_COMM_FAILURE
: return RPC_S_COMM_FAILURE
;
326 case NCA_S_OP_RNG_ERROR
: return RPC_S_PROCNUM_OUT_OF_RANGE
;
327 case NCA_S_UNK_IF
: return RPC_S_UNKNOWN_IF
;
328 case NCA_S_YOU_CRASHED
: return RPC_S_CALL_FAILED
;
329 case NCA_S_PROTO_ERROR
: return RPC_S_PROTOCOL_ERROR
;
330 case NCA_S_OUT_ARGS_TOO_BIG
: return ERROR_NOT_ENOUGH_SERVER_MEMORY
;
331 case NCA_S_SERVER_TOO_BUSY
: return RPC_S_SERVER_TOO_BUSY
;
332 case NCA_S_UNSUPPORTED_TYPE
: return RPC_S_UNSUPPORTED_TYPE
;
333 case NCA_S_FAULT_INT_DIV_BY_ZERO
: return RPC_S_ZERO_DIVIDE
;
334 case NCA_S_FAULT_ADDR_ERROR
: return RPC_S_ADDRESS_ERROR
;
335 case NCA_S_FAULT_FP_DIV_ZERO
: return RPC_S_FP_DIV_ZERO
;
336 case NCA_S_FAULT_FP_UNDERFLOW
: return RPC_S_FP_UNDERFLOW
;
337 case NCA_S_FAULT_FP_OVERFLOW
: return RPC_S_FP_OVERFLOW
;
338 case NCA_S_FAULT_INVALID_TAG
: return RPC_S_INVALID_TAG
;
339 case NCA_S_FAULT_INVALID_BOUND
: return RPC_S_INVALID_BOUND
;
340 case NCA_S_RPC_VERSION_MISMATCH
: return RPC_S_PROTOCOL_ERROR
;
341 case NCA_S_UNSPEC_REJECT
: return RPC_S_CALL_FAILED_DNE
;
342 case NCA_S_BAD_ACTID
: return RPC_S_CALL_FAILED_DNE
;
343 case NCA_S_WHO_ARE_YOU_FAILED
: return RPC_S_CALL_FAILED
;
344 case NCA_S_MANAGER_NOT_ENTERED
: return RPC_S_CALL_FAILED_DNE
;
345 case NCA_S_FAULT_CANCEL
: return RPC_S_CALL_CANCELLED
;
346 case NCA_S_FAULT_ILL_INST
: return RPC_S_ADDRESS_ERROR
;
347 case NCA_S_FAULT_FP_ERROR
: return RPC_S_FP_OVERFLOW
;
348 case NCA_S_FAULT_INT_OVERFLOW
: return RPC_S_ADDRESS_ERROR
;
349 case NCA_S_FAULT_UNSPEC
: return RPC_S_CALL_FAILED
;
350 case NCA_S_FAULT_PIPE_EMPTY
: return RPC_X_PIPE_EMPTY
;
351 case NCA_S_FAULT_PIPE_CLOSED
: return RPC_X_PIPE_CLOSED
;
352 case NCA_S_FAULT_PIPE_ORDER
: return RPC_X_WRONG_PIPE_ORDER
;
353 case NCA_S_FAULT_PIPE_DISCIPLINE
: return RPC_X_PIPE_DISCIPLINE_ERROR
;
354 case NCA_S_FAULT_PIPE_COMM_ERROR
: return RPC_S_COMM_FAILURE
;
355 case NCA_S_FAULT_PIPE_MEMORY
: return ERROR_OUTOFMEMORY
;
356 case NCA_S_FAULT_CONTEXT_MISMATCH
: return ERROR_INVALID_HANDLE
;
357 case NCA_S_FAULT_REMOTE_NO_MEMORY
: return ERROR_NOT_ENOUGH_SERVER_MEMORY
;
358 default: return status
;
362 static RPC_STATUS
RPCRT4_SecurePacket(RpcConnection
*Connection
,
363 enum secure_packet_direction dir
,
364 RpcPktHdr
*hdr
, unsigned int hdr_size
,
365 unsigned char *stub_data
, unsigned int stub_data_size
,
366 RpcAuthVerifier
*auth_hdr
,
367 unsigned char *auth_value
, unsigned int auth_value_size
)
369 SecBufferDesc message
;
370 SecBuffer buffers
[4];
371 SECURITY_STATUS sec_status
;
373 message
.ulVersion
= SECBUFFER_VERSION
;
374 message
.cBuffers
= sizeof(buffers
)/sizeof(buffers
[0]);
375 message
.pBuffers
= buffers
;
377 buffers
[0].cbBuffer
= hdr_size
;
378 buffers
[0].BufferType
= SECBUFFER_DATA
|SECBUFFER_READONLY_WITH_CHECKSUM
;
379 buffers
[0].pvBuffer
= hdr
;
380 buffers
[1].cbBuffer
= stub_data_size
;
381 buffers
[1].BufferType
= SECBUFFER_DATA
;
382 buffers
[1].pvBuffer
= stub_data
;
383 buffers
[2].cbBuffer
= sizeof(*auth_hdr
);
384 buffers
[2].BufferType
= SECBUFFER_DATA
|SECBUFFER_READONLY_WITH_CHECKSUM
;
385 buffers
[2].pvBuffer
= auth_hdr
;
386 buffers
[3].cbBuffer
= auth_value_size
;
387 buffers
[3].BufferType
= SECBUFFER_TOKEN
;
388 buffers
[3].pvBuffer
= auth_value
;
390 if (dir
== SECURE_PACKET_SEND
)
392 if ((auth_hdr
->auth_level
== RPC_C_AUTHN_LEVEL_PKT_PRIVACY
) && packet_has_body(hdr
))
394 sec_status
= EncryptMessage(&Connection
->ctx
, 0, &message
, 0 /* FIXME */);
395 if (sec_status
!= SEC_E_OK
)
397 ERR("EncryptMessage failed with 0x%08x\n", sec_status
);
398 return RPC_S_SEC_PKG_ERROR
;
401 else if (auth_hdr
->auth_level
!= RPC_C_AUTHN_LEVEL_NONE
)
403 sec_status
= MakeSignature(&Connection
->ctx
, 0, &message
, 0 /* FIXME */);
404 if (sec_status
!= SEC_E_OK
)
406 ERR("MakeSignature failed with 0x%08x\n", sec_status
);
407 return RPC_S_SEC_PKG_ERROR
;
411 else if (dir
== SECURE_PACKET_RECEIVE
)
413 if ((auth_hdr
->auth_level
== RPC_C_AUTHN_LEVEL_PKT_PRIVACY
) && packet_has_body(hdr
))
415 sec_status
= DecryptMessage(&Connection
->ctx
, &message
, 0 /* FIXME */, 0);
416 if (sec_status
!= SEC_E_OK
)
418 ERR("DecryptMessage failed with 0x%08x\n", sec_status
);
419 return RPC_S_SEC_PKG_ERROR
;
422 else if (auth_hdr
->auth_level
!= RPC_C_AUTHN_LEVEL_NONE
)
424 sec_status
= VerifySignature(&Connection
->ctx
, &message
, 0 /* FIXME */, NULL
);
425 if (sec_status
!= SEC_E_OK
)
427 ERR("VerifySignature failed with 0x%08x\n", sec_status
);
428 return RPC_S_SEC_PKG_ERROR
;
436 /***********************************************************************
437 * RPCRT4_SendAuth (internal)
439 * Transmit a packet with authorization data over connection in acceptable fragments.
441 static RPC_STATUS
RPCRT4_SendAuth(RpcConnection
*Connection
, RpcPktHdr
*Header
,
442 void *Buffer
, unsigned int BufferLength
,
443 const void *Auth
, unsigned int AuthLength
)
452 RPCRT4_SetThreadCurrentConnection(Connection
);
455 /* The packet building functions save the packet header size, so we can use it. */
456 hdr_size
= Header
->common
.frag_len
;
458 Header
->common
.auth_len
= AuthLength
;
459 else if (Connection
->AuthInfo
&& packet_has_auth_verifier(Header
))
461 if ((Connection
->AuthInfo
->AuthnLevel
== RPC_C_AUTHN_LEVEL_PKT_PRIVACY
) && packet_has_body(Header
))
462 Header
->common
.auth_len
= Connection
->encryption_auth_len
;
464 Header
->common
.auth_len
= Connection
->signature_auth_len
;
467 Header
->common
.auth_len
= 0;
468 Header
->common
.flags
|= RPC_FLG_FIRST
;
469 Header
->common
.flags
&= ~RPC_FLG_LAST
;
471 alen
= RPC_AUTH_VERIFIER_LEN(&Header
->common
);
473 while (!(Header
->common
.flags
& RPC_FLG_LAST
)) {
474 unsigned char auth_pad_len
= Header
->common
.auth_len
? ROUND_UP_AMOUNT(BufferLength
, AUTH_ALIGNMENT
) : 0;
475 unsigned int pkt_size
= BufferLength
+ hdr_size
+ alen
+ auth_pad_len
;
477 /* decide if we need to split the packet into fragments */
478 if (pkt_size
<= Connection
->MaxTransmissionSize
) {
479 Header
->common
.flags
|= RPC_FLG_LAST
;
480 Header
->common
.frag_len
= pkt_size
;
483 /* make sure packet payload will be a multiple of 16 */
484 Header
->common
.frag_len
=
485 ((Connection
->MaxTransmissionSize
- hdr_size
- alen
) & ~(AUTH_ALIGNMENT
-1)) +
489 pkt
= HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY
, Header
->common
.frag_len
);
491 memcpy(pkt
, Header
, hdr_size
);
493 /* fragment consisted of header only and is the last one */
494 if (hdr_size
== Header
->common
.frag_len
)
497 memcpy(pkt
+ hdr_size
, buffer_pos
, Header
->common
.frag_len
- hdr_size
- auth_pad_len
- alen
);
499 /* add the authorization info */
500 if (Connection
->AuthInfo
&& packet_has_auth_verifier(Header
))
502 RpcAuthVerifier
*auth_hdr
= (RpcAuthVerifier
*)&pkt
[Header
->common
.frag_len
- alen
];
504 auth_hdr
->auth_type
= Connection
->AuthInfo
->AuthnSvc
;
505 auth_hdr
->auth_level
= Connection
->AuthInfo
->AuthnLevel
;
506 auth_hdr
->auth_pad_length
= auth_pad_len
;
507 auth_hdr
->auth_reserved
= 0;
508 /* a unique number... */
509 auth_hdr
->auth_context_id
= (unsigned long)Connection
;
512 memcpy(auth_hdr
+ 1, Auth
, AuthLength
);
515 status
= RPCRT4_SecurePacket(Connection
, SECURE_PACKET_SEND
,
516 (RpcPktHdr
*)pkt
, hdr_size
,
517 pkt
+ hdr_size
, Header
->common
.frag_len
- hdr_size
- alen
,
519 (unsigned char *)(auth_hdr
+ 1), Header
->common
.auth_len
);
520 if (status
!= RPC_S_OK
)
522 HeapFree(GetProcessHeap(), 0, pkt
);
523 RPCRT4_SetThreadCurrentConnection(NULL
);
530 count
= rpcrt4_conn_write(Connection
, pkt
, Header
->common
.frag_len
);
531 HeapFree(GetProcessHeap(), 0, pkt
);
533 WARN("rpcrt4_conn_write failed (auth)\n");
534 RPCRT4_SetThreadCurrentConnection(NULL
);
535 return RPC_S_CALL_FAILED
;
538 buffer_pos
+= Header
->common
.frag_len
- hdr_size
- alen
- auth_pad_len
;
539 BufferLength
-= Header
->common
.frag_len
- hdr_size
- alen
- auth_pad_len
;
540 Header
->common
.flags
&= ~RPC_FLG_FIRST
;
543 RPCRT4_SetThreadCurrentConnection(NULL
);
547 /***********************************************************************
548 * RPCRT4_ClientAuthorize (internal)
550 * Authorize a client connection. A NULL in param signifies a new connection.
552 static RPC_STATUS
RPCRT4_ClientAuthorize(RpcConnection
*conn
, SecBuffer
*in
,
556 SecBufferDesc out_desc
;
557 SecBufferDesc inp_desc
;
558 SecPkgContext_Sizes secctx_sizes
;
559 BOOL continue_needed
;
560 ULONG context_req
= ISC_REQ_CONNECTION
| ISC_REQ_USE_DCE_STYLE
|
561 ISC_REQ_MUTUAL_AUTH
| ISC_REQ_DELEGATE
;
563 if (conn
->AuthInfo
->AuthnLevel
== RPC_C_AUTHN_LEVEL_PKT_INTEGRITY
)
564 context_req
|= ISC_REQ_INTEGRITY
;
565 else if (conn
->AuthInfo
->AuthnLevel
== RPC_C_AUTHN_LEVEL_PKT_PRIVACY
)
566 context_req
|= ISC_REQ_CONFIDENTIALITY
| ISC_REQ_INTEGRITY
;
568 out
->BufferType
= SECBUFFER_TOKEN
;
569 out
->cbBuffer
= conn
->AuthInfo
->cbMaxToken
;
570 out
->pvBuffer
= HeapAlloc(GetProcessHeap(), 0, out
->cbBuffer
);
571 if (!out
->pvBuffer
) return ERROR_OUTOFMEMORY
;
573 out_desc
.ulVersion
= 0;
574 out_desc
.cBuffers
= 1;
575 out_desc
.pBuffers
= out
;
577 inp_desc
.cBuffers
= 1;
578 inp_desc
.pBuffers
= in
;
579 inp_desc
.ulVersion
= 0;
581 r
= InitializeSecurityContextA(&conn
->AuthInfo
->cred
, in
? &conn
->ctx
: NULL
,
582 NULL
, context_req
, 0, SECURITY_NETWORK_DREP
,
583 in
? &inp_desc
: NULL
, 0, &conn
->ctx
, &out_desc
, &conn
->attr
,
587 WARN("InitializeSecurityContext failed with error 0x%08x\n", r
);
591 TRACE("r = 0x%08x, attr = 0x%08x\n", r
, conn
->attr
);
592 continue_needed
= ((r
== SEC_I_CONTINUE_NEEDED
) ||
593 (r
== SEC_I_COMPLETE_AND_CONTINUE
));
595 if ((r
== SEC_I_COMPLETE_NEEDED
) || (r
== SEC_I_COMPLETE_AND_CONTINUE
))
597 TRACE("complete needed\n");
598 r
= CompleteAuthToken(&conn
->ctx
, &out_desc
);
601 WARN("CompleteAuthToken failed with error 0x%08x\n", r
);
606 TRACE("cbBuffer = %ld\n", out
->cbBuffer
);
608 if (!continue_needed
)
610 r
= QueryContextAttributesA(&conn
->ctx
, SECPKG_ATTR_SIZES
, &secctx_sizes
);
613 WARN("QueryContextAttributes failed with error 0x%08x\n", r
);
616 conn
->signature_auth_len
= secctx_sizes
.cbMaxSignature
;
617 conn
->encryption_auth_len
= secctx_sizes
.cbSecurityTrailer
;
623 HeapFree(GetProcessHeap(), 0, out
->pvBuffer
);
624 out
->pvBuffer
= NULL
;
625 return ERROR_ACCESS_DENIED
; /* FIXME: is this correct? */
628 /***********************************************************************
629 * RPCRT4_AuthorizeBinding (internal)
631 static RPC_STATUS
RPCRT_AuthorizeConnection(RpcConnection
* conn
,
632 BYTE
*challenge
, ULONG count
)
638 TRACE("challenge %s, %d bytes\n", challenge
, count
);
640 inp
.BufferType
= SECBUFFER_TOKEN
;
641 inp
.pvBuffer
= challenge
;
642 inp
.cbBuffer
= count
;
644 status
= RPCRT4_ClientAuthorize(conn
, &inp
, &out
);
645 if (status
) return status
;
647 resp_hdr
= RPCRT4_BuildAuthHeader(NDR_LOCAL_DATA_REPRESENTATION
);
649 return E_OUTOFMEMORY
;
651 status
= RPCRT4_SendAuth(conn
, resp_hdr
, NULL
, 0, out
.pvBuffer
, out
.cbBuffer
);
653 HeapFree(GetProcessHeap(), 0, out
.pvBuffer
);
654 RPCRT4_FreeHeader(resp_hdr
);
659 /***********************************************************************
660 * RPCRT4_Send (internal)
662 * Transmit a packet over connection in acceptable fragments.
664 RPC_STATUS
RPCRT4_Send(RpcConnection
*Connection
, RpcPktHdr
*Header
,
665 void *Buffer
, unsigned int BufferLength
)
670 if (!Connection
->AuthInfo
|| SecIsValidHandle(&Connection
->ctx
))
672 return RPCRT4_SendAuth(Connection
, Header
, Buffer
, BufferLength
, NULL
, 0);
675 /* tack on a negotiate packet */
676 RPCRT4_ClientAuthorize(Connection
, NULL
, &out
);
677 r
= RPCRT4_SendAuth(Connection
, Header
, Buffer
, BufferLength
, out
.pvBuffer
, out
.cbBuffer
);
678 HeapFree(GetProcessHeap(), 0, out
.pvBuffer
);
683 /***********************************************************************
684 * RPCRT4_Receive (internal)
686 * Receive a packet from connection and merge the fragments.
688 RPC_STATUS
RPCRT4_Receive(RpcConnection
*Connection
, RpcPktHdr
**Header
,
694 unsigned short first_flag
;
695 unsigned long data_length
;
696 unsigned long buffer_length
;
697 unsigned long auth_length
;
698 unsigned char *auth_data
= NULL
;
699 RpcPktCommonHdr common_hdr
;
703 TRACE("(%p, %p, %p)\n", Connection
, Header
, pMsg
);
705 RPCRT4_SetThreadCurrentConnection(Connection
);
707 /* read packet common header */
708 dwRead
= rpcrt4_conn_read(Connection
, &common_hdr
, sizeof(common_hdr
));
709 if (dwRead
!= sizeof(common_hdr
)) {
710 WARN("Short read of header, %d bytes\n", dwRead
);
711 status
= RPC_S_CALL_FAILED
;
715 /* verify if the header really makes sense */
716 if (common_hdr
.rpc_ver
!= RPC_VER_MAJOR
||
717 common_hdr
.rpc_ver_minor
!= RPC_VER_MINOR
) {
718 WARN("unhandled packet version\n");
719 status
= RPC_S_PROTOCOL_ERROR
;
723 hdr_length
= RPCRT4_GetHeaderSize((RpcPktHdr
*)&common_hdr
);
724 if (hdr_length
== 0) {
725 WARN("header length == 0\n");
726 status
= RPC_S_PROTOCOL_ERROR
;
730 *Header
= HeapAlloc(GetProcessHeap(), 0, hdr_length
);
731 memcpy(*Header
, &common_hdr
, sizeof(common_hdr
));
733 /* read the rest of packet header */
734 dwRead
= rpcrt4_conn_read(Connection
, &(*Header
)->common
+ 1, hdr_length
- sizeof(common_hdr
));
735 if (dwRead
!= hdr_length
- sizeof(common_hdr
)) {
736 WARN("bad header length, %d bytes, hdr_length %d\n", dwRead
, hdr_length
);
737 status
= RPC_S_CALL_FAILED
;
741 /* read packet body */
742 switch (common_hdr
.ptype
) {
744 pMsg
->BufferLength
= (*Header
)->response
.alloc_hint
;
747 pMsg
->BufferLength
= (*Header
)->request
.alloc_hint
;
750 pMsg
->BufferLength
= common_hdr
.frag_len
- hdr_length
- RPC_AUTH_VERIFIER_LEN(&common_hdr
);
753 TRACE("buffer length = %u\n", pMsg
->BufferLength
);
755 status
= I_RpcGetBuffer(pMsg
);
756 if (status
!= RPC_S_OK
) goto fail
;
758 first_flag
= RPC_FLG_FIRST
;
759 auth_length
= common_hdr
.auth_len
;
761 auth_data
= HeapAlloc(GetProcessHeap(), 0, RPC_AUTH_VERIFIER_LEN(&common_hdr
));
763 status
= RPC_S_OUT_OF_RESOURCES
;
770 unsigned int header_auth_len
= RPC_AUTH_VERIFIER_LEN(&(*Header
)->common
);
772 /* verify header fields */
774 if (((*Header
)->common
.frag_len
< hdr_length
) ||
775 ((*Header
)->common
.frag_len
- hdr_length
< header_auth_len
)) {
776 WARN("frag_len %d too small for hdr_length %d and auth_len %d\n",
777 (*Header
)->common
.frag_len
, hdr_length
, header_auth_len
);
778 status
= RPC_S_PROTOCOL_ERROR
;
782 if ((*Header
)->common
.auth_len
!= auth_length
) {
783 WARN("auth_len header field changed from %ld to %d\n",
784 auth_length
, (*Header
)->common
.auth_len
);
785 status
= RPC_S_PROTOCOL_ERROR
;
789 if (((*Header
)->common
.flags
& RPC_FLG_FIRST
) != first_flag
) {
790 TRACE("invalid packet flags\n");
791 status
= RPC_S_PROTOCOL_ERROR
;
795 data_length
= (*Header
)->common
.frag_len
- hdr_length
- header_auth_len
;
796 if (data_length
+ buffer_length
> pMsg
->BufferLength
) {
797 TRACE("allocation hint exceeded, new buffer length = %ld\n",
798 data_length
+ buffer_length
);
799 pMsg
->BufferLength
= data_length
+ buffer_length
;
800 status
= I_RpcReAllocateBuffer(pMsg
);
801 if (status
!= RPC_S_OK
) goto fail
;
804 if (data_length
== 0) dwRead
= 0; else
805 dwRead
= rpcrt4_conn_read(Connection
,
806 (unsigned char *)pMsg
->Buffer
+ buffer_length
, data_length
);
807 if (dwRead
!= data_length
) {
808 WARN("bad data length, %d/%ld\n", dwRead
, data_length
);
809 status
= RPC_S_CALL_FAILED
;
813 if (header_auth_len
) {
814 if (header_auth_len
< sizeof(RpcAuthVerifier
)) {
815 WARN("bad auth verifier length %d\n", header_auth_len
);
816 status
= RPC_S_PROTOCOL_ERROR
;
820 /* FIXME: we should accumulate authentication data for the bind,
821 * bind_ack, alter_context and alter_context_response if necessary.
822 * however, the details of how this is done is very sketchy in the
823 * DCE/RPC spec. for all other packet types that have authentication
824 * verifier data then it is just duplicated in all the fragments */
825 dwRead
= rpcrt4_conn_read(Connection
, auth_data
, header_auth_len
);
826 if (dwRead
!= header_auth_len
) {
827 WARN("bad authentication data length, %d/%d\n", dwRead
,
829 status
= RPC_S_CALL_FAILED
;
833 /* these packets are handled specially, not by the generic SecurePacket
835 if ((common_hdr
.ptype
!= PKT_BIND
) &&
836 (common_hdr
.ptype
!= PKT_BIND_ACK
) &&
837 (common_hdr
.ptype
!= PKT_AUTH3
))
839 status
= RPCRT4_SecurePacket(Connection
, SECURE_PACKET_RECEIVE
,
841 (unsigned char *)pMsg
->Buffer
+ buffer_length
, data_length
,
842 (RpcAuthVerifier
*)auth_data
,
843 (unsigned char *)auth_data
+ sizeof(RpcAuthVerifier
),
844 header_auth_len
- sizeof(RpcAuthVerifier
));
845 if (status
!= RPC_S_OK
) goto fail
;
849 buffer_length
+= data_length
;
850 if (!((*Header
)->common
.flags
& RPC_FLG_LAST
)) {
851 TRACE("next header\n");
853 /* read the header of next packet */
854 dwRead
= rpcrt4_conn_read(Connection
, *Header
, hdr_length
);
855 if (dwRead
!= hdr_length
) {
856 WARN("invalid packet header size (%d)\n", dwRead
);
857 status
= RPC_S_CALL_FAILED
;
866 pMsg
->BufferLength
= buffer_length
;
868 /* respond to authorization request */
869 if (common_hdr
.ptype
== PKT_BIND_ACK
&& auth_length
> sizeof(RpcAuthVerifier
))
871 status
= RPCRT_AuthorizeConnection(Connection
,
872 auth_data
+ sizeof(RpcAuthVerifier
),
882 RPCRT4_SetThreadCurrentConnection(NULL
);
883 if (status
!= RPC_S_OK
) {
884 RPCRT4_FreeHeader(*Header
);
887 HeapFree(GetProcessHeap(), 0, auth_data
);
891 /***********************************************************************
892 * I_RpcGetBuffer [RPCRT4.@]
894 * Allocates a buffer for use by I_RpcSend or I_RpcSendReceive and binds to the
898 * pMsg [I/O] RPC message information.
902 * Failure: RPC_S_INVALID_BINDING if pMsg->Handle is invalid.
903 * RPC_S_SERVER_UNAVAILABLE if unable to connect to server.
904 * ERROR_OUTOFMEMORY if buffer allocation failed.
907 * The pMsg->BufferLength field determines the size of the buffer to allocate,
910 * Use I_RpcFreeBuffer() to unbind from the server and free the message buffer.
913 * I_RpcFreeBuffer(), I_RpcSend(), I_RpcReceive(), I_RpcSendReceive().
915 RPC_STATUS WINAPI
I_RpcGetBuffer(PRPC_MESSAGE pMsg
)
917 TRACE("(%p): BufferLength=%d\n", pMsg
, pMsg
->BufferLength
);
918 /* FIXME: pfnAllocate? */
919 pMsg
->Buffer
= HeapAlloc(GetProcessHeap(), 0, pMsg
->BufferLength
);
921 TRACE("Buffer=%p\n", pMsg
->Buffer
);
922 /* FIXME: which errors to return? */
923 return pMsg
->Buffer
? S_OK
: E_OUTOFMEMORY
;
926 /***********************************************************************
927 * I_RpcReAllocateBuffer (internal)
929 static RPC_STATUS
I_RpcReAllocateBuffer(PRPC_MESSAGE pMsg
)
931 TRACE("(%p): BufferLength=%d\n", pMsg
, pMsg
->BufferLength
);
932 pMsg
->Buffer
= HeapReAlloc(GetProcessHeap(), 0, pMsg
->Buffer
, pMsg
->BufferLength
);
934 TRACE("Buffer=%p\n", pMsg
->Buffer
);
935 return pMsg
->Buffer
? RPC_S_OK
: RPC_S_OUT_OF_RESOURCES
;
938 /***********************************************************************
939 * I_RpcFreeBuffer [RPCRT4.@]
941 * Frees a buffer allocated by I_RpcGetBuffer or I_RpcReceive and unbinds from
942 * the server interface.
945 * pMsg [I/O] RPC message information.
951 * I_RpcGetBuffer(), I_RpcReceive().
953 RPC_STATUS WINAPI
I_RpcFreeBuffer(PRPC_MESSAGE pMsg
)
955 TRACE("(%p) Buffer=%p\n", pMsg
, pMsg
->Buffer
);
956 /* FIXME: pfnFree? */
957 HeapFree(GetProcessHeap(), 0, pMsg
->Buffer
);
962 /***********************************************************************
963 * I_RpcSend [RPCRT4.@]
965 * Sends a message to the server.
968 * pMsg [I/O] RPC message information.
974 * The buffer must have been allocated with I_RpcGetBuffer().
977 * I_RpcGetBuffer(), I_RpcReceive(), I_RpcSendReceive().
979 RPC_STATUS WINAPI
I_RpcSend(PRPC_MESSAGE pMsg
)
981 RpcBinding
* bind
= (RpcBinding
*)pMsg
->Handle
;
983 RPC_CLIENT_INTERFACE
* cif
= NULL
;
987 TRACE("(%p)\n", pMsg
);
988 if (!bind
|| bind
->server
) return RPC_S_INVALID_BINDING
;
990 cif
= pMsg
->RpcInterfaceInformation
;
991 if (!cif
) return RPC_S_INTERFACE_NOT_FOUND
; /* ? */
993 if (!bind
->Endpoint
|| !bind
->Endpoint
[0])
995 TRACE("automatically resolving partially bound binding\n");
996 status
= RpcEpResolveBinding(bind
, cif
);
997 if (status
!= RPC_S_OK
) return status
;
1000 status
= RPCRT4_OpenBinding(bind
, &conn
, &cif
->TransferSyntax
,
1002 if (status
!= RPC_S_OK
) return status
;
1004 hdr
= RPCRT4_BuildRequestHeader(pMsg
->DataRepresentation
,
1005 pMsg
->BufferLength
, pMsg
->ProcNum
,
1009 RPCRT4_CloseBinding(bind
, conn
);
1010 return ERROR_OUTOFMEMORY
;
1012 hdr
->common
.call_id
= conn
->NextCallId
++;
1014 status
= RPCRT4_Send(conn
, hdr
, pMsg
->Buffer
, pMsg
->BufferLength
);
1016 RPCRT4_FreeHeader(hdr
);
1018 /* save the connection, so the response can be read from it */
1019 pMsg
->ReservedForRuntime
= conn
;
1023 /* is this status something that the server can't recover from? */
1024 static inline BOOL
is_hard_error(RPC_STATUS status
)
1028 case 0: /* user-defined fault */
1029 case ERROR_ACCESS_DENIED
:
1030 case ERROR_INVALID_PARAMETER
:
1031 case RPC_S_PROTOCOL_ERROR
:
1032 case RPC_S_CALL_FAILED
:
1033 case RPC_S_CALL_FAILED_DNE
:
1034 case RPC_S_SEC_PKG_ERROR
:
1041 /***********************************************************************
1042 * I_RpcReceive [RPCRT4.@]
1044 RPC_STATUS WINAPI
I_RpcReceive(PRPC_MESSAGE pMsg
)
1046 RpcBinding
* bind
= (RpcBinding
*)pMsg
->Handle
;
1047 RpcConnection
* conn
;
1048 RPC_CLIENT_INTERFACE
* cif
= NULL
;
1049 RPC_SERVER_INTERFACE
* sif
= NULL
;
1051 RpcPktHdr
*hdr
= NULL
;
1053 TRACE("(%p)\n", pMsg
);
1054 if (!bind
) return RPC_S_INVALID_BINDING
;
1056 if (pMsg
->ReservedForRuntime
) {
1057 conn
= pMsg
->ReservedForRuntime
;
1058 pMsg
->ReservedForRuntime
= NULL
;
1061 sif
= pMsg
->RpcInterfaceInformation
;
1062 if (!sif
) return RPC_S_INTERFACE_NOT_FOUND
; /* ? */
1063 status
= RPCRT4_OpenBinding(bind
, &conn
, &sif
->TransferSyntax
,
1066 cif
= pMsg
->RpcInterfaceInformation
;
1067 if (!cif
) return RPC_S_INTERFACE_NOT_FOUND
; /* ? */
1069 if (!bind
->Endpoint
|| !bind
->Endpoint
[0])
1071 TRACE("automatically resolving partially bound binding\n");
1072 status
= RpcEpResolveBinding(bind
, cif
);
1073 if (status
!= RPC_S_OK
) return status
;
1076 status
= RPCRT4_OpenBinding(bind
, &conn
, &cif
->TransferSyntax
,
1079 if (status
!= RPC_S_OK
) return status
;
1082 status
= RPCRT4_Receive(conn
, &hdr
, pMsg
);
1083 if (status
!= RPC_S_OK
) {
1084 WARN("receive failed with error %lx\n", status
);
1088 switch (hdr
->common
.ptype
) {
1091 status
= RPC_S_PROTOCOL_ERROR
;
1096 if (!bind
->server
) {
1097 status
= RPC_S_PROTOCOL_ERROR
;
1102 ERR ("we got fault packet with status 0x%lx\n", hdr
->fault
.status
);
1103 status
= NCA2RPC_STATUS(hdr
->fault
.status
);
1104 if (is_hard_error(status
))
1108 WARN("bad packet type %d\n", hdr
->common
.ptype
);
1109 status
= RPC_S_PROTOCOL_ERROR
;
1114 RPCRT4_CloseBinding(bind
, conn
);
1115 RPCRT4_FreeHeader(hdr
);
1119 RPCRT4_FreeHeader(hdr
);
1120 RPCRT4_DestroyConnection(conn
);
1124 /***********************************************************************
1125 * I_RpcSendReceive [RPCRT4.@]
1127 * Sends a message to the server and receives the response.
1130 * pMsg [I/O] RPC message information.
1133 * Success: RPC_S_OK.
1134 * Failure: Any error code.
1137 * The buffer must have been allocated with I_RpcGetBuffer().
1140 * I_RpcGetBuffer(), I_RpcSend(), I_RpcReceive().
1142 RPC_STATUS WINAPI
I_RpcSendReceive(PRPC_MESSAGE pMsg
)
1145 RPC_MESSAGE original_message
;
1147 TRACE("(%p)\n", pMsg
);
1149 original_message
= *pMsg
;
1150 status
= I_RpcSend(pMsg
);
1151 if (status
== RPC_S_OK
)
1152 status
= I_RpcReceive(pMsg
);
1153 /* free the buffer replaced by a new buffer in I_RpcReceive */
1154 if (status
== RPC_S_OK
)
1155 I_RpcFreeBuffer(&original_message
);